IT in Healthcare Day

Transcription

1 San Francisco ISACA Chapter Proudly Presents IT in Healthcare Day A Day-Long, Multi-Session Event, being held in Walnut Creek! Where: Walnut Creek Marriott North Main Street Walnut Creek, CA (925) *** Complimentary shuttle service to/from Walnut Creek BART will be available please arrange with the hotel. There are also plenty of taxis at Walnut Creek BART (or a minute walk) *** When: Wednesday, July 21st, 2010 Registration: 8:15 a.m. 9:00 a.m. Session: 9:00 a.m. 5:00 p.m. - Breakfast / Lunch / Afternoon Refreshments provided Speakers: See below for Sessions Agenda, Speaker Information, and Schedule CPE Hours: (TBD) Cost: $79.00 ISACA Members $90.00 Non-Members $40.00 Students $79 = 6-8 CPEs + Meals 4x the CPE units of our regular monthly luncheon sessions for less than 2x the cost = more than 50% savings for our valued members!!!

2 Session Synopses and Speaker Information: General Session Synopsis: As IT acquires a new strategic role in healthcare transformation, there is new accountability for the collection, use, sharing and protection of health information. The success of healthcare reform relies substantially upon the capability of health IT systems to provide timely, efficient and effective information and decision support. Join SF-ISACA in a health professionals day to discuss and learn about challenges and solutions to some of the industry s most pressing IT issues. Keynote Presentation: The Role of IT in Healthcare Reform (tentative session) Improved use of information technology will be the source of many billions of dollars of healthcare cost saving and health improvements. This talk explains how this can be and what the Federal government is doing to make it so. Session 1: Preparing for Meaningful Use Congress has mandated that the deployment and meaningful use of electronic medical records will be a requirement for full participation in government health programs. Commercial payers are likely to follow suit. This talk explains the meaningful use concept and the issues in its adoption and demonstration. Session 2: The Extended Healthcare Enterprise and the future of HIE in California Ann Geyer, Partner Tunitas Group Healthcare is an extended enterprise where many organizations collaborate to deliver positive health outcomes. The value of the health services depends upon the capability and willingness of competing healthcare organizations to share information in a timely and effective way. Once a leader,, California now lags other states in the development of an infrastructure to support such sharing. This talk explains the unique aspects of California s HIE problem, its history and prospects for resolution. Speaker Bio: Ann Geyer, Esq, MA, MBA, CISSP, CIPP, CPHRM is a consultant with the Tunitas Group, a health care specific IT and risk management consulting firm. Ann advises her clients, including some of the nation's largest

3 hospital organizations and health insurers as well as State and Federal agencies, on all aspects of information protection. Ann was the CEO of HDIC, a collaboration of California s health industry formed to build the State s HIE infrastructure in the mid 1990 s. Since then has since participated in numerous health IT collaborations and has a unique perspective on which lessons have been learned and which have not. She received her Masters in Statistics from UC Berkeley, MBA from Claremont and JD from the Concord Law School. Session 3: ICD-10: Much More than a Regulatory Mandate Mari Turvey, Senior Manager KPMG LLP The implications and challenges of the mandate for healthcare providers to move to the International Classification of Disease (ICD) version 10 (ICD-10) from the current ICD version 9 (ICD-9) are just now being recognized by the healthcare community. While the compliance deadline of October 1, 2013 may seem a long way off, the transition to ICD-10 is highly complex and can lead to significant changes in people, processes and technology. This session will walk through the structural changes of the ICD-10 coding system and the implications on operations from both the payor and provider perspectives. We will discuss implementation challenges and opportunities and the development of an ICD-10 road map to assist in achieving a successful conversion. Technical topics such as the use of General Equivalence Mappings (GEMs), crosswalk strategies and vendor alignment will also be discussed. The session will summarize implementation strategy alternatives, and timeline requirements. Speaker Bio: Mari is a senior manager in KPMG s IT Advisory Services practice supporting the KPMG Healthcare practice. Mari is a member of KPMG s National ICD-10 task force responsible for the delivery of ICD-10 assessment and strategic services to providers and payors throughout the United States. With more than 13 years of auditing and consulting experience, Mari focuses on healthcare companies, Insurance companies and financial institutions. She has significant experience in Healthcare IT strategy, process analysis and design including topics in: ICD-10; claims processing; third party administrator management; HIPAA transactions, and information security. Her technical expertise includes a wide range of applications, platforms and networks. Mari s current and past clients include some of the nation s leading healthcare and insurance companies. She holds a CISA certification and is a CPA in the States of California and Virginia. Session 4: The Incremental Privacy and Security Obligations of HITECH Bill Pankey, Partner Tunitas Group For IT to deliver its contribution to health reform, information and systems must reliable, agile and secure. Some of this requirement is explicitly stated I HITECH, other aspects are only implicit in the broad mandates of health transformation, and yet other are not yet generally recognized. This talk outlines the new requirements for security beyond HIPAA that will challenge the industry. Speaker Bio: Bill Pankey, CGEIT, CISA, CISSP, GIACx4, MCSE. Bill was a commenter to the original HIPAA Security NPRM in He has since consulted with a large part of the California industry on health infosec problems in well over 100 HIPAA projects. He has a unique perspective on the security capabilities of the industry s application infrastructure as a security inspector for the Commission for the Certification of Health Information Technology (CCHIT) and as a participant in health infosec standards development.

4 Session 5: The HIPAA/HITECH: Conditional Access Management for Business Performance Mark Seward, Director, Security and Compliance Solutions Splunk The current state of technology solutions for access management doesn t go far enough in helping healthcare providers with their compliance problems. Traditional access management systems -- either-you-have-access-oryou-don t -- approach doesn t fit with the unique business vision of providing healthcare. Specifically, solutions that try to monitor access can t take a broader conditional access view required for this business vertical. The presentation will address what can be done to provide access monitoring that makes business sense for healthcare. It will also look beyond HIPAA/HITECH to the broader issues of monitoring for fraud, performance management, and billing errors (revenue capture) allowing for a more holistic efficiency-based approach to solving some of this industry s unique problems. Speaker Bio: Mark Seward currently Director of Security and Compliance Solutions marketing at Splunk and has over 10 years of experience in the IT security management profession as a security practitioner and product manager with experience in log management and vulnerability management. Mark has been a featured speaker at international, national, and regional regional ISACA events. He will be speaking on Applying a Pattern-Based Strategy to IT Security and Risk Management at the ISACA Information Security and Risk Management Conference in Las Vegas in September. Mark has a Masters of Science in IT and a Federal CIO certification from the University of Maryland. Case Study: What s Worked and What Hasn t (tentative session) The business case for health IT is typically based on optimistic assumptions of improved outcomes and inflated cost savings while underestimating the difficulty encountered as practices try to effectively utilize the new information tools. Case studies provide needed reality as the industry undertakes transformation of its information infrastructure.

5 Session Schedule Session Topic Speaker/Panelist Start End Registration Continental Breakfast served Networking 8:15 9:00 Keynote The Role of IT in Healthcare Reform TBD 9:00 10:00 Session 1 Preparing for Meaningful Use TBD 10:00 11:00 Session 2 Extended Healthcare Enterprise and the future of HIE in California Ann Geyer, Partner Tunitas Group 11:00 12:00 Lunch Lunch Served Networking 12:00 1:00 Session 3 Session 4 Session 5 ICD-10: Much More than a Regulatory Mandate The Incremental Privacy and Security Obligations of HITECH The HIPAA/HITECH: Conditional Access Management for Business Performance Mari Turvey, Senior Manager KPMG LLP 1:00 2:00 Bill Pankey, Partner Tunitas Group 2:00 3:00 Mark Seward, Director, Security and Compliance Solutions Splunk 3:00 4:00 Break Refreshments and Coffee Networking 4:00 4:30 Case Study What s Worked and What Hasn t TBD 4:30 5:00