texas health services authority - thsa.org · texas health services authority board meeting...

Texas Health Services AuthorityBoard Meeting Presentation Slides

1111 E. Cesar Chavez StreetAustin, Texas 78702

January 12, 201810:30 am

AgendaTime Item

I.Introduction

10:30– 10:35 Call toorder,welcomeandintroductions,andannouncements

II.ReportsandUpdates

10:35– 11:00 Consideration& AdoptionofFY2017AuditReport– ACTIONITEM• PresentationbyMaxwellLocke&Ritter

11:00– 11:15 RegularBoardBusiness• ConsiderationofMinutesoftheSeptember22,2017Board Meeting

– ACTIONITEM• ConsiderationofFinanceCommitteeReportandFinancial

Statements – ACTIONITEM• ConsiderationofTHSALatePaymentPolicy– ACTIONITEM

11:15 – 11:40 ItemstobeConsidered atEachBoardMeeting• RelationswithLocalHIEs• HIESustainability(stateandlocal)• THSA2021TransitionPlanning

Agenda (continued)Time Item

III.UpdateandConsiderationofTHSA’sLinesofBusiness

11:40– 12:00 HealthInformationExchangeServices• UpdateonthestatusofHIETexasEncounterAlerts• UpdatefromStateAgencyPartners

12:00– 12:15 PrivacyandSecurityServices• UpdateonSECURETexas:HealthInformationPrivacy&Security

Certification• ConsiderationofPolicytoImplementSECURETexasTaskForce–

ACTIONITEM• UpdateonHealthITComplianceServicesinsupportof

SECURETexasCertification• Updateonresearchforexpandedprivacyandsecurityservices

12:15– 12:30 LegalServices• UpdatefromTHSAGeneralCounselonprogramutilization

Agenda (continued)Time Item

IV.InformationalItems

12:30– 12:45 • FutureMeetingSchedule• FutureAgendaItems

V.PublicComment

12:45– 1:00 • PublicComment

VI.Adjournment

1:00 • Adjournmeeting

Call to Order, Welcome and Introductions, and Announcements

Consideration and Adoption of THSA’s FY2017 Audit ReportPresentation by Maxwell Locke & Ritter

THSA’s FY 2017 Audit Report

• The THSA’s FY 2017 audit report is available for review at Attachment 1 (PDF page 2) in your attachments document

• THSA management is happy to report another clean audit for FY 2017!

• ACTION ITEM: Vote to approve the audit report

7

THSA Board Business

Board Business Action Items

• Consideration of Minutes of the Sept. 22, 2017 Meeting – ACTION ITEM

• Consideration of the Finance Committee Report and Financial Statements – ACTION ITEM

• Consideration of Late-Payment Policy – ACTION ITEM

9

Consideration of Board Meeting MinutesFrom the September 22, 2017 THSA Board Meeting

September 22, 2017 Meeting Minutes

The September 22, 2017 Board Meeting Minutes are available for review as

attachment no. 2 on pdf page 14 of the attachments document.

Action Item: Vote to approve meeting minutes.

11

Consideration of the THSA’s Financial Statements

Consideration of Financial Statements

The THSA’s FY 2017 Q4 Financial Statements are available for review as

attachment no. 3 on pdf page 19 of the attachments document.

Action Item: Vote to approve financial statements.

13

Consideration of the THSA’s Late-Payment Policy

Consideration of Late-Payment Policy• At the September 2017 board meeting, the board

instructed staff to develop a late-payment policy. This policy is available for review as attachment no. 4 on pdf page 35 of the attachments document.

• Policy overview:• 1.5 % penalty for invoices paid 31-60 days late• 3.0 % penalty for invoices paid 61-90 days late• Allows for contract cancellation after 90 days • Allows for the debt to be turned over to an attorney or

collection agency after 90 days

• Action Item: Vote to approve the Late-Payment Policy.

15

Items to be Covered at Each Board Meeting

Items to be Covered at Each Board Meeting

At the THSA’s August 19, 2016 board meeting, Dr. Fred Buckwold, Board Secretary, suggested the THSA address each of the following items at each future board meeting:

• Relationship with local HIEs• Sustainability – THSA • Sustainability – Local HIEs• THSA 2021 Transition Plan to a private, non-profit entity

17

Items to be Covered at Each Board MeetingRelationship with Local HIEs

The THSA has made a concerted effort to ensure good relations with our local HIEs in many regards: • Increased communication for HIETexas business dealings;• Local HIE representative added to the THSA board;• Local HIE participation in CEO selection process; • Local HIE participation in Medicaid HIE IAPD Update; and• Individual and group participation in the business planning process.dSpecific collaborations with local HIEs since our last board meeting:• Meeting between THSA and HASA.• Phone calls and meetings to discuss implementation of the HIETexas

encounter alerts platform.

Update from Andrew Lombardo, local HIE representative, on local HIE relations:• Andrew, how are local HIE/THSA relations going from the local HIE

point of view?

18

Items to be Covered at Each Board MeetingSustainability – THSA • Please see the THSA sustainability report (attachment no. 5, pg. 37 in

your attachments document) for an overview of the THSA’s financial sustainability.

• Please note that this report is intended to be a living document that will be updated on a regular basis.

• Updates since last report:

• Cost savings:• $218/month copier/printer costs• ~$200/month telephone expenses

• Higher-than-anticipated expenses:• One-time expense of $72,647 in testing and implementation

fees from HIE vendor contract• Net effect:

• THSA’s burn rate shortens from the life of the THSA from July 2020 to June 2020.

19

Items to be Covered at Each Board MeetingSustainability – Local HIEs • Local HIE sustainability is, and continues to be, an important

factor in the health and well-being of HIE in the State of Texas. Implementing the Medicaid HIE IAPD will further local HIEs’ sustainability efforts. The THSA conducted a call with local HIEs to discuss IAPD implementation last month.

• Andrew, anything additional to add from our local HIE representative?

20

Items to be Covered at Each Board MeetingTransition Plan – 2021

The THSA began the long transition from its current quasi-governmental status to becoming a fully private entity on September 1, 2021 (subject to changes during the 2019 or 2021 legislative sessions):

• In November 2016, the board voted to implement pricing structure changes to the THSA’s legal services program;

• In February 2017, the board voted to expand support for the SECURETexas Certification program (multi-vendor approach; expanded services); and

• In May 2017, the board voted to implement changes to the THSA’s HIE infrastructure that are financially conservative and dependent upon support from the public and private sector.

All of the above changes have significantly improved the THSA’s ability to fulfill its mission, and its ability to be more financially independent as we make this multi-year transition.

21

Update and Consideration of THSA’s Lines of BusinessHealth Information Exchange Services

Update on THSA’s Lines of BusinessHealth Information Exchange

• At the May 19, 2017 board meeting, the THSA completed its business planning process by voting to switch from a query-based platform to a platform supporting the push-based services detailed in the Medicaid HIE IAPD.

• Since the May board meeting, the THSA has tentatively selected a new platform (encounter alerts) and vendor (Audacious Inquiry) to support those services.

23

Update on THSA’s Lines of BusinessHealth Information Exchange (continued)

• On July 12, 2017, THSA staff tentatively selected Audacious Inquiry to support the THSA’s new push-based HIE initiative.

• Before signing a contract with Audacious Inquiry, the THSA awaits signing a contract with HHSC formally implementing the IAPD, so that all flow-down provisions are accounted for in the subcontract with Audacious Inquiry.

24

Update and Consideration of THSA’s Lines of BusinessHealth Information Exchange Services – Update from HHS Office of e-Health Coordination

Update from HHSC Office of e-Health Coordinatione-Health Advisory Committee Update

• Hope Morgan, HHSC Interim Director, Office of e-Health Coordination will provide an update to the board on the HHS e-Health Advisory Committee.

• The THSA and a local HIE representative also sit on this committee.

26

Update and Consideration of THSA’s Lines of BusinessUpdate from Department of State Health Services

Update from DSHSUpdate on HIE connectivity

• Steve Eichner, Health IT Policy Director at DSHS will provide an update for the board on the December 20, 2017 meeting discussing HIE connectivity and requirements with the DSHS ImmTrac registry.

• All THSA staff, as well as several local HIE representatives, participated in the meeting.

28

Update and Consideration of THSA’s Lines of BusinessPrivacy & Security Services

Update on THSA’s Lines of BusinessPrivacy & Security Services

• At the February 2017 board meeting, the board voted to switch from a single-vendor to a multi-vendor approach to support SECURETexas Certification.

• The notice period of the THSA’s contract with HITRUST ended on June 18, 2017, thus enabling staff to move forward with its multi-vendor approach.

• The THSA began an open enrollment period to onboard multiple preferred vendors to support the program. Open enrollment ends Jan. 15, 2018.

• To date, staff has onboarded 11 preferred vendors, with several more interested in joining.

30

Update on THSA’s Lines of BusinessPrivacy & Security Services – Preferred Vendors• SECURETexas Preferred Vendors (to date):

31

Alcon DTS NivolaHealthcareSolutions

A-Lign NCC Group

CitiscapeIT PwC

CyberTrustAlliance Texas MedicalLiabilityTrust

DXCTechnology Third Rock

JacobianEngineering


• The THSA would like to create a task force to guide staff and the board in the ongoing maintenance and development of SECURETexas Certification.

• A copy of the proposed task force charter is available for review as attachment no. 6, PDF pg. 42 in your attachments document.

• Overview of SECURETexas Task Force:

• Shall include representatives from each preferred vendor;

• Shall include representatives from stakeholder groups; and

• Task force shall provide guidance on issues such as process, standards, and policies and procedures.

• ACTION ITEM: Does the board vote to implement the SECURETexas Task Force Charter?

32


• At the February 2017 board meeting, the board also voted to implement services in support of SECURETexas Certification. These services assist covered entities in not just measuring compliance –but building compliance.

• Health IT Compliance Services:

33

PolicyCheckup PrivacyandSecurityTraining

Remote PrivacyOfficer SecurityAuditManager

SecurityRiskAssessment PartnerRiskManager


• Service: Policy Check-up

• Program overview: The THSA will assist covered entities in reviewing and customizing their privacy and security policies and procedures.

• Partner: none (THSA staff handles this directly)

• Current status: This program is active today, and the THSA may serve covered entities, as needed.

34


• Service: Remote Privacy Officer

• Program overview: The THSA’s remote compliance officer program can support smaller covered entities in many ways, including assistance with privacy compliance issues.

• Partner: None (THSA staff handles this directly)


35


• Service: Security Risk Assessment

• Program overview: The THSA will provide security risk assessments to covered entities utilizing an assessment tool that makes it easy for healthcare providers to navigate the assessment process. These assessments are required on a regular basis under HIPAA.

• Partner: Third Rock

• Relationship: Reseller agreement for Third Rock tool to conduct risk assessments


36


• Service: Privacy & Security Training

• Program overview: The THSA provides access to online courses utilizing the latest research to ensure the understanding and retention of critical information to minimize breach incidents.

• Partner: Nivola Healthcare Solutions

• Relationship: Referral only

• Current status: This program is active today, and the THSA has entered into a referral partnership with Nivola Healthcare Solutions, who produces the online training videos and courses.

37


• Service: Security Audit Manager

• Program overview: Security Audit Manager (SAM) is a comprehensive solution that manages a covered entity’s patient privacy program and automatically detects privacy breaches.

• Partner: Iatric Systems

• Relationship: Referral only

• Current status: This program is active today. The THSA does not offer this services directly, but has entered into a referral partnership with Iatric Systems, who operates the SAM system.

38


• Service: Partner Risk Manager

• Program overview: Partner Risk Manager (PRM) is a web-based application that manages vendor risk to ensure due diligence with third-party relationships. Productivity is enhanced through automated workflow logic which determines specific questionnaires and attributes required, and then assigns risk based on the answers.

• Partner: Iatric Systems

• Relationship: Reseller agreement

• Current status: This program is active today, and the THSA has entered into a referral partnership with Iatric Systems, who operates the PRM system.

39

Update on THSA’s Lines of BusinessPrivacy & Security Services – Research on Expanded Services• Last month, the THSA sent all six local HIEs a survey regarding

privacy and security services.

• Five of six local HIEs responded to the survey.

• The following slides depict the survey results, which will drive further discussions on how the THSA can support local HIEs with privacy and security initiatives.

40

Privacy Survey Feedback

41


42


43


44

Update on THSA’s Lines of BusinessPrivacy & Security Services – Research on Expanded Services• Based on feedback received from local HIEs, there is an

interest in the THSA pursuing a HITRUST Third Party Assessor designation.

• Based on our research, here’s what it would take to do that:

45

$2500 applicationfee Five peoplemustbecomeCSFPractitioners(withsomeexception)

Lettercommittingtoadequateresources toconductcertifications

$30,000annualorganizationfee

Implementpoliciesandprocedures Trainingfee($3kperstudent)

Submitemployee resumes Maintaincontinuingeducationreq.

SubmitCSFassessoragreement Out-of-pockettravelexpenses

OnsiteCSFPractitionertraining CSFPractitionersmustretakeexam

See moreinformationintheanalysisinAttachmentNo.7,PDFpg.45inyourattachmentsdocument

Update and Consideration of THSA’s Lines of BusinessLegal Services – Presentation by THSA General Counsel

Future Meeting Schedule

Future Meeting Schedule

THSA Board of Director Meetings for the remainder of 2018:

• April 6, 2018• July 20, 2018• October 5, 2018

48

Future Agenda Items?

Attachments

Attachments

Please see the separate document that was emailed to you that includes the following attachments:

51

Number Name

1 FY2017AuditReport

2 September22,2017 BoardMeetingMinutes

3 THSAFY2017Q4FinancialStatementsandGeneralLedger

4 THSALate-PaymentPolicy

5 THSASustainabilityReport

6 SECURETexasTaskForceCharter

7 THSA’sHITRUSTThird-PartyAssessorGapAnalysis

8 AcronymList

9 THSABoardRoster

10 ListofInterests

Public Comment

Adjourn

texas health services authority - thsa.org · texas health services authority board meeting...

Documents