 |
 |
 |
 |
| |
|||||
|
|
|
Home > News & Events > MITRE Publications > The MITRE Digest > | |||||||||||||||||||
Centers for Medicare & Medicaid Services Take Health IT Lead August 2009
Health information technology is very much in the news, both as part of national economic recovery activities and in the context of the healthcare reform debate. In his first State of the Union Address, delivered on February 25, 2009, President Barack Obama said, "Our recovery plan will invest in electronic health records and new technology that will reduce errors, bring down costs, ensure privacy, and save lives." The president's words were backed by legislation that he signed into law the previous week. The American Recovery and Reinvestment Act includes Medicare and Medicaid incentives to encourage physicians, hospitals, and other providers to adopt and use electronic health records. The act also strengthens federal privacy and security law to protect identifiable health information from misuse as health IT becomes widely adopted. At the Centers for Medicare & Medicaid Services (CMS), a component of the U.S. Department of Health and Human Services, work has been underway for several years to modernize the agency's IT systems in preparation for the transition to a nationwide electronic health information environment. The current emphasis on adoption of electronic health record (EHR) technology will have a far-reaching impact on how organizations such as CMS do business. That's why CMS began preparing for this transition long before the concept of EHRs became familiar to the general public. CMS administers the Medicare and Medicaid programs, and the scope and complexity of their work is enormous. In FY 2008, Medicare expenditures for benefits under Parts A, B, and D (hospital, physician, and prescription drug benefits, respectively) was $461.6 billion, while administrative expenses totaled $6.5 billion. For Medicaid, FY 2008 expenditures for benefits were $190.5 billion and in administrative expenses were $7.3 billion. To support its administration of these programs, CMS maintains the largest database of healthcare-related information in the world, consisting of sensitive information gathered from locations across the country. In line with its vision to "transform and modernize America's health care system," CMS turned to MITRE for help in revamping the organization's IT systems. The overhaul paves the way for more efficient processing of data, streamlined distribution of payments, greater data security, better interoperability among systems and, ultimately, overall improvement in the delivery of healthcare. A Blueprint for Transformation Henry Chao, CMS' chief technology officer, engaged a team from MITRE's Center for Transforming Health to launch the modernization of the agency's IT systems. The team began its work by developing the CMS Technical Reference Architecture (TRA) in 2007. In the world of large-scale IT systems, technical reference architectures serve much the same role that blueprints serve in designing and building skyscrapers. The CMS TRA acts as a template for systems development, infrastructure design, and operational integrity throughout the organization. The technical standards embedded in the TRA guide the agency and its application developers and outside contractors in creating and fielding data centers, systems, and applications to support the agency's secure operating environment. "An effective TRA," says Chao, "keeps risk as low as possible and ensures against operational meltdowns." The TRA team worked for more than a year getting the architecture in place. Since implementing the TRA in 2008, CMS has applied TRA guidance across the CMS enterprise and operational structure. This includes the agency's Baltimore Data Center and its two Enterprise Data Centers (EDCs)—the operations that process Medicare claims for services, medical equipment, and drugs—and the developers and contractors who devise and maintain the software applications CMS uses. CMS task orders now stipulate that all work by CMS contractors must adhere to the TRA standards. Better Guidance Generates Better-Quality Service "The TRA gives the agency a way to articulate where it's going, communicate that information through its community, and then provide practical guidance that helps the specific contractors and engineers achieve the organization's goal," says Tim Bixler, a MITRE principal information systems engineer and the lead author of the TRA. "It's one of the enablers of the CMS IT modernization." In practice, the TRA gives CMS tools to manage its system and operational complexity while preserving interoperability. "It's unlikely we will ever completely eliminate the complexity of the systems, but through the TRA we have created a better way to encourage effective design and execution of secure, interoperable systems at CMS," says Chao. The TRA is designed to achieve CMS' goals by laying a broad foundation on which different and increasingly detailed levels of technical documentation can be based at all of CMS's production environments. At its broadest level the TRA is aligned with the Federal Enterprise Architecture program, which was set up by the Office of Management and Budget to help federal agencies become more efficient and cost-effective. That support extends to the next two layers of detail: CMS's IT infrastructure (including domain names, Internet Protocol addresses, and measures for securing the data), and finally, the agency's application services (including Web and messaging services and methods for sharing information throughout the agency). "At the top level, you have to have IT governance," Chao says. "Healthcare is an extremely complex discipline, and so are the administrative and payment systems that support it. So the standards have to be flexible—but clear. The process would lose its relevance and its meaning without the 'meat on the bones' that provides the ability to shepherd projects all the way to operational status." As CMS moves ahead with its IT modernization, the positive results will be evident. The more obvious benefits involve development of new systems, applications, and operational environments that promote more efficient ways of doing business. The introduction of the EDCs is a prime example. The TRA's standardization guidance within the TRA ensures that the EDCs operate standardized production environments. These state-of-the-practice data centers handle an ever-growing increased volume of claims processing orders. The TRA has greatly increased the efficiency with which CMS compensates providers for healthcare services and processes claims for beneficiaries. Laying a Foundation for the Future The complexity of healthcare services and IT support systems drives the need for overall IT guidance and a flexible TRA that addresses current and future technology. After all, almost any system can be easily built by a single contractor for a single location and purpose. But what if the customer decides to change contractors? Will a new contractor be able to step in with a clear picture of what the customer requires? Or if a software application is moved from one data center to another, will it work just as well in the new location as the old?
In CMS's case, critical outcomes hinge on the answers to these questions, including a timely and cost-effective claims process that serves more than 45 million beneficiaries and a method of ensuring the confidentiality of beneficiaries' personal and health data. According to Chao, one of the key business drivers for the TRA was the Clinger-Cohen Act of 1996, which required agencies to better manage their IT investments through an integrated framework. The TRA lays the foundation for any future changes to the CMS technical environment and applications. The TRA's standards promote solid business decisions in the development and implementation of CMS systems and applications. The consistent application of the TRA ensures that CMS will have the flexibility to refresh, expand, or modify its technical environment and carry out its business functions. When the initial TRA was drafted in early 2007, CMS wanted to design the agency's architecture to serve the new functions mandated by the Medicare Prescription Drug, Improvement and Modernization Act of 2003 (MMA). To accomplish those functions, CMS consolidated fee-for-service data center operations into the Enterprise Data Centers through a performance-based, indefinite delivery/indefinite quantity (ID/IQ) contract. All task orders awarded under the EDC ID/IQ contract now rely on the TRA standards. The award of the agency's Enterprise System Development ID/IQ contract in September 2007 consolidated all system and application development within a new service model that mandates compliance with the TRA. Because the TRA now governs all infrastructure and systems development work, the agency has completed its strong foundation for a secure, interoperable technical environment. Putting on their Taxpayer Hats Having the TRA in place has already helped make CMS more efficient. In one case, a vendor collaborating with the data centers identified a common tool that can help with the generation of operations reports and can be used for this purpose across the data centers. This tool now standardizes and streamlines the flow of information between CMS and its EDC business partners. Another example of the TRA's impact involves security measures spelled out in one of the TRA supplements. (A supplement focuses on engineering details needed to implement one of the TRA’s broader goals, and is not available to the public.) Before the EDCs existed, CMS did not have direct control over any of the 16 to 20 fee-for-service data centers that supported CMS. Consolidating and standardizing the agency's data center support has been a major part of the organization's IT modernization. When individual data centers were consolidated under the CMS umbrella and their workloads transferred to the EDCs, the TRA was the guide that smoothed the consolidation path. CMS has also used the TRA as an auditing tool because a technical auditor can quickly see how the system should be built. "The security standards allow everyone in CMS to know exactly what targets they'll have to hit," says Cindy Schmidt, deputy program manager for MITRE's CMS program. "When you need to go live and actually need to perform, nobody can say, 'I didn't know about the standards.' They're published. They're out there, they make us more efficient, and they save money. So when there's hardware, software, and data integration, I put on my taxpayer hat and say, 'Thank you very much.'" Better Support for CMS' Business Applications As for MITRE's contributions to the TRA, Chao says the company "provides a unique capability that I think most, if not all, agencies in the federal government need: an independent and unconstrained view on behalf of the agency. CMS needs an independent body that's flexible, adaptable, has a very deep reach into its organization, and has affiliations with the commercial-sector compliance community to find out what are the best practices." For MITRE's CMS team, it comes down to a documentation of standards—not just the tools available today, but the capabilities the agency might want to add in the future. The adoption and promulgation of these standards will help CMS design and acquire its IT programs with greater speed and higher return on investment value essential to compliance with the economic recovery law. "The TRA provides consistent architecture guidance for those supporting CMS business applications," says John Morgan, MITRE principal information systems engineer, who helped refine the TRA to align with the Federal Enterprise Architecture requirements (see "How TRA Fits In"). "It's what CMS wants to ensure that their mission goes forward with the greatest efficiency and consistency. This is the first of many steps that CMS will take in that direction." —by Russell Woolard Related Information Articles and News
Technical Papers and Presentations
Websites |
||||||||||||||||||||
Page last updated: August 20, 2009 | Top of page |
Solutions That Make a Difference.® |
|
|
