Information Technology CapabilityHealthInsight New Mexico has implemented HIPAA-compliant technologies to ensure client confidentiality in all phases of work. Our confidentiality policies apply to all personnel and subcontractors and include all levels of client data - from medical records to electronic/administrative data to grievance and appeals files.
Our technical competence is reflected in our work with a variety of Medicare/Medicaid data systems and data processing procedures. Our analysts have extensive experience in the management and analysis of large data sets, resulting from their work on several state and federal contracts. These ongoing processes require continual data management in terms of extraction, manipulation, warehousing, analysis and security. We use SAS, SPSS, and Microsoft 2003 Professional applications in our daily business activities. For data file transfers, we employ secure File Transfer Protocol (FTP) incorporating industry standard 128-bit data encryption.
Entry into HealthInsight New Mexico's network is through a Cisco PIX firewall, capable of supporting simultaneous virtual private network (VPN) connections, and is configured with all high-risk ports closed to Internet protocol traffic, to assure the security and integrity of the network resources. To facilitate rapid communication and data flow, we employ three high-speed bandwidth T-1 Frame Relay circuits for connectivity. This also gives us the capability of employing our Cisco IP Telephony system which is capable of providing video teleconferencing, and conference calling ability to meet the growing demand for communication throughout the state. To accommodate the need for data warehousing from our clients, we use a Network Accessible Storage (NAS) system that provides a two-terabyte data storage capacity. The corporate IT infrastructure provides both load balancing and redundant servers to assure maximum availability, efficiency, and reliability.
Online Data Entry and Real Time Reporting
Secure Web Portal Environment: We have established Microsoft SharePoint web services utilizing Cisco-based portal environments to assist in accomplishing project tasks as well as providing a secure environment in which to transfer data, files and reports. The portal allows secure access to a single virtual space within which all information and applications required for a report and/or project are immediately accessible to all participants. Customized screen views can be created based upon access permissions and rights to applications and documents. An authorized and authenticated individual is able to access the portal using a login from a PC or laptop that has a connection to the Internet and supports Microsoft Internet Explorer version 5.5 or newer with 128-bit encryption.
Online Data Entry: Data may be entered into applications created specifically for the projects online, driven to a database, and dynamically reported with the push of a button.
Real Time Reports: All relevant applications, documentation, files, Internet links, FTP sites, are brought together in the portal for the development and distribution of required reports and deliverables. The user can produce live dynamic reporting within the portal environment, constantly updating other participants on the progress of mutual projects. Once a real time report or other documentation has been created or updated, it can be viewed online, saved to the user's local drive, or printed locally.
Tools: We utilize the Baseline Assessment Tool as well as the Information Systems Grid provided in the HEDIS Standards, Policies, and Procedures. We may consult with RNs, data analysts and other staff members who are proficient in their knowledge of NCQA-compliant procedures.
Technical Assistance: We staff a helpdesk to provide technical assistance to internal and external customers. The quality and effectiveness of our technical assistance is largely due to the experience and expertise of our staff. Requests are systematically tracked both for timeliness and customer satisfaction.
Disaster Planning: While technical problems are inevitable, in a well maintained, virus protected, and well backed up system, few problems should ever reach the disaster category. Our disaster recovery procedures in our business resumption plan require that all critical data, system documentation, and source program libraries be kept on networked drives. Full backups are performed daily on the server. Hard drives are rotated on a weekly basis to ensure that no data are lost. Back-ups are transported weekly to offsite secure vault storage. We use a redundant server system to reduce the downtime factor of our network.