Challenge

Implement a hosted SaaS model to meet TCS Healthcare clients’ uptime and continuity of service requirements, along with TCS Healthcare’s HIPAA privacy and security requirements.

Selection Criteria

A provider with extensive HIPAA compliance expertise who could implement a SaaS model with a secure and reliable managed hosted solution.

Result

With their new solution in place, TCS has evolved from serving the independent, small group of caseworkers to an enterprise hosted solution supporting large, national clients with multi-state Medicaid responsibilities.

TCS Healthcare Technologies™ is a leading provider of software and clinical solutions for population health management that improves staff efficiency and patient outcomes. Its ACUITY Advanced Care™ (ACUITY) software is a comprehensive and integrated care management software system for utilization management, case management, disease management, and prevention/wellness programs. When TCS Healthcare decided to offer ACUITY as a hosted solution alternative, TCS senior management was impressed with Connectria’s capabilities and experience surrounding its cloud computing and HIPAA compliance. Learn how TCS Healthcare has expanded the case management market through a secure and reliable hosted solution,
while meeting HIPAA regulations.

The TCS Healthcare journey is a fascinating one. In its early beginnings, the Los Angeles Foundation for Medical Care engaged TCS Healthcare to develop application software for physician credentialing. Touching core areas of medical management, the initial precertification application, though PC-based, eventually became the application framework that TCS Healthcare started building its business around. The software leveraged written analytics around patterns of treatment and retrospective claims data to develop a report card on a provider’s utilization services. It could determine whether a provider was under- or over-utilized, excessive, or appropriate.

As the software became a popular tool and TCS Healthcare’s business grew, the software company began to focus more on the utilization management side of the equation. This led to ongoing development and enhancements over a 10-year period to become what is now known as ACUITY Advanced Care. In addition, TCS Healthcare offers several other software products and services supporting care management programs and interventions. ACUITY’s basic component is a view centered around the patient. This is a bit of a paradigm shift compared to previous approaches due to the fragmentation of the healthcare delivery system. In the past, healthcare delivery was characterized as a silo mentality, with doctors, hospitals, labs, etc. not necessarily talking to each other. With a patient-centered view on the payer side of the business, there is better continuity of services provided. ACUITY enables an improved understanding of patient needs and how that can equate to developing an effective strategy for dealing with specific conditions or catastrophic events. As a result, costs can be minimized while improving the outcome of the patient.

Remaining singularly focused within the medical management niche, TCS Healthcare is a recognized expert in the industry, with rich domain knowledge. While ACUITY continued to grow its market footprint, many entrants who did not have comparable knowledge quickly disappeared. With its quarter of a  century experience, TCS Healthcare has been able to build a knowledge base and deploy skilled staff that is second to none in the medical community – used and trusted by many clients over the years. This recognition has been extended to the Case Management Society of America (CMSA), whereas a partner, TCS

Healthcare provides benefits to a worldwide membership of 14,000. Upon CMSA’s request, TCS Healthcare developed a Software as a Service (SaaS) solution, called ACUITY AnyWare, which is based upon a basic version of the Acuity Advanced Care module and delivers it over the Internet at a low price point. This allows independent case managers or case managers who operate within small groups, ubiquitous access to the ACUITY solution. When it comes to HIPAA compliance, medical customers need to ensure that all health information is protected. Their data needs to be locked down and secure because the payer, hospital, etc. are at risk. Any breach in security can cause significant financial penalties as well as damaged reputations. HIPAA violations have garnered a lot of bad press along with bad experiences. No one wants to be front-page news that their system’s been hacked, they’ve lost thousands of patient records and they’ve been circulated all over the web.

It’s hard to recover from this kind of notoriety. Although TCS Healthcare could have built the internal IT infrastructure to create a scalable environment with virtual machines to support a SaaS solution, they looked to partner with a managed hosting company that offered replicable servers in several tier-one facilities across different geographic locations. Implementing a hosted SaaS model took TCS Healthcare into an entirely new direction. They needed the right hosting partner that could meet TCS Healthcare clients’ uptime and continuity of service requirements, along with TCS Healthcare’s HIPAA privacy and security requirements.

The Challenge

When it comes to HIPAA compliance, medical customers need to ensure that all health information is protected. Their data needs to be locked down and secure because the payer, hospital, etc. are at risk. Any breach in security can cause significant financial penalties as well as damaged reputations. HIPAA violations have garnered a lot of bad press along with bad experiences. No one wants to be front-page news that their system’s been hacked, they’ve lost thousands of patient records and they’ve been circulated all over the web. It’s hard to recover from this kind of notoriety.
As a result, every player in the industry is keenly aware of the HIPAA requirements and what it means relative to data security; not only from a firmware or hardware side but also from a desktop user perspective in terms of requiring secure areas where people handle or access PHI.

With each client, TCS Healthcare executes a business associate contract that requires them to maintain security and privacy protocols impacting the storage and transmission of patient and customer data. For the hosted option, this led to an in-depth discussion with TCS Healthcare about how the organization can maintain HIPAA compliance with outsourced data centers that they do not directly control. TCS Healthcare had to carefully review and assess the hosting vendor’s overall data center facilities and HIPAA structure security, firewall construction, data connections, and data security services. The hosting partner that TCS Healthcare selected must be so HIPAA secures that the IT environment doesn’t make a difference and they would be confident that the data center is locked down.

The Solution

During TCS Healthcare’s search for a hosting partner, they discovered a few things:
• Most vendors did not know much about supporting health care transactions
• Few hosting companies were able to demonstrate their HIPAA compliance capabilities through real experience
• Stated capabilities need to be checked out firsthand

TCS Healthcare looked at other vendor’s marketing materials and engaged in conversations, however, they didn’t feel secure that they really understood the medical side and their requirements. Connectria was different. Connectria could back up their claims with sound HIPAA knowledge, experience, and clients. Prior to making a final decision, TCS Healthcare conducted its own audit. They met with Connectria’s technical team, visited and reviewed the data centers, and assessed processes and procedures. Following their audit, TCS Healthcare had a very good sense that Connectria was the right partner for them.