Posted by John Casillas
The Medical Banking Project convened a multi-stakeholder group among its membership to develop health data privacy and security criteria that is uniquely focused on the regulatory requirements and market expectations in the medical banking segment. After 15 months of regulatory review, industry outreach and feedback, the Accreditation Review Council (ARC) at MBProject formalized a new "Gold Seal Standard" for medical banking constituencies. The program, which will be placed into production in the May-June timeframe, was announced recently.
We caught up with Maureen Turo, VP, Healthcare Market Specialist, Bank of New York Mellon Treasury Services Division in Pittsburgh, PA to discuss the new Gold Seal program. BNY Mellon was involved in the first pilot program, administered by Milliman, to vet out the issues related to application of the Gold Seal.
Tell us about what you do at The Bank of New York Mellon…
The Bank of New York Mellon Corporation is a global financial services company focused on helping clients manage and service their financial assets. We operate in 34 countries and serve more than 100 markets.
Within The Bank of New York Mellon’s Treasury Services group, I am part of a team dedicated to providing solutions to the healthcare sector. We offer a full suite of services that help healthcare providers better manage their working capital – the technical expression we use is, “address inefficiencies in the revenue cycle.” Some specific examples of what we do include: helping healthcare providers electronically post claim payments to reduce accounts receivable days outstanding; collect and reconcile patient payments at the point of service; identify and analyze denial data; simplify the patient refund process; streamline short-term investing of working capital, and much more.
Why did you get involved in the MBProject Gold Seal standard program?
Healthcare is obviously in need of significant attention. Improvements are going to take collaboration among banks, vendors, payers, and providers. The MB Project provides thought leadership on many different fronts for medical banking with privacy and security accreditation being one of them.
Based on our experience in providing healthcare treasury services and our rigorous attention to regulations and rules, we knew we could provide valuable feedback from the perspective of a financial institution. This multi-disciplined/stakeholder involvement allows MB Project ideas to be improved upon and vetted with numerous industry participants. We were also interested in seeing a cost-effective, valuable accreditation program developed that would meet the needs of banks involved in the program while taking into account the regulatory oversight already governing the financial industry.
Tell us a little about the pilot program. We understand that as many as 23 subject matter experts were interviewed?
Overall, the pilot ran very smoothly! Numerous subject matter experts had to be identified and engaged in the pilot because privacy and information security touch such a wide range of areas in the bank. We found by taking the time upfront to identify the right subject matter experts, we were able to quickly go through the online program modules and answer the questions related to our use of the various identified best practices. At the end of the pilot, we were also able to suggest improvements to the methodology and some of the questions used in the Gold Seal accreditation program.
As the first anticipated recipient of the Gold Seal standard, what are your intended benefits from the program? Do you think these will be achieved?
From the project’s perspective, we think the main benefits of a program like this are threefold:
It provides a cost-effective, independent assessment of a recipient’s compliance in processing healthcare data (under HIPAA) and their adherence to related operational privacy and security standards using a common set of best practices criteria.
It can complement or supplement a recipient’s existing internal evaluations, as well as other external evaluations such as a SAS70 Type II audit.
It conveys to healthcare providers that recipients understand the privacy risk associated with handling health information and attests to their use of best practices to protect that data.
At The Bank of New York Mellon, we certainly think we can derive all three benefits from this Gold Seal program. In fact, we see having a third party like the Medical Banking Project offering and promoting this program as being key to our realizing the benefits we expect to derive from accreditation. I don’t think there’s any question about healthcare providers and their patients continuing to demand protection for health-related information. By providing appropriate levels of accreditation, the project is taking an important step forward to provide assurance to healthcare stakeholders that financial institutions take their responsibilities seriously.