Digitalisation as an advantage in the competition for individual flat-rate payments
Expert article for the IT for Health Special of Netzwoche from 11 September 2019
Digital transformation is bringing new perspectives and opportunities for hospitals to out-manoeuvre the competition in the race to attract individual flat-rate payments. Only those who actively engage with risk and seek out opportunities will derive sustainable benefits from digitalisation. The aim is to convery those patients referred to their GPs and attending physicians into satisfied customers and ensure success over the long term.
The introduction of individual flat-rate payments in 2012 was intended to make costs for medical services comparable and transparent right across Switzerland. However, hospitals continue to be perceived exclusively as providers of healthcare services rather than as economically active enterprises that create shareholder value. Every hospital, nonetheless, strives to achieve stable costs and high treatment quality in order to stay competitive, so there is a need to increase the number of patients, and, hence, flat-rate payments, while simultaneously reducing outgoings in order to be able to invest in growth and cost-efficiency.
Terminology is also shifting: referring GPs, attending physicians and patients are now called “customers” and expect to be treated as such. Success nowadays depends not just on medical skills but increasingly on an ability to create an all-round positive experience. It is no longer enough to carve out a niche for yourself exclusively by seeking to offer better hotel services or infrastructure. The digital (r)evolution is pervading every sector: referring GPs need workflow support, hospital doctors wish to collaborate directly with teams and patients insist on transparency and easy access to their medical records even as they become data sources themselves. Patients are using data access and capture to promote their own health, the “quantified self” phenomenon, and they expect the data they have contributed to form part of their medical histories.
Exploiting the opportunities of digitalisation
Opening up to the digital world enables not only seamless integration into complex, inter-organisational treatment pathways but also an expansion of in-house services with third-party offerings. Customers stand to enjoy the benefit of new services more rapidly and opportunities for digital interaction create added value to help providers stand out from the competition.
Opening up digitally also involves intervening in the way data is processed, which is fraught with medical and technological risk, so it is vital to create the conditions to manage such threats. The following considerations must be part of any risk assessment:
- Which services should be simplified or improved through digitalisation? Beneficial scenarios can be worked up once a focus has been established. Without a clear understanding of such benefits, the services will not be perceived as adding value and will be ignored.
- Which actors will make use of this service? The user experience can be shaped only when it has been clearly established who is to use the service. Ultimately, user acceptance is the deciding factor.
- Which risks must be taken into account? Working from a sound risk assessment, solutions can be developed that guarantee an appropriate level of protection, while avoiding expensive maximum requirements.
This last point merits particular attention: with the introduction of the electronic patient dossier (EPD) from 2020, legislation will come into force that requires extremely high standards of data security and protection, and this will have considerable ramifications for digitalisation projects with open interfaces.
User experience and security – a balancing act
Hospitals must offer their customers a good user experience if they are to flourish. They have to know their customers and be aware of how they wish to be contacted. The requisite means of identification can then be provided to enable simple and easy communication. Here, the following aspects should be considered:
- User experience: Modern customers expect autonomous and direct management of their personal data. User self-service makes it possible for them to process information quickly and easily at any time of the day or night. A centralised approach unites all the applications provided and avoids multiple data entry. It also allows staffing costs to be pared back.
- IT security: Security and trust are especially important when dealing with medical data. Security precautions should not be intrusive, though, as unnecessary protection can easily result in a poor user experience. In such cases, risk-based protocols adapted to the individual protection requirements of each application are the approach of choice. When accessing an application, only as many security conditions should be fulfilled as are absolutely necessary – and these should only have to be entered once.
- Personal responsibility: It should be up to customers whether they wish to make use of a new or existing means of identification, BYOI – ‘“bring your own identity”, for access to an application. Access data can, thus, be more easily remembered – an additional authentication stage can always be insisted upon, if required.
The path to digitalisation
A secure and efficient access procedure is essential to any successful implementation of digital services. Customer Identity and Access Management (CIAM) systems centralise the administration of identification and access permissions for applications and APIs, allowing customers to enjoy the benefits of an exceptional user experience and single sign-on across all of a hospital’s applications.
But how should a CIAM system pass on a customer’s identity and attributes to connected applications (identity propagation)?
- IAM integration: The hospital makes use of two different IAM systems – an Enterprise IAM (EIAM), to manage in-house staff, and a Customer IAM (CIAM), for external users. In an ideal integration of both systems, customers from the CIAM will be associated with existing or new roles from the EIAM, thus, allowing the EIAM’s existing access management system to be extended for external users.
- Identity propagation: Irrespective of whether the hospital operates an EIAM system, the identities of external users will be passed on to applications directly. Here the CIAM system will have to process these tokens in such a way that each application can handle the ID information. A flexible CIAM system can be configured to integrate with other applications, avoiding the need for extensive and expensive programme adaptations.
It is conceivable that an in-house Enterprise IAM could be expanded in such a way that it could also manage external customers but EIAM is not especially suited to such a purpose and the extension would derive only minimal benefit from the existing solution. The disparities between in-house staff and external persons are too great: identities are managed with other processes and in other departments, volumes are completely different, there are few points of comparison in the self-service options on offer, and the management of authentication tokens may by entirely different.
Setting a course for the future
With the introduction of a CIAM all customers can be managed centrally and having a single point of entry allows them flexible access to a range of digital services provided by the hospital. Future projects can lift off from this precise point, with managers focusing on implementing core business functions instead of wasting time with registration or access-management issues. New and comfortable functionality for customers can be prioritised, which should result in a rise in referrals and, hence, an increase of in-patient and out-patient admissions.
CIAM enables simple and comfortable access to all the functionality provided by a hospital via digital channels, both now and in the future. Alongside medical competencies, this is a basic prerequisite for satisfied customers who will come back and also make recommendations to others, sharing their experiences. This is particularly important in the case of referring GPs and attending physicians, as their word carries real weight with patients when selecting a hospital for a course of treatment. By the same token, feedback from patients after a stay in hospital will have considerable influence on the behaviour of referring GPs and hospital doctors, as they, too, have a reputation that they wish to uphold.
CIAM is an enabling technology for digitalisation, helping to improve the user experience and freeing up in-house resources that can then be deployed to the hospital’s key competencies. In this sense, CIAM is an enabler in the competition for individual, flat-rate payments.
This article was written by Michael Doujak, Product Manager Airlock Secure Access Hub, Ergon Informatik AG.