MESC 2021 Daily Digest: Day 3, Part One

Welcome to the Daily Digest for MESC 2021. Our consultants have gathered the latest and greatest information shared at this incredible conference to keep you up to date. Keep reading; not only is there knowledge you won’t find anywhere else but a chance to win!

Unlike the other Daily Digests, this features two parts. The third day of this conference just had too good of information not to share. Keep your eyes out for the second part.

Lessons Learned: Creating a Modularity Roadmap 

This session explained how one state emphasized risk analysis early in the planning phase. They recommend making it a priority to mitigate risks related to governance structure and decision making, misalignment of the solution and business needs, and executive visibility into business outcomes.  

The presenter urged states to focus on the business needs of the program, rather than viewing the Medicaid system implementation as an IT project.  

Secure Your SDLC—A Portfolio Management Approach 

A Commonsense Approach to Confronting System and Data Security  

Common Vulnerabilities and Exposures (CVE) are increasing every year at a record-breaking pace, meaning physical security measures are more important than ever. This means an increased security focus throughout the entire organization.  

How to Protect Federal Data 

Some strategies for protecting federal data include: 

• Enforcing Federal standards around Minimal Acceptable Risk Standards for Exchanges  
• Performing quarterly security assessments and security controls 
• Participating in monthly security calls with CMS 
• Implementing secure SDLC practices and best practices to keep software and data safe in a modular environment 
•  Integrating security components with development and implementation, such as industry-standard tools for security testing, compliance scans, and network scans 

Private Sector Technical Group (PSTG)—Private Sector Forum for States: How Can We Do Better? How Can We Help? 

This session was highly collaborative with states offering up ideas to help one another. State agencies are conducting strategic planning due to expiring contracts, legislative mandates, and to replace large monolithic legacy systems.  

Challenges With Vendors 

There are challenges with making sure vendors truly understand requirements in the RFPs that states publish; asking for statements of understanding can be helpful for this.  

PSTG also recommended oral presentations include delivery teams as part of the procurement process and limit the use of sales staff in the orals. States emphasized the importance of making sure your vendor delivery team understands and is familiar with the contract.  

Another concern raised around UAT was that state staff are not able to allocate time to be part of the UAT phase due to running a program as their full-time job, and they are not familiar with the new system. Collaborate with vendors on testing to address state staff limitations for testing; things like a sandbox for state staff and early OCM can help here.  

Population Health Management Initiatives with Medicaid: A Survey of Current State Programs 

This session addressed the importance of improving and lowering the cost of care for high-need, high-cost beneficiaries because most Medicaid spending is driven by a relatively small portion of this high-need, high-cost beneficiaries. Additionally, there is an increased need to address the Social Determinants of Health (SDOH) as a component of State Medicaid strategies.  

Medicaid, HIEs, and Public Health – Together at last! 

AWS/Cloud Solutions During the Public Health Emergency 

Existing on-premises systems could not support the volume of data and pivoting needs resulting from last year's public health crisis. What is needed is scalability, resiliency, and reliability. As a result, electronic lab results (ELR) skyrocketed, and immunization tracking systems were overwhelmed. The use of a cloud or hybrid solution helped to augment solutions. 

Success stories included the Data Lake Response solution piloted in NY State, which needed to get data from the lab entities and ELRs, using the HIE structure that was already in place. They took in the data without formatting it first and then did the data transformation afterward which enabled them to set up the application very quickly 

Access, Speed to Data, and Access to Care Matters in Collaboration with Security  

Using existing infrastructure to take in the raw data and transform later vs ETL (Extract, Transform, Load) means that once the data is in the system, you can configure it rather than designing specs and redesigning with multiple vendors.  

Transitioning the SS-A from Maturity to Outcomes  

This session confirmed that PSTG has taken on a project to produce a toolkit for assisting states in assessing their current state and defining outcomes to replace the State Self-Assessment (SS-A) as a tool for aligning APDs, system certification, and other frameworks. 

Keep your eye out for the next Daily Digest from MESC 2021. In the meantime, share a problem with us and earn a chance to win a $200 Visa Gift Card. Fill out the form here.