By Drew Barrows
August 10, 2009
For this article in the series on Healthcare Informatics, we are speaking with Elliot Abreu, VP of Operations for Xyntek, a systems integrator of automation and IT systems. Xyntek works with hospitals and healthcare providers to develop technology systems that comply with privacy regulations, as well as developing workflow and automation functions for medical device manufacturers that ease their processes. Xyntek (www.xyntekinc.com) also provides their own custom software products.
Q1. Please give us a background on Xyntek.
Xyntek has been in business since 1986 as a professional IT and automation consulting firm. We got our start in the life sciences arena and have since been working on many projects in regulatory compliance for healthcare. With HIPAA and various healthcare reforms, there are many regulations, compliance, and reform requirements that have come into place. Xyntek’s focus in on the integrity of the data that is being collected, and managed in compliance with HIPAA.
Our typical clients include medical device manufacturers and diagnostic equipment manufacturers. We work on systems that allow doctors to be able to view patient data in real-time by collecting data in a web-based portal. Xyntek also provides services to hospitals (CMO and CIOs) that are responsible for implementing the exchange of healthcare data through electronic health records (EHR) and electronic medical records (EMR). We allow medical professionals to share and make decisions on the data that is collected in a collaborative way.
Q2. HIPAA (Health Insurance Portability and Accountability Act) regulations can be quite complicated. How is Xyntek helping to simplify regulation standards for its customers?
When it comes to information technology, there are a lot of different mechanisms and approaches that can be followed to ensure that you are meeting HIPAA requirements. Talking about from the standpoint of implementative HIPAA-compliant software, we adhere to standardized EDI transactions and code sets to ensure efficiency and optimization. Xyntek looks at following a good systems development lifecycle – we want to ensure that there is quality information gathering, design, testing, documentation, and validation – in order to support HIPAA standards.
A typical solution might start with meeting with a hospital executive or other client to see their current processes. We do an up-front analysis to understand where the bottlenecks and inefficiencies are. Based on this process analysis, we can now go out and talk to software vendors and do a study on different products in order to recommend a solution that will best fit a client’s needs. Our support throughout the procurement phase is a large part of the whole healthcare reform IT process.
Change management is also a very large part of our services - we guide our clients through the process and do a lot of upfront handholding. Our job is to remove the fear of learning a new system and teach that this about becoming efficient. We want people to get excited so that when we turn that switch on, they are comfortable with this technology – that’s really how we gain momentum is by word of mouth once you have people within the organization using these technologies. In order to prevent the pushback, we have developed deliverables that are focused on change management.
Q3. Businesses of all kinds benefit from streamlined project management. Please explain how you’ve worked with customers to simplify their operations while meeting critical business needs and hopefully providing cost benefits.
When you look at successful projects especially around IT, there are three main ingredients: people, process and technology. We want to ensure that the people part is going to help lead to successful IT implementations. Part of the activities that we incorporate into a new project is a assessing the size, nature, and impact of the change. What is this technology going to bring to the table? How is it going to impact my people, my process and my other technologies? So, that’s what we want to do is to identify some of the key stakeholders of the program and evaluate some of these parameters.
The other part is to prepare a team that can focus on the change. We use some fun persuasion techniques to turn those around who are apprehensive. For example, a kiosks set up in the cafeteria where you can have gadgets set up to play with the look at the technology. You want a user that may be afraid of the technology to look at these new, sexy gadgets to see these devices and be attracted to them. We might set up a screen and an application, which ultimately shows the end user how it will benefit their job – this has turned into a very successful strategy.
We also identify a power user up front. By seeking out someone within the organization who is going to represent this technology and get others excited about it, all are successful. General communications are also critical – for example email blasts to the whole of the organization to let them know what is coming. The approach is to get them excited rather than force the technology on the staff.
With all the requirements for healthcare compliance, there’s a small timeline and technology needs to be implemented ASAP, but processes must first be well defined. And your people must be ready. Without this, all that technology is going to be a multi-million dollar failure, which is going to do absolutely nothing and there are not going to be any incentives from government programs.
Q4. How does your information exchange work with various ERP systems, OS, and software platforms? Have you come across integration issues?
We’re not a software product company, so I can’t claim that I have an information exchange product. However, compatibility is a big issue. It’s what we specialize in as a company that provides integration, especially when you’re working with software from various companies across numerous sites and integration points. The big show stoppers that we come across are incompatible data formats, equipment and device drivers.
We often have to deal with legacy systems and need to find the best, most cost-effective way to manage overall systems. There are often applications, devices and instruments existing that do their job, however they may be terribly outdated, but in order to replace them, you could be looking at significant costs. Purchasing a brand new piece of equipment where the existing equipment does the same thing, well that’s where we may have to instead look at developing custom drivers and custom APIs. We’ve become a critical piece of the healthcare IT puzzle where we have the automation and software expertise to fill in the gaps and help various systems work together. We use the approach to validation, compliance, and testing as part of our overall implementation philosophy.
Q5. Have you worked with SOPs (standard operating procedures) in order to work through procedures that would come up in an audit?
Yes. Our organization is broken down into three core competencies: the IT Group which focuses on data exchange and integration of data sources; the Automation Group which focuses on device automation; and the Validation and Compliance Group. The latter group works with our clients to ensure that the solutions we develop, from a technology standpoint, are in compliance with FDA mandates and regulations. Part of that group’s responsibility is to develop our own templates for validation and for testing.
The validation and compliance unit works with our clients to develop SOPs focused around the technology that this process is going to support. In the HIPAA world, it’s especially important to have SOPs for your people, as it’s essential for them to understand the regulation. Email is a big way that you can be at risk from a HIPAA standpoint. In a government audit they are looking for proactive companies that follow good standards and have methodologies in place, which obviously reduces the risk.
Our goal is the knowledge that our client is comfortable in supporting, managing and keeping that technology compliant. We have services that can help if they get into trouble. However, we want to prepare their system so that that doesn’t happen. For example, if they found holes or gaps with the technology itself or a process, we can evaluate what the risks and warnings are and mitigate that risk. It’s a big part of our service offering. We want to be able to walk out and say ‘this technology is good.’ As regulations and standards change, it’s not going to be ‘one and done.’ Every year or every five years there are going to be changes to regulations such as HIPAA, additional regulations and that’s going to be a product lifecycle where we are continually analyzing the regulations in the industry. We are constantly evaluating our processes, people, and technology – and remediating all of these to ensure that we are always in compliance with new regulations, standards, and platforms.
Q6. Explain the benefits that automation brings to healthcare products manufacturing.
We’ve provided automation since Xyntek was founded in 1986. The top benefit is it’s a repeated process that once it is implemented, you know you’re going to get repeated quality if done correctly. There are also cost benefits when you are able to manufacture more products in a shorter time span. Decisions can be made quicker on production, costly errors and quality defects can be eliminated – there are just so many benefits to automation.
The one that a lot of people are concerned with is that automation eliminates humans. Well, this is not necessarily the case because you still need humans to support the automation and the process. You must look at realigning the workforce instead. One of the key areas is now electronic match records – prior to automation, paper would need to be reviewed and confirmed by a manager along the process. We now have a fully automated workflow that ties into a real-time PLC (programmable logic controller), distributed controls, and SCADA (supervisory control and data acquisition). Decisions are being made real-time, info is being collected real-time and product is going out a lot faster. Talk about a competitive advantage!
With SOPs in place, you now have a reproducible process that is always going to give a quality product. Automation can be expensive, depending on the level considered. We are generally working with taking an entire manufacturing process and bringing together different pieces from packaging through to distribution – and being able to vertically integrate automation to manufacturing execution systems up to an ERP system. We work with medical device manufacturers on the PAT (Process Analytical Technology) standard, which is a form of automation. Now instead of fixed or continuous processes, you are receiving feedback throughout your process on critical quality parameters and feeding that back into your process and making changes on the fly. So, there is a lot of new technology to move us into the next level of automation.
Q7. What are you doing with data exchange?
We do evaluation and assessment activities in the space, focusing on selecting products that should be implemented for a client that best fit the business model and the workflow. We don’t have a data exchange product but we know the technology and we know the critical component for data exchange.
Our database and software integration experience allows us to do customization of COTS systems to enhance any data management requirement, allow availability of legacy systems, without a complete upgrade or investment. This goes back to the point before where we can look at a legacy application or old technology, and tap into it to bring more value out of it. This goes back to our software integration, software engineering, and database knowledge and experience.
I think on a larger scale, we are driven towards intra- and inter-group systems that are more modern. And by more modern, I’m talking about more web-based infrastructure and design architecture. These technologies are ripe and most of them are compatible and standardized that can be used to support data exchange. It’s not the implementation that’s difficult, it’s defining what those requirements are to meet the end user’s needs. Where we come into play is working with our customers and guiding the process to help define these requirements. The technology part is always the easy part. There’s always a way to achieve and there are different ways to do it. What is the best way to do it? What is the budget? With enough money we can build a bridge to develop the system around those processes that meet regulations.
Q8. How does training come into play?
For every solution that we implement for our clients – whether it’s one of our own custom solutions or a top vendor’s technology - part of our implementation phase is training. Part of any audit is in your people - they want to know if your people have been training on SOPs and trained on the system, so we’ll issue training certifications. Whether it’s classroom-based training, hands-on training, or one-on-one training, this is a big part of what we do for our clients.
Product lifecycle management is a continuous loop and we provide the training as processes are modified. There are always going to be changes and additions, part of that process is that things morph and loop as you’re using a product. And what we do with our clients is ensure that any changes in the technology – whether it’s good or bad – that that is all properly documented.
And that all follows a good software development lifecycle. Whether it’s your standard waterfall or iterative where you are constantly making changes – as long as you’re documenting it all, then you’re OK. Whether clients need additional training, or there are enhancements to the existing system. Or perhaps there is new state of the art technology such as a heart monitor to interface with, that’s why we’re here - to help them do that a lot faster and more efficiently.