HIE Adoption with the Data Exchange Incentive Program (DEIP)

Building EHR interfaces to New York State Qualified Entities (QEs) will increase the quantity of data in the Statewide Health Information Network for New York (SHIN-NY) and build value for the providers and patients at the point of care. 

About the Program

The New York State Department of Health (DOH), with support from Centers for Medicare & Medicaid Services (CMS), has established the Data Exchange Incentive Program (DEIP) to increase HIE adoption across the state for Medicaid providers.

Participating organizations are incentivized to contribute a pre-defined set of data elements to the SHIN-NY through a QE. This program is designed to help defray the cost for an organization when connecting to their local QE. 

New York eHealth Collaborative is coordinating the rollout of the program and the incentive payments on behalf of the State Department of Health. Limited funding is available, and this program is operated on a first-come, first-served basis.

DEIP Informational Webinar

Learn more about DEIP program basics, eligibility requirements, data contribution requirements, program milestones, payment milestones, QE contacts, and how to get started.

Download Webinar Slides


Eligibility Criteria for the Data Exchange Incentive Program

Eligibility criteria for the DEIP funding requires that providers and organizations meet several requirements, including some related to the EHR products that they utilize. Organizations attesting for DEIP funding must utilize an EHR that has obtained at least one of the following Privacy & Security Assurances (A, B, or C):

  1. ONC Certification* for, at a minimum, the following Privacy & Security criteria:
    • (d.1) Authentication, Access Control, and Authorization
    • (d.2) Auditable Events
    • (d.3) Audit Report(s)
    • (d.4) Amendments
    • (d.5) Automatic Log-off
    • (d.6) Emergency Access
    • (d.7) End-user device encryption
    • (d.8) Integrity

     

  2. Current SOC 2, Type II audit with no material findings**
  3. Current, validated HITRUST assessment or NIST cybersecurity framework assessment**

An organization must:

  • Have at least one provider that accepts Medicaid (Fee-For-Service or Medicaid Managed Care)
  • Contribute specific data elements to the SHIN-NY (e.g. demographics, medications, labs, allergies)
  • Meet other program-specific criteria related to the organization type and eligibility

EHR products that have met option ‘A’ and achieved ONC certification for the aforementioned criteria can be found here: https://chpl.healthit.gov/#/search

As of April 1, 2018, the following vendors have met option ‘B’ or ‘C’:
  • Netsmart Technologies
  • VitalHub

 

This list will be updated as new vendors are added.

Incentive Funding

Eligible practices may receive up to $13,000 in incentives to offset the cost and efforts of health information exchange adoption. In order to receive funding, all milestones must be completed by September 30, 2020 as long as funding is not exhausted before this time.

  • Milestone 1 - Enrollment: $2,000
  • Milestone 2 - Go Live: $11,000 (per connection)

DEIP Enrollment and Attestation Process

Providers and organizations interested in DEIP should contact their local Qualified Entity (QE) to get started. QEs will:

  • Provide the necessary enrollment and attestation forms
  • Confirm eligibility in accordance with program requirements
  • Answer questions
  • Provide you with more information on QE services

Once completed, QEs will submit the enrollment/attestation forms to NYeC on your behalf.

QE Contacts for DEIP

QE Contact Email

Bronx RHIO

Keela Shatzkin keela@shatzkinsystems.com

HealtheConnections

Danielle Wert dwert@healtheconnections.org

HEALTHeLINK

Stephen Gates sgates@wnyhealthelink.com

Healthix

Olubunkola Ojeifo oojeifo@healthix.org

HealthlinkNY

Noele Lynch nlynch@healthlinkny.com

Hixny

John Bunnell jbunnell@hixny.org

NYCIG

Sue-Anne Villano sue-ann.villano@nycig.org

Rochester RHIO

Denise Dinoto denise.dinoto@grrhio.org

For general questions about DEIP, email deip@nyehealth.org


*If the EHR vendors meets requirement ‘A’, they must have and maintain a Certification Status of ‘Active’ from an ONC Authorized Testing & Certification Body (ONC-ATCB). EHR vendor may certify against additional Privacy & Security criteria as desired. Certification may be against the 2014 or 2015 Edition of ONC Certification. Additionally, the ONC-ATCB may also require (g.4) Quality Management System and/or (g.5) Accessibility-Centered Design.

**If the EHR vendor meets requirement ‘B’ or ‘C’, they must also provide NYeC with an attestation that demonstrates their product’s ability to meet the requirements 45 CFR 170.314(d)(1) through 170.314(d)(8) which represent the EHR features, functions, and behaviors related to privacy and security. SOC 2, Type II audit will only be acceptable through September 30, 2019, at which time the vendor must be certified or assessed and compliant with ONC Privacy & Certification criteria, HITRUST, or NIST.