Building resilience after COVID-19 with RPA
Within days of the COVID-19 pandemic being declared, robotic process automation (RPA) became an essential day-to-day tool for many healthcare providers, rather than a long-term aspiration.
For organisations suddenly burdened with staff shortages and other constraints caused by the COVID-19 crisis, the benefits of automation were no longer purely about making cost efficiencies, but about building resilience.
Tasks like billing, processing claims, managing patient records and other repetitive, time-consuming tasks are well suited to software bots, as they can help free-up time for healthcare staff to spend with patients.
"Healthcare organisations have these very complicated types of billing and claims processes, that involve reworking the claims and making sure that codes are properly applied. That's just so much manual data entry, checking of records, sometimes checking of actual scans," says Roberto Valdez, Director of Cybersecurity Automation and Risk Advisory Services at Kaufman Rossin, an advisory firm for US businesses.
A study by Gartner carried out in May 2020 found that while only 5 per cent of healthcare providers had been investing in RPA before the pandemic, 50 per cent plan to do so in the next three years.
This makes sense given that RPA has emerged as an almost tailor-made solution for the challenges of COVID-19. Consider staff who routinely carry out admin duties having to self-isolate for two weeks, along with the increased numbers of patients passing through a hospital. Automation can take care of the increase in patient scheduling and appointment cancellations.
"These are the areas where RPA has the biggest opportunity and can make the biggest impact, and the pandemic will continue to drive adoption," Valdez says.
One example is Indian insurance firm ICICI Lombard, who now used cloud-based automation driven by AI to process cashless claims requested by hospitals. Data like doctor's diagnoses and treatment plans are fed into the algorithm, which decides whether to accept the case, while a machine learning algorithm decides on the claim amount. A process that once took 4 hours to do manually, now takes 90 seconds.
Solving COVID-specific challenges
RPA has also been deployed to solve specific problems that have arisen as a result of the pandemic. COVID-19 testing requires a substantial amount of repetitive admin, including finding and registering patients in the system, correctly labelling test kits for collection and analysis, and logging test results, in some cases into a national database containing millions of other entries. Additionally, there is a huge demand for tests that have created backlogs in many countries, while social distancing rules remain in place for staff.
Back in March, RPA software firm UiPath launched a project with the Mater Misericordiae University Hospital in Dublin, providing their Infection Prevention and Control department with free trial robot licences to process test results. UiPath says this is saving 3 hours per day, which nurses can instead spend on the pandemic response.
In the UK, at the start of the pandemic 750,000 people responded to the Government's call for volunteers to assist with COVID-19 efforts, in the space of just two days. Before taking up their roles, every single person needed to be registered and undergo background checks. Whereas HR would usually perform these functions manually, the sheer numbers of people requiring processing meant that using automation would be much faster and more efficient.
Software firm Credentially was appointed to automate the sign-up and verification process of doctors, nurses and paramedics, registering thousands of clinicians in a matter of days instead of months.
Slow adoption, until now
COVID-19 has really highlighted the benefits of RPA, but why did it take a global pandemic for it to become widely adopted? "There's actually some good reasons for this," Valdez says. "Some of it relates to the sensitivity of patient information, some of which is driven by compliance, but then also just good patient care and stewardship of patient records as well.
"HIPAA compliance provides certain types of constraints, and as a result of that, healthcare organisations have been hesitant to outsource certain types of functionalities historically, though it's become much more common. Then when they do outsource, they often want to restrict it geographically, for instance limiting it to within the United States. In certain conditions, they will offshore, but with really strict and rigid restrictions."
Another reason is purely down to clinicians' habits. "So much of what is done is in a physical space with patients, where healthcare practitioners are writing notes by hand, or marking charts. Even today there's still tons of paper involved in this system. There are healthcare record systems that are increasingly able to provide good apps and interfaces for digital versions of these, but whatever has been baked in the cake and used for a long period of time is still quite prevalent."
Despite this, it looks increasingly like RPA in healthcare is here to stay. "It's very hard to unturn this screw, and part of that is because if you have a nice return on your investment and a nice demonstration of value, then why would you go back?" Valdez says.
"The other part is just as simple as implementation and infrastructure. When you go through the effort, cost and time of integrating a system like robotic process automation, then it's probably to your advantage to just continue on that pathway of digital transformation. That includes the use of the cloud, and Software as a Service types of systems. Automation across the entire value chain is something that's continuing to increase."
RPA is the fastest-growing segment of the software market, and Valdez predicts that providers of other, traditional types of software will see this as an opportunity. "You have enterprise RPA platforms like Blue Prism and UiPath that are just tremendously successful, but then these traditional, huge enterprise companies and software developers are seeing that there's some market share available," he says.
"Providers of electronic health records (EHR), customer relationship management (CRM), and enterprise resource planning software (ERP) are integrating versions of RPA into their existing platforms. Even companies like Workday, which produces a huge ERP system, and Microsoft, are integrating RPA into their platform. We're going to see an increase in that. It'll create a nice competitive overlap which benefits healthcare, and which ultimately benefits the patient as well."
Getting ready for cloud data-driven healthcare
As healthcare continues to recognise the value of data and digital transformation, many organisations are relying on the cloud to make their future-forward and data-centric thinking a reality. In fact, the global healthcare cloud computing market was valued at approximately $18 billion and is expected to generate around $61 billion USD by 2025.
At the forefront of these changes is the rapid adoption of cloud-based, or software-as-a-service (SaaS), applications. These apps can be used to handle patient interactions, track prescriptions, care, billing and more, and the insights derived from this important data can vastly improve operations, procurement and courses of treatment. However, before healthcare organisations can begin to dream about a true data-driven future, they have to deal with a data-driven dilemma: compliance.
Meeting regulation requirements
It’s no secret that healthcare is a highly regulated industry when it comes to data and privacy – and rightfully so. Patient records contain extremely sensitive data that, if changed or erased, could cost someone their life. This is why healthcare systems rely on legacy technologies, like Cerner and Epic EHRs, to manage patient information – the industry knows the vendors put an emphasis on making them as secure as possible.
Yet when SaaS applications are introduced and data starts being moved into them, compliance gets complicated. For example, every time a new application is introduced into an organisation, that organisation must have the vendor complete a BAA (Business Associate Agreement). This agreement essentially puts the responsibility for the safety of patients’ information — maintaining appropriate safeguards and complying with regulations — on the vendor.
However, even with these agreements in place, healthcare systems still are at risk of failing to meet compliance requirements. To comply with HIPAA, U.S. Food and Drug Administration 21 CFR Part 11 and other regulations that stipulate the need to exercise best practices to keep electronic patient data safe, healthcare organisations must maintain comprehensive audit trails – something that gets increasingly difficult when data sits in an application that resides in the vendor’s infrastructure.
Additionally, data often does not stay in the applications – instead healthcare users download, save and copy it into other business intelligence tools, creating data sprawl across the organisation and exposing patient privacy to greater risk.
With so many of these tools that are meant to spur growth and more effective care creating compliance challenges, it begs the question: how can healthcare organisations take advantage of the data they have without risking non-compliance?
Yes, healthcare organisations can adhere to regulations while also getting valuable insights from the wealth of data they have available. However, to help do this, organisations must own their data. This means data must be backed up and stored in an environment that they have control over, rather than in the SaaS vendors’ applications.
Backing up historical SaaS application data directly from an app into an organisation’s own secure cloud infrastructure, such as AWS or Microsoft Azure, makes it easier, and less costly, to maintain a digital chain of custody – or a trail of the different touchpoints of data. This not only increases the visibility and auditability of that data, but organisations can then set appropriate controls around who can access the data.
Likewise, having data from these apps located in one central, easily accessible location can decrease the number of copies floating around an organisation, reducing the surface area of exposure while also making it easier for organisations to securely pull data into business intelligence tools.
When healthcare providers have unfettered access to all their historical data, the possibilities for growth and insights are endless. For example, having ownership and ready access to authorised data can help organisations further implement and support outcome-based care. Insights enabled by this data will help inform diagnoses, prescriptions, treatment plans and more, which benefits not only the patient, but the healthcare ecosystem as a whole.
To keep optimising and improving care, healthcare systems must take advantage of new tools like SaaS applications. By backing up and owning their historical SaaS application data, they can do so while minimising the risk to patient privacy or compliance requirements. Having this ownership and access can propel healthcare organisations to be more data-driven – creating better outcomes for everyone.