Kepa,
You write: ><snip>Interestingly enough the objections that I hear are not coming from providers or payers, but from vendors, even vendors of testing products or services.<snip> First, let me say that the Transaction testing white paper has done an excellent job in documenting the testing-types and changing "level" to "types" provides better clarity. Of course, there is always scope for improvement. As an EDI translator vendor, I personally feel that 3rd party compliance-testing/certification is important and benefits all parties involved. Most EDI translators are "horizontal" in nature and HIPAA is just one "vertical". Any feature that an EDI translator vendor adds to the product (let us say to support HIPAA) is by keeping it "horizontal" (feature available for other verticals). 3rd party compliance-testing and certification vendors for HIPAA on the other hand are more focused "vertical". They "may" in fact be using a horizontal EDI translator for developing their compliance-checking "application" :-) I would like to point out that most EDI translators can literally provide redundant/double validation mechanism. Let us say, business application outputs "claims" in it's own format, which is first "analyzed" by an EDI translator (does validation of "claims data" with the application layout for claims), then claims is mapped to the 837P EDI message structure and then the 837P EDI message is generated (does validation again with EDI IC). Same applies in the reverse (inbound) direction. It will be difficult for a non-HIPAA compliant transactions to pass through this "double-fort", provided the business rules have been taken into account. It is for this reason, it is important that all business rules are unambiguously documented in a separate document. We can point out to our VARs, what rules are not supported (if any), which can then be supported by the glue-logic developed by the VAR. The document will not only benefit EDI translator vendors, but also the compliance-testing vendors, certification companies, application developers and most importantly, the end-user. Please appreciate that an EDI translator vendor has to factor "risk" associated with "live" transactions. They would simply love a "clear" unambiguous testing. For example, EDI vendors supporting EDIINT specs have gone for EDIINT compliance-testing/certification with Drummond group. Unambiguous compliance-testing/certification will provide EDI translator vendors with a good marketing-punch and will save lots of head-ache. Ajay Ajay K Sanghi Managing Director ABO Software Private Limited "EDISPHERE" B102 Gulmohar Park, New Delhi 110049 Tel: +91 11 6968976, 6512822 Fax: 6518873 Website: http://www.abosoftware.com email: [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Kepa Zubeldia Sent: Saturday, September 07, 2002 3:28 AM To: [EMAIL PROTECTED] Cc: 'Miriam Paramore'; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Certifications Rama, Let me make some observations.... The white paper describes testing in much more detail than certification. It describes what kinds of tests should be done in a detail that was never before described in this industry. The description of certification as a third party assessment is as far as the white paper goes. So, the emphasis of the WHITE PAPER is on testing, not on certification. Given the number of trading partners that have to be compliant with HIPAA, if each pair of trading partners is going to test with each trading partner, we will never be able to finish the testing task. As an analogy, if every time I go to a different gas station to fill up my tank I need to have the gas pump tested for accuracy, pumping gasoline will become a lot more expensive. The white paper points at the tremendous economies that the industry will achieve by reducing the amount of one-on-one testing. Instead of testing one-on-one among each pair of trading partners for all aspects of HIPAA compliance, you can test for all the non-trading-partner-specific aspects thoroughly once, and then only test for trading partner specific aspects when you engage each trading partner. This reduces the amount of testing that needs to be repeated and minimizes waste. Of course the reduction of the amount of testing for the entire industry also means that the market size for those of us that are in the testing business gets reduced. But the entire industry benefits from it. Certification of compliance of the HIPAA transactions is not an easy process. You not only need to have both the EDI expertise and the healthcare expertise, but you need to be able to produce a "provable" result and stand behind it. This involves a very high liability. Any progress in the right direction is progress. The fact is that the testimonials are starting to surface. Entities that have gone through thorough testing and a third party evaluation find that they can implement their trading partners much more efficiently. Payers are seeing a difference. The providers that come already certified can be brought into production MUCH quicker than the non certified. It only makes sense. They have done their homework. There is no incompatibility between testing and certification. One does not replace the other. Even if you are certified, you are going to have to do some testing with your trading partner. However the expense, effort, and time of the trading partner testing is greatly reduced. I don't understand why the reluctance to do a third party assessment of your transactions, especially if the price is right and you have a choice of third party assessors. Interestingly enough the objections that I hear are not coming from providers or payers, but from vendors, even vendors of testing products or services. Who are they speaking for? Somebody is trying to convince the industry that NOT obtaining third party certification is better than obtaining it. Does this make sense? Let the flames begin. Kepa On Thursday 05 September 2002 09:09 am, Ramakrishna Pidaparti wrote: > Hi All: > > I think the WEDI-SNIP white paper on testing and certification does a > good job on defining the "Types" (used to be "Levels") of tests from > a HIPAA domain point of view. > > The push and shove for certification is not something many like at this > stage and rightly so. The focus should be on testing and not on certification > but the emphasis is on certification in this whte paper. > > The model recommended in that white paper is, do your internal testing, > go for certification (which is now defined to be third party assessment) > before you do any B2B trading partner testing... to paraphrase. > > This is flawed in the sense an organisation using a translator with a > HIPAA compliance checker may still use a third party tools/service during > their internal testing phase to build an automated test suite for example. > Once they are confident, they can do some beta testig with some TPs > and then with more TPs when the interoperability confidence is even higher. > There is no need or room for certification here. > > The other important things missing from the white paper are, the traditional > Software Testing aspects of unit, system, integration, beta, acceptance, > stress, load, performance and autoated testing that deserve a mention > more than certification. > > Hopefully these are covered in the next verrion, with mroe emphasis on > testing and less on certification. > > Regards, > > Rama. > -- > > ---- Sunny Singh <[EMAIL PROTECTED]> wrote: > > Miriam, > > > > The issue we need to think about is not "certification against something" > > but rather than "testing against something". Testing conceptually > > can be > > implemented in a "nice to have", "imposes a good discipline for partners > > to > > do some homework of their own" types of concept - not Certification. > > I agree > > something is better than nothing and the concept of testing is a > > work-in-progress > > > > I would very much like to hear some arguments for the cause of why > > is a > > white paper suggesting certification when it is not definitive and > > at the > > same time is unclear in its very concept and additionally gives no > > clue to > > the user how close do they get to the real thing. The perception is > > also > > that Certification gets them quite a ways - again a wrong perception. > > > > Thanks > > Sunny > > www.HIPAADesk.com - "Test your HIPAA Data Files in Real-Time" > > www.edifecs.com > > > > -----Original Message----- > > From: Miriam Paramore [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, September 04, 2002 7:41 PM > > To: Sunny Singh; [EMAIL PROTECTED]; [EMAIL PROTECTED]; > > [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; > > [EMAIL PROTECTED] > > Subject: RE: Certifications > > > > > > My 2 cents on this topic. The undeniable reality is that every single > > trading partner in healthcare today accepts the "good enough" testing > > method. There are no exhaustive test plans on either side. Until now, > > via > > third parties, there has been no attempt at certification against a > > standard. We are making progress and it should be encouraged. Perfection > > is > > a goal. > > > > To be removed from this listserv, please email [EMAIL PROTECTED] > > <P>The WEDI SNIP listserv to which you are subscribed is not moderated. > > The > > discussions on this listserv therefore represent the views of the individual > > participants, and do not necessarily represent the views of the WEDI > > Board of > > Directors nor WEDI SNIP. If you wish to receive an official opinion, > > post > > your question to the WEDI SNIP Issues Database at > > http://snip.wedi.org/tracking/. > > Posting of advertisements or other commercial use of this listserv > > is > > specifically prohibited. > > > > > > -- This email contains confidential information intended only for the named addressee(s). Any use, distribution, copying or disclosure by any other person is strictly prohibited. To be removed from this listserv, please email [EMAIL PROTECTED] <P>The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited. To be removed from this listserv, please email [EMAIL PROTECTED] <P>The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited.
