Six questions to ask when evaluating a provider-network data solution

Offering provider search to end users is now table stakes for healthcare navigation platforms, digital health apps, and all sorts of InsurTech companies. If a digital tool can’t deliver an intuitive experience for finding in-network doctors and hospitals—and making informed, cost-efficient healthcare choices—potential customers will look elsewhere.

What’s the one foundational element that all provider-search tools need? Provider-network data — information about doctors, hospitals, and the insurance networks they participate in. Today, rather than undertaking the herculean task of aggregating this data from various carriers and sources, tech companies can seamlessly ingest it via an API.

There are a few provider-network data solutions available in the market, but not all are created equal.

An effective solution must offer accurate, timely data and seamless integration that enables a positive end-user experience as well as money- and time-saving operational efficiencies for all stakeholders.

This means that to identify the right choice, tech companies must make some critical assessments when testing a provider-network data solution. Here are six key questions to ask (and answer) along the way.

Is the data complete?
The breadth of provider-network data can be a pivotal differentiator between a great solution and a passable one. The more complete the data—e.g., provider names, addresses, phone numbers, network IDs, languages spoken, specialties, and network tiers —the more comprehensive the results for searches will be. Robust data lets users search providers by network and/or plan, and search networks by carrier. Typical use cases include selecting a primary care provider during open enrollment, confirming that a physician referral falls within a patient’s network, and facilitating app-based scheduling of physician appointments.

Is the data accurate—and easily remedied when it isn’t?
Comprehensive data is only an edge if it’s also correct. Inaccurate data—say, regarding physician network participation, specialties, or addresses—can have a significant downstream effect, resulting in billing errors, denied claims, and the person-hours required to rectify them. A provider-network solution should also have validation capabilities and procedures to ensure that data is verified and up-to-date, not to mention meaningful measures in place to detect and reconcile discrepancies.

Is the data timely?
Even the most complete and accurate data is a bit like a fresh-baked loaf of bread: It may be delicious, but it’s going to get stale eventually. An effective provider-network solution will update data from carriers and other sources on a regular cadence, often weekly, monthly, or somewhere in between. But because each one of those carriers provides their data on their own schedule, it’s crucial that a data solution has an automated process in which it ingests, aggregates, and standardizes the data, ensuring the freshest “loaf of bread” possible.

Is the solution scalable?
Scalability should be top of mind for tech platforms seeking to aggregate data from multiple carriers — doing so without a capable provider-network data solution can be prohibitively cumbersome, requiring a separate set of integration processes for each carrier. Scalability is also critical for carriers integrating with an increasing number of benefits platforms. A scalable, flexible solution will be poised to evolve and grow along with its customers.

Does the solution have strong carrier relationships?
Established relationships with carriers is a primary differentiator for a provider-network data solution. Ideon, for example, has nearly 100 carrier relationships going back many years. We know from experience that accessing complete, timely, and accurate data is only possible when there is a relationship-based buy-in from carriers.

Is the solution secure?
Technology companies, carriers, and end users must be confident that, along with seamless and intuitive search, a provider-network data solution offers confidentiality and operational transparency when it comes to the safety and security of its network data. No product evaluation would be complete without asking: What data governance, encryption, and recovery measures are in place? What was the result of the most recent SOC 2 audit?

***

The process of testing a provider-network data solution can be intense, with limited time to make a decision that will shape an organization’s ability to meet customer and end-user expectations for years. These six questions will help product leaders and data strategy decision-makers to choose the best solution for their needs, leaving more time for cost-benefit analysis and other evaluation. Interested in learning about Ideon’s provider-network API? Contact us here.

How BenAdmin platforms turn carrier connectivity into a competitive advantage

Benefits administration platforms’ (BenAdmins) sales, operations, and product teams have a ton to think about these days: 

  • How do we become a year-round benefits destination for employees? 
  • How do we take advantage of the growing popularity of voluntary benefits? 
  • How do we ensure our employee experience is a competitive differentiator?

One topic that is all too often overlooked: carrier connectivity. On one hand, carrier connectivity has become table stakes — after all, doesn’t every BenAdmin platform communicate enrollments and member changes to carriers digitally, mostly via EDI feeds?

Yes, but leading BenAdmins view carrier connectivity as much more than a technical requirement: done correctly, it’s a competitive advantage, enabling scalability, efficient operations, and a fast, accurate enrollment experience.

In the benefits industry, “fast” and “scalable” are rarely used to describe group setup and implementation. We know from speaking with our customers that it takes most BenAdmins 8-12 weeks — and often longer — to build typical BenAdmin-to-carrier EDI feeds. But that’s all changing now. We’ve seen several platforms reduce their group setup timeline to as few as five days. 

The obvious question: How are BenAdmins reducing group setup to days, instead of months?

The answer lies in a new way of managing carrier connections, a strategic decision to partner with companies that specialize in exchanging enrollment data between BenAdmins and carriers. 

The results for BenAdmins speak for themselves:

  • Group setup completed in five days
  • The ability to send enrollment data in a consistent format
  • Elimination of several manual steps that typically prolong EDI implementation

Our new infographic compares, side-by-side, this enhanced carrier connectivity strategy vs. traditional EDI setup. Fast, accurate, and scalable — it’s a new world of connectivity without complexity. Download the infographic to learn more.

DOWNLOAD

Error management with Ideon, Part 2: Auto-reconciliation

By Jashan Ahuja
Group Product Manager – Enrollment

In Part 1 of our error management blog series, we explored Ideon’s ability to process errors in a centralized and consistent way. Now, in Part 2, we delve into our industry-leading auto-reconciliation feature, which proactively identifies discrepancies between platform and carrier systems.

It’s a scenario all too common in the group benefits industry: a benefits administration (BenAdmin) platform sends enrollment data to a carrier via an EDI file and waits a week or more — with no visibility into whether the information was accepted — only to receive back an unreadable report of errors and discrepancies.

Now imagine a world with lightning-fast data exchange, two-way communication, and seamless reconciliation between platforms and carriers. The platform would receive a notification within minutes that lists all discrepancies between the two systems.

Ideon’s automatic reconciliation system makes the above not only possible, but easy to implement and scalable across carriers. It’s an industry-first feature that offers the capability of proactive data reconciliation between the platform and carrier systems.

In our prior blog, we explored Ideon’s ability to standardize and expose errors generated by carrier systems, transforming them into a consistent, human-readable, and actionable format. That crucial feature forms the foundation for closing the feedback loop with carriers. But Ideon doesn’t stop there. In this blog, we examine auto-reconciliation, a revolutionary process that identifies and surfaces discrepancies in near real-time, even before the data has been sent to the carrier

What is auto-reconciliation?

Auto-reconciliation is an essential component of Ideon’s data exchange process, significantly streamlining the enrollment workflow for carriers and benefits platforms alike. This innovative process flags discrepancies before data reaches the carrier’s system, dramatically reducing downstream errors that could otherwise wreak havoc on carrier operations—and members.

Here’s how it works: Ideon’s reconciliation engine proactively pulls all member and coverage information for a group from the carrier, converts it to our data model, and compares it to the platform data on a field-by-field basis.

The comparison encompasses 18 data points, also known as “discrepancy parameters,” including demographic data (e.g., birth date, SSN), coverage details (e.g., plan start date, plan volume), or even the existence of a member or their coverage in one system but not the other. We’re able to specify the source of any discrepancies for our partners and provide both platform and carrier values, creating a clear, actionable pathway to resolution.

Consider the example below, where a carrier’s system contains a different birth date compared to the one entered on the benefits platform. Without validation, this discrepancy would inevitably lead to errors for this subscriber. However, by matching the carrier’s existing information with the enrollment record, Ideon can promptly detect the discrepancy and return the record to the platform for correction.

"errors": [
    {
      "id": "a37ecd06-5d97-46e4-9b4e-dcde6a03246f",
      "member_id": "a37ecd06-5d97-46e4-9b4e-dcde6a03246f",
      "plan_id": "a37ecd06-5d97-46e4-9b4e-dcde6a03246f",
      "coverage_period_id": "a37ecd06-5d97-46e4-9b4e-dcde6a03246f",
      "discrepancy": {
        "parameter": "birth date",
        "carrier": "1/1/93",
        "platform": "2/1/93"
      }
    ]

 

During our processing, we reconcile 18 different critical fields, as well as verify the presence of the member in the carrier’s database. 

Annual earnings

Birth date

Coverage

Dependent

Employment end date

Employment start date

Employment status

Gender 

Marital status

Plan ID

Plan end date

Plan start date

Plan volume

Primary care provider

Residential address

Social security number

Subscriber

Wage frequency

 

Additional features

Ideon’s auto-reconciliation system boasts several features for fast, accurate data exchange, smooth operations, and an enhanced member experience.

Deduplication

Automatic reconciliation operates daily, comparing new discrepancies against open ones from the previous run and resolving any that are no longer relevant. This keeps carrier and platform systems in sync with current data and ensures the list of open discrepancies is directly relevant.

Frequency + Timing

Automatic Reconciliation runs as frequently as daily for carriers supporting an API-based, automatic census retrieval. Resolved discrepancies are closed every morning, while newly identified ones are opened.

We are currently expanding our auto-reconciliation functionality with carrier partners that don’t yet support a daily census.

As part of our reconciliation process, we carefully consider the timing of data in and out of our system. When our system receives a data element that hasn’t been sent to the carrier yet, our reconciliation logic takes this into account by comparing the carrier’s data with the previous version of that data field. Once the field is transmitted to the carrier, it is incorporated into the next reconciliation cycle, with a buffer for carrier processing time. This thoughtful approach prevents noise, such as unwarranted and erroneous discrepancies.

Surfacing Discrepancies

All actionable enrollment discrepancies—originating from either auto-reconciliation or carrier error reports—are returned in a consistent, normalized format. Partners can access this information through:

      • direct GET requests via our API endpoints
      • proactive push notifications using webhooks, or
      • our standardized Enrollment Discrepancies CSV, delivered periodically

By centralizing Enrollment Discrepancies, we enable a more efficient and streamlined operational process, allowing benefits platforms to view errors generated by carriers and the results of auto-reconciliation all in one place.


Impact

Leveraging our unique, central position between platform and carrier systems, we have quantified the volume of out-of-sync data. After analyzing data from hundreds of groups and thousands of members, we found that about 8% of employee enrollments have a critical coverage issue, i.e. incorrect coverage dates, plan information, or birth date, or they’re missing entirely from either the carrier or platform system. For one specific platform-carrier combination, we saw 10.3% of subscribers with at least one error that affects enrollment accuracy. Additionally, 80% of groups with more than 20 subscribers had one or more critical errors.

Overall, proactively identifying coverage-affecting errors is critical for reducing inaccurate enrollments and downstream issues. Automatic reconciliation allows groups to detect and resolve discrepancies before the initial transmission to the carrier. This improves success rates for the initial transition of groups into production and allows for faster, more accurate group setups, ultimately resulting in a better member experience.

Coming soon – Part 3: Account structure consolidation and mapping

Enrolling members in the correct plans with the correct carriers all starts with precise, streamlined setup processes. In the next blog in this series, we’ll detail how Ideon enhances a platform’s mapping capabilities, making it easier to configure complex group setups when employers have multiple plans, classes, and divisions.

Ideon Insights: Beam’s Elek Pew talks distribution strategy as a tech-focused carrier

Welcome to the second episode of Ideon Insights, our monthly interview series featuring thought leaders and innovators driving the benefits industry forward. In this episode, we had the pleasure of speaking with Elek Pew, Head of Digital Partnerships at Beam Benefits, an ancillary benefits provider known for its innovation and digital-first approach.

In this Q&A, Elek provides insights into the evolution of the benefits technology ecosystem and the unique advantages that come with being a digitally native carrier. He also delves into how Ideon complements and enhances Beam’s digital distribution strategy, enabling seamless integration and collaboration within the industry.

For Elek’s complete thoughts on digital distribution, partnership strategy, and more, watch the video here.

Below we’ve highlighted six key moments from the conversation.

 

IDEON: How has the transformation of benefits technology informed your distribution strategy?

ELEK PEW: Technology is really at the forefront of everything today. Efficiency is king, especially in the small group market. We see that brokers care most about being really quick and efficient, so we pride ourselves on meeting those distributors where they are — whether that’s XYZ quoting or enrollment platform, or Beam’s own digital tools.

If they use a third-party system to quote business, we’ll find a way to integrate with that platform whether it’s through Ideon or directly. We’ll meet them where they are.

 

The benefits ecosystem is getting more complex. How do you choose the right partners?

There are a few things we think about when it comes to partnership strategy.

    • Do we potentially have access into a limited marketplace, where Beam is one of three or four benefits providers? 
    • What does the partner’s technology stack look like in terms of their ability to integrate? If a new partner comes to us and says, “we’re already integrated to Ideon” — that’s great for us. We know there’s not a ton of work to activate that new partner, compared to a net-new direct connection.
    • How do they think about API connectivity? Are we living in a file-based world? We’ll meet people where they are, but that’s definitely something we think about.
    • Are they willing to offer all of our product lines? Beam was historically a dental-first company, but now we’re focused on Beam as an ancillary benefits provider.

 

How does Ideon fit into your distribution strategy?

We definitely see the value in the partnership with Ideon from a middleware standpoint. As Beam has transitioned from Beam Dental to Beam Benefits — bringing on voluntary life, accident, hospital, and critical illness — our ability to turn those products on through one connection to multiple players in the ecosystem is game-changing. It’s a powerful thing that we want to continue to invest in.

We’ll connect to third-party platforms directly if that’s their preferred method, but we’ll meet folks where they are. Some will say, “we want to connect through Ideon,” and we’re more than happy to make that happen. It makes our jobs a lot easier knowing we have a trusted player in the middle, ensuring that our data is presented accurately and the data Beam gets back is in top fashion.

 

What are the advantages of being a newer, tech-focused benefits carrier?

Beam is well positioned in the market because, at our core, we’re a digitally native company. The idea of exposing our core functionality—enrollment, admin, quoting, etc.— and embedding our products into the benefits ecosystem really is inherent in how Beam has built core capabilities.

We’re able to go to market really quickly with new platform integrations because we’ve built our systems with the concept of exposability in mind. Now that the market is moving to third-party platforms, we’re well positioned to be able to connect and meet distributors where they are in the marketplace.

 

Why are rating APIs valuable for Beam and brokers?

Without a rating API, rates could only change once per quarter and it didn’t allow for customization — rates were prepackaged.

With a rating API like the one we’re building with Ideon, we’re able to take in real-time census information and generate a rate based on that specific employee population. We’re able to arrive at much sharper rates because we have more information about the group. It also enables our back office operations to be more efficient because we receive information about the group from that initial employee census.

With an API, we know it will only return rates and plans where Beam will 100% be able to offer the plan — rates are always bindable.

 

What’s a benefits technology trend you’re excited about over the next few years?

Instantaneous policy issuance — Beam is moving there, and I think the benefits industry overall will move that way, following in the footsteps of the P&C space. The group installation process is still painfully manual today.

The industry has made a lot of progress in terms of carriers accepting enrollment information from platforms and loading it into carrier systems, and we’re seeing instantaneous quoting making its way to the market with rating APIs. The next step is to bridge the gap between the two — take a quoted product, win it, turn it into a bindable policy, then have it ready for employees to enroll in coverage. That experience — quote to bind to enroll — we’re now seeing the foundation that will allow us to get there.

Stay tuned for new episodes of Ideon Insights each month. Subscribe to our newsletter below to stay in-the-know about Ideon and receive our latest content directly to your inbox.

Five datasets powering today’s healthcare navigation platforms

Over the past few years, three trends have intersected: healthcare costs increased, the healthcare system became more complex, and digitally native employees started expecting employers to provide technology for HR and benefits tasks.

Enter healthcare navigation platforms — digital tools that guide employees to better, more informed healthcare decisions based on cost, quality, and other criteria.

These platforms provide a wealth of information on doctors, hospitals, prescription drugs, and medical procedures. They also help employers to manage their healthcare costs by providing transparency into the pricing and quality of healthcare services.

Of course, offering an intuitive, modern user interface is essential for any healthcare navigation platform. But the breadth and quality of data behind the scenes, powering the features, often have the biggest impact on the overall user experience.

Here are five key data elements that some leading navigation platforms have integrated into their experience.

Provider network data
This includes information about the doctors and hospitals in a particular health plan’s network, including provider locations, specialties, and more. This is a foundational dataset, providing employees with detailed information about the PCPs and other healthcare providers in their network. Navigation platforms can help employees to make more informed decisions about where to receive care, as in-network providers are usually more cost-efficient than out-of-network.

Provider quality data
This covers the quality of care provided by different doctors and hospitals, as well as patient satisfaction ratings. This may also include outcome-based metrics. Platforms integrate provider quality data into their experiences to help employees choose healthcare providers that are more likely to provide excellent care.

Cost information
This is data about the cost of different medical procedures, prescription drugs, and other healthcare services. By providing employees with transparent pricing information, these platforms can help them shop for healthcare and make more cost-effective choices.

Patient reviews
Reviews and ratings of different healthcare providers from other patients who have received care from them. Armed with this information, employees can find healthcare providers that are more likely to provide a positive patient experience.

Claims data
Information about the healthcare services that employees have received, including the cost of those services and any out-of-pocket expenses that they may have incurred. By giving employees access to claims data, these platforms can enable them to better understand their healthcare benefits and how to use them.

All of these data sources are crucial for powering the new age of healthcare navigation platforms. By aggregating this data and presenting it to employees in an easily understandable format, these platforms can help to demystify the healthcare system and empower employees to make better decisions, resulting in significant cost savings for employers and improved health outcomes for employees.

For navigation platforms, collecting and integrating all of this data from disparate sources may seem like a colossal undertaking, but that’s generally not the case. Much of this information is now readily available via APIs. For example, Ideon offers structured, normalized provider-network data to navigation platforms via an API.

There are several healthcare navigation platforms on the market today, each with its own unique set of features and capabilities. Some examples include Healthcare Bluebook, Garner Health, HealthJoy, Accolade, Castlight Health, and others. Though their user experiences vary significantly, all rely on the power of data.

Ideon Insights: Selerix’s Lyle Griffin talks LDEx and benefits data exchange

Welcome to the first installment of Ideon Insights, a new monthly interview series featuring thought leaders and innovators driving the benefits industry forward. In our first episode, we sat down with one of our technology partners, Lyle Griffin, president of Selerix, a leading benefits administration solution for brokers, employers, and carriers.

In this Q&A, Lyle shares his thoughts on the LIMRA Data Exchange (LDEx) standards, how the industry can facilitate more LDEx adoption, and how benefits data exchange will evolve over the next few years. Selerix and Ideon are both members of the Data Exchange Standards Committee tasked with developing the LDEx standards for the workplace benefits industry.

For Lyle’s complete thoughts on all-things LDEx, APIs, and data connectivity, watch the video here.

Below we’ve highlighted five key moments from the conversation.

IDEON: What’s the current state of LDEx adoption?

LYLE GRIFFIN, SELERIX: There are probably a dozen or so carriers that have stepped up and implemented LDEx in a really robust way. We’ve also been pleasantly surprised at the number of technology platforms that have been involved in developing the standard. That dialog between platforms and carriers is something that has been very refreshing.

What are the benefits of LDEx?

One, is just the speed of implementation, being able to set up your data connections quickly. Knowing that they’ll work as advertised is also very important.

As we move to API engagements, you’re really going to see the benefits. If we can move to something where we’re exchanging data in real-time, or as close to real-time as possible, the benefits back to the client or end-user are incredible.

Why is Selerix an advocate for data standards?

We’ve been very committed to implementing the standards since Day 1. What my team is telling me — the people who set up EDI connections with carriers — they’ve been very adamant that LDEx is good for them. They like it any time they can engage with people using the standard because it’s a concise way to start that dialog with the carrier. Having a common language really helps expedite the process.

How does Ideon help carriers and technology platforms use the LDEx format?

One of the most important things that [Ideon] brings to the table, is a fully formed view of how that data exchange ecosystem should work. Having a robust way to work with people on error resolution, initial engagement, data intake, being able to connect with an API or by exchanging files — I can see where this would be a very attractive proposition, not to have to build all of your business processes from scratch to take advantage of what a company like Ideon has to offer.

What’s the future of data exchange in the benefits industry?

In the long run, I think everyone’s vision is one of an interconnected ecosystem, an interconnected market, where trading partners exchange data more frequently and much more reliably than they do today. That’s what this is all about. As an industry, we’re still talking about this stuff, we’re still working on these challenges. So I think it’s going to take a while to realize that vision.

 

Stay tuned for new episodes of Ideon Insights each month. Subscribe to our newsletter below to stay in-the-know about Ideon and receive our latest content directly to your inbox.

Meet Brix — Now part of the Ideon ecosystem

At Ideon, we’re regularly expanding our network of carriers and technology platforms, from industry leaders with 100+ years of history to startups at the forefront of health and benefits innovation. We’re proud to introduce a new addition to the Ideon ecosystem: Brix, a group life insurance carrier offering affordable plans to small businesses.

In this video, John Flueckiger, Brix’s founder and CEO, shares the origin story of Brix, insights on their digital strategy, and how working with Ideon enables third-party platforms to quote Brix’s plans.

Here are three key takeaways from the video:

  • Brix offers an easy and inexpensive way for small businesses to provide life insurance coverage to their employees.
  • Through partnerships with other insurance providers, Brix offers employees the opportunity to enroll in additional life insurance coverage tailored to their individual needs.
  • Brix leverages technology and agile distribution to provide a seamless digital process for brokers and employers. And, by leveraging Ideon, Brix gains representation on some of the leading third-party quoting platforms for group benefits brokers.

To learn more about Brix, check out the video and visit Brix.co. Platforms interested in quoting Brix products via Ideon’s API can contact us, here.

Error management with Ideon, Part 1: A centralized, consistent experience

By Jashan Ahuja
Group Product Manager – Enrollment

In Part 1 of a series detailing our enrollment API’s features and capabilities, Ideon’s product team examines error reporting and management — how it works, what benefits platforms can expect, and the advantages of a centralized workflow.

Historically, it’s been an operational and technical nightmare for benefits platforms to exchange group and employee enrollment information with medical and voluntary carriers. No matter the carrier’s method of data exchange — EDI, API, portals, etc. — getting data from platform to carrier was rarely a simple task.

But once connected, it’s smooth sailing, right? Not quite. As benefits platforms’ operational teams know all too well, sending data is only part of the equation. The carrier must accept and confirm the change, and that’s where things start to get really complicated. Usually, the biggest challenge is handling and rectifying enrollment data errors—every carrier sends discrepancies in a different format, and their error reports are rarely human-readable.

At Ideon, we’re powering a new era of connection between carriers and tech platforms. One that’s better, faster, and more secure than the industry status quo. In this blog, we explain Ideon’s error-handling features, from standardizing carrier error messages to resolving errors via API, and how they create a far more efficient and accurate enrollment experience.

What are enrollment discrepancies?

It’s hard to find someone with experience in benefits who doesn’t think that data errors and discrepancies are a problem. Some examples include account set up issues, incorrect employee demographic information (social security number, birth date, etc.), coverage date errors, and more.

Today, most carriers report errors in non-standard formats, often via email and spreadsheets. These reports are usually delivered on a weekly basis, and the information they contain is rarely easy to understand. The result is a slow, manual, and resource-intensive error-handling process that poses a challenge to benefits platforms and their operations teams.

What’s the impact?

We analyzed the data from hundreds of groups and thousands of members and found that about 8% of employee enrollments have a critical coverage issue, i.e. incorrect coverage dates, plan information, or birth date, or they’re missing entirely from either the carrier or platform system. Importantly, more than 80% of groups with 20+ members have critical errors.

And these errors have significant ramifications for the entire benefits ecosystem – from carriers and benefits platforms, to brokers, employers, and employees. The downstream impact ranges from lost revenue and broker commissions, to operational inefficiencies and employee experience issues.

Carriers are missing out on millions in potential premium. In one recent migration of about 200,000 employees onto the Ideon platform, our technology identified errors resulting in nearly $1 million in lost premium for the carrier.

For the employers in that migration, we saved more than 30K employees from potential coverage issues — all from one migration of approximately 200K lives. Ultimately, inaccurate data can cause serious problems for employees. Everyone in our industry can relate to the countless access-to-care issues that occur during open enrollment because of erroneous data. Or, imagine a life insurance claim for an employee who wasn’t enrolled accurately — there would be an emotional and financial impact on a grieving family, while the employer and platform would likely suffer reputational harm.

For a detailed look at how inaccurate data impacts every benefits industry stakeholder, read this recent blog by Ideon CEO Michael Levin.

Enrollment discrepancies via Ideon

The processes outlined above remain the industry status quo: manual error handling through spreadsheets and emails, inconsistent carrier formats, and a barrage of harmful errors that affect all stakeholders.

At Ideon, we’ve developed a revolutionary alternative for benefits platforms where enrollment discrepancies are centralized, standardized, and actionable. Here are three ways our solution differs from the typical process:

  • Many-to-one – Ideon translates all of the enrollment “errors” generated by carriers into a uniform and ingestible format.
  • Standardized messaging – Each enrollment discrepancy has a “message,” which is a standardized version of the carrier error translated into a human-readable format.
  • Centralized communication – Benefits platforms view and resolve all enrollment discrepancies, from multiple carriers, directly through Ideon’s API endpoint, allowing for a streamlined and centralized user experience and eliminating the need for other communication (e.g. e-mails and slack messages).

Centralized error management via Ideon’s API

Ideon’s error reporting solution helps platforms prioritize and rectify discrepancies by providing insight into the severity of each discrepancy and who’s responsible for fixing it. Regardless of the carrier or the original data source, platforms get a consistent, simple API experience.

In this section, we examine Ideon’s key error management features and highlight how platforms interact with our API.

(Image: Example of an API response sent from Ideon to a benefits platform. The response details an unresolved enrollment discrepancy, the party responsible for rectifying the issue, and other pertinent information.)

Severity – For each enrollment discrepancy we expose a Severity (“Info”, “Warning”, or “Failure”) that highlights the impact of the issue. A “Failure” enrollment discrepancy indicates a blocker to a member’s enrollment, whereas “Info” and “Warning” enrollment discrepancies provide visibility into informational updates or future changes required, for example when a dependent is due to age out in a couple of months.

Assignment – Each enrollment discrepancy has a Responsible Party and can be assigned to “Ideon” or “Partner”. This provides visibility into enrollment discrepancies that are currently being managed by our Enrollment Operations team and allows users to easily identify enrollment discrepancies that they need to address.

Status – Enrollment discrepancies have a status of “Unresolved”, “Resolved”, or “Returned”. This allows our teams to stay in-sync on each individual enrollment discrepancy. When we initially surface an enrollment discrepancy, it is in an “Unresolved” status. The status is updated to “Returned” when any comments are added and “Resolved” when a resolution message is provided.

Resolution – Partners are able to add a resolution message to an enrollment discrepancy via a simple API endpoint. This updates the status of the enrollment discrepancy to “Resolved”. If the issue still remains when the carrier re-attempts to process the data then the enrollment discrepancy can be reverted back to an “Unresolved” status so the history is retained.

Comments – Partners are able to interact with our operations team entirely via the enrollment discrepancies API endpoint by threading comments directly on the original enrollment discrepancy. This allows for efficient interaction between our respective Operational teams without needing additional tools or e-mails.

API and webhook transmissionPartners can pull down enrollment discrepancies directly from our API via a GET endpoint. We also provide enrollment discrepancies via Webhooks or a standard periodic CSV report.

(Image: Example of an API response sent from Ideon to a benefits platform. The response details a RESOLVED enrollment discrepancy.)

In summary, managing and rectifying enrollment data errors and discrepancies is a critical aspect of the benefits workflow. At Ideon, we understand the pain points of the industry and have developed a solution that streamlines the process by: standardizing error messaging; delivering a centralized resolution experience for benefits platforms; and helping them prioritize and, ultimately, resolve each discrepancy. Platforms can easily manage enrollment discrepancies, from multiple carriers, directly through our API endpoint, allowing for a streamlined experience without back-and-forth email communication.

Coming soon — Part 2: Auto reconciliation overview

Standardizing errors is a big step forward, but did you know Ideon can proactively identify them whether or not the carrier actually reports them? In the next blog in this series, we’ll dive into Ideon’s auto reconciliation feature, an industry-first capability that automatically compares data in the carrier and platform systems, surfacing discrepancies in near real-time.

The details on Ideon’s HITRUST certification

By Tim Hochman, Ideon’s VP of InfoSec & IT

At Ideon, information security is at the core of everything we do. As the API platform connecting and exchanging data between insurance carriers, technology companies, and others in the benefits ecosystem, we understand the importance of ensuring the secure passage of sensitive information. It’s one reason our customers and partners continue to place their trust in us, and it’s why we’re excited to announce that Ideon’s Enrollment and Member Management API has achieved HITRUST certification, adding to the SOC 2 attestation we received in 2021.

But what does HITRUST certification really mean for Ideon and our customers? In this blog post, we’ll take a technical dive into Ideon’s HITRUST certification, explain some of the measures and controls we have in place to secure personally identifiable information (PII) and protected health information (PHI), and translate what it all means for our current and prospective customers.

For a detailed look at why Ideon took it’s data security to the next level, check out this blog post by CEO Michael Levin. For an in-depth, technical look at Ideon’s HITRUST certification, read on!

Why is HITRUST important?

Ideon’s 2 year (r2) HITRUST Certification represents the highest level commitment an organization can make to data security, the overall information security program, and associated risk management best practices. By making this investment, Ideon demonstrates not only our passion for our own security but also that of our clients and partners that use our service.

Becoming HITRUST certified was the next logical step in our security journey which began in 2021 when Ideon obtained our SOC 2 (Type 2) Attestation Report. While a SOC 2 report shows that we comply with the SOC Trust Service Criteria (Privacy, Security, Availability, Confidentiality, Processing Integrity), making the move to incorporate the HITRUST control set into every aspect of our business takes our Information Security practices to the highest level. In fact, Ideon’s enrollment and member management API is the industry’s only HITRUST-certified solution of its kind.

The basics of HITRUST

Established in 2007, HITRUST (Health Information Trust Alliance) is a privately held company that has created a cohesive standard to assist organizations with data governance, information security, risk management and compliance via their HITRUST Common Security Framework (CSF). This framework pulls together controls and best practices from many different security standards including NIST, ISO and the HITECH act of 2009.

The HITRUST CSF is widely recognized as the best in class certification across many industries due to the comprehensive nature of the control requirements, the detailed assurance process, and the multiple levels of oversights required to obtain certification. While initially developed to serve the healthcare industry, the HITRUST CSF has been adopted across many different verticals and is seen globally as the best source of guidance on reaching information security and cybersecurity maturity based on the size and complexity of the implementing organization. 

The HITRUST CSF establishes certifiable assurance of an information security program’s operating effectiveness via controls pulled from 19 domains. The domains are as follows:

  • Information Protection Program
  • Endpoint Protection
  • Portable Media Security
  • Mobile Device Security
  • Wireless Security
  • Configuration Management
  • Vulnerability Management
  • Network Protection
  • Transmission Protection
  • Password Management
  • Access Control
  • Audit Logging & Monitoring
  • Education, Training and Awareness
  • Third Party Assurance
  • Incident Management
  • Business Continuity & Disaster Recovery
  • Risk Management
  • Physical & Environmental Security
  • Data Protection & Privacy

The number of controls an organization must use within each domain are determined by a scoping process that reviews factors such as the number of held records, utilization of cloud services, accessibility from the public internet, the amount of transactions recorded per day, and the number of users who have access to the system. 

Ideon’s focus areas

HITRUST’s detailed approach to security leaves no room for gaps in the areas that leave other organizations most vulnerable. Here’s a few key areas of impact:

Software Development Life Cycle
Controls include review of the commit and deployment process, review of version control, and explicit managerial approval of new releases.

Data Security
All aspects of data management are reviewed: encryption status (both at rest and in transit), validation of compliance within both storage locations, and third party services and redundancy within those systems.

Security Standards
Highlights include: Comprehensive access control, monitoring and logging, cryptography of remote access and physical security standards for data centers, the workplace, and remote workers.

Business Continuity
A fundamental part of any risk management practice which includes: Backup and disaster recovery, regular reviews of risk for the organization along with establishment of new practices when new risks are identified, and formal procedures to insure key business processes are maintained during any disruptive event. 

 

In short, we’re extremely proud that our Enrollment and Member Management API has achieved HITRUST certification, building upon our previous SOC 2 attestation. This means we’ve got some serious security measures in place to protect our customers’ sensitive data, including personally identifiable information (PII) and protected health information (PHI). Keeping data safe is a high priority for us and this certification is proof we’re doing exactly that.

As Ideon’s CEO says in this blog post, “data protection is a journey more than a destination.” HITRUST is a monumental step for Ideon, but it’s not the endgame. As threats evolve, we’ll be right there with them, updating our policies and implementing new technologies to keep your information safe.

For more information about Ideon’s data security protocols, visit our website or reach out to learn more.

HITRUST, the standard-setters in data security, now vouches for Ideon

By Michael W.  Levin, co-founder and CEO of Ideon

At Ideon, our work is predicated on a straightforward belief: Choosing, buying, and managing health insurance and employee benefits should be no more complex than any other digital experience. And in creating the infrastructure that powers digital connectivity between carriers and technology platforms, we’ve been humbled to materially help improve the benefits experiences for countless Americans.

But even as we engineer and maintain the industry-best infrastructure that allows for free-flowing data, we are continuously ensuring that those “pipes” are not only unobstructed, but also airtight. To put it another way: We are obsessed with data security. Our APIs are the conduits for streams of personally identifiable information (PII) and protected health information (PHI)—and ensuring the safe passage of every last datum is a staggering responsibility we don’t take lightly. 

Nor have we ever. From its beginnings, Ideon prioritized transparency and security, working diligently to protect the sensitive member information that carriers, InsurTechs, BenAdmin platforms, and others send through Ideon’s platform.

Because cybersecurity threats are always mutating, data protection is a journey more than a destination. Last year, I reported that Ideon had met an important milestone of that journey when our data security protocols were validated by System and Organization Controls 2 Type II (SOC 2), an examination performed by a public accounting firm with expertise in information security audits. 

This year, I’m deeply proud to announce that Ideon’s Enrollment & Member Management API has earned certified status for information security from HITRUST. As detailed in a recent press release, this credential affirms that Ideon has addressed security risks through an exhaustive set of highly prescriptive controls. 

This step was necessary because unlike most other regulatory standards, HIPAA legislation provides no prescriptive white paper or rules for adherence. HITRUST was created by industry players looking to define standards around health information security. Its unparalleled rigor and scope makes HITRUST the gold standard for PHI treatment and storage.

Achieving the HITRUST certification was an arduous process. After conducting a gap analysis against nearly 300 controls, we began implementing the changes necessary for HITRUST compliance. It’s hard to overstate how monumental that effort was: We took measures to ensure that every Ideon action is logged and reproducible on demand. We instituted company-wide protocols governing mobile device use. We refined role-based accesses, installed cameras, updated policies and procedures, retrained staff, and prepared mounds of evidence.

And that description only scratches the surface. (For a technical dive into Ideon’s HITRUST certification, read this blog)

The process touched everyone at Ideon, consuming significant amounts of most employees’ time last year. An IT team was substantially dedicated to this effort for the past year, led by the remarkably talented Tim Hochman, our VP of information security and IT. Tim had previously taken another healthcare organization through the HITRUST initiation process, and he’s intimately familiar with its proceedings. (And, happily for us, he’s exceptionally organized—a must for a project so labyrinthine and minutely detailed!)

All told, it was a costly undertaking for the company, and at times even a challenging and uncomfortable one.

And yet: Aligning Ideon’s operations with HITRUST’s standards was as worthwhile as it was ambitious. In earning this designation, we signal to the industry that we understand the importance of handling sensitive information with the utmost gravity. We expect that this will usher in important new customers and partnerships.

But aside from the benefits that will no doubt accrue to Ideon, we’re excited about our HITRUST certification because it represents movement in a crucial direction for our industry. As migration toward APIs and data sharing intensifies, the need for increasingly tough security heightens across the space. 

Ideon has long been a pacesetter for innovation, vision, execution—and security. We’re eager to support the industry as it seeks to match progress with protection. If you have questions or want more information about Ideon’s security policies, please reach out to my team.