State Medicaid Professionals: Need to Modernize Medicaid IT Systems? Here's How to Create an MMIS RFP for 2020.

Questions, Requirements, and Technological Considerations for State Medicaid Professionals Designing an MMIS RFP in 2020

Medicaid Modernization aims to reduce costs and provide better service delivery to recipients and providers. The evolution from legacy systems to an outcomes-based approach can seem like a daunting task, but we are here to help. We have put together the requirements, key questions, and technology considerations that state medicaid professionals creating an MMIS RFP need to know in 2020. As with any undertaking, the best way to find the answers is to start with asking the right questions.

Here is a sampling of the types of questions:

  • How do I migrate the identity data in my legacy applications to my new systems?

  • Is there a way to use API’s to migrate identity data to new enterprise systems?

  • How do Rest API’s work to extract legacy identity data?

  • How do you federate identities?

  • Can federated identities be stored in Active Directory?

  • Can events and devices be federated with identities?

  • How do you grant consent with identity management?

Prefer to speak to someone directly? Contact us here.

Five Technology Considerations for State Medicaid Professionals 

 As state medicaid technology professionals look to evolve their systems, we have identified five technology considerations for 2020:

  • Transforming Legacy Systems

  • Technology Innovation in Healthcare

  • Privacy, Data Management and Data Sharing

  • Interoperability in Healthcare Networks and Systems

  • Utilizing Microservices in a MMIS setting

 This will help state medicaid technology professionals understand what is necessary to design and manage their security, including identity and access management systems, with the goal of reducing cost and improving outcomes while also enabling a modern, scalable solution. Legacy systems contain a myriad of identity data in the form of commercially available products from multiple companies, along with numerous ‘home grown’ solutions that do not lend themselves to a modern deployment. To try to replace this data is impractical. However, there are approaches to surfacing this data for use in a modernized setting: You can either design it in by coding access and scripting the use-case, or you can consider the use of API’s.

This list provides five identity and technology considerations for a present-day Medicaid setting:


 1. Transforming Legacy Systems

Simplify the use of embedded identity information in legacy systems with 21st century approaches. Avoid the need for scripts and coding to surface embedded identities when APIs can do the job. The average Enterprise setting manages in excess of 300 APIs. Increasingly, enterprises connect 3rd parties using APIs with direct access to data and application functionality, which requires:

  • Authentication - a means by which to authenticate a user to a high degree of trust

  • Authorization - a means to enforce user consent.

  • Consent - a means by which a user grants a third-party permission to access
    their account

  • API Security - a means to protect APIs and verify consent

Key questions:

  • How do I migrate the identity data in my legacy applications to my new systems?

  • Is there a way to use APIs to migrate identity data to new enterprise systems?

  • How do Rest API’s work to extract legacy identity data?


2. Technology Innovation in Healthcare

Securely connect people, devices, and events. The ForgeRock Identity Platform was developed to integrate with any of your digital services. More than legacy customer identity management, we designed the platform for the needs of healthcare. With ForgeRock, you get the feeling it was all built to work together, because it was.

Key questions:

  • How can multiple identities in multiple systems become federated?

  • Does identity management allow for contextual awareness and if so, can that contextual awareness be leveraged in mobile devices to provide both a better customer experience and/or deliver a new service?

  • How does modern identity management create a frictionless environment for recipients?

  • How does a single view of recipient apply to identity management?

  • Are your products both cloud and multi-cloud ready, as well as capable of working in a hybrid cloud environment?


3. Privacy, Data Management, and Data Sharing  

How prepared for the future of privacy is your product (GDPR, PII, HIPAA)? Managing consent between guardians, recipients, providers, and agency personnel is all part of ensuring privacy in Healthcare. This requires organizations to comply with regulations and simplify complex data-sharing and consent decisions, as well as secure patient-controlled data-sharing across cloud, mobile, and IoT sources.

  • Give patients control over their digital health data with user-managed access

  • Use identity and new privacy tools to move towards adherence with the EU GDPR (compliance required since May 2018)

  • Let patients authorize data-sharing with the appropriate doctors and care providers for greater collaboration between healthcare stakeholders

  • Provide the ability to determine who gets access to data, for how long, and under what condition

Key questions:

  • How can identity infrastructure tools such as User Managed Access, Workflows, and a Privacy Dashboard assist the progress of identity goals?

  • What is modernized identity management and how can it automate processes for recipient and provider enrollment (self-service)?

  • How is consent managed in a modern medicaid setting?


4. Interoperability in Healthcare Networks and Systems

Current applications are inflexible and don’t allow for innovation in service delivery.  Your legacy application infrastructure does not support your future vision or needs. Personalization and single view of the recipient and provider are impossible to implement in current architecture. IT agility is poor, hampering the ability to react quickly to new trends. Your enterprise needs to be nimble and future-proof to skillfully respond to evolving trends such as Cloud (multi, hybrid, public, private), IoT, and beyond. This will make it easier to connect anyone to anything, no matter the device, service, or thing, as well as tighten security with an increased number of authentication signals.

Key questions:

  • How can a modular approach to software applications scale to your needs and timeframe?  

  • How can technology connect hospitals, government agencies, and community-based organizations, thereby providing a more complete picture of a patient’s care?


5. Utilizing Microservices in an MMIS setting

Are you confident that your current identity technology strategy mitigates the operational challenges and security risks that a microservices architecture introduces? Identity microservices are designed to provide a simple and easy way to increase application security by integrating identity into service to service interactions. Microservices will transform your organization to new levels of agility and capability, all while providing cost savings. ForgeRock's proven pattern of supporting the new challenges of microservices architectures will both accelerate and risk-mitigate your investments in this critical paradigm shift.

Key questions:

  • What are the benefits of microservices architecture for identity in general as well as the particular benefits in an MMIS setting?

  • What are the challenges to using a microservices architecture in general, as well as the particular challenges in an MMIS setting?

  • Will identity products work in an agile software development setting?


Why Choose ForgeRock for Your Medicaid Modernization Needs?

Access decisions from and by internal and external sources are always best made using an enterprise-wide identity platform. ForgeRock’s modern, modular approach is ideally suited for modernization and legacy transformations and provides the scalability needed in an MMIS environment.  With the ForgeRock platform, dev ops teams and state medicaid professionals can build and deliver user experiences securely, quickly, and at scale.

If you have questions about modernizing your medicaid IT systems, creating the MMIS RFP itself, or anything else, please click on my photo there at the right and we can set up a time to talk. I'm looking forward to it! 


Book a meeting with ForgeRock



Prefer To Speak To Someone Directly?

Contact us now with any questions or to schedule a meeting.

Philips Case Study

Improving People’s Lives Through Meaningful Innovation.

Free Trial

Identity Management in Government

Connected Services, Connected Citizens