Harvard Pilgrim is a not-for-profit health plan that provides a variety of health benefit options and funding arrangements to more than 1 million members in Massachusetts, New Hampshire, Maine, and beyond. For nine consecutive years, Harvard Pilgrim was named the number-one private health plan in America, according to a joint ranking by the National Committee for Quality Assurance (NCQA).
As an insurer, Harvard Pilgrim operates in a highly regulated environment, where it must comply with numerous operational and financial requirements, such as the National Association of Insurance Commissioners (NAIC) Model Audit Rule (MAR). The company also must adhere to other, more general, accounting standards, such as Standards for Attestation Engagements No. 16 (SSAE 16).
For governance, risk, and compliance (GRC) management, the health plan largely relied on a series of manually produced spreadsheets routed for updates via e-mail. Managing and consolidating the spreadsheet and producing required periodic reports required a full-time staff member and left room for error.
Harvard Pilgrim wanted to ensure its ability to continue to comply with current and future GRC requirements, while reducing the cost and time needed to manage these processes and produce required documentation. Building on a large Oracle footprint, the company worked with Oracle Partner PricewaterhouseCoopers (PwC) to deploy Oracle Governance, Risk, and Compliance Manager 8.6.3. It automated periodic controls testing and GRC activities and improved its ability to document and manage change management and compliance issues. The company also gained enterprisewide, real time visibility into risks and controls to enable continuous monitoring. Further, Harvard Pilgrim reduced the time required to manage GRC processes around MAR and SSAE16 by utilizing workflow features within the application. It also gained the flexibility and capability to respond to changing requirements.
“When we made the decision to deploy Oracle Governance, Risk, and Compliance Manager, we did not really consider other solutions. We have a large Oracle footprint, so the ability to integrate the solution to our broader Oracle environment was compelling―in addition to the inherent value of being able to house, manage, and report on MAR and SSAE16 from a single repository,” said Chuck Scheller, director of business systems support, Harvard Pilgrim Health Care.
Harvard Pilgrim used its existing compliance framework and PwC’s leading practice for managing risk and regulatory compliance to create an effective system for MAR and SSAE16 compliance activities. PwC managed the configuration and deployment process, including helping Harvard Pilgrim with process redesign to enable optimizing the solution’s benefits. After the initial deployment, which took approximately a year, in part, because the product was still in development, Harvard Pilgrim is now upgrading to 8.6.4 to remain current and take advantage of new functionality.
Harvard Pilgrim Health Care partnered with PwC to implement Oracle Governance, Risk, and Compliance Manager. It managed the solution’s configuration and deployment, and acted as a liaison between Harvard Pilgrim and Oracle during the process, which was very important as the health plan was an early adopter. PwC effectively and efficiently worked with Oracle to resolve issues when they arose.
“PwC and its support were essential to enabling us to optimize the value of Oracle Governance, Risk, and Compliance Manager. The firm’s experience with Oracle environments and its strong relationship with the company helped to ensure a very successful implementation,” Scheller said.