Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

You might be an #HITNerd If…

You might be an #HITNerd If…

HIPPA and HIMMS make your skin crawl.

Find all our #HITNerd references on: EMR and EHR & EMR and HIPAA and check out the new #HITNerd t-shirts, hat, and phone cases.

NEW: Check out the #HITNerd store to purchase an #HITNerd t-shirt of cell phone case.

Note: Much like Jeff Foxworthy is a redneck. I’m well aware that I’m an #HITNerd.

March 23, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Secure Text and Email, Smartphone Physicals, and EMR Documentation – Around Healthcare Scene

There are so many types of mHealth apps and devices out there, it was inevitable that someone would try to have them work together. At TEDMED 2013, Shiv Gaglani and a team of physicians-to-be will be presenting the “smartphone physical.” Are these types of visits closer to becoming a reality than we may have realized?

One of the amazing technologies that have been developed is a smartphone that measures vitals – maybe this will be used in smartphone physicals someday! The Fujitsu Smartphone analyzes subtle changes in blood flow and determines vital signs, all by the user taking their photo with the phone’s camera. It goes to show that you don’t necessarily need fancy equipment to have incredible mHealth technology.

While some are concerned about the safety of email and texting for healthcare communication, it’s becoming a way of the future. Companies such as Physia and docBEAT are working specifically to make email and texts more secure. So which one is better? Both have their pros and cons – texting is quick and to the point, while email can take more time. Which would you rather receive?

Most doctors will agree, the current documentation options that EMRs offer are frustrating. There’s just too much clicking. However, the tide is shifting and it is very possible full keyboards will be needed. And the need for point of care EMR documentation will be more necessary than ever before.

With the current budget proposal by President Obama, EMR vendors might be impacted significantly. The ONC is suggesting that health IT vendors pay up to $1 million in fees. With the upcoming expiration of the ONC’s $2 billion appropriation from ARRA, the agency is needing some new funds. It also would help maintain ONC’s Certified Health IT Product List. Of course, vendors will not be happy to hear this news.

April 14, 2013 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

Sending PHI Over SMS

I recently was talking with a doctor who told me about a healthcare communications company called YouCall MD. The doctor liked many of the features that YouCall MD provided. He loved that they would answer your Live Calls, transcribe a message to you and send you that message by SMS. Well, he loved all of it except the part that YouCallMD was using insecure SMS messages to send protected health information (PHI).

I wrote about this before in my post called “Texting is Not HIPAA Secure.” I know that many doctors sit on all sides of this. I heard one doctor tell me, “They’re not going to throw us all in jail.” Other doctors won’t use SMS at all because of the HIPAA violations.

While a doctor probably won’t get thrown in jail for sending PHI over SMS, they could get large fines. I think this is an even greater risk when sending PHI over SMS becomes institutionalized through a service like YouCallMD. This isn’t a risk I’d want to take if I were a doctor.

Plus, the thing that baffles me is that there are a lot of secure text message services out there. Using these services would accomplish the same thing for the doctor and YouCall MD and they wouldn’t put a doctor or institution at risk for violating HIPAA. Soon the day will come when doctors can send SMS like messages on their phones in a secure way and they won’t have to worry about it. I just think it’s a big mistake for them to be using their phone’s default SMS.

February 26, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

BYOD, Skype, and Apps for Medical Emergencies: Around Healthcare Scene

EMR and HIPAA

BYOD and HIPAA Compliance: Can You Have Both

With the increased use of smart phone and tablets by doctors, BYOD (bring your own device) is on the rise. With it comes the risk of almost inevitable risk of HIPAA violations. There needs to be some serious talk of protocols for BYOD, as the trend is here to stay. Can BYOD and HIPAA Compliance coexist? Weigh-in here.

Skype HIPAA Risks Not Given Enough Attention

Skype use among medical professionals isn’t high, but enough do that proper attention should be paid toward making sure these phone calls are HIPAA-compliant. There are quite a few risks associated with Skype-calling, and this post discusses why providers should be concerned, and poses some ideas on how to lessen these risks.

Key Radiology Takeaways from RSNA

CIO Janakan Rajgendran from GNAX Health guest posted at EMR and HIPAA this week. He discussed some of the highlights from RSNA 2012. The theme of the conference was ‘Patients First,’ which was reflected in a lot of the addresses from the conference. This post focuses on several different highlights, such as dosage tracking, image parts of HIE, and RSNA conversation changes.

Hospital EMR and EHR

Expanding HIEs Taking Role As Backbone For Reform Efforts 

HIEs have grown significantly in the past year and continue to do so. Because of this, it appears that they are becoming the “backbone” for reform efforts. HIEs are also playing a big role in health reform-related efforts such as with ACO and Patient-Centered Medical Homes.

Smart Phone Healthcare

Five Essential Apps for Medical Emergencies

There are lots of apps that have been created to help people be prepared in case of an emergency. Here are five that seem to stand out, from first aid tips to emergency information cards. Check out this list and see if you can benefit from any of them.

December 9, 2012 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

Highlights From Dr. David J. Brailer at 2012 NYeC Digital Health Conference

While not everyone can make it to the NYeC 2012 Digital Health Conference, John is making sure everyone can enjoy parts of the conference from home. Dr. David J. Brailer, former National Coordinator for Health Information Technology and current Chairman of Health Evolution Partners, is a keynote speaker at this week’s conference, and spoke today on HIT.

Throughout the presentation, John live tweeted some highlights, as well as his own thoughts. Here are some of his tweets — if you want to see more, be sure to follow @EHRandHIT on Twitter.

If you present at the conference, what were some favorite insights from Dr. Brailer?

October 15, 2012 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

Texas Law Amps Up HIPAA Penalties

Providers in every state must meet HIPAA standards, but alas, that may not be all in some states, which are permitted to institute stiffer requirements than the feds.  Such is the case in Texas, where a new state privacy law has gone into effect which asks a lot more of physicians and some other providers.

Texas has toughened up requirements in several areas, including the following:

* Covered entities:  HIPAA offers a fairly specific definition of covered entities, but the Texas law takes things much further, extending the rule to cover a wide range of people who handle PHI. This may include business associates, healthcare payers, government units, schools, facilities, providers, researchers and physicians, reports John Wisniewski, CEO of the Bexar County Medical Society.

* EMR data requests:  Requests for electronic medical records by Texans must be fulfilled within 15 days of a written query. This new rule, which brings EMR requests  up to the existing level for paper records, is tougher than HIPAA’s 30 day requirement.

* Stricter training:  The new law imposes tougher training requirements regarding privacy issues — including customized training regarding maintenance and protection of electronic PHI — and penalties for violations are ramped up under the new law. Covered entities must set deadlines for the completion of such training, and maintain records of completing such training, which is required every two years.

* Any PHI breach must be reported:  Any entity which experiences a breach in PHI must report it to individuals, including any business handling such information, not just covered entities as defined by the new statute.

I understand that providers must find it frustrating to have addition requirements slapped on them.  However, none of these strike me as insane, though the broadening of covered entities to include such a large group could lead to trouble, perhaps. What do you think?

September 10, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @annezieger on Twitter.

New App Allows For HIPAA-Compliant Group Texting by Clinicians

John wrote previously on EMR and HIPAA about the need for HIPAA Secure Texting and a company he’s advising that does secure text messaging called docBeat.

Well, another new app called Medigram is being tested which will allow clinicians to send HIPAA-compliant text messages within a defined group. The app is currently in closed beta with docs at Stanford Hospital, Lucille Packard Children’s Hospital and the Palo Alto VA Hospital, according to iMedicalApps.com.

According to the company, Medigram meets not only HIPAA requirements but also privacy/security provisions in Subtitle D of HITECH.  It does so, in part, by using SSL connections between mobile apps and its servers, as well as NIST-approved 256-bit AES encryption to secure chat data.

Secure texting certainly seems like a good idea, given how mobile-friendly this generation of clinicians has turned out to be.  And it’s hard to argue Medigram’s core pitch, which is that texting is far more interactive than a pager. Given that a surprisingly large number of doctors still use pagers, improving on the model seems like a good thing.

My theory is that the app, if otherwise usable and bug-free, will be a big hit during its beta. If so, I expect to see HIPAA-compliant instant messaging turn up next. Smaller, presumably agile companies specializing in B2B messaging — such as HipChat, Trumpia and 24im — are logical candidates to develop such a utility. (This article outlines several other enterprise IM firms, just in case you want to dig deeper.)

Of course, there’s also Google and Microsoft, both of which have large IM bases. Perhaps creating a secure version of an existing product (such as Messenger) will be less of a marketing challenge than say, HealthVault.

Regardless, I’ll be quite interested to find out how the beta turns out — I’ll keep you posted. Meanwhile, here’s a video in which Medigram describes its product.

June 11, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @annezieger on Twitter.

ONC Wants Medical Practices To Have A Privacy and Security Officer

The Office of the National Coordinator for Health Information Technology (ONC)  has thrown down the gauntlet on HIPAA, challenging medical practices to select a privacy and security officer.  The ONC recommendation comes as part of a report outlining a 10-step plan to protect patient data.

While the advice it offers might be helpful to a range of providers, the report is largely focused on medical practices which are adopting EHRs and don’t have trained IT staffers to manage privacy protection and security, said Daniel Berger, president and CEO of Redspin Inc. in an interview with InformationWeek.  As practices shift from paper notes to digital records, there’s countless opportunities to slip up and have a data breach.

The problem may get worse as practices move up to Meaningful Use Stage 2, as this level of compliance will force practices to exchange data between providers.  Securing their own health data is hard enough; HIEs poses greater risks yet.

To make sure their data stays secure, a privacy officer is important but not sufficient. Other suggestions include:

*  Do a privacy/security risk analysis, and create an action plan to address problems found during the analysis

*  Develop written policies and procedures for protecting electronic protected health information

*  Educate and train employees thoroughly

*  Make sure business associate agreements  meet HIPAA standards and HITECH breach notification requirements

Though the ONC is trying to be helpful, I suspect that few medical practices are ready to follow these suggestions.  While practices certainly understand that HIPAA is a serious proposition, I’ll submit that few are ready to do a risk analysis. (After all, many medical practices haven’t had their EMR that long and are pretty overwhelmed just making it work for them.)

On the other hand, if practices name a privacy and security officer, train them and get them going now on risk analysis, it could result in a process of learning where knowledge diffuses out into the practice. Yup, I think that step will go along way on its own.

May 21, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @annezieger on Twitter.

HIPAA Laws, Success of Healtchare IT, the Gap Between Large and Small Hospitals, and More — This Week in HealthCare Scene

Here is the weekly roundup of hot stories around the Healthcare Scene Blog Network:
EMR and HIPAA
HIPAA Applies To Those Who Don’t Know About It
Anyone who knows the rules of HIPAA should be held accountable for breaking them, right? According to a new appellate decision in California, even those who don’t know the rules could be punished. A recent ruling on a case did just that. Read about United States v Zhou and find out if you might be doing something illegal and not realizing it.

Meaningful Health IT News
Mark Versel, 19244-2012
With the recent death of his father, Meaningful Health IT News writer, Neil Versel, has dedicated himself to educating people about patient safety and multiple system atrophy (MSA), which ultimately claimed his father’s life. MSA is similar to Parkinson’s Disease, only more aggressive and fast-acting. During the last weeks of his life, Versel’s father, Mark, was treated at a local community hospital and Georgetown University Hospital. The differences in care between the two are startling, and the lack of appropriate care the community hospital hurt his father in his frail state. Read more about why Versel wants to educate the world about MSA and patient safety to make sure others don’t receive similar care to what his father did.

Smart Phone Health Care
Losing Weight on the Go: Keep Food Diary Easier than Ever
Recording meals and exercise have shown to increase weight loss. However, who wants to carry around a pen and paper everywhere? Luckily, there has been many apps created recently to make tracking food easier than ever. Check out the benefits of doing so and which apps top the chart.

EHR and EMR Videos
PrimeSUITE by Greenway Medical: Usability through Innovation
“When we consider usability we really take it down to a very simple philosophy, and that is, having the information always available to the users at their fingertips. . . The fewest number of clicks to get to information.” PrimeSUITE takes pride in the usability of their systems and discuss how innovation leads to more usability.

Hospital EMR and EHR
EMR Gap Grows Between Large, Small Hospitals
While Meaningful Use incentives have boosted the adoption of EMR, the gap between large and small hospitals continues to grow. Smaller hospitals may get further behind in the Meaningful Use stages because of the lack of resources for a high-volume of patient information. Discover the reasons behind the gap, and the suggestions being made to help smaller hospitals reach the requirements of Meaningful Use.

May 20, 2012 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

AHIMA Wrap-Up: Domestic vs. International Transcription Still an Issue

All of the product literature I collected at the recent AHIMA show in Salt Lake City finally arrived in the mail the other day. As I sat sifting through all the pamphlets, brochures, case studies and white papers trying to remember why I had picked them up in the first place, one tag line in particular caught my eye: “Has your transcription seen more continents than you?”

Yes, there were plenty of technologies and services on hand relating to electronic medical records (EMRs) and electronic health records (EHR), depending on which term is your flavor of the week. But what really got my attention was the number of booths I went to that boasted transcription and coding services based right here in the good ole’ US of A, and their competitors that still internationally outsource these types of services.

Most booth reps I spoke with proudly told me that their services were located in the US. On the flip side, one company boasted that all of its services have been totally off-shored in order to meet customer demand for more competitive pricing. So what’s a provider to do?

I am, admittedly, new to the world of coding, and as this was my first AHIMA show, I was unaware of the schism that has developed in the world of domestic and international coding services. But, as a consumer that has been assisted – both competently and disastrously – by call center reps that I’m 99-percent sure were not located in the United States (despite their insistence on being located somewhere “in the Midwest”), I am aware of the consumer backlash that can result from a business’s decision to outsource its customer services.

I can only imagine, however, the pressures providers must feel when they are making decisions along these lines. Do they adhere to what their bottom line indicates is the best choice, which I assume means going international? Or do they stick with US-based companies to ensure that native English-speakers are picking up all the right nuances in documentation?

The brochure featuring the eye-catching tag line above continued its strong messaging with: “You’ve probably heard horror stories about what can happen when transcription services send work overseas. With language barriers, training deficiencies and rapidly changing regulations, mistakes – serious mistakes – are inevitable.”

Really? Inevitable is a pretty strong word. Is it a legitimate one to use in this circumstance?

A white paper from webmedx (now a part of Nuance), “Finance Leaders Rethink Transcription: Six Critical Criteria in a Changing Landscape,” provides a bit more insight into the issue: “Perhaps it was the black market sale of patient information in India …. Perhaps it was the worldwide economic meltdown and loss of U.S. jobs in 2009. Or maybe it is the pressure of tighter HIPAA regulations under ARRA’s HITECH Act. Whatever the cause, the effect is clear. Healthcare providers who sent medical transcription offshore in the past are bringing it back home.”

Are there any providers in the audience who’d care to speak to either side – why they chose to go domestic, or feel that the quality of transcription is just as good abroad? Has “cheap” become overrated?

Chime in with your comments below in answer to my question above.

October 19, 2011 I Written By

As Social Marketing Director at Billian, Jennifer Dennard is responsible for the continuing development and implementation of the company's social media strategies for Billian's HealthDATA and Porter Research. She is a regular contributor to a number of healthcare blogs and currently manages social marketing channels for the Health IT Leadership Summit and Technology Association of Georgia’s Health Society. You can find her on Twitter @JennDennard.