Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Some Inside Baseball for the EHR World

Posted on February 22, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I thought I’d take this moment to take a quick look at what many might consider inside baseball when it comes to the EHR world. Although, I’ve been intrigued by a couple announcements that were made recently.

The first announcement is Kareo buying the Epocrates EHR which came just in time for HIMSS. You might remember that I covered the Epocrates EHR on a number of occasions. I first saw the Epocrates EHR at HIMSS in 2010, and subsequently wrote about Epocrates “killing” their EHR immediately after launch. When that happened, I think we all wondered what would happen with the Epocrates EHR code base. You don’t just throw a meaningful use certified EHR to the curb do you?

We now know the answer to that question is no. Kareo saw fit to acquire the Epocrates EHR software and Dr. Tom Giannulli, formerly of Epocrates, is now the Kareo CMIO. I can imagine that Dr. Giannulli wanted to stay with his baby (the Epocrates EHR). I’m also quite intrigued that Kareo is offering the EHR for free (at least for now?). The funny thing is that I had written that the Epocrates EHR should be free. I guess I was sort of right, but I definitely didn’t think that the Epocrates EHR would become free since Kareo makes their money from the Practice Management and billing side of the house. We’ll see how that strategy works for Kareo. In some ways it’s taking a page out of the AthenaHealth playbook.

What might be simply an odd coincidence of timing (or not), Practice Fusion just sent out a letter (shown below) to its users from Practice Fusion Founder and CEO, Ryan Howard. In it he acknowledges Practice Fusion’s past challenges with billing, and he outlines their strategy on making the Practice Fusion billing situation better.

Does this relate to Kareo? Maybe, maybe not. What I do know is that many Practice Fusion users are on Kareo as well since it was Practice Fusion’s only major Practice Management software partner when Practice Fusion started. It seemed like a great match since Practice Fusion only had EHR, and Kareo only had Practice Management. Kareo now has an EHR, and Practice Fusion is working on billing and practice management. I guess we should have seen this coming.

Here’s the full email I got from Practice Fusion (Full Disclosure: They said Dr. Lynn, but I’m not a doctor.):

Hi Dr. Lynn,

The Practice Fusion team takes pride and appreciates your role in making us the fastest growing EHR community in the US.

We also recognize that billing has not been our strongest suit. Improved superbills and an updated payer list have been highly requested by our user community.

That’s why, by the end of March, we’re going to deliver you major new enhancements to your billing experience:

• A comprehensive, streamlined superbill, directly integrated with your workflow
• Flexible reports for billing users
• The ability to export billing data to most major billing systems
• New billing software and service partners with more economical pricing

This means you can stick with the exact billing workflow and system you use today in your practice. We’re building the ability to integrate directly by allowing you to export data to your billing system via HL7. If you prefer superbills, you’ll soon have a drastically improved superbill to work with. And if you’re looking for a new billing system altogether, we’ll also have new, low-cost partners coming soon.

We’re excited to be making your EHR faster, more flexible and easier-to-use. Lastly, our commitment to you has not changed since the day you signed on—Practice Fusion will deliver all this for free. Stay tuned for our billing revamp at the end of March!

Best,
Ryan Howard
Founder and CEO
Practice Fusion
ceo@practicefusion.com

Covering Your Practice When Using a Hosted EHR

Posted on June 12, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest post by William O’Toole discussing a really misunderstood topic about clinic responsibility in a hosted EHR environment and how to protect your clinic. This ties in really well to Katherine’s previous post about Business Associates HIPAA Preparation.

Too many times people in EMR acquisition mode have made the assumption that hosted solutions automatically insulate the customer provider from liability for data breach or unauthorized disclosure of patient information, which is unsettling because it is simply not true. Health care providers are always responsible to patients for these unfortunate situations and nothing in HIPAA or the HITECH Act shifts that responsibility to the vendor of the hosted software solution. While HITECH does extend compliance requirements and potential penalties to vendors that provide services to providers involving patient information, this does not mean that the provider is not responsible to the patient.

All that gloom aside, it is completely possible to protect the provider organization through indemnification language in the software agreement with the vendor. In situations where the fault (violation of HIPAA) lies with the vendor that is hosting the software, and controlling and possessing patient data, if no indemnification provision exists, then any award for damages in a patient lawsuit would have to be paid by the provider without any contribution from the vendor. Think of the indemnification in that manner. It basically means that if there is a violation, and it is caused in part by the vendor, then the vendor will contribute to the payment of damages to the extent it was at fault.

An indemnification from a vendor Business Associate to a provider Covered Entity for any data breach or unauthorized disclosure of patients’ Protected Health Information (capitalized terms as defined under HIPAA) is critical in light of ARRA/HITECH and its impact on HIPAA. Briefly, ONC will be investigating, auditing, and penalizing both Covered Entities and Business Associates through powerful enforcement of HIPAA as mandated by the HITECH Act.

Providers should review all IT vendor contracts and Business Associate Agreements with those vendors. Ideally, for every vendor relationship with your hospital or practice, those two contracts should have matching language stating that the vendor will indemnify your organization for data breaches or unauthorized disclosures caused by the vendor. There are cases where the main customer/vendor agreement does not contain such language but the Business Associate Agreement does, which is still good. If absent from both, your organization is seriously exposed and you must consider the potential consequences and amend the agreements to include this type of protection whenever possible.

INDEMNIFICATION means a party to an agreement takes on financial responsibility for its actions and is legally obligated to pay damages to the other party. As you read a proposed contract, substitute “pay money to” in place of “indemnify”. It means the party will pay the damages resulting from its actions that would otherwise be paid by the other party if no indemnification existed. Look carefully at what indemnification(s) your organization is asked to provide, and what the other side is offering for indemnification. This comparison must be carefully considered before signing anything.

LIMITATION OF LIABILITY means the vendor is stating (often in ALL CAPS) what it is NOT responsible for. Typical exclusions are “special, incidental and consequential” damages. What this means is that while the vendor might take on responsibility for direct damages for something like product failure, which is often limited to the value of the contract, it purposely disclaims any responsibility for damages over and above the cost of the product. If consequential damages are disclaimed and excluded, the provider could only hope to receive a refund, which would exclude any additional costs like outside consulting trying to make the original product work for your organization, or the additional cost for a more expensive replacement product.

Important note: If you are able to obtain indemnification from a vendor as described above, you must also make sure that any limitation on consequential damages specifically and expressly excludes the indemnification provision. This means that the indemnification will cover both direct damages and then anything over and above that amount, which would be the consequential damages portion.

In summary, as a general statement, a hosting solution by itself does not provide legal protection for data breaches or unauthorized disclosures of patient information. That protection must be negotiated in your contract with the vendor in the form of an indemnification and it is very important.

This posting provides general contract information and is not intended as specific legal advice.

William O’Toole founded the O’Toole Law Group following twenty years as counsel for Medical Information Technology, Inc. (Meditech). His practice is concentrated in health care IT contract review and negotiation. He can be contacted directly at wfo@otoolelawgroup.com.

Watch for EMR Company Consolidation but Not EMR Software Consolidation

Posted on December 21, 2010 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve regularly talked about my belief that there isn’t just one major EMR market. Instead, I firmly believe that there are a number of EMR markets that are divided by clinic size, medical specialty, and possibly even location. In fact, there’s likely even other factors. There are just far too many EHR companies for this to not be the case.

I think this was also well illustrated in this blog post on Kevin MD about the “Perfect EMR Traits.” Here’s the perfect EMR trait #1:

Perfect EMR Trait #1: The ideal medical record would be tailored to the specific needs of a clinician, only exposing them to portions of the record which are relevant to their work.

Knowledge within healthcare is rapidly changing. Possibly more so than another other industry. Techniques which were considered state-of-the-art, can change in a matter of weeks. The electronic medical record has the potential to be the tool which disseminates those changes down to the clinician, through point-of-care decision support. EMR software should facilitate the clinician decision making, rather than requiring clinicians to keep track of the latest and greatest. This individualistic attitude creates discrepancies in care, which inherently leads to imprecise care.

While it is certainly technically feasible for an EMR vendor to be able to create software that satisfies Perfect EMR Trait #1, it’s just not practically feasible for an EMR vendor to satisfy every clinic size, medical specialty, and in many cases locale. This means that we’re going to see a wide variety of EMR software that satisfies the various EMR market needs.

With this as a preface, consolidation of EMR companies is going to become a very very real thing. However, I’d caution EMR companies that choose to just directly sunset an EMR software acquisition. In some cases, this is a reasonable solution based upon the EMR company’s existing EMR software. Plus, in many cases EMR vendors will be acquiring the EMR market share for their existing EMR software. I’m sure we’ll see more of this.

My recommendation for EMR vendors acquiring EMR software, is to be more selective in the types of EMR software that you acquire. It’s definitely worth considering the idea of sustaining the EMR software development of multiple EMR products. Is it really that hard to see a large EMR company that has an ED EMR software, a General Medicine EMR software, an OB/GYN EMR software, a Pediatric EMR software, etc etc etc.

An EMR vendor making a decision to act in this manner will require them to change how they look at EMR acquisitions. The EMR acquisition targets will dramatically change. Instead of looking for failing EMR companies where they can cheaply buy more EMR market share, EMR companies with this approach should be focusing on a quality EMR software that hasn’t yet achieved the EMR market share that they deserve.

The cool part about the strategy of maintaining multiple EMR software instead of the strategy of sunsetting one or the other is that you purchase a bunch of happy EMR users instead of alienating a whole mass of EMR users that’s software is no longer supported. Of course, this will require proper communication of your goals and objectives so that current EMR users see the benefit of the acquisition and aren’t left wondering what the acquisition means to them. I’m not just talking about standard PR spin. I mean real tangible communication and interaction which demonstrates your plans for the acquired EMR going forward.

An EMR company with this method of EMR software acquisition, also needs a different set of skills. After sunsetting an acquired EMR, you need to have a strong set of integration and transition services to make the change to your EMR as smooth as possible. You also require a unique sales force that can sell the transition to your EMR over a transition to an altogether new EMR software. None of these services are needed if you continue to maintain the acquired EMR. Instead, your company must focus on other redundant services like marketing that could be leveraged across companies.

Of course, this isn’t an easy task to do well. Acquisitions rarely are an easy process. However, I think this is a lesson that was recently learned by Google as well. There’s value after an acquisition to keep autonomous business units. In fact, doing so opens up a whole new set of acquisition targets in a less competitive environment.

If I were a board member at an EMR company, this is the type of stuff I’d be considering. Certainly not every EMR vendor is 1. in a position to do these things and 2. has the culture to make it happen. However, I predict that the EMR company of the future will be a conglomerate of multiple specialty specific EMR software and not just a one size fits all atrocity.