Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

EHR Vendor as ACO

Posted on December 18, 2012 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

When I was doing my interview with Dr. Jonathan Bertman and John Mooney about the Pri-Med acquisition of Amazing Charts, Jonathan Bertman made a really interesting comment that stuck with me. I asked him how he thought that Amazing Charts would do in this world of hospitals acquiring medical practices. He said that they were evaluated the environment, but then he suggested something that I’d never heard suggested before.

He said that he was considering the idea of whether Amazing Charts could act as an ACO for its members. You could tell that this was an idea that hadn’t been fleshed out completely. Although, I found it a concept that was really interesting to consider. Could an EHR vendor act as an ACO for the doctors that use their EHR?

The key question to me is really whether an EHR vendor has enough adoption of their EHR in a given area to be able to create an ACO. I imagine an EHR vendor like MEDENT that has only focused on selling their EHR in about 5 states could have enough geographically focused EHR adoption to be able to support the ACO model.

I’ve heard a number of small practice doctors call their colleagues to action when it comes to ACOs. Their call usually includes a reminder to the days of HMO’s when they claimed that doctors weren’t part of the conversation and that they can’t let the same thing happen with ACOs. Could an EHR vendor help to bring all these small practices to the ACO bargaining table? Seems like an interesting idea worth exploring to me.

Disaster Planning and HIPAA

Posted on November 20, 2012 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

When talk turns to HIPAA, most of us are focused on privacy compliance.  After all, privacy is a complex, expensive nightmare, and few hospitals or medical practices feel up to the task, so talking through those issues makes sense.

But as blogger Art Gross points out, the HIPAA Security General Rules require more than protecting a patient’s privacy. They also require that ePHI remains available even in the face of disaster. From the rules (courtesy of Gross, emphasis his):

§ 164.306 Security standards: General rules.
(a) General requirements. Covered entities must do the following:
(1) Ensure the confidentiality, integrity, and availability of all electronic protected health information the covered entity creates, receives, maintains, or transmits.

Apparently, far too few healthcare providers are paying enough attention to this part of the rules. Gross, who is a HIPAA security consultant, says that when he audits organizations, few have disaster recovery or emergency operations procedures in place.

Now, big enterprise IT departments aren’t going to leave disaster recovery out of their planning; it’s simplly part of the drill for any large installation. But the smaller the provider group gets — particularly when you zoom down to one to three-doctor practices — the story changes.

As people who read blogs like this one know, smaller practices aren’t likely to have so much as a single IT staffer on board. Keeping their EMR up and running is enough of a burden. I’m not at all surprised to hear that they aren’t prepared for disasters like Hurricane Sandy, which brought down even large medical centers.

But with HIPAA demanding immediate access to ePHI, doctors won’t have a choice much longer. And hospitals will want to make sure independent doctors aren’t the weak link in the availability chain.

Yes, it’s asking a lot of small practices to make intellligent disaster recovery plans for their EMR, and even more of their hospital partners if they want to keep access to disparate EMRs out there.  But there’s just no getting around the problem.