Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Create Happier Healthcare Staff in 3 Easy Steps

Posted on September 14, 2017 I Written By

The following is a guest blog post by Chelsea Kimbrough from Stericycle Communication Solutions, as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter: @StericycleComms
Chelsea Kimbrough
Creating excellent patient experiences is the focus of nearly every healthcare organization. To do this, providers are increasingly turning to new patient engagement tools and technologies. It’s important to note, however, that patient experience woes cannot be mended with technology alone. The healthcare professionals facilitating communications and care will always play an integral role in patients’ overall satisfaction and loyalty.

Unfortunately, those providing in-person care are often distracted from important patient-facing responsibilities by front office tasks. Thankfully, many modern engagement tools are able to create more seamless operational workflows for healthcare professionals in tandem with enhanced patient experiences. But with the market growing increasingly competitive, it’s important to pick the tools and technologies that best serves both populations.

Outlined below are three steps healthcare organizations can take to create a more enjoyable workplace for their staff and what key capabilities are necessary to ensure the greatest ROI.

  1. Lessen the number of phone calls
    If the phone isn’t demanding attention, healthcare professionals are better able to focus their talent and effort on the patients and people in more immediate need of their expertise. This ability drives better health outcomes, operational efficiencies, and patient experiences.

    Telephone answering solutions and technology help achieve these results. However, it’s important whoever is answering your phones is prepared to handle any question, task, language, or call volume. Unfortunately, many internally-run call answering solutions are unable to swiftly manage fluctuating call volumes. By partnering with a third-party telephone answering service, healthcare organizations can ensure every call is met with exceptional care.

    When searching for a call center solution, healthcare organization should seek:

    • Flexible call answering solutions
    • Multilingual live agent support
    • Control over call flow & scripting
    • Proven experience & expertise
  1. Automate appointment reminders
    Patients crave convenient experiences – and so do healthcare professionals. Automating informational messages to patients, such as appointment reminders, population health notifications, and relevant event announcements, removes part of this communication responsibility from staff, directly enabling them to focus on in-person care.

    It’s important, however, that this particular service is able to integrate with the health systems’ EHR or EMR. This ability enables the health system to target a patient’s contact method of choice when sending automated messages, seamlessly enhancing their experience. And by communicating every interaction with the health system, staff members are kept informed and prepared to meet patients’ needs should they choose to reach out.

    When searching for a messaging solution, healthcare organization should seek:

    • Email, voice, and text messaging capabilities
    • Patient-specific customization
    • Easy message deployment
    • EHR/EMR connectivity
  1. Optimize patient scheduling
    Patients of all ages can benefit from a smoother appointment scheduling processes – and for many patients, online scheduling is the answer. By eliminating the need for a timely phone call, online scheduling better fits into the digitally-driven lives of today’s patients.  And when implemented properly, online scheduling can directly benefit both telephone answering and automated messaging, too.

    Because scheduling an appointment should be a pain-free process, healthcare organizations should simplify it by sending an automated reminder with a unique, secure link to digitally schedule an appointment from their phone, laptop, or other internet connected device. By choosing a tool that automatically communicates this information with the health system’s EHR, patients can call about their appointment and receive consistently accurate information no matter what healthcare employee answers the phone. What’s more, this particular patient engagement tool lessens the appointment scheduling burdening from staff, enabling them to provide better in-person care.

    When searching for an appointment scheduling solution, healthcare organization should seek:

    • Intuitive, user-friendly tools
    • Accurate appointment availability
    • Easy message deployment
    • EHR/EMR connectivity

When the right communication tools and technologies are implemented, entire healthcare organizations thrive. With the above three strategies and the technologies associated with them in place, healthcare professionals can better focus on patients with the reassurance their phones are answered by trained professionals, important messages are promptly delivered, and schedules are being filled.

Healthcare organizations that implement communication tools and technologies that benefit both patients and staff are better positioned to have happier, more satisfied team members. And with a happier staff tending to patients’ healthcare needs, organizations can better safeguard patient loyalty for years to come.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality telephone answering, appointment scheduling, and automated communication services. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services. Connect with Stericycle Communication Solutions on social media: @StericycleComms

Better Tech is Here for Healthcare

Posted on September 13, 2017 I Written By

The following is a guest blog by Brandt Welker, CTO at MedicaSoft. This is the second blog in a three-part sponsored blog post series focused on new HIT for integration. Each month, a different MedicaSoft expert will share insights on new and innovative technology and its applications in healthcare.

What are some of the common complaints doctors and nurses have about their EHRs?

“I have to click too much.” “Information is buried.” “It doesn’t follow my workflow.” “It’s slow.”

“I feel like a data entry clerk.” “*insert your favorite gripe here*” There is no shortage of commentary on the issues irking clinicians when it comes to technology. What there is a shortage of are ideas to fix it.

Better technology is out there serving other industries … and it can be applied in healthcare. Technology should ease administrative loads and put clinicians back in front of patients! I’ve talked about some of this previously and how we keep clinicians involved in our design process. When it came to building an entirely new EHR, the driving force behind our team researching and adopting new technologies was to imagine a clean slate.

Most of our team came from backgrounds with the Department of Veterans’ Affairs (VA’s) world of VistA. We learned a lot about legacy systems over the years – both beloved and maligned – and asked ourselves what a system would look like if it was unencumbered by the past. How would that system look? What could that system be? What technology choices should we make to simplify things? How could it play nicely with other systems and encourage true interoperability? How could it support users’ clinical workflow?

From the beginning, we decided that the most important thing was to get the platform right. Build the platform and build it right and things will work together. Build it to play nicely with other technology and interoperate. Make it fast. Make it easy. Make it open. Make it affordable. All of these needs were a part of our system “wish list.”

So, how’d we do it? We researched technology working in other fields and also elected to use HL7® FHIR® to its fullest extent. By now, you’ve probably heard a lot about the HL7® FHIR® standard. Many companies are using HL7® FHIR® to build APIs that are doing amazing things across the industry. We decided to use the HL7® FHIR® document data model as the basis of our platform – it simplifies implementation without sacrificing information integrity. We coupled it with a very powerful database and search engine – Couchbase & Elasticsearch. These are two high-performance tools used across industries. When you need a whole lot of data to move fast, you use Couchbase and Elasticsearch.

Couchbase is our NoSQL database. Couchbase is open-source and optimized for interactive applications. It provides low-latency data management (read: lots of data very quickly) for large-scale applications (like an EHR!). It lets us store records as documents and it’s really good at data replication. You might recognize Couchbase  — many other industry giants such as ebay, LinkedIn, and Verizon use it. It is an open-source database optimized for interactive applications. We selected Elasticsearch as our search engine. Some of your favorite sites and services use Elasticsearch – Netflix, Facebook, LinkedIn, and Wal-Mart, to name a few.

On top of Couchbase and Elasticsearch are FHIR APIs. These interactions are managed by type. We also use a Parser/Assembler Service that lets us combine, rearrange, and augment documents. Data is placed in the proper JSON format to be sent through the FHIR API into Couchbase. Our Community Health Record sits on top of this and everything described here is a part of our open platform – the one we built from scratch and architected to be interoperable and easy. Pretty neat, huh?

Once you have the platform, you can build all kinds of things to sit on top of it. The sky is the limit! In our case, we have a Personal Health Record and an Electronic Health Record, but we built it this way so you can use a wide range of technologies with the platform – things like Alerts or Analytics or Population Health or Third Party Applications, even custom built items that folks may have developed in-house will work with the platform. Essentially, using the platform means we can integrate with whatever you already have in place. Maybe you have an EHR with some issues, but you don’t have the time or budget allotted for another huge EHR implementation. No problem – we can help you view your data with a modern interface – without having to buy a whole other EHR. Revolutionary!

There are several other technology choices we made along the way, too – Node.js, NGINX, Angular.js are a few more. Angular.js allows us to be speedy in our development process. We can develop and build features quickly and get changes in front of clinicians for their feedback, which results in less time between product builds and releases. It means folks don’t have to wait months and months for changes they want. Angular is also web-based, which means user interfaces are modern and just like the interfaces everybody uses in their day-to-day lives. Angular.js was created by Google and there are many large companies you’ll recognize who use it to develop – PayPal, Netflix, LEGO, YouTube, to name a few.

I believe healthcare is lagging in adopting new technologies and there are a lot of excuses around why user interfaces in healthcare are generally horrible – they range from the software being written before Web 2.0 to users accepting that it is how it is and finding a way to work around their technology. The latter is probably the saddest thing I see happening in hospitals and clinics. Tech is there to make work easier, not more complicated.

There was a great quote from Dale Sanders, Executive Vice President of Product Development at Health Catalyst in MedCity News last week:

“Every C-level in healthcare has to be a bit of a technologist right now,” he said. “They need to understand this world. If you’re not aware of technology, it puts you … at a strategic disadvantage.”

I can’t emphasize how true this statement is. If you’re not paying attention to where technology is going, you’re not paying attention to where healthcare is going and you’re going to get left behind.

About Brandt Welker
Brandt is a HIT architecture and software expert. He calls Reading, Pennsylvania home. He has architected software systems and managed large IT and innovations programs at the U.S. Department of Veterans Affairs (VA) and the National Aeronautics and Space Administration (NASA). He’s also trained astronauts at the Neutral Buoyancy Lab. He’s currently the Chief Technology Officer at MedicaSoft. Brandt can be found on LinkedIn.

About MedicaSoft
MedicaSoft designs, develops, delivers, and maintains EHR, PHR, and UHR software solutions and HISP services for healthcare providers and patients around the world. For more information, visit www.medicasoft.us or connect with us on Twitter @MedicaSoftLLC, Facebook, or LinkedIn.

Why Do We Settle in Healthcare?

Posted on August 22, 2017 I Written By

The following is a guest blog post by Monica Stout, Marketing Director at MedicaSoft. This is the introductory blog in a three-part sponsored blog post series focused on new Health IT for integration. Each month, a different MedicaSoft expert will share insights on new and innovative technology and its applications in healthcare.

Imagine your typical Friday night. You’ve worked hard all week and now you’re ready to watch Netflix. You’ve picked the perfect movie. You’re ready to watch. You hit a button and your movie is right there, available and on demand. But what if it didn’t work? You’d be annoyed. You’d hop on social media to complain or see if Netflix is down. Someone somewhere would hear you.

On Black Friday or Cyber Monday, you might visit Walmart.com to search for some holiday deals. These are the busiest shopping days of the year. What if the website didn’t work? Or, what if you had to enter your shipping and billing data every single time you viewed an item? You’d be outraged. You might hop on social media to complain or see if others are experiencing the same problem. Someone somewhere would hear you.

Now imagine it’s the middle of winter and you’ve caught the latest bug du jour. You call your doctor for an appointment. When you arrive, you’re handed a clipboard and asked to fill out the same repetitive paper form with your health information that you fill out every time you visit. You’re certain they have this information already, but you’re required to fill it out yet again. You might wait 30, 40, or 60 minutes past your appointment time before you’re called back to a room.

Once you’ve made it to an exam room, a nurse comes in to take your vitals. The nurse will ask questions about what medications you are on. Nine times out of ten, the medications the nurse repeats back to you are outdated or entirely incorrect. You wonder where that data came from and are sure you’ve told this particular office the same thing the last four times you’ve gone there, so why is it wrong? Again, you wait in the exam room for the doctor. Your doctor comes in and spends more time looking at a laptop screen and clicking than making eye contact with you. Do you hop on social media and complain? Probably not. Does anybody hear you? No, because you’ve accepted that this is just how it is. In fact, you were grateful to receive a same-day appointment instead of waiting at home in misery.

The technology exists today to make things work and work fast. Other industries have intuitive UIs that people use every single day – we use them so much we don’t think about them. So, why do we settle for what doesn’t work in healthcare? Why do we accept a system that isn’t operating in ways that are beneficial or efficient to us as patients or to our doctors or nurses? Shouldn’t health information technology and the systems that support our health, well-being, and in certain situations, life or death, work more efficiently than our television subscription services or retail websites? Technology can do better in healthcare.

The technology on the back-end of Wal-Mart’s servers was robust enough to handle Black Friday and deploy with over 200 million users online THREE YEARS AGO. Amazing, right? But it’s that way because people won’t accept something that doesn’t work. If Wal-Mart’s website wasn’t available come Cyber Monday, consumers would vote with their dollars and move on to another retailer’s website that did work. That retailer would get all the business. Yet in healthcare, we keep revisiting a system that’s broken – where our health records are disjointed, incomplete, exist in duplicate (or many, many more), and just don’t work well together across practices, hospitals, or health systems. We don’t have a one centralized record with our health information serving as our source of truth. Sharing data across our providers is broken.

I realize that healthcare is more complicated than simply voting with our dollars and moving on, but why is that? The Wharton School Economics Professor Eric K. Clemons wrote a great piece on why healthcare is complicated. The technology is there to help advance healthcare to be what humans need it to be, so when will we stop accepting less? When will we demand more?

There is technology that’s easy to use and access, makes your information available, and centralizes your health information into one record. In our subsequent guest blogs, our experts will talk in more detail about these best of breed technologies and how they can be applied to healthcare to capture, exchange, and share data.

About Monica Stout
Monica is a HIT teleworker in Grand Rapids, Michigan by way of Washington, D.C., who has consulted at several government agencies, including the National Aeronautics Space Administration (NASA) and the U.S. Department of Veterans Affairs (VA). She’s currently the Marketing Director at MedicaSoft. Monica can be found on Twitter @MI_turnaround or LinkedIn.

About MedicaSoft
MedicaSoft  designs, develops, delivers, and maintains EHR, PHR, and UHR software solutions and HISP services for healthcare providers and patients around the world. For more information, visit www.medicasoft.us or connect with us on Twitter @MedicaSoftLLC, Facebook, or LinkedIn.

Assembling The Right Stuff: The Keys to Gathering and Supporting A Successful EHR Go-Live Support Team

Posted on August 16, 2017 I Written By

The following is a guest blog post by Jaime Jaimes, Instructional Writer at Conduent, Breakaway Learning Solutions). Check out all of the blog posts in the Breakaway Thinking series.

For just a moment, put yourself in the shoes of a provider who needs to work with a new EHR. You’ve known that the EHR go-live event was impending, and now it’s here. You took the training, slipped a little job aid booklet in your pocket, and think you’ve got everything under control. But once you’re on the floor, you hit a sudden roadblock. Rifling through your packet in hopes of finding an answer could waste valuable time. What you really need is a friendly face to calmly talk you through that first hurdle and get you back on track.

This scenario is the reason that some physicians are identifying at-the-elbow support as a vital part of successful EHR implementation. A confident support team can create a calm and stable environment for your staff as they learn the ins and outs of their new system. But structuring your support strategy is easier said than done. Fortunately, I was able to sit down and discuss some key go-live support elements with two of Breakaway’s client services managers: Adam Koch and Meredith Wheelock.  Between them, they’ve overseen countless go-live events for hospitals and ambulatory locations alike, and they have three key pointers for any team planning a new EHR implementation or update.

Start assembling your support team early

Creating a support team is a daunting prospect. In our experience, at least a 1:3 support-to-learner ratio is the ideal level of staff training needed for a go live, a number backed up by online research journal Perspectives in Health Management. Beginning your search for the right people early on gives you the time to vet potential team members, and ensure they have the necessary certifications and experience specific to your go live. While you can get a team together in a month, we recommend starting the process two months or more before the event so that you can identify the right people and make sure they are prepared.

This may seem like a lot of time to invest, but having this at-the-elbow support can actually save you time at go live. A support team member can resolve questions and frustrating issues quickly, which in turn allows your staff to return to their other duties. Plus, the fact that the question was resolved in-the-moment, and in the environment in which your staff will likely face the issue again, increases the probability of knowledge retention and improves their confidence in using the system.

Get everyone on the same page

Even though you’re assembling a team of experts familiar with your EHR, you still need to make sure they’re all following the same workflows. This ensures your support team won’t teach different workflows to different departments or locations. Learning your best practices also means there won’t be a conflict between pre-go-live training and at-the-elbow assistance. After all, your staff expects help when they approach a support team member. If they get advice that contradicts their training, they will walk away feeling even more confused and frustrated, hindering their adoption progress. As this EHR Intelligence article notes, “Critical to the project’s success is supporting physician EHR users the right way at the right time.” Taking the time to teach your support team best practices is the easiest way to make sure you’re supporting your team the right way.

Establish lines of communication

A go-live event is a big endeavor, and even the best support team will encounter a quirk in the system they haven’t seen before. It’s at these times where having a defined path to escalate problems and share the solutions you generate will keep your EHR’s implementation on track. For those first few weeks, a daily touchpoint meeting with your support teams and site super-users can prove invaluable, as it allows everyone to identify pain points, troubleshoot issues, and come away with one clearly identified solution. Having this coordinated effort and standard way of communicating is critical for organizations large and small, and helps guarantee that even when a larger problem arises, your team doesn’t grind to a halt as you try to figure out the solution.

Your at-the-elbow support team is just one part of the successful go-live puzzle, but it’s a piece that can mean the difference between a frustrated staff and one that’s confident that this new EHR is just another part of their day.

Conduent is a sponsor of the Breakaway Thinking series of blog posts. Breakaway Learning Solutions is a leader in EHR and Health IT training. Download their Free Whitepaper “Leadership Insights: Gaining Value from Technology Investments.”

Patients Want Customizations – Just Not Too Much!

Posted on August 10, 2017 I Written By

The following is a guest blog post by Cristina Dafonte, Marketing Associate of Stericycle Communication Solutions as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter:@StericycleComms
cristina-dafonteEverything around us is customizable: your laptop background, the layout of applications on your phone, any product dashboard you have access to. Customization sells, and consumers crave it. Consumers love to think that something is unique or special for just them, even if they know in their hearts that isn’t the case.

Patient engagement, especially appointment reminders, shouldn’t be the exception to the rule. We’ve far surpassed the days of the robo-dialer letting you know your doctor’s office was calling. Today, patients look for custom communications.

There are two ends of the spectrum that I have seen with customization of appointment reminders. The first is no customization at all.

Example: My dentist sends an email that is “Please click to confirm your appointment. We look forward to seeing you!” And includes a large CONFIRM button.

This message leaves me wondering a few things: when is my appointment? Which dentist am I seeing? What if I need to reschedule? What kind of appointment did I schedule? The message wasn’t personalized to my appointment or to me.

The second end of the spectrum is too much customization. I didn’t know it was possible to personalize a message too much until I received the following text message from my eye doctor:

(1/2) Hi Cristina, your contacts are ready for pick up. Please stop by the office at your earliest convenience to get them. Our office hours are 7-3pm on the first Monday of every month, 8-4pm every

(2/2) other Tuesday, and 8-6pm on the second Thursday of every month, and 7-12pm on Friday. Thank you for choosing [my eye doctor].

The first time I received that text message, I read it at least 3 times, trying to figure out what the office hours were for the day I needed to go get my contacts! That, my friends, is a reminder with too much customization.

Fortunately, the team at Stericycle Communication Solutions has figured out just the right amount of customization. Our patient communications are built on 4 pillars:

  1. Arrive: what needs to be done when the patient arrives
  2. Bring: what they need to bring for the appointment
  3. Prep: if there is any pre-appointment prep work that needs to be completed
  4. Do: any specific instructions for the patient’s arrival.

These best practices ensure that the patient feels the communication is specifically for them and that they have enough information to confidently and comfortably arrive at the office – without feeling bombarded with facts or instructions.

Want to learn more about Stericycle Communication Solutions’ patient engagement customizations? Download our FREE overview “Customizing Your Patient Engagement.”

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality call center & telephone answering servicespatient access services and automated communication technology. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media: @StericycleComms

Simulation-Based Education: The New Paradigm in Healthcare Technology – Breakaway Thinking

Posted on July 19, 2017 I Written By

The following is a guest blog post by Heather Haugen, PhD, Managing Director and CEO at The Breakaway Group (A Conduent Company). Check out all of the blog posts in the Breakaway Thinking series.
Heather Haugen
Imagine a warehouse filled with classroom training sessions running simultaneously, hotel lobbies packed with consultants checking in and out at the same time, overrun parking lots, buses shuttling employees off campus, and more. These are the harsh, yet common challenges healthcare organizations face with classroom training – a predicament explored in the second edition of Beyond Implementation: A Prescription for the Adoption of Healthcare Technology. As the book explores the real-life headaches of classroom training, it calls on healthcare leaders and organizations to embrace a new education paradigm.

Today the healthcare industry has made considerable advances in technology. Enterprise applications now offer more features and functionality than ever before. Analytics programs, telehealth platforms, mobile health applications – each represents one of the many innovations changing the face of our industry. Yet despite these advances, classroom training remains one feature that has yet to change, a feature deeply-engrained in the habits, mental models, and beliefs of the industry. Healthcare executives already face significant pressure from making multi-million-dollar investments in clinical information systems. Changing how users are educated disrupts another component of healthcare for which executives become solely responsible, and must address and manage.

Despite the strength of the status quo, Beyond Implementation calls for healthcare’s departure from the classroom training model, as research highlights its ineffectiveness for teaching learners how to use new technology – a reason why most industries have abandoned or redesigned the model. Instead of face-to-face instruction, the book recommends healthcare organizations take a simulation-based approach to education, which provides learners with hands-on experience completing their workflows in a simulated EHR. The value of simulation-based education was first proven in the commercial airline industry. Like healthcare today, the airline industry experienced significant disruption through technology as the industry transitioned from analog to flight control systems. Unable to educate pilots quickly enough, the industry developed flight simulators that provided hands-on training that was relevant, accessible, repeatable, and sustainable. The new education model produced impressive learning outcomes, which is why the book argues for a similar model to be applied to healthcare.

Unlike classroom training, simulation-based education is more personalized and targeted. Education is role-specific and teaches learners how to complete their daily tasks in a simulated EHR environment. Users learn to complete their daily tasks according to best practice workflows guided by real-life clinical scenarios that increase relevancy, retention, and engagement. One significant benefit is users accumulate experience in the application without risks to patient safety. They also access their education at a time most convenient to them, as education is accessible 24/7 anywhere there is an internet connection. The accessibility of simulation-based education eliminates the headaches and costs of renting out warehouses, hiring trainers and consultants, scheduling staff to attend three eight-hour training sessions, and more.  It’s no wonder why simulators are shown to improve confidence and knowledge in the system – which are key indicators of proficiency.

Considering the challenges and opportunities facing healthcare organizations, the need for a better education paradigm is apparent. Now more than ever, our industry is grappling with the challenges of swapping their legacy systems with new enterprise applications, which research has shown brings significantly greater challenges than the switch from paper to electronic. In addition to new strategies around leadership and other areas, organizations must provide education that helps users make the transition from old workflows, keyboard shortcuts, and habits more quickly and seamlessly. Our industry is also beginning to focus on improving outcomes through technology, a trend that requires organizations to create a workforce of proficient users efficiently and effectively.

In every aspect, healthcare stands to benefit by replacing its analog approach to education. Whether reducing costs or improving knowledge and confidence in the system, the argument for classroom training is obsolete. It’s time that our industry embrace a new model that reflects the level of innovation healthcare leaders and professionals are working so hard to adopt.

Conduent is a sponsor of the Breakaway Thinking series of blog posts. The Breakaway Group is a leader in EHR and Health IT training. Download their Free Whitepaper “Leadership Insights: Gaining Value from Technology Investments.”

A Programmatic Approach to Print Security

Posted on July 17, 2017 I Written By

The following is a guest blog post by Sean Hughes, EVP Managed Document Services at CynergisTek.

Print devices are a necessary tool to support our workflows but at the same time represent an increasing threat to the security of our environment.

Most organizations today have a variety of devices; printers, copiers, scanners, thermal printers and even fax machines that make up their “print fleet”. This complex fleet often represents a wide variety of manufacturers, makes and models of devices critical to supporting the business of healthcare.

Healthcare organizations continue to print a tremendous amount of paper as evidenced by an estimated 11% increase in print despite the introduction of the EHR and other new systems (ERPs, CRMs, etc.). More paper generally means more devices, and more devices means more risk, resulting in increased security and privacy concerns.

Look inside most healthcare organizations today and even those with a Managed Print Services program (MPS) probably have a very disjointed management responsibility of their inventory. Printers are most often the responsibility of IT, copiers run through supply chain with the manufacturer providing support, and fax machines may even be part of Telecommunications. Those organizations that have an MPS provider probably don’t have all devices managed under that program – what about devices in research or off-site locations, or what if you have an academic medical facility or are part of a university?

These devices do have a couple of things in common that are of concern – they are somehow connected to your network and they hold or process PHI.

This fact and the associated risk requires an organization to look at how these devices are being managed and whether the responsibility for security and privacy are being met. Are they part of your overall security program, does your third party manage that for you, do you even know where they all are and what risks are in your fleet today?  If multiple organizations manage, do they follow consistent security practices?

Not being able to answer these questions is a source of concern and probably means that the risk is real. So how do we resolve this?

We need to take a programmatic approach to print and print security to ensure we are addressing the whole. Let’s lay out some steps to accomplish this.

  • Know your environment – the first thing we must do is identify ALL print devices in our organization. This includes printers, scanners, copiers, thermals, and fax machines, whether they are facility owned, third-party managed, networked or local, or sitting in a storage room.
  • Assess your risk – perform a comprehensive security risk assessment of the entire fleet and develop a remediation plan. This is not a one-time event but rather needs to be part of your overall security plan.
  • Assign singular ownership of assets – either through an internal program or a third-party program, the healthcare organization should fold all print-related devices into a single program for accountability and management.
  • Workflow optimization – you probably have millions of dollars of software in your organization that is the source of the output of these devices. Even more was spent securing the environment these applications are housed in, and accessed from, to make sure the data is secure and privacy is maintained. The data in those systems is at its lowest price point, most optimal from a workflow efficiency standpoint, and most secure — yet every time we hit print we multiply the cost, decrease the operational efficiency and increase the risk to that data.
  • Decrease risk – while it is great that we identify all the devices, assess and document risk and develop a mitigation/remediation plan, the goal should be to put controls in place to stem the proliferation of devices and ultimately to begin the process of decreasing the unnecessary devices thereby eliminating the risk associated to those devices.

The concept of trying to reduce the number of printers from a cost perspective is not new to healthcare. However, many have achieved mixed results, even those that have used an MPS partner. The reason that happens is generally because they are focused on the wrong things.

The best way to accomplish a cost-effective print program is to understand what is driving the need or want for printers, and that is volume. You don’t need a print device if you don’t need to print. I know it sounds like I am talking about the nirvana that is the paperless environment but I am not. This is simply understanding what and where is unnecessary to print and eliminating it, thereby eliminating the underlying need for the associated device, and with it the inherent security risk as well as the privacy concern of the printed page. Refocusing on volume helps us to solve many problems simultaneously.

Putting a program in place that provides this visibility, and using that data to make the decisions on device reduction can significantly reduce your current risk. Couple this with security and privacy as part of your acquisition determination, and you can make intelligent decisions that ensure you only add those devices you need, and when you do add a device it meets your security and privacy requirements. More often than not the first line of defense in IT is better management of the environment.

The New Leadership Agenda: 6 Effective Strategies for Driving the Adoption of Healthcare Technology – Breakaway Thinking

Posted on June 28, 2017 I Written By

The following is a guest blog post by Heather Haugen, PhD, Managing Director and CEO at The Breakaway Group (A Conduent Company). Check out all of the blog posts in the Breakaway Thinking series.
Heather Haugen
In executive conference rooms around the country, a common dialogue is emerging. In the wake of multi-million-dollar investments in electronic health record (EHR) systems, healthcare leaders are admitting that they underestimate the “care and feeding” of adopting these new applications. Whether this realization occurs from implementing a new system for the first time, or replacing an existing legacy application, the challenges are largely the same. Change fatigue, resource shortages, user resistance, workarounds, patient safety concerns – all reflect barriers healthcare leaders face adopting new healthcare technology.

But there is good news for healthcare leaders. This month marks the release of the new edition of Beyond Implementation: A Prescription for the Adoption of Healthcare Technology. The book offers healthcare leaders a playbook for approaching and leading the effort to adopt clinical information systems.

The book explores several important leadership strategies that have proven invaluable to healthcare executives around the country.

Strategy #1: Establish a New Leadership Agenda

Leadership is the most fundamental driver of EHR adoption. Because of its importance to the success of the initiative, leaders must relentlessly commit to making EHR adoption a daily priority for executive teams. This includes focusing on the factors that drive optimal use of clinical information systems long after the implementation.

Strategy #2: Stop Doing List

Time is a scarce and vital asset for every executive team, which faces a host of competing priorities and time-sensitive initiatives. The most successful leadership teams prioritize the right projects that add the most value to the organization. One strategy is to develop a Stop Doing List, a concept popularized by renowned author Jim Collins. The Stop Doing List is the process of choosing which initiatives to stop in order to focus on the most crucial activities. For healthcare leaders, this means eliminating or reprioritizing enough projects to make EHR adoption among the top three priorities for the organization. To develop a Stop Doing List, Beyond Implementation recommends prioritizing initiatives per these criteria:

  • Projects/meetings that do not directly affect quality of care or safety
  • Projects/meetings that are not related to compliance or legal risk
  • Projects that can be delayed with little overall impact
  • Meetings that can be eliminated or consolidated

Strategy #3: Engage Clinical Leadership

Providers carry a powerful voice in a healthcare setting. Leaders must actively engage providers and promote their buy-in through several strategies. One strategy includes developing a provider council. Including representation from across the organization, endorsement from top leadership, and a formal charter and vision for the body, this council should oversee and govern EHR use.  Another strategy is to engage members of the council to serve as champions of the effort by helping their departmental colleagues and serving as an extension of leadership.

Strategy #4: Create a Tone at the Top

Crucial to engaging users in the effort is establishing a tone that emphasizes EHR adoption. Leadership must promote awareness of the initiative by creating a value proposition and brand that connects the EHR system with the organizational vision and mission. Leadership must also establish a rhythm with their messaging and ensure it remains authentic when interacting with users. Leadership should make it a focus to answer key questions about the transition, such as how EHR adoption improves clinical and financial outcomes and how the change will affect users individually. Establishing the importance of the effort, as well as being open and transparent, helps users navigate and accept the transition more easily.

Strategy #5: Governance

Governance is also another key ingredient of effective leadership. Competing interests, differing opinions, and varying experiences all pose barriers to EHR adoption. Leadership must develop a well-defined governance process, which overcomes these barriers by creating policies and procedures that hold users accountable and define expectations and best practices around use of the system. The governance process should evolve over time to address the evolving needs of users as they adopt the application. After developing the governance process, leadership must measure its effectiveness to enforce accountability and make continuous improvements.

Strategy #6: Track Performance Metrics to Drive Continuous Improvements

To improve outcomes, leadership must track the clinical and financial results of EHR adoption. Leadership should identify, select, and empower the right individuals to lead this effort. These individuals should collect, analyze, and report performance metrics that are important to caregivers and will motivate engagement and improvement.

To see improved clinical and financial outcomes, healthcare leaders must ignite and sustain the movement toward the adoption of clinical information systems. It starts with establishing a new leadership agenda that places adoption at the forefront of organizational priorities and continues through strategies that facilitate engagement, communication, governance, and measurement. When leaders engage in these activities, adoption becomes a pervasive mindset across the organization for optimal results.

Conduent is a sponsor of the Breakaway Thinking series of blog posts. The Breakaway Group is a leader in EHR and Health IT training. Download their Free Whitepaper “Leadership Insights: Gaining Value from Technology Investments.”

Compromise Assessments & Penetration Testing in Healthcare

Posted on June 21, 2017 I Written By

The following is a guest blog post by Steven Marco, CISA, ITIL, HP SA and President of HIPAA One®.
Steven Marco - HIPAA expert
As healthcare providers continue to embrace technology, are patients being left vulnerable? If a recent incident involving patient portals is any indication, then the answer is a resounding “yes.”

True Health Diagnostics, a Frisco, TX-based healthcare services company recently became aware of a security flaw in their patient portal after an IT consultant logged in to view their test results and accessed other patient’s records by accident.  Upon investigating the issue it was determined that because True Health uses sequential numbers on their patient record PDF files, users of the patient portal could easily alter a digit in the URL and therefore view the medical information of other patients (also known as Forceful Browsing).

This recent event should serve as both a reminder and a warning to healthcare organizations using patient portals that in order to prevent a similar disclosure, implementing (and testing!) safeguards is necessary. There are two different actions an organization can take to either understand the scope of a breach and/or assess their level of security to prevent a disclosure.

Compromise Assessment: Due-Diligence Task

A compromise assessment is a due-diligence task used to verify that an organization hasn’t experienced a security breach. Essentially, it answers the question: “Have we been breached?”

Completed by a group of whitehat hackers or IS professionals, the goal is to access an organization’s various systems and verify if/when they were comprised and estimate the damage/exposure that has/could be done on their customer’s data. By gaining an understanding of the extent of the breach, the organization can in turn create a plan to remedy the issue and notify the appropriate parties of the disclosure.

Penetration Testing: Proactive Approach

In simple terms, conducting a penetration test is a proactive approach to finding any security deficiencies before a breach occurs or hackers find a way in. A penetration test answers to the question “How secure are we?”

By performing an authorized simulated attack, organizations can gain a much greater understanding of their security infrastructure. Although penetration testing alone will not ensure a network is compliant or secure, it will identify gaps between the existence threats and controls that an organization has in place.

Penetration testing has many other benefits, including:

  • Revealing where procedures may be failing – Especially if insecure services are being used for administration or if critical security patches are missing due to inadequate configuration and change management processes/procedures.
  • Exposing poor password policy – Including the use of default or weak passwords, password reuse and use of incremental passwords.
  • Justification to management – For approval of additional security technologies. For example: Showing upper management that penetration testers were able to hack into the system and email the entire customer database.
  • Acts as a “second set of eyes” – Critical if using an independent provider when hosting ePHI/PII.

Interested in more details on penetration testing? Check out HIPAA One’s penetration testing blog post.

About Steven Marco
Steven Marco is the President of HIPAA One®, leading provider of HIPAA Risk Assessment software for practices of all sizes.  HIPAA One is a proud sponsor of EMR and HIPAA and the effort to make HIPAA compliance more accessible for all practices.  Are you HIPAA Compliant?  Take HIPAA One’s 5 minute HIPAA security and compliance quiz to see if your organization is risk or learn more at HIPAAOne.com.

Value-sizing The Patient Experience

Posted on June 8, 2017 I Written By

The following is a guest blog post by Sarah Bennight, Marketing Strategist for Stericycle Communication Solutions, as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter: @StericycleComms

In health IT, we talk about the patient experience all the time. Many of us have dedicated our entire careers to improving the patient experience. It has become so central to improving healthcare that patient-reported experience results determine a significant portion of reimbursement.

But today’s patient experiences do beg the question: are they a pie in the sky dream or something tangible that can be addressed in our organizations?

To tackle the patient experience, we have to audit all contact points to determine areas of weakness. A great way to start is by creating a healthcare consumer journey map. Identifying each point a patient could potentially interact with your organization is key to ensuring their experience will be great. Once you have identified each potential encounter, mystery shop that experience as if you were the patient to test your brand’s current performance. When determining whether or not your organization provides a great brand experience, you may find yourself comparing your performance to the top brands you work with on a daily basis.

For example, I recall a time when I studied abroad in the United Kingdom. Upon arriving in a foreign country after 22 hours of travel with little sleep, I needed to eat. I vaguely recalled passing a familiar restaurant sign on the way to my flat: McDonalds. And though I didn’t really love the golden arches at the time, I chose to eat there. Why? Because I knew what to expect. I knew how to order, what menu items would be available, and what it would taste like.

By focusing on consistent interactions and expectations for their customers, McDonalds has created a strong brand. In fact, when asked about introducing new products during a 2010 CNBC interview, former CEO James Skinner said “[McDonald’s doesn’t] put something on the menu until it can be produced at the speed of McDonalds.”

Can your healthcare consumers count on a consistent experience when contacting your organization? Your brand experience should encompass the entire health system to build confidence and loyalty in your brand. Creating consistency across each encounter begins with simple questions. Was their initial call met with a timely, sincere, and welcoming voice? Was parking convenient? Are average waiting times reasonable? Do Center A and Center B provide the same quality support? Is their bill easy to understand? If your answers are all yes, it’s more likely that patients will continue to choose your organization.

When patients feel confidence about provided services and perceive value in the care you provide, brand loyalty is achieved. What’s more, many studies show that patients who have great healthcare experiences and are confident in the level of care they receive will have better clinical outcomes. Value-based care demands consistent, evidence-based clinical interactions. But we can’t leave out the important patient experience outside the walls of the exam room.

After my exhaustive travels, I certainly had a better outcome by relying on my trust in McDonalds’ brand. I chose to value-size my meals frequently throughout my England journey – not because it was the best tasting food, but because I could always rely on consistently convenient and quality experiences. The healthcare industry can certainly learn a lot more from cutting edge commercial companies when it comes to creating loyalty. To learn more about the patient journey and loyalty, download our e-book.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality call center & telephone answering servicespatient access services and automated communication technology. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media: @StericycleComms