BYOD Issues and Solutions for Healthcare Safekeeping

The usage of innovative devices at the workplace has brought with it different security concerns that organizations have to address.

The term ‘Bring Your Own Device (BYOD), was initiated in the year 2009 by a top IT company and it pertains to the policy of allowing employees to bring privately owned devices such as smartphones, tablets and laptops into their workplace for use and access to company applications and information.

Increasing numbers of organizations are now using BYOD in a bid to establish themselves as employers who are flexible, tech-savvy and who care about the convenience of their employees. Many believe that permitting employees to bring their own devices will boost their morale and enhance their levels of productivity and efficiency.


A policy such as BYOD always has potential risks attached with it. One of the major issues organizations face with BYOD policy is the vulnerability of its computer system networks to data breaches and malicious attacks from third-party organizations when insecure devices connect to the company network.

There is a considerable amount of risk to any company when an employee leaves. Further on, if a customer service employee who uses his personal phone, leaves the company and joins a competitor, it provides a serious threat to the business because the customers calling that employee might decide to engage the services of the competitor instead. This is because the employee might be leaving with confidential company information and applications. Since the device is owned by the employee, the company does not have any vested right or authority on the information contained within. Other issues include damage liability when an employee’s device is damaged at the workplace – will the company then be liable to pay for its replacement or repair?


To overcome such issues, organizations will have to get a lot of policies introduced and implemented – fast!

Regulatory bodies such as CMS and DHHS are busy drafting stringent requirements for the use of Electronic Medical Records (EMRs) and interoperable medical devices with primary concerns of protecting valuable company information and patient health information.

Since healthcare providers are permitted to use their own devices within their clinics and hospitals, the IT department at such facilities should introduce and implement stringent operational network controls. Through these controls, IT should be able to monitor and control devices owned my employees in the same way it handles company owned devices.

It should be guaranteed that any device connecting with the organization’s network does not damage company or patient information or be allowed to download patient health information or confidential company data. Furthermore, healthcare providers should educate their staff regarding the importance of data confidentiality, and consequences or punishments in case of loss or theft of data.

Overall, organizations using BYOD policies should make sure that company data is securely encrypted, both on wired and wireless devices. Strict authentication and password policies should be adopted at every connection point and effective policies regarding mobility of data across the healthcare facility should be implemented. Healthcare organizations should also have firm tried-and-tested breach response or contingency plans making sure that in case of an unprecedented data breach or network malicious attack aiming to steal confidential patient information from the Electronic Medical Records, the organization has a back-up option to fall back on.


EMR Adoption and Change Resistance Management

You’re a medical practice manager with eyes on that CMS incentive program and its time to go EMR shopping. You’ve picked a product, everything looks great, the budget’s been allocated, partners & providers are with you, the vendor’s shared their magical implementation plan and you can’t wait to order the hardware.

This is where you slow down and go back to that smooth implementation plan to take a good look at it for the part that talks about “CHANGE RESISTANCE MANAGEMENT”. What! There isn’t one? Maybe you think you do not need one.  After all what can be so challenging about adopting an electronic medical record and a practice management system that will only require tweaking your business workflows while twisting arms of the back office staff. Also, don’t worry about the grumpy old radiology technician who firmly believes that technology ended with the invention of x-ray machines. The MAs’ won’t bite you just because the charts are now a few clicks away, far from that trusty old file closet.

Maybe you thought that it’s not the vendor’s responsibility to help you manage the commotion their product is going to cause at your front desk while the billers refuse to send the claims out in the back office. Your doctors probably don’t care about what product they are signing up for as long as they can still create notes on paper, slap them on scanners and beam them into an EMR.

A good EMR vendor with a mature implementation team will discuss change resistance with you; in fact they would ask you to establish all your business critical operations before sharing the implementation project plan with you. Chances are they will also share their workflows and rebuttals against each item you’ll share with them. This is usually the first step an implementation team will take with you. They should also ask you about the key staff members at the practice for establishing implementation partnerships. The chief biller at the practice can work with the vendor to facilitate a smooth deployment while acting as a key – post live communication person for his or her department. Same is the case with front desk, facility (lab, radiology etc…) and provider representatives at the practice.   A half decent implementation team will design their trainings around the concept of toning down the resistance that may surface with the adoption of their product.

Access to legacy data, adequate trainings, an established knowledge base and efficient pre live implementation communication are some of the key factors that contribute towards reducing the intensity of change resistance. Establishing a communication plan with the vendor before the start of the implementation process really pays off, since calling them every 20 minutes for the next six months is not healthy, certainly not for a practice. Find out if your vendor offers portal based communication such as e-ticketing or an action list.

Never underestimate the importance of legacy data so don’t leave any stone unturned when it comes to data migrations. Find out what you’re paying for and make sure your staff gets a memo about what information will be accessible in the new EMR and what needs to be saved in Human Readable Format on a shared network. Insist on test data migration if your vendor has not offered one already and get a consensus on it from all stake holders.  A good vendor will probably ask you to sign an approval on the test data migration before conducting a final one.

Ask for training agenda against each scheduled session and then adhere to time and staff requirements.  Insist on post live Q&A sessions and share your staff’s concerns with the vendor beforehand.

Find out what kind of online training material is offered by your vendor and promote its usage amongst your staff. Identify leaders in all the departments and establish an effective leadership that can assist you in finding and implementing solutions  while communicating with vendors on your behalf.

Finally it does not matter how new the technology may be; the same old rule of “Nobody likes change” still applies.



The iBlueButton experience – Part II

In terms of usability and simplicity, the iBlueButton is a far cry from its crude predecessors. The information gathered from the conventional Blue Button application is cumbersome to process and often confusing. Therefore, this limited the effectiveness of Blue Button and subsequently proved as a hindrance towards the adoption of this new feature in health IT. Complicated numbers and digits instead of simplistic information put a cap on the true potential on the idea behind the inception of Blue Button. However, through the iBlueButton app the feature is easy to both access and to employ for all. Using the iBlueButton on a mobile device is a totally different experience than that of the traditional Blue Button.

With respect to the resourcefulness of the mobile app Dr Mostashari added, “When I saw my Dad’s information it changed everything. Because for the first time, you hit the provider button, it brings back a list of all his doctors, and their phone numbers and their addresses. I never had that before. Now I can see his medications, diagnoses, ER visits, outpatient visits, procedures, images and labs.”

According to Bettina Expert on, CEO of Humetrix, the iBlueButton is not merely a physician or physician app. It is a mobile communications instrument which links one side of the healthcare equation with the other. Moreover, the iBlueButton grants real-time access to various healthcare resources such as a patient’s essential medical information. With an air of authority Expert on proclaims, “iBlueButton is the mobile embodiment of Blue Button”.  Expert on who is a professor of medicine at the University of California and is invited regularly to the counseling panel on healthcare in the White House also assisted in manufacturing the EHR smart card for the French national health system. As the Apple based application gains traction with the public, Expert on has unveiled that an Android based version of the iBlueButton will be available later this month as well. Additionally, several commercial health plans are going on board with employing Blue Button. This bodes well for Humetrix and the healthcare industry alike.

The amount of information accessible to patients while they are on the go will undoubtedly transform conventional healthcare practices. Instead of calling up various entities, scheduling appointments and waiting in line, one may simply view everything they require on a screen in their pocket while sitting in the comfort of their homes. This rapid access to health information will prove detrimental, especially in emergency situations where every second could be the difference between life and death.  Having the ability to obtain and share medical records at any point of care is the main differentiation from traditional EMRs. The level of convenience to the patients themselves enables them to be more informed and proactive towards personal care as well. Innovation in health IT is finally catching up with our daily lives and providing avenues for continuous improvement in care delivery. Such advances in technology will without question shape the future of healthcare as we know it.


Practice Management Software – Modernizing Practice

Swift health information exchange is the need of the hour in the healthcare sector, with most doctors converting to electronic documentation with EMRs. With clinical documentation and health information exchange taking precedence, doctors have little time to focus on office administration and profitability. However, established EMR vendors now offer the perfect solution for such practices in the form of “all-in-one” software packages. These packages provide practice owners with a single solution accommodating clinical documentation, office administration, scheduling and billing along with advanced reporting capabilities. Without the need to run two separate software (EMR and Practice Management), these competitively priced packages reduce acquisition cost and provide better value.

With health IT adoption on the rise, there are now hundreds of vendors in the market trying to capture their share of the care community. This has meant that vendors are now looking to offer greater value to their clients, in an attempt to stay ahead of competition with offerings such as the aforementioned “all-in-one” software packages. Standalone practice management software (PMS) is by no means a new concept in healthcare. However, it’s recent popularity can be directly attributed to the government’s backing of electronic health information processing and dissemination.

As EMRs deal with the clinical operations within a practice, PMS simplifies administrative tasks such as scheduling, monitoring appointments, follow ups, insurance verification, billing and reporting etc. With the right amount of training, practice staff can accomplish routine tasks much faster, with less errors and duplication. The right solution can ensure better coordination between clinicians and their staff to improve the overall efficiency of the practice – saving time and money for patients and physicians. Furthermore, the incorporation of features such as OCR (optical character recognition), online insurance eligibility verification, text messaging (alerts and reminders) and data mining reports etc., has drastically improved practice profitability and eliminated redundant workflows in small practices.

Fortunately for providers, not all among their staff can access sensitive patient information or the billing information related to the practice. Role based access and audit trails prevents unauthorized staff access, while allowing administrators to restrict individual users in the practice from accessing any one or multiple patient charts. In light of the aforementioned characteristics of “all-in-one” health IT solutions, providers now deem it more beneficial for their EMR to be integrated with practice management software. Providers looking to start their journey towards a paperless office must ensure that the practice management capabilities of their chosen solution are not overlooked. As a consequence, their health IT investments will generate greater value and returns, while guaranteeing peace of mind in years to come.


Health Information Exchange – Where Are We Headed

No doubt the inclusion of information technology in the healthcare industry brought the game changing Electronic Medical Records (EMR) technology, along with secure sharing and exchange of health information across various platforms, more commonly known as health information exchange (HIE). It was always believed that the purpose of providing quality and affordable care along with improving the conditions of the US healthcare system could be significantly aided by incorporating HIE within the EMR continuum. One can imagine the ease with which quality healthcare could be provided if important health information can be transferred across various platforms with relevant people.

While health IT consultants and regulatory bodies could give a long list of advantages that EMRs and HIE could bring to the healthcare industry, the question remains is the adoption rate as high as expected? According to recent research, approximately 71% of the hospitals in US are planning to implement EMR solutions that comply with health information exchange. As the technology keeps on improving, soon the implementation rates are likely to touch 100%.

“Information technology is one of the best things that could happen to the healthcare industry. The way IT has revolutionized healthcare, it could be easily said that in the coming years EMRs and other health IT applications are likely to be seen in almost every practice. I believe, after stethoscopes physicians would also treat EMR to be essential”, says a New Hampshire based health IT consultant.

The importance of HIE could also be comprehended by looking at the meaningful use stage 2 requirements. The objectives in stage 2 encourage physicians not only to use EMR but also to ensure that their solution allows for information exchange. This is one of the very reasons why regulatory bodies have been working on creating standards for HIE implementation. It is believed that a portfolio of standardized guidelines would allow physicians to comprehend the requirements and understand the implementation procedures in a much more efficient manner.

Realizing the requirements and keeping the concerns of physicians in mind, even established EMR vendors are creating solutions that ensure HIE. As the introduction of cloud EMR helped them capture the market share, incorporating HIE would further enhance their chances of attracting more potential clients.


EMR – What’s the race all about?

One of the most interesting things about health IT applications, especially Electronic Medical Records (EMR) is that ever since its inception there seems to be an upward trend in the product demand. Overtime healthcare providers have realized the potential advantages that EMR technology has provided and are likely to provide to the healthcare industry. Every now and then you would come across physicians discussing specialty focused EMRs, free EMR, and especially certified EMR.

More interestingly, given this increasing popularity of the certified EMRs, the product vendors have started experiencing cut throat competition. No wonder why over the past few years, health IT has been considered to be one of the most rapidly growing industry across the US. The availability of more than 700 vendors, intensively trying to capture the market share, is clear support for the aforementioned statement. While there are thousands of reasons behind the increasing competition, the government’s financial incentive program could be attributed as one of the vital ones.

Being part of the health IT industry, we are all aware that the government requires meaningful use of certified EMR on part of physicians to consider them eligible for the program. No doubt, this is one of the essential criteria to qualify for the incentive funds. Realizing that certification was becoming a crucial requirement for physicians, be it the one who charged a monthly subscription fee for its EMR or provided free EMR, the vendors made sure that their software fulfilled the certification criterion. The logic was simple; keeping pace with the industry requirements would help them influence the client’s choice.

“Be it any industry, competition amongst the vendors can never end. In fact, new regulations and opportunities are likely to increase the existing competition. This is what is happening in the EMR industry. While the existing renowned vendors are trying their best to retain their clientele and attract more potential clients, novice vendors are enthusiastically trying to keep up with the pace”, says a San Francisco based health IT consultant.

It would not be absurd to say that besides helping physicians with clinical procedures, EMRs are also becoming a marketing tool for the vendors. The reason is, if the EMR conforms to a physician’s requirements, even if it’s not a free EMR, the physician is likely to refer it to another colleague – eventually creating a chain of references. Of course, at the end of the day, it is the vendors whose product is being promoted. However, such a situation increases the burden on the vendor to maintain the reputation in the market.



Patient Portal – Is it Any Good For Patients?

Besides improving the quality of care, manufacturing dedicated tools for every member within the healthcare industry is another prolific effort made by health IT vendors, such as Electronic Medical Records (EMR) and Patient Portals. While the former is programmed to help physicians document clinical operations with precision, the latter is designed to help patients improve their health management. Nevertheless, the bottom line is that both applications have helped maintain better care connectivity.

“The healthcare circle consists of two parties; the physicians and patients. It is important to facilitate both parties to ensure a better, sustainable healthcare system. EMRs have helped physicians provide quality healthcare to patients, whilst patient portals have allowed patients to experience completely new, yet improved, healthcare management procedures”, says an Alaska based health IT consultant.

Most physicians probably still remember how tiresome it used to be when they had to manually document patient encounters. On top of that, realizing that they had a long list of patients to examine, managing the documentation process became even more stressful – eventually affecting their productivity. EMR turned out to be a game changing player for all physicians. It takes no more than a few seconds for physicians to document patient encounters and manage all the relevant information. Today, EMRs that come with the latest point and click technology even save physicians from manually constructing long sentences; all they have to do is just click as the EMR does that rest.

Similarly, the advent of patient portals simplified life for the patients. The agitation associated with making long phone calls or walking in to the physician’s practice for merely scheduling an appointment or requesting order refills has been completely eliminated with the use of patient portals. Patients can login to the online portal and stay connected with their physicians from anywhere across the globe. No longer do they have to incur such superfluous costs along with the hassle of managing paper based test results and health records. Patient portals allow patients to either view online or download their health information whenever they want. Given the importance of better care connectivity, even the government encourages physicians to allow patients instant access to their health records.