Wednesday, September 26, 2012

Choosing the Right EMR

Over the last eight years, medical practices and hospitals all over the United States have been abandoning paper charts for electronic ones. In 2004, less than 5% of physicians were using electronic medical record (EMR) systems. That same year, President George W. Bush set the goal that the majority of United States citizens would have an electronic medical chart by 2014. In 2009, President Obama took it a step further and dedicated billions of dollars of incentive money to have all medical charts in a digital format by 2014. These two government moves ushered in the age of EMRs. While a vast majority of the medical world is on board with the changes in theory, the reality is that this has not been a cheap or painless transition for anyone. 

In 2008, 41.5% of physicians reported using some type of EMR system. In 2011, that number jumped to 55%,still leaving a substantial portion of the medical community that has not yet made the leap to computerized charting, largely due to both the monetary and time costs. Most practices have thousands of records, and the idea of purchasing an EMR system and then spending the time and money scanning and converting charts is overwhelming, not to mention the time it takes to educate staff and doctors and become comfortable with a new way of doing things. For the 45% who are not online with their patient care, the time is now. The deadline for government incentives for EMR is 2014. Those not integrated and live by 2015 face the possibility of monetary penalties.

But where to start? Choosing an electronic medical records system (EMR) is a daunting task. There are many attributes that must be compared and considered. In today’s market over 900 systems exist. How is it possible to wade through to find the perfect fit for your office? Understanding what you are looking for and weeding out what won’t work for your situation is the best way to start.

1.  Narrow the list of vendors down to those that accommodate your specialty. There is no reason to spend any time on a system made for allergists if you are an orthopedic practice. Make sure to be very specific when questioning the salesmen and users.

2.  Set a budget, but be realistic. Chances are you do not want a system in the lowest price point. There is a reason it is so cheap. Think about a budget for not only upfront costs, but monthly charges and support fees.

3.  Determine which companies meet the requirements for meaningful use. There is no reason to go with a system that is not been upgraded to meet the standard requirements. If the system does not, then your practice will be ineligible for incentives. Educating yourself on what “meaningful” means and what it involves is imperative. Among other things, the system should have the ability to E-prescribe medications, share patient information, and report statistical data. Also consider various certifications and accreditations.

4.  The next step is research user satisfaction. Salespeople and testimonials will probably provide a biased opinion, so make sure to read user boards, reviews, and speak to friends and peers who are already using the system. Ask questions and voice concerns. Chances are other physicians will have put time and effort into their choice and are happy to impart what they like and don’t like about their system.

5.  Go see the “finalists” actually being used in a practice similar to yours. If you have a small office with only a handful of staff, don’t go to a 15-doctor practice with three offices. Spend a day watching not only how the physician uses the system, but also how the nurses, support staff, and billing office use it. All of these components are important, and none should be overlooked. If possible, also take key staff members to get their opinions. Often managers or insurance specialists will have extra insight into their area of expertise.

6.  Understand what will be involved with the training to get your office up and running. Determine a realistic timeline for going live on the new system. Talk to the software company about their scheduling for training, and question peers on how long training took for their offices. Often the seller will give you a “best case scenario” that is not the most accurate. Other users will be more honest about the learning curve and how long it took their offices to be competent in the new system.

Technology has become an everyday part of our lives, and the medical profession is no different. Taking steps to move your practice to EMR now will ensure that you avoid penalties in the not too distant future. The government is dedicated to creating a medical system that is conducive to sharing information. It is best to get on board now, instead of scrambling and purchasing a subpar system at the last minute. Take your time and educate yourself so that the system you choose is the best fit for your practice. Figuring out after the contracts are signed and the charts are scanned that you made a bad decision would mean thousands of dollars and countless man hours wasted. Avoid disaster and choose an EMR wisely.

Jamoom E, Beatty P, Bercovitz A, et al. Physician adoption of electronic health record systems: United States, 2011. NCHS data brief, no 98. Hyattsville, MD: National Center for Health Statistics. 2012.

Hawryluk, Markian. Government Pushes for Electronic Medical Record Standards [newspaper article]. (2004, February 9). Retrieved from

Friday, September 14, 2012

Dress Code: Manage Your Company's Image

Mark Twain once said, “Clothes make the man.” In today’s world, where appearances often guide our choices, they can also make the business. There are different levels of what is acceptable, with formal being the dressiest, business casual being moderate, and casual being the most lax. While it is fairly obvious that a factory worker won’t be wearing a suit to work and a banker won’t be wearing shorts, a vast majority of American workers must look to their employers for what is acceptable dress for the workplace. 

The first thing that must be determined when adopting a dress code is how detailed it should be. Giving your employees loose terms like “business casual” may seem like a good idea when drafting the employee handbook. Unfortunately, that can mean many different things to different employees. One person may think it means anything besides jeans, while another may interpret the term to mean one step below a suit. The actual intent probably lies somewhere in the middle. Spelling out your expectations is the safest way to ensure that staff is dressed the way you want the company represented. If chinos are okay but jeans are not, then the policy should state “no denim.” If casual shoes are allowed but sneakers are not, that should be clearly stated. Leaving the interpretation of your policy to your employees will most definitely spell disaster at some point. It is much easier to simply explain the “dos and don’ts” in the company’s employee handbook. When choosing the dress code for your company, keep in mind that you need to be comfortable enforcing the dress code you choose. 

While the Equal Employment Opportunity Commission does not have exact laws about dress code in the workplace, it does protect employees from discrimination when it comes to dress code enforcement. “While an employer may require all workers to follow a uniform dress code even if the dress code conflicts with some workers’ ethnic beliefs or practices, a dress code must not treat some employees less favorable because of their nation origin.” For example, many men from non-western countries wear skirts or sarongs as casual wear. If a dress code allows for casual wear, then the native dress must be allowed. Religious discrimination must also be taken into consideration. The dress code must be modified for an employee if it “conflicts with an employee’s religious practices and the employee requests an accommodation.” An employer must also be careful when an employee has a disability and the dress code is causing an issue. It is okay to require certain dress, but accommodations must be made. There are exceptions in each situation, so a lawyer should be consulted anytime a request for dress code modification is made.

It is up to the employer to decide the image they want their employees to project. Being specific can be the best route to go if a certain perception is important. To completely avoid problems, many employers are choosing to provide workers with uniforms. This keeps the control in management’s hands and alleviates any awkward situations. 

Whatever option you choose for your business’s dress code, keep in mind that consulting with your attorney before and during the process can protect the business from future discrimination lawsuits. 

Prohibited Employment Policies/Practices. (n.d.) in retrieved September 12, 2012 from

Monday, September 10, 2012

HIPAA Compliance and Vendors: What are the Rules?

No health care provider does it all alone. Doctors’ offices and hospitals spend their time taking care of a patient’s physical and mental well-being. While they are busy treating people, there are many companies and people working behind the scenes to keep the health care industry running smoothly and efficiently. When HIPAA came into being, covered entities (CE) were busy making sure their own businesses were compliant. Today, just being compliant is not enough. It is the CE’s responsibility to ensure that their business associates are also following the HIPAA rules for security and privacy.
Health care providers and hospitals are covered entities under HIPAA. Their vendors, referred to as business associates (BA), are those that handle PHI while providing support to a CE. According to the website for Health and Human Services, a BA handles the following functions: “claims processing or administration; data analysis, processing or administration; utilization review; quality assurance; billing; benefit management; practice management; and repricing.”  Services provided by BAs are: “legal; actuarial; accounting; consulting; data aggregation; management; administrative; accreditation; and financial.” Basically, if a company works with a CE and handles PHI then they are a BA. Any business doing anything with a patient’s electronic health records (EHR), demographic information, or payment for health care services should be held to the same high level of HIPAA compliance that a practice holds themselves to.
According to HIPAA rules, every CE should have a Business Associate Agreement (BAA) with each vendor that falls into the category of a BA.  A BAA should include the following:
  • Description of the BA’s “permitted and required uses of protected health information.”
  • Agreement that PHI will not be disclosed or used in any fashion outside of what is “permitted or required by law.”
  • Requirement that approved levels of “safeguards” by in place to prevent a breach of PHI.
  • If a breach occurs violating the BAA, then the CE must be informed and then seek to correct it. If it is not possible to correct the breach, the agreement will be terminated.
When CMS reviewed BAAs in 2009, several problems were discovered. These included no BAA being used; BAAs that were not signed by both parties; failure to address the HIPAA security rule; no request to report “vulnerabilities” to the CE; no request to report any breach of PHI; what activities will be performed and under what conditions; no inclusion that the CE may perform an “audit or risk assessment” and require a “corrective action plan to remediate the findings.”  
Using a health care attorney to ensure that the BAA is thorough and compliant with the standards set by HIPAA is important. Failure to do that may result in omitting important details that protect the practice and providers from mistakes made by vendors. Knowing the vendors you are entrusting with a patient’s medical and personal information are careful and competent is vital. “Good patient care means safe record-keeping practices. Do not forget an EHR represents a unique and valuable human being: it is not just a collection of data that you are safeguarding-it’s a life.” 
The Office of the National Coordinator for Health Information Technology.  (n.d.)  Privacy and Security Guide.          Health IT.  retrieved September 6, 2012. from

CMS Office of E-Health Standards and Services .  (September 22, 2009) HIPAA Compliance Review  Analysis And Summary of Results.  US Department of Health and Human Services.  retrieved September 6, 2012 from
Related Posts Plugin for WordPress, Blogger...