HIPAA Cloud Solutions?

Join Our Mailing List 

On New-Wave Technology

Carol S. Miller

By Carol Miller RN MBA

To help hospitals and health systems comply with Health Insurance Portability and Accountability Act regulations, best practices are emerging for securing all electronic communication – cloud, wireless, and texting – of protected health information.

These new technologies will continually be evolving with hospitals, providers and patients move to new means of communication.  Below is a description of one.

Cloud Solutions

Cloud solutions are becoming a needed commodity in treating patients today but also present a risk to privacy and security violation.  Despite the advantages of cloud computing, organizations are often hesitant to use it because of concerns about security and compliance.

Specifically, they fear potential unauthorized access to patient data and the accompanying liability and reputation damage resulting from the need to report HIPAA breaches. While these concerns are understandable, a review of data on HIPAA breaches published by the HHS shows that these concerns are misplaced.

In fact, by using a cloud-based service with an appropriate security and compliance infrastructure, a facility can significantly reduce its compliance risk.

***

cloud-tech-1

***

Business-Associate Agreements

Because HIPAA compliance involves stringent privacy and security protections for electronic health information (PHI), many cloud providers are balking at signing new Business-Associate agreements.

Assessment

Most cloud-technology providers, such as Box and Dropbox, do not include the built-in privacy protections that guarantee HIPAA compliance. Because many cloud storage companies store plaintext data on their servers, PHI is especially vulnerable to breaches and compliance violations. 

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

Risk Management, Liability Insurance, and Asset Protection Strategies for Doctors and Advisors: Best Practices from Leading Consultants and Certified Medical Planners™

***

Continued Barriers and Issues with eHRs

More on the electronic documentation of medical information

By Carol S. Miller BSN, MBA, PMP

Many providers of health care are moving forward with electronic medical records [eMRs] and documentation of related information.

However,  there are still significant perceived and real barriers impacting some doctors and practitioners of care in moving forward with this process.

Here’s why in four brief points:

  • High Start-up Cost is probably the foremost barrier or concern of providers.  The EHR product, hardware, initial and annual software license, training both initially during implementation and ongoing, and other peripherals,  and the follow on module updates, maintenance, and/or replacements are all associated with a cost that can be quite an expensive proposition especially to a small provider practice.
  • Loss of productivity does occur as the staff and providers learn the new system and associated process changes in day-to-day operation.
  • There are many EHR products in the marketplace.  Providers are faced with decision points on which vendor system to purchase and the degree of modules needed to successfully support the clinical work within that practice.  In general, technical integration such as uncertain quality of system purchased, functionality issues, lack of integration with other applications and other like issues can impact a smooth transition to EHRs and actually create more problems and cost than the existing process in place.  In addition, incompatibility between systems (user interface, system architecture and functionality) can vary between suppliers’ products.
  • Certification, security, ethical matters, privacy and confidentiality issues are still a high concern.  The increased portability and accessibility of electronic medical records may increase the ease with which they can be accessed and stolen by unauthorized persons or unscrupulous users.  Even today large-scale breaches in confidential records occur and others can easily happen whena more integrated connectivity exists between systems, providers, hospitals, and wireless devices.  Continued concerns about security contribute to the widespread adoption of EHRs still are pervasive in the provider community.  Still lingering is the privacy concern and the adequate protection of individual records being managed electronically.  As an example, with an electronic record in a hospital setting, there can easily be over 100 individuals from doctors, nurses, technicians, admissions, quality control, billing staffing and many more who have access to at least part of a patient’s record during an average hospital stay.  In addition, there are multiple individuals at payers, clearinghouses, research firms, and others that have access to patient information at any given time.

Order Book Now [more from this author]

Healthcare Organizations” [Management Strategies, Tools, Techniques and Case Studies].

In-Process from: (c) Productivity Press 2012

http://www.crcpress.com/product/isbn/9781439879900

About the Author

Carol S. Miller has an extensive healthcare background in operations, business development and capture in both the public and private sector. Over the last 10 years she has provided management support to projects in the Department of Health and Human Services, Veterans Affairs, and Department of Defense medical programs. In most recent years, Carol has served as Vice President and Senior Account Executive for NCI Information Systems, Inc., Assistant Vice President at SAIC, and Program Manager at MITRE. She has led the successful capture of large IDIQ/GWAC programs, managed the operations of multiple government contracts, interacted with many government key executives, and increased the new account portfolios for each firm she supported.

She earned her MBA from Marymount University; BS in Business from Saint Joseph’s College, and BS in Nursing from the University of Pittsburgh. She is a Certified PMI Project Management Professional (PMP) (PMI PMP) and a Certified HIPAA Professional (CHP), with Top Secret Security clearance issued by the DoD in 2006. Ms. Miller is also a HIMSS Fellow, Past President and current Board member and an ACT/IAC Fellow.

Conclusion

Your thoughts and comments on this ME-P are appreciated. Feel free to review our top-left column, and top-right sidebar materials, links, URLs and related websites, too. Then, subscribe to the ME-P. It is fast, free and secure.

Link: http://feeds.feedburner.com/HealthcareFinancialsthePostForcxos

Speaker: If you need a moderator or speaker for an upcoming event, Dr. David E. Marcinko; MBA – Publisher-in-Chief of the Medical Executive-Post – is available for seminar or speaking engagements. Contact: MarcinkoAdvisors@msn.com

OUR OTHER PRINT BOOKS AND RELATED INFORMATION SOURCES:

DICTIONARIES: http://www.springerpub.com/Search/marcinko
PHYSICIANS: www.MedicalBusinessAdvisors.com
PRACTICES: www.BusinessofMedicalPractice.com
HOSPITALS: http://www.crcpress.com/product/isbn/9781466558731
CLINICS: http://www.crcpress.com/product/isbn/9781439879900
BLOG: www.MedicalExecutivePost.com
FINANCE: Financial Planning for Physicians and Advisors
INSURANCE: Risk Management and Insurance Strategies for Physicians and Advisors

Product DetailsProduct DetailsProduct Details

Product Details  Product Details

   Product Details

%d bloggers like this: