2 Table of Contents Business Problem Overview Business Overview Requirements for the SolutionProblem BreakdownBreakdown of the RequirementsRedefining the Business Problem (One thing at a time)Staying CompliantHITECH ACTHIPAAEMR Software ConsiderationsRequired FeaturesASP versus Client-ServerPricingSteps to TakeDetermining what features are really requiredDeciding between ASP and client-serverTesting out different EMR software solutionsPost-Purchase and ConclusionGradual ImplementationKeeping cost downRecommended Sources
3 ENTegrityAn Ear, Nose, and Throat medical practice located in Scottsdale, Arizona.Employs three medical doctors, a physican’s assistant, a doctor of audiology, and several people for office staff.Looking to switch to electronic medical records (EMR).
4 Current Situation Seven years of paper medical records Approx. 18,000 records per year, for a total of approx. 126,000 paper records.Fax is used for exchange of records between facilitiesFor instance, between ENTegrity and the ORDoctor’s spoken notes are sent to transcribers, transcribed, and then sent back
5 Business ProblemENTegrity is looking to switch to Electronic Medical Records (EMR)What software to use?What changes need to be made?How to ensure a smooth transition?How to be HIPAA compliant?
6 System RequirementsENTegrity’s office manager outlined the following requirements for the system:All medical records need to be electronic and accessible throughout the practice by those who need themRecords need to be easily but securely exchangeable between ENTegrity and external facilities (business associates – HIPAA)
7 System Requirements cont. Doctors’ spoken notes need to be transcribed automaticallyEliminate the need for third-party transcribersNeeds to be HIPAA compliantENTegrity website needs to be tied into the system so patients can access / print out their required paperwork
8 System Requirements cont. System should keep track of trendsFor instance, what insurance companies pay for a certain procedure over timeNeeds to not exceed the budget$120,000 - $160,000Needs to be secureFirewalls / security solutions to protect personally identifiable information (PII)Needs to be implemented by the end of 2014
9 Breakdown of Requirements The stated requirements cover multiple aspects of ‘the system’‘The system’ in this case refers to ENTegrity’s entire IT infrastructure, including softwareThere is not one single software package that meets all these requirementsMultiple different software and hardware solutions would need to be implemented
10 Breakdown of Requirements cont. HardwareFirewallSoftwareElectronic Medical RecordsTranscribing softwareWebsite design / implementationTrend analysisNetwork DesignAccessibility of medical records throughout the practiceExchangeability of medical records with business associates
11 Redefinition of the Business Problem At the basic level, ENTegrity’s ‘problem’ is to stay compliant with government mandates and HIPAAThis can be accomplished without implementation of:Transcribing softwareWebsite integrationTrend analysisFirst things firstFocus on staying compliantImplement additional software solutions later
12 Staying CompliantThe Health Information Technology for Economic and Clinical Health (HITECH) Act assesses penalties to clinics that have not adopted an EMR system by 2015.Under the HITECH Act, healthcare providers must demonstrate ‘meaningful use’ of their EMR systemMeaningful use is demonstrated by meeting certain objectives for three stages over five years
13 Staying Compliant cont. Demonstrating meaningful use of EMR:Stage 1 Data Capture and SharingElectronically capturing data in a standardized formatUsing that information to track key clinical conditionsCommunicating that information for care coordination processesInitiating the reporting of clinical measures and public health informationInitiating the reporting of clinical quality measures and public health informationUsing information to engage patients and their families in careStage 2 Advance Clinical Processes 2014More rigorous health information exchangeIncreased requirements for e-prescribing and incorporating lab resultsElectronic transmission of patient care summaries across multiple settingsMore patient-controlled dataStage 3 Improved Outcomes 2016Improving quality, safety, and efficiency, leading to improved health outcomesDecision support for national high-priority conditionsPatient access to self-management toolsAccess to comprehensive patient data through patient-centered health information exchangeImproving population health
14 Staying Compliant cont. If a company meets the criteria for demonstrating meaningful use:Can qualify for $44,000 ‘or more’ in economic stimulus incentive payment for adopting and implementing a certified EMR system.If not:Medical reimbursements will be reduced by 1% in 2015 and an additional 1% every subsequent yearThe average American Academy of Family Physicians (AAFP) user is reimbursed 20% by medicare
15 Staying Compliant cont. HIPAA:Privacy RuleRequires appropriate safeguards to protect the privacy of personal health informationSecurity RuleRequires appropriate administrative, physical, and technical safeguards to ensure confidentiality, integrity, and security of protected health informationBreach Notification RuleRequires HIPAA covered entities to provide notification following a breach of unsecured protected health informationUnsecured PHI means it is rendered unusable, unreadable, or indecipherable to unauthorized individuals through (1) encryption or (2) appropriate destruction of the media on which it was stored.
16 EMR Software Considerations There are hundreds of EMR systems available, targeted at every type and size of practice.The following questions and considerations will help ENTegrity make the right choiceNarrow the list down to vendors who’s software matches ENTegrity’s business and sizeVisit offices similar to ENTegrity and see their EMR system in action
17 EMR Software Considerations cont. 2. Try out the softwareMost vendors allow you to log in to a sample account or will send you a sample CD. Make sure these trials are used by the same people that will eventually use the EMR software3. Look for HIPAA compliance as part of the evaluationMost EMR software will meet HIPAA requirements, but you should still make the vendor provide details on how it does so
18 EMR Software Considerations cont. 4. Look at the software features to make sure it has what you need / wantCan the system handle multiple staff members accessing the data at the same time?Are labs, x-rays, and other types of information (incl. from external sources) easy to manage and access?Can it be accessed remotely?Does it have built-in reporting?
19 EMR Software Considerations cont. 5. How will data be entered into the medical records?Keyboard and mouse?Touch screen?Handwriting recognition?This will determine if you need to purchase desktops, laptops, or tablet PCs for each doctor or exam room
20 EMR Software Considerations cont. 6. Portability of dataHow easy is it to change to another solution or vendor?The patient data is always yours, regardless if you’re using ASP or client-server (see next slide)Vendor needs to be able to provide you with usable information if you switch
21 EMR Software Considerations cont. 7. ASP versus client-serverASP = Application Service ProviderWith an ASP solution, the software and data reside on the vendor’s servers, and staff members access it through specialized client-softwareThe advantage is that the software and data is managed and maintained by specialized professionalsThey typically have multiple layers of security, uninterruptible power supplies, fail-over, etc.A lot of the HIPAA security rule requirements might not have to be implemented locally with an ASP solutionThe disadvantage is that the software or data can’t be accessed without an Internet connection
22 EMR Software Considerations cont. 7. ASP versus client-serverClient-server means to run the software in-house and save data on local servers.This gives more control, but it also requires maintaining and configuring security and storage hardware, as well as keeping regular backups.ENTegrity might need to purchase and maintain a lot more security hardware / software to be compliant with HIPAA’s security rule if it decided to go with a client-server product
23 EMR Software Considerations cont. 7. ASP versus client-serverFor a relatively small practice with no specialized IT team on staff such as ENTegrity, ASP is the recommended way to goNo need to purchase and maintain expensive security equipmentCost is spread out monthly, rather than a lump-sum up frontInternet interruptions are rareAs long as the network is configured correctly beforehand
24 EMR and MPMMany offices that switch to EMR also implement medical practice management (MPM) softwareTracks patient demographics, visits, and diagnosesCollects, transmits, and tracks billing information and insurance paymentsManages appointment schedulingEtc.It is advisable to first implement one system, get used to it, and then to implement anotherDon’t implement multiple new systems at a time
25 Pricing Client-server Software ranges from $2,000 to $15,000 per user Medium sized practice could easily spend $50,000 on hardware and software to install an EMR systemDetermine what you really needDon’t pay extra for options that you don’t need or will rarely use
26 PricingASPUsually includes setup fees of less than $1,000 and monthly fees ranging from $50 to $300 or moreSome ASP’s charge for actual usage$0.50 per updated chart, $0.80 for a new record, etc.
27 Steps to Take Determine what software features you need Get input from everyone who will use the software for thisDetermine if you wish to implement an ASP or client-server solutionASP typically recommended for small to medium sized practices without an IT staffVisit other, similar practices to see their EMR solutions
28 Steps to take Meet with your business associates and get their input For instance, the OR from which you need to receive patient data or reports.Chances are they already have a system set up for this, for their business associates that already use EMR. How is this done?Build a test planCreate a script that walks through the most common office tasks. Use this when evaluating the trial software so you can compare them better
29 Steps to TakeContact vendors for information / trial versions / demonstrationsTest out multiple EMR solutions thoroughlyHave them tested by the people that will use the softwareMeet with the office staff and discuss the resultsFinally, purchase the software
30 Post-Purchase Don’t expect to switch systems from one day to the next Issues will occur with any new systemPeople are used to the old systemMake sure that the paper charts are still available and the old system can still be used when neededAs people start getting used to EMR and less issues occur, gradually fade out the old systemA complete switch to EMR can take years
31 Post-Purchase cont. Scanning of the paper charts With 126,000 paper charts, this can seem like a daunting or even impossible taskRemember; HIPAA requires keeping medical records for 7 years. It does not require that these all be electronicNot every single chart needs to be scanned. The trick is distinguishing between what does and what doesn’t need to be electronic
32 Post-Purchase cont. Different conversion methods to consider: Scanning everything up frontWith 126,000 charts, this would be an enormously time-consuming and costly task.Hiring an outside firm to scan everythingThere are companies that will come on-site and scan in everything for youIt will still require ENTegrity staff to help / oversee the processIt will be a significant up-front investmentScanning charts for patients as they come inBy scanning only charts for patients that come in that day (or the next), and limiting the conversion to only the last 3 or 4 visits, the work is spread out over several months or even years and only relevant (recent) information is included
33 ConclusionSwitching to EMR by the end of 2014 and staying compliant with HIPAA and the HITECH ACT should be manageableAssess readiness of ENTegrity and software needsMeet with vendors and test different productsMake a purchase decision by the end of 2013Implement EMR gradually over 2014Display ‘meaningful use’ by the end of 2014
34 Conclusion cont.From the research done, a budget of $120,000 - $160,000 seems very manageable - high, evenWays to keep cost of this project downOpt for ASP over client-server implementationDrastically reduces up-front investment and spreads the cost of the project out over timeScan medical records for patients as they come inEliminates up-front cost of scanning everything at once, either through hiring a third party or investing employee man-hours for this task
35 Final note on HIPAA compliance There is no single product or solution that guarantees HIPAA complianceProducts or services can’t be HIPAA compliant. Only institutions can be HIPAA compliant, through comprehensive processesKeep that in mind when looking at EMR products / servicesAsk how a product or service will help ENTegrity to be HIPAA compliant
36 Vendor Options There are many different vendors to choose from Three options that seemed well-suited to ENTegrity:HealthFusion’s MediTouchGreat reviewsEasy to useRelatively low costDesigned to work well in combination with iPads
37 Vendor Options cont. Waiting Room Solutions One of the first web-based EMR solutionsdesigned to enable doctors to run their whole Practice Enterprise; not just electronic health records (EHR), on one platform.Company CEO is a practicing physician, so software design is very intuitive.
38 Vendor Options cont. Medios Scalable solution that can be fit for many different practice sizesCan be integrated with Medios PM (Practice Management)Has an integrated ‘meaningful use’ dashboard that can be used to keep track of a medical practice’s compliance with ONC StandardsOther vendor options:
39 Recommended SourcesEMR Buyer’s Guide. Contains a lot of good information on preparing to implement EMRAbout HIPAA. Contains myths and facts about HIPAA compliance and EMRTips on converting paper charts to electronic medical recordsGuidance on Risk Analysis Requirements under the HIPAA Security RuleHow to implement EMR: Is your practice ready?Web-based EMR software comparison
40 DISCLAIMER The author of this presentation is NOT an expert on HIPAA Although a lot of research has been done to ensure the accuracy of the information in this presentation, independent research and fact-checking is encouraged before making any purchase or implementation decisions