EHR in the Cloud! A Smart Data Approach that can Avoid Major Storms
By Ed Rubinstein, Senior Sales Associate, VersaForm Systems
As someone who has been in the software business for many years, but relatively new to the medical field, I have been a bit shocked and stunned by the scores of independent and small group physician practices that are still stuck in client-server mode for the electronic health records (EHR) software, and who have not embraced the software as service model.
The benefits of this tried and true process have been widely documented and include shorter implementations, cost savings and greater operating efficiencies. A growing rank of our customers with geographically-dispersed locations report that the anytime/anywhere access improves touch-points and continuity of care with patients and enhanced collaboration among clinicians, staffers, labs, and other external stakeholders.
Software delivered via the Internet Protocol has improved through the years with respect to security and protection protocols like role-based access, data encryption, remote storage, and data backup. Web-based systems come with high-level encryption methods that render data unreadable even if a breach occurs. And cloud-based data is safer in the event of natural disasters because the data is continuously backed-up in multiple locations.
The purported “big data” trend has already infiltrated the banking and retail sectors, and could have broad-based implications for the healthcare industry, but the emphasis must be on smart rather than big. For example, earlier this fall GlaxoSmithKline and Community Care of North Carolina launched a pilot program to analyze prescription fill history, admission and discharge data to predict when a patient is at risk of a negative outcome. This smart data approach uses “prescriptive analytics” to analyze data in order to become more responsive to medication-related problems from either incorrect use or lack of patient drug compliance.
From the independent physician office to the huge group practice, I continue to see a huge dependence on the managing of server farms, databases, and network clients whereby the protection of patient health information could be at risk due to a lack of security and flawed data encryption, leaving healthcare providers at risk to HIPAA violations.
Just last month we witnessed one of the largest breaches ever reported at Calif.-based AHMC Healthcare in which two stolen laptops compromised the data of about three-quarters of a million patients. It didn’t matter that the six AHMC hospitals were gated and security patrolled!
And this past August, Illinois-based Advocate reported the 2nd largest HIPAA breach on record when four laptops, unencrypted mind you, were stolen from its facility, releasing the health information of more than four million patients.
And while the numbers of EHR-specific data breaches are not high, studies by the Department of Health & Human Services have shown that the vast majority of HIPAA violations have occurred in settings with on-premise servers and nodes to them, along with portable devices like laptops, and, of course, paper-based records.
These examples underscore how sacred the Electronic Protected Health Information (ePHI) is and why medical practical practices of all shapes and sizes should embrace electronic health records software that is remotely hosted. If you do so, and you understand your data flows, take the necessary technical safeguards, staffers are trained accordingly, and you develop ironclad business associate agreements, you will avoid a data breach and being a poster-child on HIPAA’s “Wall of Shame.”
It’s time to put a call to action and encourage healthcare providers to migrate from being software-centered to patient-centered, and to officially exit the software business by utilizing their EHR software application in the cloud.
About the Author: Ed Rubinstein is a senior sales associate at VersaForm Systems, which has been providing best-in-class medical software solutions to physicians since 1981. Ed has been in the software industry for 15 years, in sales and account management capacities, most notably in the retail and foodservice industries. He can be reached at erubinstein@versaform.com.