From the Consultant’s Corner 2/11/12

Success Strategies for Extending IT to Community Practices

Any time a hospital or integrated delivery network decides to extend electronic health record (EHR) and practice management technology to community physicians, there typically are two main goals: 1) improve patient care sharing clinical information across a common HER, and 2) strengthen relationships with the referral base.

It may sound easy, but extending information technology (IT) can be as difficult as winning the Super Bowl if you don’t avoid some major pitfalls along the way. So let me play “coach” for a minute. Here’s my playbook for how to successfully extend your organization’s IT capabilities to referring physicians in your community:

• Understand the fears of a community practice. When a physician group considers tying into your system, it’s usually afraid of losing a little bit of control over practice operations, and giving the sponsoring entity access to financial information. They sure as heck don’t want to run the risk of having competing providers gain access to their patient database and fee schedules. In addition, they’re almost always concerned that cash flow might take a hit during the transition period. So Job #1 is to erase—or at least ease—these fears from the get-go.
• Sell the benefits. There are obviously a host of benefits in having a shared EHR. The community practice gets instant access to things like hospital discharge summaries. Conversely, the hospital gains access to all primary care information. Of course, community practices enjoy major financial benefits; they don’t have to fork over the purchase price for an EHR.
• Determine how much customization is really needed. Private practices often don’t need as many bells and whistles as your employed specialists do. Instead of the familiar 80/20 rule, in many cases you can adhere to a 95/5 rule: 95% of what you provide can be a standardized solution; the other 5% may need tweaking. For example, if you’ve already customized a system for your well-respected in-house pediatric group, leverage it by offering it to your referral base, too.
• Use special teams when necessary. Every football coach knows the importance of special teams. So my advice is to create special teams for HIT: one for your employed physicians, the other for private practices in your area. Consider this thought: If a large percentage of your on-staff orthopedic surgeons aren’t currently getting custom IT solutions from you, they’ll be irate if you offer custom solutions to unaffiliated surgeons in your community first. The answer is to create one support team for your in-house providers and a separate consulting team to work with referring physicians. That way each group of physicians gets VIP treatment. You can even create a special billing team, bringing in a third-party expert to help the community practices avoid revenue cycle problems.
• Don’t take shortcuts in training. No athlete ever reaches the pinnacle without a lot of training. In similar fashion, community physicians will need more than a few hours of online training to master the new system you’re extending. Don’t leave your referring practices in training limbo. Get some super-users on board and be responsive to their concerns. Otherwise, your help desk will get flooded with angry calls.
• Quickly identify revenue cycle problems. As a private practice gets accustomed to a new IT system, there’s often a short-term impact on productivity and profitability. And guess what? They’ll blame you for any revenue cycle slowdowns. Since that defeats one of the main purposes for extending your system in the first place—strengthening relationships—it’s imperative that you also extend resources to help practices keep their revenue cycles humming.

Most of the referring practices in your community already are sold on the idea of integrating technologically with other providers and facilities in the community. They have a good grasp of the major benefits. You’re halfway home already. With these coaching tips, you’ll be well on your way to achieving success in extending IT to referring practices in your area.

Brad Boyd is vice president of sales and marketing for Culbert Healthcare Solutions, a professional services firm serving healthcare organizations in the areas of operations management, revenue cycle, clinical transformation, and information technology.

News 2/9/12

From Idolizer: “Re: AAOS. I am in San Francisco at the American Academy of Orthopedic Surgeons conference. Physician interest in EHR continues unabated.” Great news since that suggests job security for many of us. AAOS expects about 14,000 physicians and other medical professionals during the five-day event.

From FirstTimer: “Re: HIMSS. I work for a large physician group and going to HIMSS for the first time. I’m curious what ambulatory EHR vendors are on your must-see list.” I haven’t had time to give it much thought, but a few that come to mind are CareCloud (I interviewed CEO Albert Santalo a few weeks ago,) Medicomp (the Quippe developers,) Vitera (formerly Sage –  I want to hear if there is a new story there,) and Practice Fusion (the one time I tried to check it out at a show, their display was so small I couldn’t see around the crowd.) I’m sure I will also see what’s new with some of the bigger players, including Allscripts, Greenway, eClinicalWorks, and athenahealth.

Speaking of HIMSS, here’s a bit of trivia:  257 vendors are promoting their ambulatory EHR products and 156 their ambulatory PM systems. Some of the vendors focus strictly on the ambulatory space (athenahealth, Aprima) while other vendors (Allscripts, GE) offer ambulatory solutions in addition to a host of other products. Dozens of educational sessions target physicians and the ambulatory world, so if your primary interest is the practice space, you will find plenty to keep you busy.

gloStream will integrate ABILITY Network’s DirectABILITY secure and direct communications transport into its gloEMR and gloSuite offerings.

Campbell Clinic Orthopaedics (TN) selects SRS for its 43 physicians.

eClinicalWorks publishes its upcoming schedule for road shows, which will touch on MU requirements and include demonstrations of new features in its Version 9.0.

Most physicians and medical office staff consider the transition to ICD-10 to be one of the most impactful issues currently facing their practice, according to a Vitera Healthcare survey. Fifty-nine percent of practices say they’ll need to upgrade their existing PM and/or clinical system to meet ICD-10 requirements.

Nuance names 1450, Inc. its distributor for Dragon Medical Spanish, Version 11.

Revenue cycle solutions vendor Recondo Technology acquires Trilogi, Inc., a revenue recovery firm.

CMS publishes the latest MU attestations figures as of early February. The total number of EP attestations has jumped to from 21,000 in November to 36,000, with Epic, Allscripts, and eClinicalWorks representing over half of the all EP attestations. Interesting to note is that Practice Fusion has cracked the top 12.

The average compensation for a clinical faculty member was $262,400 in the 2010-11 academic year, which is almost 3% more than the previous year. About 59,000 US physicians serve as clinical faculty members.

E-mail Inga.

More news: HIStalk, HIStalk Mobile.

Bowtie Confidential: Preparing for the Inevitable Breach 2/7/12

You may be one of the fortunate healthcare organizations that have not experienced a breach in security or inappropriate access to Personal Health Information (PHI.) However, when you least expect it, it will happen to you.

You cannot prevent breaches, but you can take reasonable measures to prevent them, and create a plan to respond rapidly and appropriately. A poorly contained and failed response has the potential to cost millions through penalties, lost business, and ruined reputations. A well-executed plan can save your organization from these consequences.

If you haven’t already, it is important to create an incident management process. I suggest using the business impact analysis model, which will identify the potential risks and threats to the organization.

Here are eight steps organizations should take to develop an incident response process, each reflecting an area of the incident response management cycle.

1. Risk analysis. Prior to developing the plan, the organization needs to understand the business – operations, processes, etc. – and identify the high-impact risks that must be mitigated. From who or what is your organization trying to protect the assets?
2. Threat analysis. Also prior to implementing a plan, a thorough understanding of the IT infrastructure is needed to identify the “single point” of failure and other potential weaknesses. Where and how does your organization capture and store the most sensitive data? Perform a workflow and data flow analysis to determine this. Which systems and networks are the most vulnerable to attack?
3. Security policy mapping. Security should be deployed throughout the organization to mitigate known threats, risks, and vulnerabilities to the extent possible. Assess on an ongoing basis the risk and threat analyses results and compare them to existing security controls. Are there sufficient procedures in place? Are they securing the right things? Procedures should apply appropriate levels of structure to the security controls based on the potential threat and associated impact.
4. Incident response policies and procedures. When breaches happen, the organization will need to identify and classify the incident according to appropriate criteria. Then the organization must initiate the response team, contain and stop the incident, gather appropriate incident evidence/data, if applicable, restore operations, notify individuals as necessary, and determine the course of action the organization will undertake. External organizations, patients, physicians, and regulatory agencies will want to see that plans are in place, rapid response to address the exposure was taken, and affected patients/people were notified.
5. Testing. Testing will validate and confirm the organization’s capabilities, provide training and awareness to the response team and illustrates responsibilities, and highlight weaknesses or invalid assumptions. If you don’t test, you won’t be prepared. It is highly recommended that testing of the incident response process be conducted minimally twice per year.
6. Review and update. Post-test or post-incident debriefings are essential. Validate the plan and update it if necessary.
7. Create an incident response team. A breach can happen anywhere inside or outside of the organization. Therefore, it is important that the response team be a cross-functional group – including outside professionals and vendors if necessary. Potential team members would include organizational leadership, information security / risk management / compliance staff, IT staff, operational staff (business, financial, and clinical,) legal staff, corporate / organizational communications staff, and external professionals such as forensic analysts, notification providers, etc.
8. Training. Once a plan and team is in place, the next most important component of a good incident response plan is employee training. The alacrity with which a breach is reported to the response team can make a substantial difference in the impact. Train employees on the basics of security, how to identify a breach, and most importantly, what to do and who to contact when an incident is identified.

Incident response and management is a top strategic priority. It is better to be proactive now than to perform damage control later around reputation, penalties, and patient care.

Rob Drewniak is vice president, strategic and advisory services, for Hayes Management Consulting.

News 2/7/12

meridianEMR launches meridianMobile, a native iPhone app to complement its meridianEMR system.

Senator Tom Udall (D-NM) will introduce legislation making it easier for physicians to practice telemedicine in multiple states without the need to apply for separate licenses in each state. The bill would streamline licensure and create an interoperable database of telemedicine providers.

AAFP drops the $30 per month fee for member access to its Delta-Exchange professional networking site. Non-members will continue to pay.

MGMA sends a letter to HHS Secretary Kathleen Sebelius outlining problems that practices are having with the 5010 transition, urging an additional delay in enforcing the change. MGMA warns that unless the government takes the necessary steps to resolve issues, many practices will face significant cash flow disruptions for practices and operational difficulties, a reduced ability to treat patients, staff layoffs, and even practice closure.

Virginia HIT adds NextGen to its list of affiliated vendors. Its other solution partners include Allscripts, athenahealth, MDLand International, and Pulse.

Several practice consultants offer tips to help practices get the most from the tech support departments of their vendors. It includes questions that should not be sent to the support hotline, such as:

• Practice-specific questions
• How-to type inquiries about tasks that should have be covered in training
• Hardware versus software problems
• Questions that involve functions outside of the system’s capabilities.

Confused about the various Medicare penalty programs on tap for the next few years? Note that 2012 is the first year that Medicare will impose penalties for not using e-prescribing. In 2015 the EMR penalties kick in, which is the same year PQRS penalties go into effect. For 2012 and 2013, physicians can earn bonuses for MU, e-prescribing, and participating in PQRS. However, here’s a little “gotcha” about PQRS: physicians who don’t report enough quality measures under PQRS in 2013 may risk a Medicare pay cut in 2015. The AMA and other organizations are urging CMS to remove all PQRS penalties.

Here’s a new twist on in-store medical clinics. Rite Aid and OptumHealth team up to offer telehealth visits in exam rooms at Rite Aid pharmacies. Patients enter a private room, register on a computer terminal, and respond to a series of questions about their current problem or complaint. They can then be connected to a video chat with a nurse for free or a 10-minute visit with a physician for $45.

E-mail Inga.

DOCtalk by Dr. Gregg 2/3/12

Hey, You, Get Onto My Cloud

Singing “I can’t get no satisfaction” last week must have set off some sort of cosmic karmic coincidence collision thing, because just after bemoaning the current general state of EHR techdom, I was given a jolt of inspiration sufficient to stop my sagging satisfaction sadsack soliloquy.

Thank you, Inga. Inga was my “scoop” source. She had recently heard of, and just finished interviewing, the chief executive officer and the director of marketing for the software that provided the aforementioned jolt for my EHR psyche. She had read my Jagger-infested article and e-mailed a simple, “Looked at CareCloud?” I hadn’t, but I soon did.

I Googled them and saw enough to more than pique my interest. Thanks to Inga’s introduction to Mike Cuesta, the marketing man mentioned above, I was able to hook up with Juan Molina, CareCloud’s director of biz dev/“Chief Evangelist”, and Nicole Trueba, events and outreach manager. They undertook some very kind squeeze-me-in scheduling and enabled a short, but quite enjoyable demo of CareCloud’s new Charts EHR software, along with a fast overview of their Central, Concierge, and Community solutions. (Central is PM, Concierge is back office/RCM stuff, and Community is a business-facing “social” community. The patient-facing version is coming.)

I could sense my satisfaction shooting up from the first page view. Their EHR component was just officially released January 20 of this year and it is, in a word, spectacular, in both look and feel.

Designed from the ground up to be “one platform” and browser agnostic, it is smooth, seamless, and fast. Starting with new technology allowed for technological design considerations that are simply impossible when trying to layer newness onto old code (e.g, Windows on top of DOS still has DOS-related issues that are virtually impossible to eliminate. I’m sure you can think of other such examples.)

Perhaps most apparent is the design excellence. Even before hearing that it is true, you can tell that they started out with user experience (UX) experts doing the human/computer interface design layout. The Web site says their UX folks spent hours studying provider workflows with their UX expert eyes. It comes through. Handing a beautiful design off to the programmers for them to then construct the actual mechanics beneath led to a UX that is truly “Apple-ified.” It is enjoyable to look upon, easy to navigate, and extremely workflow-friendly. It is vastly different from the typical experience you get when programming is core and design is secondarily considered.

I’ve said it for a long time: “App me, baby.” Well, they did. Apps are both a core element of the design and smoothly integrated so that you can add the apps you need as you need them and pocket them when you don’t.

Built on open architecture (Ruby on Rails and Adobe Flex), it is designed to be future-friendly. Instead of locking into current standards, these guys have learned that evolving technology means that great answers for today are the leg-irons for tomorrow’s development.

Another thing that really caught my attention was CareCloud’s social side. Their implementation of certain social aspects into the design creates huge workflow advantages. It struck me as almost the Facebook of EHRs. I’m not a huge Facebook user, but I nonetheless appreciate the value and power it provides in connecting people and facilitating interactions. Apparently these designers understood that from the outset, because the functionality for office use is extremely integrated and also appears to be extremely well-considered.

I’ve seen somewhat similar “digital ecosystems,” but never one as well thought out and as well implemented. Though as I mentioned, we had to sort of squeeze the first demo in and thus it was a limited overview, it was still one of the most impressive systems I have ever seen. Sure, it has some warts and needs to continue to evolve, but its starting point is so far down the path to greatness that it should make other developers shudder. It’s kick ass, to be sure.

In case you’re wondering, it is Drummond -certified as a Complete EHR and SureScripts-certified for ePrescribing. Not unimportantly, especially to small guys like me, they offer a pay-as-you-go plan or a comprehensive RCM version. Plus, they provide 24/7 real person support via phone, chat, or e-mail.

I’ve told the tale before that when I first saw Bond Clinician back in 2004, I almost told the rep to stay quiet, as it looked so nice and so straightforward that I thought I could probably start using it without any instruction. I mean, that’s exactly what iPads are: great-looking technology with tons of power that don’t even come with instruction manuals. I may learn differently as I dig deeper into it, but I’m thinking the CareCloud folks took a page from that playbook and have come as close as anyone to date in creating a truly iPad-ized EHR – one that is friendly, gorgeous, and (my personal favorite) stupid simple to use.

I’m also thinking I may now have to reconsider this whole “can’t get no satisfaction” thing.

From the trenches…

“Why is Cloud 9 so amazing? What’s wrong with Cloud 8?” – Mitch Hedberg

Dr. Gregg Alexander, a grunt in the trenches pediatrician at Madison Pediatrics, is Chief Medical Officer for Health Nuts Media, directs the Pediatric Office of the Future exhibit for the American Academy of Pediatrics, and sits on the board of directors of the Ohio Health Information Partnership (OHIP).