Is my EHR data safe?

Some EMR companies are not taking the key steps they should to protect a patients private health information. EHR vendors that host data in the cloud should be complying with HIPAA regulations and will need to step up security to protect patient data.

Security of patient data is paramount and the use of Cloud based EHR’s can be safe. But you must ask yourself a few questions…

  • Is your vendor completely following the rules and regulations to meet HIPAA compliance?
  • Are they utilizing Internet security specialists that focus on nothing more than the security of personal, private patient data?
  • Is the use of an included billing system in your EMR offering hackers more information than they may have found if you did not have the necessary information in the system to perform medical billing task?
  • What happens if your EMR vendor drops the ball and private information gets out? Are you liable?

Medical records are shared daily in the industry between medical professionals. The days of sending faxes and/or packages by courier are going by the wayside with the implementation of EMR’s. EMR’s provide the ‘Electronic’ versions of medical records (EMR=Electronic Medical Records). These records are digital and transferred through the local networks in a medical facility for internal use, and via the Internet for sharing information with outside facilities. These digital formats can be a target for hackers.

Companies providing online banking, marketing, etc. see problems with data security daily. These corporations have large network and Internet security professionals on staff working full time fighting hackers and on occasion they still get duped.

This exposes a truly concerning portion of the EMR’s future. If major corporations that have been on the internet security forefront for years with fully staffed security personnel still get hacked; what does this mean for the new EMR companies and their systems? Does your EMR vendor have full time, experienced, internet security professionals focused on data protection?

Keeping your billing separated from your EMR may provide better security of private patient data by only sharing necessary information with your EMR. This can be addressed in a couple of ways.

  • Don’t use the included billing system in your EMR. Keep the private billing information separate and secure and only share what is necessary with the EMR. It may seem cost effective at the time but can promote lost revenue down the road by using a limited billing system. Companies like PraxisEMR realize they need to focus entirely on Health Records where their expertise is and do not even offer a billing system module.
  • These free and generally limited billing systems are offered by the EMR just so they can say it is there in attempt to add value to their EMR and increase sales. – Again, an EMR’s main focus is Health Records. That is what they do best and the included billing systems can be flawed and/or not offer professional billing support.
  • Use a Professional Medical Billing Service such as iNtelli-Bill and link them to your EHR. The Billing Service can easily provide you a better bottom line as they are focused solely on getting your practice paid. The iNtelli-Bill Billing Service provides a robust Practice Management System you can access remotely to control all aspects of your practice. This PM System also gives you 100% transparency and access to your financial data with the Service.
This entry was posted in Billing and your EMR. Bookmark the permalink.

Leave a Reply