Practice Management Alert
Look to the Cloud for EHR Storage
Question: How can our practice take advantage of the ease and convenience of storing all health records electronically without devoting so much square footage to computer and server storage? New York Subscriber Answer: There are new options available for storing protected health information (PHI) and electronic health records (EHR) on "the cloud," and there are many advantages. With the current client-server system you describe, you need to devote space for physical hardware, and maybe even have someone on staff who is responsible for making sure the system is running smoothly and that all of the information you're storing is secure. With a cloud storage system, you're offloading most of those responsibilities to a vendor, who would provide software and file storage from elsewhere, beyond your practice's walls. There are many advantages to a cloud system, including less expense, increased flexibility (access EHR at any moment from any location), and reduced risk of breach (no physical hardware to steal). Plus, vendors tend to upgrade systems overnight, so your staff is never waiting for the go-ahead to resume work. Do your research before selecting a vendor to host your practice's EHR, and make sure your contracts cover contingencies. The U.S. Department of Health and Human Services' Office of Civil Rights (OCR) lists some specifications for health information Health Insurance Portability and Accountability Act (HIPAA) considerations. The OCR says, on its FAQ page: "A business associate is required by the HIPAA Security Rule to ensure the confidentiality, integrity, and availability of all electronic PHI (ePHI) that it creates, receives, maintains, or transmits on behalf of a covered entity." The OCR notes that a covered entity is responsible for making sure it can access its own protected health information, saying, "To the extent that a covered entity has agreed to terms in a business associate agreement that prevent the covered entity from ensuring the availability of its own PHI, whether in paper or electronic form, the covered entity is not in compliance with 45 CFR §§ 164.308(b)(3), 164.502(e)(2), and 164.504(e)(1)."
Practice Management Alert
- Part B:
CMS Releases Important Updates on Telemedicine
Hint: Medicare says certain conditions must be met for reimbursement. Don't get too excited about [...] - Compliance:
CMS Provides Clarifications on Texting Physician Orders
The clarifications boil down to 'texting PHI is forbidden.' The Centers for Medicare and Medicaid [...] - Claims and Denials:
Possible Simple Solution for Medicare Denial Surge
MACs are zeroing in on physician signatures. The Medicare Program Integrity Manual rule requiring physicians [...] - Fraud:
Opioid Scripts and Inappropriate Billing Catch Feds' Eyes
The list of healthcare fraud offenders prosecuted keeps growing. The U.S. Department of Justice (DOJ) [...] - Reader Question:
Look to the Cloud for EHR Storage
Question: How can our practice take advantage of the ease and convenience of storing all [...] - Reader Question:
Consider an Official Copay Collection Policy
Question: I'm new at my job working at the front desk of a small, independent [...] - Reader Question:
HIPAA Acknowledges Parent-Child Relationship
Question: Is it a violation of Health Insurance Portability and Accountability Act (HIPAA) rules for [...] - Reader Question:
Collect Medicare Coinsurance at the Office
Question: Can we collect Medicare coinsurance payments before the patient leaves the office? Florida Subscriber [...] - Reader Question:
Attention Billing: Don't Neglect an ADR
Question: I've been hearing a lot about CMS's Targeted Probe and Enforcement program since the [...]
