About the Author

Sheldon Needle is President of CTSGUIDES.COM, a free web site offering reviews, ratings, tools, and expert advice to help companies select software. Sheldon is a former CFO, consultant and software designer who has published more than 20 guides on software selection.

• Recent Posts

  • What Doctor Look for in EMR Templates?
  • Electronic Health Records and the challenge of Unstructured Data
  • Don’t let Poor Planning Make the Migration to EMR/EHR More Difficult
  • EHR for Doctors in 2012: What to Expect, What to Avoid
  • What is the 5010 Standard and What Does it Have to Do with the Electronic Health Record?

• Healthcare Blogs

  • HITSphere
  • Lawson Blog
  • The Healthcare Technology Guy

• Categories

  • EMR Software
  • Medical Billing Software
  • Medical Practice Management Software
  • Medical Software
  • Uncategorized

• Tags

  CCHIT e-Prescription EHR EMR NEPSI
• Search for:

• Other Resources

  • Blog Catalog
  • Blog Directory
  • Blog Listing
  • Bloggapedia
  • EatonWeb Blog Directory

Watch as Software as a Service (SAAS) for EMR / EHR becomes Cloud Computing: And Cloud Computing becomes a Valid EMR Choice

By Sheldon Needle

A few years ago, the idea of SAAS computing services for the medical EMR / EHR industry was still on the vanguard, a little risky: a kind of out-there medical solution for medical groups who wanted a cheap, automated solution.

Today, many large Practice Management Vendors are offering cloud-based Practice management software alongside their client hosted EMR – and sometimes instead of client hosted EMR.

After all, if we do so much of our IT work on notebooks that don’t have much in the way of a hard drive, and are writing our personal papers on Google Docs that are out there in the ether world, why would we not consider similar solutions for our practice management software? Even client hosted software has its own mini-version of cloud computing when it offers physicians tablet-based drug prescription software (tied in to their own remote server) or patient portals that can be logged into remotely.

The difference between cloud-based EMR and client hosted EMR is really this: Who is doing the system maintenance? In the case of client hosted EMR, it is your own employees; in the case of cloud-based EMR, it is a contracted IT team. The question becomes one of reliability, and that is a hard question to answer.

If you are large enough to hire your own full time IT people to be available 24/7, well and good. It might make dollars and (good) sense to have your own client hosted server; if you are a smaller practice, or a large practice that doesn’t want to get involved in IT management, cloud computer based EMR / EHR begins to make more and more sense as medical software management application get more sophisticated.

Some of the risks associated with cloud computing for EMR need to be discussed and evaluated. Most are valid, but are equally applicable to client hosted systems as well:

1) Who controls the data?

If your secure data is in a cloud, it means that someone else has access to your data. But companies that offer software as a service are likelier to have more secure encryption and control of the data than you are in house with a personal server, because security is such a large part of their business. In-house ignorance of data control rules, even in data associated with patient billing, or lack of enforcement thereof, is just as likely to be part of the company culture. Benign neglect of rules because you trust your fellow employees makes a system even more vulnerable than leaving security issues to a third-party whose integrity and reputation will be based on careful security maintenance.

2) Poor training and associated data vulnerability:

Poor training in the use of patient-related data is a risk in any EMR environment. Ignorance of security procedures is a more likely culprit in confidentiality breakdowns than is deliberate security violations. Most providers of quality EMR software will provide enhanced training, either as part of their regular contract, or as an enhanced feature option available with your contract for a software package, whether it is SAAS or client hosted. Don’t skimp on training, because it can make the difference between a relatively easy migration to new software and a nightmare situation. IT can also make the difference between security slips due to ignorance and a safe and secure data situation.

3) Catastrophe and backup procedures:

Isn’t it wonderful to have someone else worry about backup procedures? This is something that must be part of any cloud computing contract. If it is not, you are not dealing with a provider who is aboveboard.

If you are managing your own backup and catastrophe procedures, be vigilant: no one wants to dream of the worst-case scenario, but as we have seen in the macrocosm, and in the microcosm, such things happen readily enough. Assign this critical catastrophe management and precaution role as an integral part of your daily workload, and assign it to one person or group; the buck must stop somewhere on security issues.

In summary, we are not preaching the virtues of cloud computing, but we are saying that cloud computing is a very valid and reliable choice for some practices today. Security and flexibility of design are issues in any system. Ultimately, someone is hosting your system, whether your server sits in your back office or half a world away. The real issue is responsibility for your data. Someone has to be in charge. And you had better know who that is.

How do I know whether the EMR and EHR products I am considering are truly certified by the US government as Certified Health IT products? And, if I am not confident of receiving incentive payments for my practice, why should I care whether they are certified? Isn’t it most important to have a system that digitizes my information well and makes it easily retrievable for diagnostics, information, and billing purposes?

As most medical providers understand by now, the purchase of and /or implementation of EMR and EHR software is becoming a necessity. Not everyone is convinced of immediate efficacy of EMR and EHR systems in each of their individual practices, but it is the way the medical industry is headed. So for most of us, this means biting the medical software bullet and choosing an EMR / EHR system sometime very soon making sure that it will work with the specs of your practice or medical group.

Certified EMR and EHR systems, and submitting proof of their meaningful use, can bring financial incentives and payments for medical practices. Conversely, by 2016, lack of implementation, may result in penalties for practices.

How do you know which Software Products are certified Health IT Products, and qualify for incentive payments?

The US Government maintains a Certified Health IT Product list at: http://onc-chpl.force.com/ehrcert/CHPLHome.

According to the site, “The Certified HIT Product List (CHPL) provides the authoritative, comprehensive listing of Complete EHRs and EHR Modules that have been tested and certified under the Temporary Certification Program maintained by the Office of the National Coordinator for Health IT (ONC). Each Complete EHR and EHR Module listed below has been certified by an ONC-Authorized Testing and Certification Body (ONC-ATCB) and reported to ONC. Only the product versions that are included on the CHPL are certified under the ONC Temporary Certification Program.”

It should be noted that different modules of different packages can be certified independently. One should not assume that a brand name of X means that every module of product X is EMR certified. Excellent medical software reviews by companies such as CTS, Inc. online from reputable companies to review different modules of EMR packages.

Using the online listing of the Certified Health IT Product list, which is maintained by HHS should offer an authoritative listing of products. Even if you are not particularly excited by the financial incentives because you do not believe they will bring you great return, or if you feel that because of your patient base you would not qualify for many incentive payments (very few Medicare or Medicaid patients, for instance) there are other reasons you might want to buy a Certified Health IT product:

1. Because companies that want to compete for this large audience of buyers are eager to sell the quality of their product, they are often more aggressive about good training and problem rectification. They are eager not to have complaints lodged against them, or to receive bad reviews for their products.
2. Because EHR certified systems are eager to be able to upload their material to CMS, they are eager to have good reporting capabilities and interactive modules that communicate information with each other and with of EHR systems easily.
3. Because standards and rules for certification are still in flux, certified packages and their various modules need to be responsive to changes in rules and in the law. So if your practice buys into an EMR / EHR that is certified, you are likely buying into a product that will stay current and be reviewed and regularly updated.