YOUR COMPLETE GUIDE TO HEALTHCARE IT: HOW IT’S DRIVING CHANGE
Read the Guide Below or Download the eBook
Download Your Guide to Healthcare IT: How It’s Driving Change
Examine what the Healthcare IT landscape looks like so that your practice can remain competitive and successful.
There’s no doubt that healthcare – and healthcare information technology (IT) – is in the midst of a transformation. As advancements in healthcare are helping providers better meet the needs of their patient communities, these healthcare providers must find a way to confront significant challenges, such as the COVID-19 pandemic and aggressive cybercriminals.
Even though the news often focuses on healthcare cyberattacks targeting larger organizations, small- and mid-size practices are as much of a target for cybercriminals. Just consider these statistics:
FierceHealthcare, covering a Protenus and DataBreaches.net report, notes that more than 41 million patient records were breached, and 572 incidents were reported in 2019.
A review of the data posted to the federal government’s “wall of shame,” which identifies those organizations with reported breaches over the past 24 months of unsecured patient health information affecting at least 500 individuals, reveals nearly 350 reports of breaches affecting fewer than 5,000 individuals.
A Boston Business Journal report notes that healthcare data remains highly desirable to criminals. It’s worth about three times as much on the dark web as bank data.
In addition to the prevalence of incidents, some cybercriminals perceive that smaller-sized providers, such as practices and ambulatory surgery centers (ASCs), have more security vulnerabilities than larger healthcare organizations with a bigger budget to fund cybersecurity. And they aren’t necessarily wrong in that assumption. It is certainly true that when fewer resources are dedicated to healthcare IT security, providers will likely not invest in enterprise-type security measures, making themselves more vulnerable to a security breach.
IT failures in healthcare practices can have catastrophic results, potentially leading to data breaches, identity theft, fines for HIPAA violations, ransomware attacks, or loss of patient information, among others. Complicating matters is that there’s simply more data to be captured these days; in fact, the data required by regulatory agencies can be downright overwhelming. Increasingly, that data is also moving into the cloud, which has tremendous potential to help practices if approached intelligently.
An emerging challenge concerns the delivery of virtual care. Practices, ready or not, have needed to embrace telehealth and remote monitoring during the COVID-19 pandemic and will be expected to continue doing so in the future.
The good news is that many of the healthcare IT challenges of today can be more effectively addressed by leveraging healthcare information technologies, such as database management, cloud computing, and machine learning – all the while improving patient care. This is because every aspect of your practice affects patient care and the patient experience. The decisions you make about how to manage your healthcare IT solutions are patient-care decisions as much as they are business and operational decisions.
How you get there from here will depend on your ability to evaluate and understand your IT operations in light of recent developments. In this guide, we will explore how healthcare IT is evolving and ways that a healthcare IT managed services provider (MSP) can help you make the most of your IT and effectively safeguard your data. As new healthcare technology trends change the way practices do business, it’s up to each provider to stay informed.
TABLE OF CONTENTS
CHAPTER 1. Overview of Current Healthcare Technology
Even before the COVID-19 pandemic, the healthcare industry was undergoing tremendous change driven by technological advancements. Understanding these shifts better allows you to evaluate how your practice – and IT operations – are keeping pace with change.
Healthcare Trends and Developments
Here is a summary of five of the biggest trends and developments in healthcare IT.
1. Practices are embracing of telehealth
Virtual services and telehealth were already on the rise prior to the COVID-19 health crisis, but the needs of patients during the pandemic only fast-tracked this trend. And that’s putting it mildly. A Medscape article went so far as to declare in April 2020 that “A Decade of Telemedicine Policy Has Advanced in Just 2 Weeks.”
Consider how thoroughly organizations are committing to telehealth. An mHealthIntellgence article shared the results of physician surveys indicating that 90% were using at least some form of telehealth and around 60% percent were planning to continue following the pandemic. In other words, now that patients have experienced telehealth, the demand will remain far past the pandemic.
2. Cloud adoption is on the rise
During the pandemic, healthcare organizations have experienced the advantage of cloud-based technologies in a new way. Many have found these solutions are essential to allowing remote staff to work more effectively and safely as well as to launching and growing telemedicine programs.
As a report from Cloud Computing News notes,
The publication also highlighted the value of the cloud in supporting telehealth. Additionally, the healthcare cloud computing market is projected to experience rapid growth in the coming years, especially as the COVID-19 health crisis drives healthcare providers to more rapidly transition to cloud-based solutions.
3. Video collaborating services become commonplace
Platforms such as Microsoft Teams and Slack have become essential and commonplace. They have served as mechanisms for healthcare providers to deliver services to patients and also to support efforts by providers to collaborate and communicate with members of their staff and others.
These platforms not only include video meeting and consultation features, but also personal file storage; team file storage and sharing; real-time file collaboration; chat; and integration with numerous apps and services to further support productivity and teamwork.
While business collaboration services will not permanently replace in-person meetings, virtual gatherings and collaboration are here to stay.
4. New opportunities arise for cybercriminals
Cybercriminals are always looking for their next opportunity – and the recent health crisis has opened more avenues for them to explore. Organizations that raced to add telemedicine offerings may have overlooked security and failed to give it appropriate consideration. The HHS Office for Civil Rights issued guidance stating that, “HIPAA-covered healthcare providers may, in good faith, provide telehealth services to patients using remote communication technologies, such as commonly used apps … for telehealth services, even if the application does not fully comply with HIPAA rules.” But there were conditions to this guidance.
Unplanned growth in remote working and data-sharing can present cybercriminals with an easier means to access patient and healthcare provider information if healthcare staff working remotely lack the necessary cybersecurity safeguards. In addition, as CSO noted, “Healthcare organizations of all shapes and sizes are likely to be under more stress than usual, which may make staff more lax around what they click on.”
Just as healthcare delivery models – and the cybercriminals who exploit them – have evolved rapidly, so have the types of information technology that allow practices to navigate the challenges of the pandemic.
Types of Information Technology
Understanding the types of healthcare IT and how they have progressed allows providers to effectively evaluate their current operations and better understand potential opportunities for investments and improvements. Here are four examples of healthcare information technology you should know that can help your healthcare practice survive and thrive.
1. Data management
Today, many of the documents once stored in doctor’s office filing cabinets have become digitized. Unfortunately, digitized documents are often not fully or effectively organized or integrated with other databases. Such a lack of integration is one reason why the usage of a database management system has become vital for healthcare organizations.
Generally speaking, a database management system, sometimes referred to as a DBMS, is a technology solution that helps optimize the storage and retrieval of information from databases. These databases can include mission-critical, sensitive, and compliance data and records that grow over time.
2. Predictive analytics
As practices seek new insights into their performance, many turn to the use of a predictive analytics solution. These enable healthcare professionals to understand correlations and patterns that can be gleaned from within their data. For example, predictive analytics can help practices better understand which of its patients are more likely to have certain conditions, thus allowing improvements in the management and delivery of care.
Crucially, predictive analytics extracts data from various sources, including electronic health records, medical equipment, medical devices, and wearable technologies. With cleaner data, practices can make better informed decisions that improve efficiency, save money, and reduce waste.
3. Cloud computing
Like other types of businesses, healthcare organizations are increasingly migrating to the cloud. The good news is the number of tools and services to help practices move to the cloud has grown too.
While on-premise data storage solutions were a logical choice in the past, internally storing the vast amounts of growing data produced by a practice is becoming expensive, increasingly less practical, and can leave a practice more vulnerable to cyberattacks. By contrast, cloud computing in healthcare can help decrease or eliminate the cost of on-premise hosting; help practices scale up or down as needed; help provide updates of systems performed by vendors; and aid in improved accessibility.
Some other benefits of cloud computing include improved collaboration between various organizations, departments, and physicians. It can also help patients use their data as it democratizes data and gives patients better control of their health information.
When properly handled, cloud computing can increase security for healthcare providers as well. It can also help protect the data from on-site hardware failures and provide backups directly to the cloud.
Finally, cloud computing offers ease of interoperability that is not available with traditional on-premise servers, allowing authorized organizations to establish data integrations regardless of the origin of the data or where it is stored.
4. Machine Learning
Machine learning can help identify diseases, monitor health pandemics, diagnose conditions, and improve efficiency with clinical trials and medical research. It can also save the healthcare system significant money. According to McKinsey & Co., healthcare organizations could save $100 billion annually by using big data and machine learning.
Some of the ways that machine learning can improve the efficacy of healthcare includes the following:
- Medical imaging diagnosis
- Disease diagnosis
- Personalized medicine
- Readmission likelihood
With such encouraging advancements and rapid changes come many questions. As practices work to keep up with the latest beneficial trends, it can be helpful to consult with experts who have a front-row seat to the concerns and needs of practices just like yours.
IT Challenges and Opportunities: An Expert’s View
Mike Jann is the virtual chief information officer for Medicus IT clients. In this role, he draws on his more than 20 years of experience in managed services. Jann helps practitioners across the U.S. understand the practical benefits that managed services provide to healthcare IT.
Jann shared his insight concerning how the COVID-19 pandemic has affected the technology used by practices and ASCs and what providers should do to strengthen their cybersecurity in the COVID-19 area.
Top healthcare IT pain points for remote work
Jann says that one top challenge facing organizations that Medicus IT works with has involved providers wishing to take office phone systems homes to perform work remotely. As time passed, it became clear that the phone systems that worked well in the office could not effectively support staff working at home.
“While one might think that a big challenge would be setting up our clients’ staff with secure, remote access to patient and practice information, granting this remote access went smoothly. Most of our clients were able to log in remotely with relative ease,” Jann explains.
Though many of Medicus IT’s clients had been looking into telemedicine, the pandemic quickly urged them to jump in and give it a try. Jann says that since so many patients were unable to come into the office, telemedicine was a boon for pediatrics, primary care, and other practice types.
Jann further explains that more practices are using technology to interact with patients, including taking patients’ temperatures and using text messaging to communicate with patients.
From an operational perspective, Jann says, clients have leveraged video conference platforms like Microsoft Teams to help keep their internal teams better in touch when they cannot meet in person. “Use of this technology has created new proficiencies and efficiencies. In fact, we are hearing from clients that they intend to rely more heavily on the platforms even after the pandemic is behind us,” he says.
Successfully leveraging healthcare IT
In general, practices that are adapting well to changes brought on by the pandemic are those staying current on technology. Typically, Jann asserts, the ones that prevail are the organizations that were already leveraging resources like instant messaging and had protocols and tools in place to offer telemedicine. When the technology footprint is there, it allows organizations to expand their usage more easily or, in the case of telemedicine, launch a program.
“These are also the organizations that are exploring how to further leverage their healthcare IT to better mobilize their workforce and restrict staff so only essential personnel must be in the office,” Jann says. Unfortunately, providers that are struggling continue to rely on paper charts or are hesitant to begin migrating to the cloud, he furthers.
Preparing for future uncertainties
Jann recommends that the organizations that were generally successful in their response to the pandemic write up the plan that they will follow if they need to scale back services again in the future. “Make sure this plan includes what worked well for you and focuses on how you can strengthen those aspects of your initial response that did not go as smoothly as you hoped,” he says.
Jann advises that practices which tried to launch a telemedicine program and experienced some bumps in the road not throw the idea of telemedicine out the window. “In the short and long term, it will likely be in your best interest to continue offering telemedicine while striving to become very efficient at it,” he says.
Another area of concentration should be services that support wearable technologies, Jann explains. “We’ll eventually get to a place where a patient can get an entire physical without going into a provider’s office. Stay at the forefront of these evolving technologies,” he says.
Finally, he suggests paying close attention to the changes that electronic medical record (EMR) companies are making from the clinical side concerning telemedicine. In addition to embracing telemedicine, Jann advises practices to “… develop creative work-from-home policies supported by technology.”
Technology to watch
Jann says it’s largely about telemedicine these days.
There’s now wearable technology that monitors and captures blood pressure and all vital signs and sends it to the provider for feedback. Such technologies, Jann says, have the incredible potential to reshape much of how healthcare is delivered.
Jann has this final word: “For anybody who has not adapted telemedicine yet, if your industry permits it and the service is covered by insurance, strongly consider getting on the bandwagon now.”
Once you know where the opportunities lie, you can begin to see how protecting patient data demands a fortified effort, including IT that can help protected patient data yield better patient care.
Speaking of data protection, mid-and smaller-sized providers, such as practices and ambulatory surgery centers (ASCs), may have not have the budget of larger organizations to safeguard their systems, but there are still steps you can take to bolster cybersecurity.
How to Better Protect Patient Data & Strengthen Security
1. Install antivirus/antimalware and intrusion detection software
While it might seem obvious, such software is critical to protecting data. Once you select and install this software, ensure the programs are kept current and licenses remain active.
Just keep in mind that it is advisable to steer clear of freeware. Free programs are often missing essential features included with paid versions of software, such as the ability to schedule routine scans and automatic updates. In addition, free versions are often reactive programs. This means they are designed to address threats and attacks after they have occurred and possibly already inflicted damage.
2. Immediately stop using unsupported operating systems and software
If any of your computer hardware still running on Windows 7 or Windows Server 2008, it is time to upgrade or replace this hardware as soon as possible. That’s because these operating systems have already had an end-of-life (EOL) date, which means that their continued usage brings substantial security vulnerabilities.
While your practice is still capable of using computers with Windows 7 and Windows Server 2008 as operating systems, doing so is not advisable. Without support and updates, new vulnerabilities and technical issues are no longer addressed, making continued usage of these computers a massive security risk. What’s more, if computers with these operating systems are used for anything involving protected health information, your practice is effectively non-compliant with HIPAA and the HITECH Act.
Even a single computer running Windows 7 or Windows Server 2008 on your network puts your entire network and all data at risk. Bottom line: Migrate away from software with approaching EOL dates before the date arrives or when you identify computers still using unsupported software. In the case of Windows 7 and Windows Server 2008, this likely means migrating to Windows 10 and Azure, respectively.
3. Educate and train staff on HIPAA
When deciding on best practices, education and training on the HIPAA Security Rule should occur regularly and be kept current. Practices should also strive to confirm that any business associate (BA) and BA subcontractor that handles their data is following HIPAA rules. Examples of BAs may include healthcare IT security companies, revenue cycle management companies, consultants, and collections agencies.
4. Arrange for a security awareness phishing campaign
Cybercriminals increasingly use phishing to target victims by sending them an e-mail that appears to be from a trusted or believable source. This can include everything from members of an organization’s leadership or human resources team to a bank, Internet service provider, employee benefits provider – even a cybersecurity awareness company. These emails – which attempt to exploit social engineering – ask the recipient to provide personal identifying information and sometimes usernames and passwords. Then, the cybercriminal uses the information to open new accounts or invade existing accounts.
A healthcare IT security consulting firm can craft a security awareness phishing campaign, which is an employee training tool that simulates a phishing attack and tracks how recipients respond. Based on the results, employees can receive increased training on how to spot and properly report suspected phishing attempts.
5. Undergo a security risk assessment
An IT security risk assessment is designed to analyze a practice’s current IT environment and identify security gaps that should be addressed. Any good healthcare managed services provider should be able to generate a report for the organization that not only identifies vulnerabilities but also includes best practices, guidance, benefits of potential investments in technology, and a remediation plan and solutions if gaps are identified.
6. Take immediate action when staff changes occur
Staffing changes present unique challenges. It’s best to immediately remove or at least make inactive the user accounts of any outgoing staff – even those leaving on good terms. Any delays in making such changes can leave your systems more vulnerable to cyberattacks.
If you put off removing user accounts, you run the risk of forgetting to do so for some time, prolonging vulnerability. A checklist of termination policies and procedures to follow should also be provided to every existing member of your staff.
CHAPTER 2. Benefits of Healthcare Information Technology and Managed IT Services
We’ve already referenced some of the ways that healthcare information technology can provide substantial value to practices, ASCs, and other types of organizations. When deployed correctly, solutions such as telehealth, remote monitoring, and interoperability can help strengthen data security, enhance the patient experience of care, improve the health of populations, drive efficiencies in care coordination, and reduce the cost of healthcare, among many other benefits.
To gain a greater appreciation of how information technology is making a significant difference for providers, let’s look closer at one particular type of technology: cloud computing.
Importance of Cloud Computing
The shift toward cloud computing within healthcare was already gaining momentum before the COVID-19 pandemic. The health crisis has propelled many organizations that were on the fence about transitioning to cloud computing to act and proceed with the migration.
Cloud computing can elevate clinical, financial, and operational performance to another level. To help you better understand why cloud computing may be right for your practice right now, here are seven of its most significant benefits.
For times when there needs to be reduced on-site staff, practices with cloud computing can allow non-clinical staff to continue working from home.
By leveraging a cloud solution, anyone on your team who needs to contribute to a document (e.g., text, spreadsheet, presentation, video) can view, comment on, and/or revise the same version of the document and receive these comments and changes in real-time. Such a method of collaboration provides many benefits, including the following:
- Eliminates confusion about what version of a document is the most current
- Eliminates the creation of multiple versions of documents that will eventually need to be combined
- Improves productivity as staff can easily access the latest version of a document
- Improves access to large files which may not be easily shareable via email
- Reduces the number of emails staff receive and improves email inbox management
At a time when budgets are tight, the price of investments must be carefully weighed. Thankfully, cloud computing can be an effective way to reduce costs, depending upon the solution selected.
That’s because cloud computing reduces capital expenses associated with hardware and software procurement. These cost savings add up over time when considering the expenses associated with replacing outdated technology and purchasing new software and hardware if your practice adds new staff members.
As a practice grows, cloud computing services can scale elastically. Simply put, this means that a practice can contract for the appropriate number of cloud-based services required to support the organization without making significant new investments in hardware and software. Such cloud-based services with scalability include user accounts, storage, bandwidth, CPU cores, memory, and the power necessary to support applications.
5. Data storage
Consider that all of the applications your practice uses and data it accumulates need to live somewhere. You may be storing applications and data on physical hard drives and storage area networks. As time passes, you will need to invest in additional servers and expand your IT infrastructure. This need will accelerate if your practice experiences growth and/or adds new applications.
On the other hand, cloud data storage can easily be scaled, improves accessibility, and is cost-effective.
Since the business model for cloud providers relies upon preventing data breaches and keeping customers satisfied, cloud service providers are incentivized to invest in the solutions necessary to help keep data as safe as possible.
7. Disaster recovery and business continuity
Cloud computing automates data backup, so you do not need to worry about losing data if your practice’s on-premise systems are damaged due to a natural disaster, cyberattack, or human error. If these systems are damaged, your cloud provider will restore them to the most recent snapshot backup. In the event that your systems will be inaccessible for a period of time (such as during this pandemic), a managed services provider can provide staff with remote access to applications and data, helping maintain operations as your practice waits out or is recovering from the disaster.
In light of the way that MSPs can help you access the advantages of cloud computing, you may be asking yourself how to identify the right partner. First, it pays to learn more about managed IT services so that you can begin to evaluate your options.
Understanding the Value of a Healthcare MSP
Services of a healthcare managed services provider can include data backup and recovery, data security and compliance management, cloud migration, HIPAA compliance, risk assessment, and integrating new applications. (For more information, see our brief primer on healthcare MSPs.)
We’ve identified five ways hiring an MSP will enhance patient care while making operating and managing your organization simpler.
1. Protect patient data, protect patients
An MSP can help keep your data secure – and your patients’ trust safe – far more than an overwhelmed in-house IT team. Patients trust you with their most personal data. Violate that trust and you damage – even destroy – the relationship with them. Data breaches can even have a negative effect on patient treatment, according to a Health Services Research paper.
2. Support interoperability, care coordination, and data access
The move toward cloud-based solutions makes it possible to aggregate real-time information from across the care continuum, which means patient care can also be coordinated across the care continuum. But capturing and integrating that data can be a challenge. An MSP can help by supporting secure data sharing across health information exchanges, electronic health record (EHR) vendors, and data platforms.
This has a direct impact on patient safety. When data is not siloed, a practice can get a more complete picture of a patient. This can help you avoid medication errors, redundant tests, and missed health problems.
On the other hand, when a practice is inundated with unfiltered data, that data is neither useful nor actionable. To provide optimal care to your patients, you need immediate access to all the data streams presented in an intelligent, actionable way.
3. Reduce burnout, enhance care
When physicians are struggling, patients inevitably suffer. By outsourcing your IT management, you have less stress and more time to devote to patient care. In addition, the right clinical workflow technology – which an MSP can advise you on and help you select – not only makes your life easier but also enhances the patient’s experience.
4. Enable telehealth and virtual care
Between October 2019 and October 2020, telehealth claim lines among privately insured patients increased more than 3,000% (that’s not a misprint), according to data from the FAIR Monthly Telehealth Regional Tracker. Telehealth is one piece in the larger picture of virtual care that incorporates remote monitoring and patient-generated data.
So much can be achieved with telehealth specifically and virtual care in general, but it must be integrated into physician workflow. A healthcare IT solutions provider can help you achieve this seamlessly.
5. Prevent gaps in care
Data backup helps ensure your data is safe. But backup is just one aspect of recovery from a disaster. A good MSP provides backup and helps ensure business continuity.
Now that we’ve established the value of working with a healthcare managed services provider, it’s time to examine how practices interested in working with an MSP can identify the best partner.
CHAPTER 3. Finding the Right Healthcare IT Managed Service Provider
- Managed IT services is the term used to describe outsourcing your practice’s information technology (IT) operations to an expert third party rather than trying to handle them all with an in-house tech support team.
- Third-party organizations, known as managed services providers (MSPs), are responsible for some or all of your IT systems and the services associated with them, including systems monitoring, technical support, and issue resolution.
- The relationship between MSPs and their clients is defined by a contract known as a service level agreement (SLA). The SLA specifies the fees, conditions, and services provided by the MSP.
What’s unique about a healthcare managed IT services provider is that it specializes in the requirements and unique technology stack used in healthcare practices. An MSP’s services can include data security and compliance management, cloud migration, HIPAA compliance, risk assessment, integrating new applications into IT systems, monthly reporting, data backup and disaster recovery, and ongoing IT support.
Understanding Healthcare IT Managed Services
If you run a healthcare practice, you are strongly advised to seek out a specialist MSP to handle your IT services. Healthcare organizations that fail to manage their IT effectively are putting their businesses at risk.
For starters, outdated or poorly integrated healthcare systems leave an organization more vulnerable to a cyberattack. But the risks go further: improperly managed patient data can put you at risk of non-compliance with HIPAA regulations and potentially facing substantial fines. The consequences of data loss in the healthcare industry can be severe. Not only can you lose patient trust, but you might even risk impacting patient treatment.
Enlisting the help of a managed services provider can help. Here are three reasons why to give partnering with an MSP serious consideration:
1. You are at serious risk of being targeted by a cybercriminal.
According to a national survey, more than 80% of physician practices have already experienced a cyberattack. Patient data is highly valuable, which places practices, ASCs, and other providers at increased risk of ransomware attacks. Security breaches can be hugely detrimental and costly for medical practices.
An experienced healthcare IT managed services provider can help practices implement the latest technologies, monitor systems for potential risks, identify and address vulnerabilities, and more effectively address security breaches.
2. You require highly specialized IT services.
A specialist healthcare IT managed services provider can make sure that you remain current with the latest HIPAA rules and regulations concerning information management. An MSP will also be able to advise on specific healthcare IT challenges, such as managing electronic health records, integrating multiple healthcare IT systems, migrating to the cloud, and adding telehealth.
3. You require round-the-clock IT monitoring and support.
If you decide to work with a healthcare IT managed services provider, you’ll start by defining the SLA, which will outline exactly what services you can expect and what you’ll still need to handle in house. Your new MSP may also conduct a technology assessment to triage your needs and build a plan to implement any needed fixes, improvements, and transitions to new technology.
Depending on the terms of your SLA, you will usually receive ongoing IT support to address issues that arise or implement new tools and technologies as your healthcare practice grows and evolves. You may also receive monthly reports to keep you informed about the security and performance of your healthcare IT systems. These reports will help put you in a good position to respond to an unexpected HIPAA audit.
To be sure you are prepared for audits and potential threats, it’s a good idea to familiarize yourself with what spells trouble. Through the years of working with healthcare practices and ASCs, we’ve identified five of the early red flags to look out for.
The Warning Signs of Potential IT Failures
Here are five of the most common red flags for such potential failures that we’ve seen in healthcare practices. If any of these warning signs sound familiar, it’s time to take steps to upgrade your healthcare IT services, solutions, and support.
1. You lack a strategy for managing and protecting health information
If you don’t have a plan in place for how to manage, aggregate, and protect your patients’ electronic health information, you’re placing your practice and patients at risk. In 2019, more than 41 million patient records were breached, and that figure is only likely to rise going forward. While use of electronic health records (EHRs) can improve diagnoses and reduce medical errors, they are vulnerable to cyberattack.
Data security can also be compromised by issues with system interoperability. EHR systems are not always readily compatible with other healthcare IT solutions, meaning that matching patient records can be a major headache for healthcare practices. The resulting workarounds not only jeopardize patient care, but they can also expose patient data to security breaches.
2. You don’t regularly review and update your HIPAA compliance policies and procedures
It’s no secret that HIPAA regulations are complex, demanding, and likely to undergo changes. In addition to making sure your team is current on the latest rules and guidelines, you also need to keep your systems protected. If you don’t have a process in place to regularly review and complete updates to your antivirus and antimalware software, firewalls, backups, hardware, and systems access, you may well be putting your practice at risk of a security breach and possibly non-compliance fines. You should also be managing your company mobile devices and any company hardware that leaves the premises, such as employee laptops.
3. You don’t have a plan for ensuring continuity of patient care during system downtime
Surveys reveal that over 96% of healthcare organizations have experienced at least one instance of unplanned system downtime. HIMSS reports that, in some cases, patient injury can directly result from downtime. The Ponemon Institute also found that system downtime can cost healthcare facilities between $7,000 and $17,000 per minute.
There are multiple causes of unplanned downtime in healthcare settings, including network issues, software failure, power failure, incorrect computer configuration, and other healthcare IT failures; extreme weather conditions; and human error. Preventing serious fallout for patients from unforeseen downtime requires a comprehensive strategy that includes procedures for both IT and clinical staff.
4. You haven’t recently updated your backup and disaster recovery systems
Data backup is a significant compliance issue for the healthcare sector: HIPAA regulations require that providers maintain a backup copy of all patient data. However, too many healthcare practices are still relying on external hard drives and magnetic tape drives, which are simply not up to the job of managing the volume of data involved in modern-day healthcare. With cyberattacks targeting healthcare practices on the rise, providers relying on old systems face a serious risk of losing access to patient data. And with the loss of patient data comes a loss of patient trust – and possibly even damage to patient treatment.
Today’s dedicated healthcare backup solutions help keep patient data safe, automatically back data up offsite in an encrypted and secure format, and better ensure that data is readily available for restoration at any time.
5. You don’t have a plan for responding to a cyberattack
Phishing, malware, and web-based attacks are all frequent, and cyberattacks are becoming more targeted, more sophisticated, and more extensive, according to research by the Ponemon Institute. Despite this, fewer than half of the healthcare practices surveyed by Ponemon have a plan for responding to an attack.
A managed healthcare IT services provider can run phishing simulations, vulnerability scans, and risk assessments to expose potential vulnerabilities in your security systems. This gives you the chance to identify opportunities for improvement that will help make sure your data and your practice stay safe, secure, and compliant.
Given the substantive risks to healthcare practices, working with a healthcare managed services provider may seem like an obvious choice. But what’s not so clear is how to be sure you are contracting with a company that’s prepared to effectively support your organization’s specific needs. With many options in the marketplace, we’ve isolated some important questions you need to ask about potential partners.
Evaluating Healthcare IT Companies
To help narrow down your choices for healthcare IT companies, answer these four questions.
Q: Are they healthcare IT experts?
- Electronic health records (EHR)
- Interoperability between healthcare IT systems
- Telemedicine and remote patient monitoring
- Internet of Medical Things (IoMT)
- Electronic personal healthcare information and HIPAA compliance
- Transition to value-based care
- Healthcare-specific cyberattacks
Q: Do they offer the healthcare IT services I need?
Be sure to look for companies with established partnerships with other service providers that can help further elevate the IT and overall performance of your practice. Be wary of MSPs that identify healthcare as an industry served but lack the necessary commitment (e.g., people, resources, ongoing investments) to effectively support healthcare providers. It’s true in this case that “a jack of all trades is a master of none.”
It can be useful to inquire about projects the MSP has completed that could reflect what you require or may need in the future. For instance, ask if the MSP has ever helped a practice add or transition to a new system (e.g., electronic health record, practice management, telemedicine). It’s also a good sign if the MSP has experience migrating EMR solutions to cloud-based solutions. Naturally, you’ll want to inquire about how they handle strengthening cybersecurity. For example, look for partners that deliver continuously evolving and ongoing staff training using mechanisms such as mock phishing campaigns and webinars that will help educate employees about the latest threats, common mistakes that lead to data breaches, how to spot and avoid threats, and where to go for assistance.
If your practice intends to implement value-based care, the healthcare IT companies you are considering should offer services that will help you build a value-based program that effectively supports your efforts to improve care outcomes for patients while reducing costs associated with that care.
It’s important to consider the unique needs of your practice as well. Whereas a hospital system will need the IT capability to support all specialties and services, a practice or ambulatory surgery center that focuses on one or just a few specialties, as is typically the case, will not require such a level of complexity.
Finally, the scope of services and ongoing support required for a larger organization is much greater than that for a typical healthcare provider. A healthcare IT managed services provider that understands enterprise-class IT but focuses on practices will be in a stronger position to provide a higher level of knowledge and experience for developing a strategic, comprehensive roadmap that’s right for your organization.
Consider speaking with clients of those vendors you are more seriously considering. Those clients (i.e., references) should be similar to your organization so you can paint a clear, detailed picture of how the healthcare IT companies you are considering are likely to support your organization.
Q: Do they have an impressive track record?
Strong industry relationships matter. Experienced healthcare IT managed services providers tend to have strong relationships with mission-critical software companies (e.g., EMR, practice management) which can help ensure better implementation, integration, and ongoing support. Veteran companies tend to have developed strong relationships with industry leaders and other service providers built over many years of attending and speaking at conferences as well as hosting and participating in webinars and other educational events.
Experienced healthcare IT companies appreciate providers’ priorities concerning patient care, engagement, and experience; physician satisfaction; staff performance and satisfaction; and security and compliance. Likewise, they tend to possess qualities that benefit their clients: strong leadership and loyal staff who embrace teamwork, collaboration, and feedback; strong company culture and values; financial resources to invest in talent, resources, and infrastructure; and an ability to withstand potentially significant challenges.
Even once you’ve found a potential partner that meets all of these standards, contracting with an MSP may still seem like a significant investment that you must weigh. To help you better analyze your decision, we’ve put together the top reasons why some providers make this leap.
Reasons to Outsource IT Management
Here are nine of the reasons why small- and mid-sized practices, ASCs, and other provider types should consider outsourcing their health IT to an experienced and healthcare-focused managed services provider.
1. Prepare for the shortage of IT professionals
With a national shortage of health IT professionals on the horizon, you might be better off with a third-party in that role. A 2019
2. Access a body of expertise and experience
Seasoned experts understand current and upcoming developments and closely track future trends. And that can be a full-time job in itself. Whoever manages your information technology must stay up to date on changes in areas including HIPAA, security regulations, cybersecurity threats, and new healthcare technology, just to name a few.
3. Optimize your team’s time
By outsourcing health IT services, you offload many management and administrative tasks, freeing up office staff to focus more on the clinical, financial, and operational work that must be accomplished. This can increase staff productivity, enhance employee satisfaction, improve the bottom line, strengthen quality of care, and even reduce turnover.
4. Improve patient care
When your clinical team has more time to devote to patients, everyone wins. Outsourcing your health IT function reduces burnout and leads to improved patient care. And as an Annals of Family Medicine study suggests, improving the quality of the patient/clinician relationship correlates with patient outcomes.
5. Better ensure data security today
As cybercriminals become more cunning, healthcare organizations are having a more difficult time keeping sensitive data safe and protecting patient privacy. According to government data, there were 510 reported healthcare data breaches of 500 or more records in 2019. That’s a nearly 200% increase from 2018. Patients are not the only ones who suffer from data breaches. The fines can be devastating for the offending organization.
6. Prepare for the data security changes and challenges of tomorrow
Get ready: The likes of digital biometric devices, pharmacogenomics, and artificial intelligence will inundate practices with data. Managing that data will be difficult enough notwithstanding the HIPAA rules that will surely come with it.
HIPAA generally doesn’t cover health data generated by third-party apps chosen by patients – unless the app is somehow connected to the provider. As Health IT Security reports, industry leaders are working to develop rules and standards to protect health information that is not protected by HIPAA.
7. Stay nimble
The pace of innovation and change in healthcare is rapid. Wearables, artificial intelligence, virtual care, cloud computing, and other innovations and trends will bring dramatic improvements to healthcare while adding to your IT burden. But perhaps nothing illustrates the need for agility more than the COVID-19 pandemic, which necessitated a sudden shift to a remote workforce and adoption and/or expansion of telehealth, among other developments. A healthcare managers services provider enhances your ability to pivot and adapt quickly.
8. Gain 24/7 access to support
To run a successful practice, you’ll need access to IT support immediately, with that need sometimes falling outside of standard office hours. An MSP can offer that to you.
9. Improve disaster recovery
A fire. An earthquake. A flood. A cybersecurity breach. What if one of these or any other disaster strikes your practice? The right healthcare managed services provider will help you craft an IT disaster response and business continuity plan and provide backup and recovery solutions to help get you back on your feet quickly following a disaster.
Now that we’ve covered many of the ways an MSP can help benefit your practice today, let’s look forward to what is coming down the line in healthcare IT. The most successful and competitive practices and ASCs have already begun to anticipate and plan for how future technologies will shape the landscape of tomorrow.
CHAPTER 4. The Future of Healthcare IT
It can’t be overstated that technology will continue to be an important driver for how healthcare practices do business. There’s been a long precedent for this. For example, innovations such as artificial joints, precision medicine, advanced imaging, and minimally invasive surgery have transformed patient treatment. Even the seemingly less dramatic advances, such as the shift from paper to digital patient records, have had a significant impact on the quality and consistency of patient treatment and the efficiency of healthcare practices.
And today the impact of technology is only growing. The global health crisis has made the need for technological solutions to help address healthcare issues even clearer. To support efforts to maintain physical distancing, there is an unprecedented demand for tools and techniques to support remote diagnostics and telemedicine. Further, The Journal of mHealth argues that COVID-19 has stressed the need for preventive healthcare systems based on data analytics so we can better detect the next pandemic in advance.
The health crisis has also revealed serious issues in even strong healthcare systems, including problems with managing medical supplies, processing paperwork, producing accurate patient data, and ensuring sufficient medical staff during times of high patient influx. Healthcare IT solutions can help address these and many more of the widescale challenges facing healthcare practices today.
As you can see, the impact of technology in these atypical times carries even more weight for practices, ASCs, and other providers looking to remain competitive while striving for longer-term growth.
How Healthcare Technology is Changing Business
The technologies we will discuss aren’t really new; they’re just newly or increasingly being deployed in healthcare. Let’s look at healthcare IT trends and key advances in healthcare IT that will change your practice if they haven’t already.
1. Telehealth is here to stay.
Of all the healthcare technology trends we’re discussing here, telehealth has gained the strongest foothold with patients. They have experienced it, and they like it a lot. According to a Press Ganey survey, patients are overwhelmingly positive about their virtual interactions with their care providers.
But patients rated the technology-specific factors and process aspects lower. This feedback highlights the need to address and resolve the technical barriers that can impede consistent and reliable communication. Other opportunities for improvement include ease of scheduling appointments, contacting the provider, and care coordination related to the virtual visit.
The bottom line? Demand for telehealth will increase, as will the expectation that the encounter will run smoothly.
2. Chatbots find their place in healthcare.
You’ve likely encountered chatbots in non-healthcare industries, such as retail, which have used these communication tools for years. And there’s a good chance that you regularly interact with chatbots without even realizing it. Alexa and Siri are considered sophisticated, voice-activated chatbots.
Today, healthcare organizations are typically using chatbots to help patients assess symptoms and figure out what to steps to take next. But many chatbots can also recommend treatments, schedule visits, and handle other tasks, allowing practices to devote staff to more pressing activities, as HealthTech Magazine reported. Chatbots can even express human warmth and empathy, which, it turns out, may be essential to their success.
Chatbots in healthcare can boost access to care, as long as they provide the same quality as human agents, according to research published in the Journal of the American Medical Informatics Association: “The key is to emphasize the chatbot’s ability and assure users that it delivers the same quality as human agents.”
3. Artificial intelligence gets patient data under control.
Thanks to ongoing advances in consumer tech and digital biometric devices, you will soon be inundated with even more patient data. With all of this data coming into your practice on top of the data you were already capturing, integrating that data in a manageable way becomes critical. The last thing you need is a pile of unfiltered data.
A solution? Artificial intelligence (AI). AI can transform raw data into actionable information. For example, it can calculate the probabilities of disease, generate recommendations for individual patients, and provide population-wide insights about your patient panel.
What’s more, the use of AI will take on even greater importance since even more data is on the way: The 21st Century Cures Act, enacted in 2016, called for new data-sharing rules for electronic health record (EHR) systems. The rules, slated to go into effect in mid-2021, promote standardized language and application programming interfaces – better known as APIs – that encourage interoperability across EHR systems and vendors.
4. Predictive analytics is gaining traction.
Today’s advances in big data analytics and artificial intelligence, when combined with a vast and ever-increasing pool of encrypted patient data, allow for the implementation of predictive analytics in healthcare practices. Predictive data analysis aims to notify doctors and caregivers about potential medical events before they occur, helping them to prevent those events from ever occurring. Predictive algorithms have numerous potential applications for practices, including identifying likely no-shows, strengthening supply chain management, and improving data security.
5. Cloud data storage is becoming the norm.
Generally, the healthcare industry is considered a leading early adopter of cloud computing for data storage. Storing data in the cloud provides health facilities with improved accessibility and collaboration, strengthened security and disaster recovery, and the potential for cost savings. Advances in cloud computing are also beneficial for improving systems integration, allowing healthcare practices to transfer patient data from one system to another, thus helping reduce the risk of human errors in patient data input.
Cloud computing is itself a driver for other advances in healthcare IT, including telehealth solutions. In the words of business consultancy Frost & Sullivan, “The COVID-19 crisis has accelerated the strategic shift to view the cloud as a technology enabler.”
6. Wearables help to improve patient care.
Wearables are one of the clearest examples demonstrating the ever-growing importance of technology in healthcare. Some wearable devices help patients monitor their weight and physical activity; others may support disease management or patient rehabilitation. According to HIMSS, some researchers believe that “… wearable technologies could improve the quality of patient care while reducing the cost of care, such as patient rehabilitation outside of hospitals.”
While most wearables are still a work in progress, many already have the potential to support the work done by healthcare practices. For instance, medical practitioners could help patients live a healthier lifestyle by setting goals and then tracking progress with a wearable device to reduce sitting and increase physical activity. Other devices could be used to monitor key health indicators, such as blood sugar, blood pressure, body temperature, and heart rate, and thus trigger patients to seek medical treatment before their health situation becomes critical.
It’s important to note how many of these advances not only improve efficiency but also enhance patient care. To truly grasp the future implications of these technologies, let’s examine more closely what’s coming down the pipeline.
Healthcare IT Trends to Watch
Practices and surgery centers will need to continue leaning on healthcare information technology and other solutions to address the needs of patients and meet the needs of physicians more effectively. The most competitive healthcare providers are watching for ways that new technologies could solve some common problems to create a better patient experience – and, by extension, deliver healthcare based on a value-based model.
Here are a few emerging healthcare IT trends to watch going forward.
1. Filling in missed patient appointments with smarter telehealth and telemedicine
When patients miss their telehealth appointments, it can create an enormous administrative backlog for healthcare organizations. Missed appointments require providers to clear calendars, creating many other headaches. It also leads to confusion for patients awaiting their telehealth sessions.
The good news is that there is an emergence of smarter telehealth platforms that make it easier to update these missed appointments on the practice side while providing more availability for patients. A Healthcare Financial Management Association (HFMA) report on expected consumerism patterns found that specific solutions can add convenience to patient bookings and telehealth management with auto-updates, real-time scheduling, and other key features.
2. Value-based care solutions driving patient satisfaction and care coordination
Healthcare organizations that are investing in solutions to support value-based initiatives may have a leg up on less active competitors. Practices that are able to provide consumer experiences that emphasize the cornerstone concepts of value-based care are more likely to retain patients and build greater patient counts.
Strategies and technologies that will have the most success in helping practices build value-based patient experiences include telehealth onboarding, patient-facing interactivity, and detailed communication.
A NEJM Catalyst column analyzes some of the key components of patient engagement platforms that can help provide value-driven care solutions:
3. Value-based patient participation and meaningful data collection will power value-based experiences
Delivering value-based care has as much to do with patient engagement as patient care. A PatientEngagementHIT article highlighted a Deloitte Insights report that a growing number of patients are now more likely to share their information with healthcare organizations. The researchers stressed that patient groups are likely to only share information if they believe it is used to create better healthcare experiences. As the article notes:
Clinical leaders are primed to gather meaningful consumer-facing data, instead of clinical insights, that can help provide more competitive and value-driven care for their patients. Practices investing in solutions that can collect this data in a HIPAA-compliant platform while also factoring in the information captured into key business decision making may gain a competitive edge when vying for new patient groups.
Value-based care requires sophisticated data collection and analysis – especially with access to integrated data from a range of sources. It’s no surprise that a 2020 Stanford report identified the “rise of the data-driven physician” as one of the industry’s most consequential trends. If you’ve been keeping up with healthcare IT news, you know this is the direction the industry is moving. Physicians are trying to ready themselves for this transformation, according to the report, but few feel adequately prepared.
This inevitable transformation can be a challenge to practices of all sizes, especially when in-house IT departments aren’t equipped to adapt to technological developments adequately and efficiently. The right healthcare managed services provider can help.
Let’s face it. Cybercriminals get savvier by the day and are just waiting for practices, ambulatory surgery centers, and healthcare organizations of any and all sizes to take their healthcare IT security for granted. Even the smallest IT vulnerability can be the entryway for a cybercriminal to access your practice’s network. Once in your network, it is only a matter of time before this criminal accesses sensitive data. And if that happens, the situation will likely be difficult and costly to resolve.
Additionally, the rapid pace of change and exciting potential of healthcare technological advancements means that the providers who want to be prepared for the next wave of change must get ahead of the curve. The question is no longer “How can information technology improve healthcare?” It has become “What’s the best way to manage information technology to improve healthcare?”
Partnering with a company that provides managed IT services for healthcare means your practice will be in a better position to ensure its information technology can adapt and meet ever-changing needs. The right healthcare managed services provider can come in and strengthen your health IT operations and then work with you to come up with a scalable strategic plan that will help your practice successfully navigate the future.
We know the power and potential of healthcare IT. The challenge is to execute on both, but that has become increasingly difficult for small-to-mid-sized practices that rely on in-house teams.