Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

Thoughts On Hospital Telecommunications Infrastructure

Posted on August 31, 2016 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

Given the prevalence of broadband telecom networks in place today, hospital IT leaders may feel secure – that their networks can handle whatever demands are thrown at them. But given the progress of new health IT initiatives and data use, they still might face bandwidth problems. And as healthcare technical architect Lanny Hart notes in a piece for SearchHealthIT, the networks need to accommodate new security demands as well.

These days, he notes healthcare networks must carry not only more-established data and voice data, but also growing volumes of EMR traffic. Not only that, hospital IT execs need to plan for connected device traffic and patient/visitor access to Wi-Fi, along with protecting the network from increasingly sophisticated data thieves hungry for health data.

So what’s a healthcare CIO to do when thinking about building out hospital telecommunications infrastructure?  Here’s some of Hart’s suggestions:

  • When building your network, keep cybersecurity at the top of your priorities, whether you handle it at the network layer or on applications layered over the network.
  • Use an efficient network topology. At most, create a hub-and-spoke design rather than a daisy chain of linked sub-networks and switches.
  • Avoid establishing a single point of failure for networks. Use two separate runs of fiber or cable from the network’s edge switches to ensure redundancy and increase uptime.
  • Use virtual local area networks for PACS and for separate hospital departments.
  • Segment access to your virtual networks – including your guest Wi-Fi service – allowing only authorized users to access individual networks.
  • Build as much wireless network connectivity into new hospital construction, and blend wireless and wired networks when you upgrade networks in older buildings.
  • When planning network infrastructure, bear in mind that hospital networks can’t be completely wireless yet, because big hardware devices like CT scans and MRIs can’t run off of wireless connections.
  • Bigger hospitals that use real-time location services should factor that traffic in when planning network capacity.

In addition to all of these considerations, I’d argue that hospital network planners need to keep a close eye on changes in network usage that affect where demand is going. For example, consider the ongoing shift from desktop computers to mobile devices use of cellular networks have on network bandwidth requirements.

If physicians and other clinical staffers are using cell connections to roam, they’re probably transferring large files and perhaps using video as well. (Of course, their video use is likely to increase as telemedicine rollouts move ahead.)

If you’re paying for those connections, why not evaluate whether there’s ways you could save by extending Internet connectivity? After all, closing gaps in your wireless network could both improve your clinicians’ mobile experience and help you understand how they work. It never hurts to know where the data is headed!

More Ideas On Tightening Hospital IT Security

Posted on August 29, 2016 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

Security deserves all of the attention you can spare, and it never hurts to revisit the fundamentals, in part because the cost of lagging security measures is so high. After all, it’s more than likely that your organization will face a breach, as almost 90% of healthcare organizations experienced at least one breach within the past two years, according to a Poneman Institute study done earlier this year.

Here’s some options to consider when tightening up your security operations, courtesy of Healthcare IT Leaders, whose suggestions include the following:

Hire white hat hackers: Mayo Clinic reportedly tried this a few years ago, and learned a great deal. While its security measures seem to have gotten something of a beatdown, the Clinic also found a bunch of security holes and got recommendations on how to close those holes.

Lock down employee mobile devices: As mobile technology increasingly becomes a key part of your infrastructure, it’s important to keep it secured – but that can be tough when employees own the phone. One question to ask is whether your IT could lock or wipe data from employee phones and tablets if need be. What are your legal options for securing critical data on employee-owned devices?

Review medical device security:  Networked medical devices – from respirators and infusion pumps to MRI scanners – increasingly pose security threats, as any device that receives and transmits data can be a target for attackers.  It’s critical to audit these devices, while setting careful security standards for device makers.

Train staff on security issues:  Often, breaches are due to human error, so it’s critical to educate non-IT employees on the basics of security hygiene. Offering basic security training should cover not only cover ways to avoid security breakdowns – such as avoiding generic or default passwords and phishing e-mails — but also explanations of how such breaches affect patients.

Encourage risk reporting:  According to Poneman, almost half of healthcare organizations discovered a breach through an employee within the past two years. What’s more, nearly one-third of data breaches came to light due to patient complaints. It’s smart to encourage these reports, as IT staff can’t have eyes everywhere.

Disable laptop cameras and microphones:  Laptops generally come with a webcam and microphone, but at least in an enterprise setting, it may be better to disable these functions. Why? For one thing, attackers may be able to listen to private conversations through the microphone.

As I see it, the bottom line on all of these activities is to infuse security thinking into as many IT interactions as possible.  It may be trite to talk about a culture of security (it’s easier said than done, and too many organizations make empty promises) but such a culture can actually make a big impact on your security status.

To have the biggest impact, though, that culture has to extend all the way to the C-suite, and unfortunately, that rarely seems to happen. When I read research on how often healthcare organizations underspend on security, it seems pretty clear that many senior execs don’t take this issue as seriously as that should. And if the staggering level of health data breaches happening lately isn’t enough to scare them straight, I don’t know what will.

3 EHR Gaps That Hinder Systematic Chronic Disease Management

Posted on May 2, 2016 I Written By

3 EHR Gaps That Hinder Systematic Chronic Disease Management

The following is a guest blog post by Andrei Khomushka.

An EHR typically contains multiple highlights of patients’ health, including observations, lab results, diagnoses and treatment plans. However, this data might be insufficient for systematic chronic care management, and there are 3 key reasons for that.

1. Interrupted care setting

Most EHRs are built around the idea that patients control their conditions to the extent that they can arrange timely appointments with their doctors should disturbing symptoms arise. However, the no-shows rate is still high (up to 55%, according to Family Medicine, 2013), and chronic patients often tend to overlook and mistreat symptoms. Leading to occasional appointments in acute situations. This breaks patient data and thus care delivery. So, EHRs can’t show the real picture of a disease progression.

Only continuous care and health tracking can help prevent, or at least detect early complications and exacerbations. As EHRs simply don’t have the tracking functionality, providers need additional solutions bound to their EHRs. For example, mobile patient apps connect individuals and caregivers, allowing the former to sync medical devices and continuously share their health data with doctors, thus ensuring remote monitoring of health status. Then, this information is automatically analyzed and aligned with the EHR so it’s always up-to-date.

2. Lack of patient engagement

As individuals can’t access EHRs directly, they don’t provide any patient engagement elements. Patients can only interact with the EHR data (to some extent) by visiting the patient portal. Here is your chance to engage them. With the standard functionality, such as appointment scheduling, e-billing, lab results checking, portals allow setting goals, sharing achievements across social media, exploring interactive learning materials and more.

However, systematic chronic care is more effective when a technology is proactive and connected to a patient’s daily life (patient portals can’t beat mobile patient apps here). This way, when multiple personal encouragements, guidelines and notifications are already in your pocket, it’s easier to control a chronic condition.

3. Patient-generated data missing

Most EHRs can’t collect and store patient-generated information such as physical activity, nutrition, daily subjective and objective. To benefit from daily updates of patients’ health statuses, we suggest implementing a separate solution integrated with the EHR. This will automatically process and analyze data to identify condition changes that require a physician’s attention. Then, the solution will notify both the patient and the health specialist about the disturbing patterns and suggest scheduling an appointment or test.

Afterword: Reducing the gaps

Overcoming these limitations is essential for a systematic care of chronic patients in the comfort of their homes. However, a thorough rebuild of an EHR is not realistic. Instead of investing substantial time and budget in making the EHR something it is not supposed to be, we recommend creating a holistic solution based on a chronic disease management system (CDMS), which will be connected to the mobile patient application and the EHR. You can find more about CDMS and its benefits in our recent chronic disease management entry.

It’s Time For A New HIE Model

Posted on April 25, 2016 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

Over the decade or so I’ve been writing about HIEs, critics have predicted their death countless times – and with good reason. Though their supporters have never backed down, it’s increasingly clear that the model has many flaws, some of them quite possibly fatal.

One is the lack of a sustainable business model. Countless publicly-funded HIEs, jumpstarted by state or federal grants, have stumbled badly and closed their doors when the funding dried up. As it turns out, it’s quite difficult to get hospitals to pay for such services. Whether this is due to fears of sharing data with the competition or a simple reluctance to pay for something new, hospitals haven’t moved much on this issue.

Another reason HIEs aren’t likely to stay alive is that none can offer true interoperability, which diminishes the benefits they offer. Admittedly, some groups won’t concede this issue. For example, I was intrigued to see that DirectTrust, a collaborative embracing 145 health IT and provider organizations, is working to provide interoperability via Direct message protocols. But Direct messaging and true bilateral health information exchange are two different things. (I know, I’m a spoilsport.)

Yet another reason why HIEs have continued to struggle is due to variations in state privacy rules, which add another layer of complexity to managing HIEs. Simply complying with HIPAA can be challenging; adding state requirements to the mix can be a big headache. State laws vary as to when providers can disclose PHI, to whom it can be disclosed and for what purpose, and building an HIE that meets these requirements is a big deal.

Still, given that MACRA demands the industry achieve “widespread interoperability” by 2018, we have to have something in place that might work. One model, proposed by Dr. Donald Voltz, is to turn to a middleware solution. This approach, Voltz notes, has worked in industries like banking and retail, which have solved their data interoperability problems (at least to a greater degree than healthcare).

Voltz isn’t proposing that healthcare organizations rely on building middleware that connects directly to their proprietary EMR, but rather, that they build an independent solution. The idea isn’t incredibly popular yet — just 16% of hospital systems reported that they were considering middleware, according to Black Book – but the idea is gaining popularity, Voltz suggests. And given that hospitals face continued challenges in integrating new inputs, like mobile app and medical device data, next-generation middleware may be a good solution.

Other possible HIE alternatives include health record banks and clearinghouses. These have the advantage of being centralized, connected to yet independent of providers and relatively flexible. There are some substantial obstacles to substituting either for an HIE, such as getting consumers to consistently upload their records to the record banks. Still, it’s likely that neither would be as costly nor as resource-intensive as building EMR-specific interoperability.

That being said, none of these approaches are a pushbutton solution to data exchange problems. To foster health data sharing will take significant time and effort, and the transition to implementing any of these models won’t be easy. But if the existing HIE model is collapsing (and I contend this is the case) hospitals will need to do something. If you think the models I’ve listed don’t work, what do you suggest?

Tablets Star In My Fantasy ED Visit

Posted on April 1, 2016 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

As some readers may know, in addition to being your HIT hostess, I cope with some unruly chronic conditions which have landed me in the ED several times of late.

During the hours I recently spent being examined and treated at these hospitals, I found myself fantasizing about how the process of my care would change for the better if the right technologies were involved. Specifically, these technologies would give me a voice, better information and a higher comfort level.

So here, below, is my step-by-step vision of how I would like to have participated in my care, using a tablet as a fulcrum. These steps assume the patient is ambulatory and fundamentally functional; I realize that things would need to be much different if the person comes in by ambulance or isn’t capable of participating in their care.

My Dream (Tablet-Enabled) ED Care Process

  1. I walk through the front door of the hospital and approach the registration desk. Near the desk, there’s a smaller tablet station where I enter my basic identity data, and verify that identity with a fingerprint scan. The fingerprint scan verification also connects me to my health insurance data, assuming it’s on file. (If not I can scan my insurance card and ID, and create a system-wide identity status by logging a corresponding fingerprint record.)
  2. The same terminal poses a series of screening questions about my reasons for walking into the ED, and the responses are routed to the hospital EMR. It also asks me to verify and update my current medications. The data is made available not only to the triage nurse but also to whatever physician and nurse attend me in my ED bed.
  3. When I approach the main registration desk, all the clerks have to do is put the hospital bracelet on my wrist to do a human verification that the bracelet a) contains the right patient identity and b) includes the correct date of birth for the person to which it is attached. If the clerks have any additional questions to pose — such as queries related to the patient’s need for disability accommodations  — these are addressed by another integrated app the clerk has on their desk.
  4. At that point, rather than walking back to an uncomfortable waiting room, I’m “on deck” in a comfortable triage area where every patient sits in a custom chair that automatically takes vital signs, be it by sensor, cuff or other means. In some cases, the patient’s specific malady can be addressed, by technologies such as AliveCor’s mobile cardiac monitoring tool.
  5. When the triage nurses interview me, they already have my vitals and answers to a bunch of routine clinical questions via my original tablet interaction, allowing them to focus on other issues specific to my case. In some instances this may allow the staff to move me straight to the bed and ask questions there, saving initial triage time for more complex and confusing cases.
  6. As I leave the triage area I am handed a patient tablet which I will have throughout my visit. As part of assigning me to this tablet my fingerprint will again be scanned, assuring that the information I get is intended for me.
  7. When I am settled in a patient bed in the ED, I’m given the option of either holding the tablet or placing on a swing-over bed desk which can include a Bluetooth keyboard and mouse for those that find touchscreen typing to be awkward.
  8. Not long after I am placed in the bed, the hospital system pushes a browser to the tablet screen. In the browser window are the names of the doctor assigned by case, the nurse and tech who will assist, and whenever possible, photos of the staff involved. In the case of the doctor or NP, the presentation will include a link to their professional bio. This display will also offer a summary of what the staff considers to be my problem. (The system will allow me to add to this summary if I feel the triage team has missed something important.)
  9. As the doctor, nurse and tech enter the room, an RFID chip in their badges will alert the hospital system that they have done so. Then, a related alert will be pushed to the patient tablet – and maybe to the family members’ tablet which might be part of this process — giving everyone a heads up as to how they’re going to interact with me. For example, if a tech has entered to draw blood, the system will not only identify the staff member but also the fact that they plan a blood draw, as well as what tests are being performed.
  10. If I have had in interaction with any of the staff members before, the system will note the condition the patient was diagnosed with previously when working with the clinician or tech. (For example, beside Doctor Smith’s profile I’d see that she had previously treated me for stroke-like symptoms one time, and a cardiac arrhythmia before that.)
  11. As the doctor or NP orders laboratory tests or imaging, those orders would appear on a patient progress area on the main patient ED encounter page. Patients could then click on the order for say, an MRI, and find out what the term means and how the test will work. (If a hospital wanted to be really clever, they could customize further. For example, given that many patients are frightened of MRIs, the encounter page would offer the patient a chance to click a button allowing them to request a modest dose of anti-anxiety medication.)
  12. As results from the tests roll in, the news is pushed to the patient encounter home page, scrolling links to results down like a Twitter feed. As with Twitter, all readers — including patients, clinicians and staff — should have the ability to comment on the material.
  13. When the staff is ready to discharge the patient — or the doctor has made a firm decision to admit — this news, too, will be pushed to the patient encounter homepage. This announcement will come with a button patients can click to produce a text box, in which I can type out or dictate any concerns I have about this decision.
  14. When I am discharged from the hospital, the patient encounter homepage will offer me the choice of emailing myself the discharge summary or being texted a link to the summary. (Meanwhile, if I’m being admitted, the tablet stays with me, but that’s a whole other discussion.)

OK, I’ll admit that this rather long description caters to my prejudices and personal needs, and also, that I’ve left some ideas out (especially some thoughts related to improving my interaction with on-call specialists). So tell me – does this vision make sense to you? What would you add, and what would you subtract?

P.S.  Some high-profile hospitals have put a lot of work into integrating EMRs with tablets, at least, but not in the manner I’ve described, to my knowledge.

P.S.S. No this is not an April Fool’s joke. I’d really like for someone to implement these workflows.

Are You Prepared For Healthcare Ransomware?

Posted on February 3, 2016 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

Earlier this month, a Texas hospital was hit with a particularly loathsome virus.  Leaders at Mount Pleasant, Tx.-based Titus Regional Medical Center found out on January 15 that a “ransomware” virus had encrypted files on several of the medical center’s database servers, blocking access to EMR data as well as the ability to enter data into the system.

In this kind of attack, the malware author demands a financial ransom to be paid for freeing up the data. TRMC didn’t disclose how much money the attacker(s) demanded, but it may have been an immense sum, because the hospital apparently thought that bringing in pricey security consultants and enduring several days of downtime was preferable to paying up. Although, they also probably realized the slippery slope of paying the ransom and also there’s no guarantee those receiving the ransom money will actually permanently fix the problem.

It would be nice to think that this was just a passing fad, but researchers suggest that it’s not. In fact, US victims of ransomware reported losses of more than $18 million in 14 months, according to an FBI report issued in June.

According to one news report, the average ransomware demand is about $300 per consumer. The amount demanded goes up, however, when business or government organizations are involved. For example, when a series of small police departments in Massachusetts, New Hampshire and Tennessee were hit with a ransomware attack tying up their key databases, they ended up paying between $500 to $750 to get back access to their data. One can only imagine what a savvy intruder familiar with the life-and-death demand for health information would charge to free up an EMR database or laboratory information system data store.

But the threat isn’t just to enterprise assets. Not only are hospital enterprise network attacks via ransomware likely to increase, these exploits could take place via wearables or medical devices in 2016, according to technology analyst firm Forrester Research. Such attacks don’t just use medical devices to reach databases; Forrester predicts that some ransomware attacks will disable the medical devices themselves.

Given how important mobile technology has become to healthcare, it’s worth noting that ransomware is increasingly targeting mobile devices as well. For example, a recent strain of Android virus known as Lockdroid ransomware is now afoot. While it has no direct healthcare implications, one of the things it does is threaten to send a user’s browsing history to friends and family unless they pay the ransom. The victim, who may get tricked into allowing malicious code to gain admin privileges on their device, could end up having their personal data — and perhaps data from an EMR app — sent wherever the attacker chooses.

It seems to me that the ransomware threat will push healthcare organizations to mirror their core data assets in new and heretofore unheard of ways. HIT departments will have to bring disaster recovery methods and network intrusion defenses to prevent the worst possible outcome — a hack that kills one or more patients — and quickly. Meanwhile, if a company specializing in protecting healthcare firms from ransomware doesn’t exist yet, I suspect one will exist by the end of 2016.

mHealth Apps May Create Next-Gen Interoperability Problems

Posted on November 20, 2015 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

According to a recent study by IMS Health, there were 165,000 mHealth apps available on the Google Play and iTunes app stores as of September. Of course, not all of these apps are equally popular — in fact, 40% had been downloaded less than 5,000 times — but that still leaves almost 100,000 apps attracting at least some consumer attention.

On the whole, I’m excited by these statistics. While there’s way too many health apps to consider at present, the spike in apps is a necessary part of the mobile healthcare market’s evolution. Over the next few years, clear leaders will emerge to address key mHealth functions, such as chronic care and medication management, diet and lifestyle support and health data tracking. Apps offering limited interactivity will fall off the map, those connected to biosensors will rise, IMS Health predicts.

That being said, I am concerned about how data is being managed within these apps. With providers already facing huge interoperability issues, the last thing the industry needs is the emergence of a new set of data silos. But unless something happens to guide mHealth app developers, that may be just what happens.

To be fair, health IT leaders aren’t exactly sitting around waiting for commercial app developers to share their data. While products like HealthKit exist to integrate such data, and some institutions are giving it a try, my sense is that mHealth data management isn’t a top priority for healthcare leaders just yet.

No, the talk I’ve overheard in the hallways is more geared to supporting internally-developed apps. For example, seeing to it that a diabetes management app integrates not only a patient’s self-reported blood sugar levels, but also related labs and recommended self-care appointments is enough of a challenge on its own. What’s more, with few doctors actually “prescribing” outside apps as part of their clinical routine, providers have little reason to worry about what commercial app developers do with their data.

But eventually, as top commercial health apps become more robust, the picture will change. Healthcare organizations will have compelling reasons to integrate data from outside apps, particularly if doctors begin viewing them as useful. But if providers and outside app developers aren’t adhering to shared data standards, that may not be possible.

Now, I’m not here to suggest that commercial mHealth developers are ignoring the problem of interoperability with providers. (Besides, with 165,000 apps on the market, I couldn’t say so with any authority, anyway.) I am arguing, however, that it’s already well past time for health IT leaders to begin scoping out the mobile health marketplace, and figuring out what can be done to help with data interoperability. Some sit-downs with top app developers would definitely make sense.

What I do know — as do those reading this blog — is that creating a fresh set of health data silos would be destructive. Creating and managing useful mobile health apps, as well as the data they generate, is likely to be important to next-generation health IT leaders. And avoiding the creation of a fresh set of silos may still be possible. It’s time to tackle this issue before it’s too late.

HIM Professionals and the Patient Portal

Posted on October 21, 2015 I Written By

Erin Head is the Director of Health Information Management (HIM) and Quality for an acute care hospital in Titusville, FL. She is a renowned speaker on a variety of healthcare and social media topics and currently serves as CCHIIM Commissioner for AHIMA. She is heavily involved in many HIM and HIT initiatives such as information governance, health data analytics, and ICD-10 advocacy. She is active on social media on Twitter @ErinHead_HIM and LinkedIn. Subscribe to Erin's latest HIM Scene posts here.

One of the hot topics in healthcare that has been consistently developing and growing over the past few years is the patient portal. Since many different EMRs and portal platforms are used across hospitals and physician offices, each facility is left to develop policies and procedures for what will be released through the portals and how they will be used. There are no specific standards for patient portals, aside from those needed to meet Meaningful Use requirements, which results in different experiences and functionality for end users.

HIM involvement with patient portal implementations has been a little spotty over the years from what I gather from my peers. I heard someone say we “missed the boat” on patient portals. I don’t necessarily agree but I do see inconsistencies in the level of HIM involvement. When it comes to developing policies governing the content that will be released through the portal, HIM professionals are the experts on this initiative. HIM professionals have always been the stewards of the medical record and keeping release of information processes secure and appropriate. There has been a focus on encouraging patients to keep a personal health record long before EMRs and patient portals came to exist. So how could some HIM professionals get left out of the patient portal process?

My first assumption is that patient portals came to exist mostly, although not solely, as a result of Meaningful Use initiatives. If you have had similar experiences to mine, you have witnessed Meaningful Use initiatives typically being handled by IT professionals. As a result, patient portals have fallen under that umbrella from a technology standpoint but I see great opportunities for HIM professionals to be involved to optimize the content shared for the end users. Since the main intent of patient portals is to encourage patients to be engaged in their own care, these portal initiatives have much more benefit beyond attesting to Meaningful Use and should be incorporated into organizational strategic plans for patient engagement.

There has been a lot of discussion around the struggle of increasing patient portal participation. A common factor in patient portal adoption is the lack of patient competencies in using the technology involved. Some patient populations do not frequently use computers, email, or mobile applications which are all a part of the patient portal functionality. To address this at my facility, we created a position within the HIM department to coordinate all patient portal functions including enhancing the user experience by creating frequently asked questions and answers, troubleshooting issues that patients may have when attempting to login, and resetting portal passwords as needed among many other initiatives. Policies were developed to address who can have access to the portal information, how the patients confirm their identity to log in, what is released, and the duration of the availability of the information. We have an interdisciplinary team that contributes to the patient portal process but having the point person reside in the HIM department makes the most sense for governing the entire concept.

One thing to remember is that patient portals do not eliminate the need for traditional release of information processes because we release information to many different requestors for different purposes. The portal does not include every patient document due to the sensitive nature of some results therefore requests for entire charts and abstracts are still necessary in some cases. Patients should participate in the portal for the personal benefit of being proactive in their own healthcare but they should not expect it to replace release of information. I encourage HIM professionals to be involved in the patient portal process in an administrative capacity. The strides made with patient portal optimization are key in optimizing the transition to health information exchange (HIE) concepts which also require heavy HIM involvement.

If you’d like to receive future HIM posts by Erin in your inbox, you can subscribe to future HIM Scene posts here.

EMR Vendors Slow To Integrate Telemedicine Options

Posted on August 27, 2015 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

Despite the massive growth in demand for virtual medical services, major EMR vendors are still proving slow to support such options, seemingly ceding the market to more agile telemedicine startups.

Independent telemedicine vendors targeting consumers are growing like weeds. Players like Doctor on Demand, NowClinic, American Well and HealthTap are becoming household names, touted not only in healthcare blogs but on morning TV talk shows. These services, which typically hire physicians as consultants, offer little continuity of care but provide a level of easy access unheard of in other settings.

Part of what’s fueling this growth is that health insurers are finally starting to pay for virtual medical visits. For example, Medicare and nearly every state Medicaid plan also cover at least some telemedicine services. Meanwhile, 29 states require that private payers cover telehealth the same as in-person services.

Hospitals and health systems are also getting on board the telemedicine train. For example, Stanford Healthcare recently rolled out a mobile health app, connected to Apple HealthKit and its Epic EMR, which allows patients to participate in virtual medical appointments through its ClickWell Care clinic. Given how popular virtual doctor visits have become, I’m betting that most next-gen apps created by large providers will offer this option.

EMR vendors, for their part, are adding telemedicine support to their platforms, but they’re not doing much to publicize it. Take Epic, whose EpicCare Ambulatory EMR can be hooked up to a telemedicine module. The EpicCare page on its site mentions that telemedicine functionality is available, but certainly does little to convince buyers to select it. In fact, Epic has offered such options for years, but I never knew that, and lately I spend more time tracking telemedicine than I do any other HIT trend.

As I noted in my latest broadcast on Periscope (follow @ziegerhealth), EMR vendors are arguably the best-positioned tech vendors to offer telemedicine services. After all, EMRs are already integrated into a hospital or clinic’s infrastructure and workflow. And this would make storage and clinical classification of the consults easier, making the content of the videos more valuable. (Admittedly, developing a classification scheme — much less standards — probably isn’t trivial, but that’s a subject for another article.)

What’s more, rather than relying on the rudimentary information supplied by patient self-reports, clinicians could rely on full-bodied medical data stored in that EMR. I could even see next-gen video visit technology which exposes medical data to patients and allows patients to discuss it live with doctors.

But that’s not how things are evolving. Instead, it seems that providers are largely outsourcing telemedicine services, a respectable but far less robust way to get things done. I don’t know if this will end up being the default way they deliver virtual visits, but unless EMR vendors step up, they’ll certainly have to work harder to get a toehold in this market.

I don’t know why so few EMR companies are rolling out their own virtual visit options. To me, it seems like a no-brainer, particularly for smaller ambulatory vendors which still need to differentiate themselves. But if I were an investor in a lagging EMR venture, you can bet your bottom dollar I’d want to know the answer.

Bosch’s Telemedicine Shutdown Suggests New Models Are Needed

Posted on June 25, 2015 I Written By

Anne Zieger is veteran healthcare editor and analyst with 25 years of industry experience. Zieger formerly served as editor-in-chief of and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. She can be reached at @ziegerhealth or

While many new telehealth plays are rapidly gaining ground, the previous generation may be outliving its usefulness. That may be the message one can take from one giant German conglomerate’s decision to shut down its U.S. telemedicine division.

Robert Bosch GmbH recently announced that it would shut down its U.S. telehealth unit, Robert Bosch Healthcare Systems, which makes business-to-business telemedicine systems. Its offerings include patient interfaces, software and platforms.

You may never have heard of this healthcare company, nor of its massive corporate parent Robert Bosch GmbH, but it’s part of a very large conglomerate with virtually infinite resources.

As it turns out, Bosch is a massive firm which competes with market leaders like GE and Siemens. Robert Bosch GmbH, which has existed since 1886, has more than 350 subsidiaries across about 60 countries and employs about 306,000 people. (I could share more, but I’m sure you get the idea.)

While the failure of one company’s telemedicine strategy doesn’t necessarily mean death for all similar plays, it does suggest that the nimble smaller firms may have more of an advantage than it appears.

Bosch Healthcare was actually way ahead of the market with its offerings, which included remote monitoring tools such as a touch-screen device for home use after hospital discharge and a family of mHealth tools aimed at chronic care management.But they appear to have been held back by proprietary technologies in a market that demands cheap and easy.

Ultimately, the end came when the parent company wasn’t happy with how the telehealth division was performing financially, and decided to cut and run. A statement from the company said that Bosch plans to shift its medical focus to sensor technologies to support improved diagnostics.

It’s hardly surprising that a company Bosch’s size would fail to keep up with the marketplace, given its size. No matter how smart the division’s 125 employees were, they were probably saddled with big company politics which prevented them from making big changes. Not to mention low priced tablets appeared and created a low cost competitor.

The question is, will other large players follow Bosch’s lead? It will be worth noting whether other large companies cede the telehealth market to small and emerging entrants as well. It’s not a no-brainer that this will happen; after all, there’s billions to be made here. But they may actually be wise enough to know when they’re ill-equipped to proceed.

I’ll be particularly interested to see what strategies existing health IT players adopt toward telehealth. It’s unclear how they’ll react to rising consumer and professional interest in telehealth technology, but whatever they do it will probably be worth analyzing.

That being said, with smaller companies out there breaking new ground with next-gen telemedicine apps and tools, they’re probably going to be in the unusual position of playing catch up. And in this case, slow and steady may not win the race.