Our 2015 Technology Survey Sponsored by Kareo reveals common challenges practices face after technology implementations. Here's what they are, and how to address them.
Your practice could have all the latest and greatest technologies at its disposal, but that doesn't necessarily mean it's going to be the fastest, most efficient, or highest-quality care provider. The opposite could be true, in fact, if technology is not well incorporated into your practice after it is implemented.
Unfortunately, many practices are struggling with post-implementation challenges, according to our 2015 Technology Survey Sponsored by Kareo, the findings are based on responses from more than 1,100 readers. While most of the respondents said they are using an EHR for instance, they also said their productivity is suffering as a result; and while more than half said they have implemented a patient portal, they also said they are struggling to get patients to use it.
But it's not just using technology post-implementation that is raising problems for practices; it's also protecting information that is stored on those devices after implementing them. While many respondents said they are using mobile devices in their everyday work, for instance, few said their practice has established mobile device security rules.
Here's a look at these post-implementation technology challenges and others reflected in our survey findings, and advice from experts regarding how your practice can adapt.
CHALLENGE #1: POST-EHR PRODUCTIVITY DROP
Each year for the past four years, we asked survey respondents to identify their "most pressing information technology problem." In 2012, 2013, and 2014, the most common response among survey takers was "EHR adoption and implementation." This year, for the first time, "a drop in productivity due to our EHR," and a "lack of interoperability between EHRs," received the highest percentages of responses.
Let's address the productivity challenge first. Medical practice consultant Rosemarie Nelson says practices that are struggling to get back up-to-speed after implementing an EHR should first assess whether "reverse delegation" between the provider and nursing support staff is to blame. "What happens is once we have this EHR in place and people see that they can task or message somebody else in the practice, they suddenly start to maybe put the burden in a place it shouldn't be," says Nelson. "In the paper days ... the nurses would manage all the incoming correspondence for the physician; they would manage the phones, they would manage the fax machine; basically they were managing [the physician's] paper inbox. Now, with the EHR, suddenly everything just goes to the physician's inbox." To get delegation moving back in the proper direction, Nelson recommends practices modify how nurses screen materials coming into the EHR so that physicians only receive information that requires a physician's review. One option, Nelson says, might be to allow a nurse "surrogate" to manage the physician's inbox so that the materials are prescreened appropriately.
Jeffery Daigrepont, senior vice president of the Coker Group, a healthcare consulting firm, has similar guidance regarding EHR documentation."When we work with clients, if we see or observe a physician doing the vast majority of data entry, then usually that is a sign that the system was implemented incorrectly," he says. "You really want to design your work flow and processes in a way that minimizes the doctors' time to do the data entry part."
He says practices should consider modifying their EHR to better meet physicians' work flow needs and to create a more standardized work flow for common patient complaints. "... One thing that computers are really good at doing is remembering things," says Daigrepont. "So if you know that for every time you have a patient with this particular visit or diagnosis you are going to follow these five or six steps or action items and it's pretty consistent patient after patient after patient, a lot of times [improving productivity] comes down to spending a little bit of extra time to design your [EHR] around your work flow and around the physician's behavior."
Practices should also consider "add-on" tools, such as voice recognition software and shortcut and abbreviation tools, that may help physicians navigate the system more quickly, says Nelson. To identify time-saving tools, she recommends consulting your vendor and engaging with EHR user groups.
CHALLENGE #2: EHR INTEROPERABILITY ISSUES
As noted, another common post-EHR implementation challenge identified by survey respondents was "lack of interoperability between EHRs." For practices struggling in this area, particularly those struggling to meet the transition-of-care requirements in meaningful use due to difficulty exchanging information with other healthcare systems, Nelson advises stepping up communication with those other healthcare systems. Work with them to find a solution, or pool resources to find one.
"Some of that is just pushing your partners," says Nelson. "If it's a hospital [make sure] they get discharge summaries pushed to you; if it's a key referral, then every certified EHR has to have the ability to share what's called a CCD [Continuity of Care Document] or a CCR [Continuity of Care Record]," says Nelson. "That [CCD or CCR] has key elements in it, which is really all we need. We need to have the patient's problem list, we need to have their medication list, we need to have their allergy list, labs would be great ... Some practices may not realize that they could get this [CCR or CCD] from another practice, and/or they may not realize that they are getting it, so they treat it like a fax instead of learning how to import it into their system so they don't have to re-enter data."
Also, consider participating in the Direct Project initiative, which helps support simple electronic exchanges between practices and their healthcare partners, says Nelson. For more information on how to get involved in Direct, visit bit.ly/direct-project.
CHALLENGE #3: A LACK OF PATIENT PORTAL ENGAGEMENT
It's not just EHRs that are raising problems for practices post-implementation. While 54 percent of our 2015 Technology Survey Sponsored by Kareo respondents said their practice has a patient portal (up from just 20 percent in 2011), many respondents indicated they are struggling to make the most of their portal's capabilities. Sixty-three percent, in fact, said that "getting patients to sign up/use the portal" was their biggest patient portal-related challenge.
For practices struggling in this area, Nelson recommends using "teachable moments" to promote the portal; for example, when physicians and staff are about to share information with patients, or when they plan to share information with patients. A nurse who is following up with a patient after the physician visit might say, "If you go to our website and register for the portal, you'll be informed when your lab results are ready and you'll be able to view them online."
To increase the likelihood patients will follow through with signing up for the portal, send a text message or e-mail with information on how to sign-up for the portal shortly after the patient visit, says Daigrepont. "If you just say, 'Hey go to the portal,' as the patient is leaving, by the time they get in their car they've already forgotten that information."
Also, make sure that the portal offers key features that patients value, such as the ability to:
• Request appointments;
• Get prescriptions renewed;
• Review test results; and
• Look at visit summaries from previous visits.
"We have to offer more on the portal to make it worthwhile for [patients] to come back," says Nelson. "It's just like any website that a physician or nurse would go to, if there isn't anything of value after the second time they go, they're not going to want to go a third time."
Finally, when promoting the portal to patients, reassure them that the portal is secure, says Daigrepont. "I think a lot of times people are reluctant, especially when it comes to their healthcare information to [sign up] if they are not very much reassured that their privacy will be protected."
CHALLENGE #4: MOBILE DEVICE SECURITY
EHRs and patient portals are not the only technologies practices and physicians are implementing. More are also using mobile devices, such as smartphones and laptops, to store and share protected health information (PHI) and to communicate with patients. Sixty-seven percent of our survey respondents said they use mobile communication devices in the performance of their job.
While mobile devices streamline communication, they also raise potential security problems. In fact, the majority of HIPAA breaches occur due to lost or stolen mobile devices. Yet many practices are failing to take the proper precautions to secure the data stored on mobile devices, particularly when it comes to the use of personal mobile devices for work purposes. Only 32 percent of our survey respondents said they have implemented rules regarding this use of technology.
If your physicians and staff are using mobile devices for professional use, Nelson recommends:
• Requiring all devices to be password protected (and requiring those passwords to be changed every few months);
• Prohibiting staff from downloading PHI to mobile devices;
• Working with vendors to put safeguards in place that prevent staff from downloading PHI to their devices (staff and physicians may be able to view information remotely, but not download it); and
• Encrypting PHI so that the information stored on mobile devices is protected.
Practices should also inform physicians and staff that, in the event of a potential HIPAA breach, the practice may need to access the device, disable it, remotely wipe it, and so on, says Daigrepont. "I think as business owners you just have to be upfront with your employees," he says. "Say, 'We're happy to give you the convenience of using your personal device, but there's a little bit of a trade-off and here's what you need to know.'"
To ensure all staff and physicians are on board with your mobile device security rules, consider requiring them to sign a mobile device security agreement. For a sample agreement, visit bit.ly/mobile-agreement.
CHALLENGE #5: OVERALL TECH SECURITY
The increasing use of mobile devices for work-related purposes is not the only new technology that is raising security problems for practices. When acquiring a new piece of technology, whether it is an EHR, patient portal, or mobile device, the practice needs to assess how the use of that technology might raise security risks, and act accordingly to address and reduce those risks.
One of the best ways to do this is by conducting a security risk analysis, during which practices analyze the potential risks and vulnerabilities to the confidentiality, integrity, and availability of their electronic PHI.
Despite the fact that conducting a risk analysis is required under both HIPAA and meaningful use, (for more guidance visit bit.ly/risk-analysis) only 36 percent of our survey respondents said they have conducted one.
That's a troubling statistic, says Michelle Caswell, senior director, legal and compliance, at healthcare risk-management consulting firm Clearwater Compliance, LLC. "We really try to get organizations to not think of the risk analysis as this sort of draconian regulation that [HHS'] Office of Civil Rights (OCR) is putting down on them," says Caswell, who formerly worked at the OCR. "We always say that if you do not conduct a risk analysis, you do not know what risks there are to your organization."
Practices have rapidly implemented new technologies over the past few years, but that is only half the battle when it comes to using that technology effectively. Here are some of the common post-implementation challenges practices face:
• Productivity losses
• Interoperability problems
• Lack of patient engagement with new technologies
• Communication work flow problems
• New security risks
Aubrey Westgate is former senior editor for Physicians Practice. She can be reached at email@example.com.
This article originally appeared in the July/August 2015 issue of Physicians Practice.