There was a time when financial institutions and businesses faced the constant threat of having their cash registers and banks cleaned out by criminals. As security systems evolved, so have criminals; where the prize was once money in the drawer, now it’s data in the servers. Medical practices face the prospect of this new threat that will grow and change naturally with the technology available to society: cyberattacks. It’s essential to take preventative measures to protect patient privacy, sensitive information, finances and more. Read on to learn how to protect your medical practice from a cyberattack.
Why Medical Practices?
Despite their lack of coverage in the media, medical practices are successfully attacked every year. A recent survey of 1,300 physicians found that 83% had experienced some sort of cyberattack. Why are they being targeted? Doctors’ offices and hospitals are attractive targets because the information they store is extremely sensitive, which gives hackers an advantage in leveraging payment. A medical practice experiencing this type of attack will undoubtedly be faced with an interruption of services.
An interruption of services due to an attack can cost a practice thousands of dollars, as well as hindering the trust of your future and current patients. Advancements in cyber security and initiatives by the Health Care Industry Cybersecurity Task Force have proven effective at deterring attacks, but arguably the most important aspect of cyber security is what goes on inside your practice.
Take Control of Data
Addresses and insurance information alone present a tempting opportunity for cyber criminals. Keeping this information safe should be your first step in securing your practice, and you can do so by educating your employees on what cyber security looks like in their day-to-day work. Emphasize the importance of logging out of systems every time employees leave their computers, and make sure everyone’s login information is unique. Attention should also be placed on access restriction, with only authorized members of your staff given access to the most sensitive information. Employees that have been let go, or have resigned, should immediately be stripped of all access authorization to prevent retaliation or outside breaches.
In addition to removing permissions from ex-employees, it’s imperative that you change your passwords afterwards. Choosing a new password doesn’t mean adding one more character to your current one or reverting to passwords in the past. Passwords should be unique to each system, device, and employee; cutting corners only leads to more problems in the future. Software also presents an opportunity to cut corners; whenever you’re notified of a new update for your software, notify your IT team, and then wait for their assessment of the patches, updates, and possible risks to your systems.
Plan for the Worst
If you have not moved all or the bulk of your data into cloud storage, then your practice is playing a dangerous game. Not only does a cloud keep information off vulnerable in-house servers, but also gives your practice a safety net in the event your data is held ransom. Risk assessments should be performed regularly, and your staff should be informed of each new security threat or process. The rate of recovery after a cyberattack depends on the measures your practice has taken ahead of time. Communication among security personnel and unaffected data in a cloud are your practice’s best bet at bouncing back from an attack.
Like any business or organization, a medical practice needs to invest in the proper marketing to ensure a steady influx of patients who know and trust the practice with their healthcare. Whether through social media marketing, print marketing or networking events, medical practices must be willing to make an effort – as it doesn’t matter how amazing the practice’s care is if no one can find any information on it. Check out these helpful tips for marketing a medical practice.
Establish Branding for Your Practice
Branding will help potential patients instantly recognize your practice across many forms of media: social media, newspaper ads, and your website, for example. Choose a color scheme and business name that appears professional and symbolizes your practice. It helps to make your logo stand out from others as well – so, don’t use other logos as “inspiration,” rather come up with something that will relate to your practice’s unique philosophy. Keep this branding consistent throughout all of your marketing materials so patients can easily recognize that the information is coming from your practice.
Be Accessible to Internet Users
Most people who will be looking for services will use the internet to search for providers, look at reviews, and email/message to ask questions. It is a good idea to have a mobile-friendly, professional website with frequent blogs as well as active social media pages to ensure your practice’s services and contact information are readily available to the masses. In particular, social media provides an avenue for you to be personable and professional with users – as well as run ads in your local area, increasing your outreach. Make sure to post at least 5-10 times per week to help your business appear more frequently on the feeds of people in your community.
Give Out Health Tips
By providing health tips, you are reassuring patients that they are being considered and that you care for their well-being, even when they aren’t in your office. You can provide health tips through physical or digital newsletters, social media, or blog posts. Including these in your marketing plan reaffirms your practice’s professionalism in its field, as well as the compassion of its staff.
Send Out Appointment Reminders and Follow Ups
Patients notice and appreciate attentiveness, especially in the form of appointment reminders and follow ups. If your practice uses a HIPAA-compliant reminder system, it’s very easy to set up. However, if your practice is smaller and you have the staff available for it, personal text or phone call reminders are useful as well.
Be Active in Your Community
Maintaining a presence at sporting events, health fairs, town festivals, and anywhere else you can set up a booth will lead to more people knowing your practice’s name. At these booths, run small raffles, or at the very least hand out pens, small fridge magnets, and other accoutrement advertising your business. This way, your practice will be on the fridges and in the offices of local residents.
Another effective way to be active in your community is to donate a physical or other basic service to a local charity auction. You should also be available to local news centers for interviews that can advertise your practice. These methods will help spread your practice’s name to the community and potentially those that surround it.
For any medical practice to succeed, it’s paramount that patients can have access to information and be able to easily spread the word. Start by establishing branding, maintaining an active website and social media pages, following up with current and potential patients and being an active presence in the local community.
Convenience is the name of the game in modern days. Whether it’s the meals we prepare for our families or the shows we stream online, the ability to do things with relatively less effort has gained appeal worldwide. In the world of health and medicine, convenience’s appeal is no different, and telemedicine is answering the call for a more streamlined and efficient industry.
What is Telemedicine?
What began as a concept that was more sci-fi than medical, telemedicine has evolved since its original beginning during the 1950s. The original intent of the practice was to reach patients in rural areas who did not have access to medical services nearby. While telemedicine still serves the same purpose for people in said locations, the practice has grown beyond strictly lengthy commuting purposes primarily due to its general efficiency. The ability to stay home and contact a health professional without having to worry about driving to the nearest office is having a serious effect on the healthcare industry as a whole.
Effect on Patients
Mobile health apps – one aspect of telemedicine – have had a rolling effect on future patients, changing their behaviors and attitudes toward their own health. The convenience of medical websites and tracking apps has inadvertently made patients more proactive when it comes to their own health. More patient engagement means better communication between doctors and patients, allowing for better care and follow-up when necessary. Telemedicine also helps smaller hospitals that may not have access to a specific set of specialists on staff – with consultations just a video call away, there is always someone who can address a patient’s needs.
Although it seems like telemedicine is a no-brainer solution to the health industry’s problems in the future, it is not without its faults. Not all service providers have the same policies regarding reimbursement and other fees, so its best to check benefits beforehand.
Effect on the Industry
Telemedicine is having a huge effect on the overall industry, and everything from consultations to apps are playing a unique part. For instance, iBlueButton allows a patient’s medical records to be stored into one single app, which simplifies the process of filling out extensive paperwork at the doctor’s office since its readily available. Another app, MyChart, connects patients directly with their doctor and service providers to schedule appointments and set reminders for not only them, but their whole family. A move toward scheduling automation will surely change the nature of medical office staff’s role in the appointment process.
Telemedicine is having a major effect on healthcare costs as well; whether it’s a decrease in ER visits or more self-discipline concerning medications, the industry can take comfort in knowing that unnecessary costs are dropping. While unnecessary costs may drop, it does not mean all costs will follow suit. The technology needed for telemedicine can range from a simple web cam to a large dedicated server or system – which will require training to use. It will be up to healthcare facilities to decide whether these costs will outweigh the benefits already evidenced by telemedicine’s growth in popularity.
For more information about telemedicine services, see:
Guest Post by Kelly Gooch
Outsourcing the revenue cycle management process can prove beneficial for healthcare organizations, according to Joel Gleason, senior vice president and global market head of the provider segment at Cognizant.
Mr. Gleason shared the following tip with Becker’s Hospital Review.
“For hospitals and standalone healthcare providers, it’s all about delivering top-quality care, not necessarily managing the revenue cycle. Collecting payment is crucial to success. But chances are it’s not a core competency.
“In fact, 57 percent of businesses outsource because it allows them to concentrate on what they’re good at, according to Deloitte. Focusing on the core business is the second most popular reason to outsource, just two percentage points behind cost-cutting. Outsourcing revenue cycle management to an organization that understands the process often is an excellent choice.
“While most companies outsource to save money, I’d argue it’s equally important to get outside help because it allows a healthcare organization to focus on what it does best, which is providing patient care.
“By outsourcing the revenue cycle management process, healthcare businesses can reallocate human and financial resources to use them in other parts of the business, and utilize the most up-to-date services.”
Medicare Reimbursement is the practice in which Medicare beneficiaries are not billed directly for services, but instead utilize Medicare to pay physicians or hospitals who offered the service. In some events, you may have to pay the bill up front, and file for reimbursement afterwards. This can be tricky, and there is a lot to take into consideration when filing for reimbursement. Here are a few basics can help keep healthcare providers in compliance with Medicare rules.
- Go directly to the source.
The Centers for Medicare & Medicaid Service (CMS) and its Medicare contractors publish detailed information related to most any question or concern. Assume that the answer is out there, you just have to find it. The sheer volume of information available can present its own challenges to answering a precise question but odds are that you will find what you need. When you do find the documentation, save it along with the original question as reference for any future inquires.
- Only seek documents or references from CMS.
Unsubstantiated advice is not a compliance plan. This type of advice usually comes in the form of free advice, be wary. Having said that, sometimes advice may be useful in the search for the source reference material.
- Avoid payment-based advice.
The question “Can I get paid for that?” is a loaded one. Medicare claim processing is built on the premise that providers know the rules. This is the most dangerous kind of advice. The ability to get paid is not equivalent to following the law. A quick search of “Medicare fraud arrest” will detail the practices of thousands of people that got paid.
- Don’t trust Medicare customer service staff.
The customer service staff at the Medicare carriers are line level staff that do not have extensive knowledge to answer your specific question. In fact, there is no person that could possess all of the information possible to respond to general incoming calls. Any advice you may receive from a customer service representative is a guess based on limited information at best.
- If all else fails, hire a consultant.
Hiring a consultant who can locate the definitive answer and provide documentation from CMS is the best place to turn when you hit a roadblock. Consultants come in many varieties and costs. Just remember that you are looking for the “gold standard,” which is CMS documentation.
When filing for reimbursement, it’s essential to stay informed and have confidence in your decisions. Always assume the answer is out there and never hesitate to seek outside assistance. Don’t rely solely on Medicare representatives for answers. Doing a little research beforehand may seem tedious but can save you time and money in the long run.
Popular media talks about “free” preventive exams or physicals offered through the Affordable Care Act (Hey reporters! They aren’t free). Millions dutifully head to their doctor each year to receive their preventive exam. But are these exams truly effective in preventing future health issues?
Did the ACA create a “wellness culture” across society as hoped with these preventive programs? Unfortunately not. It seems the ACA created more healthcare services that otherwise would not have been necessary or utilized. There may be isolated exceptions, but the U.S. healthcare system still focuses on sickness rather than wellness. Preventive care exams are mostly to detect sickness, not to promote wellness.
Annual visits may be described as preventive but seem to be merely annual physicals that create a record of basic measures and perhaps catch illness earlier. Sometimes the incentives for preventive or wellness exams are the sole reason for a patient to attend them. Many large employers offer bonuses, gift cards, and other rewards for completing a wellness exam.
The ACA disappointment is that wellness seems to be missing. Do we need to pay a doctor to tell us annually that we eat too much, drink too much, or smoke too much? Yes, many of us do. Maybe we need a doctor to translate the effects of habits into disease process, pain, and death to help us understand the importance. Instruction on how to change habits would be a powerful method to promote wellness.
We live in a time where a high percentage of U.S. medical care, disease processes, and healthcare costs are caused by lifestyle choices. Do preventive exams address lifestyle factors such as a taxing career, mental stress, family dynamics, and more? Does the ACA overall address these lifestyle choices? In most cases they do not and require extra effort on the part of the patient to address said issues.
Let’s face it, traditional medicine is not designed to promote good lifestyles. Medicine can, however, keep you living a long time despite your lifestyle. Many see medicine as the solution and forego any attempt at living a healthier life.
The cost of preventing future sickness will no doubt be less than those incurred once an illness or condition is diagnosed. We tend to think of costs in purely financial terms, but there are costs to our health if we do not live a healthy life. It can be more expensive to join a gym, eat more natural foods, and live an active life, but those costs are preferential to the result of not engaging in these practices. It’s time we start focusing on wellness from the start and commit to good habits before a physician or medical professional advises so.
Primary care physicians spend more than half of their workday at a computer screen performing data entry and other tasks with electronic medical records (EHRs), according to new research from experts at the University of Wisconsin and the American Medical Association (AMA).
Based on data from EHR event logs and confirmed by direct observation data, researchers found that during a typical 11.4-hour workday, primary care physicians spent nearly six hours on data entry and other tasks with EHR systems during and after clinical hours. The study was published today in the Annals of Family Medicine.