Warning
  • The form #10 does not exist or it is not published.

The Lure of the Cloud – dusting off an old concept…

By Sam F. Khashman

Moving business to the cloud seems hip, fiscally astute, progressive, and innovative. Putting private business information (especially Protected Health Information or PHI) out on the Internet? No way. The problem is that “the public Cloud” is the Internet, repackaged and glitzed up, but still with the massive concerns for security, reliability (speed and access) and control. The cloud concept is actually one of the ideas that have survived the dinosaur era of computing as we understand it today. Depending on who gets the ultimate credit for “the Cloud,” the phrase is between 50 to 60 years old.

We all interact in the cloud, especially if we use Facebook or other social media. You want your medical or financial information on Facebook? Remember some of the revelations we’ve had about who is accessing what’s in your personal accounts (in spite of your privacy preferences)?

So let’s talk business for a minute. Radiology is a high-volume medical specialty, with the typical practice management system for a mid-sized hospital-based practice moving and storing millions of highly confidential transactions. The penalty for failing to maintain the security of these transactions can involve multi-million dollar fines and the publication of your organization on the Office of Civil Rights “list of shame” for security breaches involving more than 500 names. Since concerns for privacy and security have been a long-time bugaboo of the Web, (the Internet, the public Cloud) most organizations dealing with highly confidential financial information have so far declined to participate. There is a message in the fact that banks and credit card companies may add to their own internal clouds (private cloud) but they aren’t turning to the large-scale “we’ll take care of that for you” option of a public cloud-based alternative. The lure of the cloud

What do you need to know about the cloud in terms of your business?

  • Know your terminology. There is a vast difference between a public Cloud and a private one, with the latter controlled by your own IT department, internal or external. The security implications vary greatly and you need to do your homework.
  • The Cloud can work well for certain business applications, such as project collaboration, customer service, marketing communications and dashboards containing limited information. Transaction speed is not usually an issue in these situations, they are usually not business-critical if delayed or temporarily unavailable and security risks related to transmission or access to confidential information are measured.
  • Security is an issue, with vulnerability to Internet-based cyber-attacks representing more than an imaginary plot for a fast-paced book or movie. And there are no sound industry predictions regarding whether Internet (Cloud) security will ever be successfully addressed. In fact, as Internet use expands so do the number and sophistication of intrusions.
  • Control is relinquished. The Health Insurance Portability and Accountability Act (HIPAA) holds you responsible for the privacy and security of patient information—and contracting with someone else to accumulate, transmit and store that data does not absolve you of responsibility. The beauty of an Internet-based service is that is can occur literally anywhere in the world—and be subcontracted seamlessly. The curse of securing data with an Internet-based service is that it can be located anywhere in the world and subcontracted seamlessly—including in countries that do not comply with United States’ laws or standards for data security. And you may never know until something goes really wrong. (There is even more to consider in terms of control, but we’ll talk about that in another article).
  • Reliability. There are several sub-issues involved here, including bandwidth and the periodic types of interruptions occurring with Internet-based services. However, the HIPAA regulations again become a potential issue. One of the mandated security plan requirements involves conducting a risk assessment of potential threats and then developing a plan to adapt to them. Included in this assessment would be vulnerability to natural disaster and if you don’t know where the “mother ship” servers are located, how can you assess threats and assume all protections are in place? And what if the servers are moved to a new location? Will you know? Can you be assured the site is in compliance with HIPAA? And in your HIPAA assessment of business continuity, how will your organization recover from a potential disruptive event that occurs thousands of miles away?
  • Reputation. In any event, when patients become aware of their medical information being put on the Internet to save money you’ll likely have to spend the savings on PR so that your competition isn’t the only one benefiting.

We’ll talk in greater detail about some of the specific issues in upcoming blogs and articles. But the first step is to consider how important the following are to your business:

  1. Privacy and security controls (for a large volume of highly regulated personal financial/health information)
  2. Control is relinquished
  3. Transmission speed, whether posting a payment or scanning images
  4. Reliability. From local power outages to Federal HIPAA issues

Since each of these issues is of utmost concern to any radiology practice, it is unlikely the public Cloud yet offers a viable alternative, whether billing/collections transactions are involved or transmission of images. There is still too much risk and it only takes a brief Web-search to validate what industry leaders are saying. So far they are consistent. The public Cloud isn’t there yet and based on the nature of the Internet environment, it may never be.

So is there a place for the cloud? Absolutely. Non-business critical applications, data-sharing that doesn’t involve PHI, marketing and various types of communications—all can benefit from the Cloud concept.





Read more...

Document Imaging

Document Imaging

ImagineSoftware incorporates powerful document imaging components for a truly paperless environment and keyless data entry with ImagineTrueICE™.

ImagineTrueICE™ is a centralized repository for storing and retrieving all clinical information, allowing you to capture any document such as patient charts, physician notes, EOBs, and deposit tickets, while simultaneously indexing the records automatically and making them available for immediate retrieval throughout the billing workflow process without the expense of high-priced storage.

Powerful Document Imaging And Robust Electronic Storage For All Your Data

Help eliminate the paper chase and increase productivity with instant image retrieval, while also streamlining disaster recovery efforts. User flexibility and smart document imaging technology combine to store all your documents in one easily searchable archive at the push of a button.

Read more...
  • Medical Practice Management System
    Medical Practice Management System

     

    Medical Practice Management System

    ImagineBilling™ Practice Management Software improves cash flow, simplifies processes and provides unprecedented, real-time productivity monitoring by streamlining the billing/collections workflow to help clients achieve peak performance and measurable results.

     

    Meeting the needs of hospitals, medical practices, and billing companies across the country, the Imagine system enhances everyday applications within the billing process, reducing the lifecycle of claims to increase practice profitability. Easy-to-use navigation, grouping of like information and class together, automatic adjustment of screen size and resolution, and recent account retrieval all work to leverage staff capabilities for building efficiency and adding value while applying high quality standards to data integrity.

  • MedFM
    MedFM

    Boost Productivity
    and Reduce Costs

    ImagineMedFM™ is a comprehensive medical management software solution for medical billing and practice management services. MedFM delivers unsurpassed flexibility and user productivity in a dependable, user-friendly system.

    Flexible Deployment Options Based on Your Management Needs

    MedFM has the dual ability to be used as an in-house solution or can be available on-demand at a low monthly subscription fee – hosted in the cloud – allowing you flexibility in the management of your practice.