Imagine Blog

Rob Gomes

Rob Gomes

Rob Gomes is our in-house digital guru.  Having spent the last 20+ years in the digital marketing world he has culminated a unique skill-set that serves ImagineSoftware in multiple facets.  Currently he is our SEO Manager and resident SME for our digital footprint.  He constantly studies and analyzes market competition and trends to develop strategies that allow for our continued growth and success.

You can contact Rob via email at

Website URL:

Cybersecurity in Healthcare and You

How much would you spend to get your life back? What about those of your patients? These are questions that many healthcare providers must ask themselves at one point or another. The healthcare sector has become one of the most popular among hackers and cyber criminals because medical identity theft is an incredibly lucrative business. Millions of patient medical records were exposed in 2016, and that number is projected to rise this year. In an industry moving towards value-based payment models, quality care must now include protecting patient health information using safe record-keeping practices.

Cybersecurity in Healthcare is Different for Every Organization

Healthcare data security is by no means "one size fits all." A small, rural practice will invest differently than a large, metropolitan hospital. Based on your business and your particular needs, you should identify what data is most important to protect, then plan your safety measures accordingly. Perhaps you'll realize that technoloy isn't what's needed, but people and processes instead.

The average cyberattack for a small healthcare provider can cost upwards of $1 million in recovery. Download white paper, "Healthcare, Cybersecurity, and You."
btnLearnMore orange

We're Our Own Worst Enemy

According to a recent study by the Information Systems Security Association (ISSA) and Enterprise Strategy Group (ESG), users rather than technology issues are the top causes of risk to cybersecurity in healthcare because many employees forget to follow basic cyber safety rules. It happens because of a wide range of reasons: lack of training and/or cybersecurity personnel, or simply that policies aren't truly enforced by the organization. Following your safeguards plays an important role in forming a trusting relationship between provider and patient. It's not just a collection of data you're protecting, it's someone's life. Let's discuss a few tips to get your organization's record-keeping practices on the right track. 

Establish a Security Culture

There's a major human blindspot with respect to information security: overconfidence. The "it will never happen to me" mindset. No matter the level of education or experience, the weakest link in any computer system is almost always the user. So, what can be done to ensure an organization-wide security culture?
Frequent education and training - Ongoing mitigation steps allowing for discipline, documentation and compliance. 
  • Avoid exceptionalism - You shouldn't have a get-out-of-jail-free card as an executive. Those who manage and advise should set an example and take every precaution needed - the same as everyone else - to safeguard sensitive information. 
  • Information security as a core value - It should without a doubt take a seat at the table of core values within your organization. When staff embraces accountability and willingness to take responsibility over information security, you know you truly have a shared vision.

Change STRONG Passwords on a Regular Basis

Passwords are your first line of defense when preventing hacks into any computer. No matter what type of operating system, it should require a password to login. A strong password may not be able to completely deter a hacker, but it will definitely slow down their progress. Don't choose passwords that
        • Are found in a dictionary
        • Match your username
        • Include personal information - Your name, birthday, family member names, pet names, etc. 
        • Refer to anything on your social media pages - Anything found on your social pages like Facebook and Twitter should never be used as a password, whether your profiles are private or not. Anything you post on social media CAN be found and potentially used against you. 

        • What does a strong password look like?
                        • At least eight characters in length. The longer, the better! 
                        • A combination of upper AND lowercase letters, numbers, and at least one special character, like a punctuation mark. 

                        • Maintain Good Habits

                          Similar to eating fruits and vegetables or walking up the stairs instead of using the escalator in efforts to be healthier, a little goes a long way in system maintenance regimen. It's necessary to maintain the health of your systems and reduce risk of breach.
                                          • Uninstall software applications that aren't essential to running your practice - games, messaging applications, photo-sharing, etc. 
                                          • Don't simply accept default options when installing software on your device.
                                          • Read through your options and understand the choices thoroughly before accepting. 
                                          • Disable your file sharing and printing from remote staff. That could potentially result in accidental sharing of information along unauthorized locations. 

                          Plan For the Unexpected: Use Firewalls and Anti-virus

                          Unless your practice is completely disconnected from the Internet, you should always use firewall and anti-virus to protect against malicious intrustions. The firewall inspects all messages coming in from the outside and decides whether or not the message should be allowed in based on pre-determined criteria. Anti-virus actually stops malicious software that has already surpassed your safety measures and entered the system. 

                          Control Access to PHI - Both Virtually and Physically

                          Never forget that the devices that hold sensitive information should also be secured from unauthorized access. Believe it or not, the most common way that electronic health information is compromised is not through virtual attacks,but throught the loss of the physical device itself, both accidental and theft. Thumb and flash drives, CDs, DVDs, laptops, handhelds, desktops, hard drives, backup tapes, and even entire network servers can be physically removed and compromised. Securing these devices in locked rooms only accessible to limited staff members, managing physical keys, and restricting staff from moving devices from a secure area is a great start. 

                          In an industry that's shifting towards value-based care and payment models, true quality care cannot be accomplished without also taking the security of your patients' health information into consideration. Protecting patients through data security practice should become second-nature to your entire staff and executive team. Once it becomes one of your organization's core values and you begin to anticipate the worst, you will truly create a long-lasting environment of cybersecurity in healthcare benefiting the health and safety of your patients and your business.

Better Data, Better Decisions. Improving Healthcare with Business Intelligence

There’s a ridiculous amount of data flowing through medical practices and billing companies every single day. EMR/EHR data, billing data, cost data, patient data… It’s enough to make your head spin. With the push to value-based care, every health organization is finding the need to transform that data into something that will improve outcomes – from both a patient and organizational level. It’s not just about capturing and managing data anymore, it’s about interpretation. How can you transform data – from management to analysis – into insightful information that will drive process improvement initiatives?

Medical billing is hard, that's where we come in.
btnLearnMore orange

Business Analytics in Healthcare

Because of the heightened demand for value and transparency, one tool many organizations are beginning to embrace is healthcare analytics, particularly through business and clinical intelligence software. When you give analysts the means to capture and analyze data, you empower them to transform your practice into one with a data-driven, value-based culture. You initiate a chain reaction: Empowering the users, making better decisions as a provider, and improving both business operations and patient outcomes.

A little background knowledge is required to fully understand the power of this tool. All data must go through a particular set of stages before an analyst can achieve meaningful analytics:

1. Data capture  It all begins with the way people and devices produce and capture data, which must be done efficiently (is the data collected in a timely manner?) and accurately (is the data relevant to the analytical needs of the organization?).

2. Data acquisition – Analysts must collect data from multiple sources throughout the organization to produce meaningful insights. Let’s use the example of an analyst assisting a radiology practice with a quality improvement issue. The analyst will pull information from a number of sources including:
  • RIS – For radiologist interpretations
  • PACS – All picture archives
  • EMR – For clinical notes
  • Clinical Decision Support Systems
As a manual process, it's nearly impossible to pull data into a single location and format while ensuring that all data points are speaking each other (that they’re linked by a common identifier, either patient or provider) without creating errors. As a result, analysts may spend more time collecting data as opposed to transforming data into meaningful analytics. That’s where business intelligence comes in. Tools like ImagineIntelligenceTM allow users to integrate multiple data sources right into the software and under one platform.

3. Data analysis – Once the data is captured and tied together, the analysis process can finally begin. Three important steps in data analysis include:
  • Evaluation – If analysts don’t understand the data they’ve collected, they can’t effectively communicate their findings with their audience (executives, staff, etc.) Analysts should take the time to explore the oddities and trends that could be essential to understanding process improvement or care coordination. If you don’t understand the data, how can you effectively solve problems with it?
  • Interpretation – How will you interpret this information in such a way that all levels of the organization will understand?
  • Presentation – The analyst should tell a story with the data presented. Tying into the interpretation step – how will you organize and present the information in a way that’s engaging and identifies the problem you're solving for?

Benefits of Business Intelligence in Healthcare

1. Reduce hospital readmissions  Business Intelligence tools allow you to compare patients who did not need readmission against those who did. Things like age, gender, ethnicity, and follow-up care are all factors taken into consideration by the software. Once the data is collected and organized, you can identify patterns of readmission. Perhaps those patients come from lower social economic groups or live alone.

2. Financial performance improvement  Imagine having the power to track exactly how much your practice is reimbursed for services over time, coupled with the ability to improve that level of reimbursement within the same interoperable software. Business Intelligence systems that integrate with
practice and revenue cycle management software and automatically extract and analyze data housed in the platform allow you to predict future trends based on factors like revenue and billing costs.

3. Improve and develop treatment programs  This falls under both care and process improvement. When more information on health and disease is readily available, that insight will allow for both treatment programs to be more quickly adjusted, as well as earlier identification of appropriate treatment. Those benefits trickle down: increased improvement on preventative treatment programs can reduce total cost of care, prevent medical episodes, and increase patient satisfaction

4. Define major KPIs  Consistent and repeated use of analytics allow you to identify significant areas to business goals. Whether you’re aiming to increase collections, improve readmission rate, or reduce total days in A/R, business intelligence enables you to monitor fluctuations and major changes in your key performance indicators and distinguish areas for improvement.

Utilizing analytics allows you to discover insights that can drive care, process improvement initiatives, and financial stability of your organization. The reality of business intelligence in healthcare is that we’re just beginning to scratch the surface of its capabilities and the possibility behind data-driven, organization-wide improvement. Business analytics in healthcare is an enormously positive step to understanding and improving all facets of your practice.

Creating Intentional Excellence with Core Values

Remember the Golden Rule?   Do unto others as you would have them do unto you?  I’m sure that most of us would agree that this should also be a rule we follow in business.  Use common sense, differentiate between right and wrong, and treat others fairly and with dignity.  Sounds simple, right?  The truth, from this writer’s opinion, is it should be.  However, if it is so simple, then why does every major association, board of directors, company andcore values visual more have a written statement of core values or code of ethics?

Core Values sets forth corporate values and ethical principles and offers ethical guidelines to which your staff aspire and by which their actions can be judged and as such should include the following:

Guidelines:  Your organization’s statement should be a guideline that defines the persona of the business or organization.  Think of this as a value proposition that defines how you want to be and be seen in the eyes of your clients, partners, and even your competitors.  Make it a firm foundation where you can stand and make solid business decisions.

Direction:  Develop ethical practices and behaviors.  Your values statement should be used as the direction for your team, and will guide them in making decisions that are beneficial to the organization as well as the individual.  It should serve as a roadmap to making the right decision in sometimes difficult situations.  By providing your team with values and ethics, you will create and foster an environment where employees can feel confident about how to handle, or get direction on how to handle an ethical issue before it becomes something much worse.

Measurability:  Create a defined set of standards by which you can measure the success of your initiatives and your reputation.   As with all business initiatives, the ethical operation of a company is directly related to profitability in both the short and long term.  The reputation of that company serves as a litmus test for potential partners, vendors and shareholders.  It is imperative that you have something in place to define and measure these metrics. At Imagine every employee is measured each quarter on our core values – we live and breathe our values.

Transparency and Accountability: 
Accountability is fundamental to performance improvement.  It is the main conduit of the relationship of every member within the organization.  It will determine how we measure and report progress, success and shortcomings.  Transparency on the other hand needs to be in place to show what you do and be held accountable.  In the past this was assumed to mean just owning up to a mistake.  Setting up guidelines for transparency will assure that you can engage and inform not only within the organization, but outside as well.  Following those guidelines will ensure that you will have solid ground to stand on should someone in your industry do something unethical.  The ability to execute and deliver results day in and day out is directly tied to accountability and transparency.  “A lack of transparency results in distrust and a deep sense of insecurity.”  -Dalai Lama

These ideals lend themselves to success within an organization, and when properly created, addressed, and followed will allow for a set of rules that define the excellence of your team.  When an organization behaves ethically it can provide for significant benefits, such as:

·             Increased visibility in the marketplace

·           A favorable view from potential clients, vendors and partners

·           Provide attention to the products which will boost sales and profitability

·           Creates loyalty amongst the team, reducing attrition and strengthening workplace interaction

·           Attract the best and brightest in the workplace which will reduce the costs associated with acquisition of talent

Recently, the Chairman of our Board of Directors at ImagineSoftware, Michael J. Hershman, was named as one of the top 10 most ethical CEO’s of 2015 by MBA*.  Michael is considered one of the top leaders in the area of corporate transparency and accountability.  He has advised various countries governments on matters of ethics, and in 2011 he was brought in to help monitor the FIFA World Cup selection committee.  We are honored to have Michael as a part of our team.  He is a constant reminder to us that in business, just as much as in our lives, we always need to be above reproach and be our best selves.

In conclusion, how about creating Core Values for your organization?

In order to maintain your standards, to protect your good reputation, to foster trust with those you do business with; you must go about your activities with purpose and drive to do what is right, not what might be easy.  It must be focused, deliberate, and it must be intentional; or as we put it here at ImagineSoftware, “Intentional Excellence!”

Subscribe to this RSS feed

If you enjoyed this post, you'll love our email updates!

Receive content on industry topics, upcoming webinars, current healthcare trends, and more!