Biggs and Leffert do not report any relevant financial information.
Adopting a sophisticated information technology system with remote patient monitoring and verified security can make a medical practice attractive to patients and payers.
In this problem, Jonathan D. Leffert, MD, speak with William C. Biggs, MD, FACE, ECNU, Managing Partner and Director of Medical Information at Amarillo Medical Specialists LLP, on the challenges and opportunities related to information technologies for medical practices.
Leffert: HOuch have you have integrated IT into your practice?
Big : Information technology is essentially the currency used to run our medical practices. Obviously, everything is now electronic instead of on a paper map, but that’s more than what’s in our own practice. We have communication links with the outside world. We can now see information integrating with our electronic health records from hospitals, pharmacies, home care, the emergency department. We have collaboration from data sources which makes the EHR much more powerful for us. This gives us information that we did not have before and greatly expands the scope of information available to us.
One concern is what would happen if we arrived at work one morning and there was none. We need to secure this data, which is very attractive to hackers. It includes patient names, addresses, phone numbers, social security numbers, and photographs, all of which are very attractive to criminals. Healthcare organizations are targeted by hackers to steal your information and could put you out of business. We have to be very careful about how we process data and how it is accessed.
The effect: Oprotective hats have you integrated in your system? What box you do to limit outside threats right now?
Big : The strategy is going to depend in some ways on how you store the data. If you host your own data in your practice, consider having a consultant work with you, perhaps an IT vendor who has helped set up the system and can perform a security scan and ensure you have good backups. Backups are essential in the event of a mechanical problem or a tornado or hurricane, for example, to be able to reconstruct the data, or if a hacker manages to install malware that encrypts your data for ransom.
You must have good firewall protection. If you have remote access, require two-factor authentication. You must have an antivirus or malware scan on the system. Many security breaches are caused by phishing when someone receives an email and clicks on a bad link that installs malware on your network.
Your staff should be well trained. Regularly test your employees with penetration tests. Our credit card company requires them to perform penetration tests on us at least quarterly – we actually have ours monthly. It’s free as part of our credit card agreement, and our credit card rates go down when we do.
The effect: How at your board certificate in clinical informatics made your practice more valuable?
Big : We have a lot of data on our patients which is useful in establishing the health characteristics of our population. I can now prove how well I am doing to insurance companies when it comes to my patients’ HbA1c or my patients’ compliance and outcomes. Our group obtains claims data from Medicare and insurance companies, which also allows us to prove our cost effectiveness and show our value to insurance companies. This is very helpful in negotiating our pricing structure with these companies.
We have opportunities for connected patients for remote patient monitoring. Patients can now connect their CGMs, readers and pumps. This allows us to have a better view of what is happening with a patient.
Computers have really changed our view of who a patient is. He was a patient, he was someone who showed up in my office this morning. Now my patient is my patient 24/7. I get data from them maybe through a dashboard that will trigger a notice that they have a problem and maybe I need to contact them or get them to the ER. Techniques like that, where we do remote monitoring, save the health care system money. This saves insurance companies money and you may be able to negotiate with them to share some of these savings with you.
Leffert: If someone wbefore interested in doing what you‘have done — and i know you‘I did it on a very sophisticated level — what would you suggest they do to start the process?
Big : Someone in a small solo firm should identify a security vendor to help with this security attribute and assign them responsibility for backups and security testing. For some of the population health and remote patient monitoring, they should identify resources in the community that could help, such as joining a responsible care organization or allying with other groups that already have tools in place that they can share. These organizations would probably like more endocrinologists to join them.
William C. Biggs, MD, FACE, ECNU, is Managing Partner and Director of Medical Information at Amarillo Medical Specialists LLP. He is a clinical endocrinologist and certified in clinical informatics. He can be reached at firstname.lastname@example.org; Twitter: @ReddyBiggs.
Jonathan D. Leffert, MD, is Managing Partner of the North Texas Endocrine Center and Past President of AACE. He is a endocrine today Editorial board member and editor of Putting It Into Practice. He can be reached at email@example.com; Twitter: @JonathanLeffert.