Loading ...Archive for the ‘Greg Park’ Category
Enterprise-wide Document Management Solution
Monday, June 6th, 2011As hospitals strive to achieve Meaningful Use of EHRs under the HITECH act, they find certified systems lack the ability to eliminate all paper-centric processes. EHR’s will improve healthcare over time, but greater efficiencies, improved processes and a paper-free environment will take years to achieve.
Paper will be the medium of choice for many workflows for the foreseeable future, and Document management can accelerate these processes and provide insight into deficiencies. As hospitals consider Document Management they must expand their focus beyond the management of patient processes. This myopic patient-centric view of document management leaves hospitals struggling to accommodate Administrative and Financial workflows. Hospitals implementing their HIT Vendor’s scanning and archiving solution may need to purchase another solution to accommodate vendor invoices, employment applications and licensing certifications.
Most hospitals do not consider enterprise needs as they access Document Management. This is especially true for hospitals replacing defunct platforms like VALCO. These hospitals seek a VALCO functional equivalent and are failing to take advantage of this opportunity to expand Document Management to the enterprise. If you are a VALCO customer you can call DBTech and we will transfer your existing VALCO data with our partner IATRIC Systems. Your new RAS system will manage invoice tracking, capital requests and any other paper-centric process within your hospital.
For hospitals considering the purchase of their HIT vendor’s scanning and archiving solution, be sure they are not just focusing on patient processes. For instance, many Meditech hospitals will claim their platform will manage AP, HR and other internal processes, but there are no reported clients using Scan & Archive beyond patient needs.
Whether you are looking for a new Document Management platform, or replacing VALCO, call DBTech and let us demonstrate a true Enterprise-wide Document Management solution.
Is That SharePoint or RAS
Tuesday, May 10th, 2011SharePoint is a popular collaboration tool to share documents between users and partners. Collaboration is the number one reason for implementing SharePoint according to a recent AIIM Strategies and Experiences White-Paper1.
SharePoint users push and tag documents with meta-data into SharePoint Team Sites. Team Sites act as the functional equivalent to RAS Folders.
Similarities between SharePoint and RAS end here, as a majority of SharePoint implementations have required third-party tools and consultants to reach functional levels of RAS.
A major SharePoint shortcoming is workflow. By workflow we mean the process of Document Routing, Document Approvals, Life-Cycle and Intelligent Document Management.
Document Routing has been a RAS mainstay since 1993, and includes tools to drive enterprise content, notify staff of new content and deliver data to critical workflows. RAS Workflow Automations push documents and alerts to users through email, smart phones and secured URL’s. Document data can be extracted and integrated with any third-party application. For instance, Patient Accounting users can scan Explanation of Benefits into RAS and interface payment data to receivable applications.
Document Approvals are a new RAS feature and permit sophisticated user-driven workflows. RAS Customers can establish multi-layer approvals for Vendor Invoices, Employment Applications and Capital Requests. In the coming months DBTech will announce an enhancement to RASi eForms that will drive online forms with sophisticated data-entry rules and integration with signature devices.
Life-Cycle is critical to Document Governance, and is a significant downside to SharePoint. RAS Customers have controlled Document Life-Cycle for well over 17 years, and can be assured that content is eliminated with minimal administrative intervention. Document Life-Cycle is extremely important for those organizations that must adhere to SOX compliance.
Intelligent Document Management (IDM) is a critical component to any serious Enterprise Content Management (ECM) implementation. IDM automates meta-data collection from foreign systems, applications and documents without end-user intervention. RAS Customers have enjoyed this feature for years. With IDM Face-sheets captured by RAS are analyzed for admitting physician, insurance and service to drive business processes, distribution and Workflows.
Please give DBTech a call if you are considering a SharePoint implementation. Our business is Enterprise Content Management and we can help you save significant funds by removing expensive third-party SharePoint gap solutions.
Reference
1. http://www.aiim.org/sharepoint/paper/sharepoint-industry-watch-report
Get a Grip on IT
Monday, April 4th, 2011By Greg Park
There was a very interesting article in the WSJ earlier this year.
It is impossible to secure all of your patient information.
That is the bottom line. All of your security measures, encryption securing data both at rest and in motion, and all role-based access to your data will not protect you from authorized users using data in unauthorized ways.
That being said, you still have to do everything you can to secure your data. You must apply the best security that is accessible to you. In that light I want to share with you best-practices on securing patient data in RAS and RASi.
Role-based access
Ensure RAS and RASi users see only documents required to complete their jobs. If your director of surgery uses RASi, make sure he or she only sees patients with a hospital service of surgery. Make sure that patient accounting users can’t see clinical reports. Lock down the ability to print copy or email to only necessary users, and then make sure you run detailed audit reports on those users.
Audit Files
RAS and RASi are chock-full of audit reports that can be scheduled and run on-demand. Reports can be run to analyze when PHI has been emailed, printed, copied or viewed. Make sure you look at this information and find out when PHI is replicated outside of your RAS or RASi environment.
Application Timeouts
Global time-outs can be established for RAS and RASi. Make sure you use this so that when user leave their screens another user won’t be able to snoop their session.
Encrypt Emails
Emails can be setup as an automated workflow or launched interactively by authorized RAS and RASi Users. Assure that RAS Auto-Emails containing PHI are encrypted, and then make sure that emailing and printing are your best options. Sometimes forcing outside recipients to view documents via RAS or RASi WEB are the best option, because once you print it or email it, you have abdicated control.
Hide PHI
There are ways that you can de-identify PHI in RAS reports using Monarch. Email gpark@dbtech.com if you want more information on how to do this.
These are simple steps that can go a long way towards protecting your PHI, but nothing beats a well informed user. Best practices entail assuring authorized users understand the implications of revealing PHI, and making sure they understand that you take their guardianship of this data seriously.
Can the Paper Tiger be Tamed
Monday, March 7th, 2011Can the Paper Tiger be Tamed
Document Management as an industry has been around since the eighties, yet still to this date (when we were supposed to have flying cars mind you) American companies are still waste tons of paper. AIIM, the nation’s leading organization devoted to content management, has estimates that one trillion pages are still printed, copied and faxed.
So what happened? Did we do something wrong?
No, you did nothing wrong. This is business as usual. Organization buy solutions to stop the hemorrhaging of some critical business issue then forget the solution when confronted with other document management needs. Some even go out and purchase another solution with overlapping functionality. Believe me I have seen it!
When you have a moment, review the link below. This slide-show is very insightful, and gives you a glimpse into the future of document management.
Once you finish reviewing this slideshow ask yourself this question, “What else can RAS do for me”. I guarantee you that you have only started to scratch the surface, and I am willing to prove it to you.
PDF Capture
Tuesday, December 7th, 2010
By Greg Park
Why PDF Files in RAS?
Five years ago, DBTech introduced RAS PDF to capture, automate and disseminate Adobe PDF files. Since then many customers have used RAS for their graphical documents created in Crystal Reports, MS Office and documents created outside of your organization. Please consider these additional benefits when you choose RAS to manage your PDF content.
Scanning Made Easier
Scanners with programmable function keys can publish files directly to RAS without a user interface. Users place documents into a scanner, scan and find the document securely stored in RAS. Converting an image file created by a scanner into a searchable PDF file can be accomplished by the native functionality of the scanner, or by utilizing the RAS PDF and OCR modules in tandem. This is a great method for managing resumes, certification documents, Invoices, Contracts and even Explanation of Benefits (EOBs).
Has your organization been looking for a method to completely automate your Accounts Payable Invoice payment process?
Promote Digital Authorizations
Placing content into PDF files opens up many methods for electronic signatures and authorizations. Consider this possibility as you contemplate electronic signature of patient forms at registration. PDF files stored in RAS can also be opened in Adobe and authorized with private key encryption.
PDF Standardization and Security
If you are auto-emailing clear text documents to external recipients, STOP.
Let DBTech show you how to convert text-documents automatically to PDF format. This ensures recipients use the information in a familiar user interface with the strongest layer of security possible to protect your content.
Digital Audio and Video Files
Many don’t realize this, but the PDF format is ideal for sharing audio and video files. By adding video to a PDF document, you can keep audiences engaged and deliver compelling information for anyone to view, using the free Adobe Reader. RAS gives you tremendous flexibility to engage these files into any financial, administrative or clinical workflow.
Interactive PDF Forms
Even if you are flexing your RAS and PDF muscles to their max, you probably haven’t taken advantage of the ability within RAS for users to open PDF files with the standard Adobe Reader. When documents are opened in Adobe Reader, you have a vast number of tools at your disposal, including the ability for users to type input, select check-boxes and digitally authorize documents. PDF files delivered through RAS is a great method to facilitate internal document workflow, such as capital requests and employee data change forms.
There is so much you can do with RAS and PDF.
Give us a call today to discuss your specific needs.
Document Management as a Downtime Solution
Friday, September 3rd, 2010By Greg Park
Seventy Five percent of you reading this post will experience a major system downtime within twelve months. More than half will be down more than an hour, and a smaller percentage will experience a downtime in excess of twelve hours.
Patient perceptions, staff satisfaction, decreased revenues and adversely affected quality measures are byproducts of a major system downtime, and must be addressed by every provider.
Data and platform redundancy are obvious responses to this situation, but for many hospitals maintaining hot-sites with real-time redundancy is too much expense while managing the resources required implementing Meaningful Use of certified EHR’s under ARRA. read more…
Final Rule Meaningful Use
Thursday, July 15th, 2010
On Tuesday July 13 the Department of Health and Human Services released its much anticipated definition of “Meaningful Use” and set standards for electronic health record incentives.
The Medicare and Medicaid EHR incentive programs will provide incentive payments to eligible professionals and eligible hospitals as they adopt, implement, upgrade or demonstrate meaningful use of certified EHR technology. The programs begin in 2011. These incentive programs are designed to support providers in this period of Health IT transition and instill the use of EHRs in meaningful ways to help our nation to improve the quality, safety and efficiency of patient health care.
The 864 page definition document will take us a few days to interpret, but at first glance it appears the government has softened expectations from the original draft. Providers who have not adopted CPOE will breathe a collective sigh of relief, as physicians can rely on transcribers to enter orders and still comply with CPOE requirements.
As we review this document in detail we will keep you updated on any information we believe is important, and please share your thoughts and ideas with me at gpark@dbtech.com.
Red Flag Regulations Extended To 12/31/10
Tuesday, June 1st, 2010The FTC has delayed enforcement of their Red-Flag regulations. Each deadline has been delayed and providers are inconvenienced with a new false-start. This latest delay maybe the final one as the AMA seeks permanent exclusion for physicians, dentists, veterinarians and accounting offices within the regulation’s scope.
The Federal Trade Commission said Friday it will push back the Red Flags Rule deadline to December 31, 2010, as Congress considers legislation that would affect the scope of entities covered by it.
Officials said today’s announcement and the release of an Enforcement Policy Statement do not affect other federal agencies’ enforcement of the original November 1, 2008, deadline for institutions subject to their oversight to be in compliance. read more…
Security Of Patient Data
Wednesday, April 14th, 2010
By Greg Park
In my last installment we focused on the DHHS’ website exposing security breaches of patient data. Since then HIMSS Analytics released a report titled Security of Patient Data, revealing critical gaps in hospital data security, and characterizing hospital data security as more reactive than proactive.
Report Highlights:
- Healthcare breaches has so-far increased 6% in 2010
- Hospitals underestimate the cost of data breaches. HITECH violations can total $1.5 million
- Patient satisfaction is cited as the primary concern of breaches with financial costs as secondary
- Security is managed in data-silos, creating unwanted gaps in policies and procedures
- 84% of breaches due to lost/stolen laptops or backup tapes and improper document handling
- Hospitals expect an increase in employee background checks
This information provides a road map on where to focus your hospital’s security plan, and we will highlight the benefits of making RAS a part of that plan.
DB Technology’s Best Practices using RAS (document management, document imaging):
- Maximum Login Attempts. User accounts are disabled after X failed login attempts.
- Password Options. Align RAS’s Password setting with your hospital’s policy. This may sound like a no-brainer, but the HIMSS Analytics report clearly shows that overall policy can fail to be enacted throughout all systems.
- Inactivity Timeouts. This is really important! If left unchecked patient data can be exposed on user desktops. At a minimum make sure that each workstation times-out to a password protected screen saver.
- Inactivity Timeouts Part II. User accounts are disabled after X days of logging into RAS. This will ensure that terminated employee logins are deactivated. Studies indicate a large percentage of theft incidents are attributable to terminated employees.
- Role-based access. Devise access based on job description, ensuring users see information specific to their position. This is applicable in all DB Technology products.
- Report Access Logging. It is best practice to “turn-on” audits for all Users and Workflows.
- Access Codes. Access to User Interface functions must be geared towards users’ role. Many hospitals leave this unchecked and allow unrestricted replication of documents. If a user has no purpose printing, emailing or copying reports, deactivate the functions for that user or user group.
- Management Reports. There are a ton of Management Reports that when coupled with audit trail data provide insight into how data is utilized. Perform an unscheduled spot-check and investigate why users are emailing or printing protected data.
- PHI flag. All reports in the RAS Title database can be marked as containing PHI. This is important as it permits PHI specific auditing.
- Last but not least, consider how you are disseminating data. If you are emailing or copying data to network drive space you have lost control. There are many ways to securely deliver data through RAS to all recipients while maintaining a high-level of data protection.
Contact DB Technology if you would like guidance on how to tighten security at your hospital with RAS.
HIPAA Policies Regarding Breach Notifications
Wednesday, February 24th, 2010My name is Greg Park and for those that know me you know that I write on various healthcare topics. Today I want to focus on security. You all may be aware of the new HIPAA policies regarding breach notifications. This states that starting on September 23, 2009 all covered entities must provide notifications of breaches to the Department of Health And Human Services (HHS). Breaches that affect 500 or more individuals must be report to HHS within 60 days, and are clearly visible on the HHS website.
Check out the breaches that have occurred by clicking this link. I found it very interesting to understand the source and scope of these breaches. read more…