Your Practice & the “No Surprises” Act

According to an email I received yesterday:

“In a nutshell, The “No Surprises Act” requires that patients are notified of specific costs prior to receiving the services. This includes cash based practices.”

The email goes on to specify that you must give each & every patient a good faith estimate of costs prior to care. This seems to be generating some confusion. First, let’s review which patients are specifically targeted by this legislation:

Now let’s discuss it. For most providers who generally see non-emergency patients during scheduled visits at their offices, this should simply be “business as usual.” The legislation takes aim at unexpected emergency care/bills relating to situations like:

  • An out-of-network physician treating an insured patient at an in-network hospital. (There aren’t many alternate situations where this would happen in a doctor’s office.)
  • Air ambulances — which can cost $40,000!!!

The overwhelming goal is to protect consumers from catastrophic costs for unexpected bills.

Your patients should be always be apprised of costs at the beginning of care. Most providers I know already operate this way. And it’s important that you don’t bury any disclosed fees under a mountain of other patient forms. (Yes… that’s specifically noted in the CMS documentation.)

Posted in General, Practice Management | Comments Off on Your Practice & the “No Surprises” Act

Information Blocking & The 21st Century Cures Act Is Not A Cause For Panic!

For all the Chicken Littles out there preaching to you that the sky is falling & you must immediately do this & buy that, my response is a simple “No!” Don’t buy into the hype &  begin spending money unnecessarily.

First of all, the goal is to ensure that your patients have timely access to all the data (e.g. medical & billing) which currently resides in your computer system.

So, given all the misinformation swirling about, I’d like to draw your attention to this Information Blocking FAQ from You don’t need to read through most of the dense language either. Let’s pay attention to some key items.

  • Do these rules apply to you as a healthcare provider (“Actor”)? Absolutely, regardless of whether or not you use certified technology (like ECLIPSE Spectrum) in your office.
  • Are you required to immediately release lab [or other] results through a patient portal or other interface? No. You must however — once data is requested — provide it in a timely manner. Unreasonable delays in making this information available may be construed as “Information Blocking” (“Interference”).
  • Are there exceptions to the Information Blocking rule? Yes. See this FAQ for more information.

So, let’s simplify the above even further. If you don’t use certified technology like ECLIPSE Spectrum with a portal option, and a patient wants to access lab results at 3am on Sunday morning, are you guilty of information blocking? Well, once the patient contacts your office, you should handle the request via the methods available to you (e.g. email, which is HIPAA compliant) within 24-48 hours during normal business hours. Use your discretion.

Here’s a direct quote from the FAQ above:

Again, the information blocking regulations do not require the use of any specific standard or functionality. Instead, the “Content and Manner” exception (45 CFR 171.301) outlines a process by which an actor may prioritize the use of standards in fulfilling a request for EHI in a manner that supports and prioritizes the interoperability of the data.”

And you can examine the Content And Manner exception here. This exception provides — in order — the various ways in which you (remember, you’re an “Actor”) must make information available to your patients. The important wording here is

“unless the actor is technically unable to fulfill the request”

Thus, if you’re not using certified technology, you must use an “Alternative manner,”  defined above as “any manner requested because it is technically unable to fulfill the request or cannot reach agreeable terms with the requestor to fulfill the request.

Thus, if the info is in your system, you must (again, see the exceptions) provide it to patients  both electronically and in a timely manner. If the information is not stored electronically, the patient can come into your office for it, or you can mail it (as you likely did in the past).

Technology is moving ahead rapidly. And the government wants health information to be available everywhere without fuss. Of course, when your patient can access it on their own, it’s easier for both of you. But, there’s no requirement that you run out & spend money right now to ensure your patients get information this second, as opposed to… later today.

Posted in Uncategorized | Comments Off on Information Blocking & The 21st Century Cures Act Is Not A Cause For Panic!

ECLIPSE vs. ChiroTouch II

We are indeed flattered that some companies like ChiroTouch lavish constant attention on ECLIPSE users. However, after Sara – an understandably confused ECLIPSE user in Kentucky — called our customer service line, we decided we’d let you know a few things. First, here are excerpts from her email to me after she spoke with one of our staff members:

“honestly I was so stunned and confused I really wasn’t sure what she was talking about. She said she wanted to go over details about the Chiro Touch and Eclipse conversion… I knew something didn’t sound right.”

So, if you receive a call like this – don’t be fooled. It’s not us! And if you’re intrigued by what they have to say, consider the following…

As Dr. Nachmias from NY told us recently…

“I was using Eclipse software for almost 20 years I switched to Chirotouch at the recommendation of a fellow chiropractor that was using them. This was a big Mistake! after 15 months I switched back to Eclipse. I am so happy to back with the eclipse program”

Do you wonder about the stability of a company that lays off staff? I do! Since MPN was founded in 1985, we’ve never laid off employees. Since 2020 began, ChiroTouch appears to have laid off staff members. EES has been increasing its staff since 2019!

Is your data safe with Chirotouch? Here’s a letter from ChiroTouch to the State Attorney General in New Hampshire that you should read. I’m a chiropractor – not a software expert. So I can’t answer the safety question. (I can guess that ChiroTouch isn’t happy that NH publishes these.) But don’t forget who is ultimately responsible for that data under HIPAA. You!!!

We previously sued ChiroTouch in federal court because we felt they were providing blatantly misleading information about ECLIPSE! They tried in vain to get the suit dismissed. And you can read more about that here.

ECLIPSE is certified to more criteria by the federal government than ChiroTouch.

My personal opinion is that ChiroTouch uses outdated technologies for data (IBM invented SQL in the early 1970’s – it’s ancient). I also believe their clinical notes simply perpetuate missteps of the 1980’s & 1990’s. Narrative text is increasingly faulted in published studies as clinicians & systems nationwide have begun moving to structured data (which we embraced a decade ago).

Posted in Evaluating Software, General | Comments Off on ECLIPSE vs. ChiroTouch II

Ransomware: A Real Threat

Ransomware attacks are making headlines more and more.  The 2016 statistics are startling; more than 4,000 ransomware attacks occurred daily.  Why is ransomware so popular with cybercriminals?  Because it works!  Ransomware is now a billion-dollar industry and growing.

How does the ransomware infect a computer system?  There are three main ways a computer system is infected by ransomware:

  1. By opening an email and clicking on an attachment.  Typically, the attachment looks legitimate, like an invoice or an electronic fax, but instead it contains the malicious ransomware code.
  2. An email might contain a legitimate-looking URL, but once clicked on, one is directed to a website that infects the computer with the malicious software.
  3. The newest and most sophisticated way is to seed legitimate websites with malicious code, taking advantage of unpatched software on the victim’s computer.

 It’s that easy!  Once the infection hits the system, the malware begins encrypting all data that resides on the computer including data within the network (i.e. other computers, backup drives, attached drives).

Typically, the victim isn’t aware of the attack until they can no longer access their files and start receiving computer messages demanding the ransom in exchange for the decryption key. Ransoms can be in the hundreds of thousands of dollars, which is paid in bitcoins to provide anonymity.

Although the FBI doesn’t recommend paying the ransom, many victims pay it in order to get back to business.   Not only is there the financial pain of having to pay the ransom, but also the burden of downtime costs and loss of productivity.  Plus, once the ransom is paid the victim now has the financial burden of insuring their system is upgraded to prevent another attack.   Plus, unfortunately, there are accounts of victims paying the ransom, but never getting the decryption key to unlock their system.

One may never be able to be completely protected against an attack. Below, are some of the key steps to help prevent and prepare.

  • Implement a training program for your staff on the threat of ransomware and how a system may get infected. Important facts:
    • Staff should not open email attachments unless it’s expected or sent from a reliable source. If in doubt, have staff contact sender to confirm.
    • Stop web browsing by staff to avoid phishing campaigns, suspicious website and other scams.
  • Be sure your firewalls, antivirus, antimalware and anti-exploit security programs always stay up-to-date. Be sure your antivirus and antimalware are set to conduct regular scans automatically.
  • Always upgrade your operating system, software and firmware to the latest version. Unpatched programs leave the system open to threats.
  • Perform daily secure backups of your critical data to a USB drives, an external hard drives and/or a cloud storage. If using a drive, be sure to disconnect it from the network after backup to prevent that device from being hacked.
  • Test your backups regularly to ensure you have the data when you need it most.

Being prepared and having a plan is your best line of defense. For more information and a detailed list of steps to help prevent ransomware, please review How to Protect Yourself from Ransomware created by the FBI

Cloud backup is crucial in fighting ransomware. ECLIPSE has partnered with DataHEALTH, the leading provider of cloud backup to the healthcare industry.  DataHEALTH is the ONLY cloud backup provider to be URAC HIPAA Security Business Associate and National Institute Standards and Technology FIPS 140-2 encryption certified.

Posted in General, HIPAA | Tagged | Comments Off on Ransomware: A Real Threat

A Federal Judge’s Ruling: CMS & The Maximum Improvement Standard

On the one hand, a new DHHS OIG report concludes that chiropractic care is medically unnecessary after the first 30 treatments. By that point, DHHS insists, maximum improvement has been reached. And on the other? Hmmm…

In 2011, a class action suit (Jimmo vs. Sebelius) was filed by a combination of Medicare beneficiaries & national organizations in Vermont federal court. The suit alleged that DHHS “imposed a covert rule of thumb that operated as an additional and illegal condition of coverage, resulting in the termination, reduction, or denial of coverage for thousands of Medicare beneficiaries annually.”

The lawsuit contended that an “Improvement Standard” was universally applied to deny coverage if a patient’s condition hadn’t improved. It further contended that, as a consequence, Medicare contractors & claims adjudicators were denying coverage given the expectation that the patient was deemed unlikely to improve further – even though care might be necessary to prevent further deterioration and/or maintain the patient’s current condition.

What prompted this class action lawsuit? One plaintiff needed long term physical therapy following a series of mishaps that began with a broken femur. After months of therapy, the patient’s daughter received a letter stating her mother “has reached her highest practical level of independence.” But the family believed she needed continued therapy to maintain the progress she’d already made.

Does this sound familiar if you’re a chiropractor? Chiropractors nationwide should recognize this as a denial based on “medical necessity” – which is just one of many phrases that allude to the same concept:  the patient isn’t going to further improve. So, a dichotomy. The new DHHS concept of 30 maximum treatments vs. a ruling in federal court about “maintenance care.”

In January 2013, as part of a settlement agreement in Jimmo vs. Burwell, (that’s Department of Health & Human Services Secretary Burwell), the Court required that DHHS educate its frontline contractors & providers that the “Improvement Standard” was illegal. However, as time passed, it appeared that CMS wasn’t upholding its part of the bargain. Plaintiff’s attorneys returned to the courts to seek enforcement of the original agreement. In August 2016, Chief Judge Christina Reiss of the United District Court in Vermont ruled that CMS did have to launch an improved educational campaign. You can read the CMS fact sheet here.

Now, this suit wasn’t filed by chiropractic patients. Regardless, as the 2013 class-action lawsuit settlement specified: Medicare must cover skilled care and therapy when they are “necessary to maintain the patient’s current condition or prevent or slow further deterioration.” This is not a narrowly worded opinion that specifies ongoing physical therapy in a specific instance. Instead, it defines a generic concept of ongoing therapy to maintain Activities of Daily Living.

So, we have the settlement agreement & most recent ruling by a federal judge. And then we have the new OIG report. According to the report, Medicare spent $359 million covering “unnecessary” chiropractic care. I’m not sure who defined what “unnecessary” refers to in this context, but I’d bet it wasn’t the same context applied by the federal court in August 2016.

Patients have always had the right to appeal coverage denials. And they also have the same odds of prevailing they’ve always had: virtually non-existent. Is there room to get further, necessary care approved? We don’t know until someone starts to push back against these barriers. For further reading on these topics:

Posted in Audit Savvy | Tagged , | Comments Off on A Federal Judge’s Ruling: CMS & The Maximum Improvement Standard

DHHS OIG Targeting Tactics for Chiropractic Audits

While you were making last minute preparations for ICD-10, the Department of Health & Human Services Office of the Inspector General published a new report on 9/29/2015. The report makes specific recommendations to CMS with regard to curbing “questionable and inappropriate payments for chiropractic services.”

Why should you care? Well, if you know what OIG considers questionable and inappropriate, you can make adjustments (no pun intended) to your documentation, use of CPT codes & modifiers, and visit frequency to avoid trouble — the kind of trouble that may eventually land you in a position of oversight (including pre-authorizations for services), not to mention fines and return of funds previously paid.

You undoubtedly have a computer in your office & can generate all sorts of reports that provide information about patients. DHHS has computers too. OIG did a great deal of data analysis on chiropractic services performed in 2013. And their data mining techniques helped them pinpoint those of you who don’t seem to follow the rules — and outliers. So… what are they looking for and what can you do to stay off their radar?

  • First, don’t forget to use the AT modifier for chiropractic services. It’s required. CMS realizes that its use doesn’t guarantee the service was actually reasonable & necessary, but the modifier is required. In 2013, 96% of all claims included this modifier.
  • Think twice before using CMT code 98942 for the majority of your Medicare patients. 10% of paid services in 2013 included this code and OIG believes that almost half of these were upcoded. Why? OIG computes your RVU’s (Relative Value Units). They identified 1450 chiropractors who were being reimbursed at higher levels than their colleagues. (Outliers.)
  • High average numbers of claims per beneficiary by your practice indicates to OIG that you’re providing maintenance therapy. OIG believes that 16% of chiropractors received questionable payments and that almost half of these were probably for maintenance therapy. To be specific, 96% of chiropractors averaged 8 services per beneficiary. In contrast, the remaining chiropractors averaged 25 services per beneficiary. This is where your documentation becomes critically important.
    1. If you use an electronic kiosk system where patients enter their own subjective data and have the ability to indicate: “No change. Same as last time” regarding subjective symptoms, and use this option regularly, you will have a problem when your documentation is reviewed.
    2. With CMT codes, make sure you separately document each region you treated.
    3. Active/corrective manipulative treatment is expected to be an improvement in, or arrest of progression, of the patient’s condition. When further clinical improvement cannot reasonably be expected from continuous ongoing care, and the chiropractic treatment becomes supportive rather than corrective in nature, the treatment is then considered maintenance therapy. Your documentation must chronologically reflect the active nature of the care you are providing. If you’re unable to document changes in a patient’s subjective complaints & objective findings over time, a CERT audit won’t help you.
    4. Document exact bones (e.g. C5, C6) and/or area (e.g. lumbo-sacral). Documentation must support the symptoms and have a direct relationship to the subluxation. You must have a treatment plan that includes: recommended level of care (duration and frequency of visits), specific treatment goals, and objective measures to evaluate treatment effectiveness.
    5. Be familiar with your Medicare carrier’s LCD (Local Coverage Determination) and use the tables.
    6. You can attest to signatures & plan of care when you get audited, but ideally your documentation should be electronically signed / locked, and your care plans should be reflected in your locked notes.
  • Getting back to those RVU’s, OIG also looked at chiropractors whose paid services indicated the possibility that they were working 16 hour days, which OIG labeled an “unlikely # of services per day.” As you apply CPT codes, you must consider them within the context of other codes you used that day. Make sure you have a sign-in sheet that can back up the fact that those patients were in your office.

Finally, let’s distinguish behavior characteristics considered questionable vs. average by OIG in 2013:

  • Average amount paid per chiropractor: $45,313 vs. $10,303.
  • Average # of paid claims per chiropractor: 1,604 vs. 407.
  • Average # of beneficiaries per chiropractor with paid services: 101 vs.47.

Where do you fit in?

Fortunately, if you’re using the ECLIPSE Encounter to document your Medicare visits, you have everything you need to help you establish each patient’s progression of care.

Posted in Audit Savvy, Encounter / SOAP | Tagged , , | Comments Off on DHHS OIG Targeting Tactics for Chiropractic Audits

ECLIPSE vs. ChiroTouch

See our October 2020 ChiroTouch update by clicking here!

Competition is healthy. It improves products. People too. From classrooms to sports fields to tradeshow floors. Even to the moon. But there are rules – and laws – about how far is too far. Suppose the chiropractor down the road starts rumors that you broke the ribs of several patients as you adjusted them? How would you feel if you subsequently ended up on the defensive during conversations with your own patients?

Though defamation is against the law, proving the harmful effect of words isn’t easy. So… we generally ignore such transgressions. In this case, we’d heard rumors. Then, finally, a single email to a chiropractor in Minnesota – signed by the ChiroTouch NorthWest Territory Sales Manager (according to his LinkedIn profile) – came into our possession. It enumerated a variety of “facts” about ECLIPSE that were pure fabrications.

So, our attorneys got involved. ChiroTouch insisted it had only happened once. But our attorneys were uncomfortable. Eventually, we filed a lawsuit in federal court.  ChiroTouch did their best to dismiss it and you can read the judge’s decision here (which has since been cited in multiple cases by other federal judges as a precedent). We figured we’d made our point. And so we dropped the lawsuit and that was the end of that.

But the rumors persisted. Last December, we received email asking us to clarify comments about ECLIPSE attributed to a ChiroTouch representative. (They weren’t true and we chose to ignore the incident.) Then, last week, we began receiving calls on our recorded lines from multiple clients. These ECLIPSE clients had apparently received calls from ChiroTouch / Future Health. The callers stated that ECLIPSE wasn’t “ICD-10 ready” and went on to suggest that ChiroTouch / Future Health could provide software that was. At least one of the recipients of these calls – even though she was familiar with the ICD-10 capabilities in ECLIPSE – still needed some reassurance from our HELP Desk that this was untrue. Another insisted on calling them back and getting more information. And so she did.

An especially interesting tidbit was that our clients were often left with the distinct impression that these calls were coming from *us*. According to at least one client (who questioned the caller) this seemed intentional.

So, we thought we’d tell you the same thing we told our clients last week:

“Please do not believe such obvious attempts to steal your business and please consider the integrity of any company that would stoop to fabrications in order to win it. If *you* receive one of these calls, we urge you to take the time to go online and review these companies (there’s nothing they can do to contest truthful reviews), share their behavior in forums, and report it to your state associations. Perhaps such action will dissuade them from future attempts to get you to throw away thousands of dollars & hundreds of hours of your time.”

Of course, we think you should ask ChiroTouch or any company you plan to do business with for information about their own products – not products from other companies. And any negative information they provide should be deemed suspicious. Right?

And see our October 2020 ChiroTouch update by clicking here!

Since 1985, thousands & thousands of chiropractic offices have used ECLIPSE. At one time or another, presidents of many state associations, the ACA, and other organizations have relied on our chiropractic software. It’s topped independent polls, reviews, and surveys for years. Large & small practices nationwide depend on it and benefit from our decades of experience running a successful multi-disciplinary practice  in myriad ways (here’s one). If you want to grow your practice as efficiently as possible, ECLIPSE is the only time-tested chiropractic solution running in the largest practices nationwide — practices with 10, 25, 50, 100 and more employees. And auditors love our unique documentation formats. (Any software that uses a similar format is simply copying data driven designs we created.)

We love competition. Without it, we’d never have grown the way we have. But please get your information about ECLIPSE from us – not from ChiroTouch or any other company. And again, consider the integrity of the company you choose. That’s one reason we’ve never paid for product endorsements. To some extent, this simply reminds me of the late 1980’s — when one company’s reps routinely assured potential clients that all our claim forms get rejected. They did their best to turn a positive into a negative regarding an innovative feature we had & they didn’t. Was it true? Absolutely not. Yet, they succeeded by forcing us to be on the defensive as we attempted to make each sale. We’ve been here for 30 years now.  And that company, like so many others, is no longer recognized by chiropractors — though they were nationwide well into the 1990’s. Sometimes, you need to figure out when to turn on the B.S. meter.

Fun with Advertising

Now, just for the fun of it, let’s take a look at a current ChiroTouch ad. According to the ad:

“A random sample of 500+ practices running ChiroTouch experienced an average of 56% revenue growth year over year.”

Let’s assume a $50,000 annual practice gross when you buy ChiroTouch. In 10 years, you’re grossing $2,735,844 annually. In 15 years, you’ll be grossing over $25,000,000 annually, (Time to consider a corporate jet?) Hmmm. I’d ask for a written guarantee!

From another perspective, if you’re seeing 25, 50, or 100 patient visits weekly right now, in 10 years you’ll be seeing 1368, 2735, or 5261 visits per week respectively. Wow!

Some facts about ECLIPSE

  • ECLIPSE was ICD-10 ready in January, 2014.
  • Dr. Karen Walters, DC FACC has lectured on ICD-10 for C.E. credit. Her March 2015 NYSCA lecture & PowerPoint Presentation are available to anyone free of charge on our website.
  • We have never charged additional fees for updates. If you have a subscription, you can simply download it.
  • We have always avoided outside financing and venture/investment capital. This allows us — with a successful multi-disciplinary practice of our own — to better determine our future. And we have carefully attempted to minimize YOUR out-of-pocket software expenses for decades. As part of that process, we’ve helped thousands of practices realize their full potential.
  • 6/25/2019 addendum: Chirotouch is still calling ECLIPSE clients in 2019 & making stuff up! To find out more about what your colleagues across the USA have to say, visit our web page or Software Advice.
Posted in Evaluating Software, General | Tagged , , , , | Comments Off on ECLIPSE vs. ChiroTouch

Chiropractic Audits & Malpractice: Backups to the Rescue

Irony? I was well into editing this blog entry before being contacted last week by a DHHS Special Agent involved in a NYC investigation. One of my final suggestions — during a conversation that stretched past an hour — was that backups could verify whether data had been falsified. DHHS suspected that data was changed after they notified the office of their interest in specific bills and accompanying clinical documentation. Those backups (which DHHS has) may save this practice from trouble that ranges from fines to jail time.

Two weeks ago, I had a similar conversation with an attorney defending a malpractice case in FL, where the plaintiff’s attorney was accusing the doctor’s office of falsifying data after the doctor was notified of the pending lawsuit.

You see, when documentation supports your version of the story, an investigator’s next step is to simply wonder whether you falsified information. It’s virtually impossible to become bulletproof. But it’s very much within the realm of possibility to seal potential cracks.

One of the most overlooked ways to ensure you can prove you didn’t modify records, believe it or not, is your backup system. Just as a sign-in sheet containing a physical signature can demonstrate that a patient was actually in your office, backups can provide forensic evidence when you’re accused of falsifying records during a malpractice suit or audit. We’ve always suggested a rigorous backup schedule with multiple backups that extend to at least a year. However, it seems that extending this to include backups at 6 month intervals for 7 (or so) years is neither difficult nor expensive in today’s environment.

These days, the digital audit trail within your EHR may help protect you. However, audit trails can only go so far. An audit trail in your software may show that data was modified without tracking how that data was actually changed, or what it was changed from. There are myriad reasons for this, but the bottom line is that it’s always better to be prepared.

Backups of your data protect you from mishaps that affect your cash flow & daily office routine. As it turns out, they also present another way to prove your case when an unexpected audit or malpractice suit lands on your desk.

If your backup is maintained by a third party (e.g. cloud based), this will help build an unassailable wall of evidence to support your position. For ECLIPSE users, we recommend DataHealth, which is HIPAA accredited by URAC.

The ECLIPSE Encounter and your backups – when you take proper advantage of them – can help you prevent audits from turning into nightmares. The smart way to avoid problems is simple: lock your notes within a reasonable period of time (e.g. not more than a few days after the patient visit) & certainly never attempt to modify documentation – especially after you’re notified of an audit. (You can always add dated addendums.) Investigators may seize your files and will certainly attempt to forensically determine whether or not you changed existing data after you were notified that the payer or agency wanted more information.

Posted in Audit Savvy, Encounter / SOAP, Practice Management | Comments Off on Chiropractic Audits & Malpractice: Backups to the Rescue

The Growing Chiropractic Practice: Stop Losing Existing Patients!

It’s amazing how easy it can be for major practice management features within ECLIPSE to fade into obscurity as the decades roll by — even when those features are as relevant now as they were way back in 1984. At the time, Karen’s rapidly growing practice was beginning to leak patients. Once she became aware that a patient had stopped coming in for care, too much time might have elapsed to get the patient to return.

Though this wasn’t an everyday event, she simply wanted an opportunity to intervene earlier — rather than weeks or months later. So, when she enlisted my help to evaluate software for her office, she was laser focused on a very specific feature. She wanted software that would answer simple questions such as:

Who came in last week but hasn’t been in since?
Who came in last month but hasn’t been in this month?

She had already learned on her own that she was able to better educate patients when she reached them earlier. Now she wanted software to help track such patients before they were lost to her practice. Yet, none of the nationally distributed (and very expensive) products we looked at provided this feature. She was unwilling to compromise and the companies refused to add the report. ECLIPSE was born as a direct result. The Trace Patient Visits report did exactly what she wanted and became a staple of her practice.

Back in the 1980’s and 1990’s many D.C.’s learned the value of this report and used it to help grow their practices. These days, perhaps its value has been buried amongst other, flashier features. Everyone thinks about social media and how to incorporate it into their marketing. Great idea! But what about keeping the patients you already have? In the past week alone, I’ve advised three doctors — who separately requested we add this capability — of its existence. It’s there just waiting for you to take advantage of it. Because your practice isn’t just about your documentation. Of course, we’ve got that covered too.

Posted in Practice Management | Tagged , | Comments Off on The Growing Chiropractic Practice: Stop Losing Existing Patients!

Cloud Casualties & Your EHR Software

Over the past several years, I’ve discussed:

And now comes an attack on a hosting company. The hosting company could have been ANY hosting company. And the data on their servers could be ANY data – your patient data perhaps. The attack wiped out everything – including all the backups. So, if it was your patient data, stored by EHR software on that hosting platform, you would have lost everything.

On June 17th, 2014 the DDOS (distributed denial of service) attack on Code Spaces wiped out their system along with all their backups and put them out of business. They had advertised that your data was safe because they had redundant systems spanning multiple geographic locations.

Regardless of the company you contract with for your patient data, realize that they in turn have contracted with a company to provide storage space in the “cloud.” A company that – no matter how safe they claim to be – can be targeted.

With ECLIPSE, where your data resides is up to you. And where your backups reside is determined by you as well. ECLIPSE based practices often maintain backups at several locations, making it difficult or impossible for third parties to hold that data hostage. So, before you succumb to “Cloud fever” — please don’t assume you can leave all your worries behind. At the very least, use a 3rd party tool to create data backups that you can download on a regular basis.

Addendum (8/20/2014):

Since this article was posted, here are just two (of many) additional events that occurred in subsequent weeks…

  • According to various news sources, up to 35% of Practice Fusion customers (i.e. doctors & staff who use the Practice Fusion EHR) lost access for up to two days due to problems with a data center.
  • Community Health Systems, which operates 206 hospitals across the United States, announced on 8/18/2014 that hackers recently broke into its computers and stole data on 4.5 million patients. Anyone who received treatment from a network-owned hospital in the last five years — or was merely referred there by an outside doctor — is affected. The company’s hospitals operate in 28 states… and the lost personal information is protected by HIPAA. That means patients could sue the hospital network for damages.
Posted in Cloud Computing, HIPAA | Tagged | Comments Off on Cloud Casualties & Your EHR Software