Tag: DAS Health
TAMPA, Fla. – May 22, 2018 – DAS Health, a leading provider of health IT and management solutions, has secured a $6 million facility through Fifth Third Bank to be used primarily for future acquisitions and growth. DAS recently completed its fifth acquisition in a three-year time span, each using only DAS’ own internal operating cashflow (see https://dashealth.com/partnership-video).
DAS Health’s excellent track record of success in integrating services and staff has led to continued expansion, allowing the company to provide existing clients with improved services and support as well as expand the organization’s service area and client base. The largest national reseller of Aprima® Medical Software, DAS offers a broad spectrum of practice management, IT and patient care solutions. Recent acquisitions have added eMDs® Plus, Lytec™, and Medisoft® EHR and PM platforms as well as expanded DAS’ managed IT solutions. Additional service offerings include security risk assessments, MIPS/MACRA reporting & consulting, mental & behavioral health screenings, chronic care management, revenue cycle management (RCM) medical billing and value-based care solutions.
“DAS is focused on helping independent physicians to thrive in a changing industry. This partnership with Fifth Third bank, along with our already strong operating results, allows us to rapidly expand our “buy-and-build” strategy, which in turn allows us to better serve our clients and find new ways for them to prosper,” David Schlaifer, DAS Health President and CEO, emphasized. “Although we have been courted by many banks, it was clear from the first conversation with Fifth Third that there was a culture match and they were the right partner for us going forward. We look to continue our rapid growth with the ultimate goal of helping clinicians across the United States focus on their patients, not worry about their business.”
“The leadership, results and business model at DAS Health are truly impressive, and the focus on client success is remarkable,” Danny Riley, Senior Vice President of Fifth Third Bank added. “Notwithstanding DAS’ substantial success to date in acquiring companies using only its own internal cash flow, we believe we are only at the beginning of their long-term growth cycle and are excited to play a pivotal role in helping them to accelerate their growth capacity.”
DAS’ continued growth has been celebrated with six consecutive years on the Inc. 5000 list of fastest-growing privately held companies and is the only company to be named for eight consecutive years to the Tampa Bay Business Journal Fast 50 list. The company now serves nearly 2,000 clinicians and more than 600 physician practices nationwide.
*Aprima is a registered trademark of Aprima Medical Software, Inc.
* eMDs, eMDs Plus, Lytec, and Medisoft are trademarks of eMDs, Inc.
HIPAA is a hot topic for healthcare professionals, and for good reason. Some HIPAA fines have totaled more than $5 million in the past, and new violators continue to get hit with penalties and fines. HIPAA’s past can be read on the news, but its future is still in contention.
HIPAA, the Health Insurance Portability and Accountability Act of 1996, provides policies and procedures for data privacy and security to protect patient’s medical information. The 1996 law was followed by an additional Privacy Rule in 2000 and Security Rule in 2003, all of which are designed to protect physical and electronic patient data by setting strict policies for data storage, sharing and availability.
HIPAA regulations have not changed much in the last 15 years, with the exception of added provisions under the HITECH act in 2009. While the regulations have not changed, they impact any and all healthcare providers as well as their business partners and continue to generate fines for non-compliance.
The Office of Civil Rights (OCR) within the Department of Health and Human Services is responsible for enforcing HIPAA. The OCR partially funds itself from the HIPAA fines that it levies.
The office has stated that they are shifting away from routine investigations to “focus on larger, more complex work which impacts a broader audience.” This may indicate that there may be fewer enforcement actions, but they might be larger in scope.
At HIMSS, Roger Severino, Director of the OCR stated that he would be looking at “big, juicy” data breaches. While he did not specify if he would be focusing on physical security, ransomware, or cybersecurity, his statement emphasizes the need for healthcare entities of any and all sizes to remain vigilant.
Severino has gone on to say that he wants HIPAA settlements to become smaller. For that to happen, however, healthcare providers need to be more conscientious about their compliance programs.
We are still likely to see financial penalties when practices fail to perform routine security risk assessments, for example. Many practices have difficulty maintaining physical data security with on site servers, often left in non-compliant settings with easy access, instead of a more secure option like cloud hosting. Investing in the right security – both for data and physical servers – is key to practice’s avoiding HIPAA fines.
New Privacy Regulations
With many current challenges, including the opioid epidemic, doctors and patients are seeking new ways to share data to improve outcomes. This focus may lead to updates to existing data security rules and regulations. While HIPAA remains the same, changing guidelines and industry pushes will impact regulations in the years to come.
Keeping HIPAA compliant is key to protecting your practice from heavy fines and from data loss. Complete your required Security Risk Assessment to identify areas of concern, and invest in the right cybersecurity services to protect your practice from malware. Not sure where to begin with HIPAA? The DAS Health team can help – contact us today.
If you’re worried you’ve got ransomware, you would not be alone:
- A single hack of Anthem in 2015 compromised the medical information of over seventy-eight million customers
- There were three data breaches in 2017 that affected more than 1,000,000 individuals’ medical records
- There were eight more data breaches in 2017 that affected upwards of 100,000 individuals’ medical records
- There were over 300 total hacks last year alone
All of these numbers come directly from HIPAA. Breaches have affected small providers, larger health organizations, and a variety of insurance companies over the last few years. All of which begs the question – what do you do after some sort of breach?
We’ve gathered a few best practices, but it’s important to work with your IT department or vendor to have a specific plan in place before a breach occurs.
1. Alert Your IT Department
First and foremost, it’s important to be calm and avoid panicking when ransomware strikes. Alerting your IT vendor or IT department should be the first thing on your mind, so they can take immediate action to halt the cyberthreat and isolate the incident.
While it might be tempting to shut down or restart your computer and hope the issue gets resolved, you may be making the problem worse without knowing it. Your experienced, professional support is ready to help instead – and they’ll know just what to do.
2. Seclude Your Computer
If your device is connected to the internet via an ethernet cable, make sure you remove the cable immediately. If you are connected wireless, disconnect from your WiFi. Any attached storage drives, such as a USB drives, should be pulled out as well. It is critical that your computer is not associated with the company’s network in any way, as the malware can easily spread.
A computer with malware that is connected to your network can affect other devices. Make sure you take your affected device offline to avoid contaminating other computers and data.
3. Keep Your Computer Turned On
Do not turn off your computer when ransomware strikes. While this may be tempting, turning off your device may trigger a loss of important data or even evidence of the crime. It may also potentially remove important information you could use to decrypt files, and there is a chance that your device may never turn back on again.
Make sure you don’t take this risk. Leave the computer on until you have spoken with your IT professional, so you can share specifics of the attack and get better advice on the specific concern. This is the best way to get your computer – and data – back.
4. Restore from a Backup
To best protect your data, it is important to have a back up of key patient data and files. Backups completed regularly mean you can essentially revert back to before the ransomware attack and access a safe, unaffected copy of your information. With services like cloud hosting, your data is stored in the cloud and backed up daily in case of disaster or cyberattack. Once you have addressed the cyberattack with your IT team make sure to restore your data from the most recent back up.
Do not handle this step alone. Ask for professional guidance and IT support to restore the right files. If you don’t have a current backup process, speak with a cloud hosting professional on the best ways to protect your data.
Working with an IT vendor you can trust, who has the right security suite and proven track record, can help your practice stop ransomware attacks even before they happen. Call the experts at DAS Health at (813) 774-9800 to learn more.
Technology advancements continue to drive major change in healthcare. Yet, for all the EHR and computer-based solutions available, paperwork is still an unavoidable and time-consuming part of many practices.
A recent study found that doctors are spending as much as one-sixth of their day on non-patient related paperwork. Psychiatrists and internists have the biggest burden, but all practices have forms to sign and administrative as well as clinical areas to deal with on a daily basis.
Paperwork Leads to Burnout
Many practices have yet to take advantage of re-creating forms within their EHR or other technology offerings. They still spend time first writing down information in paper format, then staff time translating that content into their EHR. Another paperwork burden comes with labs and other vendors, who often send patient results back to practices in paper formats.
This manual data entry from staff often leads to errors in addition to eating up valuable time. One way to get this time back is investing in interfaces or integrations that transfer data seamlessly between systems. Instead of requiring labs to send data in paper these custom connections move data right into the patient chart – cutting out the entire manual process.
Workflows May Need Improvement
Without relying on administrative staff to help completed required documents, it can be tough to get everything done in a timely manner. While some regulations require the physician to be the one completing a task, such as entering orders, there is room to optimize workflows or reduce duplication of efforts to streamline these tasks.
Knowing when to delegate and how to do so efficiently can help your practice reduce the time spent on paperwork overall by sharing these time-consuming tasks.
For many practices, looking to outside consulting can help identify areas that are missing the mark. An outside perspective may reveal ways to adjust processes that have been ingrained in your practice, or attending physician panels may help in comparing notes and discussing your common concerns with your peers.
Billing is a Nightmare
When you fail to accurately capture patient information, that leads to reimbursement delays. Manual claims management processes are a huge administrative burden. This increases the time between when you help your patient and when you get receive compensation.
There is a lot of opportunity for automation when it comes to medical billing, and using an outside vendor can help to identify areas for improvement as well as share some of the manual tasks that would otherwise fall on your own staff. Using the right billing software can provide you insight on where your problems are, and help you overcome them. When you are dealing with pens and paper, you just have to guess.
DAS Health provides a wealth of practice management solutions including certified PM & EHR technology, consulting services and Revenue Cycle Management billing. We want to help make the administrative side of your practice a little bit easier for you. If we can help, reach out to us today.
Last year, the medical records of at least 7,000 people were released in a single cyberattack in New York. Worldwide spending on information security is expected to crawl upwards of $90 billion this year. Often, it seems that there is a cyberattack in the news every single week.
Physician practices are especially vulnerable to hacks. Hundreds of individuals seek medical information with a host of bad intentions, including blackmail, access to financial information, and more. The patient data that practices store and work with on a daily basis makes them an ideal target – particularly smaller practices with fewer resources.
As an increasing focus for hackers, are physicians prepared to fight cyberattacks?
Around 90% of cyberattacks are caused by human error or behavior. While movies often portray hackers as wearing ski masks and looking at page after page of code to try and break into your system, its often as simple as someone getting access to a password or login that lets them get to your data. While attacks from afar are a real threat, training your employees to better protect access is critical.
Having a secure password is important and protecting that password even more so. Your password should be complicated enough to deter hackers, but not so complicated that you have to write it down. Written passwords are among the easiest, and most destructive, ways for hackers to get access to your system. To avoid writing sensitive information down, make your password something memorable, but not so obvious that someone could guess it. Avoid things like birthdays, names of family members, or other simple choices.
Train your staff to know and recognize what a phishing scam is, so that doctors, nurses, and other medical professionals do not inadvertently send private information to someone with bad intentions.
When it comes to data storage and protection, healthcare is lagging far behind other industries. In fact, the FBI issued a recent press release regarding cybersecurity in healthcare, noting that practices are behind when it comes to protecting sensitive information.
Thinking about where data is stored is likely not top of mind for physicians, but it’s an important business consideration. When your servers aren’t protected from access and your data isn’t covered by an experienced managed IT team you are ripe for cyberattack.
Using services like cloud hosting can add layers of protection to your data, as well as provide essential disaster recovery services to help your business in case of threats or natural disasters. Over 83% of healthcare organizations have moved to the cloud in order to realize these benefits.
The proper storage of information is important. Not only does a breach mean a loss of trust in your medical practice, it could be a HIPAA violation.
More than 20% of respondents in a survey regarding medical cybersecurity had no idea how much they were spending to make sure that their systems were protected from cyberattacks.
Spending on the right health IT security shouldn’t break the bank. In fact, getting the technology you need to protect your practice will save you untold hundreds of thousands of dollars in the event of a breach. The average cost per leaked record topped $402 in 2016, with individual practices settling breach cases for upwards of $7.5 million. To avoid these costly fees, it’s important to set aside part of your budget for cybersecurity. Invest in a managed IT company that can fully protect your business and can help complete regular due diligence reviews of your system. Your practice will be better prepared to fend off attacks without needing to invest more time and money when an attack happens.
Spending on security is not just an expense – it is an investment that could save your from a massive headache down the road.
The Future of Cyber Attacks
Advancements in technology continue to improve care but come with added cyber risks. The advent of services like telemedicine has excited both patients and doctors but come with their own risks. According to the American Medical Association, about a third of doctors are likely to adopt telemedicine within the next year. This comes with massive implications regarding how information is transmitted and stored.
The number, complexity, and potential damage of hacks has only increased. Large threats like WannaCry continue to make waves, and smaller breaches continue to make systems vulnerable. Doctors may not be prepared for what is to come.
We’re here to help. Completing your required security risk assessment can help identify areas for improvement, and add enterprise-level security services to keep your practice protected from future threats. Contact us today to get started.
In 1999, 4,000 people died from opioid overdoses. In 2016, that number was between 59,000 and 65,000 people. The head of the Food and Drug Administration, Dr. Scott Gottlieb, has declared that the opioid epidemic is the FDA’s biggest crisis.
With the emphasis on combating the opioid epidemic, technology, regulations and better data are helping to fight back.
Getting the Right Patient Data
One of the biggest barriers to combating the opioid epidemic is emphasizing the importance of mental & behavioral health. While providers have always cared for the physical health of their patients, many are now incorporating specific mental & behavioral health screenings into their practice workflows.
These screenings provide physicians with patient health data on opioid risk, alcohol misuse, depression and other factors that help identify at-risk individuals. With better data, practices can make more informed decisions and better predict which patients need additional support.
Better Record Keeping
Certain states, like Florida, have instituted programs that keeps better records of patient diagnoses and prescribed medications. The program aims to allow physicians better data on which patients have been receiving medications and when, in order to avoid overprescribing.
When these databases are interfaced with EHR technology, providers are able to access patient data quickly and make informed medical decisions Programs like Florida’s require clinicians or staff members to check with a statewide database before prescribing or dispensing drugs.
New legislative limitations have passed in several states, including Florida, hoping to reduce opioid prescribing. 25 states have passed legislation imposing limitations since 2016.
HHS regulations including tracking prescribing patterns hope to address prescribing at the national level. These regulations support the increased focus on limiting opioid prescribing, in conjunction with better awareness of opioid risks.
With new funds allocated to addressing the opioid crisis, changing regulations and new, opioid-focused government programs are sure to be on the horizon.
As practices work to combat the opioid epidemic, DAS Health is here to help. With easy to implement mental & behavioral health screenings, we can help your practice get better patient health data to inform clinical decisions. Contact us to learn more about what we can do for you.