Tag: DAS Health
While the idea of cloud computing has been around for decades, it’s only in recent years that independent healthcare practices have been able to make use of it. Many providers are wary of switching to the cloud, especially when used to physical on-site servers, and questions linger about the security of cloud hosted patient records.
The Advantages of Storing Health Records on the Cloud
Despite the uncertainty, the largest advantage of using the cloud to store patient health records is the security. Major security breaches and instances of non-HIPAA compliance tend to splash across the headlines, but are often associated with on-site servers instead of cloud based ones. In fact, cloud hosted servers fight off millions of instances of cyberattacks every single day.
Think of it like this – every time a doctor, nurse, or healthcare professional logs onto a remotely-accessed cloud server, they’re proving the security of the platforms. Only authorized personnel can access the data they seek, and built-in security measures prevent unauthorized access daily.
Other advantages of cloud-based health record storage include:
- Faster loading times for all applications
- The option for automatic backups and disaster recovery
- A reduction in cost – you pay less for cloud software storage than you do for on-site servers, security software, and maintenance
- Removing the headache of common physical server HIPAA breaches
Many cloud hosting organizations like DAS Health even store servers in a biometrically secured, restricted data center. This prevents not just cyberattacks, but physical interactions with data as well.
Eliminating Human Error with Cloud Hosting
While cyberattacks and ransomware are real threats to data, the human element is a key part of protection. Often, it is carelessness or poor physical safeguards that lead to data breaches. Cloud hosting eliminates these concerns by taking away the physical interaction common with on-site servers, and adds security software protections you don’t find in the office. These human errors include:
- Mishandled PHI through unsafe passwords or storing data in unsecure locations
- Keeping data on unsecured devices instead of in the cloud
- Incorrectly set up servers that are not protected as they should be
- The theft of mobile or tablet devices that have saved EHR passwords on them
Cloud hosting eliminates some of these risks, such as hosting data in an unsecure location, and by using a trusted partner you can rest easier knowing your practice is protected from untrustworthy vendors. Making sure your practice staff follow HIPAA best practices will protect from the human element in security, as well as meet HIPAA risk assessment requirements.
The Bottom Line: Are My Patients’ Records Safe?
The answer to whether cloud-based health records are secure is a resounding yes. Cloud software is used by 83% of healthcare organizations, and companies the world over. It’s used in everything from financial markets to sport’s management. It’s also an incredibly powerful tool that independent practices can use to gain leverage on their competitors.
Learn more about our industry-leading cloud hosting services, used by independent practices across the country.
DAS Health has secured a $6 million credit facility that it primarily will use for future acquisitions and growth.
The health technology company in Tampa that works with independent physicians got the credit line from Fifth Third Bank, a press release said. DAS provides information technology, management solutions and consulting services to doctors and hospitals nationwide. It’s made five acquisitions in three years and has used its own internal operating cash flow for each of them, the release said.
The company now serves nearly 2,000 clinicians and more than 600 physician practices nationwide. It was No. 19 on the Tampa Bay Business Journal’s Fast 50 List in 2017, with $11.97 million in revenue for the prior year.
Working with Fifth Third Bank, along with strong operating results, allows DAS to rapidly expand its “buy-and-build” strategy, said David Schlaifer, DAS Health president and CEO.
“Notwithstanding DAS’ substantial success to date in acquiring companies using only its own internal cash flow, we believe we are only at the beginning of their long-term growth cycle,” Danny Riley, senior vice president at Fifth Third Bank, said in the release.
DAS, is “exactly the type of company that Tampa has been trying to grow here,” Mayor Bob Buckhorn said when DAS last year announced a $145,000 capital investment to expand its headquarters in downtown Tampa and said it would add 30 jobs paying an average annual wage of $55,130.
DAS was courted by many banks, Schlaifer said, but Fifth Third was a “culture match,” he said.
“We look to continue our rapid growth with the ultimate goal of helping clinicians across the United States focus on their patients, not worry about their business,” Schlaifer said.
Here are the five acquisitions that DAS has made to date:
- January 2018: Integra I.T. Solutions in Las Vegas
- June 2016: Falcon Healthcare Systems in Las Vegas
- May 2016: EHR and practice management business of Jackson Key Practice Solutions in Alabama
- January 2016: ConXitTechnology Group in Charlotte, North Carolina
- October 2015: Revenue cycle management business of Spectra Health Care in Tampa
TAMPA, Fla. – May 22, 2018 – DAS Health, a leading provider of health IT and management solutions, has secured a $6 million facility through Fifth Third Bank to be used primarily for future acquisitions and growth. DAS recently completed its fifth acquisition in a three-year time span, each using only DAS’ own internal operating cashflow (see https://dashealth.com/partnership-video).
DAS Health’s excellent track record of success in integrating services and staff has led to continued expansion, allowing the company to provide existing clients with improved services and support as well as expand the organization’s service area and client base. The largest national reseller of Aprima® Medical Software, DAS offers a broad spectrum of practice management, IT and patient care solutions. Recent acquisitions have added eMDs® Plus, Lytec™, and Medisoft® EHR and PM platforms as well as expanded DAS’ managed IT solutions. Additional service offerings include security risk assessments, MIPS/MACRA reporting & consulting, mental & behavioral health screenings, chronic care management, revenue cycle management (RCM) medical billing and value-based care solutions.
“DAS is focused on helping independent physicians to thrive in a changing industry. This partnership with Fifth Third bank, along with our already strong operating results, allows us to rapidly expand our “buy-and-build” strategy, which in turn allows us to better serve our clients and find new ways for them to prosper,” David Schlaifer, DAS Health President and CEO, emphasized. “Although we have been courted by many banks, it was clear from the first conversation with Fifth Third that there was a culture match and they were the right partner for us going forward. We look to continue our rapid growth with the ultimate goal of helping clinicians across the United States focus on their patients, not worry about their business.”
“The leadership, results and business model at DAS Health are truly impressive, and the focus on client success is remarkable,” Danny Riley, Senior Vice President of Fifth Third Bank added. “Notwithstanding DAS’ substantial success to date in acquiring companies using only its own internal cash flow, we believe we are only at the beginning of their long-term growth cycle and are excited to play a pivotal role in helping them to accelerate their growth capacity.”
DAS’ continued growth has been celebrated with six consecutive years on the Inc. 5000 list of fastest-growing privately held companies and is the only company to be named for eight consecutive years to the Tampa Bay Business Journal Fast 50 list. The company now serves nearly 2,000 clinicians and more than 600 physician practices nationwide.
*Aprima is a registered trademark of Aprima Medical Software, Inc.
* eMDs, eMDs Plus, Lytec, and Medisoft are trademarks of eMDs, Inc.
HIPAA is a hot topic for healthcare professionals, and for good reason. Some HIPAA fines have totaled more than $5 million in the past, and new violators continue to get hit with penalties and fines. HIPAA’s past can be read on the news, but its future is still in contention.
HIPAA, the Health Insurance Portability and Accountability Act of 1996, provides policies and procedures for data privacy and security to protect patient’s medical information. The 1996 law was followed by an additional Privacy Rule in 2000 and Security Rule in 2003, all of which are designed to protect physical and electronic patient data by setting strict policies for data storage, sharing and availability.
HIPAA regulations have not changed much in the last 15 years, with the exception of added provisions under the HITECH act in 2009. While the regulations have not changed, they impact any and all healthcare providers as well as their business partners and continue to generate fines for non-compliance.
The Office of Civil Rights (OCR) within the Department of Health and Human Services is responsible for enforcing HIPAA. The OCR partially funds itself from the HIPAA fines that it levies.
The office has stated that they are shifting away from routine investigations to “focus on larger, more complex work which impacts a broader audience.” This may indicate that there may be fewer enforcement actions, but they might be larger in scope.
At HIMSS, Roger Severino, Director of the OCR stated that he would be looking at “big, juicy” data breaches. While he did not specify if he would be focusing on physical security, ransomware, or cybersecurity, his statement emphasizes the need for healthcare entities of any and all sizes to remain vigilant.
Severino has gone on to say that he wants HIPAA settlements to become smaller. For that to happen, however, healthcare providers need to be more conscientious about their compliance programs.
We are still likely to see financial penalties when practices fail to perform routine security risk assessments, for example. Many practices have difficulty maintaining physical data security with on site servers, often left in non-compliant settings with easy access, instead of a more secure option like cloud hosting. Investing in the right security – both for data and physical servers – is key to practice’s avoiding HIPAA fines.
New Privacy Regulations
With many current challenges, including the opioid epidemic, doctors and patients are seeking new ways to share data to improve outcomes. This focus may lead to updates to existing data security rules and regulations. While HIPAA remains the same, changing guidelines and industry pushes will impact regulations in the years to come.
Keeping HIPAA compliant is key to protecting your practice from heavy fines and from data loss. Complete your required Security Risk Assessment to identify areas of concern, and invest in the right cybersecurity services to protect your practice from malware. Not sure where to begin with HIPAA? The DAS Health team can help – contact us today.
If you’re worried you’ve got ransomware, you would not be alone:
- A single hack of Anthem in 2015 compromised the medical information of over seventy-eight million customers
- There were three data breaches in 2017 that affected more than 1,000,000 individuals’ medical records
- There were eight more data breaches in 2017 that affected upwards of 100,000 individuals’ medical records
- There were over 300 total hacks last year alone
All of these numbers come directly from HIPAA. Breaches have affected small providers, larger health organizations, and a variety of insurance companies over the last few years. All of which begs the question – what do you do after some sort of breach?
We’ve gathered a few best practices, but it’s important to work with your IT department or vendor to have a specific plan in place before a breach occurs.
1. Alert Your IT Department
First and foremost, it’s important to be calm and avoid panicking when ransomware strikes. Alerting your IT vendor or IT department should be the first thing on your mind, so they can take immediate action to halt the cyberthreat and isolate the incident.
While it might be tempting to shut down or restart your computer and hope the issue gets resolved, you may be making the problem worse without knowing it. Your experienced, professional support is ready to help instead – and they’ll know just what to do.
2. Seclude Your Computer
If your device is connected to the internet via an ethernet cable, make sure you remove the cable immediately. If you are connected wireless, disconnect from your WiFi. Any attached storage drives, such as a USB drives, should be pulled out as well. It is critical that your computer is not associated with the company’s network in any way, as the malware can easily spread.
A computer with malware that is connected to your network can affect other devices. Make sure you take your affected device offline to avoid contaminating other computers and data.
3. Keep Your Computer Turned On
Do not turn off your computer when ransomware strikes. While this may be tempting, turning off your device may trigger a loss of important data or even evidence of the crime. It may also potentially remove important information you could use to decrypt files, and there is a chance that your device may never turn back on again.
Make sure you don’t take this risk. Leave the computer on until you have spoken with your IT professional, so you can share specifics of the attack and get better advice on the specific concern. This is the best way to get your computer – and data – back.
4. Restore from a Backup
To best protect your data, it is important to have a back up of key patient data and files. Backups completed regularly mean you can essentially revert back to before the ransomware attack and access a safe, unaffected copy of your information. With services like cloud hosting, your data is stored in the cloud and backed up daily in case of disaster or cyberattack. Once you have addressed the cyberattack with your IT team make sure to restore your data from the most recent back up.
Do not handle this step alone. Ask for professional guidance and IT support to restore the right files. If you don’t have a current backup process, speak with a cloud hosting professional on the best ways to protect your data.
Working with an IT vendor you can trust, who has the right security suite and proven track record, can help your practice stop ransomware attacks even before they happen. Call the experts at DAS Health at (813) 774-9800 to learn more.
Technology advancements continue to drive major change in healthcare. Yet, for all the EHR and computer-based solutions available, paperwork is still an unavoidable and time-consuming part of many practices.
A recent study found that doctors are spending as much as one-sixth of their day on non-patient related paperwork. Psychiatrists and internists have the biggest burden, but all practices have forms to sign and administrative as well as clinical areas to deal with on a daily basis.
Paperwork Leads to Burnout
Many practices have yet to take advantage of re-creating forms within their EHR or other technology offerings. They still spend time first writing down information in paper format, then staff time translating that content into their EHR. Another paperwork burden comes with labs and other vendors, who often send patient results back to practices in paper formats.
This manual data entry from staff often leads to errors in addition to eating up valuable time. One way to get this time back is investing in interfaces or integrations that transfer data seamlessly between systems. Instead of requiring labs to send data in paper these custom connections move data right into the patient chart – cutting out the entire manual process.
Workflows May Need Improvement
Without relying on administrative staff to help completed required documents, it can be tough to get everything done in a timely manner. While some regulations require the physician to be the one completing a task, such as entering orders, there is room to optimize workflows or reduce duplication of efforts to streamline these tasks.
Knowing when to delegate and how to do so efficiently can help your practice reduce the time spent on paperwork overall by sharing these time-consuming tasks.
For many practices, looking to outside consulting can help identify areas that are missing the mark. An outside perspective may reveal ways to adjust processes that have been ingrained in your practice, or attending physician panels may help in comparing notes and discussing your common concerns with your peers.
Billing is a Nightmare
When you fail to accurately capture patient information, that leads to reimbursement delays. Manual claims management processes are a huge administrative burden. This increases the time between when you help your patient and when you get receive compensation.
There is a lot of opportunity for automation when it comes to medical billing, and using an outside vendor can help to identify areas for improvement as well as share some of the manual tasks that would otherwise fall on your own staff. Using the right billing software can provide you insight on where your problems are, and help you overcome them. When you are dealing with pens and paper, you just have to guess.
DAS Health provides a wealth of practice management solutions including certified PM & EHR technology, consulting services and Revenue Cycle Management billing. We want to help make the administrative side of your practice a little bit easier for you. If we can help, reach out to us today.