Since its release in 2008, Internet File Storage tool Dropbox has been a big hit with people who have to keep track of files on multiple computers. Users can download a free program that lets them upload files to “the cloud” (see: a server or servers connected to the Internet), and then can access the files on any other device: other PCs or Macs, any web browser, even a smartphone or tablet. The program puts a small, “dropbox” in the bottom corner of the user’s screen and any file dragged into the icon is automatically uploaded. When the user looks at the dropbox on another device, the file is there waiting.
Dropbox has been wildly popular because it is extremely useful: it saves people time and makes them more productive, and is free for the first 2GB of storage. Users can either earn more free storage by referring friends to the program, or purchase more storage with plans that start at $9.99 per month. There are also group plans that allow for centralized file sharing.
In fact, some of your employees could be using Dropbox in your practice right now to let them work from home or the road, or sync multiple work computers, or even give them access to work data on their mobile devices. As all healthcare management professionals know, this has the potential to be a huge problem. The data that is handled in many daily tasks in a medical practice is protected not only by patient confidentiality, but also by federal regulations with some serious financial teeth. On Dropbox’s website, they go after the question head on:
“Unfortunately, Dropbox does not currently have HIPAA, FERPA, SAS 70, ISO 9001, ISO 27001, or PCI certifications. We’ll update this page with any new certifications as we receive them, so please do check back”
Three technology trends are creating big opportunities for healthcare providers and managers to improve their bottom line, drive savings, and empower a mobile workforce with “The Cloud”:
Improved cellular and network access to the Internet at all times, from all devices.
More powerful, less expensive smartphones and mobile devices to harness this improved access.
The move to deliver computing services to these mobile devices, as well as traditional personal computers through these ubiquitous, powerful Internet connections, so that most of the work is actually done “In the Cloud”- saving a lot of resources.
The Cloud is more than just a fashionable concept – this is a real change in the way people work– and leading organizations are looking past the buzz into the substantive improvements that technology can offer in work flow and cash flow.
Phoenix Cardiac Surgery probably never thought they would be a poster child for HIPAA safeguards, but this 5-physician cardiothoracic practice in Prescott, Arizona has become famous for something no medical practice wants to be famous for – not protecting their patient information.
Today’s HHS Press Release reads as follows:
HHS settles case with Phoenix Cardiac Surgery for lack of HIPAA safeguards
In a traditional healthcare setting, the revenue cycle begins with the insurance companies who pay the majority of the bill. There are multitudes of payers and each payer can have many plans. How can a healthcare organization catalog this information, keep this information updated and make this information easily accessible to staff so they can discuss payments with patients in an informed and confident way?
Start by breaking your payers into five main categories as a logical way to organize the data.
Payers with whom you have a contract
Payers with whom you do not have a contract
State and Federal government payers (Medicare, Medicaid, TriCare)
Medicare Advantage payers
Payers with whom you have a contract
Your organization has signed a contract with a payer and you have agreed to accept a discounted fee called an allowable, and to abide by their rules. What is the information you need to collect?
A copy of the contract
A detailed fee schedule, or a basis for the fees, such as “150% of the 2008 Medicare fee schedule.”
Any information about the fees being increased periodically based on economic indicators, or rules (notification, timeline, appeals) on how the payer can change the fee schedule.
The process and a contact name for appealing incorrect payments.
Information on what can be collected at time of service. Hopefully your contract does not have any language that prohibits collections at time of service, but you must know what the contract states.
Process for checking on patients’ eligibility and benefits: representative by phone, interactive voice response (IVR), website or third-party access.