Is Dropbox Putting Your Medical Practice’s Compliance Plan at Risk?

Dropbox LogoSince its release in 2008, Internet File Storage tool Dropbox has been a big hit with people who have to keep track of files on multiple computers. Users can download a free program that lets them upload files to “the cloud” (see: a server or servers connected to the Internet), and then can access the files on any other device: other PCs or Macs, any web browser, even a smartphone or tablet. The program puts a small, “dropbox” in the bottom corner of the user’s screen and any file dragged into the icon is automatically uploaded. When the user looks at the dropbox on another device, the file is there waiting.

Dropbox has been wildly popular because it is extremely useful: it saves people time and makes them more productive, and is free for the first 2GB of storage. Users can either earn more free storage by referring friends to the program, or purchase more storage with plans that start at $9.99 per month. There are also group plans that allow for centralized file sharing.

In fact, some of your employees could be using Dropbox in your practice right now to let them work from home or the road, or sync multiple work computers, or even give them access to work data on their mobile devices. As all healthcare management professionals know, this has the potential to be a huge problem. The data that is handled in many daily tasks in a medical practice is protected not only by patient confidentiality, but also by federal regulations with some serious financial teeth. On Dropbox’s website, they go after the question head on:

“Unfortunately, Dropbox does not currently have HIPAA, FERPA, SAS 70, ISO 9001, ISO 27001, or PCI certifications. We’ll update this page with any new certifications as we receive them, so please do check back”

Dropbox is very useful for students, people on the go, and anyone who works from different places and different computers, but it’s not really designed for auditable, granular protection of sensitive data. This isn’t to say Dropbox isn’t safe or secure – although they’ve had a few problems, they’ve taken steps to ensure they aren’t repeated – they just aren’t designed for the security needs of healthcare organizations. Even a great password policy in place for your group won’t help if you are relying on tools that were not built for the industry.MMP FileConnect Logo

So what can a practice do if it needs a cloud-based file hosting solution that can help your team work in different places without jeopardizing your compliance? At Manage My Practice, we use and endorse Box, a leading provider of enterprise class file storage. We like Box so much for healthcare purposes that we partnered with them to bring you FileConnect. Using the power of Box, which has installations in over 80% of the Fortune 500 companies, FileConnect supplies fully auditable, granular file storage to your practice while working in lockstep with your existing HIPAA compliance plan.

Click below to contact us to learn more about what FileConnect can do for you!


12 Ways to Supercharge Your Practice in 2012: #8 Leverage “The Cloud” for Real Results


worker able to be productive outside the office

Three technology trends are creating big opportunities for healthcare providers and managers to improve their bottom line, drive savings, and empower a mobile workforce with “The Cloud”:

  1. Improved cellular and network access to the Internet at all times, from all devices.
  1. More powerful, less expensive smartphones and mobile devices to harness this improved access.
  1. The move to deliver computing services to these mobile devices, as well as traditional personal computers through these ubiquitous, powerful Internet connections, so that most of the work is actually done “In the Cloud”- saving a lot of resources.

The Cloud is more than just a fashionable concept – this is a real change in the way people work– and leading organizations are looking past the buzz into the substantive improvements that technology can offer in work flow and cash flow.

NOTE: For those who have not heard the term before, you can always substitute “the internet” for the cloud. Do you get your email in a web browser? Cloud-based email! Do you like to stream your movies to your TV? Media in the cloud! Do you have anywhere you save important stuff online for either security or posterity? Yep – this is cloud-based storage!

By relying on offsite computing power and a constant high-speed Internet connection, the Cloud has all sorts of advantages over a traditional, on-premise model.


How can the Cloud change your practice today?

The cloud can actually protect things better than you can. For less money.

If you have your valuable documents stored in on-site servers, or on personal desktops, you are at risk. Cloud services offer auditability, encryption, and redundancy, and with strong end-user security practices in place, can provide healthcare organizations with absolute top of the line data security AND put the replacement and maintenance back on the vendor. You pay for access, and pay only for what you need.

Moving documents to the cloud not only protects them physically, but keeps them  at your fingertips and the fingertips of permissioned users. Separated data facilities, redundant storage, and professional grade encryption are all more secure than the traditional, “server in the closet” model.


 The cloud can mobilize your practice, but keep everyone on the same page.

The modern medical practice employs providers and administrative and clinical staff that bring powerful mobile devices to work everyday – and take them home too. By giving your key decision makers access to their work files outside of the office, you give them the tools of a work computer anywhere they go. Physicians can handle office tasks on their own schedule, and in their own setting. Administrators can access critical documents from a phone, or a home laptop as easily as they would their desktop. The access you pay for is everywhere: if you have a web or wireless connection, you can access your files.

Tedious, in-house FTP setups, or VPN’ing into the network can be complex and costly solutions; work-arounds like emailing yourself the work files you need, or loading USB flash drives can introduce security risks. And, how can you be sure you remembered to send the latest version? If your work data is hosted in the Cloud, the availability of what you are working on is as much of an afterthought as the lights and water at your office. Updates to files are pushed to everyone immediately too, so you know your team always has the latest. With mobile applications and network access, employees can not only work from home – they can work from anywhere they have a mobile device and service.


The Cloud turns computing power into a utility.

In terms of your practice cash flow, cloud computing enables you to flatten IT spending into a much more predictable outlay. If you own your server, you are very familiar with the “update cycle”.  Determining the right time for updates, upgrades, replacements and expansion to keep up with your needs, comply with new regulations, ease pain points for the staff, or improve security can be an endless loop of spending lots of time and money.

In effect, a practice is never out of the upgrade cycle, they are only on the easier end of one for a while. The cloud allows you to simply pay your monthly access and storage fees to your providers, and change plans as soon as you need more or less. Upgrades are pushed automatically, and built into monthly fees. You “pay as you go” for what you use – and only that. Scaling your IT resources up and down as you need them lets you fine tune your budget to your needs, and lets you turn your upgrade cycle into a predictable fixed expense. Employees can “B.Y.O.D.” or “Bring Your Own Device”- to give them a familiar hardware and software interface, and to give employers lower hardware costs.

How many of the things on this list are taking up space in your office, and are at risk of being misplaced? How many can you locate and share with your employees, physicians and stakeholders right now?

  • Physician Credentials, Privileges, Re-appointments, CME
  • Monthly and Quarterly financials
  • Daily work – Deposit slips, EOBs, Checks, Superbills
  • Practice Management reports
  • Accounts Payable invoices
  • Contracts
  • Partial or full paper charts that will not be included in the EMR
  • Personnel files
  • Personnel policies and employee handbook
  • PTO requests
  • Board agendas and minutes
  • Applicant resumes and paperwork
  • Benefit plan books
  • Retirement plan documents
  • Tax documents
  • Agendas and Minutes of Staff and Board Meetings
  • Policy changes and reviews
  • Templates and forms
  • Equipment user manuals
  • Referring physician holiday card or gift list
  • Anything else stored offsite or in your office that doesn’t need to be taking space and costing $$$

Where do I start?

Manage My Practice thinks leveraging the cloud is an important way for medical offices to achieve efficiency and reduce costs. In fact, we think it is so important that we have partnered with cloud leader Box to bring you MMP Fileconnect – a product specific to healthcare that allows you to manage your practice documents from anywhere. Box has installations in more than 70% of the Fortune 500 companies, and we think it’s the right product for you. Contact us to learn how Fileconnect can start helping your practice today!


Record Retention Simplified – The Ultimate Guideline

Record retention can be a significant problem for healthcare groups. Different federal and state regulations require different retention schedules for medical records and other medical-service related documents. Many managers and physicians are confused on how long they should maintain records and how best to store all this paper. Here’s an updated record retention schedule that is in sync with medical malpractice insurers (check with your malpractice carrier) and accounting firms.

There are all kinds of numbers floating around for retaining records, but unless you are focusing ONLY on record retention, you”d have to be very organized to separate what can be shredded in 1 year, 3 years, 6 years, 7 years, etc. I prefer to categorize everything into three basic categories: Save it Forever, Save it for 7 years, and Save it according to state requirements. Here is (almost) everything broken into my three categories.

Corporate Paperwork & Financials: Save all permanently

  • Letters of Incorporation
  • Bylaws
  • Capital Stock
  • Shareholder’s Agreements
  • Copyright and Trademark Information
  • Legal Correspondence
  • Minutes
  • Auditors Report
  • Annual Financial Statements
  • General Ledgers
  • Depreciation Schedules
  • Important Correspondence
  • Licenses
  • Loan documents
  • Property documents
  • Tax records
  • Retirement Plan documents
  • OSHA Medical Records for employee accidents/exposure – 30 years so you may as well keep them forever
  • Worker’s Compensation Records – 11 years so you may as well keep them forever

Accounting Records & Miscellaneous Records: 7 years

  • Human Resource Records – 7 years after termination (keep applications and resumes for non-hirees for 1 year)
  • Accounts Payable records
  • Bank Statements
  • Canceled Checks
  • Contracts and Leases (after expiration)
  • Electronic Fund Transfers
  • Accounts Payable original invoices
  • Payroll Records
  • Other benefit records
  • Sales records (for goods such as vitamins, supplements, or books)
  • Reimbursement records for employee expenses
  • EOBs from payers
  • Encounter Forms or other Billing Records (HIPAA requires Covered Entities retain billing records for 6 years)

Patient Medical Records – guided by state regulation or physician preference, whichever is longer

Adults Recommended: permanently – or a minimum of 10 years after the last encounter

Minors Recommended: permanently – or a minimum of statute of limitation past the age of majority (check your state)

Providers of Medicare Advantage programs must keep patient records for 10 years


Keeping it All Together the Manage My Practice Way

So, how do you keep from drowning in all that paper? Savvy practices scan their paperwork into offsite data centers that give them security, redundancy and easy accessibility, as well as potentially turning dead space into revenue-producing space.

There are many generic solutions for data storage, but Manage My Practice has partnered with Box to serve the special needs of healthcare practices and related service-providers.  The  package provides practices with the training, organizational set-up, and support to store everything (and I do mean everything) securely for as little as $120/month with upload and download encryption and no space limitations. Box is the leader in data storage and security and Manage My Practice is the name you know and trustBox for a test drive, contact Abraham Whaley at abe@managemypractice.com or Mary Pat at marypat@managemypractice.com.




Free At Last. My Phone Contract Ends and I Get Smartphone Advice From My Partner

Square in action!


At long last, my two-year contract with my current cell phone carrier is over and I am free again! Of course, I immediately turned to my son & partner Abraham for some sage smartphone advice. Here’s the conversation we had.

Mary Pat: What things should I consider when choosing a smartphone?

Abraham: Smartphones are so much more than just telephones, so the first question is always “How will you be using it?”. If you really just need to make the occasional phone call from the road and nothing else, you probably don’t even need a smartphone. A simple, old-fashioned flip phone, or bar-style device will do just fine. For everyone else, picture the things you’ll want to do on the phone. Is it mostly a business device- checking emails, editing documents, and having access to critical data? Or will you also want to watch streaming videos in your downtime, play games, or take pictures and movies to send to friends and family? It’s easy to look at a phone’s capabilities and stereotype what the average user would be like: iPhones seem so hip, Blackberrys seem so serious, Androids seem so geeky. The reality is that all smartphones on the market today probably have enough muscle (and apps!) to make anyone happy. So choose a phone based on features, comfort, and specifications – not the label or the image that comes with it.

Another thing to consider is that in the United States, most mobile phones are “carrier specific”, meaning that they only work with one service. This means picking a carrier may be even more important than picking a phone. Coverage maps, and promises on commercials are one thing, but I would ask your friends and colleagues about their phones. If a friend has a new phone, ask them how they like it, who they’re with, and how happy they’ve been with the service. Most people that have been living and working in an area for any amount of time have a pretty good idea how their cell reception is, so talk to people you live or work near. If you’re a road-warrior, ask other warriors in the airport what they use and like.

Mary Pat: Does it make sense to change phones or carriers since my contract is up?

Abraham: Of course! I think most people, even casual users of mobile devices, are ready to have a new device by the time their contract is up. In two years, a lot will have changed, making new phones available that have more capabilities, power, and features. Many people decide to sign a contract extension to get a good price or rebate on a new phone.

Of course, maybe in the two years you’ve grown weary of your service plan itself. Most companies will let you change your service plan even if the contract isn’t currently up. They’d rather you pay for more or less minutes a month that just break the contract, pay a fee and change companies. So if you’re not crazy about your cellphone carrier, but the issue isn’t bad enough to warrant breaking the contract, you might not actually change to a new company until the contract is up, letting you avoid early cancellation fees.

Mary Pat: What are the major advantages of smartphones over non-smartphones?

Abraham: The difference between a smartphone and a conventional mobile device is the things the device is capable of. So I’d say the biggest capabilities that a smartphones has over an older phone are:

1. Email – Constant access to your inbox. Send and reply anywhere. This is the biggest thing most business users are looking for.

2. Web/Internet/Cloud access – Web browsing, as well as browser access to company private networks, and cloud storage services.

3. Multimedia – Take pictures, sound and video from a mobile device, and access rich content through the web, for business, and personal use applications.

Mary Pat: How can smartphones help the business person?

Abraham: Smartphones help the business person by giving them critical data on the go, and giving them the ability to make critical decisions from wherever they are. A smartphone lets you connect with coworkers and customers in a faster, more efficient way that also recognizes that today’s workforce is often a mobile one. Mobile technology lets you improve productivity, by giving employees the tools to get the job done from more places, and at more times.

Mary Pat: What do you think about the fact that people with smartphones might be working more (as they are always available) not less,  as technology is supposed to be helping us to do?

Abraham: It is definitely a double-edged sword. Just because we can do something doesn’t always mean we should. Being able to do more shouldn’t be a mandate to have to do more, and as with any new technology, you have to adapt your habits to conditions on the ground. Technology won’t set boundaries for you, and won’t balance your work/home life just by saving you time. So set some rules going in. If you can’t take late-night emails or calls and still get sleep, then turn it off after dinner. If you find yourself feeling guilty about knowing you could be more productive, then be more productive tomorrow, but don’t drive yourself crazy in your off hours because you could be answering emails. No technology is actually helping you if its power is making you miserable. Use a smartphone as a tool, not a leash.

Mary Pat: What do you think are the three best free apps (applications) and the three best paid apps for smartphones for business people?

Abraham: App markets on Apple iPhone, Google Android, and Blackberry products offer an enormous range of software tools for the business person, but that being said, here’s what I couldn’t go without currently.

Free Apps-

Skype (available for Android and iPhone) – The powerful Voice Over Internet Protocol (VOIP) software that lets you make free voice and video calls to other Skype users, as well as chat and call landlines is a great free app. Some people even use Skype is the place of their mobile minutes! If you are a Skype user on your desktop or laptop, you will love having it on your phone.

Feedly (available for Android and iPhone) – a fantastic newsreader that allows you to subscribe to RSS feeds of your favorite websites and read the updates on your own time. Feedly lets mobile users read their favorite sites and blogs on their own time in an neat, organized way. Not sure what a newsreader is? Click here to find out.

Box.net (available for Android and iPhone) – Box.net is a powerful secure file sharing and collaboration web service that lets you access files from a secure server on your phone. More versatile and powerful than simply attaching documents to emails, Box.net gives you access to all your critical data on the go. We love Box so much at MMP that we built a tool with them called MMP FileConnect, and the free Box mobile device applications let business users have access to all of their Box communications in one place.

Paid Apps-

Quickoffice (available for Android and iPhone) – A fantastic office productivity suite for Mobile Devices, QuickOffice lets you edit Documents, Spreadsheets and Presentations from a variety of file formats right on your phone. The software is so popular that some devices come with it pre-loaded. (About $10)

Splashtop Remote Desktop (available for Android and iPhone) – Your smartphone lets you do a lot of things like you were at your desktop, but what if you needed to actually be at your computer, looking at your screen? Remote desktop software lets you set up a connection to your home or work computer and actually log in and control the mouse and keyboard just like you were there. This can help not only business people who have some applications on a PC that can’t be installed on a smartphone, but also people in customer service and support, giving them the option to simply “log-in” to your computer’s screen and fix things remotely. (About $2)

Square (available for Android and iPhone) – Click on the Square link and scroll down to check out the video of the pediatrician taking payments when he makes a house call! Very cool. Square is a remarkable little program that lets you turn your mobile device into a credit card machine to take payments anywhere instantly. The program is free to download, and the company will send you a free Square “card reader” that plugs into your phone so that it can read the card’s magnetic strip. Collecting money via credit card will mean that you pay a service fee to the company, but it’s a tremendously low-cost way for businesses to take credit on the go. (Price: 2.75% of the transaction.)

After hearing Abraham’s advice, I bought a Droid X2 with Verizon and although I’m still adjusting to typing on the screen, I am loving it. Yep, I am a geek!

Readers, what phone are you using and what apps help you to be productive?

Introducing Manage My Practice Tools and MMP FileConnect!

It is my pleasure to announce Manage My Practice’s first product in our new Manage My Practice Tools section  – MMP FileConnect.

MMP FileConnect is a simple and affordable way to:

  • Increase efficiency in your practice by reducing workflow issues and duplication of paperwork.
  • Cut expenses for on-site and off-site storage.
  • Promote collaboration and teamwork between departments, locations and employee silos.
  • Reduce risk by keeping critical documents secure.
  • Access files anywhere from any browser or mobile device (especially great for the docs!)

How does MMP FileConnect work?

MMP FileConnect is similar to a new and improved filing cabinet that resides in the cloud (a secure Internet domain), not on your server. It allows the administrator to design a folder and file system and assign users permissions (view, upload, download, edit, etc.) in their practice.

The administrator can set up groups of users with the same permissions, and can easily add or delete users, change existing groups’ settings, or change file organization. In my practice I have a structure something like this:

  1. Employees
    • Office Forms such as PTO requests, fax cover sheets and reimbursement requests
    • Patient Forms such as demographic sheets and financial agreements
    • Calendars such as call calendars, vacation calendars and birthday calendars
    • Lists & Reference Documents –  internal and external phone lists, practice abbreviations, and insurance plans the group participates with.
  2. Physicians & Administrator
    • Monthly Financials
    • Reimbursement Requests
    • Time Off Notifications
  3. Billing Staff
    • Provider CME records
    • Provider Credentialing Records
    • Payer Contract Summaries
  4. Administrator
    • Personnel Files
    • Payroll Files & Compensation Spreadsheet
    • Contracts & Leases

You can also invite external users to be a part of MMP FileConnect for easy communication surrounding documents. My benefits broker is a user so I can place new employee benefit enrollment forms on FileConnect and she is immediately notified without me having to send an email.  She can download the enrollments and process them immediately. An added benefit is that I have a tracking record of when I placed the forms there and when she picked them up.

What about the security of MMP FileConnect?

MMP FileConnect is built on the Box.net platform.  Box knows the healthcare industry is one of the world’s most demanding marketplaces when it comes to data security and customer privacy. The implicit trust between a provider and a patient is critical to all stakeholders. With MMP FileConnect and Box you can be sure that your stored data is absolutely safe. Box has a SAS 70 type II certification, meaning it has been independently audited by the AICPA for sensitivity in handling healthcare data. All of your data on MMP FileConnect is 256-Bit AES encrpyted both in storage and in transfer. There is the capability for a complete audit, giving you the tools to monitor and manage your information with peace of mind. On top of that, Box.net has a guaranteed uptime of 99.9%, so you can count on your data being there anytime you need it.

Do I have to logon to a website every time I want to use a document?

One of the best features of MMP FileConnect is the desktop file sync feature. Every user can keep a desktop folder of most-used files and folders stored on FileConnect and can utilize them without going to a browser or using a login and password. Anytime a file is updated by any user, the newest version automatically syncs to the appropriate desktops.

What else can it do?

For more ideas on how to use this amazing tool, see my post on “76 Ways to Use the Cloud” here. Every one of those 76 ways is doable with MMP FileConnect!

What does MMP FileConnect cost?

A very affordable $25 per month per user, with discounts for paying annually and for groups of 50 users or more.

Tell me more!

For more information and an opportunity to try MMP FileConnect free for 28 days, click here to contact us.

Image via Wikipedia

Enhanced by Zemanta

Why I Joined Manage My Practice, LLC

Manage My Practice gets a new COO

Last week I accepted an offer from Mary Pat to become the COO of the new corporation she has formed, Manage My Practice, LLC.

Together, we are excited to move MMP to its next phase.

Now the Medical Manager’s Secret Weapon is even more powerful by offering products and services that give your practice added flexibility and efficiency and that meet Mary Pat’s undisputed standard for practice-tested quality.

Helping people get the most out of technology is a passion that has kept me interested in the MMP blog. Mary Pat’s curiosity and confidence in bringing innovation to the industry has made her one of today’s leading voices on the ways healthcare organizations and managers can get the most bang for their technology buck. I have been honored in the past to be invited to demystify some of the current technological trends as the author of the category of posts called “Learn This” for MMP.

As COO of Manage My Practice, I hope to expand that role to not only add more and better actionable content to the blog, but also to introduce readers to a carefully selected line of MMP-approved products and services that they can use to take their organization to the next level.

We call this new offering Manage My Practice Tools (find it here) and we hope you will find it as useful and valuable as you do the Manage My Practice blog.

The first MMP Tool we offer you is MMP FileConnect. Built on the Box platform, it allows your staff, providers and external stakeholders to share files over desktop, web and mobile platforms. MMP FileConnect allows you to create a living repository of your documents, calenders, spreadsheets, images, portable document files (PDFs) and more.

As a cloud-based filing cabinet and as a project management and communication tool, MMP FileConnect lets you and your team manage administrative and critical data tasks securely from wherever you are.

I am thrilled to be joining the Manage My Practice team during this exciting new time, and beyond heading up the new MMP Tools service, I’ll be expanding my presence on the blog with a special focus on making sense of the latest technology news and products with a constant focus on one question: “How can this help Medical Practice Managers?” I hope you will leave your comments on this post or write to me here with topics you’d like to see me write about on MMP.

I look forward to providing the answers you’ve come to rely on finding on Manage My Practice.

-Abraham Whaley, COO, Manage My Practice, LLC.