Manage My Practice

Posts Tagged security

image_pdfimage_print

EMV: How Your Practice Will Be Affected By Credit Card Changes in October 2015

Posted by on May 31, 2015

EMV Chip on a VISA CardAt Manage My Practice, we are big proponents of using a Credit Card on File (CCOF) system in medical practices to reduce expenses and improve cash flow. Knowing how your processing vendor’s pricing plan and security features work are critical to implementing this system. You have to be able to understand and negotiate your costs, and stay current on best practices and technology that keep your patients’ data safe.

Big changes are coming to the technology end of your credit card system in October of this year (as if you won’t be busy enough with ICD-10!) and you need to make sure now that you have all the details handled for your employees and your patients. The new technology is called EMV, or “Euro Mastercard Visa” and has been used in most of the rest of the world for awhile now.

Whenever we have questions about anything credit card related, we go straight to Michael Gutlove, Director of Merchant Services at IDT. Michael has been our own vendor, as well as our top recommendation to clients for almost three years now. We asked him to help us sort out the changes.

 

Mary Pat: Michael, what’s your background?

Michael: I’ve been helping business owners improve their bottom lines since 1997. Reducing costs are critical – now more than ever – for all business owners, and I’ve been able to repeatedly reduce operating costs by clearing away the traditional smoke and mirrors of credit card processing.

Mary Pat: Are people in general and patients specifically using credit cards more than they used to? Do you foresee a time when people will only use credit cards, no cash or checks?

Michael: While electronic payment volume has steadily increased year after year it’s highly unlikely that cash or checks will ever be completely eliminated. Cash payments serve the “underbanked” population and checks remain a highly effective method of payment for high ticket (luxury) items.

Mary Pat: What about payment via a smartphone or watch – do you see that becoming a predominant part of the American payment experience?

Michael: Apple Pay is the first mobile wallet solution that’s made any traction into the payment space. It’s opened the door for cell phone manufacturers, wireless carriers, and any/every technology company under the moon to think about getting involved. The problem with suggesting that mobile technology will replace the way we pay (or become the primary way we pay) is that it’s not fixing an existing problem. Mobile payments are generally viewed as a convenience as opposed to a necessity and we’ve become accustomed to carrying a wallet or purse with actual credit cards.

October 1 Change to EMV Terminals

Mary Pat: The new acronym in credit cards is EMV. What is EMV?

Michael: EMV stands for Europay MasterCard Visa. It’s an acronym for the Global standard of chip card technology facilitating electronic payment transactions. The United States is the last major country to adopt this method.

Mary Pat: Why do readers need to know about EMV?

Michael: October 2015 marks the deadline for business owners, accepting credit or debit cards, to upgrade their terminals for chip card acceptance. While it is not legally necessary to upgrade, doing so reduces the liability for fraudulent or counterfeit duplicate transactions.

Mary Pat: What does accepting chip cards have to do with liability?

Michael: EMV prevents “card present” duplicate fraud as the customer always maintains possession of their card. Instead of swiping the mag-stripe on the back, merchants will instruct customers to insert cards into the EMV ready terminal and enter a PIN or signature when prompted. Businesses that do not have the ability to accept EMV cards will be held liable for fraudulent “swiped” transactions.

Mary Pat: Does EMV eliminate fraud?

Michael: EMV is not a cure all for all types of fraud. The programs put in place will help with duplicate card fraud charge-backs, but will not impact others. Visa, MasterCard, Discover, and American Express have different liability shift requirements.

Mary Pat: What about “Card Not Present” transactions?

Michael: EMV only applies to face-to-face transactions. When it was released in Europe increased levels of fraud showed up via ecommerce and MOTO (mail order/telephone order). A similar scenario is expected once the US adopts EMV making PCI-DSS compliance even more important.

Mary Pat: What is PCI?

Michael: PCI–DSS stands for the Payment Card Industry Data Security Standard. Most processors offer comprehensive programs to ensure PCI compliance and validation.

Mary Pat: What should I do now?

Michael: Reach out to your processor and determine your risk level for EMV. Accepting EMV can only help your business but it isn’t necessary to do anything prior to October. The majority of POS (point of sale) manufacturers haven’t released EMV readers and new hardware might not be necessary depending on your existing terminal make & model.

Making sure you are getting the most you can from your credit card vendor is a critical part of protecting your data and your bottom line in today’s healthcare industry. You need to know the steps you and your vendors are taking to safeguard patient data as well as being able to relay those steps back to patients and employees. That’s why it’s important for managers to understand EMV – and their credit card setup in general. Successful implementation of a credit card on file program or any credit card processing system will always require buy-in and communication.

NOTE: Credit Card on File clients of Manage My Practice should know that Michael Gutlove will be swapping out your current swipers for EMV terminals for chip and non-chip cards at a considerable discount.

For additional information, questions, or anything else credit card related feel free to reach out to Michael Gutlove at 201.281.1621.

Tags: , , , , , , , , , , ,

Posted in: Collections, Billing & Coding, Compliance, Day-to-Day Operations, Finance, Headlines

Leave a Comment (0) →

Clearing Up the Confusion Between Security, Privacy, HIPAA and HITECH: An Interview With Steve Spearman

Posted by on February 17, 2013

Medical Provider HIPAA and HITECH

Mary Pat: Your business is called “Health Security Solutions.” People often confuse privacy with security. Can you clear up the confusion for us?

Steve: The Privacy rules refer to the broad requirements to protect the confidentiality of Protected Health Information (PHI) in all its forms. So for example, a physician talking loudly on the phone in the lobby of a restaurant about a patient by name is a violation of the privacy rules. PHI on paper records is covered under the privacy rules.

The security rules are specifically concerned about protecting the confidentiality (i.e. privacy), integrity and availability of electronic PHI, or PHI that exists in a digital form. So once you are dealing with electronic health records and information systems, violations tend to fall under the security rules. (more…)

Tags: , , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Compliance, Day-to-Day Operations, Electronic Medical Records, Headlines, Medicare This Week

Leave a Comment (0) →

76 Ways to Use the Cloud in Your Medical Practice (or Any Business)

Posted by on March 6, 2011

I’ve had a lot of questions since last week when I offered to help readers “get on the cloud.” Most people want to know – what exactly does getting on the cloud mean?

The term cloud comes from both the look of technical drawings which depict the relationship between cloud services and consumers, and is also a metaphor for the fact that cloud service providers exist out of sight in some distant location. My favorite definition of the cloud is “Using the Internet to store, manipulate and deliver data.” Here are 76 ways to do just that!

SECURITY & RISK MANAGEMENT

  1. Decide user by user which files and folders each employee or stakeholder may have access to. Decide if the user may view information, upload information, download information, invite other collaborators or edit documents. Change the user’s permission instantly, or eliminate their access to everything on the spot.
  2. Store critical documents:  letter of incorporation, Tax ID assignment, Medicare letters, shareholder agreements, by-laws, etc.
  3. Scan in any and all documentation of lawsuits and or legal correspondence about patients.
  4. Collate logon information for important sites:  CAQH, NPPES, PECOS, state board, specialty board, etc.
  5. Collect all information needed for credentialing and privileges for all providers in one easy place: CV, photo, license, board credentials, DEA, state registration, malpractice, references, etc. Keep copies of all credentialing applications in the same file.
  6. Keep a licensing and privileges spreadsheet for all professionals so deadlines don’t take you by surprise. Include CPR, ALSC, DEA, state licenses, and board certification and recertification.
  7. Never worry if you’ve locked your office, your file cabinet or your desk again. Your information is safe in the cloud.
  8. Store important logons and passwords on the cloud along with instructions and know that if something happens to you, the business will recover quickly.
  9. Have employees watch for health fairs and special events that your practice can participate in. Develop a calendar for community events that you can prepare for annually.

INFORMATION SHARING

  1. Share files up to 2GB (images, video, audio, text)
  2. Turn a folder into a public web page.
  3. Start a secure referrers’ area and give access to those practices that refer to you. Stock it with FAQs, referral forms, maps and directions to your practice, and phone numbers and emails for communication. Keep a referrer satisfaction survey on their pod at all times.
  4. Push the patient schedule into the cloud so any provider can check their schedule at any time from anywhere.
  5. Store building or suite blueprints.
  6. Develop a practice glossary to document all abbreviations and specialty-specific terminology – very helpful for new employees and transcriptionists.
  7. Make a secure education area for your patients which they can access from your website or in your waiting area on iPads. Include websites, blogs, patient satisfaction and other surveys, health tracking programs, etc.
  8. For those providers on productivity bonuses, push a productivity report to the cloud for them to review privately.
  9. Put staff education programs on the cloud for new employee orientation and annual training on compliance, OSHA, HIPAA, fire safety and disaster communication plans.
  10. Post photos of the office picnic or Christmas party, or the new baby, or the bride and groom.
  11. Use the cloud as a digital scrapbook of events, new employees, new services, accolades, advertising or publicity.
  12. Pass around a digital birthday greeting card to all staff except the one having the birthday!
  13. Post a job on craigslist. Once you have a group of candidates you want to consider, give them a link to a folder with the position job description, benefits schedule and in-depth information about the hiring time line.
  14. Post lunch menus for restaurants and take-outs within several miles of the practice so employees can get lunch efficiently and quickly.
  15. Post the office schedule for the year showing which dates the office will be closed for holidays.
  16. Post the call schedule and let your answering service and the hospitals view it.
  17. Publish your weekly practice newsletter on the cloud – it becomes an instant record of when and how things were communicated.

BUSINESS MANAGEMENT

  1. Scan invoices to the cloud for storage once you’ve paid them.
  2. Scan invoices to the cloud for an external bookkeeper to access and pay them.
  3. Scan invoices to the cloud for a physician to approve them for payment.
  4. Scan the daily accounts receivable work (EOBs, checks, deposit slips, denials, reconciliations) to the cloud and shred the originals at the interval of your choice.
  5. Scan documents to the cloud when you are notified that employees are having monies withheld from their paychecks for child support or garnishment, or when they change their deposit information or retirement plan contribution.
  6. Track the history of files and folders – when did we change this policy? When did we go to this compensation system? What was the original wording of this contract?
  7. Generate reports on employee productivity, looking for patterns of collaboration and innovation.
  8. Scan RAC, CERT, ZPIC and other audit letters when they come and keep a spreadsheet of dates records and appeals are due.

COLLABORATION

  1. Have online meetings centered around documents in the cloud.
  2. Post job protocols and empower employees to change protocols regularly as information and routines change.
  3. Start a CME log for each provider that the providers can easily add to.
  4. Have your employees collect stories, links and other items in the cloud to push to your Facebook page or website blog.
  5. Keep minutes from physician meetings and request all physicians review, ask for changes and sign off.
  6. Keep attendance and minutes from staff meetings and ask all staff to electronically sign the minutes.
  7. Have each employee keep a continuing education log for face-to-face and online education.
  8. Assign tasks. Place something on the cloud and assign staff to respond to it, change it, develop it or implement it.

INCREASE EFFICIENCY

  1. Develop a “How Do I?” document for quick information new employees need to know and established employees may not remember.  Some examples: How do I reach the inclement weather information line? What do I do if there is a blood spill in the practice?
  2. For the manager – develop a staff roster with dates of hire, dates of birth, social security numbers, phone numbers, hourly wage and termination dates. One document will answer 25% of questions you have or others ask you every day.
  3. Standardize protocols and information when you have multiple sites or divisions.
  4. Show each employee how to keep their most-used files on their digital desktop to access without a logon and password.
  5. Sync desktop folders to cloud folders automatically – documents are updated to the latest version without thinking about it.
  6. Restructure your files and folders as many times as you want or need to.  Rename files, move and copy files, and delete files if they are not serving the purpose you thought they would.
  7. Expand the number of users instantly for special projects.
  8. Put every form on the cloud, have employees complete them on the cloud, sign them electronically, then share them with you for your electronic signature.
  9. Put new templates or forms on the cloud for everyone to draw from – eliminate old letterheads, logos, addresses, etc. instantly.

IMPROVE MOBILITY

  1. Fax documents from the cloud to a fax machine.
  2. Email files from anywhere.
  3. Search for anything in your cloud by words or phrases. Never lose anything again!
  4. Access the cloud from anywhere and from any device – smartphone, PC, iPad…
  5. Put the patient schedule information into the cloud so if inclement weather hits, staff can access the schedule at home and contact patients about their appointments.
  6. Access your business 24/7/365.

DAY-TO-DAY MANAGEMENT

  1. Assign a folder for your CPA to be notified when financials are available for download, or for you and the physicians to be notified when s/he finishes the financials or taxes.
  2. Assign a folder for your benefits broker to be notified when new employee applications for medical and dental benefits are available for download.
  3. Assign a folder for your banker to be notified when quarterly financials are available for download.
  4. Assign a folder for your physicians/owners to be notified when monthly or quarterly financials are available for their review.
  5. Post practice calendars for paid time off requested and approved.
  6. Develop a physician referral resource tool if your PMS does not organize that information well. Create your own spreadsheet with all the fields of information that are important to your practice and have all employees add to it and correct it routinely.  Have someone in the practice or a temp or prn person call every practice/group on the list twice a year and confirm all the pertinent information.
  7. Post a “Who Covers Whom” list that spells out who covers primary responsibilities in the practice when someone is out of the office. Building your team 3 deep (for every primary task, there are at least 3 people that can perform that task) is crucial for reducing vulnerability.
  8. Video new employees answering a few questions about themselves and post it on the cloud for all staff to view.
  9. Put video of all staff introducing themselves and telling what they do on the cloud for new employees to view.
  10. Video benefit providers discussing benefits so employees can watch at any time –  medical insurance, dental insurance, vision insurance, short and long-term disability, life insurance and retirement benefits. Employees will get more out of and become more aware of what their benefits are.
  11. Make an easy-reference spreadsheet with the payer contracts listed and images of the plan cards for staff to be able to identify the contracts and plans in force at any given time.
  12. Keep personnel files on the cloud. You may choose to have a file of documents the employee may see and get a copy of, and a file of documents they may not see or get copies of. Both can be a part of the same folder.
  13. Store scripts for your messages on hold, your after-hours message and your scripting for employees.

SAVE MONEY

  1. Increase storage space without buying any hardware or software.
  2. Scan charts into the cloud as a preliminary repository before implementing EMR, or scan charts of inactive patients in so you don’t have to pay to store them offsite.
  3. Never back-up your documents on your computer again.
  4. Put your triage algorithm or flow sheet on the cloud. Hire nurses to triage from home.
  5. If a manual doesn’t come electronically, scan it onto your cloud. Check the manual before you call the repairman.
  6. Preserve your valuable employee knowledge – have each department develop a folder with the important resources for their staff. The billing department may have websites they refer to for coding questions, a primer on evaluation and management coding, a cheat sheet on standard practice fees, and a calendar for the times of the year that different updates and revisions to CPTs, ICDs and NCCI edits.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , ,

Posted in: Innovation, Learn This: Technology Answers

Leave a Comment (5) →

Cloud Pre-launch Offer: We’ll Get You On the Cloud for Free

Posted by on February 27, 2011

We’re not quite ready to roll out my new web, social media and cloud solutions company, but I am extending a special offer through the end of April for the Manage My Practice readers who want to know what this cloud business is all about.

Read my post here on 76 ways to use the cloud in your medical practice.

Here’s how it works.

1. Contact us during the month of April and we’ll get you set up on a free Box.net account – no credit card required!

2. We’ll do a phone assessment of your pain points and tell you how a cloud can help.

3. We’ll teach you how to use Box.net and how to organize your practice or yourself on the cloud (but you’ll have to do all the heavy lifting!)

That’s it.

If you are interested, contact Abraham Whaley here.

 

Tags: , , , , , , , , ,

Posted in: Innovation, Learn This: Technology Answers

Leave a Comment (0) →