What does HIPAA Mean for the Future of Patient Relationship Management?
By Jim Higgins
Jim Higgins is the CEO and founder of Solutionreach in Lehi, UT.
Technology that was the stuff of science fiction just 50 years ago has now become commonplace. Nowhere is this more evident than in healthcare. From mobile communication to wearable devices to remote visits to AI-directed care, technology is rapidly evolving to meet the needs of a consumer-oriented patient base. As Tom Martin, director of healthcare information systems at HIMSS, put it, "The healthcare ecosystem is increasingly converging on patient-centric technology solutions. The role of the provider is to expand far beyond the walls of the exam room, especially as our healthcare system transitions towards value-based purchasing.”
Effective patient relationship management is defined by its ability to create meaningful connections with patients. This ensures that patients will not only return, but also refer friends and family to their provider’s practice. Implementing new technology is a big part of that — and has been shown to have significant benefits for practices. Beyond a jump in patient satisfaction and loyalty, medical facilities that take advantage of new health technology are more profitable, efficient, and productive. The future of strong patient relationships lies in the adoption and integration of a variety of different technologies.
Preparing for the Future
Whether we are ready or not, these technological advancements are here to stay. While exciting, they have also left many scrambling to understand how to take advantage of their benefits while staying compliant with regulations like HIPAA. By preparing now, you can better ensure a smooth transition when your practice does adopt PRM technology. One key to being ready is to stay abreast of the latest technologies and assess which might eventually be a good fit for your particular specialty and individual practice.
To get you started, here are just few examples of cutting-edge technology currently being used by medical facilities to improve patient relationships.
In 2017, UCLA unveiled their Virtual Interventional Radiologist. Using the power of artificial intelligence, they have created a virtual radiologist in the form of a chatbot. The VIR is able to quickly provide evidence-based answers to frequently asked medical questions. Chatbots are also being considered for use in triage, research, patient engagement, and care coordination.
In February 2018, Humber River Hospital introduced Pepper, their four-foot-tall, humanoid robot. The robot is used to interact and engage with patients and visitors at the reception desk. A second Pepper robot is programmed to work specifically as a part of the hospital’s Child Life Program. In Japan, robots are doing even more. Terapio the Robot makes hospital rounds, delivers medications, and retrieves records. The use of robots in healthcare is expected to explode in coming years. In fact, in anticipation of the predicted nurse shortage, the National Science Foundation has allocated $1 million to the development of robotic nurses.
Virtual Care and MHealth
Another recent addition to the healthcare world — virtual care — is already upon us. In 2018, one in four US adults received some kind of virtual care, and there are four times more who say they would like to give it a try. Nearly half would select an immediate virtual appointment over a delayed in-person one.
Virtual access to health information and communication has also soared. The use of mobile health apps has tripled since 2014, and wearable health monitor use has quadrupled. And the vast majority of users say they’re interested in sharing that health data with their provider. Add to that the widespread use of patient texting and email use, and it’s easy to see why around 76 percent of practices say they use mobile health on a regular basis — with the main use being communication.
Organizations are Working Towards Compliance
These PRM advances bring up a lot of questions about compliance. Fortunately, many organizations are working to find solutions now — before the technologies have completely taken off. One popular idea is implementing the use of biometric data (like fingerprints, heartbeat, or even brain waves) to verify identity before sending sensitive information remotely. In addition, vendors like Fitbit, Samsung, and Apple are all working to create HIPAA-compliant options for healthcare organizations. And just this year, the AMA set new standards for the physician use of AI.
However, you cannot solely rely on outside organizations to do all of the legwork. To be ready for the future, you should start considering what you can do now to make the transition to more high-tech PRM solutions easier. Begin by creating a model of your current patient experience and identify where it would make sense to someday implement these new technologies. Once you’ve identified your anticipated additions, consider how they would be impacted by HIPAA. That way, when that technology becomes more widely available, its implementation will be much easier and more secure.
HIPAA Review Best Practices
Here are a few compliance best practices for the future of healthcare PRM technology … as well as for today:
Regular Security Risk Assessments – It’s easy to become complacent about security, but cyber-attacks get more sophisticated every day. Make sure to institute regular security risk assessments, including IT-specific assessments. Getting into the habit of conducting quarterly risk analyses (not just yearly) will keep security top of mind as you move into the future.
Thorough Vetting of Vendors – Taking a hard look at the vendors you work with is critical — especially as patients demand the latest tech. Choose carefully. Do your research before signing on — look at each individual component of a new technology to ensure it is not vulnerable to attacks. Consider having a specialist on standby for instances when you are unsure about the security of a particular technology.
Up-to-Date Business Associate Agreements – It is very important that you require all vendors to follow proper security protocols to reduce compliance risks. These agreements should clearly outline the vendor’s responsibility and compliance protocols.
Employee Training – One of the most common causes of HIPAA breaches is employee behavior. Make sure that every person who may come in contact with Protected Health Information (PHI), from your cleaning crew to your executives, is trained on HIPAA compliance on a regular basis. You can never do too much training.
Technological advances are coming to your PRM and it’s up to each individual practice to be prepared. As you take the time to review new technologies and actively pursue regular HIPAA compliance activities, you will be prepared to meet the future head-on.
More news: HIStalk.