Articles on Topics You Need
De-identified Data in Healthcare
The issue with de-identified data in healthcare lies in the fact that some Electronic Health Record (EHR) companies have crafted Business Associate Agreements (BAAs) that could potentially harm healthcare providers and their patients. While it is not entirely clear whether these companies are strictly adhering to the letter of the law, they certainly do not uphold the spirit of it. The original intention of a BAA, as outlined in the HITECH Act and further refined by the Omnibus Rule, is to serve as the company's commitment to understanding HIPAA privacy and security requirements. In cases where breaches are caused by the software, the company should take responsibility. However, when data is de-identified, companies gain significant latitude in its use. They are not obliged to seek permission or inform subscribers about how or when their patients' data is utilized, nor are they held accountable for software failures that result in data breaches.
HIPAA Compliance & EHRs: Excellent Solutions to Thorny Problems
EHRs can be a big help with HIPAA compliance. In fact, relying on stand-alone tools may make achieving HIPAA compliance difficult, if not impossible. The PSYBooks EHR & Portal is solidly based on HIPAA and has been since its inception.
The Importance of End-to-End Encryption and Integrated Products
HIPAA is a frightening thing to many behavioral health providers. Although it is something to take seriously, it need not be frightening . Nor do you need to pay big bucks to a company to set things up for you. A very simple thing that will help you become compliant is to get an EHR that is both integrated and features end-to-end encryption. This post explains why.
Customizable Mental Health Forms for Group and Private Practices
The current "must have" feature on many therapists' wish list is customizable forms. If you're not familiar with the concept of a customizable form, it's an app, or a section of a larger app, that allows the therapist to create online forms to replace the paper forms they normally use in their practice: their intake forms, informed consents, HIPAA agreements, Good Faith Estimates, Depression Inventories - whatever they typically use. Once the digitized forms are created, they can be securely sent to their patients, who fill them out, esign them (if requested), and send them back to the therapist.
What Every Therapist Should Know about Email and Texting
Behavioral health therapists have both legal and ethical guidelines pertaining to email. Some programs do an adequate job of one, but not the other. Even worse, some do neither and yet still claim to be HIPAA compliant. While that's probably a truthful statement, the part they're not telling you is that their programs aren't 100% end-to-end encrypted. In other words, they're not safe ALL the time. If you use those programs, your email and texts can be hacked.
Patient Onboarding: Transferring Behavioral Health PHI
PSYBooks now offers a patient onboarding tool that makes transferring your patient accounts to PSYBooks very easy. This works for first-time users of EHRs and also for those transferring from another EHR/EMR or practice management system.
Doing Telehealth? You Need a Portal.
Think you're not doing telehealth? Think again. Although there's no one-size-fits-all definition that cuts across state and/or discipline lines, most agree that telehealth basically involves any electronic method you use to communicate with or about your clients. This can include common things like phones, email and electronic file storage, in addition to video sessions, which is what we typically think of with the term telehealth.
Are We Becoming Outdated?
In the not too distant past, a therapist with some kind of note pad in hand was the norm. It was expected. We were doing our jobs and interested enough in the client to take notes on what they were saying. I was part of that crowd. Although I preferred to write my notes after the client left, I definitely felt that paper notes were the way to go and I burned through many legal pads in the early years of my career.
Encrypted Email:
Your Role in Keeping it Safe
Some people like to point out that encrypted email isn’t all it’s cracked up to be. “After all,” they warn, “as soon as someone has access to your username and password, it no longer matters whether your email is encrypted or not.” Well . . . yes. That’s an accurate statement. However, to use that line of reasoning would be like telling us not to bother locking our homes or cars. After all, as soon as someone gets access to your keys, those locks become useless.
Encrypted Email – Just How Safe Is It?
PSYBooks’ email not only meets but actually surpasses the HIPAA specifications for encrypted email. HIPAA’s rules for email encryption are broad, giving developers the maximum amount of freedom. This is as it should be. Those who are responsible for writing and maintaining HIPAA/HITECH laws cannot also be expected to keep up with rapid changes in the world of technology the way developers do. Therefore, although HIPAA wisely states that email containing client PHI (Protected Health Information) should be encrypted, it doesn’t specify exactly how that should be done.
Behavioral Health Portal
The portal is the web-based interface between you and your clients. In a sense, it allows your clients (or anyone else you designate) to have their own “mini” version of PSYBooks that contains just their own data – no one else’s. You can view data they enter on your side and interact with the client about their data, all through the portal.
Calendar Displays
Like most online calendars, PSYBooks has Daily, Weekly and Monthly views. You can customize your display even further with the Calendar Settings tool, which is accessed by clicking the down arrow by Calendar Settings on the left nav of all pages in the calendar:
Cancel Client Appointments
PSYBooks makes cancelling appointments a breeze. Clicking an existing appointment will open a window like the one below where you can cancel one or, for repeating appointments, a series of appointments:
Add Client Appointments
We started with the Google calendar design and tailored it for mental health. For example, when you click a time block to add an appointment, the window you get has a dropdown box with all of your clients listed. You don’t have to type a name, just select the name you want.
Why Do People Hate Electronic Health Records (EHRs)?
Actually, most patients don't. A recent study conducted by Catalyst Healthcare Research found that 93% of adults would prefer to go to a doctor that offers email communication, even if there was a $25 fee (Pai, 2014). Encrypted email is incorporated into most, if not all present-day EHRs that also have patient portals. By being integrated with the entire medical record, it's relatively easy for doctors to correspond with patients right from their electronic chart. Leaders in prominent health care groups in Houston, encouraged patient enrollment in their EHR system and have found similar results. Dr. Robert Dickinson, Kelsey-Seybold's medical director for executive health and wellness says, "They think it's the coolest thing they've ever seen. It's like online banking. People love this kind of access. Before, it was kind of mysterious" (Hines, 2014).
However, when you ask doctors if they like EHRs, you often get an entirely different story. You mostly hear dislike, frustration and irritability. There are actually excellent reasons for this.
Can’t I Do Mental Health Insurance Billing at their Websites?
Short answer? Yes. You can. However, there are some good reasons why you may not want to: 1) It may end up being more costly. 2) It takes more time and work. 4) The learning curve is greater. 4) Client records are scattered and may be difficult to retrieve.
World’s Easiest Efile: Just Save the Session
Efiling is a 2-step process:
- Tell us which insurance company your client has (you only have to do this once)
- After that, each time you add a session, PSYBooks automatically efiles the information to the client’s insurance company unless you tell us not to
Managing ERAs with PSYBooks
When you sign up to receive ERAs in PSYBooks, allocating the data to your client charts is easy. When we receive ERAs, we parse them for you. That means that by the time you see them, we already have the client’s name filled in and the correct amount entered in each of the fields (session date, amount allowed, deductible, amount paid, etc.). The screenshot below shows you what an ERA you receive might look like when we deliver it to you:
Round it Off with an EFT
EFT, which stands for electronic funds transfer, is the third “E” in “Efile, ERA and EFT”. Once you’ve signed up for EFTs with an insurance company, they will deposit the payments they send you directly into your bank. Since EFTs only involve the transfer of money, PSYBooks isn’t actively involved. However, whether or not you want to go the EFT route instead of receiving paper checks, you may want to sign up for ERAs, which are the electronic equivalent of EOBs. Receiving ERAs in PSYBooks means that you no longer have to enter insurance payments by hand. You just have to look over the ERA to see if it seems correct and click Save.
Fun New HIPAA Compliant Video: PSYBooks Connect
Remember what it's like to walk into a therapist's REAL waiting room? The virtual space in PSYBooks Connect where your clients wait is like that. Connect is the new, low-cost, HIPAA Compliant video option that's integrated into the PSYBooks EHR. The animated waiting rooms* not only allow you and your client(s) to test and adjust both audio and video, but also provide a relaxing atmosphere to gather your thoughts before the session.
HIPAA Compliance & EHRs: Excellent Solutions to Thorny Problems
EHRs can be a big help with HIPAA compliance. In fact, relying on stand-alone tools may make achieving HIPAA compliance difficult, if not impossible. The PSYBooks EHR & Portal is solidly based on HIPAA and has been since its inception.
Customizable Mental Health Forms for Group and Private Practices
The current "must have" feature on many therapists' wish list is customizable forms. If you're not familiar with the concept of a customizable form, it's an app, or a section of a larger app, that allows the therapist to create online forms to replace the paper forms they normally use in their practice: their intake forms, informed consents, HIPAA agreements, Good Faith Estimates, Depression Inventories - whatever they typically use. Once the digitized forms are created, they can be securely sent to their patients, who fill them out, esign them (if requested), and send them back to the therapist.
What Every Therapist Should Know about Email and Texting
Behavioral health therapists have both legal and ethical guidelines pertaining to email. Some programs do an adequate job of one, but not the other. Even worse, some do neither and yet still claim to be HIPAA compliant. While that's probably a truthful statement, the part they're not telling you is that their programs aren't 100% end-to-end encrypted. In other words, they're not safe ALL the time. If you use those programs, your email and texts can be hacked.
The Convoluted Maze of HIPAA-Compliant Email and How to Navigate It
Email could arguably be one of THE most misunderstood aspects of HIPAA. Part of the confusion stems from the fact that there is no ONE place in HIPAA that says "Do email like this." However, email is referenced - directly or indirectly - in a variety of places throughout the vast HIPAA documentation. What causes some of the misunderstanding is that people will find a guideline that pertains to email from ONE place in HIPAA and assume if they do that one thing, they're good. Unfortunately, that conclusion is not unlike what you get when several people with visual impairments are put in front of an elephant and asked to describe it. We may get a beautiful description of an elephant's trunk but to assume that's ALL an elephant is would be incorrect.
Good Faith Estimates and the “No Surprises Act”
Were you surprised when you first heard about the "No Surprises Act"? We were. I'd like to be able to tell you that we had been actively tracking and planning for this legislation since it was first issued on October 7, 2021. Unfortunately, that's not the case. However, we got lucky because we were already working on a new tool called Custom Forms which, when it launches (est. Feb 2022), will work beautifully in helping you comply with this bill in ways that are easy, HIPAA compliant, and give you a significant amount of automatic documentation and tracking.
De-identified Data in Healthcare
The issue with de-identified data in healthcare lies in the fact that some Electronic Health Record (EHR) companies have crafted Business Associate Agreements (BAAs) that could potentially harm healthcare providers and their patients. While it is not entirely clear whether these companies are strictly adhering to the letter of the law, they certainly do not uphold the spirit of it. The original intention of a BAA, as outlined in the HITECH Act and further refined by the Omnibus Rule, is to serve as the company's commitment to understanding HIPAA privacy and security requirements. In cases where breaches are caused by the software, the company should take responsibility. However, when data is de-identified, companies gain significant latitude in its use. They are not obliged to seek permission or inform subscribers about how or when their patients' data is utilized, nor are they held accountable for software failures that result in data breaches.
HIPAA Compliance & EHRs: Excellent Solutions to Thorny Problems
EHRs can be a big help with HIPAA compliance. In fact, relying on stand-alone tools may make achieving HIPAA compliance difficult, if not impossible. The PSYBooks EHR & Portal is solidly based on HIPAA and has been since its inception.
The Importance of End-to-End Encryption and Integrated Products
HIPAA is a frightening thing to many behavioral health providers. Although it is something to take seriously, it need not be frightening . Nor do you need to pay big bucks to a company to set things up for you. A very simple thing that will help you become compliant is to get an EHR that is both integrated and features end-to-end encryption. This post explains why.
What Every Therapist Should Know about Email and Texting
Behavioral health therapists have both legal and ethical guidelines pertaining to email. Some programs do an adequate job of one, but not the other. Even worse, some do neither and yet still claim to be HIPAA compliant. While that's probably a truthful statement, the part they're not telling you is that their programs aren't 100% end-to-end encrypted. In other words, they're not safe ALL the time. If you use those programs, your email and texts can be hacked.
The Convoluted Maze of HIPAA-Compliant Email and How to Navigate It
Email could arguably be one of THE most misunderstood aspects of HIPAA. Part of the confusion stems from the fact that there is no ONE place in HIPAA that says "Do email like this." However, email is referenced - directly or indirectly - in a variety of places throughout the vast HIPAA documentation. What causes some of the misunderstanding is that people will find a guideline that pertains to email from ONE place in HIPAA and assume if they do that one thing, they're good. Unfortunately, that conclusion is not unlike what you get when several people with visual impairments are put in front of an elephant and asked to describe it. We may get a beautiful description of an elephant's trunk but to assume that's ALL an elephant is would be incorrect.
Am I Required to Comply with HIPAA? ALL of It???
Not too long ago, I conducted a workshop on telehealth. During the Q & A period at the end, a woman said that she had been told she was exempt from HIPAA and wanted to check with me to see if that was true. I was caught off guard. I used to get that question a lot, but I hadn’t heard it for a while, so it took me a moment to gather my wits. Finally I said, “Do you only use landlines when talking with your patients?” She replied that she did. I continued, “And are they always only on landlines as well?” She assured me that they were. “And you’re not doing any video sessions, only in person?” That was true, too. My last question was, “And I assume you don’t take insurance at all, that you’re only private pay?” She was. I replied, “Ok, then yes, I guess you’re fine. No need to worry about HIPAA.”
She left relieved. I left unsure of my answer.
De-identified Data in Healthcare
The issue with de-identified data in healthcare lies in the fact that some Electronic Health Record (EHR) companies have crafted Business Associate Agreements (BAAs) that could potentially harm healthcare providers and their patients. While it is not entirely clear whether these companies are strictly adhering to the letter of the law, they certainly do not uphold the spirit of it. The original intention of a BAA, as outlined in the HITECH Act and further refined by the Omnibus Rule, is to serve as the company's commitment to understanding HIPAA privacy and security requirements. In cases where breaches are caused by the software, the company should take responsibility. However, when data is de-identified, companies gain significant latitude in its use. They are not obliged to seek permission or inform subscribers about how or when their patients' data is utilized, nor are they held accountable for software failures that result in data breaches.
The Importance of End-to-End Encryption and Integrated Products
HIPAA is a frightening thing to many behavioral health providers. Although it is something to take seriously, it need not be frightening . Nor do you need to pay big bucks to a company to set things up for you. A very simple thing that will help you become compliant is to get an EHR that is both integrated and features end-to-end encryption. This post explains why.
Integrated Products for Mental Health: Save Time, Money, Errors
Mental health therapists are beginning to talk about wanting “integrated products” to help manage their practice tasks. But what do they mean by “integrated product?” More importantly, if you wanted to look at some, how would you go about finding them? Googling “integrated product” isn’t likely to produce the results you want.
One of the problems is that these types of products go by more than one name, which may be why people have begun referring to them as “integrated products.” Common names are Electronic Health Record (EHR), Electronic Medical Record (EMR) or Practice Management System. To complicate matters, just being called one of those titles doesn’t automatically mean the product is well-integrated.
All Patient Notes in ONE Place – You Don’t Have to Go Looking
Recently, a top journal in the field of Electronic Health Record (EHR) development posted this quote from an anonymous doctor who was dissatisfied with his EHR:
“I firmly believe this EHR makes important information difficult to find and interpret, and it is very inefficient.” He went on to say, “It creates superfluous and difficult-to-navigate notes and information that are not centralized. That makes it easy for care providers to disregard notes, and they often do. That affects patient safety. . . . It is difficult and arduous to document in the EHR, and providers’ efforts to do so still yield subpar results with erroneous, irrelevant information.”
This doctor is pointing out a very real problem inherent in some EHRs. However, he was referring to one of the "ONC Certified" EHRs which we've discussed previously. Those types of EHRS are inherently much more difficult to use than most EHRs that have been specifically created for the mental health professions, such as PSYBooks.
Why Do People Hate Electronic Health Records (EHRs)?
Actually, most patients don't. A recent study conducted by Catalyst Healthcare Research found that 93% of adults would prefer to go to a doctor that offers email communication, even if there was a $25 fee (Pai, 2014). Encrypted email is incorporated into most, if not all present-day EHRs that also have patient portals. By being integrated with the entire medical record, it's relatively easy for doctors to correspond with patients right from their electronic chart. Leaders in prominent health care groups in Houston, encouraged patient enrollment in their EHR system and have found similar results. Dr. Robert Dickinson, Kelsey-Seybold's medical director for executive health and wellness says, "They think it's the coolest thing they've ever seen. It's like online banking. People love this kind of access. Before, it was kind of mysterious" (Hines, 2014).
However, when you ask doctors if they like EHRs, you often get an entirely different story. You mostly hear dislike, frustration and irritability. There are actually excellent reasons for this.
Doing Telehealth? You Need a Portal.
Think you're not doing telehealth? Think again. Although there's no one-size-fits-all definition that cuts across state and/or discipline lines, most agree that telehealth basically involves any electronic method you use to communicate with or about your clients. This can include common things like phones, email and electronic file storage, in addition to video sessions, which is what we typically think of with the term telehealth.
All Patient Notes in ONE Place – You Don’t Have to Go Looking
Recently, a top journal in the field of Electronic Health Record (EHR) development posted this quote from an anonymous doctor who was dissatisfied with his EHR:
“I firmly believe this EHR makes important information difficult to find and interpret, and it is very inefficient.” He went on to say, “It creates superfluous and difficult-to-navigate notes and information that are not centralized. That makes it easy for care providers to disregard notes, and they often do. That affects patient safety. . . . It is difficult and arduous to document in the EHR, and providers’ efforts to do so still yield subpar results with erroneous, irrelevant information.”
This doctor is pointing out a very real problem inherent in some EHRs. However, he was referring to one of the "ONC Certified" EHRs which we've discussed previously. Those types of EHRS are inherently much more difficult to use than most EHRs that have been specifically created for the mental health professions, such as PSYBooks.
Does the Open Notes Rule Apply to Me?
The term "Open Notes Rule" is a popular term coined to depict the legislation enacted by the 21st Century Cures Act that is more accurately referred to as the ONC's final program rule on Interoperability, Information Blocking, and ONC Health IT Certification (OpenNotes, 2020). It is a continuation of the legislation originally enacted as part of the HITECH act of 2009 to promote EHR interoperability (with the ultimate goal being a national database for healthcare information on all U.S. Citizens) and open access to records. The Open Notes Rule does NOT apply to PSYBooks users but there are some important things to understand about the current iteration of this legislation, partly in an attempt to help prepare us for what might be coming in the future.
Are We Becoming Outdated?
In the not too distant past, a therapist with some kind of note pad in hand was the norm. It was expected. We were doing our jobs and interested enough in the client to take notes on what they were saying. I was part of that crowd. Although I preferred to write my notes after the client left, I definitely felt that paper notes were the way to go and I burned through many legal pads in the early years of my career.
Displaying Notes
Each client’s chart has a Notes tab on the top right:
Add Notes in PSYBooks
PSYBooks has fields where you can add notes to almost any form in a client’s chart. For example the area on the Add Session form for adding notes looks like this:
Your Personal Psychotherapy Notes (Hint: These Are NOT Part of the Client’s Medical Record)
PSYBooks does not store Psychotherapy Notes in the same way it stores notes that are part of the client’s medical record. Psychotherapy notes are meant to be places for you to record your personal thoughts or ideas about a client so they are stored separately. There is one note type in PSYBooks that is always in the Psychotherapy note category and four others that you can designate as Psychotherapy or Medical Record notes:
Creating Custom Reports
Each report in PSYBooks has a group of filters at the top of the page. For example, the filter section of the Claim Status Report, which enables you to check the progress of claims you’ve efiled, looks like this:
Activity Log
The Activity Log is designed to meet HIPAA/HITECH specifications for tracking PHI. PSYBooks logs almost everything that takes place within the app and displays it for you in the Activity Log. The filter section of the Activity Log report looks like this:
When You Have to Produce a Medical Record
Before I started using practice management systems, being required to produce a client’s medical record was a bit scary for two reasons:
- First, I typically only received those requests when something important was going on, i.e., a legal proceeding of some sort, a disability or worker’s comp situation, or maybe something having to do with insurance. They were the kinds of things where I felt that a lot might be at stake for my client (and/or for me) so I wanted to make sure I “did it right”.
- Second, although I had my own system for organizing client files, the reality is that my records were scattered everywhere. I kept files on current clients in one filing cabinet – unless a certain file got too big, in which case I moved older portions of it to another filing cabinet, unless there was also large artwork in the file, in which case it had to go in the lateral filing cabinet. When a client terminated, files got moved to a storage area in my basement at home. If the client later returned and their file had been especially large, part of it would be brought back to my office, but older parts remained in my basement at home. Then, of course, some documents were on my computer – a smattering of various Word docs and Excel sheets I had pieced together for special notes I had written on clients, letters I had written on their behalf, and various attempts at coming up with THE perfect method for determining how much a client owed me when insurance was involved. I had also tried efiling for awhile at various insurance company’s websites, so some of my records were on various sites on the Internet, too. Somehow, when I was asked to produce a medical record, even though I knew I had everything I needed, finding it all and pulling it all together into some type of meaningful report was a daunting task.