Secure email for healthcare providers

Providers now have new flexibility for health information interchange which could include using secure email.

Under the 10/16/2015 change to Meaningful Use for 2015 through 2017, the Health Information Exchange measure, now Measure #5, is a simplified version of the original Measure 15, previously titled “Summary of Care”.  This objective is retained as part of the federal government’s commitment to moving the health care community toward interoperability.  Under the measure, when referring or transitioning a patient to another provider or setting of care, an electronic record must be transmitted to the other provider at least 10% of the time.

In addition to sending these summary of care records, the secure email could be used for other purposes, for example communicating with insurance companies or in other instances where patient information needed to be transmitted.”

In addition, providers have more flexibility about how to accomplish the transfer.  Previously, only the DIRECT protocol or a Health Information Exchange organization could be used.  All electronic record systems already provide these protocols so these may be a good option for many or perhaps most.  However, in some localities the Health Information Exchange options are just developing and may be of limited value right now, and acquiring and implementing the DIRECT capable facility could be costly.  Now, any method which is compliant with the HIPAA Privacy and Security standards may be used.

The most obvious option would be secure email, which for providers who send relatively few referrals might be a good option. These solutions provide for secure transmission, but don’t require the other party to have a specific system to receive the email.  Secure email could be obtained for under $25/month, an investment of about $300/year.  In addition to sending these summary of care records, the secure email could be used for other purposes, for example communicating with insurance companies or in other instances where patient information needed to be transmitted.  This would be more cost effective than the $1500/year fee that their electronic record vendors charged to provide the DIRECT protocol and HIE connection.

Depending on the electronic record vendor, this approach may or may not be feasible.   It would require that the end user know the specific location and name of the C-CDA record.  And, for some offices, even if it is feasible it might be too technically difficult for the personnel.  So our first advise is to contact your electronic record vendor and inquire if it is possible.

Assuming that your electronic record vendor affirms that this approach is feasible with their system, there are many vendors who can provide secure email services, including:

Since setup can be tricky for these options, you might consider a reseller such as Bi101 can provide a bit more support with the the setup of either ZixMail or Microsoft Office 365.

Readers interested in details regarding the required contents of the Summary of Care document may check out our post, Meaningful Use Stage 2 – Measure 5, Health Information Exchange.

Editor’s Note: Subsequent to the publication of this article, CMS has renamed the “Meaningful Use” programs and MIPS “Advancing Care Information” category to “Promoting Interoperability”.

 

Pin It on Pinterest