Tag Archives: enterprise patient portal

CCPA, Does It Apply To Your Healthcare Business?

If you’re considering building a CCPA patient portal you must ask yourself: Is my patient engagement company CCPA compliant? If not, your business may be at risk. Discover exactly what CCPA is and if it applies to your healthcare business. 

What is CCPA compliance?

The California Consumer Privacy Act (CCPA) is a state statute intended to enhance privacy rights and consumer protection for residents of California. The bill was passed into law on June 28, 2018, and went into effect on January 1, 2020.

The Act provides California residents with the right to:

  • Request a business disclose the categories and specific pieces of personal information that it collects about the consumer, and the categories from which that information is collected
  • Know the business purposes for collecting or selling the consumer’s personal information
  • Know the categories of 3rd parties with which the information is shared 
  • Request the deletion of personal information
  • Opt-out of the sale of personal information by a business and not be discriminated against for exercising this right (i.e. by charging different prices or providing different quality of goods or services)
  • Protect the sale of minor’s personal information and opt-in to having that information sold

What is considered personal information?

CCPA defines personal information as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household such as:

  • Name or alias
  • Postal address or physical address
  • Unique personal identifier 
  • Online identifier
  • Internet protocol address 
  • Email address
  • Account name 
  • Social security number 
  • Driver’s license number
  • Passport number
  • Physical characteristics or description 
  • Telephone number
  • State identification card number 
  • Insurance policy number
  • Education and employment history
  • Financial information including bank account number, credit card number or debit card number
  • Medical information 
  • Health insurance information

What data types could be subject to CCPA?

  • Personal information not regulated by HIPAA
  • Personal information which is processed by a non-healthcare division of a HIPAA-hybrid entity, or connected non-profit
  • Certain employee data
  • Personal information collected through conferences, fundraisers, marketing events, or similar activities
  • Personal information used for research

Does the CCPA apply to your healthcare business & CCPA Patient Portal app?

The CCPA applies to any business, including any for-profit entity that collects consumers’ data, which does business in California, and satisfies at least one of the following thresholds:

  • Has annual gross revenue exceeding $25 million
  • Buys or sells the personal information of 50,000 or more consumers or households
  • Earns more than half of its annual revenue from selling consumers’ personal information

Organizations are required to “implement and maintain reasonable security procedures and practices” in protecting consumer data.

Even if your organization doesn’t have locations in California, if you conduct business or market your offerings in California and meet the criteria above, CCPA applies to you.

Discover how to become CCPA compliant and learn about the consequences for failure to adhere. Let us help you create your next CCPA patient portal. Contact us here

Founder of Bridge Patient Portal, and a health IT entrepreneur and business owner of 16 years with extensive experience in Healthcare IT. Specializing in Business Development, Software Development, Patient Portals, mHealth, Patient Engagement, HIPAA, Electronic Medical Records, Web Development and Internet Marketing.

Why launching a feature-rich patient mobile app portal has been so difficult, until now

patient mobile app portal

Bridge’s new version 3 is faster to implement and costs up to five times less than alternative mobile-ready patient engagement suites

Healthcare organizations have been challenged to develop a high-quality mobile app patient portal. But, what is considered a high-quality app in the eyes of the patient? A study by Medical Web Experts researched the top published mobile apps in the market and found the following criteria should be met to provide healthcare consumers with the best experience. The patient mobile app portal should:

  • Be branded to the healthcare organization
  • Provide rich and relevant features 
  • Have robust functionality natively built-in, which doesn’t require the user to leave the platform

In today’s market, amongst enterprise patient portal vendors we rarely see an app that meets the above criteria and is affordable for healthcare organizations. There are feature-rich apps, but they are not branded to the healthcare organization. There are apps that are branded and appear to have rich functionality, but patients quickly discover they are being sent to a variety of websites or even other apps to find such functionality. The barriers to achieving a “high-quality” app primarily come down to technical limitations and cost, which include the expense of the app, as well as the increased costs associated with staff time and efforts to manage the app.


Cost is the biggest obstacle facing most healthcare organizations, especially those with fewer than 500 physicians. The high cost is generally a result of the significant number of hours associated with the development of a custom mobile app and the interface into the EHR/PM, or the cost associated with buying an existing patient mobile app portal and then integrating it into the EHR/PM. Per the Medical Web Experts study, a custom, high-quality mobile app that integrates into an EHR/PM source system can cost between $150,000 and $250,000. This is, of course, considerably lower than custom app development costs were even just three years ago when some of the modern coding technologies did not exist.

Technical Limitations

Depending on the healthcare organization’s IT environment, the creation of a high-quality app can be extremely challenging. The greatest hurdle that inhibits an organization from publishing a mobile app is that all of their patient information is not available in a single system. Often, larger healthcare organizations acquire smaller clinics or merge with other health systems. This often results in that organization having multiple EHR and RCM/PM systems in use. If the data is not all in one place, the mobile app must then support multiple interfaces to access each of these systems. This adds a significant layer of complexity to the project. How and which login a patient will use to access PHI-sensitive information in the app poses another challenge. The app could be configured to provide the patient with the same login that they use for their patient portal, but if multiple patient portals exist, how would this work? If a new login has to be created for just the app, the patient might need to now remember a unique login for the patient portal (web application) and another for the mobile app.

Lastly, many healthcare organizations have acquired multiple “piecemealed” patient engagement solutions to fill the functionality gaps in their EMR, PM, Patient Portal, etc. The most common siloed solutions are for appointment reminders, self-scheduling, patient intake, account management, telemedicine, and patient surveys. Today’s healthcare consumers expect that these patient-facing features should be accessible in the mobile app. However, this has created additional problems for healthcare organizations attempting to meet their patient’s expectations because with all these one-off solutions, the number of interfaces that need to be built into the mobile app multiplies.

In summary, the technical challenges and limitations faced in creating a streamlined mobile app are a direct result of how many systems need to be interfaced with and the interface capabilities of these systems.

New Technology is Changing the Market

Bridge Patient Portal is an all-in-one web-based patient engagement solution. With its most recent version, v3.0, Bridge incorporated the latest application development technology. This allows Bridge to offer a client-branded mobile app that replicates the functionality of the web application. Having a single code base that can be used for both web and mobile reduces the time and cost it takes to publish an app, in addition to reducing the entire effort to manage the mobile and web application. 

Bridge has learned that cost is the greatest barrier to healthcare organizations implementing a high-quality mobile app. The time it takes to implement a solution of this scale and the effort required by a healthcare organization to support such an implementation are major decision-making factors. The chart below analyzes the cost difference between a patient portal web-only application, a patient mobile app portal and a client-branded mobile app. A third party “piecemealed” solution with both web and mobile functionality costs between $870/mo and $1270/mo per provider.

Cost comparison between Bridge Patient Portal’s all-in-one mobile/web application and existing 3rd party options

Based on the above calculations of what is typically found in the market, Bridge’s solution is easier to implement, more feature-rich, provides a better patient experience, and costs between one-third and one-fifth of alternative solutions.


The costs for the 3rd party patient engagement solutions and customization costs were collected by Bridge Patient Portal on its competition over the course of multiple years. As there is a significant disparity between each solution and how it is priced, Bridge has amortized all the costs (including setup and customization fees) over a three year period. The 3rd party vendors used in this price comparison are considered to be “best in class” for each of their categories, and are vendors that Bridge regularly competes against or displaces.


Founder of Bridge Patient Portal, and a health IT entrepreneur and business owner of 16 years with extensive experience in Healthcare IT. Specializing in Business Development, Software Development, Patient Portals, mHealth, Patient Engagement, HIPAA, Electronic Medical Records, Web Development and Internet Marketing.