Tag Archives: HIPAA compliant software

Bridge Leverages HIPAA Compliant Technology for eConsultations


With goods and services increasingly moving online – and with patients prioritizing other factors besides just quality care – it has become a necessity for healthcare organizations to start looking for new ways to improve the overall patient experience. Video consultations are one such solution, and they are gaining traction quickly in the healthcare space. In fact, web companies such as Teladoc, Doctor on Demand and American Well were expected to host some 1.2 million such virtual doctor visits in 2016, up 20% from 2015, according to the American Telemedicine Association. A report by IHS takes this one step further and predicts that the the U.S market alone will perform 5.4 million video consultations in the year 2020.

As part of Bridge Patient Portal’s commitment to helping healthcare organizations enhance patient care and increase revenue, we offer a secure, HIPAA-compliant eConsultation platform. Our platform is designed to bridge the gap between doctors and patients by providing high quality communication without requiring users to download additional software or install plugins. It presents an opportunity for healthcare organizations to improve treatment outcomes and deliver more efficient care by meeting patients where they are. The types of communication available in our platform are the following:

  • Telephone calls: Patients inform their provider of their availability and provide a phone number where they can be reached for the call. The provider will contact them at that time via the patient portal.
  • Secure messaging: Patients have the ability to message their providers in real time all within the confines of the portal. Communication may only be initiated by the physician or office staff, but patients can respond.
  • Video Consultation: While not a standard feature of the platform, Bridge does have the ability to utilize different video consultation technologies. WebRTC is an example of a technology that can be used to facilitate video consultations via the portal.

By integrating different communication technologies into our platform, we are able to provide a cost-effective solution for healthcare providers to deliver the best experience possible to their patients. We also ensure that all communication that takes place on our platform is HIPAA compliant, for example, WebRTC encrypts media streams with 128-bit Advanced Encryption Standards.

When it comes to billing, our healthcare platform can be customized to suit your needs and preferences. You can choose to set an eConsultation rate for phone calls, or set up a pre-pay credit system for patients to use towards online consults. Your patients’ credit card information can be kept on file, and billed before or after their visit.

To learn more about our platforms highly secure, eConsultation feature and how it can benefit your organization, call us at 866-838-9455

Business Development Manager at Bridge Patient Portal. Passionate about helping healthcare businesses grow.

5 Things to Consider Before Implementing e-Prescribing

e-prescribeOffering important advantages like fewer errors, decision support, improved adherence, and reduced adverse drug events, e-prescribing has skyrocketed in the past several years. In April 2014, 70% of physicians were issuing Surescripts network e-prescriptions and 96% of community pharmacies were enabled to accept them.

If your practice is not on board yet, a few key points can help you optimize e-prescriptions for better care management.

1. Determine how your physicians can use e-prescribing as a care management solution.

Any system change faces challenges in adoption. Ideally, the e-prescribing option you go with will fit and build on your practice’s current workflow. Examine the prescription process and assess your practice’s medication management needs. Asking physicians what tools would help them do their jobs better generates buy-in and yields the best results.

2. Consider your patient population and take time to teach them about the new system.

Younger, tech-savvy patients are likely to welcome the switch to e-prescriptions. This population will be eager to take advantage of new opportunities like reminders to take meds, e-requests for refills, and access to drug information through patient portals.

Meanwhile, older patients will need more orientation on these tools. Build in appointment time for explaining the new process. For patients who are not comfortable going virtual, consider coupling e-prescriptions with printed ones or providing medication fact sheets. An effective care management solution should take into account patient as well as physician needs.

3. Select priority functionalities like remote patient monitoring or HIPAA-compliant patient portal integration.

While automated checks on duplicates, dosage, allergies, and drug interactions are fairly standard decision support features, think about other functionalities you want to prioritize in your choice of an e-prescribing system. If your physicians are on board with remotely monitoring medication adherence, you may want a system that offers a mobile phone app. Patients can track when they take their meds and record any symptoms, and physicians can feed this data back into treatment plans.

4. Opt for a format that fits your budget and timeline.

A stand-alone e-prescribing system will have a lower annual cost than a full EHR solution. It will also be easier to train your team on and will lead to enhanced efficiency faster. Meanwhile, the more expensive EHR-integrated system will take longer to implement.

The obvious advantage of the latter is that, once in place, it will serve as a one-stop shop. On an EHR-integrated system, physicians can access not only medication histories, but also diagnosis history, test results, and insurance information as they make prescription decisions. A comprehensive option with a remote patient monitoring aspect or HIPAA-compliant patient portal integration also translates to more training time up front.

5. Factor in direct costs, indirect costs, and opportunities for cost-saving.

In addition to annual software licensing fees, you may need to buy and maintain new hardware. You will also have to invest time for staff training, while the transition requires substantial work on the part of management staff. Short-term lost productivity is unavoidable, and you should account for this cost. On the flip side, there are opportunities to obtain free systems or financial aid through private, state, or federal sources, including Meaningful Use EHR Incentive Programs.

An analysis of the challenges and opportunities of switching over to e-prescriptions at your practice is essential to a successful transition.

Business Development Manager at Bridge Patient Portal. Passionate about helping healthcare businesses grow.

The Benefits of Outsourcing Healthcare Software Development

Nearshore Americas’ whitepaper “
Healthcare Software: The Argentine Advantage” highlights many benefits that Argentina has for outsourcing healthcare software development over its offshore rivals. Here are the key reasons for partnering with a nearshore developer in Argentina: (more…)

Business Development Manager at Bridge Patient Portal. Passionate about helping healthcare businesses grow.

Are SaaS Software Applications and Cloud Servers HIPAA Compliant?

cloud securityAs a provider of patient portal, SaaS software and hosting solutions to the medical industry, we get asked this question a lot. Unfortunately, there’s very little information available on the internet that addresses this specific issue – and what does exist is generally false or a part of a sales pitch by a company trying to market “HIPAA-certified hosting solutions” or other HIPAA-compliant health IT solutions.

Before we can answer this question correctly, we must first understand what HIPAA is and how it relates to software, hosting and other healthcare IT solutions.

The Health Insurance Portability and Accountability Act was enacted in 1996 to address the growing use of technology in healthcare, specifically the transaction of health information between providers, employers and health insurance plans. You don’t need to read the entire 349-page document to understand a few important principals of HIPAA.

Here are a few things you should know about HIPAA.

1. HIPAA makes almost zero reference to technical specifications required for hardware, software, security, etc. Even if it did, it would be completely out of date since its publishing in 1996, and surely would not contain much relevant information pertaining to new technologies like SaaS software and cloud hosting. Therefore, it’s important not to read into false claims made by companies about the use of certain brands of firewalls, servers, operating systems or server architectures.

2. You cannot be “HIPAA certified.” HIPAA is a set of rules and best practices. There is no certifying body for the government that certifies software, hosting companies or health organizations on HIPAA.

3. You can be audited by a variety of governing bodies for HIPAA compliance. Other certifications do exist that may include some of the rules or best practices found in the HIPAA guidelines. Some of these certifications include:

a) SSAE16 – An auditing standard created primarily for the financial services industry verifying hosting companies’ physical and software security standards. Hosting companies that are audited receive reports demonstrating compliance for SOC 1, SOC 2 or SOC 3.

b) ONC-ATC – A certification for healthcare software companies to certify their software on a variety of security and functional items.

In consideration of the above items, the answer when it comes to considering cloud servers and SaaS applications HIPAA-compliant is that one must consider the use of these technologies as only a part of the big picture on how this is used. If there was a HIPAA certification for SaaS software, it would not guarantee HIPAA compliance as there could be faults in the hosting, the computer being used or the user using the software in a public place un-shielded by the public’s eye.

There is no specific provision in the HIPAA guidelines that opposes the architecture of a cloud server, VPS server or SaaS application (even though by nature these are “shared” architectures). One must, however, consider the HIPAA guidelines that do exist that pertain to encryption, user authentication and other “best practices.”

This article was originally published on the Medical Web Experts blog.

Business Development Manager at Bridge Patient Portal. Passionate about helping healthcare businesses grow.