Questions MTs Should Ask About A Doctor’s EMR

Pre-orders (1)

Some doctors are now asking MTs to enter the data directly into their EMR (electronic medical records) system. When considering offering this service transcription services should consider the following:

Cloud or Premises EMR?

First, is the EMR cloud-based or installed on the premises? And what is the name of the product? Find this out and do a web search on the product to learn the basics. If you are able to visit the doctor’s office get a demo.

If it’s a cloud-based system that can be accessed via a web browser across the internet you will need a login for the practice in order to enter data.

If the EMR is installed on the premises remote access is more complicated, at least in the initial setup phase. The typical solution is to use a VPN (virtual private network). If they don’t have a VPN already their IT staff would have to deploy one. The MT will likely have to install or configure additional software themselves. As an alternative to a full-blown VPN you might consider using a remote desktop application such as Microsoft’s free Remote Desktop Connection.

After you solve the connectivity problem there remain other issues to consider. The first is training on the EMR. How will you get trained and how much time will you have to invest?

Getting Paid For Extra Workload

woman-865111_640The second, more long-term issue is how much extra time, on average, will it take you to enter data into an EMR versus typing up a note? Most MTs charge by the line but when you are entering data into an EMR there aren’t really any “lines”. In general, for the MT to be properly compensated for the extra time it takes to enter data into an EMR the MT will want to charge more for each dictated “note” (but of course the doctor will want to continue paying the same as before). (more…)

How to Avoid the HHS Breach Portal (Wall of Shame)

Breach Portal

Known to some as the “Wall of Shame” or the HHS Breach Portal, the Health and Human Services page featuring failures to protect Protected Health Information (PHI and ePHI) in a HIPAA-compliant manner is one kind of web publicity no health care provider or organization wants.

1500 HHS Breach Portal Reports (And Counting)

As of the end of April 2016, there were more than 1,500 reports. There are 20 from April 2016 alone.

The HITECH Act requires breaches of unsecured protected health information affecting 500 or more individuals to be posted. Types of breaches include:

  • Hacking/IT Incident
  • Improper Disposal
  • Loss
  • Theft
  • Unauthorized Access/Disclosure

The most common causes of a breach so serious it requires notification to HHS include:

  • Theft of desktop computers or network servers
  • Theft or loss of laptops or portable electronic devices
  • Hacking incidents

Those are the sorts of electronic and device issues you might expect, but there can be non-electronic problems as well (think dumpster-diving as a result of “improper disposal”):

  • Failing to properly secure or destroy paper printouts
  • Failure to secure or destroy films (x-rays, etc)

Actions To Take To Stay OFF the HHS Breach Portal

This Basic Security Checklist for the Small Healthcare Practice can provide sound advice on how to prevent problems. Many of the “best practices” are obvious (use strong passwords and change them often, use anti-virus protection, use a firewall…) but others involve relatively new issues, and foremost among those is the need to protect mobile devices that either contain ePHI or provide a means of accessing a server or EMR. Laptops are easy to lose, smartphones even more so. 

The My Docs Online HIPAA page tells you what we do to protect ePHI, and includes guidelines for the correct use of My Docs Online by medical professionals.

Remember, the HIPAA Security Rule is not just about computers and networks. The rule specifies a series of administrative, and physical, as well as technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information.


Try My Docs Online Free Today. No Credit Card Required.

Securely Share Electronic PHI Without an EMR


Electronic Protected Health Information (ePHI) refers to any Protected Health Information (PHI) that is covered under Health Insurance Portability and Accountability Act of 1996 (HIPAA) security regulations. ePHI is simply PHI which is produced, saved, transferred or received in an electronic form.

Sharing PHI Outside of an EMR

Despite rising use of Electronic Medical Records (EMR) technology within many medical practices, medical providers nonetheless have the need to be able to securely share documents that contain Protected Health Information with recipients that are outside their EMR.

A doctor or other medical professional might need to include PHI in a document sent for purposes of a referral. A doctor might be providing a second opinion, or sending the results of a specialist’s exam.

Some providers also routinely communicate with insurance companies or lawyers as part of accident or workers compensation cases.

PHI Recipients Hard to Predict in Advance

It’s hard to predict in advance who you will need to share PHI-containing documents with. Such sharing of PHI with a recipient might happen infrequently. You might only need to share documents with a particular recipient (more…)

Medical Transcription Is Still Here

Why Surprised

The increase in use of Electronic Medical Records (EMR) systems has led to a decrease in the traditional provider pattern of Dictate/Transcribe/Print. However, Medical Transcription is still here because several important segments of the medical community are likely to continue using dictation and transcription for the foreseeable future.  These include providers needing to communicate with professionals outside the practice. Physicians doing a second opinion, or exams for insurance companies (life insurance, accidents) or workers comp and disability claims, are all key users of traditional dictation and transcription services.

Medical Transcription Is Still Here Because MDs Shouldn’t Enter Data

computer-1149148_640Another reason Medical Transcription is still here is because many doctors have quickly grown tired of spending a good part of their day entering data into a computer (more…)

Customer Upload Customization


For Customer Upload, Customization is the Key

Our Customer Upload feature has long been an easy and popular feature that allows our users to receive files of any size from their customers and clients using a unique link that can be shared by email or incorporated into a website. We’ve long offered the ability to personalize how a MYDOCSONLINE Customer Upload page looks and acts, with options that include:

  • Free “branding” which replaces our logo with that of our user’s company.
  • The ability to “suppress” display of the logo when embedded on a user’s website.
  • The optional display of a “Done” button that allows customers to repeat the upload process multiple times to add more files.

And now we’ve added more customization features:

  • The default “Upload files to…” heading can now be replaced by custom “instructions” that can include html markup.
  • The prompts “Who are the files from” and “Your email address” can be customized to reflect how the user interacts with their customer. For instance, one of our users prefers “Name of Cardholder” and “Email of Cardholder“.
  • The normally optional “Comment” can also have a custom label and be made a required field. The user described above, for instance, prefers “Order # and Additional Comments“.