The new year is upon us, and that means it's time to make some resolutions for your facility. We think every organization should make it a priority to improve their IT in 2015, and for good reason. The benefits of doing so can be significant, and can include improved compliance, operational efficiency, staff productivity, patient satisfaction and preparedness for the unexpected.
Here are 15 IT New Year's resolutions to consider for 2015.
1. Migrate from Windows Server 2003. Microsoft is ending support of Windows Server 2003 on July 14, 2015. As of that date, Windows 2003 will be considered vulnerable to security issues. An organization using Windows 2003 for anything involving protected health information (PHI) will be technically out of compliance with HIPAA.
Make it a priority early in the year to identify whether you have servers using this operating system, and then determine which machines have hardware capable of running a newer operating system and which do not. For those that can, you will want to upgrade to a new operating system. For any that cannot, you will either need to replace the machine or have the technology inside it upgraded (if possible).
2. Speak with vendors about costs. Our President and CEO Nelson Gomes recently identified eight areas of focus when putting together your IT budget in a Physicians Practice column (access it here). As he notes, to put together an accurate budget requires conversations with your IT vendors. They can tell you of planned upgrades, maintenance costs and contract renewal costs. If you're planning a significant IT capital investment, such as adding an EHR or another system, you will want to speak with vendors to develop a budget to estimate the cost of purchasing the system plus costs associated with installation and implementation.
By having conversations with your vendors about IT projected costs, you will not only have a better understanding of roughly how much to expect to spend on IT services throughout the year, but will also be in a better position to make educated decisions concerning IT.
3. Work more closely with IT vendors. Make 2015 the year when you work more closely with your IT vendors. You should be having regular conversations with them about a number of topics (in addition to costs). These include system features you may not be taking full advantage of, training opportunities for staff, new technology to consider and regulatory developments that may impact your use of technology.
By working more closely with your vendors, you will put your facility in a better position to maximize your investment in IT and avoid surprises that can negatively affect your operations and bottom line.
4. Leverage technology to ensure HIPAA compliance. HIPAA compliance was put into the spotlight over the past few years because of high-profile data breaches, the HIPAA Omnibus Final Rule going into effect, the end of Microsoft supporting Windows XP and Office 2003, and the increasing value of healthcare data to hackers. Regulators have taken notice, and are aggressively pursuing audits.
Pledge to conduct at least one HIPAA and HITECH security risk analysis and remediation in 2015 to ensure PHI is secure. This should be an annual exercise, so if you failed to conduct such an analysis in 2014, it should be a top priority for 2015. Speak with your IT point person and vendors to determine if you are using the features included in your facility's technology to effectively protect PHI.
5. Improve IT security. While the efforts you undertake to improve HIPAA compliance will help improve IT security, you should explore ways to improve IT security throughout your facility. Newer systems are usually designed with strong security safeguards; make sure you are using them to protect PHI and financial information. Staff should change their passwords frequently, and make them hard to guess (use a combination of upper and lower case letters, numbers and symbols). Passwords should be different for different accounts — the same password should never be used twice.
A few other good tips: Check to make sure you deactivated the login credentials of any staff member no longer employed at your facility. Make sure you have a policy for checking and verifying the credentials of anyone from an outside firm who comes into your facility to provide services, and limit their access to the areas they need to go to perform the service. Finally, provide education to staff on IT security, and let them know maintaining security is a responsibility, not an option.
6. Conduct IT disaster drills. IT disasters can have a substantial, negative impact on operations and finances. Make sure you have a comprehensive, HIPAA-compliant IT disaster recovery and business continuity plan that details the steps you will take to recover from any type of IT disaster and how you will maintain business continuity during and after a disaster.
If you do not already have such a plan, this should be a high priority for 2015. If you have a plan, make sure it is current. Vow to schedule IT disaster drills throughout the year. Look for potential deficiencies and solicit feedback from drill participants.
7. Upgrade to newer systems. If you have been putting off upgrading older computer systems, also known as legacy systems, the cost savings you're capturing may not outweigh what you're losing in other areas. Older systems often lack the security safeguards built into newer systems. They frequently cannot "interface" with other systems, resulting in a need for more manual processes or repetition of data entry. Legacy systems may lack valuable tools and features included with newer systems that can help drive improvements throughout your facility and may not be designed to effectively address new and upcoming requirements, such as those associated with quality reporting and ICD-10.
Make 2015 the year when you research your options for replacing legacy systems, and start switching over to newer solutions. While this will require an investment and likely a transition period as you change from the old to the new, the short- and long-term benefits should make finally taking the plunge well worthwhile.
8. Maximize the benefits of your systems. You've made significant investments to bring powerful IT into your facility, but are you using all of the tools now at your fingertips? It's not unusual to see facilities bring in new technology and set aside just enough time to have staff trained on the basic functions of that technology, but never set aside time later to explore more advanced features. These can include functions that help perform more robust and valuable benchmarking, track inventory and eliminate manual processes.
If you know of features you're not using, block off time this year to learn how to use them. Ask your vendors about more advanced tools you should be using and how your staff can receive training on them. Taking advantage of just a few new features may make a significant, positive impact on your operations.
9. Identify ways to use IT to improve staff productivity. You invest a lot in your staff, and their productivity helps make this significant investment justified. There are many different ways to use IT to help improve productivity even more this year.
Consider providing select staff with dual monitors, which will allow them to view more electronic documents at the same time. Investing in newer hard drives (such as a solid-state drive) will reduce a computer's boot-up time and application start times, and allow programs to run smoother. Purchasing monitor mounts can reduce neck, shoulder and back pain, and eye strain, allowing staff to work more comfortably. If your Wi-Fi signal is weak anywhere in your facility and creating connectivity problems, consider purchasing boosters.
These are just a few examples of fairly small IT investments that can go a long way in not only improving productivity but also overall staff satisfaction.
10. Provide staff with IT training. If you expect your staff members to use the systems you have purchased for your facility, make sure they are receiving the necessary training to use these systems effectively. While some employees may be able to learn how to use a system without much training, others will not. Even more savvy users will likely need some guidance along the way.
Make sure you are carving out enough time for staff to receive the IT training they need any time a new system is brought into the facility or an existing system undergoes an upgrade. You should also make sure new employee orientation and training includes IT. While a staff member's previous experience using an EHR or practice management system may come in handy, unless your facility uses the exact same systems, there will be some differences between the systems the new employee should learn about.
11. Explore how to better use IT for patient engagement. Evidence demonstrates that patients who are more actively involved in their healthcare experience incur lower costs and better outcomes. And patients are often eager to become more involved since they are now bearing more of the burden of the cost for their care. Make this the year where you explore different ways to use IT to improve patient engagement.
This goes beyond just purchasing an online patient portal, although that can certainly be a worthwhile investment. IT can be used to provide better education to patients about their condition and treatment. Many facilities speak of the benefits of moving to an electronic patient satisfaction survey as a means to improve completion rate and analysis of results. Some facilities are now using a text messaging system to keep family members updated during procedures. Speak with your existing vendors about patient engagement tools they may offer, and explore other resources available.
12. Examine the role IT can play in marketing efforts. As consumers take on a more active role in their healthcare, they are also taking on a more active role in selecting where they go to receive care. This makes it imperative for providers to have a marketing plan. A good marketing plan for 2015 should involve the use of a number of IT tools.
It is imperative for providers to have an online presence, which at a minimum should include a website. The use of social media, such as Twitter and Facebook, can also be a worthwhile component of a marketing plan. Setting up a YouTube channel and putting videos on your website can help humanize your physicians and staff. A combination of these resources, if managed properly and effectively, can go a long way in reaching prospective patients.
13. Update your website. Many providers will invest time and money into building a nice website, but then fail to make important changes following its launch. Does your website include information on all of your physicians and the services you offer? If you are using social media, does your website include links to these accounts? Is contact information correct? Any time your facility undergoes a significant change, your website should be updated to reflect the new information.
Updating your website may need to mean more than just updating information on it. It may need to mean bringing it up to date visually and functionally. Website development has come a long way in just the past few years; in fact, some websites that are just five years old already appear and feel outdated. New website content management systems are designed to make websites not only look good, but make them easy for visitors to navigate, both on a personal computer and smartphone or tablet.
Your website will often serve as the first interaction between you and a prospective patient. Make sure the website makes that experience a positive one.
14. Dispose of old technology. Does your facility have a storage closet holding old technology you stopped using months, if not years, ago? Pledge to finally get rid of all of the technology you haven't used in awhile, and are likely to never use again. Not only is this technology taking up space, but if you put technology into storage that has PHI still stored in it, this is a potential compliance risk, especially if the storage is not in a secure location.
Depending upon the age of the devices in storage, you may be able to donate some it to charities while others will need to be recycled. Just make sure you completely wipe clean any machines with hard drives containing PHI and other sensitive data. This can even include fax machines and copiers; many include hard drives that may have stored scans of documentation.
15. Give your technology a good cleaning. Computer keyboards, keyboard covers, mice, tablets and other pieces of technology have the potential to harbor potentially harmful bacteria for prolonged periods of time. While you should have a good cleaning protocol for technology used in operating and procedure rooms during procedures, you should also have standard operating procedures to disinfect other computer equipment on a regular basis.
Make 2015 the year when you develop these procedures, if they're needed, and make sure staff follow them throughout the year. This will help reduce the potential for bacteria transmission and keep everyone who comes into your facility safer throughout the year.
Need help meeting any of these or other IT New Year's resolutions? Contact PriorityOne Group today!