Security isn’t the only benefit of a robust patient portal.

Caleb Clarke, NueMD
By: Caleb Clarke
As the healthcare industry continues to implement new technology, security will remain a major concern. Whether it’s due to external attacks from data thieves or accidental exposure of sensitive patient health information by an employee, practices of all sizes have been forced to rethink the way they handle, store, distribute, and protect patient data.

Aside from the clinical implications of mishandling PHI, now the HHS is closely monitoring how even the smallest practices treat protected health information (PHI). The financial stakes have never been higher.

But, there is one very secure technology available today for secure patient communication.
Portals made specifically for your patients offer data security that email never could.Tweet: Portals made specifically for your patients offer data security that email never could.

What is a patient portal?

Unlike paper records that can easily get lost or stolen, a patient portal is a secure website that allows patients to access their PHI online 24/7 from anywhere with an Internet connection.

Using a secure username and password, patients can view information like recent doctor visits, discharge summaries, medication lists, allergies, and lab results. More advanced portals even offer patients the ability to securely communicate with their healthcare provider, request prescription refills, pay outstanding balances, and schedule appointments.

Designed to help patients get more involved with their own care, the benefits of implementing a patient portal extend to healthcare providers as well. By using the portal as an online payment center, a practice can often reduce costly paperwork while also facilitating better patient-provider communication for ongoing support care between office visits.

Why use a patient portal?

Despite recent reforms focused on clinical and technical integration, the healthcare industry can often present a fragmented experience for everyone involved.

When a patient meets a new doctor for the first time, transferring medical records between small practices can prove difficult. Even with technology like electronic health record technology, data formats and transfer security concerns have cast a dark shadow over the prospect of safely transmitting PHI from network to network.

For the physician, the detriments of this are clear. A provider can no longer accurately diagnose a patient without repeating a list of expensive and time-consuming tests that the patient may not even need – ultimately wasting time and resources that could be better spent on providing more cost-effective care.

Learn how to send HIPAA compliant emails.

HIPAA compliance is key

However, the toll of forgoing an accessible and secure patient portal system for PHI transmission may be even more damaging for small practices just trying to make ends meet. HIPAA compliance and data security professionals constantly stress the superiority of patient portals over email in the PHI messaging game.

The clinical benefits of extending patients' access to their own health information have been proven time and again. Not only does this create more engaged patients who are more likely to remain faithful to their medication regimens, but it established a more secure mode of communication between clinicians and their charges used to share relevant information or trigger reminder alerts.

What’s wrong with email?

Unfortunately, email is just not a reliable form of communication when PHI is involved. In fact, a recent survey on HIPAA compliance found less than half of respondents were “very confident” their communication over email was HIPAA compliant. PHI sent via email needs to be encrypted, which most consumer-facing web clients cannot do. For instance - Gmail, the free service from Google that your practice might use to save a little money, is not suitable for HIPAA-compliant activities.

Each email message requires at least 128-bit encryption to comply with the industry standard in data protection, though many top companies have begun to use 455-bit keys as well. Of course, you could password protect every single document you send to clients, but this is probably just as time consuming as filling out paperwork by hand and sending it in the mail.

Building an entire site with customized security protocols is often the safest way to go.

Secure, and useful

Physicians can even personalize their specific patient portals so patients are presented with relevant information upon entering. This ability to customize a user interface should not be overlooked when it comes to patient portals. For the physician, receiving emails with medical jargon might seem comprehensible, but the layperson needs a more down-to-earth way of viewing and understanding his or her own health. Using patient portals gives practices the ability to format the most clinically relevant information in eye-catching ways to subtly improve care.

What’s to come?

Widespread adoption of patient portal software won’t happen overnight - but it’s catching on. Both young parents and individuals caring for elderly parents are in a tech-savvy age group. They often prefer online communication to tedious phone calls and visits. Chronically ill patients also benefit from increased communication and constantly up-to-date health records.

Considering the obvious clinical benefits, and the fact that Meaningful Use is pushing for portal implementation across the board, patient portals will only continue to grow over the next few years.

Learn more about how Meaningful Use relates to HIPAA.

Caleb Clarke is the Director of Strategic Development, Sales and Marketing at NueMD with more than 15 years of operational, sales and marketing experience across a broad range of companies. Prior to joining NueMD, he worked in the healthcare industry at a Managing General Underwriter and later at a managed care organization.