GreyMAR reduces HIPAA concerns for EMAR backups
Let’s get one thing straight – the goal of any facility that has any sort of outage needs to get their MARs and TARs printed as fast as possible, plain and simple. Having the ability to do so needs to be simple, fast, efficient, and secure. With modern struggles coupled with outdated technologies for senior living, many of these things can get quickly overlooked.
Most EHR customers are familiar with the provided solution that backups their MARs and TARs in the event of a system wide outage, internet outage, etc. With that being said, there are many concerns a modern facility should recognize during their risk assessment of their backup strategy.
With the list of HIPAA addressables declining and the rise of required items, it is extremely important that senior living facilities utilize EHRs take special note of their backup strategies.
Who maintains your current backup solution?
The facility usually employs or sub contracts an outside IT provider to handle these tasks. While IT may understand the basis of what your EMAR backup is doing, them fully understanding the concept and how a domino affect can happen is very slight. If the solution provided by the EMAR provider is not constantly maintained, you can be affected by many items as described below.
If the device was stolen, is your PHI at risk?
The computer that’s sitting there with your patients information on it isn’t secured most likely. There is a fine line between usability and security, and it’s hard to perfect. Most facilities have unencrypted backups from my experience (or none at all) and the computer can simply be picked up and taken. Without proper precautions, the device can also have a simple USB drive plugged in and PHI stolen this way as well.
How are you alerted if your backups are outdated?
The provided solution from your current EHR doesn’t include notifications if your backups are out of date. Not to mention, if you don’t have an IT guy constantly maintaining the provided solution, you are at risk for outdated EMAR backups. The program has no method for alerting and won’t let you know if something didn’t complete correctly.
How are you alerted if your backup doesn’t complete?
Similar to the last point – the provided solution by PCC doesn’t give you much to run with, and doesn’t show you errors if something doesn’t download correctly. If the file download doesn’t complete, you could be left with outdated backups, corrupt backups, or worse, no backups at all.
Does your staff know and understand how to utilize your system?
It can almost be guaranteed that if you walked up to anyone in the facility they will have little to no clue how to work the backup system. The goal is to have a fast, easy way to print out MARs and TARs, but this can be cumbersome for the everyday nurse.
What if there is a power outage? What about an internet outage?
Some facilities feel their power and internet systems are perfected, but I can tell you from experience being in the business for many years, that is far from the truth. What if the generate transfer switch burns up? Generator doesn’t kick on?
What if there is a large area-wide outage of some sort?
Area-wide outages are something we deal with daily, and it’s becoming more frequent, especially in larger cities. When there is an area wide outage, this can sometimes last for days, up to a week I have seen. We had a client that had no internet for close to a week and needed to stay operational. Luckily with the experience we’ve gathered it was easy for us to keep them operating. Facilities not under our umbrella though, I highly recommended a plan.
What if the files are corrupted?
The technology that EHR chose to rely on for their EMAR backups is very primitive, thus is prone to many system errors and may not reliably work. With that said, it is extremely important that you keep an eye on your backups, or employ an IT person to watch over this.
Are you complying with regulations on who has access to the backups?
Carefully read over the HIPAA regulations and you’ll see that there are many that explain the necessity to maintain audit trails of who has access to your PHI. Just like someone logs into your EHR with a username and password, there needs to be a way to maintain this with the backups, too.
Don’t panic! This is all easily correctable!
These were all problems that we were faced with, so you’re not alone. In fact, just by reading this article, you are likely much more caught up with technology and regulations that your peers, so go you! I’d like to introduce you to a service we’ve created to solve all of these issues.
We’ve solved all of these EMAR backup concerns with a simple product called GreyMAR. Simple put, GreyMAR is a disaster solution designed specifically for EHR customers, and we’ve tightly integrated it with their services. GreyMAR maintains, verifies, and secures your backups. We maintain everything for you automatically, and have built powerful logic into our backup system to ensure it’s up to date, encrypted at every point, and easy to access.
To access your MARs and TARs you do the following:
- Go to the website, device, or medcart that your nurse is already using.
- Login with specific credentials (this is to maintain audit trails as required by law)
- Boom, everything is there, no more clicks.
I won’t go into all of the cool features we’ve built here, but you’re welcome to visit our website at https://greymar.io and check it out, or schedule a demo with me by following this link: Schedule A Demo
But wait, there’s more!
As we continued to grow the service (we’re now backing up 5,000 records a week!) we built in fully automated and easy to use eFax. We’ve also included an emergency phone that can be hooked up into our emergency phone system for your building, but that’s another article and still currently in development.
I hope you enjoy this and learned something. Feel free to send me a your feedback!
If you’re interested in more, sign up for our newsletter here.