EMRs’ big gaping hole of secure messaging

Today’s post begins a series inspired by my recent participation in a breakfast panel in Washington, DC, Doctors and Patients Bridging the Digital Divide. There were a lot of useful ideas discussed during this panel, and so I decided to capture and share some with you.

One of the biggest holes in electronic medical records currently seems to be a lack of secure messaging systems built into the software.  Although maybe not universally true, this still represents a huge problem that also represents a great opportunity for gains in technology that will enhance the doctor-patient relationship and move digital healthcare forward into the future.

Currently, my electronic medical record vendor does not supply this feature as part of its software package.  However, as part of the Meaningful Use Stage 2 requirements by the federal government, the use of a certified EMR system that supports this function will be required.  A HIPAA-compliant secure messaging system will be needed as a part of every electronic medical record going forward.

Currently, if I wanted to use secure messaging to communicate with my patients, I would have to purchase a separate third-party vendor’s online software to communicate in a HIPAA-compliant fashion.  This involves an additional service agreement between the third-party and me, as well as monthly fees they can be expensive.  This would grant me the right to not only communicate with patients but also to bill third-party insurance companies for providing such electronic health services.  However, what may people do not appreciate is the small reimbursement allowance for such services, which is quite minimal.  Thus, regardless of the demand by patients, it’s currently more financially lucrative simply to see another patient in the office for a follow-up visit rather than answer a message electronically.  If an electronic medical record vendor builds secure patient messaging into their platform, when there is already a contractual arrangement between the doctor and EMR vendor, then a third-party cost would potentially become unnecessary.  The prospect of using a built-in, HIPAA-compliant, secure messaging system suddenly becomes much more attractive and potentially fiscally responsible.

Unfortunately, many EMR systems are in still developing stages at which they do not yet have built-in secure messaging features in their PHR or personal health record modules.

But what a wonderful and potentially powerful area for future development in order to further promote patients to become more engaged in playing a more active role in their own health care.  The ability of a patient to reach their doctor through the Internet is certainly an attractive feature if done right and seems potentially better than a patient spending five minutes on hold listening to elevator music only to finally speak to a front desk staff member who will only be able to forward a message, which may or may not be forwarded accurately.