Patient Engagement and Stage 2 Meaningful Use

Posted August 12th in Education, Meaningful Use

shutterstock_112345154“Patient Engagement” has certainly become a buzz-word in the realm of modern health IT.

It has been called “the Block-Buster Drug of the Century” and the “One Secret to True Healthcare Reform.”

One thing everyone seems to agree on is that genuine Health Transformation can’t happen until facilities and doctors get patients more involved in their own care.

The engagement of patients and their families in patients’ health care is a prominent goal of the EHR Incentive Program. CMS requires providers to meet several Patient Engagement benchmarks that will have a positive impact on the quality of care the public receives.

This policy priority aims to improve patients’ understanding of their health and related conditions so they take a more active role in their health care.  It also encourages the involvement of patients’ families, as many patients depend on their support.

New Patient Engagement Meaningful Use Objectives

There are now two new Meaningful Use objectives related to Patient Engagement for Stage 2. One objective specifies online data access for patients. This replaces two related Stage 1 objectives: providing electronic copies of health information or discharge instructions, and providing timely access to health information. The other objective requires EPs to use secure electronic messaging to communicate with patients.

New: Data Access

  • Objective: Provide patients the ability to view online, download, and transmit their health information within 4 business days of the information being available to the eligible provider (EP).
  • Measure 1: More than 50% of all unique patients seen by the EP during the electronic health record (EHR) reporting period are provided timely (available to the patient within 4 business days after the information is available to the EP) online access to their health information.
  • Measure 2: More than 5% of all unique patients seen by the EP during the EHR reporting period (or their authorized representatives) view, download, or transmit to a third party their health information.

New: Secure Messaging

  • Objective: Use secure electronic messaging to communicate with patients on relevant health information.
  • Measure: Under the Stage 2 objective to use secure electronic messaging to communicate with patients on relevant health information, a secure message must be sent using the electronic messaging function of Certified EHR technology by more than 5% of unique patients seen by an EP during the EHR reporting period.

Updated Patient Engagement Meaningful Use Objectives

EPs now have 1 day (instead of 3 days) to provide patients with a clinical summary. The content of the clinical summary has been updated to include demographic information, smoking status, recommended patient decision aids, and a care plan field that includes goals and instructions.The patient education objective, previously a menu item, is now a core requirement. Also, the clinical summary objective has been updated.

Updated: Clinical Summaries

  • Objective: Clinical summaries provided to patients within 1 business day for more than 50% of office visits.
  • Measure: Clinical summaries provided to patients within 1 business day for more than 50% of office visits.

Updated: Patient Education

  • Objective: Use certified EHR technology to identify patient-specific education resources and provide those resources to the patient if appropriate.
  • Measure: Patient-specific education resources identified by certified EHR technology are provided to patients for more than 10% of all unique patient with office visits seen by the EP during the EHR reporting period.

ONC has developed several tools to assist your efforts in Patient Engagement:

Top 10 Myths of Security Risk Analysis

Posted August 12th in Education, Service Offering

mythbustedAs with any new program or regulation, there may be misinformation making the rounds.

The following is a top 10 list distinguishing fact from fiction.

1. The security risk analysis is optional for small providers.

  • False. All providers who are “covered entities” under HIPAA are required to perform a risk analysis. In addition, all providers who want to receive EHR incentive payments must conduct a risk analysis.

2. Simply installing a certified EHR fulfills the security risk analysis MU requirement.

  • False. Even with a certified EHR, you must perform a full security risk analysis. Security requirements address all electronic protected health information you maintain, not just what is in your EHR.

3. My EHR vendor took care of everything I need to do about privacy and security.

  • False. Your EHR vendor may be able to provide information, assistance, and training on the privacy and security aspects of the EHR product. However, EHR vendors are not responsible for making their products compliant with HIPAA Privacy and Security Rules. It is solely your responsibility to have a complete risk analysis conducted.

4. I have to outsource the security risk analysis.

  • False. It is possible for small practices to do risk analysis themselves using self-help tools. However, doing a thorough and professional risk analysis that will stand up to a compliance review will require expert knowledge that could be obtained through services of an experienced outside professional.

5. A checklist will suffice for the risk analysis requirement.

  • False. Checklists can be useful tools, especially when starting a risk analysis, but they fall short of performing a systematic security risk analysis or documenting that one has been performed.

6. There is a specific risk analysis method that I must follow.

  • False. A risk analysis can be performed in countless ways. OCR has issued Guidance on Risk Analysis Requirements of the Security Rule. This guidance assists organizations in identifying and implementing the most effective and appropriate safeguards to secure e-PHI.

7. My security risk analysis only needs to look at my EHR.

  • False. Review all electronic devices that store, capture, or modify electronic protected health information. Include your EHR hardware and software and devices that can access your EHR data (e.g., your tablet computer, your practice manager’s mobile phone). Remember that copiers also store data. Please see U.S. Department of Health and Human Services (HHS) guidance on remote use.

8. I only need to do a risk analysis once.

  • False. To comply with HIPAA, you must continue to review, correct or modify, and update security protections. For more on reassessing your security practices, please see the Reassessing Your Security Practice in a Health IT Environment.

9. Before I attest for an EHR incentive program, I must fully mitigate all risks.

  •  False. The EHR incentive program requires correcting any deficiencies (identified during the risk analysis) during the reporting period, as part of its risk management process.

10. Each year, I’ll have to completely redo my security risk analysis.

  • False. Perform the full security risk analysis as you adopt an EHR. Each year or when changes to your practice or electronic systems occur, review and update the prior analysis for changes in risks. Under the Meaningful Use Programs, reviews are required for each EHR reporting period. For EPs, the EHR reporting period will be 90 days or a full calendar year, depending on the EP’s year of participation in the program.

The good news: Kentucky REC can help! Contact us for more information about our HIPAA Privacy and Security Risk Analysis Services.


65% Subsidy on Broadband Services for Healthcare Providers in KY

Posted August 6th in News

telehealthThe Kentucky Cabinet for Health and Family Services announced the formation of the Commonwealth Healthcare Network Fund (CHNF) to organize Kentucky’s non-profit healthcare facilities and submit a consortium application for the newly announced Healthcare Connect Fund (HCF) which will subsidize 65% of broadband costs.   The proliferation of electronic medical records, digital radiologic imaging, telehealth and other initiatives requires healthcare providers to utilize high-speed broadband services and this federal program will help reduce the financial burden of those expenses. 

If you currently conduct clinical telehealth services, please look at how this can expand what you are already doing.  If you do not do clinical telehealth activities today, consider how this expansion will benefit you and your patients.  Also consider how, in the new reformed healthcare environment, telehealth can get the right care to the right people at the right time in the right place to increase access to care, improve health outcomes and reduce the cost of care. 


  1. Please carefully read this announcement and the attached information as well as the documents that are on the CHNF website
  2. Complete the non-binding “letter of interest” by COB Friday, August 9 at to show your interest in the program
  3. Participate in one of the Kentucky informational phone conferences that are described in the “letter of interest” document
  4. Contact the CHNF with any questions at  
  5. Before Kentucky submits the application in the fall of 2013, every healthcare facility will complete a “letter of agency” that permits the CHNF to apply for these funds on their behalf.
  6. Provide all information required by the CHNF to submit the application, and after award of the funding, you must verify to CHNF your 35% payment to your broadband provider as well as pay an administrative fee to CHNF. This fee will be a small percentage of the savings you accrue in the program. 

This program will require a lot of work, but a 65% subsidy on broadband services will be well worth the effort. 

 Please see below  for additional information and sample forms.

Public News Service article available here. This audio story has been picked up by over 60 radio stations thus far. This news is spreading fast!

Kentucky REC’s Patient Centered Medical Home (PCMH) Services

Posted July 26th in Service Offering

medical-home_5What is a Patient-Centered Medical Home (PCMH)?

NCQA’s PCMH Recognition program is a model for improving the organization and delivery of primary care. The medical home model has the potential to transform a primary care practice so that it is more comprehensive, coordinated, patient-centered, safe, and accessible.

In a traditional practice, a patient gets care only when he or she initiates contact by making an appointment. In the PCMH model, doctors and staff reach out to patients to make sure they are getting the care they need. The staff runs reports to see who is due for a checkup or screening, who is overdue for a prescription refill, who saw a specialist, what follow-up is needed, etc. The practice takes a proactive approach to keeping the patient as healthy as possible.

Stronger doctor/patient engagement, better access to the doctor, proactive intervention, and careful management of chronic conditions are the cornerstones of the PCMH model.

When done right, the results are better medical outcomes, fewer serious episodes, less hospitalization, and better quality of life. In the end, this lowers the cost of health care for the patient, the practice, and the community.

According to a recent analysis by Blue Cross Blue Shield, physicians who have transformed their practices to Patient Centered Medical Homes have saved an estimated $155 million while improving patient care. Researchers found that medical home practices showed higher ratings for care and preventative care services, an average of $26.37 in lower monthly medical costs per adult, and an average of about 20 percent lower rates of inpatient admission for patients who had “ambulatory care sensitive conditions” (i.e. asthma, high blood pressure, diabetes, etc.).  (Click here to read full article)

PCMH & Meaningful Use

PCMH overlaps with the Meaningful Use incentive program by reinforcing the use of EHRs and Health IT. Stage 1 and Stage 2 Meaningful Use language is embedded into the PCMH Standards, so that Meaningful Users are well-prepared to begin the PCMH transformation process.

The PCMH program is specifically designed to give providers a roadmap, and a seal of approval, toward improving patient care. Effective utilization and Meaningful Use of an EHR puts a practice in direct alignment with PCMH standards.

 Why Pursue PCMH?

  • Improved Care
  • Enhanced Efficiency
  • Optimized EHR
  • Stronger Market Competitiveness
  • Higher Physician, Staff, and Patient Satisfaction

Introducing Kentucky REC PCMH Services

Our NCQA PCMH Certified Content Experts can partner with you to develop efficient, reliable care practices designed for sustainable practice transformation. Our framework serves to accelerate your journey to PCMH recognition. Through our expert training, coaching, and resources, your staff will be well-prepared to begin the transformation process. Our PCMH Certified Content Experts will help you measure your readiness for PCMH, educate you on best practices, and provide you with an array of resources to ease the process for your staff.

As your PCMH partner, the Kentucky REC offers a variety of services to help empower both small and large health care practices in their journey towards PCMH recognition. Our PCMH Certified Content Experts help you accelerate the recognition process by providing:

  • Education on PCMH standards and best practices
  •  Documentation review and feedback
  •  Advice for overcoming transformation barriers
  • Access to a web-based project management tool for tracking your transformation progress
  • Guidance with the PCMH application and submission process

Contact us today to learn more about becoming a Patient Centered Medical Home!

Kentucky REC’s Own Dr. Carol Steltenkamp Named HIMSS Vice Chair

Posted July 23rd in News

Carol SteltenkampDr. Carol Steltenkamp, UK HealthCare Chief Medical Information Officer and Kentucky REC Executive Director, was named Vice Chair of HIMSS, effective July 1, 2013. HIMSS is a cause-based, not-for-profit organization exclusively focused on providing global leadership for the optimal use of information technology and management systems to improve health care.

In her new role as Vice Chair of the Board,  Dr. Steltenkamp sat on the panel at the press conference introducing the HIMSS Health IT Value Suite in Washington, DC on July 16, 2013.

HIMSS created the Health IT Value Suite to identify, classify and discuss many known examples of Health IT value.  It is a robust library of value-focused, evidence-based use cases organized into Value STEPS™ (Satisfaction; Treatment/Clinical; Electronic Data/Information; Prevention and Patient Education; and Savings).  

At the press conference, Dr. Steltenkamp praised the new Health IT Value Suite. “I’m not a doctor who is a techy. But what I am is passionate about using healthcare IT to improve the care of my patients,” she said.

Learn more about the HIMSS Health IT Value Suite here.


Panelists from left to right: Carla Smith, MA, CNM, FHIMS, Executive Vice President, HIMSS; Dr. Carol Steltenkamp, MD, MBA, FHIMSS, HIMSS Board Vice Chair; Bryan Sivak, Chief Technology Officer, U.S. Department of Health and Human Services; Rob Tagalicod, Director of eHealth Standards and Services, CMS; Angela Duncan Diop, ND, CHCIO, Vice President Information Systems, Unity Healthcare