- Unique user IDs and passwords;
- Two-factor authentication (for example, a code being sent to a cell phone in addition to a password);
- Patient education on appropriate use of the portal and the importance of safeguarding their login credentials; and
- Patient education on securely storing any information they download or print.
Although records must be secure, experts suggest that complex password requirements could actually have the effect of denying access to the patient. Assess your practice population and ensure the login requirements aren’t so strong that your users can’t get onto the portal in the first place.
There should also be a comprehensive user agreement that the patient signs and/or clicks on outlining the responsibilities of both parties. This is probably something the practice should consider running past an appropriate attorney. It needs to walk a relatively fine line between protecting the practice while not denying the patient access to their personal healthcare information.
Mr. Yaskin
Staffing issues will need to be addressed by the practice. Someone from your office, vendor or affiliated hospital, if you are using theirs, will need to be on the help desk to answer questions and handle lost password and user name requests.
One staffing concern that is not often considered is compliance with HIPAA’s Right of Amendment. This gives patients the ability to request changes in their records. Some have seen a 100% increase in these requests running from the frivolous (spelling mistakes) to major corrections, such as showing the rheumatoid arthritis was in the left knee instead of the right.
Stimulating Patient Use
After you have the portal available, the next question is how to get your patients to actually use it. Simply offering the option is the first, fairly tentative step in the process. To meet meaningful use standards, a certain number of your patients must use it.
“It’s really up to the doctors to let their patients know this service is available to them, says Steve Yaskin, CEO of Health Gorilla, a third-party clinical platform that connects patients with their doctors and relevant clinical data. “Often, they put the website address and sign-on instructions at the front desk.”
Portals may lead to ‘a more satisfied patient [because] they have the comfort of a relatively quick turnaround on their questions. For someone who is angry, this is a great way to rebuild the relationship.’ —Dr. Odutola
Generally, the best time to sign people up is when they are in the examination room. The doctor should bring it up by suggesting they get the information on laboratory results. It is also a good time to point out that hooking up with the portal lets patients make appointments and get access to informational materials immediately if they find later that they don’t remember or understand part of the patient instructions.