The patient portal has become a mainstay in healthcare today. More than 90 percent of healthcare practices offer patient portal access to their patients, recognizing countless benefits—from increasing workflow efficiencies and improving transparency to empowering patients to take a more active role in their own care.
If you’re thinking about implementing a new patient portal and looking for a vendor to partner with,, there are certain considerations to keep in mind when evaluating potential partnerships. Here are criteria to follow when assessing potential technology partners::
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the primary law that federally protects health information, requiring providers, insurance companies, and clearinghouses to follow specific standards for how health information can be used and disclosed. When evaluating different vendors, look for a company that offers a HIPAA-complaint patient portal and takes the necessary steps to ensure information is kept safe to protect patients’ privacy at all costs.
Additionally, the patient portal provider you choose to partner with must also comply with the Stage 2 Meaningful Use requirements established by the Centers for Medicare and Medicaid Services (CMS). These regulations encompass several core objectives, such as recording medication orders, submitting prescriptions electronically, implementing functionalities at the point of care, performing medication reconciliation, and reporting to public health and clinical data registries, among others.
It’s not enough to follow HIPAA privacy and security laws. Today, when the risk of data breaches is higher than ever before, healthcare organizations must take the proper precautions to protect against cybersecurity threats. This is particularly true for modern technologies, where data is stored in the cloud. To prevent attacks on their servers and protect confidential patient data, patient portal companies should have robust security protocols in place.
For example, although HIPAA does not require two-step authentication, many healthcare IT companies will choose to implement this practice for added protection.
The Office of the National Coordinator for Health IT (ONC) has authorized six different organizations to perform EHR module testing and certification. These companies, which are referred to as ONC-Authorized Certification Bodies (ONC-ACB), certify EHRs and EHR modules as capable of supporting providers’ efforts to meet the goals and objectives of meaningful use.
When vetting potential patient portal companies, you can search the Certified HIT Product List (CHPL). During this review, you can determine whether the company you’re considering is certified, if they’ve maintained certification over time.
Consider the company’s track record: Have they been successful partners for other healthcare organizations and EHR vendors? If so, do they have the testimonials to prove it? Any established, reputable patient portal company will have the satisfied clients to back up their claims—and they shouldn’t be afraid to refer you to said clients to verify what they’ve said is true.
Does the patient portal company you’re looking into have a mission that ultimately has patients’ best interests in mind? At the heart of the patient portal is the idea that modern healthcare consumers should have convenient, anytime access to their own health data. Not only does this aim to improve both cost and care transparency, but also to encourage patients to take an active role in their own healthcare decisions.
These are just some of the criteria to keep in mind when vetting potential technology partners for your healthcare practice or EHR. With that said, you should also trust your instincts in addition to doing your due diligence. If the patient portal vendor you’re considering doesn’t seem to have your company’s best interests in mind—let alone the patients’ best interests—don’t settle. Keep searching until you find a patient portal partner that you can trust to do the right thing by you, providers, and patients alike.