SaaS EHR Is The Only Option to Show Meaningful Use

I’ve come across a number of websites and people who’ve made the assertion that with the short time frames for meaningful use, a SaaS EHR is the only option to be able to meet the meaningful use requirements in a timely manner. Let’s see if I can do my part to clarify this idea which isn’t completely accurate.

First, there is still plenty of time for a clinic to implement an EMR of any type and get EMR stimulus money. At some point this might change, but at this point we are still far enough out that time is not an issue. Although, I’ll admit that it would be helpful if CMS and HHS would finally get some EHR software certified and provide some practical meaningful use details. Of course, these details shouldn’t be stopping doctors from evaluating and planning for their EMR implementation.

Second, it is worth acknowledging that in general a clinical practice can implement an EMR faster if it’s a SaaS EMR and not a client server EMR. The time for the server to be shipped to your office alone just takes time not to mention getting an IT person or your EMR vendor to install the server in your office. However, if you need more computers and a laptop to be able to use your SaaS EMR, you’re going to be waiting for computers to arrive anyway. Generally though, SaaS EMR is faster to implement than client server.

Of course, this doesn’t mean that you can’t quickly implement a client server based EMR. For example, I implemented a local doctors office in a week from when the server arrived. It was an incredibly fast implementation. Other than ordering time (which they had to order workstations also), it was as fast as any SaaS EMR implementation. So, it’s certainly possible. You just better make sure you have the right IT people supporting your implementation.

My point in this post is that it’s mistaken to say that SaaS EMR is the only option that’s fast enough to implement in time for meaningful use. Many of the client server EMR companies out there have really streamlined the process for installing a server in a clinic. Although, this is not true for all of them. So, it’s a question worthy of asking any EMR company if you’re looking at compacted time lines.

At least for now, it’s a mistake to rule out a great client server EMR just based on the meaningful use time line. We’ll leave the other arguments for ruling out a client server EMR in favor of a SaaS EMR for another post.

About the author

John Lynn

John Lynn

John Lynn is the Founder of the, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference,, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • The size of the practice is also a factor. A large multi-specialty group, with their IT staff and multiple departments, job responsibilities and work-flows is not going to implement as fast as a 2 GP practice. The best way to understand implementation time-lines is to get comparative references. If the EMR vendor can’t get you a good quota of references that are comparable in size and organizational structure to your own group, you should probably consider looking at other EMR’s SaaS or not.

  • This is a moot point. An EMR can be implemented in less that a week from a HW/SW standpoint. The bottleneck is in the training and implementation. That is really not a function of SAAS or client/server, but really a function of how good the EHR company is at education and how easy it is to learn how to use the software.

  • I agree with Jonathan.
    Actually, the biggest bottleneck in my experience is setting up the billing, if you purchase an integrated product, which is usually 45-60 days at the very least.
    If you just buy an EMR, the bottleneck is in creating the interface to your PMS.
    In other cases, the data migration is the limiting factor.

  • Will,
    We’re talking ambulatory EMR that was implemented in a week. Very different than a hospital EMR like you deal with. Certainly it was a unique situation and wasn’t the ideal time frame even for a small office, but was what happened. 4 years later they’re still using the same EMR and love it.

    Of course, I guess I could clarify that they’ve made improvements over time. Although, this is true whether you take 1 week or 6 months to implement.

  • It is not the EMR that is the problem, it is the process – how to handle paper comming in, printer settings, setting up security, wireless networks, fax machine integration etc etc. Some offices have everything there already because of previuos purchases or workflows others are starting from scatch. With Medscribbler some offices we actually have up and running in use in less than a day but others take weeks while we help in the install of scanners, fax etc and others are up quick but are a “dripping tap” as the office adds functions slowly.

    Any SaaS vendor that makes the article claim, is either desperate or incompetent – either of which it is better to stay away from. (Medscribbbler has both Client/server and SaaS (but not as an ASP implimentation which is probably what these claimants are – as ASP has serious problems and their market share is falling)

  • The time frame is really based upon the practice staff’s experience with technology as well as the vendor. I’m migrating a 1 provider practice from Altapoint EMR to GloSuite EMR/PM right now, and due to the staff’s experience with the EMR concept the EMR training took about 25% less time than I planned and 50% less time than the vendor recommended. The PM training took half the allotted time as well. (still there was 14hrs of EMR and 10hrs PM training)

    The main roadblock has been the data conversion of the Demographics and EMR data, and that has now been solved. This is typically an issue that anyone with a PM system will face.

    Since the practice views large attachments and also uses dictation, as SAAS solution was not practical. We’ve been involved with other implementations in the last year and the process took longer than expected due to having to scan thousands of charts and train technology phobic staff and docs. In one case the doc is still not 100% electronic, but plans to retire next year so he doesn’t care.

  • The other factor that isn’t addressed in this discussion is the Security / Privacy rules which require a level of IT security governance that is a struggle even for large organizations. There is a lack of expertise in most communities and even with expertise, if governance is done adhoc, compliance audits have very uneven outcomes.
    SaaS streamlines this process and allows for the clinic to be a endpoint not a node in the EHR network. This means that storage and transfer security controls are the responsibility of the vendor and are dealt with in BAAs. This is very different from a client server model where all aspects of the EHR are the responsibility (and liability) of the clinic. Think about who you are going to hire to ensure compliance or if you want to take it on yourself. And think about the competition for security expertise where the cost is already through the roof due to unfilled demand.

  • Eric,
    Definitely a point worth considering. I think the hard part for doctors is putting their trust of the security and privacy into the SaaS EHR vendors. Reluctant and wary seem like optimal words for their feelings about it.

  • John,
    You are absolutely correct. But the best solution for the clinician is not to take on administration of the complexities of both IT and security administration. It is to design BAAs to demand and enforce strict security/privacy standards on the SaaS vendors (and encourage the HITRECs to make ongoing audits a very stringent part of vendor certification).
    What most people don’t understand is that the greatest risks to EHR security come from inconsistent management of IT systems and their security controls. The technology is pretty good for mitigating the threats. What is not good is the governance of the technology. Believe me, it is hard to begin with and is enormously aggravated by inexperienced and inattention. My concern for small and medium clinics implementing a clien- server EHR is that keeping it secure (between Risk Assessments) requires a level of consistency and attention to detail that is probably unattainable.
    I would argue for holding the SaaS vendors feet to the fire for top notch security and demand a rigorous audit/assessment process to keep it top notch.

  • Eric,
    I’m surprised that more SaaS EHR vendors haven’t embraced this need as a way to differentiate themselves from other SaaS EHR vendors and even their client server competitors. Seems like a chance to really show why it’s better by bracing the audit/assessment process.

  • Frankly, I am too. It is in their best interest to reassure the wary and reluctant clinician. It is also important to for the SaaS vendor to realize that one breach on their part could put them and their clinical customers in a terrible economic bind.
    The risk is there no matter what. The best solution is to control it. The most reliable way to do that is to contain it (like in a well structured data center), minimize it (with good quality technical tools), maintain it (using a quality governance, like configuration and patch management) and watch it (using monitoring, audits, oversight etc).
    This kind of solution is totally out of the economic range of the small to mid-size clinic. It just cannot, will not happen.
    I’m sure that the cost of SaaS already seems high. And I’m sure that is the reason that SaaS vendors don’t make a big deal out of security/privacy governance (yet). Bottom line though is that the risk involved in poor privacy/security is not at all worth betting your practice on. Doctors have patients that trust them. It is the fundamental currency of health care.

  • I think that providers expect strong security as a baseline feature, but it isn’t a big selling point. More important to providers, and thus stronger, selling points are ease of use, cost, quality of practice management features and revenue management, ability to save time and employee hours, document imaging (how to attach faxed referrals and other scanned forms to chart), useful financial and productivity reports, easy and useful performance improvement reports.

Click here to post a comment