EMR Stimulus Q and A: EMR Stimulus Money and Dentists

I must admit that the following question is one that I don’t have a very good answer to. However, I’ll offer what I know and hopefully the readers of the site can also chime in with their thoughts in the comments of this post. This question was posted in the comments of my previous EMR Stimulus question and answer post.

Can you help out another reader with a pressing question? Where can I find a good listing of EHRs for dentists? I’m looking specifically for ONC certified products that cater to dental practices and I’m coming up short so far. I know that DDS/DMDs can qualify for incentives under ARRA and they’ll be dinged on the Medicare side if they don’t use EHRs, but how are they supposed to comply if the software’s not out there for them? I’ve talked to several vendors with ONC certification who basically said they’re ignoring dentists in their outreach/software development (due to the larger potential market for internal medicine/general practice, the specialization required for dental systems, etc). A lot of dentists have PMS that they mistakenly believe are full EHRs, but it seems like there is a huge market out there for dental EHRs that is being ignored.

There was some discussion in the comments of the post where the above questions and comments were posted about whether Dentists do in fact qualify for EMR stimulus incentives. My understanding was that they could qualify. This of course assumes that they have enough Medicare and they were meaningful users of a certified EHR (as with everyone else). Although, I believe dentists are considered eligible providers (I’m sure someone will correct me in the comments if I’m wrong).

Unfortunately, I haven’t seen any EHR list by ONC or anyone else for that matter that has EHR software for dentists. Of course, I posted a link to the official ONC-ATCB certified EHR list before. So, watching that list might be the place to start. Although, that list is going to grow between now and the end of the year quite quickly. I won’t be surprised if that list is at least double or triple the size that it is now.

I must admit that I don’t know many of the dentist specific EHR, so I couldn’t go through the list to find the EHR software that is a certified EHR for dentists. If someone else does and wants to share it in the comments, I’ll post that list for others to see too.

I have heard of one dentistry software called Dentrix. I asked my friend who does some work with them about their take on the EHR stimulus money for dentists. He said that he’s asked for more info himself and the only answer he gets is that they need to talk to Dentrix Enterprise. I guess they have multiple versions of their software. Sounds like they are a bit like Allscripts with a ton of different EHR packages depending on size of the office. Unfortunately, Dentrix didn’t answer mine (and others) request on Twitter for information about the EHR stimulus for dentists.

One thing is certain. Dentists that try for the EHR stimulus money will likely be happy to evoke the exception clause for some of the meaningful use requirements that don’t apply to them.

About the author

John Lynn

John Lynn is the Founder of HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.

55 Comments

  • Dentist are Eligible for incentives.

    A good place to look for dental EHR content is in those products that are marketed to FQHC, CHC and RHC, all of which employ dentists galore.

    A particularly nice dental module is the one NextGen has and it includes dental billing too. I do believe there is extra cost though.

  • Thanks Margalit. It’s interesting that you mention NextGen, because I just saw today that NextGen had a dental offering. I read that it is a separate division that came from an acquisition they made. I don’t know many details, but that’s what I remember.

  • John… as discussed when the original question was posed earlier in your blog.

    From Medicare’s 2010 “Your Medicare Benefits”:

    “Medicare doesn’t cover routine dental care or most dental procedures such as cleanings, fi llings, tooth extractions, dentures, dental plates, or other dental devices. Medicare Part A will pay for certain dental services that you get when you’re in a hospital. Medicare Part A can pay for hospital stays if you need to have emergency or complicated dental procedures, even when the dental care isn’t covered.” (page12)

    A more in debth coverage of what is not covered … and what is covered.

    http://www.medicare.com/services-and-procedures/medicare-and-dental-plans.html?ht=

    In that earlier thread I said that services were only reimbursed if performed in a hospital. I was incorrect. Location of where covered (very limited) services are provided is not relevant to whether they are reimbursed.

    Medicare dental revenue to an EP is going to be pretty small for the vast majority of dental practices so will not attract enough providers looking for dental specialty EHR software to the extent that IT vendors will want to create and get ATCB-certified.

    In my opinion… much more likely down the road vendors of dental office electronic management systems will offer a Medicare plug in that is certified and then the ‘all up’ system would be certified. But without a strong demand from the mainstream dental practices … ain’t gonna happen soon. IMO.

  • I’ve looked into whether stimulus money will be available to dentists. Many in your audience won’t like it, but here’s your answer:

    Dentists will not receive any ARRA stimulus to help pay for electronic dental records – even if a practice is 30% Medicaid as required. For one thing, it’s already too late to collect on the biggest portion of our grandchildren’s money unless the practice can prove utilization of an ONC-certified eDR in a “meaningful” way by this time next year. And that’s simply impossible because there are no ONC-certified eDRs, and meaningful use has still not been defined by HHS – with help from the ADA.

    Eventually, someone from the ADA will either have to promote computer busywork as meaningful use, or concede that meaningful use of eHRs in dentistry simply does not exist.

    For example, do you want to log on to a password-protected, HIPAA-compliant computer just to notify the lab that you have a pick-up? For dental practices, speed-dial on the telephone – or fax machine – is much more meaningful, and neither requires the dentist to be a HIPAA-covered entity. In addition, none of the conventional ways of communicating put patients’ identities at risk like digital records on a stolen or hacked computer. That’s Hippocratic meaningful.

    Here’s another drawback to digitalization: Even though electronic dental records are cutting-edge cool, they have yet to show a return on investment for dental practices, and data breaches will continue to make them more and more expensive. Without ROI, paperless is a hobby paid for by clueless patients in higher fees. Bet you haven’t heard that chunk of honesty very often.

    Honesty about hi-tech non-solutions is repressed even in the ADA because it is soo politically incorrect to admit that our dental leaders who misled members were misled themselves by HIT stakeholders and Newt Gingrich. It’s really difficult for high officials inside and outside dentistry to stand up and say, “Oops! We were wrong.”

    See: “Is ARRA Stimulus Money for Dentists?”
    http://medicalexecutivepost.com/2010/11/16/is-arra-stimulus-money-for-dentists/

    I happened to post the article on the Medical Executive-Post two days before John’s article was posted here on the EMR and HIPAA forum. I invite you to read it, and tell me what you think. Other than here, nobody talks about these issues. That can’t be good for dental patients.

    D. Kellus Pruitt DDS

  • 1. Dentists do qualify as Eligible Professionals as long as they meet the “under-served population” requirements. I specifically asked an ONC representative at a REC mtg a month ago. I did, however, pose the question in our context which is that we are a CHC with MD / NP/ DDS / and OD providers. Maybe DDS alone, that are not in practice with medical doctors don’t qualify? Maybe the EDR needs to be attached an EHR to qualify? This I don’t know…just guessing.
    2. NextGen’s subsidiary QSI (Irvine, CA) has a nice EDR which I saw demonstrated about a month ago. Our DDS’s loved it. Rumor I have heard is that Dentrix is very nice, but also very costly compared others.

  • From the CMS website at:
    https://www.cms.gov/EHRIncentivePrograms/30_Eligibility_Eligible_Professionals.asp#TopOfPage

    Note that Dentists are considered EP’s by both Medicaid and Medicare.
    ==================================================

    Eligibility for Individual Providers – Eligible Professionals

    * The incentive payments for EPs are based on individual providers.
    * If you are part of a practice, each EP may qualify for an incentive payment if each EP successfully demonstrates meaningful use of certified EHR technology.
    * Each EP is only eligible for one incentive payment per year, regardless of how many practices or locations at which he or she provide services.
    * Hospital-based EPs are not eligible for incentive payments. An EP is considered hospital-based if 90% or more of his or her services are performed in a hospital inpatient (POS 21) or emergency room (POS 23) setting.

    Medicare: Under the Medicare EHR Incentive Program, EPs include the following:

    * Doctor of medicine or osteopathy.
    * Doctor of dental surgery or dental medicine.
    * Doctor of podiatry
    * Doctor of optometry.
    * Chiropractor.

    Medicaid: Under the Medicaid EHR Incentive Program, EPs include the following:

    * Physicians (primarily doctors of medicine and doctors of osteopathy).
    * Nurse practitioner.
    * Certified nurse-midwife.
    * Dentist.
    * Physician assistant who furnishes services in a Federally Qualified Health Center or Rural Health Clinic that is led by a physician assistant.

    To qualify for an incentive payment under the Medicaid EHR Incentive Program, an EP must meet one of the following criteria:

    * Have a minimum 30% Medicaid patient volume* .
    * Have a minimum 20% Medicaid patient volume, and is a pediatrician* .
    * Practice predominantly in a Federally Qualified Health Center or Rural Health Center and have a minimum 30% patient volume attributable to needy individuals.

  • So dentists only qualify for Medicare reimbursement under very restrictive conditions … and are a Medicaid EP if in private practice they “Have a minimum 30% Medicaid patient volume”.

    Got be dozens of them across the country… literally dozens.

    Despite the importance of dental health to an individual’s overall health … dental services have never been valued by CMS and because of lobby at the outset of Medicare by the AMA not incorporated seriously in Medicare.

    Lucky stiffs. Lucky lucky stiffs.

  • Carl Bergman (from EHR Selector) sent me the following email with some good info:
    At EHRSelector.com, we list seven EMRs that support dentistry. Comparing those to the ONC list, I found three that are certified as complete, that is, they meet all certification criteria. They are:
    AblelMed
    Curemed and
    NextGen

  • Thanks, John. Could have fooled me, and I’m a dentist!.

    Now that you mention it, it seems like about a year ago, I heard a rumor that NexGen was seeking CCHIT “certification” for dental software – even before “meaningful use” in dentistry was defined (?). Yeah. Right. What’s the point?

    As far as I know, nothing else was said about the unheralded accomplishment. NexGen certainly didn’t purchase many press releases bragging about it. And why should they?

    NexGen is more involved in hospital systems than dentistry. Dentrix is the major vendor of dental software, and if Dentrix is somehow certified like NexGen, it’s hardly a selling point.

    Also, I tried to post another comment yesterday on this thread, but it didn’t take. I’ll try again. Thanks for your response.

  • (I unsuccessfully submitted this comment yesterday following Don B’s comment: “So dentists only qualify for Medicare reimbursement under very restrictive conditions … and are a Medicaid EP if in private practice they ‘Have a minimum 30% Medicaid patient volume.’”)
    ——————–

    You now know the long-hidden secret: Digital interoperability with dentists’ offices has always been a non-starter. Today seems to be an excellent day for making that point. I sense something happening in the industry.

    Did you catch the news this afternoon “Electronic Health Records: Why We’re Not Going to See Them by 2014,” by Ken Terry for bnet.com?
    http://www.bnet.com/blog/healthcare-business/electronic-health-records-why-we-8217re-not-going-to-see-them-by-2014/2103

    Less than 10% of hospitals will qualify for ARRA incentive money that becomes available Jan. 1, 2011. Hospitals have several years head start on dental offices plus entire departments for handling HIT and the intricate security issues digitalization brings to healthcare. On the other hand, dental offices typically have less than 5 employees. I bet less than 10% of dentists’ offices are even HIPAA compliant. What do you think?

    Here’s some more news that popped up just a few hours ago, Andis Robeznieks posted “CCHIT seeks comments on specialized EHRs” on ModernHealthcare.com.
    http://www.modernhealthcare.com/article/20101119/NEWS/311199996/#

    Robeznieks writes: “The Certification Commission for Health Information Technology has opened a public comment period for its proposed oncology and women’s-health electronic health-record certification criteria and test scripts. The comment period will end Dec. 10 at 5 p.m. CT.”

    Is it possible that following the establishment of “meaningful use” guidelines for these specialists, dentistry could be next in line?

    Robeznieks describes the difficulties shoehorning oncologists into the one-size-fits-all healthcare mandate:

    “KLAS, an Orem, Utah-based health IT market research firm, released a report on oncology EHRs in September that noted the challenges faced by both those seeking to market and use the products. ‘The oncology market has been ignored by enterprise software vendors for the most part,’ report author Monique Rasband said in a news release. ‘Oncology seems to be on the roadmap for most vendors, but few have made much progress, and their functionality doesn’t seem to be meant for use as a full oncology platform.’”

    See what I mean? Dentistry simply will not fit into the current plans for interoperability – even with the stimulus money available to oncologists. Dentistry is a forgotten, unglamorous healthcare niche. The special thing about dentistry is that the bottleneck in a typical practice isn’t the front desk where computerization is overkill. It’s the dentist. And no amount of computerization can speed up an extraction for an anxious patient.

    D. Kellus Pruitt DDS

    By the way, this thread has been picked up by the Medical Executive-Post. See “Inviting Debate with eDR Stakeholders.”
    http://medicalexecutivepost.com/2010/11/20/inviting-debate-with-edr-stakeholders/

    Everyone is invited.

  • This happens about every week or two. I get behind on a post and then there are so many comments I have to wait until I have down time to catch up. Anyway, Dr. Pruitt, the reason your comments didn’t show was that if you have more than 2 links they get automatically moderated. I think I approved all of them now, so they should be there now. If not, let me know and I’ll search for others that might have enjoyed the wrath of the spam filter.

    It seems like there is a bit of confusion in this post (and in the medical community in general) between the Medicare and Medicaid parts of the EHR stimulus money. I must play ignorance when it comes to much of the dental electronic records world. I’ve considered really branching out to learn about it, but there’s been too much other EHR stuff that this post is really my first entry about dental IT.

    I have no doubt that dental will have a hard time getting any stimulus money from the HITECH act. This is true for many other medical specialties as well. Meaningful use was designed for general medicine. So, take that for what it’s worth.

    As far as certification of dental EHR software, you’re right that it’s useless unless you are trying to get the government stimulus money. It serves no other purpose (at least not one beneficial to the doctor).

    As I said in my disclaimer above about not knowing details of dental EHR software, I can’t help but wonder how many of this list of possible EMR benefits could be applied to dental. That would be the starting point to establishing an ROI. I imagine there are many similarities.

    All of this said, I hope that this thread starts some good conversation for dentists looking at going electronic and helps get more information out there about electronic dental health records.

  • Thanks, John, for the explanation. I figured the lost post was a glitch or something. I wasn’t sure if I had posted it correctly.

    I’ve followed EMR and HIPAA off and on for a year or so. You and your team have done a great job at posting relevant and unbiased information about healthcare information technology. That’s rare to find on the Internet these days — especially for dental issues. Dentists have to rely on vendors for information because nobody is taking a leadership role in the issue, and the ADA isn’t saying a thing.

    I’ve taken your long list, and surprisingly only found one benefit that might be an advantage of eHRs in dentistry – “Improved patient communications.” If dentists could perform this service without having to become HIPAA compliant, it would be wonderful, but it still wouldn’t lower the cost of dental care.

    Here are my responses to other possible advantages of electronic dental records over paper:

    Legibility of Notes – No more dealing with various handwriting styles since notes are typed.
    – Is this really what computerization is for? No. If legibility of notes is a problem, the more logical solution would be to ask the person to write better. Typical dental practices only consist of 5 or so people. Computers empower sloppiness. It is much easier to mistakenly record 5 mm instead of 3 mm on a keyboard than a paper chart.

    Accessibility of Charts – Indexed and easily searchable by multiple identifiers. No more searching the entire clinic for a lost paper chart.
    – Physicians deal with tens of thousands of charts, and hospitals have millions. A typical dentist has two to five thousand. There are not many places for charts to hide in a dental office. Also, dentists usually know a significant number of their patients’ names on sight.

    Transcription Costs Savings – Many users have been able to save on transcription costs by implementing an EMR.
    – Transcription? What’s that? Dental treatment involves the lower third of the face. Not the whole body.

    Space Savings – Many people are able to save space where they’d normally be storing shelves and shelves of paper charts.
    – Dentists offices only store two to five thousand THIN charts, not tens of thousands.

    Eliminate Staff – This almost never happens immediately. Usually this happens through natural turnover of employees and usually occurs with your front desk or medical records staff.
    – Exact opposite: Mandating eDRs would cause dentists to have to hire HIT staff. The front desk has never been the bottleneck in dentistry.

    Eligibility for Pay-for-performance – It could take two years or more for you to implement an EHR and implement a meaningful quality improvement mechanism that would lead to your receiving payments from these programs.
    – That’s hardly a selling point to dentists – know what I mean?

    New Physician Recruitment – Many new physicians are looking for practices that use an EHR and will only work for an organization that uses an EHR.
    – Whether there is even a computer in the office or not has very little effect on a dentist’s work.

    Multiple Users Use a Chart Simultaneously – Most EMR programs support multiple users accessing a chart at the same time. Many even allow multiple people to chart notes at the same time also.
    – That has never been a significant issue in dental offices.

    Lab Results Returned Automatically – This depends on a lab interface, but is more reliable and integrated with the care given.
    – Not an issue.

    X-Ray Results Returned Automatically – This also depends on a X-ray interface, but has the same possible benefits of a lab interface.
    – Not an issue.

    Save a Tree and the Environment – You won’t eliminate your use of paper, but you can significantly reduce the amount of paper/charts you use in your practice.
    – Are talking about healthcare or rationalizations? I guess you could also say digital completely eliminates paper cuts.

    Electronic Prescriptions – Scripts sent electronically or printed out avoid problems of legibility by the pharmacy receiving the script.
    – Dentists write so few prescriptions that filing electronically would raise the cost of dental care without benefitting the patient. That’s against the Hippocratic Oath.

    Spell check – Many EMR software includes a spell check and often even include a medical dictionary.
    – Really?

    Disaster Recovery – Depending on your EMR backup schedule, you can store a copy of your data in multiple locations for better disaster recovery. Plus, in an emergency you could carry a backup of your data with you. Think about how you’d carry a room full of charts with you in an emergency.
    – Disaster Recovery: Which can one read easier by flashlight? Paper of digital. I cannot think of any reason I would want to remove my patients’ protected health information from my office. I cannot imagine why a dentist would be interested in taking such risks with data breaches… yet I know dentists who transport hard drives to and from home every day as back up.

    Drug to Drug Interaction Checking – Most EMR provide a database of Drug to Drug interactions when writing a prescription.
    – That would be nice, but this doesn’t negate a dentist’s obligation to stay on top of these things. We don’t prescribe very many medications, and perhaps only 8 to 10 variations. If harm is occurring because of drug interactions involving dentists’ prescriptions, those instances need to be documented starting today. Perhaps this is a concern. I just don’t know.

    Drug to Allergy Interaction Checking – Most EMR provide a database of Drug to Allergy Interaction checking when writing a prescription.
    – Even if one’s practice is paperless, patients must be asked if they are allergic to any medications before prescribing – that’s the rule in my office.

    Patient Safety? – Better information access, reduced gaps in communication between providers and reduction in duplicate testing.
    – If an emergency dental patient with digital dental records were on vacation, and the attending dentist were able to download tons of information about the patients dental history from 10 years back – to diagnose the problem almost always requires a new x-ray. Often all it takes is one x-ray and a look at the tooth to determine the problem. Many times the patient gives a reliable diagnosis even without the dentist’s help.

    Integration with Physician Dispensing Software – Could make more money using a physician dispensing (yes, I know they can’t really “dispense”) software
    – Not applicable

    Quality of Care?
    – EDRs have not been shown to improve quality of care. They don’t even save money on care.

    Increased Efficiency?
    – Only for the largest practices.

    Better Patient Services?
    – You mean waiting for the HIPAA releases patients sign without reading?

    Improved Workflow?
    – You mean waiting for the HIPAA releases patients sign without reading?

    Improved Patient Communications
    – Possibly. After all that is what computers are good at.

    Improved Accuracy for Coding Evaluation and Management
    – That helps pharmacy chains and insurance companies, but it has nothing to do with patient care.

    Improved Drug Refill Capabilities
    – No. Nothing beats speed-dial.

    Improved Charge Capture
    – Doubtful. Negotiating actuary department-approved hoops to capture what insurance companies owe providers long after the work left the building has nothing to do with patient care and everything to do with slow-paying, clever insurance companies.

    Improved Claim Submission Process
    – Helps Delta Dental, BCBSTX and United Health, but does not help the patient.

    Reduced Medical Records Transportation Costs
    – Not an issue
    ———–

    As you can probably see, John, this is the frontier. Until our conversation, hardly anything has been said anywhere by anyone other than me and a few now-silent vendors. This is special. Thanks.

    D. Kellus Pruitt DDS

  • Someone who wanted to remain anonymous sent me the following message:
    I am currently working for a dental PMS/EMR company and can tell you that while we are planning to meet as many of the MU regulations as possible, many of them do not even apply to any of the dentistry specialties. Without a clear path to certification and clear requirements, I’m not really sure how they are going to deal with specialities, let alone the dental one.

  • Thanks, John. I know a software developer or two who say the same thing. CCHIT certification looks like an expensive and futile bureaucratic exercise to a growing number of people who should know – even before eHRs are extended to the 160,000 or so individual dental offices in the nation – urban, rural and very rural.

    Nevertheless, the leaders of the Texas Dental Association don’t agree with our anonymous software developers. About the time you spoke with your friend, this was posted on the TDA Today online to help Texas dentists better prepare for receiving incentive payments to help pay for their paperless practices:
    ———–
    Texas Medicaid Electronic Health Record (EHR) Incentive Program

    This is the first in a series of articles to keep you informed of the Texas Medicaid Electronic Health Record (EHR) Incentive Program and continuing efforts to implement health information exchange initiatives across Texas. Future articles will focus on helpful reference web sites, health information exchange, meaningful use for dentists, certified EHR technology for dental practices, and other relevant topics of interest to dentists and health information technology (IT).

    Under the American Recovery and Reinvestment Act of 2009, eligible dentists can qualify for Medicaid EHR incentive payments when they adopt and use certified EHR technologies. Dentists may receive up to $63,750 over a 6-year period with the Medicaid EHR Incentive Program as long as they meet eligibility criteria. Texas Medicaid is planning to begin registration for the EHR Incentive Program in January 2011, with payments expected to begin around April 2011. First year incentive payments are available between 2011 and 2016, with the last year of incentive payments anywhere from 2015 to 2021, depending on what year the dentist started receiving payments. For Medicaid providers, eligible professionals do not need to report on meaningful use or clinical quality measures until 2012.

    Visit the Texas Medicaid Health IT webpage for more information, upcoming webinars, events, and answers to questions. To contact the Health and Human Services Commission with additional questions, go to HealthIT@tmhp.com or call (800) 925-9126. [I had no luck with the link, and I don’t do telephone].
    —————

    Note: There is a very good chance that the Texas Medicaid dental plan will become capitation – the cruelest but cheapest type of dental benefits plan made. Because of the unfair business model of Dental Health Maintenance Organizations, more money is made when clients stay away from contracted dentists. That is why DHMOs are shunned by dentists and patients alike. I don’t know any dentists who can tolerate 30% capitation in their practices.

    But then again, ARRA stimulus money might not make it even that far. Governor Perry has threatened to pull Texas out of Medicaid altogether. He also threatened to pull Texas out of the nation last year, so it’s hard to tell what he will do.

    In summary, the HIT industry says meaningful certification of eDRs is as unlikely as finding Medicare providers in Texas. Nevertheless, TDA officials say it’s a done deal, and promise more information about digitalization in a series of upcoming articles. I look forward to hearing more about the TDA’s plans. It looks like a dead end to me.

    I’ll contact the TDA to give them the opportunity to take part in this important and unprecedented discussion. Don’t get your hopes up. In five years of asking my professional organization questions about HIPAA and eDRs, all I’ve gotten are committee-approved talking points, if not silence. Surprisingly, TDA officials don’t talk with members about these things on the Internet, yet they encourage TDA members to buy into turning their practices paperless. The TDA is truly a fascinating study of a command-and-control institution wilting in the harsh light of transparency.

    D. Kellus Pruitt DDS

  • @Dr. Pruitt…

    “The TDA is truly a fascinating study of a command-and-control institution wilting in the harsh light of transparency.”

    Nice visual. Lots of others feed on us without addressing the facts except to spout talking points issued to them. Entities such as TDA is to create the impression by its members that it represents them when in fact it (like others such as AMA) are organized to keep members from having a voice snipping off debate when they issue nationally packaged talking points.

  • I know exactly what you are talking about, Don B. If you were in the TDA, what you just shared could draw an anonymous complaint that could eventually cause a member to be run out of the organization. I’ve seen it happen. The TDA doesn’t take criticism well.

    “Org charts worked in an older economy where plans could be fully understood from atop steep management pyramids and detailed work orders could be handed down from on high. Today, the org chart is hyperlinked, not hierarchical. Respect for hands-on knowledge wins over respect for abstract authority. Command-and-control management styles both derive from and reinforce bureaucracy, power tripping and an overall culture of paranoia. Paranoia kills conversation. That’s its point. But lack of open conversation kills companies.” Theses 49 – 52, from “The Cluetrain Manifesto” by Lavine, Locke, Searls and Weinberger, 1999.

    Those guys knew what they were talking about, but I’d say they were about a decade early for dentistry.

    I’m trying out a new tactic to perhaps draw other players into our conversation. Once again, no promises. This morning, I shared the last few posts on this thread with my State Representative, the Honorable Diane Patrick, House District 94.
    http://www.house.state.tx.us/members/member-page/?district=94

    Representative Patrick’s husband is a local dentist. I’ve heard her speak on several occasions to the Fort Worth District Dental Society. That’s what makes my statements about the TDA so special. Diane Patrick receives Den-Pac contributions from the TDA. Isn’t Internet transparency wonderful!

    Here’s how I introduced my latest message to Representative Patrick:

    Honorable Diane Patrick:

    Yesterday, I sent you a heads up about the imminent state crisis concerning extending electronic health records to dental offices. The unprecedented open discussion about this topic continues – plus an invitation to the Texas Dental Association to join in on the informal discussion. I know your husband is a dentist, so I’m pretty sure he knows what I’m talking about. Something’s got to give.

  • In the spirit of full disclosure… I am a member of ACHE an organization which not only fails to listen to its members … it doesn’t have an effective voice at the national health care table.

    One plus though… at least that way nobody makes promises to ACHE in return for it committing its members to nation wide lock-step sheepdom.

  • I’m putting a lot of hope on Internet transparency. Personal accountability seems much more likely to move mountains than talking points.

  • It remains purest when decisions are made to implement new technology based on it improving the practice’s ability to serve its patients AND its practitioners. Incentive payments from an entity who does not reimburse for dental services is the last reason to repaint the parking spots up front let alone implement an eDR.

  • I can’t believe it. Something’s wrong with my comment notifications. For some reason I didn’t get almost any of the comments that you guys posted above. In fact, the comment that I did post I did without reading the other comments since I usually get all new comments emailed to me. Hmm…I’ll have to look into what’s wrong.

    As Don B can tell you, I love to engage in the comments. Too bad I didn’t know.

    Anyway, one thing is clear from this discussion thread. Dental EHR is very different than medical EHR. I assumed so much was the case (in fact that’s partially why I’ve avoided it), but I appreciate your analysis Dr. Pruitt of a dental office and their use of EHR. It is unfortunate that there’s so little talk of dental EHR out there. I think open discussion is the key to really understanding the benefits and challenges of technology.

  • From John’s comment: “one thing is clear from this discussion thread. Dental EHR is very different than medical EHR.”

    Yes. Medicare doesn’t reimburse dental procedures unless they are a necessary component of an otherwise covered medical treatment. Since there isn’t a Denticare program (although most Medicare Advantage plans included dental coverage) so there is very little money to make … so there is even less money to leverage dentists to adopt something that would be devoid of anything MU after they get all the approvals for exceptions from MU criteria.

    I actually think the result is actually far healthier. Dentists will adopt eDHR for the right reasons not the artificial manufactured MU determinations of ONC.

    We missed you today on this John … but at 23 posts I really feel we actually hit every aspect of this issue. Maybe you can get Margalit to write something on it. That way Dr. Pruitt can really nail his TDA with someone with real credentials.

  • Once again, John, you’ve done a great job with the EMR and HIPAA forum. You’ve got talent. Don B. your insightful contributions were right on the mark as far as I’m concerned. I want to thank both of you for your consideration of dentistry’s problem with current electronic health records. Communicaton is indeed the key to solving problems.

  • Since you have taken an interest in dentistry and electronic health records, let me offer you my thoughts on password protection.

    “ADA Tip: Password protection is the responsibility of each workforce member. Strong alphanumeric passwords provide a strong defense against unauthorized electronic system intrusion. Passwords that cannot be guessed, that are not publicly posted, and that are changed on a regular basis will help your practice avoid the occurrence of security incidents.” – 2010 ADA Practical Guide to HIPAA Compliance, Chapter 4, page 26.

    Not so fast, ADA.

    I read a recent article on lifehacker.com titled “How to Break into a Windows PC (And Prevent It from Happening to You).” The unnamed author tells a different story.
    http://lifehacker.com/5674972/how-to-break-into-a-windows-pc-and-prevent-it-from-happening-to-you

    Apparently, if a healthcare provider’s office computer runs on Windows and it is not encrypted, password protection is worse than ineffective security. Passwords are false security. If lifehacker.com is correct, all a dishonest employee needs to download thousands of patient identities to sell for a few hundred bucks is a Linux CD and 10 minutes of snuggle-time with an office terminal.

    What’s more, it is unlikely that if the thief will ever be caught if he or she sports common sense. Months or years following the silent heist, the doctor could learn of a rash of neighborhood identity thefts from a federal investigator with a badge – waiting in the reception room for the doc’s next break between patients. Please remember this gaping hole in security the next time a HIT stakeholder like the ADA assures Americans that HIPAA is swell protection from identity theft. HIPAA empowers identity theft. The amendments to the 1996 Rule in 2002 gave too much away to campaign contributors, in my opinion.

    Now then. Since you’ve made it this far, is anyone ready to consider a different path to the benefits of electronic dental records? It’s called de-identification.

    My goal has always been to stimulate open discussion of de-identifying dental records because it is soo common sense to remove fuses from bombs. In 5 years, I’ve had very little success attracting sincere discussion about de-identification other than privately. Nevertheless, over the years I entertained an adequate amount of ridicule that stopped a few months ago. Like Charlie Brown and his persevering faith in the Great Pumpkin, I’m resolute.

    Physicians might not be able to get away with sidestepping HIPAA and data-breach liability using de-identification because it is soo easy to re-identify owners of medical records. And insurance company CEOs who don’t know the difference between cost control and quality control will fight de-identification of dental records before giving up the exclusive right to bend proprietary algorithms toward bonuses.

    Here comes the pitch:

    Is America interested in better dental care through a transparent 2.0 platform that incentivizes value-based competition for dental patients instead of paid ads? I have a better solution than HIPAA: Drop the PHI identifiers from dental records and store volatile health histories on one or two well-guarded flash drives. It’s that simple. Want to see miracle discoveries in dentistry? Offer the boring but safe raw, de-identified dental data to anyone who cares to perform Evidence-Based Dental research. Interoperability will still be incredibly tedious and expensive, but at least the effort won’t be doomed by dangerous and expensive HIPAA regulations.

    So how about it?

    Imagine the incentives for self-improvement if dentists could privately compare their treatment results with competitors’ – without risk of harming their patients or practices – on an “opt-in” basis rather than a mandated fantasy of a “pay-for-performance” model run by stakeholders with investors to answer to.

    If our grandchildren are to benefit from unbiased Evidence-Based Dental research mined from facts rather than manicured dental claims, passwords won’t allow them a return on ARRA investment and encryption is just one more layer of expensive and futile complication.

    I’m thankful I’m not shopping for an electronic dental record system. Today is Black Friday.

    D. Kellus Pruitt DDS

    Oh, yeah, I hope you had a happy Thanksgiving, Don and John.

  • Dentists can qualify as eligible providers for ARRA incentives !!!

    My personal background is medical administration and operations, where I know first-hand how office staff and physicians cringe at the thought of changing an environment that’s been working for years. All of our clients, including Dentists, Endodontists, Periodontists, Implant Surgeons and more are extremely pleased that they made the transition to an EMR solution like FirstEMR.

    The benefits to your office are numerous and too many to mention here; but, please take into account the following:

    1. Never having to worry about compliance issues, as we are 100% compliant with all standards and formats that CMS is mandating.
    2. Greatly reduce or even eliminate human error. Some offices have brought back billing into their control and terminated the outsourcing.
    3. Facilitate lab and prescription orders. Offices using e-scribe services are already on board into accepting the benefits of an EMR.
    4. Simple and efficient scheduling. The reception and schedulers are not tied to the telephone, fax and charting tasks as well as insurance verifications.
    5. No fumbling for charts, paperwork, etc. (significant cost savings)
    6. Gain 15+ hours per week, back!

    Again, there are too many to list here, but contact me anytime for a quick on-site or online demonstration and let us prove to you that FirstEMR is the most appropriate solution to meet your required EMR needs.

  • Thanks for your response, Robert Evans.

    As I read your list of 6 rationalizations for electronic dental records here on the EMR and HIPAA forum , it occurred to me that you haven’t had a chance to read my detailed post on this thread from November 22 (Number 14) in which I de-bunked 28 similar myths – substantially including your 6. But since I never tire of doing this, let’s once again go through the details of a popular national blunder in dentistry you and other well-intentioned stakeholders in the HIT industry were sucked into.

    “My personal background is medical administration and operations.” That would explain your misconceptions about EHRs in the unique field of dentistry.

    For your first mistake, you say “Dentists can qualify as eligible providers for ARRA incentives !!!” You really should have gone on to explain that for a dentist to qualify for the stimulus money, 30% of his or her practice has to be from Medicare/Medicaid. Since you surely should have known that, to fail to mention it could easily be interpreted as deceptive.

    This is just a guess, but I’d say less than 10% of the dentists in the nation in private practice would make it on that qualification alone even if it made business sense to accept government money and the expensive demands that come with it. Since you are in the EHR business, you may have more accurate figures on that. What’s more, our grandchildren’s money will be gone long before the stimulus makes it to dentistry. You should already know that as well.

    “All of our clients, including Dentists, Endodontists, Periodontists, Implant Surgeons and more are extremely pleased that they made the transition “ All of them, Robert? Really?

    This forum right here is full of stories about disappointed providers – perhaps other than your clients – who are finding huge problems with the transition. De-installations are far too common. It seems like a while back it was close to 30%. Then again, since you are in the business, you probably have more accurate figures for that as well.

    Even the stimulus money isn’t sufficient subsidy for physicians to realize a return on investment in EMRs. And virtually nobody is interoperable as planned. That means the office tools you sell raise the cost of healthcare rather than lower it. What’s more, physicians stand to benefit from interoperability much more than dentists regardless of stimulus money. And if a dentist can’t expect ROI from an office tool, it’s called a hobby.

    By the way, have you looked at the Stage 2 Meaningful Use requirements that stand between dentists and disappearing ARRA money? Well-meaning outsiders with plans for the common good just don’t realize that someone has to enter every piece of irrelevant detail about dental patients that CMS requires in order to receive full payment.

    It’s a trap, Robert. And it’s not very well hidden. Dentists don’t take candy from strangers.

    “The benefits to your office are numerous and too many to mention here; but, please take into account the following”:

    1. Never having to worry about compliance issues, as we are 100% compliant with all standards and formats that CMS is mandating.
    – You are 100% scary. As long as a provider stores or transmits electronic PHI he or she clearly must be concerned about HIPAA compliance issues. What’s more, as a Business Entity for the dentists you serve, if your computer system is hacked or someone on your end otherwise fumbles or steals 500 or more of a dentists’ patients’ PHI, all of the dentist’s patients must be notified of the danger of identity theft. In addition, federal law stipulates that news of the data breach must be broadcast as a press release in the dentist’s local media. This can easily bankrupt a dentist… You just had to know about this before today.

    Your compliancy claim is not only wrong, but it is irresponsible and unethical advertising. You are not 100% compliant. Since the Rule is intentionally vague, nobody is. Get that garbage out of here!

    2. Greatly reduce or even eliminate human error. Some offices have brought back billing into their control and terminated the outsourcing.
    – Are you kidding? Eliminate human error? Someone put you up to this didn’t they. And “outsourcing”? Once again, this is misleading and irresponsible information, Robert. What about keystroke errors? Only frustrated vendors wish computers would replace human intelligence.

    3. Facilitate lab and prescription orders. Offices using e-scribe services are already on board into accepting the benefits of an EMR.
    – So does this mean that when the lab delivery person comes to my office to pick up plaster models of a patient’s teeth, the prescription for the restoration must be sent separately by email instead of inserting a short hand-written note in the package… with the relevant patient’s models?
    – I don’t sign enough prescriptions to make e-prescribing worth it. I really, really don’t. So how expensive would you make dental care?

    4. Simple and efficient scheduling. The reception and schedulers are not tied to the telephone, fax and charting tasks as well as insurance verifications.
    – That’s never before been a significant problem. Dental offices were run surprisingly efficient for decades before computers were around. Since dentistry is intricate handwork, the bottleneck in dental offices isn’t the front desk. It’s the dentist.
    – What’s so wrong with telephone and fax, by the way? One doesn’t have to be a HIPAA-covered entity to use those tools.
    – As for insurance verification, is the EDR intended to help the patient or the insurance company?

    5. No fumbling for charts, paperwork, etc. (significant cost savings)
    – Prove it.

    6. Gain 15+ hours per week, back!
    – Where did find this chunk of information? Please don’t insult us with wild, irresponsible statements to improve sales of your product. That would be unethical.

    “Again, there are too many to list here, but contact me anytime for a quick on-site or online demonstration and let us prove to you that FirstEMR is the most appropriate solution to meet your required EMR needs.”

    Did you intentionally say my “required” EMR needs? You wouldn’t be implying that EMRs are somehow “mandated” in dentistry are you, Robert? That would be called a rookie mistake and you would be about a year behind information published in the ADA News, which was wrong to mislead members on this point in 2008.
    http://www.ada.org/5348.aspx

    Rather than contacting you for a quick on-site or online demonstration, I’ll do you one better. I am to be interviewed on “The Whole Tooth” blogtalkradio on May 31 concerning the future of EHRs in dentistry. It promises to be an unprecedented discussion about the obscure topic, and is certain to be educational to thousands of dentists who have been misled for years about HIPAA and EDRs.
    http://www.blogtalkradio.com/thewholetooth

    When the time comes, a telephone number will be provided for live questions. I invite you to call in, Robert, and we can discuss EHRs in dentistry before an audience of around 15,000.

    D. Kellus Pruitt DDS

  • D. Kellus Pruitt,
    Sounds like Robert Evans doesn’t have anything to meet “your required EMR needs.”

  • Dear John and Internet Blog Officer Pruitt:

    I did not realize I was asking for extreme critique to my generic advert posting – which is why I asked readers to send questions and inquiries. If this was a CraigsList posting, I gather I would have been flagged for irritating you, mispelling something or being grammatically incorrect too.

    My advert posting provided numerous leads, two of which are Maxillofacial Surgeons in dental practices who are reimbursed by MCare. I will tune in to your talkradio blog, and yes, will become educated and will take notes; thank you for the invite. I sincerely wish you and everyone are having a wonderful evening.

    Robert

  • Dang, next time I’ll have to charge you for the advert. I’m glad to hear it was effective for you. We do have some of the best readership when it comes to EMR software on this blog. Although, readers like D. Kellus Pruitt and many others do keep us all (myself included) honest in the comments we post.

    Welcome to blogs!

  • Agreed, John.

    I wasn’t being deceptive or dishonest – simply posting an advert and receiving responses/leads. I agree with Pruitts information and wasn’t intending to provide a complete listing of data – simply a blurb to get inquiries (successfully so).

    That is why I will listen to his blog as well as read other sites.

    Robert

  • Yeah, I actually almost deleted the whole comment because it was an advert. I gave you the benefit of the doubt since it was your first comment. We certainly welcome you to join the discussion and people can click on your name if they like what you say.

  • John, I’m always thankful for your open-minded, patient confidence that comes with your years of experience in the HIT industry. What do you say we turn this discussion in a positive direction? That would be away from politically-correct mistakes of the past, around current insurmountable regulatory obstacles and toward a bright and profitable future for alert EDR stakeholders and common sense. I’ll keep this comment much shorter than the last one. And much sweeter.

    For years, I’ve fruitlessly shopped an under-appreciated winning business idea that dental history will prove was ahead of its time – simple de-identification of electronic dental records. As a matter of fact, I’ve discussed this idea on this forum somewhere at least once.

    Like gravity, it is inevitable that sooner or later the huge liability of data breaches from dental offices will be almost entirely eliminated – causing the dental HIT market to open wide not because of mandates, but because of dentists’ natural desire to rid themselves of paper dental records because paper will be thousands of times less secure than de-identified electronic dental records.

    As you can see, I happen to think the leap in progress will be directly attributed to de-identification – a solid, common sense solution. It’s a latent crowd pleaser.

    Not long from now, someone with HIT knowhow, common sense and an ability to think laterally will recognize this under-the-radar opportunity and will be the first to enter the dentistry niche with the next generation of electronic dental records… or not.

    For those who may be interested in de-identification or other EHR topics I intend to discuss on The Whole Tooth Blogtalkradio show on May 31 (7:00 PM Fort Worth time), allow me to provide a preview. A few days ago I filled in the blanks on an information sheet I was asked to submit. Here is my description of the program and questions I’m prepared to answer (if there’s enough time).
    http://www.blogtalkradio.com/thewholetooth
    ——-
    Get Results Marketing and Business Coaching
    The Whole Tooth™ Interview Information

    Interviewee Name: Darrell K. Pruitt DDS

    Topic Title: Dentistry’s Low Hanging Fruit – What We Fix First

    Description: Dentistry has long been an obscure niche in healthcare. As a consequence, the needs of dentists and patients have been virtually ignored by those who set national HIT standards and goals. In 2004, President Bush hastily committed tremendous government resources to developing a national system of interoperable digital health records for all providers by 2014. As it turns out, 2014 was overly ambitious for hospitals and physicians who need EHRs much more than dentists.

    Paperless interoperability with dentists is nothing more than a dead politically-correct fantasy. If dental patients are ever to reap the latent benefits of Evidence Based miracles divined from data mining dental patients’ treatment histories on an internet platform (in real time) – with permission from dentists and patients of course – it’s time for dentists to ignore committee solutions that don’t fit our patients’ needs. It’s time to distance dentistry from the bi-partisan HIPAA blunder. Think laterally.

    Please list the top five-eight questions/points you’d like to discuss during your interview.

    1. What went wrong? – Why didn’t dentists jump on board as planned?
    2. Do dental patients prefer their dentists to be paperless or not? – Does it matter?
    3. If no progress is made towards interoperable dental records, what will we miss?
    4. How important is security to dental patients today versus tomorrow?
    5. How important is security to dentists today versus tomorrow?
    6. Is encryption the answer to the increasing liability of data breaches from dental offices?
    7. Is de-identification of dental records a possible solution to the liability of data breaches?
    8. Is a “hybrid,”computer/fax system a possible solution to interoperability with almost all dentists?
    ———
    Hope you can make it. The depth of my West Texas drawl simply cannot be appreciated no matter how slowly I type.

    Darrell

  • @Dr. Pruitt … POW x 6.

    @Robert Evans …

    “I wasn’t being deceptive or dishonest – simply posting an advert and receiving responses/leads.”

    I guess it’s okay to post smoke and marginal to totally erroneous material … unless you get caught at it.

    How many hundreds of EMR vendors do the very same thing every day when they approach a practice promoting the selection of their box?

  • I love when old posts comment sections get revived. I’m glad I haven’t disabled the comments on old posts on this blog.

    D. Kellus Pruitt,
    I’m not sure I follow you on how you want to de-identify the EDR records. Can you explain more? I know about de-identification, but I’m not sure how you would implement it and what benefits it would have.

    I think you also overstate the liability of an electronic record. Yes, everyone (but me) has to grandstand about the importance of privacy, when the reality is that 99.9% of people will never have any issue with it. That includes patients and doctors.

    Don B,
    It’s been too long since I’ve written about one of my favorite topics: EMR Sales Miscommunications (some might call them lies, but I’m more generous).

  • You’re a national treasure, John.

    My idea for de-identification of dental records is just common sense and very simple. In most dental offices, there are only one or two people who need to know social security numbers, birthdates, addresses and other PHI items to do their work. Assistants, hygienists and others have no need for this volatile part of a dental record. So logically, rather than maintaining the unprotected PHI on computers which can be viewed and downloaded by virtually anyone – including hackers – such information is simply unavailable except on a limited number of easily guarded flash drives. If information is not available, it simply cannot be stolen. That beats the hell out of encryption.

    As far as discounting the liability of maintaining patients’ privacy, John, you are surprisingly wrong. It takes very little research to recognize that data breaches are only getting worse and the penalties even worser. Besides. It’s not what you and I think of privacy, it’s what patients think. It’s obvious that if Americans don’t trust the safety of the information they leave on EHRs (which they don’t), the data will be worse than worthless, it will be dangerous.

    By the way, where did you get the 99.9% figure? I think in the last 5 years almost half of Americans have had their identities compromised, and more than half were through healthcare entities. I’m pretty sure the Ponemon Institute has that data. Regardless, at this point it’s common knowledge that 0.1% would be a flamboyant underestimate.

    Darrell

  • Here’s a unique safety feature of de-identified dental records that I’ve barely mentioned. It’s sort of neat – if you’ve got a second.

    Years ago when I discussed the idea of de-identifying EHRs to the head of a hospital HIT department, he replied that his greatest fear would be to lose the reference key – leading to a million de-identified medical records belonging to a million possible owners. No kidding. Imagine the permutations!

    When it comes to identities, dentistry is a truly unique niche in the HIT world.

    If for some freak reason, a dental office lost its flash drive(s) connecting thousands of dental records to the correct patients’ PHI, what could a dentist possibly do to sort out the mess?

    Here’s a big hint: They are dental records. There’s an app for that. It’s called WinID and it is used regularly in forensic dentistry to identify bodies in mass disasters when anti-mortem dental records are available.

    How handy is that? To match a mystery patient to her chart, you don’t even have to know her name. You simply examine her mouth – calling off restorations and missing teeth to the assistant who enters the data into the computer. “Number 2, MOD amalgam. Number 5, missing. Number 12, buccal composite… Bingo! We found you, Mable Smith!” It’s that easy.

    I think statistically, if one had 3000 mystery patients, most could be positively (and legally) ID’s within 4 pieces of information and in less than 10 seconds. It’s an incredibly handy tool for unlikely events.

    This brings me to a huge benefit of de-identification of dental records over encryption. If there is a screw-up with impenetrable encryption, ALL data is lost. Now that’s scary!

  • I think you’re misunderstanding how most people use data encryption with an EHR. The data isn’t lost if you lose the encryption key. Most encryption in healthcare just encrypts the data as it’s being transported. There is certainly other types of encryption as well, but this is the most common one being referenced.

    I’m not arguing that data breaches aren’t happening. They are happening all over the place. Although, my point is that most people are concerned with financial data breaches much more than healthcare ones. I haven’t seen any hard numbers on financial vs health data privacy breaches, but it would be interesting to compare. What I am sure is that financial breaches make big news, but most healthcare breaches that are happening probably aren’t even being reported on. There are a few big stories where a hospital loses hundreds of thousands of names or something, but we’re missing the likely larger one off cases. Why? Cause most people don’t seem to care? Cause it’s harder to track?

    Ironically, I have an article in the hoppers about a healthcare data breach coming soon;-)

    To be clear, privacy is an issue and should be an important part of any record and program. I’m just saying that I think the description of patient upheaval over privacy is usually overstated. We all want it, but not enough to really do much about it.

    I’m still not sure I totally get your de-identified scenario. I’d have to think through how that would work for those that need to see the patient, but somehow didn’t have the identifying information. Although, like you said, dental records are different since they are so unique that they can be identified with a simple app.

  • I guess I indeed misunderstand today’s encryption. My bad.

    It seems to me that if patient data is encrypted at rest as well as in transit, then stolen laptops and even hackers would not be a threat to patients’ financial security as well as privacy – and don’t discount the public’s increasing demand for privacy. As I said. If the public doesn’t trust their secrets to physicians’ digital records, EHRs will be even more dangerous than they are already. If one steals a person’s insurance identity for $50,000 worth of heart surgery, allergies and other important health information can be undetectably altered to suit the thief. Privacy is more than just protection from inconvenient embarrassment.

    By the same reasoning, I suppose I naively assumed if one’s medical records are encrypted and for some reason the key to the encryption is lost, the records would be lost as well. So where am I missing that point? I suppose the fact is, very few physicians are encrypting their records. It’s even less common in dentistry – even though it’s been long recommended by the American Dental Association.

    I think HHS missed an opportunity to protect Americans a couple of weeks ago when they failed to change the status of encryption from an addressable implementation to a HIPAA requirement in the upcoming omnibus final rule. I certainly hope encrypted medical records are mandated before DNA codes become searchable on the internet. You can bet North Koreans won’t be as vulnerable as technologically advanced Americans… Sorry, I wandered off topic.

    The point I’m desperately trying to make is ALL of physicians’ patient records contain valuable financial and personal information that must be protected and that is simply not being done successfully. What’s more, virtually everyone in a physician’s office needs unfettered access to patients’ sensitive medical histories to carry out their duties. On the other hand, the treatment records in a dental office that staff depend on are hardly interesting to any outsiders other than geeky researchers. What’s more, by storing medical histories and PHI where they are inaccessible via the internet, it would relieve 170,000 small businesses from virtually all of the increasingly expensive and futile HIPAA Rule.

    As you mentioned, de-identification is not a new idea. In 2003, HHS stated that the HIPAA Privacy Rule requirements do not apply to de-identified information:
    http://cphs.berkeley.edu/hipaa/hipaa18.html

    To take advantage of HIPAA’s safe harbor of de-identified records requires that each of the following 18 identifiers of the individual or relatives, household members or employers must be removed from medical record information in order for the records to be considered de-identified:

    1. Names;
    2. All geographical subdivisions smaller than a State, including street address, city, county, precinct, zip code, and their equivalent geocodes, except for the initial three digits of a zip code, if according to the current publicly available data from the Bureau of the Census: (1) The geographic unit formed by combining all zip codes with the same three initial digits contains more than 20,000 people; and (2) The initial three digits of a zip code for all such geographic units containing 20,000 or fewer people is changed to 000.
    3. All elements of dates (except year) for dates directly related to an individual, including birth date, admission date, discharge date, date of death; and all ages over 89 and all elements of dates (including year) indicative of such age, except that such ages and elements may be aggregated into a single category of age 90 or older;
    4. Phone numbers;
    5. Fax numbers;
    6. Electronic mail addresses;
    7. Social Security numbers;
    8. Medical record numbers;
    9. Health plan beneficiary numbers;
    10. Account numbers;
    11. Certificate/license numbers;
    12. Vehicle identifiers and serial numbers, including license plate numbers;
    13. Device identifiers and serial numbers;
    14. Web Universal Resource Locators (URLs);
    15. Internet Protocol (IP) address numbers;
    16. Biometric identifiers, including finger and voice prints;
    17. Full face photographic images and any comparable images; and
    18. Any other unique identifying number, characteristic, or code (note this does not mean the unique code assigned by the investigator to code the data)
    —–
    If medical records could be as easily de-identified as dental records, a national plan would have been in place long ago. Even now, people much smarter than me are striving to make de-identification of medical records safe – if just for the fantastic research opportunities. As one can see from the list of 18 identifiers that can be used to cross-reference the owner of a medical record, de-identification of medical records is a dangerous task. Compare the risk of re-identifying someone with AIDs to the liability of exposing the state of disrepair of a completely untraceable person’s teeth.

    When one gets a $200 filling it doesn’t leave much of a paper trail, even if anyone were interested.

    As for the medical history portion of a dental patient’s record, I would suggest maintaining the mostly one-page paper records in a clunky metal filing cabinet. Think about it. Most dental offices typically treat less than a dozen patients a day so the argument that too much time is wasted searching for and filing charts has always been nonsense. Besides. Filing cabinets are not going to disappear from paperless practices. They’ll just occupy much less floor space.

    “I’d have to think through how that would work for those that need to see the patient, but somehow didn’t have the identifying information.”

    Perhaps I over-sold the WinID app. WinID software would certainly work well as a secondary form of identification for the patient in the chair, but I didn’t intend to suggest that it would be the only way to match a patient to his or her record. Many patients who haven’t been seen more than once or twice might not have enough data on their records to make identity possible.

    In the event that common sense fails to take hold in dentistry, and patients’ first and last names aren’t permitted as identifiers on their electronic dental records, an in-house reference number can be posted on the chart which automatically pulls up the patient’s PHI from a well-guarded flash drive in the USB port.

    What’s more, if HHS would consider de-identified dental records as much more benign than even de-identified medical records, not only would dental researchers have unprecedented resources for divining solutions to dental problems, but dentists could easily share records with others – including the patients themselves – without incurring expensive and tedious HIPAA documentation obligations.

    Sorry. There I go again.

  • I work at a company called MacPractice and we offer a complete EDR and practice management software for dentists, designed specifically for Macs. MacPractice DDS 4.1 is 2011/2012 compliant and has been certified by CCHIT, an ONC-ATCB.

    Please feel free to go to http://www.MacPractice.com to register to view demos of our software, and to have a local sales rep contact you, if you wish.

    I’ve enjoyed reading all of the comments in the above post and, by no means, do I want to stir the pot! I merely want to mention that there is another EHR option out there for dentists! =)

    Thank you!

  • Dr. Pruitt …

    I still remember what you said two months ago in post #37 … you just simply wouldn’t include the key personal information together with the rest of the electronic record:

    “My idea for de-identification of dental records is just common sense and very simple. In most dental offices, there are only one or two people who need to know social security numbers, birthdates, addresses and other PHI items to do their work. Assistants, hygienists and others have no need for this volatile part of a dental record. So logically, rather than maintaining the unprotected PHI on computers which can be viewed and downloaded by virtually anyone – including hackers – such information is simply unavailable except on a limited number of easily guarded flash drives. If information is not available, it simply cannot be stolen. That beats the hell out of encryption.”

  • No paper record can be made secure either. So, maybe we should stop documenting health information at all.

    If you remember some other posts I did, they point to the breaches mentioned not really having anything to do with an EMR system. Instead, they were often lists of insurance information or patient records sloppily stored on a laptop.

    I’m not saying security of EMR software isn’t a potential issue, but it’s far less of a security risk than a lot of other ways that your health information is going to get out.

    It is also very true that when a breach happens in the electronic world it’s often at a much larger scale than the paper world.

  • “No paper record can be made secure either. So, maybe we should stop documenting health information at all.” You’re joking, right?

    For a thief to steal my patients’ identities from my practice, it would take a very quiet crew with dollies to quickly move 3 noisy sheet metal filing cabinets weighing a few hundred pounds each down a flight of metal and concrete stairs to a waiting truck without someone noticing. And then, before quietly returning the file cabinets up the metal and concrete steps to their original places – and in correct order – a pool of assistants would have to accurately convert thousands of handwritten patients’ PHI into digital format.

    On the other hand, a hacker can not only steal tens of thousands of patients’ digital, ready-to-use PHI in seconds from anywhere in the world, but nobody will know of the heist until fraud investigators show up in the dentist’s waiting room.

    So why would an identity thief target paper records in a dental office?

    As a dentist, I assure you that paper dental records are not only safer than digital, but they are cheaper as well. And as anyone can see from following the news about EHRs, the cost of HIPAA compliance continues to rise.

    Darrell

  • You had me worried, John. I thought you had gone over to the dark side.

    Here’s something interesting that I’m working on. On May 25th, the President of the American Dental Association, Dr. Raymond Gist, opened a Facebook.
    https://www.facebook.com/pages/Raymond-F-Gist/165275266868843

    Why? I don’t know. When I came across it a couple of weeks ago, I became his second friend (now he has 8), and posted my simple question about the safety of EDRs versus paper. Since he has chosen to ignore the controversy, I’ll be posting Jim Pyles’ comment (#43 above) on his Facebook sometime today.

    I’ll probably post it on Sharecare.com Facebook as well. The ADA’s Chair of the Electronic Health Record Workgroup, Dr. Robert Faiella, is an ADA-approved Sharecare expert who has ignored my questions about HIPAA and EDRs for years. Like the President, ADA Trustee Faiella also refuses to respond to the ethical question about patient safety. What’s that tell you?

  • Just as promised, the following is an open letter I posted on ADA President Dr. Raymond Gist’s Facebook questioning leadership’s support of increasingly controversial electronic dental records.
    https://www.facebook.com/pages/Raymond-F-Gist/165275266868843
    ————
    Dear Dr. Raymond Gist,

    The question I optimistically asked you two weeks ago concerning the safety of EDRs compared to paper dental records was answered on Thursday by privacy attorney, Jim Pyles:

    “Congress, the Government Accountability Office and the Department of Health and Human Services now all agree that electronic health records are NOT more secure than paper records. HHS has conceded that no electronic health information system can be made secure.”
    http://medicalexecutivepost.com/2010/06/07/dental-consultants-say-the-most-incredible-things/#comment-10213

    Coincidentally, according to an article that appeared on Friday in the ADA News titled “ADA urges withdrawal of ‘access report’ proposal,” you and other ADA leaders recently had the opportunity to choose between supporting EDR stakeholders’ interests or dental patients’ right to know who accesses their PHI.
    http://www.ada.org/news/6075.aspx

    According to staff reporter Craig Palmer’s words, you arguably chose to side with stakeholders rather than principals: “The Association urged the federal Office for Civil Rights to withdraw a proposal that would give patients ‘the right to receive an access report indicating who has accessed electronic protected health information in a designated record set.’”

    In my opinion, you blew it. And for what? Why abandon the Hippocratic Oath as well as the ADA mission for dangerous, superfluous communication tools? EDRs have always been more expensive than paper records – even before the added cost of transparency with those whose privacy is at risk. You’re heading in the wrong direction, Dr. Gist. You simply must know this by now.

    There is no other way to put it: As President of the ADA, you co-signed a letter to the ONC declaring that the ADA has withdrawn support of consumers’ rights to information which might lead to the sources of identity thefts. Please. We must talk.

    D. Kellus Pruitt DDS

Click here to post a comment
   

Categories