The pMD Blog

Welcome to the
pMD Blog...

where we cover interesting and relevant news, insights, events, and more related to the health care industry and pMD. Most importantly, this blog is a fun, engaging way to learn about developments in an ever-changing field that is heavily influenced by technology.

Weekly Byte: The Dreaded Security and Compliance Questionnaire
While evaluating pMD, health systems and other large enterprises often ask us to fill out security and compliance questionnaires. Overall these are more similar than different. For example, "Do you allow users to share accounts?" and "Do you encrypt protected health information in transit and at rest?" show up nearly every time. Even though the questions are mostly boilerplate and our answers are strong, I used to dread the task of filling out the spreadsheets, if only because they tend to be so long. It's not unusual to see several hundred questions.

But I've actually enjoyed working through the last couple of compliance questionnaires that came along. It's fun to get a chance to show off in the areas where we're exceptionally strong. For example, how many other companies can confidently say that they have two-factor authentication turned on for 100% of their corporate email accounts? How many can hot-switch from one datacenter to another if needed, any of which is fully capable of serving all of their customers? How many automatically prevent users from choosing complex but easily-guessed passwords such as "Password123!"?

Some of the survey questions are almost whimsical - for example, one asked whether data backups are stored on magnetic tape. Who does that anymore?! Another asked which departments are represented in our compliance policy review committee, and also the membership of the committee responsible for overseeing the compliance policy review committee. I had to remind myself that most of the vendors that this enterprise works with probably have more than thirteen employees.

Humor value aside, I always find at least a few insightful questions from each enterprise that challenge how we think about security. We don't always approach thorny compliance challenges in the same way as another organization, but it's healthy to have to explain why and to always evaluate our approach for any blind spots. As with other parts of the sales process, hearing these concerns expressed (even in spreadsheet form) makes us more sensitive to our customers' needs. I say keep 'em coming!
5G ACA Account Management ACI adoption Advancing Care Information AHCA AHRQ AI Alternative Payment Model Amazon S3 Android API Apple appointment reminders Artificial Intelligence arts Audit Bay Area BCRA Best Place to Work Best Practices Big Data bootcamp BPCI BPTW Bundled Payments Business relationships Care Communities care coordination Care Navigation Care Team Career Fair CDC Charge Capture Charge Capture App Charge Capture Software Charge Capture Solution Charge Capture Statistics Charge Lag CHIP CIO Clinical Communication clinical data Clinical Data Registry Clinically integrated network Cloud CMS cms regulations Collaboration Communication Company Culture Conferences Connected Health Record contact practice Coronavirus COVID-19 COVID19 Cross-functional culture custom reports Customer Interaction customer relations customer service customer success customer support Customers Cyber Security cybersecurity Developer DHHS Dialysis discharge instructions EHR elderly Electronic Charge Capture Encryption epidemic Expansion FDA FHIR Flu fundamentals GI GI Outlook Goals group messaging Health Care Health Care Technology Health Care Web health data Health Information Exchange Health Record Healthcare healthcare interface healthcare interface integration healthcare software HIE HIPAA hipaa compliant communication hipaa compliant communication platform HIPAA-Compliant HL7 Home dialysis Hospital Census Hospital Communication humanity IA ICD-10 ICD-11 Implementation Improvement Activities in-app calling Instant capture Integration interface interoperability iOS iOS 8 iOS7 iPad iPhone iPhone 6 Lead Generation length of stay Long Term Care LTC Machine learning MACRA Medaxiom Medical Billing Medical Errors Medical Software Medicare Mental Health Mentorship Messaging Messaging with Patients MGMA MIPS MIPS Registry mobile Mobile App Mobile Charge Capture Mobile EHR Mobile Health Mobile Messaging Mobile security Mobile Technology Modern Healthcare Native App Network new feature new features news NIH OCM onboarding Oncology Care Model operations opioid crisis Pandemic Parenting partnerships Patient Patient access Patient App Patient Care Patient Chat Patient chat routers Patient Communication patient data Patient Engagement patient experience Patient Generated Health Data Patient Handoff Software Patient Information Patient Messaging Patient Safety patient support Patient Visits Patient-Centric PCP Performance bonus pmd pMD Team population health Population Health Management PQRS Product Development Productivity products Promoting Interoperability QCDR QPP quality reporting Quality Scoring Recruiting Recruitment Reimbursement remote jobs Remote Work reports Residents Responsibility ROI Rural communities Sales Secure Communication Secure Data Secure Messaging Secure Messaging Video Secure Text Messaging Secure Video Secure Video Chat Security Audit self care seniors SF Biz Times SNF SOC 2 software vendor Specialty Care success support TCM Team culture Teamwork technology telehealth Telemedicine telemedicine in long term care Telemedicine skilled nursing facilities Teletherapy Text Messaging texting training Travel Upgrades UX Design VA Value-based care Video Calling Video chat video communication video conferencing Virtual Care Virtual Visit voice calling voice memos Wearable Device wearing many hats Web App wellness wfh Wireless Work From Home Work Life Balance