Thanks to Bianca Biller, who shared information about the new Practice Management System Accreditation Program (PMSAP). The accreditation was developed through a partnership between EHNAC and WEDI. Three vendors (GE Healthcare, Medinformatix, and NextGen Healthcare) will be participating in a pilot program.
The program’s web page says the program “reviews the key functions of portability, interoperability, clinical integration, compliance monitoring, billing, reporting, and industry certification/accreditation” and that it will serve “as a baseline standard for providers in the process of PMS vendor selection and KLAS reviews.”
Although I like the idea of a program to ensure practice management systems meet the baseline needs of practices, I worry about yet another certification program whose hoops vendors will have to jump through. They can barely keep up with Meaningful Use, ICD-10, and CMS rules. Now we’re going to throw another set of requirements at them.
I also wonder whether practices will really find the separate certification of practice management systems to be meaningful. Many sites use systems that have combined practice management and EHR features. I doubt the lure of PM certification would be enough to convince physicians to consider changing systems when they are still struggling to attest for Meaningful Use. For those who may use separate EHR and PM systems, interfacing is a challenge that most wouldn’t want to repeat with a new vendor.
There are also the vendors that don’t allow interfacing with other systems. Others require you to purchase their PM system with the EHR and most physicians don’t have enough spare cash lying around to purchase a separate PM and interface it. On the other hand, if there is anyone who wants to make a change in their systems, transitioning from one PM system to another is often easier than trying to do an EHR conversion.
I downloaded the criteria document. Some of its elements include:
- A diagram of “all sites that create, receive, maintain, or transmit PHI for the delivery of the services provided, whether company sites or outsourced organizations.”
- Determination of the candidate’s status as a Covered Entity, Business Associate, etc. under HIPAA.
- PHI disclosure and protection policies.
- Controls against malware.
- Documented customer service and escalation policies.
- Minimum availability and redundancy to assure 98 percent system access.
- Capacity monitoring and plans for handling peak load.
- Compliance with applicable federal and state requirements and regulations.
- Offsite six-month backup archive, storage, and retrieval capacity for all batch transactions with progress toward a seven-year back-up archive.
- Ability to regenerate transactions going back 90 days within two business days.
- Intrusion/attack monitoring capabilities.
One of my favorites is the requirement that “candidate must have sufficient qualified personnel to perform all tasks associated with accomplishment of the stated mission.” In speaking with most of my ambulatory-based colleagues, many feel their vendors are understaffed and overwhelmed most of the time. It’s a good thing that particular element isn’t mandatory for certification.
I find it interesting that the certification program only targets practice management systems. In my experience (both clinical and administrative), the inpatient financial systems are much more in need of supervision than their outpatient counterparts.
What do you think about the new PMSAP certification program? Email me.
Email Dr. Jayne.