At Solution Builders, we realize that trusting an outside organization with your technology needs poses a certain risk to your healthcare practice. Even if your administrative team agrees that now is the time to move to an outsourced IT model, many of your partners and providers may not be on board with this decision. In this two-part series, we’ll examine how we’ve previously worked with healthcare providers and explore how a medical practice can engage with a managed IT services company to reduce risk and provide a stable technology environment for their staff and patients.
In part one of this series, we introduced you to our typical medical practice, Typical Family Physicians (TFP for short), to go over support and partnership scenarios. Last time, we addressed the long-term technology direction concerns of the partners and started to address how working with an outsourced IT provider could look for TFP. In part two of this series, we’ll start to address how TFP’s staff interacts with the Solution Builders (SB) team.
One of TFP’s ongoing concerns is how well their organization is configured to fend off cybersecurity threats. During the onboarding process, SB identified some areas where the network could be improved upon (from a cybersecurity standpoint) and identified a need for active computer security monitoring. A few configuration changes dramatically improved the configuration of the current hardware firewalls, and as the current hardware reaches end of life, these units will be upgraded to the latest solutions. After onboarding, an active cybersecurity monitoring solution was selected and deployed with the outside security vendor now providing real-time security threat input to the Solution Builders team.
As with all organizations we speak with, TFP requires timely and accurate technology problem resolution. Every TFP staff member is empowered to contact the SB help desk for issue resolution – without the involvement of TFP’s IT coordinator. As things progress during the day, the IT coordinator has access to all open and closed issues for the organization on the SB service ticketing portal. How does SB resolve the issues? Through a combination of remote (United States based) technicians and, if the need arises, onsite technical resources. During the transition period from when the IT Director retired and when TFP thought SB’s support options were going to meet the needs of the staff, TFP contracted SB for dedicated on-site visits from a senior level technician. As time went on, the onsite contract was dropped in favor of regular service protocols.
One of the questions that TFP had during onboarding was how SB was going to coordinate support efforts between their EMR vendor and TFP. Over the series of several meetings during the onboarding period, representatives from TFP, SB and the EMR vendor built a support process that worked for everyone. The EMR vendor is responsible for making the EMR system work and SB is responsible for making the equipment on which the EMR system runs functional. During the initial onboarding period, it was decided that a monthly EMR/SB/TFP check-in was appropriate to make sure all concerns among the three parties were addressed and things continued to move forward. Over time, this meeting was converted to a quarterly meeting.
What about HIPAA?
One of the roles the internal IT coordinator has at TFP is that of the HIPAA Compliance Officer. SB comes alongside the compliance officer (whoever it ends up being at the organization we are supporting) to assist in the development and implementation of the HIPAA program within their organization. In this case, SB became a Business Associate with TFP and signed a business associate agreement with them.
After the migration to a hosted EMR system a few years back, TFP ended up de-commissioning several of their internal servers. In addition to these activities, they also migrated their internal mail structure to Office and Microsoft 365. The remaining servers provide important services to the staff and still require maintenance, monitoring, and backups. In addition to the servers, SB fully supports their on-premise environment including wireless access points, network switches and just about every device with a chip in it.
And finally, the TFP IT coordinator and SB representatives conduct a twice-monthly check-in meeting to keep all involved parties accountable to one another. In those meetings, the team looks for places where support and response can be improved and also follow up on any escalated issues raised over the past few weeks and confirm they are being addressed on a timely basis. Also, during these meetings, technology improvements and replacements are discussed and planned out.
We hope this 2-part series helps you understand the relationship building that happens behind the scenes. Considering moving to an outsourced IT model or have a project you are working on? We’d love to help.