“Interns on average report time savings of 1.6 hours per day.”
- Keith Armitage, M.D. in the Journal of General Internal Medicine, 2004

Contact Us

Compliance

In today's hospital environment, keeping abreast of the rules and regulations that guide security and compliance is imperative. It is the bedrock under every system, every transaction and every contract.


What is HIPAA?

HIPAA is the Health Insurance Portability and Accountability Act (HIPAA). Congress originally passed the Act in August of 1996. It is intended to combat health care fraud, lower costs of providing health care and allow better access to health insurance.

Who must comply with HIPAA?

All covered entities who store patient data electronically must comply with HIPAA. The federal government has created three classes of entities who must comply: (1) Health care providers who conduct certain transactions in electronic form (i.e. doctors and doctor's offices), (2) health care clearinghouses and (3) health plans.

Are NextMed Technologies and the RECS software HIPAA compliant?

Yes.

There are a number of laws that collectively make up the HIPAA legislation. These rules were originally signed into effect on August 21st, 1996, but they have been amended numerous times in the dozen years since their inception. Despite years of adaptation and change, there are still two primary sections to the HIPAA laws: the Privacy Rule and the Security Rule.

The HIPAA Privacy Rule is intended to set boundaries on the use and release of health records. It provides guidelines on appropriate safeguards for health care providers and Business Associates, and holds violators accountable if they violate privacy rights.

The HIPAA Security Rule requires that Covered Entities and Business Associates define electronic Protected Health Information (ePHI) within its own organization and ensure the confidentiality and integrity of any ePHI created, received or maintained by the organization as well as to protect against any reasonably anticipated threats to the security or integrity of ePHI.

NextMed Technologies provides HIPAA protection across the board - we are in HIPAA compliance. Your patients' information is safe.

Encryption of data during transmission: All data to and from NextMed servers are secured using 128-bit SSL encryption.

Backup on servers: NextMed meets the highest standards for backup and disaster recovery, including:

  • All databases are mirrored at the transaction level on redundant database servers allowing for immediate failover
  • Full database backups are performed every several hours . All backups are also secured using 448-bit encryption at a secured remote off-site location.
  • The NextMed data center is SAS-70 certified (Type II Audit completed)
  • NextMed's network and electrical power supply are guaranteed for 100% uptime.

Physical Security: Physical server security is maintained by a professional data-protection corporation. Safeguards include:

  • 24-hour physical security monitors all cameras, door positions, and access areas.
  • Redundant off-site monitoring of all security systems
  • Building is rated to withstand hurricane force winds
  • Ballistics-proof walls, doors, and windows
  • Steel structural supports and concrete walls
  • Double man trap entry
  • Data Center Facility is uniquely connected to two power grids.
  • Cameras digitally record all movement in and around the Data Center Facilty

Note: Although many companies purport to certify organizations as "HIPAA Compliant", there is no common standard for a "Compliance Certificate". Companies are required to independently demonstrate that their organization addresses all of the current laws and regulations in effect (collectively called "HIPAA"). For more information about HIPAA and HIPAA compliance, contact your legal counsel or refer to the Office for Civil Rights at the U.S. Department of Health and Human Services: http://www.hhs.gov/ocr/hipaa/. For more discussion of how we protect HIPAA information, please contact us.

What is JCAHO?

JCAHO is the Joint Commission on the Accreditation of Healthcare Organizations (JCAHO). The Joint Commission provides standards and accreditation for many patient care settings, including hospitals and ambulatory care centers. Accreditation is a certification process that documents that a hospital meets high performance standards. JCAHO reports that "accreditation helps hospitals improve their performance, raise the level of patient care, and demonstrate accountability in the rapidly changing health care marketplace."

Who must be JCAHO certified?

Hospitals are eligible for JCAHO certification. Associated businesses, such as NextMed Technologies, are not. However, we know how important JCAHO certification is to you. We work with your hospital to make sure that when time comes for JCAHO auditing, internal or external, that RECS is the very best part of your hospital system. JCAHO has reported that they look for hospitals to have solutions like RECS to optimize signout.

How does NextMed Technologies help you become JCAHO certified?

We believe that it's not enough for your staff to be told how to be JCAHO compliant. It needs to be easy and natural. That's why we've implemented many steps to keep you compliant.

  • JCAHO has specifically released recommendations that hospitals implement computerized sign-out systems. NextMed is the nationwide leader in these systems.
  • RECS places the provider's full name and pager number on every admission note, progress note and discharge summary.
  • RECS prints your hospital's name and logo on every note you write. They can be placed directly in the permanent patient record.
  • Every note contains the exclusive JCAHO-Safe error correction system. When the note is complete, the system checks for JCAHO-prohibited abbreviations, for example:
    • U (unit)
    • IU (international unit)
    • Q.D., QD, q.d., qd
    • Q.O.D, QOD, q.o.d, qod
    • Lack of leading zero (0.X)
    • Presence of trailing zero (X.0)
    • MS, MSO4, MgSO4

Can I customize the JCAHO-Safe error correction system for my hospital?

Yes. We customize RECS to fit your JCAHO or internal certification needs. Contact us for more details.

What is ACGME?

ACGME is the Accreditation Council for Graduate Medical Education. It is the national certifying organization for accrediting post-MD providers. Functionally, this means residency and fellowship training programs in the United States.

Who must be ACGME certified

Any clinical training program after graduation from medical school is typically already accredited through the ACGME; however, in recent years the most pressing issue has been their oversight of work hours and work hour violations.

How does NextMed Technologies help you with ACGME accreditation?

NextMed Technologies was founded on the idea of making signout easier for residents and fellows.

  • RECS makes signout faster.
  • RECS gets clinicians out of the hospital sooner.
  • RECS keeps work hours down.
  • The ACGME wants this! So do your administrators and your residents.

This is not just our opinion. No less a source than the New England Journal of Medicine has called for hospitals to implement computerized systems to decrease work hours (NEJM Vol 347, No. 16, p 1275-8). Hospitals have studied our system. Armitage et al showed that RECS saved residents saved 1.6 hours per day per resident
(Armitage et al. Implementation Of A Resident Created Electronic Medical Record (Emr) To Improve Compliance With Duty Hours And Patient Care. J General Internal Medicine 19, S1: 83; April 2004).

NextMed Technologies is the leading provider of physician signout nationwide. For more information on how we can make sure your physicians are work hours compliant,
contact us.