One of the biggest advantages of using an Electronic Health Record (EHR) software is that it allows physicians, providers, healthcare centers and hospitals to meaningfully interact with each other. The reason why the shift to electronic records is deemed necessary is because it will create a world where healthcare will be no longer expensive for any one and will improve the quality of service delivered.

A huge benefit of using EHR software is that it allows physicians and hospitals to create patient portals, thereby making it easier for them to develop a two-way communication channel with their patients. They allow the patients to view and receive lab results, view online summaries of care, enter/update demographic information, schedule appointments, send messages and see their medical histories all in one centralized location. This element of EHR software hugely improves patient engagement and also helps physicians meet one of the major requirements of Meaningful Use Stage 2.

This is also one of the requirements of HIPAA but a lot of work still needs to be done in order to ensure patient portals are used in the way they are meant to be. Technology has its limitations and can sometimes cause unique problems which are not easy to address. Security, encryption and data protection are such elements of patient portals which need to be kept in check by both EHR software vendors and healthcare providers.

Whenever any sensitive information is put on the internet, it is always prone to security lapses. Question of how to provide login details is a critical issue and poses many risks. Sometimes the login details can be misplaced by the user and can result in data loss. Sometimes there are lapses on part of the EHR vendor who can leave critical information unencrypted and leave it prone to hackers and other infiltrators. But if an EHR vendor has taken adequate security measures to ensure protection of patient portals, then the responsibility does not lie with them.

Generating complex passwords may offer higher level of security but it is not always the best solution. The patients want to access the portals to view their information and must be allowed to keep passwords which are simple and easy to remember. Having a mix of both upper and lowercase letters along with numbers as prerequisite for passwords can surely result in more security, but will discourage the patients from using the portals. Because using patient portals is one of the key requirements of Meaningful Use Stage 2, it will be a big concern for providers if this is not done properly.

One of the other requirements of HIPAA is that patient portals should be able to give patients their information in the format they require. They should be able to email their information themselves or to anyone else they require. Although not being done properly at the moment, this is also one of the key requirements of Stage 2.

Patient portals serve as a great means to increase patient engagement and improve level of patient satisfaction, which in turn, allows the physicians to be qualified for Meaningful Use incentives, profits in the Accountable Care Organization (ACO) model and many others. At present, the industry is still getting used to this element of an EHR but slowly, it is gaining strength and more and more providers are allowing their patients to use them.


Healthcare IT evangelist. Regular contributor to CureMD Blog, Insights and Capterra. Tweets @jasonhughes06