Health Organizations, Laboratories, and radiology practices who are looking to grow their sales and better manage their client service teams are quickly adopting client relationship management (CRM) solutions at an exponential rate.

While many have yet to consider integrating their LIS system with their CRM system, the most progressive organizations are choosing this path.

The advantage of connecting the clinical data flowing through their LIS system with their relationship data in their CRM systems is seen as a huge step forward in the healthcare industry. While every top performing company on the planet utilizes a CRM to manage their existing client relationships, many healthcare entities are either not using a CRM at all or have a CRM without connectivity to their LIS system.

I came across a recent article written by Marianne Kolbasuk McGee from Health Info Security who covers the concept of working out security details with business associates. Under the HIPAA Omnibus Rule, business associates including many cloud computing service providers are now directly liable for HIPAA compliance. According to Marianne, that means business associate agreements and safeguards need to be in place for protecting this data. However, getting those details into contracts with cloud vendors isn't always easy.

This is important to consider when your health organization is shopping for a Healthcare CRM solution. While its important to gain greater access to your lab analytics, its also important to remain compliant with the HIPAA law and select the right lab management tools or vendors to work with. offers a Healthcare Relationship Management solution that integrates multiple disparate data systems into one environment. With's cloud-based and healthcare-specific solution, health organizations enjoy the added benefit of a comprehensive business intelligence (BI) solution built into their CRM. These health organizations also enjoy the added protection of having a business associate agreement in place prior to the start of the CRM and BI activation process.

The article also cited that the HIPAA Omnibus Rule clearly spells out a new broader definition of a business associate as "an entity that creates, receives, maintains or transmits protected health information for a function or regulated activity," according to attorney Stephen Wu, a partner at Cooke Kobrick & Wu LLP.

This is important food for thought:

"There's been enormous pushback from some cloud companies who are telling customers, 'you wont give us PHI and we will not maintain PHI," says Willy Leichter, Global Director of Cloud Security at CipherCloud, which offers security products for the cloud.

Under HIPAA Omnibus, business associates (which includes cloud vendors) can be liable for HIPAA non-compliance and breaches, with enforcement penalties from Department of Health and Human Services ranging up to $1.5 million per violation.

So, caveat emptor, and shop wisely for your Healthcare CRM or Business Intelligence solution, or better yet, just contact and leave the searching for someone else...

Read the full article here.



Subscribe To Our Blog

Posts by Topic

View More