This blog post contains important of information. Please read the entire post to fully understand the changes incorporated into AcuGraph.
As data privacy has become increasingly important, new government regulations concerning patient data protection have mandated changes in the AcuGraph software.
Perhaps you’ve heard of the European Union’s new GDPR (General Data Protection Regulation), as well as updates to U.S. HIPAA regulations concerning electronic communication with patients.
We worked hard for weeks to ensure AcuGraph was in compliance with these new regulations by the GDPR compliance deadline of May 25, 2018.
The good news? We made it, and you can continue using AcuGraph with confidence.
The changes, of course, required an AcuGraph software upgrade, which includes some important changes that affect our users.
Here’s the pertinent information you need to know:
New Features in AcuGraph
Let me start by saying this: there’s nothing to worry about! We’ve got you covered 😊
The latest version of AcuGraph 5 (5.2.0 Build 4) introduced several new features, including the ability to permanently delete patient data and export individual patient data, as required by GDPR.
AcuGraph’s Email Capability
AcuGraph’s email capability has changed significantly, incorporating end-to-end secure encryption.
AcuGraph now interfaces with an outside secure email provider, sending patient reports through their secure portal, directly from the AcuGraph software.
As a user, your experience will be exactly the same as it’s been (click a button and the email is sent), but the underlying security of your communications has been greatly enhanced, complying with both GDPR and updated HIPAA regulations.
This third-party email service costs us a significant amount to provide, but there’s good news! We’ve determined we will be able to provide this service at no additional charge to our Professional and Enterprise level AcuGraph users.
Professional and Enterprise Users
If you currently have the Professional or Enterprise service and support plan, we are absorbing the cost of the new secure email service as part of your plan benefits 😊
You don’t need to make any changes, other than install the latest AcuGraph update, which your software should prompt you to do upon launch.
If you have the Basic service and support plan, and you want to continue using the AcuGraph email functionality, you will need to upgrade your plan to the Professional or Enterprise level to comply with new data security regulations.
Our staff will be glad to help you make this change as affordable as possible. Please consider upgrading as soon as possible to prevent any interruption to your ability to email reports.
Email features stopped functioning for Basic users on May 25, 2018. Your emails may still look like they are sending, but they aren’t.
Note: All three levels of support meet all applicable regulations. The Basic level simply does not include email, while the Professional and Enterprise levels include email. But regardless of which level you choose, the software features will keep you in compliance.
AcuGraph 4 Users
If you currently use an older version of AcuGraph (prior to AcuGraph 5,) email features stopped working on May 25, 2018.
If you need the ability to email reports to your patients, you will need to upgrade to AcuGraph 5 Professional or Enterprise. Again, our staff will be glad to help you with this process.
Q&A Section: Please Read!
To help further explain why things have to be done this way, I’ve written a few Q/A explanations that may help:
Q: Why can’t you just leave the email function alone in older versions of AcuGraph?
A: The fundamental problem is that all email must be routed through an email server to be sent. That’s how email works. The new regulations require us to fundamentally change how AcuGraph handles email, including the need for a third-party service provider. We don’t have a choice in the matter.
Q: What if I don’t want to worry about the regulations? Can’t you just leave my email functioning?
A: Whether or not our customers choose to comply with HIPAA and GDPR, we have to comply ourselves, as we can be held liable for any violations, even if we don’t initiate them. We cannot provide non-compliant solutions.
Q: Can’t you just give the new secure email service to everyone?
A: I wish we could. The trouble is, we have to pay the provider for every email that gets sent through the new secure server. We can’t simply absorb those costs and give away the service to everyone for free, any more than you can treat all your patients for free. We’re absorbing the costs ourselves for our higher support packages, but there simply isn’t enough revenue in the lower packages to pay for this service.
Q: I have AcuGraph 4 (or even 3!) and I don’t want to upgrade. Can’t you provide a way for AcuGraph 4 to use the secure email too?
A: Unfortunately, AcuGraph 4 was replaced nearly 3 years ago, and service and support have ended. We simply don’t have the manpower and resources to maintain legacy software, which by now would need a complete rewrite to be brought current. We offer AcuGraph 5 as the best way to stay current, compliant and supported.
Q: So I can’t email anymore?
A: Actually, you technically still can create the report as a PDF from AcuGraph and send it through your own email account to your patient. This doesn’t comply with the regulations, but that’s up to you. It leaves us out of it. If you do choose to send reports this way, please be advised you may be violating applicable privacy laws.
OK! Hopefully that’s not too much to digest! And just to make it easier, here’s a summary of the summary:
Everything’s good, email has changed, you may need a newer version of AcuGraph, or a different support plan, to continue emailing patient reports from the AcuGraph software.
If there were another way to meet the regulations without the added cost and burden of a third-party secure server, we would have implemented it. As it is, we very nearly had to eliminate email completely, and we feel very fortunate to have found and successfully implemented this solution, which will still offer a compliant email option to those who wish to use it.
If you have questions or need any assistance, please don’t hesitate to reach out to us at 208-846-8448. As always, we’re here to help, and we’re committed to keeping your system compliant with all the latest privacy and security regulations, so you can focus on doing what you do best!
Have a Great Day!