HIPAA Compliant EHR

To ensure compliance with federal and local requirements, updates to our software are performed behind the scenes, while our Customer Experience team communicates with you about how these changes might affect your workflow. Because Foothold grew out of human service agencies, we can be proactive about preparing our clients for upcoming changes in technology and the industry.

Our software is HIPAA-compliant, is federally certified as an Electronic Health Record (EHR) for Meaningful Use and offers full interoperability with any other federally certified system for participation in Health Information Exchanges (HIE) and RHIOs. It is also the only record-keeping system that is certified as both a Behavioral Health EHR software system and a HMIS software package (Homeless Management Information System).

Below are just a few of our certifications:

  • ONC Certification
  • New York State Office of Mental Health
  • HL7

About Our Certifications

ONC Certification

This AWARDS Electronic Health Record is 2015 Edition compliant and has been certified by an ONC-ACB in accordance with the applicable certification criteria adopted by the Secretary of the U.S. Department of Health and Human Services. This certification does not represent an endorsement by the U.S. Department of Health and Human Services or guarantee the receipt of incentive payments. Click here for product information.

AWARDS Is a Certified EHR

If you are using AWARDS and have an Eligible Professional (EP) on your staff (a Psychiatrist, Doctor, Nurse Practitioner or APN), you may be able to collect $63,750 per EP through the Federal Meaningful Use incentive program.

HIPAA Information for our Clients

While AWARDS is HIPAA-compliant, Foothold understands that our customers may be confused about their responsibilities under HIPAA and experiencing some difficulty in determining whether and to what degree HIPAA affects them. Below you will find a link to a BAA that you should ask us to sign as well as a link to the Federal HHS home for HIPAA-related questions. (This information is provided “as is” without any express or implied warranty. This information does not constitute legal advice. If you require legal advice, you should consult with an attorney.) Additionally, Foothold has developed relationships with a number of high-quality, nationally known security firms and would be happy to put you in touch with them should you be interested.

For the most part, our industry has never really thought of itself as being part of the larger physical healthcare system and so, in many cases, HIPAA is thought of as something that your vendors can take care of for you. While that may be true in many cases, you are, in all likelihood, a Covered Entity under HIPAA and as a result, it is worth your looking into whether and to what degree your organization reflect the principles behind HIPAA.

Click here for a link to the Federal HHS HIPAA Page.

Data Retention

How long we retain your clients’ Personal Data is dictated by the Health Insurance Portability and Accountability Act as well as the HiTECH Act. Foothold Technology is a Business Associate as defined by HIPAA and we will retain your Personal Information for the period necessary to fulfill the purposes outlined in the Federal law and our Business Associates Agreement.

HIPAA Compliance in AWARDS

Among other things, the HIPAA regulations are designed to protect the security and privacy of agencies and the consumers they serve. At Foothold Technology, security is our top priority. Using Secure-Socket Layer (SSL) and 256-bit encryption technologies, Foothold Technology’s security is second to none. We utilize several layers of encryption to protect data from both external sources and internal accessibility. Below are a number of our specific security measures which are in place.

  • AWARDS safeguards the confidentiality of chart records.
  • All system users must authenticate themselves using a login and encrypted password. Passwords must meet minimum standards such as not using words found in a dictionary.
  • Your agency has its own separate database and database server process with login accounts for your agency’s staff only.
  • The database server is protected by a “firewall” that by default blocks all access except the secure sockets layer connection to the web server process running for your agency alone.
  • All data transmitted to and from the database server uses 256-bit encryption, the highest legal limit. This is the same encryption used by online banking.
  • Physical access to the servers is under lock and key. Backup media can be transported offsite by messenger and stored at a secure site under lock and key.
  • Access to chart records can be limited with granular permissions based on User Groups, program administration roles and on a worker-by-worker basis.
  • Access to editing progress notes is restricted to timeframes created by the agency, including a broader timeframe which is made available by granting a specific permission usually given by supervisors or program directors.
  • AWARDS keeps an audit trail each time a progress note is viewed.
  • AWARDS blocks all access to notes concerning incidents except by the note writer and users who have a permit to access these notes.
  • Whenever an exception permit is issued to grant access to chart records, all administration staff with permits to issue such permits are automatically notified by an internal email message.

New York State Office of Mental Health – PROS

Personalized Recovery Oriented Services (PROS) is a comprehensive recovery-oriented program for individuals with severe and persistent mental illness. The goal of the program is to integrate treatment, support, and rehabilitation in a manner that facilitates the individual’s recovery. Goals for individuals in the program are to: improve functioning, reduce inpatient utilization, reduce emergency services, reduce contact with the criminal justice system, increase rates of employment, attain higher levels of education, and secure preferred housing.

AWARDS has tools that make PROS reporting and billing easier, including:

  • End-to-end screening and tracking of individuals receiving services in any of the PROS Components including CRS, IR, ORS and optional Clinical Treatment.
  • One-click availability of the automated PROS Monthly Summary Record of Services (PROS Units Calculator).
  • Intensive case tracking including Individualized Recovery Plans, PROS Progress Notes and Group Notes, Onsite/Offsite Program Attendance Tracking.
  • Standardization of agency data collection and charting procedures.
  • More staff accountability through reporting, audit trails and reminders.
  • Easier access to your data, accessible from any location at the agency.
  • Easier audits using AWARDS’ robust reporting functionality.

New York State Office of Mental Health – APGs

In 2010, the New York State Department of Health (NYSDOH) announced that the federal Centers for Medicare and Medicaid Services (CMS) approved the State Plan Amendment authorizing the Ambulatory Patient Group Payment (APG) Medicaid payment methodology for freestanding Diagnostic and Treatment Centers and Ambulatory Surgery Centers on June 14, 2010. Foothold Technology is prepared to handle the transition to new service categories, codes, and billing rules.

HL7 – Health Level Seven International

“Level Seven” refers to the seventh level of the International Organization for Standardization (ISO) seven-layer communications model for Open Systems Interconnection (OSI) – the application level. The application level interfaces directly to and performs common application services for the application processes. Although other protocols have largely superseded it, the OSI model remains valuable as a place to begin the study of network architecture.