a mychart.org thread -

[e-RICHIE]

Are there mychart dot org users here? I’m new to the page and have two separate logins for two separate “health care providers.” If I were speaking rather than typing that phrase would have me using the term, in air quotes.

My experience over the last 6-8 weeks having the two pages is ridiculously bad. Messages (the delivery method used to ask a PCP about a recent visit or diagnosis) linger for nearly a week. And when I get a reply it’s borderline generic.

Worse yet (for me) is that the message feature on the site has a low character count making it impossible to send my responses back with replying to my own message once or twice. This is what, or how, health care is carried out these days?

[rwsaunders]

Epic (my chart) owns the medical records market and they dictate the rules to the healthcare providers. You should be about to have a direct account/homepage with your provider that requires a separate login. Let me play tonight as it’s been a while since I set up my account and I had a similar issue as you are experiencing.

https://www.epic.com/about/

[e-RICHIE]

Epic (my chart) owns the medical records market and they dictate the rules to the healthcare providers. You should be about to have a direct account/homepage with your provider that requires a separate login. Let me play tonight as it’s been a while since I set up my account and I had a similar issue as you are experiencing.

https://www.epic.com/about/

Ya I do have a direct route (login page etc) with both health care providers in question. It’s the mechanics of the internet page that seem, to me at least, inhuman.

[TRuth]

Ya I do have a direct route (login page etc) with both health care providers in question. It’s the mechanics of the internet page that seem, to me at least, inhuman.

I'm afraid this is modern American health care.

[72gmc]

The one thing mychart offers that I appreciate: the ability to request an appointment without sitting on phone hold.

I've also been able to reference a past referral, to inform a future referral, because it was stored in mychart.

But otherwise, it's an experience that would've suited the movie Brazil except that it's not funny.

[rwsaunders]

Just like the song…Happy Together…although the tech bro/sis that coded the site is probably too young to remember The Turtles.

https://www.mychart.org/Help?tab=faq&faq=linkmychart

[echappist]

Just like the song…Happy Together…although the tech bro/sis that coded the site is probably too young to remember The Turtles.

https://www.mychart.org/Help?tab=faq&faq=linkmychart

Mychart got started less than a mile away from where I used to live in Madison. They've since moved to a place ~10 miles SW of Madison and built a ginormous campus with buildings pretending to be attractions at theme parks. It looks fun and glitzy on the outside, but that façade is there only to play jedi mind trick on the uninitiated. Somewhat ironic, given that there's a Star Wars inspired building.

The tech bro/sis are not the ones that FAANG companies would hire, and the pay is merely good but not great for the Madison area. Most come from less heralded institutions and most are often hired directly out of college. Callow and starry-eyed, many of them last only 2-3 years later before getting chewed up by Epic in a process not so different from the up-and-out system in place for new comers at I-Banks and management investment firms.

Here's a fluff piece from the NYT on Epic (not a surprise there on the NYT), focusing more on the glitzy veneer (gift link). The comments are much more in line with what life is like working at Epic. And all this was before the Pandemic. In 2021, Epic was at the forefront of having its employees return to office, despite there being little need to do so. All b/c its founder believes in putting in face time.

With all that said, integration is easier at for the particular implementation for certain hospital systems than it is for others. In Southern Wisc. (Epic's backyard), all four of the largest systems utilize Epic, including UW Health (Epic's founder went to UW). I happen to have records at three of the four. On my account for one of the hospital systems, I can access my records at the other two (as well as records from when I was on the East Coast). But on my account for another hospital system, I can't access the other records.

Most doctors also aren't paid adequately for answering questions from patients, and these tasks are often delegated. About the only good thing about this is a written record.

[El Chaba]

I refuse to use my “patient portal” or whatever the hell they call it. So far my stubbornness has paid off and somebody always calls or texts me. To answer the question, though, yes this is what and how “health care” is carried out these days. Don’t get sick.

[Scott G.]

MyChart, the good news is you’ll get your test results faster,
the bad news, you’ll your test results before your doctor.
So you can enjoy a pleasant weekend interpreting pathology reports
Before your Doctor calls you early Monday morning.

[9tubes]

I'm afraid this is modern American health care.

I like the phrase "chokepoint capitalism."

[d.bancroft]

I've been using for quite some time. Its a bit clunky but I like being able to:

See my test results fast, typically same day as the blood draw. I like that it will show me a graph of previous results to look for trends.
I like being able to renew prescriptions that have no more refills with a few clicks of the keyboard.
I like being able to schedule an appointment without having to call.
My PCP is really good at responding to my messages sent.

[Clyde]

As above, my experience also. Hopefully you get it straightened out, it's a great tool.

[htwoopup]

I will also add (which has to do with how docs get paid these days), that the specialists across 3 of the 4 health systems I use that are on MyChart are fantastic and quick at responding. And I like the fact that i have one login and I and all of the docs can see everything in one place.

That said, there is one specialist who can take forever if at all to answer and the general primary care doc is horrible at it. Even when he does answer days later it is a non-answer. So I think it is largely people dependent. Which brings up that one used to pick doctors but now we seem to be in a world where we pick health systems and then get doctors within that system.

Which brings up another ramble being in two countries with different health systems…Canadians complain about their system and Americans about theirs. The stuff that is a problem (like not nearly enough general family doctor types) is the same in both systems. The two systems and the complaints are like my two sisters…if you averaged them you would have a normal human being.

[rccardr]

Been using it since 2021 when I needed shoulder surgery. It works, but not always well.

Yep, this is the way all things that used to be personal are heading- doctors, dentists, tax accountants, etc. Easier for them to arms-length you when sending or receiving details, the less personal interaction the better. The care is fine, but the user interface is sub-optimal.

[monadnocky]

These systems, while unarguably improved over the former alternative for many administrative tasks, concern me greatly in terms of the security and patient confidentiality angle. Before I was a solo clinician, I worked for a group practice that, like almost all group practices, had an integrated EHR system. As a provider, I used a username-password combination, in this case a common username-password combo used by all clinicians in the practice. That meant that I could see CMI of other providers' patients. Fine and good, perhaps. But the username-password combo was little better than PracticeName/ Easypassword without secondary authentication. As such, anyone who was so inclined and determined could get into the EHR, see intakes, notes, psychological and neuropsychological reports, credit card numbers, social security numbers, addresses, etc. of hundreds of patients.

And it was all completely above ground, fully HIPAA compliant. Many small- to- medium practice EHRs operate similarly to this day - username and password for the provider, without even a text message for secondary authentication. Again, fully HIPAA compliant.

I am sure that the systems for larger institutions and practices these days are a little (perhaps a lot) more secure. But, if something can be compromised, it will be. Look up the Change healthcare hack to appreciate the magnitude of such a breach.

I don't want to go back to office staff and telephones and US mail and FAXes (still used, btw, in healthcare, very commonly!) but the consequences (for the practice, or institution) of getting hacked are relatively minimal, far less than the investment would be to secure and maintain more secure systems. Looking up my most recent lab results with nothing more than my e-mail address and a password makes me feel kind of funny.

[NYCfixie]

Are there mychart dot org users here? I’m new to the page and have two separate logins for two separate “health care providers.” If I were speaking rather than typing that phrase would have me using the term, in air quotes.

My experience over the last 6-8 weeks having the two pages is ridiculously bad. Messages (the delivery method used to ask a PCP about a recent visit or diagnosis) linger for nearly a week. And when I get a reply it’s borderline generic.

Worse yet (for me) is that the message feature on the site has a low character count making it impossible to send my responses back with replying to my own message once or twice. This is what, or how, health care is carried out these days?

I have spent a great deal of time managing "myChart/Epic" for me and my parents across multiple NYC healthcare conglomerates so I will share what I have learned. I work in IT and was able to discuss some of the issues with the IT Staff at the hospital where my father worked before he recently retired. Some issues are technical, some are based on the healthcare conglomerate, and some are based on the individual provider.

Technical
- Each healthcare conglomerate can decide what version of myChart they want to use and while all are supposed to be compatible, the end user may see a different interface and have a different experience based on the version used.
- If the healthcare conglomerate allows it within myChart, the patient can "share" information between the different healthcare conglomerate accounts so one only needs to log into one system to see all of your data and message providers. If one does this, I still suggest using strong passwords and multifactor authentication on all systems (even if you only log in using one). See below pic to set this up but know it may look different based on the version of myChart: Go to Sharing => Link My Accounts => Discover Accounts to Link
* I really suggest people do this if you have multiple providers at different HC conglomerates because it also allows them to see your records from any system you have shared.


Non Technical
- Speak with your provider about the type of communication they prefer. I have had providers say they read them but are usually 48-72 hours behind on them, others have said a Nurse Practitioner (NP) read them first and decide to respond or forward to the M.D. to respond, others have said their Office Manager/Assistant reads the messages and decides what to do with them, and one other even said do not bother because they never read them. Do not assume a healthcare conglomerate has a policy about this because it is often up to the individual provider.
- The myChart message system use very few characters because message time is not billable so providers can not spend much time on it. I know of one NYC HC conglomerate that no longer allows you to call a providers office directly and one must use the messaging system as first point of contact for everything. Another conglomerate has started tracking messages and phone calls because if the provider spends more than 15 minutes on the issue, it becomes a billable event (lawyers charge by the 6 minutes so why shouldn't medical providers do the same thing). Again, their is no consistency between HC conglomerate and/or individual providers.
- Many/Most providers, especially ones of a certain age (not being ageist), DO NOT want anything documented in a system that can be used against them in a court of law so they are being generic on purpose via the messaging system. Unless they are adding something to your "chart" do not expect detail in writing. And, if one looks at the "after visit notes" in your chart, one will see that it is formulaic and follows a template. It is very much about provider CYA first, then billing second, and your health a distant third.

MyChart Share.jpg

[NYCfixie]

These systems, while unarguably improved over the former alternative for many administrative tasks, concern me greatly in terms of the security and patient confidentiality angle. Before I was a solo clinician, I worked for a group practice that, like almost all group practices, had an integrated EHR system. As a provider, I used a username-password combination, in this case a common username-password combo used by all clinicians in the practice. That meant that I could see CMI of other providers' patients. Fine and good, perhaps. But the username-password combo was little better than PracticeName/ Easypassword without secondary authentication. As such, anyone who was so inclined and determined could get into the EHR, see intakes, notes, psychological and neuropsychological reports, credit card numbers, social security numbers, addresses, etc. of hundreds of patients.

And it was all completely above ground, fully HIPAA compliant. Many small- to- medium practice EHRs operate similarly to this day - username and password for the provider, without even a text message for secondary authentication. Again, fully HIPAA compliant.

I am sure that the systems for larger institutions and practices these days are a little (perhaps a lot) more secure. But, if something can be compromised, it will be. Look up the Change healthcare hack to appreciate the magnitude of such a breach.

I don't want to go back to office staff and telephones and US mail and FAXes (still used, btw, in healthcare, very commonly!) but the consequences (for the practice, or institution) of getting hacked are relatively minimal, far less than the investment would be to secure and maintain more secure systems. Looking up my most recent lab results with nothing more than my e-mail address and a password makes me feel kind of funny.

I could go one for hours about this so I will try and keep it simple...

HIPPA is not a panacea. It only works if the institution and/or provider follow all of the rules/guidelines and even then it is not going to stop a determined hacker. Similar to many/most hacks, it is often due to human error/carelessness/etc. and even when a technical reason often there was a human factor behind/caused that technical vulnerability.

As I suggest to anyone who will listen, use multi-factor on everything. And remember the email account needs to be the most secure because if a hacker gets into your email, they can reset almost any other online account you have. Think about how many systems allow one to reset a password via a simple link sent via email.

And yes, faxing, phone, or in-person (though one never know what is going to happen to that piece of paper you just handed to someone so ask about their disposal/shred policies) are still some of the safest ways to share data.



Now I am going back into my tinfoil lined room to study for my next cybersecurity certification...

[monadnocky]

.... HIPPA is not a panacea....

No, it certainly is not, and I'm often surprised by how little providers are aware of what it is, and what it isn't, what it was intended for, and what it wasn't, never mind the public (i.e., patients).

I'm reminded of a patient who once asked for complete records (which would entail me printing out over a hundred pages), and I responded that I would, but it would take a few days and incur a very modest cost (totally legit), to which she replied "you're violating my HIPAA rights!"

And I have had the experience of FAXing PHI to entities who state they didn't receive it, even though on my end it shows as having been sent. A little terrifying.

[NYCfixie]

No, it certainly is not, and I'm often surprised by how little providers are aware of what it is, and what it isn't, what it was intended for, and what it wasn't, never mind the public (i.e., patients).

I'm reminded of a patient who once asked for complete records (which would entail me printing out over a hundred pages), and I responded that I would, but it would take a few days and incur a very modest cost (totally legit), to which she replied "you're violating my HIPAA rights!"

And I have had the experience of FAXing PHI to entities who state they didn't receive it, even though on my end it shows as having been sent. A little terrifying.

All of it concerns me.

Shouldn't providers know some basics about HIPPA as part of their professional practice?

And yes, patients know even less about HIPPA unless they work in risk management, security, or IT at a hospital or in the healthcare sector.


I lost it on my parents estate attorney (from a very large NYC firm who should know better) who sent me documents via email (not encrypted) that include both of their social security numbers and many bank/investment account numbers. The irony of it all, he charged my parents for his time that I used to give him the lecture about sending PII in an unsecure method. WTF.

[BBB]

Can we move this one to the OT?