These days, just about every medical provider has some kind of Web-based patient portal where users can communicate with their doctors and other caregivers, keep track of prescriptions and schedule appointments. Although the portal is supposed to make a patient’s life easier, many find their options to be ailing and substandard in some areas.

Certainly, the security implications of having your personal medical history just a few browser clicks away can be an issue, but there are still good and bad portals designs from both the doctors’ and patients’ points of view. Let’s look at what can be done to ensure a better customer experience while still keeping patient information protected.

Why Does It Matter?

The idea of having secure electronic access to our doctors is appealing, especially for those of us who are comfortable using electronic communications technologies. When I was dealing with some chronic medical issues back in 2000, I actually went about choosing my specialist based on who would respond to my initial query emails. Back then, it wasn’t so common for any doctors to email, let alone want to interact with patients digitally.

The patient portal attempts to solve this by placing everyone on a level playing field: All doctors in a given practice or hospital can communicate equally and securely with all patients. But that ability is both a blessing and a curse, as we’ll see shortly.

The Ideal Patient Portal

In my own case, the design of the email system for my portal is lacking in one key feature that many of us take for granted: the ability to have threaded conversations. This is something that has been a part of most modern email systems for more than a decade, but for some reason has eluded the developers of my patient portal.

What this means is if I have a follow-up question for my doctor, I have to copy and paste the previous email text, otherwise he won’t be able to track what I am talking about. It is a small point, but a big usability feature.

Bill Howard is a contributor to industry tech sites on car technology. Based in New Jersey, his medical portal from the Summit Medical Group covers a huge practice of more than 100 doctors and hundreds more medical professionals. “I get short but useful responses from the doc within a half day,” he said. “But I am not sure how many of the doctors like it. Recently, patients got an email recently telling us to cut out the chitchat. Still, all in all, it’s a big step forward.”

Another less obvious benefit from portals is better record keeping. “I really like being able to access my most current (past few years) medical records; no issue of whether I’ve lost this or that sheet,” Howard added. “And being online has risks, but it also has rewards. One year, I missed out on the filing deadline and lost out on the last couple hundred [dollars] in funded medical savings account benefits. Now, it’s all done automatically.”

Having all medical information accessible digitally also helps doctors make better diagnoses, as Simon Carroll mentioned in a blog post on Medium. They can see more information, possible symptoms and a timeline of care to narrow down medical possibilities.

Existing Issues

Adam Kuhn, an IT manager in the Washington, D.C., area, has had frustrations with portals that “require three different logins that change every 90 days” and has experienced “trouble posting messages that sometimes don’t get through to the doctors.” This is where we can see the conflict of security and usability quite clearly. My own portal has a number of authentication methods that can be used to log in, but having too many choices is almost as bad as too few.

Dan Kusnetzky has used two different portals on opposite ends of the usability scale. The first one, in Rochester, New York, was easy to use and allowed him to effortlessly ask questions of his medical team. “I wasn’t forced to schedule a face-to-face meeting with anyone and could get an answer that day,” he explained.

When he moved to Florida, however, he was faced with a portal that “didn’t work with my chosen Web browser or the browser that came with my operating system. It wanted me to download a third browser to access their site,” he said. “They also required that I use a six-digit ID number rather than an alphanumeric username that I could remember. Their password rules were complex, and there is no way I could remember the password unless I wrote it down somewhere.”

That defeats the whole purpose of having a better password policy. He added that the Florida site developers “really didn’t understand the fact that if a site is difficult for a client to use, they won’t use it.”

So what are some takeaways on patient portals? Try striking a balance between security and usability; don’t forget that your portal has to cover a wide range of knowledge and digital comfort. Make sure the basic email-like communications is at least as functional as a contemporary webmail system. And offer training or simple video tutorials for both patients and medical staff, too.

more from Healthcare

Hospital Ransomware Attack: Here’s What a Cybersecurity Success Story Sounds Like 

Major ransomware attacks are scary, but against hospitals, they are even worse. One notable attack in August 2021 forced Ohio’s Memorial Health System emergency room to shut down (patients were diverted to other hospitals). In all hospital attacks, the health, safety, privacy and lives of patients face risk. But this incident also shows that whether targets are hospitals or any other…

Understanding the Cyber Risk Exposures Within the Health Care Industry

The health care industry is one of the most popular and lucrative targets for cyberattacks and malicious activity. Health care organizations always present as an attractive proposition to hackers as they possess high volumes of sensitive information about patients and rely on highly vulnerable medical devices.Advancements in medical procedures and the growth in digital innovation have led to an increase…