Browse By Topic
Questions organized by topic for easy navigation.
Healthcare IT covers too much ground for one flat FAQ list. These are organized into four topic categories — jump directly to the area most relevant to your current question. Every answer is written to actually help rather than deflect into marketing language — if a question depends on situation specifics, we say so and explain what the dependency is.
- General Questions — about Qventive, our approach, who we serve
- EHR Questions — platforms, optimization, implementation, MIPS
- Cybersecurity Questions — HIPAA, threats, compliance, incident response
- Pricing & Engagement — fees, contracts, onboarding, service models
General
Healthcare exclusivity. Every engineer on our team works only with medical practices — 30+ years, zero retail, zero manufacturing, zero law firms. That depth means when your office manager calls about a Valant template issue or a NextGen claim scrub rejection, the engineer who picks up already understands clinical workflow vocabulary. Generalist MSPs translate from your language. We speak it natively.
Since 1994 — over 30 years of continuous operation, exclusively in healthcare IT. Founded by Steve Gerbino (still CEO). Leadership continuity is rare in an industry built on acquisition and consolidation; it's a deliberate choice at Qventive.
Medical practices across Northern and Central New Jersey — from solo primary care to multi-location PE-backed specialty platforms. Typical client profile: 3-20 providers, 1-6 locations, focus on preserving clinical workflow quality while managing technology reliably. We also serve PE platforms consolidating multiple practices.
Primary focus is 11 NJ counties: Bergen, Hudson, Passaic, Essex, Morris, Union, Middlesex, Monmouth, Somerset, Ocean, and Mercer. For existing clients expanding to adjacent states, we support multi-state operations. We don't typically take new clients outside the NJ footprint because geographic proximity matters for effective on-site service.
Call (201) 488-2750 or email info@qventive.com to book a free 60-minute practice technology assessment. Led by a senior engineer or CTO John Dritsas directly. Covers infrastructure, EHR utilization, cybersecurity posture, and operational pain points. Written findings within one business week. No obligation.
EHR
Seven major platforms: Epic, NextGen, Allscripts, eClinicalWorks, Cerner (Oracle Health), athenahealth, and Greenway. Plus specialty platforms: Valant, ICANotes, TherapyNotes, Modernizing Medicine (EMA — ophthalmology, dermatology, orthopedics, urology, ENT, allergy, pain, podiatry, chiropractic, rheumatology), Nextech, Dentrix, Eaglesoft, Open Dental, PCC, Office Practicum, Flatiron OncoEMR, TRAKnet, RevolutionEHR, ChiroTouch.
Starts with a workflow time study — observing how providers actually use the EHR during real patient encounters. From there, identify specific bottlenecks (unnecessary clicks, slow templates, missing order sets, broken interfaces) and rebuild the workflow. Implementation involves template rebuilds, interface optimization, staff training, and post-change measurement. Typical engagement: 60-120 days.
Yes — core practice area. MIPS/MACRA consulting covers measure selection against your specialty and current documentation patterns, technical setup of measure tracking in the EHR, quality measure optimization (eliminating zero-denominators, fixing exclusions), and performance monitoring through the reporting period. Data going in is complete and defensible under CMS audit.
Qventive's proprietary product. Automates transfer of diagnostic data from medical instruments (spirometers, EKGs, audiometers, imaging devices) directly into the EHR. Eliminates manual transcription, reduces errors, returns measurable time to clinical staff. Especially valuable for pulmonology, cardiology, ENT, audiology, and specialty practices with heavy diagnostic instrument usage.
EHR migration is one of our most-requested engagements. Approach: evaluate current state, define success criteria, evaluate candidate platforms against your specialty and workflow, manage vendor selection, lead implementation. We're platform-agnostic — recommendation is based on fit with your practice, not commercial incentive.
Cybersecurity
Yes. Attackers know large hospitals have hardened security operations, so they pivot downstream to practices with valuable patient data but smaller security investments. Per HHS OCR breach data, the majority of reported healthcare breaches involve practices under 100 employees. Size is not protection; it's the opposite.
The HIPAA Security Rule (45 CFR §§ 164.302-318) requires covered entities to implement administrative, physical, and technical safeguards to protect electronic PHI. Every medical practice that transmits health information electronically falls under it. HHS OCR has levied multi-million-dollar penalties for Security Rule failures, even without an actual breach, when audits find inadequate safeguards.
Managed detection and response (MDR) with trained security operations staff, real-time alerting on indicators of compromise, automated containment of common threat patterns, and incident response coordination. Priced separately from general managed IT because of the around-the-clock SOC staffing requirement. Mapped to HIPAA Security Rule and NIST CSF frameworks.
HIPAA compliance is a regulatory minimum — a set of required safeguards. Cybersecurity is the actual practice of defending against threats. A practice can be technically HIPAA-compliant and still be poorly defended against ransomware. True cybersecurity goes beyond the compliance floor and maps to threats actually targeting healthcare (phishing, ransomware, insider threats, credential theft).
Pricing
Engagements are scoped after the free practice assessment based on actual needs. Typical structures: fixed monthly retainer for managed IT (full-service or co-managed), project-based fees for EHR implementation or migration, subscription fees for managed cybersecurity (MDR). Pricing is competitive with comparable healthcare-focused MSPs. More expensive than pure generalist MSPs of equivalent size because we include clinical technology expertise.
No — engagement pricing depends on practice size, scope, EHR platform complexity, specialty-specific needs, and multi-location considerations. Published pricing in healthcare MSP is typically misleading (too high to win deals, too low to deliver well). We provide specific proposals after the practice assessment so both parties know what's actually being priced.
Managed services typically have 12-36 month terms. Project engagements (EHR implementation, migration, cybersecurity assessment) are scoped and priced per project. We prefer longer relationships — that's how institutional knowledge of your practice accumulates and value compounds. But contracts include standard termination-for-cause provisions and service level agreements.
Under full-service managed IT, everything operational is included in the monthly fee — 24/7 monitoring, help desk (remote + on-site as needed), infrastructure lifecycle, network/server admin, patching, email, VoIP, backup/DR, vendor management, quarterly reviews. Billed separately: major projects (EHR migration, new office build, major infrastructure refresh), managed cybersecurity (separate subscription), specialty consulting (MIPS optimization, PE due diligence).
Ready to Talk?
30-minute assessment. No pitch.
