Saturday, April 16, 2016

Weekly Overseas Health IT Links - 16th April, 2016.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

Data backup, recovery woes still haunt many organizations

Published April 07 2016, 7:52am EDT
While there’s immediate and increasing interest in evolving infrastructure to support distributed, scale-out databases and cloud databases, a lack of robust backup and recovery technologies hinders adoption, according to a new study by research firm Dimensional Research and Datos IO, a provider of data protection software.
The survey of 204 worldwide IT professionals responsible for application and database deployment, operation, management and architecture, looks at the rising demand for distributed applications and adoption of scale-out databases, including MongoDB and Cassandra (Apache and DataStax).

Tech limitations inhibit consumer adoption of PHRs

Published April 08 2016, 7:44am EDT
Technical limitations are inhibiting consumers’ access to personal health records, moreso than their willingness to use technology.
Current PHRs have limited utility and don’t incorporate enough user-friendly consumer technologies to enable easy access, contends Eric Ford, professor and associate chair of the Department of Health Policy and Management at the Johns Hopkins Bloomberg School of Public Health.
Overcoming these limitations, and taking full advantage of the many ways by which consumers could access their health records, could facilitate PHR adoption, argues Ford and researchers from the National Cancer Institute and Ohio State University College of Medicine in a recently published study.

Healthcare organizations prod EHR vendors to innovate

By John Morrissey
Published April 07 2016, 8:04am EDT
Even with electronic health records systems widely adopted by the nation’s healthcare providers, limitations of current technology is putting health IT vendors on the spot to innovate across a range of technology.
The development is being prodded by customers who want ever more sources of data to be available in their EHRs, from Fitbit data to many-slice MRI studies at DICOM-quality diagnostic definition, says Aaron Miri, CIO of Walnut Hill Medical Center, Dallas.
For example, at Hennepin County Medical Center in Minneapolis, health IT executives see a forthcoming expansion beyond its installed Epic EHR platform, and “as Epic gets better at some of these other modalities, we will consider that as it makes sense,” says Matthew Werder, chief technology officer. “You talk about unstructured data and it’s endless in healthcare, everything from drawings and handwritten notes to voice dictation and text messages you might want to put into it. So it just comes from every angle, and we’re looking to our EHR to help us with that.”

Doc: HIEs on a 'promising path toward success'

April 5, 2016 | By Marla Durben Hirsch
The healthcare industry should not give up on health information exchanges (HIEs), which continue to evolve and progress, according to a new viewpoint article in JAMA Internal Medicine.
Anish Mahajan, M.D., of the Lost Angeles County Department of Health Services and Los Angeles Network for Enhanced Services, notes in the post that many see HIEs as only a "pipe dream." Although HIEs--for which billions of dollars have been invested--can improve patient safety, outcomes and coordination of care, as well as efficiencies, their future remains "unsure" at best, he says.

More than half of hospitals hit with ransomware in last 12 months

New research by Healthcare IT News and HIMSS Analytics found considerable uncertainty, questionable business continuity plans, and the need for more effective end-user education rampant in the industry. 
April 07, 2016 07:52 AM
As many as 75 percent of U.S. hospitals responding to a poll this week could have been hit with ransomware in the last year, according to the new Healthcare IT News and HIMSS Analytics Quick HIT Survey: Ransomware, and a chunk of those might not even know it. 
“Over half the people we polled indicated that they had some sort of ransomware attack,” said Brendan FitzGerald, HIMSS Analytics Research Director for Advisory Solutions.
What’s more, another 25 percent are either unsure or have no way of knowing whether ransomware attacks were perpetrated against them or not.

Providers and payers blame interoperability issues and data blocking on EHR vendors, turn to private HIE

A new Black Book report also suggests that new payment models, private health information exchanges, patient locator systems and healthcare analytics will wield more influence driving interoperability forward than government or EHR makers. 
April 06, 2016 12:32 PM
More than half of providers pointed a finger straight at their EHR vendors for existing connectivity defects, lacking interoperability and, perhaps worst, data blocking and silos, according to a report Black Book intends to publish on April 7, 2016.  
An overwhelming number of insurance companies, meanwhile, are moving away from involvement with public health information exchanges in a move toward more regional exchange.
“The misalignment of requirements and protocols has hampered all stakeholders’ interoperability efforts,” Black Book managing partner Doug Brown said in the report.

GP IT suppliers agree to standard open APIs

Rebecca McBeth
7 April 2016
England’s four principal GP IT system suppliers are committed to developing standard open APIs and are working on a plan detailing when they will be released, NHS England has said.
A ‘composite plan’ will be released at the end of this month with the aim of having the initial list of agreed APIs developed and either in testing or live within two years.
NHS England’s head of enterprise architecture Inderjit Singh said all four principal suppliers – Emis, TPP, INPS and Microtest - are “fully on board around the need for structured real-time APIs.”

Emis Patient Access users can 'share your record'

Rebecca McBeth
5 April 2016
Emis Health has introduced new technology allowing a patient to digitally share their medical record with chosen clinicians.
‘Share your record’ is part of Emis’ Patient Access online service. It allows patients to share a view-only snapshot of their record from a desktop or handheld device, via a secure URL or QR code and 4 digit access code.
Access will be for 24 hours and the patient can choose how much or how little information to share, using multiple sharing profiles for different people.

Ireland details €875m EHR plans

Rebecca McBeth
4 April 2016
Ireland is planning to spend up to €875 (£700m) on building an electronic health record over the next five to nine years.
The aim is to implement a national EHR, made up of four key parts; an acute EPR; a community EPR; an integration platform; and a national shared record provided via a portal.
The business case for the project has been approved by a subset of Ireland’s Health Service Executive leadership team. If approved by the full leadership team later this month, it will go to the department of health in mid-May and on to the Cabinet Office.

Tips for protecting hospitals from ransomware as cyberattacks surge

It's now easier than ever for criminals to get into hospital networks, and ransomware is on the rise. Cybersecurity experts offer advice to help hospitals beat back the hackers.
April 06, 2016 06:59 AM 
One of the last things a healthcare CIO, CISO or CEO wants is to learn is that their organization has been victim to ransomware, like in the high-profile attacks that recently crippled Hollywood Presbyterian and MedStar Health.
The number of ransomware incidents in healthcare, however, is increasing as attackers shift their efforts away from the now well-defended finance and retail industries to the sitting duck that is healthcare.
“Ransomware has been an inconvenient truth for a while, a tried and tested dance where an attack is launched and the ransom is modest, just enough where many organizations pay it to make the problem go away,” said Ryan Witt, vice president and managing director of the healthcare industry practice at Fortinet, an information security technology vendor. “But demands for funds are soaring, and the problem is organizations are paying. Ransomware will get worse before it gets better.”

How providers maximize EHRs to reduce readmission rates [Special Report]

February 22, 2016 | By Marla Durben Hirsch
By Marla Durben Hirsch
Hospitals are trying many methods to reduce the number of patient readmissions--transitional care, family education and even house calls. 
Now electronic health record systems are playing a larger role in hospitals' efforts to tackle this growing problem. Studies have shown that EHRs can perform predictive analytics to pinpoint patients who are at higher risk of readmissions so the hospital can target them accordingly. EHRs also can help by automatically receiving and storing data from remote patient monitoring sessions so hospital staff can keep tabs on a discharged patient's condition.  

Hospital hackers exploiting a flaw experts warned about in 2007

April 6, 2016 | By Katie Dvorak
Editor's note: This story has been updated to reflect a statement from MedStar disputing the AP story. 
Hackers are exploiting flaws on computer servers that the government and security experts red flagged as early as 2007.
MedStar Health is the latest victim of the threat, which could have been fixed with a simple update, according to an Associated Press report.
UPDATE: MedStar released a statement on Wednesday disputing the AP report that this vulnerability was the cause of their recent ransomware attack. Read more here
The MedStar ransomware attack forced the health system, which has 10 hospitals in the District of Columbia and Maryland, to go offline last Monday. Employees moved to backup systems and paper transactions when they couldn't log into the organization's systems.

Mass General will use artificial intelligence to improve hospital care

Dean Takahashi April 5, 2016 4:00 PM
Massachusetts General Hospital is buying into deep learning artificial intelligence, and it will use Nvidia’s new DGX-1 deep-learning supercomputer that was announced today.
Nvidia is partnering with the MGH Clinical Data Science Center, which wants to advance health care with AI to improve the detection, diagnosis, treatment, and management of diseases.
“Deep learning is revolutionizing a wide range of scientific fields,” said Jen-Hsun Huang, CEO of Nvidia, at the company’s GPUTech event in San Jose, California, today. “There could be no more important application of this new capability than improving patient care. This work will one day benefit millions of people by extending the capabilities of physicians with an incredibly powerful new tool.”
7:38 pm ET Apr 5, 2016

National Health IT Coordinator Says Technology Can Help Unblock Patient Data Access

Karen DeSalvo

The cloud era and big data are poised to give consumers access to their medical records like never before – whenever and wherever they need it, says Karen DeSalvo, the U.S. Department of Health and Human Services’s acting assistant secretary for health and the national coordinator for health information technology.
She told Wall Street Journal reporters and editors that she wants to refocus health data around people, not records. Over time, that could help overcome the for-profit “blocking” of patient data.
But freeing up and aggregating health-care records from industry “data silos” is a major challenge – not least when you’re dealing with electronic-record companies, hospitals and other health systems that are determined to hold on to them for a competitive edge, or profit, she says.

Practices should focus on a few improvements with a new EHR

Published April 05 2016, 7:14am EDT
Physician practices that implement new electronic health records/practice management system should use them to target a short list of efficiency goals and clinical outcomes to gain the biggest initial impact from their investment, an expert in implementing these systems advises.
Practices often err by developing a long list of goals they want new information systems to support, but it’s often best to pare the list down and initially focus on a few select efficiency and clinical outcomes that an organization wants to accomplish—the rest can wait.
It’s often hard to resist creating a laundry list of objectives, because the data in EHR/PPM systems are able to support a wide range of metrics that practices may be interested in managing, says Mike Cuesta, co-founder and vice president of growth marketing CareCloud, which provides applications for ambulatory care settings.

Malfunctions are common with clinical decision support systems

Published April 05 2016, 7:14am EDT
Problems and malfunctions involving clinical decision support systems are widespread at U.S. hospitals, and those issues may have potentially negative effects on patient safety, according to results of a new study.
The study identified and investigated several malfunctions in clinical decision support (CDS) systems at Brigham and Women’s Hospital in Boston and also included a preliminary survey of chief medical information officers to assess the frequency of such malfunctions.
Researchers found that Some 93 percent of the 29 CMIOs surveyed had experienced at least one CDS system malfunction, while two-thirds experienced malfunctions at least annually, according to researchers, who published their findings in the Journal of the American Medical Informatics Association. Among the most common contributing factors to malfunctions reported by the CMIOs, 18 reported malfunctions occurring at the time of an upgrade of EHR software, and 18 reported issues related to changes in data codes or data fields—both of which are known high-risk events for malfunctions.

Computerized systems still miss major drug errors

By Sabriya Rice  | April 7, 2016
Computerized systems meant to limit drug mishaps routinely fail to detect harmful and even fatal medication orders, according to a new report from the Leapfrog Group.
Computerized provider order-entry systems failed to flag nearly 2 out of every 5 incidents where the wrong drug was prescribed, the incorrect dosage was requested or follow-up reminders failed to appear.
“Hospitals spend millions of dollars to implement CPOE systems, but our results clearly show that many … are not operating as well as they should,” Leapfrog Group CEO Leah Binder said in a news release about the survey results. “Mistakes are still seen with far too much frequency.”

Hospitals' digital prescription systems miss 40% of potential drug errors

April 7, 2016 | By Zack Budryk
While dangerous drug errors are down significantly for hospitals that use digital medication orders, more than 10 percent of potentially fatal mistakes still slip through the cracks, according to a new report from the Leapfrog Group.
Medication mistakes comprise the lion's share of hospital medical errors. But the digital medication distribution systems that most hospitals use miss about 40 percent of potentially harmful orders and 13 percent of potentially lethal ones, the report found.  A study published last October found that at Massachusetts General Hospital, medication errors occurred in half of all surgeries over eight months, one third of which caused patient harm, FierceHealthcare previously reported.  

ONC, NIST partner on $1 million initiative to fuel federated identity and health data privacy

The agencies are looking for ways to use a single credential for accessing health records across multiple providers. The identity solution must enhance privacy and security, be interoperable and cost-effective, officials say.
April 05, 2016 09:46 AM
The National Institute of Standards and Technology is putting up $1million to find a new approach for patients and providers to access health records in a joint endeavor with the Office of the National Coordinator for Health IT.
Instead of piling up individual accounts for each provider a patient sees – dentist, specialist, primary care, in the doctor’s office or in the hospital – NIST and ONC are looking for ways to streamline the entire process by enabling a single credential across multiple providers, officials said.
“For providers, making strides in the efficiency of accessing medical records means time and money saved – and, if done right, better outcomes for security and privacy – what NIST calls a “Federated Identity,’” NIST deputy director Michael Garcia wrote in a blog announcing the pilot.

Joint tool aims to clarify understanding of regulatory landscape for mHealth app developers

April 5, 2016 | By Dan Bowman
A new online tool launched Tuesday by the Federal Trade Commission, the U.S. Food and Drug Administration and the Office of the National Coordinator for Health IT aims to help mobile health app developers navigate myriad looming applicable federal regulations for their prospective creations.
The tool, according to an FTC announcement, queries developers about the functionality of their apps and what information the tools will collect. It then funnels information based on relevant rules from the three agencies.
Bakul Patel, associate director for digital health at the FDA's Center for Devices and Radiological Health, called such clarification important, especially given the rising use of such tools by consumers and providers.

Law professor: Ransomware hitting 'critical mass,' healthcare orgs must prepare

April 4, 2016 | By Katie Dvorak
From coast to coast, U.S. hospitals are falling victim to ransomware, with some coming away unscathed and others ultimately paying the price requested. This type of attack will not slow down anytime soon, law professor Shaun Jamison, J.D., Ph.D., tells FierceHealthIT, and as the problem hits critical mass, organizations must be prepared.
"You have to look at what your IT folks are saying" during a ransomware event, Jamison, who teaches at Concord Law School of Kaplan University, says. "Can you overcome it without paying? What are the next steps?"
What those next steps will consist of, he says, must be well documented. Hospitals and health systems have to know where to turn when an attack occurs, who they will notify and what the response will be.

drchrono Adds 4 Medical API Partners: Health Gorilla, Inuvio, Medisafe, Wink Health

Mobile EHR platform drchrono, announced that it has launched four new medical API partners adding new capabilities to its robust platform. drchrono’s newest API partners include Health GorillaInuvioMedisafe and Wink Health.  drchrono currently has over seven hundred developers in its program creating essential apps and solutions for the healthcare industry. In addition, drchrono has over 21 million API calls/transactions happening per quarter.
“drchrono’s free API and SDK kit was built by developers for developers bringing unique functionality to medical professionals and patients in healthcare,” said Michael Nusimow, CEO and Co-founder.  “These one-of-a-kind apps built on drchrono demonstrate the flexibility of the platform while delivering new and advanced healthcare focused solutions that are vital in today’s evolving medical community.”

Patient portal adoption increases collections, patient engagement: 3 things to know

Written by Carrie Pallardy | April 04, 2016
Patient portals connect consumers and healthcare providers. In addition to the convenience offered by this technology, healthcare providers can recognize economic benefits.
Here are three things to know about the advantages of patient portal adoption, according to "The Business Case for Portal Adoption" report from athenahealth.
1. Following patient portal adoption, healthcare practices experienced improvement in self-pay yield. Practices that increased portal use rates by 20 percent over 12 months experienced a 4.8 percent increase in self-pay yield.
2.  Improvement in several financial metrics pre- and post-implementation was notable.

73% of companies believe cybersecurity issues related to outside vendors are on the rise

Written by Carrie Pallardy | April 04, 2016
Hospitals and health systems are concerned about safeguarding their own systems from data breaches, but providers are not the only ones that hold the keys to health data. Third party vendors are also susceptible to breaches, and U.S. companies are becoming increasingly concerned about the vulnerability of their outside partners.
Here are five things to know from the "Data Risk in the Third Party Ecosystem" survey conducted by the Ponemon Institute and requested by BuckleySander and Treliant Risk Advisors.
1. Of the survey respondents, 37 percent said they did not believe their third-party vendors would inform them of a data breach involving sensitive information.

HIT Think Mobile devices will interface with IT to improve care, save billions

Published April 05 2016, 4:51pm EDT
As an industry, healthcare is notoriously resistant to change, and in the application of clinical information, this limitation is felt most acutely. It’s been the Achilles heel of the industry, but now real foundational change is taking place in the application of healthcare information.
It’s a vast, sweeping tide of innovation—medical product and clinical process innovation, finance and delivery model innovation, and stakeholder participation innovation—all based on information liquidity.
At the forefront of this pivot towards clinical knowledge sharing are mobile tools such as communicative biosensors, wearables and nearables. Whether worn on the wrist, head, foot or body as a garment, these devices are being designed in every conceivable form factor, with convenience and utility in mind.

AMA taking bigger role in key IT initiatives

Published March 31 2016, 5:05pm EDT
Michael Hodgkins, MD, is no stranger to either clinical practice or information technology. As a physician, his training was in internal medicine. As a technologist, he had spent 25 years working in healthcare information technology, much of it with startups focused on information sharing.
Now, as the chief medical information officer of the American Medical Association, Hodgkins can bring all those experiences to bear. With the AMA since 2010, he is now deeply involved in health information technology (HIT) initiatives, as the organization ramps up efforts to represent physicians’ concerns and ensure that HIT helps physicians in practice. “I’ve been able to capitalize on my technology experience and deep knowledge about clinical practice and the clinical ecosystem in my role, and contribute to the AMA’s discussions about strategy and policy,” he says.

Two new ransomware strains discovered, can spread even when offline

The Samsam and Maktub Locker malicious code programs attack vulnerable patches and spread to all systems connected to a network.
April 04, 2016 11:38 AM
Ransomware attacks are growing in severity and sophistication. Two newly-discovered strains, Samsam and Maktub Locker, are prime examples of what healthcare organizations can expect in the near-future.
The ransomware Samsam gains access to an organization's network by exploiting vulnerabilities in JBoss servers, such as a missing patch, and spreads to all machines connected to the network.
Maktub Locker, for its part, enters through spam or phishing emails with a virus hidden in an attachment, like a .ZIP file. Once opened, MakTub encrypts all data and systems connected to the network.

Department of Homeland Security singles out hospitals in ransomware alert

April 4, 2016 | By Susan D. Hall
The Department of Homeland Security is taking action in the wake of myriad recent cyberattacks against hospitals, issuing a ransomware alert to provide more information about the attack type.
In 2012, security vendor Symantec found that by extorting an average ransom of $200, malicious actors profited $33,600 per day, or $394,400 per month, from a single server.
Ransomware variants including Xorist, CryptorBit and CryptoLocker have since proliferated. In early 2016, variants such as Locky and Samas have emerged.
The U.S. Computer Emergency Readiness Team US-CERT recommends actions, including:
  • Employing a data backup and recovery plan for all critical information
  • Keeping patching up to date
  • Using application whitelisting to prevent malicious software and unapproved programs from running
  • Not following unsolicited Web links in emails

Why providers should gather details on patients' data sharing preferences

April 4, 2016 | By Katie Dvorak
Gathering details on patient preferences when it comes to their personal data is the first step providers must take to ensuring they build "the relationship needed to support lifelong data use and sharing," Carolyn Peterson, senior regulatory specialist at Mayo Clinic, writes in a viewpoint at eGEMs (Generating Evidence & Methods to improve patient outcomes).
Patients' decisions on permission seeking, data de-identification, notification of data use and ongoing engagement should be recorded in their electronic health record; what's more, patients also should receive a hard copy or e-copy of that information, Peterson writes.
Such information should be gathered during the first or second visit with a provider, but can also be relayed if the patient decides he or she wants to build a stronger relationship with the provider.

3 ways to manage data breach exposure

Written by Carrie Pallardy | April 01, 2016
The majority of organizations are concerned about the consequences of a large data breach, but just 45 percent believe they have the resources to detect all breaches, according to the "Mitigating the Inevitable: How Organizations Manage Data Breach Exposures" report from id experts and Advisen.
While cybersecurity strategy is essential to preventing data breaches, healthcare organizations are still likely to suffer a breach at some point. It is important to have a breach response plan in place to mitigate the consequences of the incident.
Here are three strategies for minimizing the effects of a data breach.
1. Cyberinsurance. Cyberinsurance can help minimize the financial burden of a large scale breach.
Sat Apr 2, 2016 2:42am IST

U.S. hospitals face growing ransomware threat: security group

By Jim Finkle
U.S. hospitals should brace for a surge in "ransomware" attacks by cyber criminals who infect and shut down computer networks, then demand payment in return for unlocking them, a non-profit healthcare group warned on Friday.
The Health Information Trust Alliance conducted a study of some 30 mid-sized U.S. hospitals late last year and found that 52 percent of them were infected with malicious software, HITRUST Chief Executive Daniel Nutkis told Reuters.
The most common type of malware was ransomware, Nutkis said, which was present in 35 percent of the hospitals included in the study of network traffic conducted by security software maker Trend Micro Inc (4704.T).

HIT Think Six reasons digital health is coming of age

Published April 04 2016, 5:16pm EDT
Digital healthcare, a discipline with enormous potential to dramatically improve healthcare and healthcare delivery as we know it, is no longer an experiment or a novelty. It is a budding industry attracting not only major new players and consumers but, most important, investors – the key to ongoing adoption and growth.
Even five years ago—a relative blink of an eye in historical terms—this would not have been true. Venture capital investing in digital healthcare in 2011 totaled less than $1 billion. Two years later, it more than doubled, to $1.9 billion – better, yes, but still modest. Then along came 2014, when funding more than doubled again, to $4.3 billion, followed by yet another record—$4.5 billion—in 2015, according to investment tracker Rock Health.


No comments: