Saturday, May 07, 2016

Weekly Overseas Health IT Links - 7th May, 2016.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

IoT increasing security risks, but IT is slow to react

Published April 28 2016, 3:59pm EDT
A majority of IT professionals (53 percent) say they believe wearables are most likely to be the source of a security breach among Internet of Things (IoT) devices connected to their network, according to a study by IT network community Spiceworks.
Wearables were followed by video equipment (50 percent), physical security (46 percent) and appliances (45 percent), notes the report, which was sponsored by Cox Business, a provider of voice, video and data offerings. The survey of 440 IT professionals in North America, Europe, the Middle East and Asia was conducted in March.

GOP 'reboot' senators release draft bill to 'improve' Meaningful Use

April 28, 2016 | By Marla Durben Hirsch
The six GOP senators who called for a "reboot" of the Meaningful Use program in 2013 have drafted legislation to "improve" the program and are asking the Health and Human Services Department for technical assistance on the effort.
In a letter to HHS Secretary Sylvia Mathews Burwell and Centers for Medicare & Medicaid Services Acting Administrator Andy Slavitt, the lawmakers write that they've identified "a few key policy changes" based on the feedback they received from their "reboot" report and from stakeholders regarding their concerns about interoperability, security of patient information, potential for improved healthcare and reduced costs through health IT adoption and the long-term sustainability of health IT programs. They include Sens. John Thune (S.D.), Lamar Alexander (Tenn.), Mike Enzi (Wyo.), Pat Roberts (Kan.), Richard Burr (N.C.) and Bill Cassidy (La.).

CMS: Meaningful Use for Physicians Would End in 2017

Scott Mace, April 28, 2016

Under proposed rules, the Meaningful Use incentive payment and penalty program would be replaced by the new, "less burdensome" Advancing Care Information program for physicians being paid by Medicare.

The Centers for Medicare & Medicaid Services wants to replace the meaningful use program for physicians with a program that is " far simpler, less burdensome, and more flexible," CMS Acting Administrator Andy Slavitt said Wednesday.
Slavitt and Karen DeSalvo, HHS acting assistant secretary for health and director of HHS' Office of the National Coordinator spoke to media by teleconference Wednesday afternoon as CMS released its proposed rules based on the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) passed by Congress last fall.

How physician IT use would be assessed under MACRA

Published April 28 2016, 6:35am EDT
Incentivizing physicians to use electronic health records appears to be taking a new turn, under the provisions of the proposed Medicare Access and CHIP Reauthorization Act of 2015.
The proposed rules carry the intent of simplifying how physician practices can qualify for payments for using information technology, blending the incentives into the larger movement to reframe reimbursement for physicians.
Under the Merit-Based Incentive Payment System, the use of healthcare information technology is one of four components affecting payment. The others are quality (affecting 50 percent of payment), clinical practice improvement activities (15 percent) and cost (10 percent).

Errant clicks on phishing email led to breach, hospital exec says

Published April 27 2016, 7:50am EDT
Even healthcare organizations that make a conscientious effort to comply with HIPAA and continually improving their data security posture can find themselves victimized by cyber attacks.
That lesson was learned the hard way by Wyoming Medical Center, which recently reported a breach that occurred in late February. The Casper-based organization said identities of nearly 3,200 patients were briefly vulnerable after an email phishing attack that tricked two employees into divulging network credentials.
The organization had companywide training last year, including sessions on how to avoid phishing attacks, says Matt Fredericksen, chief compliance and privacy officer.

Proposed MACRA physician payment rule would revamp IT incentives

Published April 28 2016, 6:42am EDT
The Medicare Electronic Health Record Incentive Program for office-based physicians and other eligible clinicians is being replaced with a simplified program under which those professionals will receive incentives for reporting measures that they can customize for their practices.
The changes were announced in a proposed rule released by the Department of Health and Human Services late Wednesday. The changes were contained in a rule by HHS that addresses the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), which would widely revamp approaches to physician payment to focus incentives on quality, not volume of services.
Industry stakeholders now will have a couple months to review the rule and make formal comments. The 962-page proposed rule is available here.

EHRs can help detect patients with a history of cancer

April 25, 2016 | By Marla Durben Hirsch
Electronic health records can help identify patients with a history of cancer, according to research published this month in eGEMs (Generating Evidence and Methods to Improve Patient Outcomes).
Tumor registries are the "gold standard" in identifying people with incident cancer. However, they don't necessarily capture those with prevalent cancer or a history of it, making the registry and any research based on it, less accurate. They're also not necessarily up to date.
The researchers, from the Kaiser Permanente Institute for Health Research, created an algorithm to identify members with a history of cancer. They included all Kaiser Permanente Colorado members ages 40 to 75 enrolled in 2013 (201,787 members), and used administrative and EHR data, including Kaiser Colorado's tumor registry, their chemotherapy files and inpatient and outpatient claims to create an algorithm, which they tweaked after validating it using chart review.

HSCIC actions 1.2m patient opt-outs

Rebecca McBeth
28 April 2016
More than 1.2 million people will have their objection to having their identifiable health data shared for purposes other than direct care actioned by the Health and Social Care Information Centre this week.
New figures released by the HSCIC reveal that 2.2% of England’s population of 56 million patients have opted out of having their confidential data shared for secondary purposes such as research.
The move is a concern for research institutions that use patient identifiable data sets and questions have been raised about whether people were adequately informed about the opt-out when it was offered more than two years ago.

Researchers: More studies needed to assess impact of remote patient monitoring

April 28, 2016 | By Katie Dvorak
More research is needed to gauge the impact noninvasive digital technologies have on care outcomes, especially in the long term, according to a new study in Telemedicine and e-Health.
The researchers reviewed 62 studies in an effort to identify trends in remote patient monitoring (RPM) in the last 10 years. They found "scant evidence" of studies demonstrating improved health outcomes with noninvasive RPM interventions, and said that even fewer studies have demonstrated any cost benefit.
Further research is needed on such tools, the study's authors say, so that there can be assessment of "the efficacy and value of RPM technology for decision makers, developers, researchers, clinicians and investors."

Healthcare stakeholders mixed on MACRA rule's MU implications

April 28, 2016 | By Dan Bowman
For instance, Robert Tennant, director of health information technology policy for the Medical Group Management Association, told FierceHealthIT in an email that while MGMA appreciates the increased flexibility and reduced thresholds for many of the measures touted by CMS Acting Administrator Andy Slavitt, it still has concerns about some of the requirements.
"We have questions regarding the Base Score approach and the decision by the agency to mandate full-year reporting," said Tennant, who added that MGMA continues to review the proposed rule.

Slow and steady will not win the digital health transformation

Alex Pelletier
Apr 26, 2016
Time and again, I go to digital health conferences like Exponential Medicine or Partners Center for Connected Health and am fueled by the optimism of healthcare transformation  happening before our eyes. I learn about the latest promising new innovations and ideas that have great potential to improve care delivery and advance medical care. The healthcare industry is primed for revolutionary change.
I leave the world of conferences and conversations with like minded leaders feeling a starry eyed optimism that the revolution is happening. And yet, it’s not happening as fast as some would like.
It is no secret to anyone that healthcare provider organizations are extremely reluctant to change with the most risk averse culture of almost any industry. This culture, in combination with misaligned financial incentives of who gets paid for what, entrenched electronic medical records systems and outdated IT, change is painfully slow, if change happens at all.

How MACRA will reshape providers HIT strategies

Published April 28 2016, 3:59pm EDT
The healthcare industry is continuing to digest the proposed rule on the Medicare Access and CHIP Reauthorization Act of 2015 issued yesterday by the Department of Health and Human Services, but it’s clear that it provides a roadmap for how federal agencies expect healthcare information technology to support reform initiatives.
Observers and industry organizations say it illustrates a vision of a post-meaningful use world for healthcare IT, where implementation of clinical records systems is not an end in itself, but a means to bring about improvements in care quality.
The proposed rule would effectively eliminate the meaningful use program as a stand-alone entity for office-based physicians and other eligible clinicians, replacing it with a simplified program under which those professionals will receive incentives for reporting progress using IT to support care.

WEDI calls for improved interoperability to aid care coordination

Published April 27 2016, 6:42am EDT
As value-based care continues to transform the industry, there are gaps in healthcare that can only be closed through data exchange between clinical and payment systems.
That’s the finding of a new report from the Workgroup for Electronic Data Interchange. In particular, WEDI makes the case that automated data exchange is critical to the successful coordination, delivery and payment under value-based care.
Working with its sister foundation the Louis W. Sullivan Institute for Healthcare Innovation, WEDI identifies as a national priority “gaps in care” which they define as the “discrepancy between evidence-based recommendations or best practices and the care that is actually delivered.”

Geisinger takes giant steps toward precision medicine with its EHR-linked genomic initiative

Expects to recruit more than 250,000 people for largest U.S. study.
April 27, 2016 10:12 AM
"Combining DNA sequence data with 20 years' worth of medical records is groundbreaking," said Geisinger Chief Scientific Officer David H. Ledbetter.
Geisinger Health System has enlisted 100,000 people for its genomic study and did so more quickly than expected. Attracting so many volunteers over two years has prompted program executives to raise the bar to 250,000 or more participants.
The study called MyCode Community Health Initiative launched in January 2014 in collaboration with the Regeneron Genetics Center. It is the largest study in the United States with electronic health records linked to large-scale DNA sequencing data.  

AHA: Limited coverage, geographic restrictions pose major barriers to telehealth adoption

April 27, 2016 | By Dan Bowman
The Centers for Medicare & Medicaid Services must include telehealth in value-based payment models and lift geographic restrictions on its use, a new brief published by the American Hospital Association argues.
Currently, the AHA points out, limited coverage remains a major hurdle to more robust adoption by providers. This, the brief says, is fueled in part by inaccurate estimates from the Congressional Budget Office of the cost of delivering care via telehealth. For instance, AHA says, when Congress green lit limited Medicare telehealth coverage in 2001, the CBO estimated that it would cost the program $150 million within five years. To date, however, the Center for Telehealth eHealth Law calculates that Medicare has spent $57 million on those efforts.
"Research and experience under the Medicare program suggest that policymakers' concerns about increased access to telehealth leading to increased spending may be overstated, particularly when weighed against the potential benefits in quality, patient experience and efficiency," the brief says. "In fact, when the right types of services are utilized at higher levels … cost is significantly reduced."

Human error a leading cause of cybersecurity incidents

April 27, 2016 | By Katie Dvorak
No person is perfect, and human error is cause for concern when it comes to security across most sectors--the healthcare industry being no exception, a Verizon Enterprise Solutions report finds.
In healthcare, insider and privilege misuse, employee error and physical theft or loss have been top factors leading to security incidents. The report spans all industries, examining breaches and security incidents experienced in the past 11 years. The data includes more than 100,000 incidents, with 3,141 of them confirmed data breaches.
Phishing saw the largest jump in attacks from the year before, the report found. The researchers found that about 30 percent of phishing emails were opened, an increase from the 23 percent reported in 2015. Most of the time the attack was implemented to steal employee credentials, according to the report.

Human element the weakest link in healthcare security, says Verizon report

The majority of threats to security are from external sources that prey on the bad habits of personnel.
April 26, 2016 09:47 AM
"Hackers are beginning to impersonate executives to get the data they want," said Suzanne Widup, senior analyst on the Verizon RISK team.
Stolen credentials, privilege misuse and miscellaneous errors were the three biggest causes for health data breaches in 2015, according to the 9th annual Verizon Data Breach Investigations Report released Tuesday.
The majority of threats come from outside of organizations rather than with internal actors.
Furthermore, there's an increasing trend of external culprits taking advantage of employees' missteps online.

Shared decision-making: ER tools help docs, patients choose treatment options

April 26, 2016 | By Alok Saboo
By Paige Minemyer
Patients often find it daunting to make the right healthcare choices while in the fast-paced emergency department, but new apps and other tools may help make those tough choices a bit easier.
These aids, which include mobile apps, interactive computer programs, pamphlets and risk calculators, allow for more collaborative and shared decision-making between patients and doctors, according to an article in The Wall Street Journal.
The emergency room has long been considered the least-conducive environment for collaboration between patients and doctors, so decision-making aids are being developed that are more tailored to the often-chaotic pace of the ER, Erik Hess, associate professor and chair of research in the Department of Emergency Medicine at Mayo Clinic in Rochester, Minnesota, told the WSJ. Hess and his team developed Chest Pain Choice, an aid for patients with low-risk chest pain that displays their 45-day risk of a heart attack and potential options for care.

Google Glass-powered startup receives funding from major health centers

April 26, 2016 | By Katie Dvorak
Five health systems are putting their support behind a service that uses Google Glass to ease the workload on providers when it comes to electronic medical record documentation.
Augmedix Inc. recently brought in $17 million in funding, with investments from Sutter Health, Dignity Health, Catholic Health Initiatives, TriHealth Inc. and one other unnamed organization, according to an announcement.

6 Guidelines to Creating a Secure Mobile App for Providers

By Robert Lacis of Apperian on April 25, 2016

Unlike apps targeted at consumers, provider-facing apps developed by health systems require a different skillset - and security considerations.

Healthcare providers are creating – or thinking about creating – internal business apps to help clinicians improve patient care or streamline core processes, but they face challenges with privacy and security. After all, it’s not easy to design an app that will work well for a doctor or nurse who works at different hospitals, sometimes several in the same day.
This doesn’t mean providers should shy away from developing these transformative apps. They can take several measures to ensure that these apps have the highest levels of security.
Here are six guidelines that health system executives should follow when creating a secure and effective enterprise app.
Physician discusses impact of EHR on the physician-patient relationship
MONDAY, April 25, 2016 (HealthDay News) -- Electronic health records (EHRs) may be impairing the physician-patient relationship, according to an article published in Medical Economics.
Cheryl L. Branche, M.D., discusses the impact of the EHR on the physician-patient relationship. The author notes that as a former practicing physician, she can appreciate the role of the EHR in reducing errors related to poor handwriting, improving retrieval of results, and facilitating research.

HIT Think How organizations are dealing with unstructured data

Published April 26 2016, 5:11pm EDT
What if your doctor prescribed a one-size-fits-all treatment for you? That is, the recommended treatment didn’t cover all of your symptoms but some of them. How much comfort would you take in knowing that the doctor’s recommendations might work, or has worked some of the time on some people in some parts of the world at some point in time? How much comfort would a doctor or hospital administrator take in knowing that this course of treatment may not work and that you are likely to return?
And would an insurance provider take these chronic hospital visits as a signal that you are a high-risk patient whose premiums need to increase, or maybe it would reconsider offering coverage to this particular health network for such a high readmission rate?
For generations, doctors, nurses and medical practitioners of all types used first- and second-hand knowledge and other limited resources to treat patients. What seems accurate is generally derived from “the aggregate,” or a general context-specific treatment. We’ve come a long way since the early days of diagnostics, and modern medicine has done wonders on advocating lifestyle, diet and exercise changes as preventive care options.

Hacking Healthcare Device Interoperability

Scott Mace, April 26, 2016

As the volume of patient-generated data expands, one provider is finding a way to connect to that data, pair it with its EHR system, derive insights, and communicate back to the patient in a meaningful way.

Due to the number of data breaches of late, the term hacking is once again associated with bad things. But every now and then we need to remember that hacking is sometimes the only thing that allows technology to achieve a desired end.
In the case of medical devices, for economic and legal reasons, many consumer-oriented medical devices remain disconnected from the Internet. Given those breaches I mentioned, this is probably a good thing until device makers and the public understand that the cost of the device must include adequate security, if that device is to be attached to the Internet.

Public preferences for electronic health data storage, access, and sharing – evidence from a pan-European survey

Sunil Patil, Hui Lu, Catherine L Saunders, Dimitris Potoglou, Neil Robinson
DOI: ocw012 First published online: 23 April 2016


Objective To assess the public’s preferences regarding potential privacy threats from devices or services storing health-related personal data.
Materials and Methods A pan-European survey based on a stated-preference experiment for assessing preferences for electronic health data storage, access, and sharing.
Results We obtained 20 882 survey responses (94 606 preferences) from 27 EU member countries. Respondents recognized the benefits of storing electronic health information, with 75.5%, 63.9%, and 58.9% agreeing that storage was important for improving treatment quality, preventing epidemics, and reducing delays, respectively. Concerns about different levels of access by third parties were expressed by 48.9% to 60.6% of respondents.

Cabinet postpones issuing of eHealth cards

The Supreme Audit Office questions appendixes to existing agreements.
The already belated electronisation of Slovakia’s health care will be even later than originally planned after the cabinet has revised the valid legislation and postponed the issuance of eHealth cards.
The cabinet at its session on April 25 approved the proposal submitted by Health Minister Tomáš Drucker (Smer nominee) postponing deadlines for eHealth projects. The changes will be discussed in parliament in a fast-tracked procedure. The deadline for issuing health insurance cards with embedded electronic chips will be postponed by a year from December 2016 to December 2017. The same deadline extension is to be introduced for the mandatory creation and sending of electronic health files to the electronic health records of people. The change still needs to be okayed by parliament.

How data pros are trying to achieve ROI with big data

Published April 22 2016, 2:50pm EDT
Many of the attendees at the recent Strata & Hadoop World conference in San Jose have now completed initial big data initiatives, and are looking for return on those investments this year, says Eric Sammer, co-founder and CTO at Rocana.
In an interview with David Weldon of Information Management, Sammer provided his observations on conference and what attendees said are the top data management challenges they are facing.
What were the most common themes that you heard among conference attendees and how do they align with what you expected?
The most common theme heard was the replacement of legacy systems. This differs from previous years where there were a lot of pilot and test projects. This year it seemed like those pilots had established enough ROI that customers are looking to mainstream big data solutions, especially in the data warehousing and IT operations use cases.

HIT Think How to make sure only certified users access patient data

Published April 21 2016, 4:40pm EDT
Failing to certify user access to networks and information can have dire consequences.
A recent example is the recent jury decision to award Epic Systems Corp. $940 million in a trade-secret lawsuit against Tata Consultancy Services Ltd., an Indian multinational IT service, consulting and business solutions company.
The lawsuit alleges that a Tata Consultancy employee, working as a consultant for Kaiser Permanente, downloaded more than 6,000 documents from Epic's UserWeb, a portal through which Epic provides training and manuals to help customers with implementing and maintaining the company's products. The lawsuit also alleges that the Tata consultant gave his access credentials to other Tata employees in India and that the company used the stolen information to advance its own electronic health record software.

Don't ignore data management when setting sights on new initiatives

April 25, 2016 | By Katie Dvorak
It is imperative for healthcare organizations to ensure that their provider data is well-managed, even as sights are set on new initiatives, Julie A. Dooling, senior consultant at Just Associates Inc., writes at the Journal of the American Health Information Management Association.
Data must always remain "accurate, complete and consistent," because use of such information impacts every patient during every visit, she notes.

Court prevents HIE contractor from destroying data

April 25, 2016 | By Susan D. Hall
A federal court in Illinois has ruled against a health information exchange contractor that had planned to destroy patient data as it goes out of business, according to Law360.
MCHC-Chicago Hospital Council, a nonprofit that runs the MetroChicago Health Information Exchange, had sued Sandlot Solutions Inc. over plans to destroy all client data within 24 hours of providing a copy to MCHC.
MCHC sued to prevent that, saying it wasn't enough time to verify that the data was usable and not corrupted. Sandlot also had planned to destroy audit trail and node authentication logs, which track things like when a patient's file is accessed. Sandlot had not provided copies of those logs, and MCHC argued that destroying them could prevent it from complying with audit control requirements under HIPAA.


No comments: