Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"


H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, October 13, 2018

Weekly Overseas Health IT Links – 13th October, 2018.

Here are a few I came across last week.
Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

DoctorLink selected by London STP for online clinical triage platform

A sustainability and transformation partnership (STP) in London has selected DoctorLink to provide an online triage platform for patients.
Hanna Crouch – 5 October, 2018
The contract with the South West London Health and Care Partnership means up to 1.6 million patients across 242 surgeries will have access to a digital symptom checker and medical advice based specifically upon their responses.
They will also be able to book appointments through an online system.
The platform has been designed to ease burden on frontline NHS services and to help patients gain fast access to care.

Care coordination tools cut non-emergency ER use by 44% at Milwaukee Health Care

This case study shows how the system connected more than 50,000 vulnerable patients with appointments, with 38 percent of those for the uninsured, by giving patients greater visibility into care options.
October 05, 2018 01:35 PM

The Milwaukee Health Care Partnership, like so many other providers, needed to reduce avoidable emergency department utilization and  improve outcomes by connecting patients to medical homes or other health resources.
To meet this goal, the partnership initiated the Emergency Department Care Coordination program in 2007. The initiative seeks to help underinsured and uninsured people get access to medical, dental or behavioral health services following an emergency department visit.
The public-private consortium had no efficient way to identify available services, make appointments or effectively connect patients to follow-up services from the emergency department. Milwaukee Health Care’s emergency department staff and care managers would either have to make a series of phone calls to clinics, which was very labor intensive and time-consuming, or just distribute a list of options for the patient to seek out on their own. A natural result: many patients would not get the follow-up care they needed and would frequently return to the emergency department to seek treatment for ambulatory-sensitive conditions.

Malware hits medical devices at 18 percent of healthcare orgs in last year

A new CHIME-KLAS survey of CIOs, CISOs and other security leaders finds that few are confident in their ability to protect patient safety and prevent disruptions from cybercriminals.
October 05, 2018 10:24 AM

Nearly one in five provider organizations (18 percent) polled for a new joint report from CHIME and KLAS have seen malware or ransomware infect or impact medical devices in the past year and a half.
While few of those incidents ultimately resulted in compromised health information or an audit by the Office for Civil Rights, according to almost 150 chief information officers, chief information security officers, chief technology officers and other IT and infosec leaders polled for the report, those device vulnerabilities were a big concern to most of them.
Fewer than 40 percent of respondents said they are "very confident or confident" that their health systems' existing strategies were adequate to safeguard those devices, protecting patient safety and preventing interruptions in clinical workflow, according to the survey.

Is Convenience a Problem for Direct-to-Consumer Telehealth Programs?

New research by the Cleveland Clinic suggests that providers and consumers using direct-to-consumer telehealth platforms may be bypassing best practices for prescriptions.

October 02, 2018 - Healthcare providers treating people with respiratory tract infections through a direct-to-consumer telehealth platform tend to speed up the visit by prescribing antibiotics, according to two studies. And those providers are also getting better reviews.
These results come from an analysis of more than 13,400 virtual care visits on American Well’s connected care platform by researchers at the Cleveland Clinic. The studies, recently published in Annals of Internal Medicine and JAMA Internal Medicine, suggest that consumers look more favorably on providers who prescribe medication, while providers are more apt to prescribe drugs without taking the time to determine if those drugs are really needed.
“Outpatient respiratory tract infections rarely warrant antibiotics, although they are frequently prescribed,” the researchers wrote in a preface to both studies. “Because patients often expect to receive antibiotics, physicians may believe that explaining why they are unnecessary is more time-consuming than simply prescribing them.”

Is Talking to Software the Next Big Step?

In my latest book, The New Mobile Age, we spend some time talking about the growing demand for care (we’re getting older and older people need more care) as compared to the flat supply of healthcare providers. The outlook is bleak – we’re running out of young people to take care of old people. It is a global problem.
I can only think of one solution — to introduce more automation into the care delivery process. I’ve written about the need to use technology to create one-to-many care delivery models in several recent blog posts.
In this context, I’ve become very interested in chatbot technology, and am wondering if it’s ready for prime time. Could we create a near-term future where your first interaction with the healthcare system is via an automated chatbot? Are today’s chatbots up to the challenge? Are we able to seamlessly escalate to a human being, if necessary, so you don’t feel trapped in chatbot hell? Will individuals feel cared for and will we be able to spread our healthcare provider resources across larger populations of patients?

HIT Think How to achieve the right balance of data privacy and IT security

Published October 04 2018, 5:48pm EDT
As cybercriminals and their tools become increasingly sophisticated, so must the approach to thinking strategically about information security and privacy.
Information technology professionals and ordinary individuals alike must stay one step ahead of the game when it comes to protecting information assets, whether proprietary company information or personal data. However, these efforts often result in a struggle to balance security practices against data protection, especially when considering the rights of data subjects.
Whether an organization is dealing with privacy concerns of its employees and customers or with vast amounts of personal data from big data-related operations, personal data is the foundational concern of the information strategy that an organization builds. Moreover, protection of that personal data is the core point at which privacy and security interests intersect.

Joint Commission issues recommendations to solve patient ID issues

Published October 05 2018, 4:10pm EDT
New guidance from the Joint Commission focuses on ways to consider when relying on human or technology factors to positively identify patients.
Issues related to misidentification affect patient safety—for example, entering data into the wrong patient record, comingling patient information, assigning a test to the wrong person and misdiagnosis, among other perils.
“Technology alone cannot ensure accurate information,” says Gerald Castro, project director of patient safety initiatives at the Joint Commission. “We must consider not only the technology but also the people involved and their processes.”

HIT Think How to engage everyone to stop security gaffes in your organization

Published October 05 2018, 4:38pm EDT
Those working in the healthcare industry know that “universal precautions” refers to a set of protocols aimed at preventing infectious disease outbreaks in hospitals. And we know that they are everyone’s responsibility, from nurses to physicians to surgeons to the leadership team, every person must do his or her part to either implement or adhere to procedures that keep the hospital and its patients safe.
Why, then, when it comes to preventing data security breaches and outbreaks is it reasonable to expect the burden for an entire hospital or a multi-hospital health system to fall entirely on the shoulders of a one- or two-person data security team?
Instead, the philosophy for protecting hospitals’ sensitive data—whereby every employee becomes a data steward—can be applied internally as well, adding an extra level of assurance that their data is not being compromised.

NHS will use phone data to predict threats to your health

Chris Smyth, Health Editor
October 6 2018, 12:01am, The Times
People’s medical records will be combined with social and smartphone data to predict who will pick up bad habits and stop them getting ill, under radical government proposals.
Matt Hancock, the health secretary, is planning a system of “predictive prevention”, in which algorithms will use detailed data on individuals to send targeted healthy living messages to those flagged as having “propensities to health problems”, such as taking up smoking or becoming obese.
Despite promises to safeguard data, the “creepy” plans have already attracted privacy concerns among doctors and campaigners, who say that the project risks backfiring by scaring people or damaging public trust in NHS handling of sensitive information.

Pew says consumers prefer biometrics for patient matching, but hospitals have concerns

More than 70 percent of respondents ranked biometrics, such as fingerprinting and facial recognition, as the top choice for a unique identifier while hospital executives raised some questions.
October 03, 2018 12:48 PM
Pew Charitable Trusts this week published a report on patient matching, examining it as a key challenge for healthcare's overall goal of more effective interoperability. In the study, Pew looked at the potential for biometrics and, through interviews with consumers and healthcare executives, determined that patients "overwhelmingly supported the use of biometrics."
Patient matching is an ongoing healthcare problem around the world made even more complex in the U.S. where law prohibits the sort of national identifier that countries including China, Israel and New Zealand have in place – though Pew was careful to point out that interoperability and record matching issues still exist in those nations to varying extents.

3 Ways TeleHealth Tackles Aging-Related Needs

By Mandy Roth  |   October 03, 2018

Programs are emerging to care for elderly patients' needs through technology.

With an aging population and a shrinking number of providers, a healthcare crisis looms on the horizon: care of the elderly.
Health systems are tackling the needs of these patients through a variety of initiatives, and experts say that telehealth could play an increasingly important role in meeting future needs.
Some are already exploring ways to make this work. A look at three novel telehealth programs for the elderly provides a glimpse into models that may work for other health systems seeking to meet needs in their own communities.

Evidence-based security: Using data and analytics to protect health information

Penn Medicine CISO Dan Costantino outlines the steps to gathering information so you can plan strategically and educate the business about threats.
October 04, 2018 09:42 AM
Choosing an approach to information security for many programs is rarely as straightforward as it may seem.
So-called best practices, compliance, and frameworks appear around every corner, all of which have a slightly unique take on a similar grouping of foundational security control areas. This increasing amount of information, regulated or not, can be your best friend or worst enemy.
Infosec teams can easily get sucked into the business of hammering home controls based on what a best practice suggested, rather than what the business actually needs.

Clinical decision support tools save 20 lives in 6 months at Saint Luke's Health System

This case study examines a platform that helped identify 150 percent more sepsis patients, decreased mortality by 30 percent, and correctly identified and treated sepsis, increasing billing income by $70,000 per month.
October 04, 2018 03:30 PM
Saint Luke’s Health System is an 11-hospital network based in Kansas City, Missouri, that accepts transfer patients from various rural and community-based hospitals throughout the area. Saint Luke’s noticed increased mortality from sepsis among transfer patients due to this time-sensitive and deadly condition not being diagnosed early enough.
With multiple hospitals using multiple EHR technologies sending patients into the Saint Luke’s system, it created an information black hole for these sepsis patients. This inevitably led to missteps of care collaboration and coordination.  
“Quick identification of sepsis is a challenge to even the most experienced clinician,” said Joann Paul, vice president of quality and patient safety at Saint Luke’s Health System. “The early signs are often subtle, mimic other conditions, and are very easily lost when transferring a patient. Our goal is to very quickly identify sepsis, treat it rapidly using evidenced-based protocols, and ultimately save lives.”

61% of Physicians Say EHR Systems Reduce Clinical Efficiency

A new survey suggests physicians consistently view EHR systems as sources of frustration rather than useful tools.

October 02, 2018 - EHR systems continue to fall short of provider expectations and detract from the joys of practicing medicine, according to a recent national survey by The Doctors Company. 
More than 3,400 physicians from 49 states and the District of Columbia offered their perspective on EHR technology, federal regulations, value-based care, patient-centered medical homes (PCMHs), and other aspects of the healthcare system.
Survey respondents included surgical specialists, primary care providers, and nonsurgical specialists. The majority of respondents were 51 and older.

HPH SCC Set To Issue Cybersecurity Best Practices for Healthcare

The Healthcare and Public Health Sector Coordinating Council plans to release voluntary cybersecurity best practices for healthcare.

October 03, 2018 - The Healthcare and Public Health Sector Coordinating Council (HPH SCC) soon plans to release voluntary cybersecurity best practices for medical device manufacturers and healthcare providers, the groups announced Oct. 1 on the kickoff of national cybersecurity awareness month.
The development of cybersecurity best practices grew out of the Cybersecurity Act of 2015, which directed the setting up of a Healthcare Industry Cybersecurity Task Force and the development of voluntary best practices to improve cybersecurity in the healthcare industry.
In 2017, the task force submitted a report to Congress detailing ways the healthcare sector could increase the security and resilience of medical devices and health IT, including EHRs. Areas that the task force touched upon included legacy operating systems, secure development lifecycle, strong authentication, and strategic and architectural approaches to product deployment, management, and maintenance on hospital networks.

Analytics, machine learning aid hospice in helping patients

Published October 04 2018, 6:09pm EDT
Infinity Hospice is using a population health management platform to improve services to Medicare patients.
The end-of-life care organization, which serves the Phoenix, Reno and Las Vegas metropolitan areas, is using guidance from the newly developed application, which uses artificial intelligence and machine learning to determine which patients are entering the final stages of life.
Hospices seek to incorporate family members and palliative and other types of care to patients during their final days of life. But it can be difficult to determine when a patient is near the end, especially when the hospice is serving 200 patients, says Darren Bertram, CEO of Infinity Hospice.

ONC releases testing suite to ensure consistent FHIR implementations

Published October 04 2018, 7:04am EDT
The Office of the National Coordinator for Health IT has introduced a FHIR-based testing suite aimed at HIT developers.
The agency is intending the testing tools to ensure that the emerging interoperability standard is being consistently implemented.
ONC contends that the testing tool—called Inferno—is particularly important for developers releasing FHIR servers, systems from which provider- and patient-facing apps and other services will obtain health data.

HIT Think How to achieve the right balance of data privacy and IT security

Published October 04 2018, 5:48pm EDT
As cybercriminals and their tools become increasingly sophisticated, so must the approach to thinking strategically about information security and privacy.
Information technology professionals and ordinary individuals alike must stay one step ahead of the game when it comes to protecting information assets, whether proprietary company information or personal data. However, these efforts often result in a struggle to balance security practices against data protection, especially when considering the rights of data subjects.
Whether an organization is dealing with privacy concerns of its employees and customers or with vast amounts of personal data from big data-related operations, personal data is the foundational concern of the information strategy that an organization builds. Moreover, protection of that personal data is the core point at which privacy and security interests intersect.

InterSystems launches new data platform to speed app development leveraging FHIR

IRIS for Health, with its SMART on FHIR capabilities, is meant to help developers fuel effective applications with the right data, scaling them from concept to production more quickly.
October 03, 2018 02:28 PM
InterSystems has announced a new data and collaboration platform to enable application developers to more easily and efficiently access health data. The aim is to help healthcare organizations be more agile and effective in creating and scaling innovative apps.
Healthcare is generating more digital data than ever before, but the enormous volume and variety of that information can also be overwhelming.
IRIS for Health, a healthcare-specific offshoot of InterSystems' new IRIS Data Platform, seeks to offer a streamlined approach for developers to access and make use of that data, officials say – giving them analytics and interoperability tools to help in the creation of apps.
To do this, the platform leverages HL7's fast-becoming-ubiquitous Fast Healthcare Interoperability Resources standard – including FHIR Server and SMART on FHIR capabilities. It also supports all major interoperability standards and certifications (HL7 Versions 2 and 3, Consolidated CDA, IHE, DICOM, and others), as well as an extensible data model enabling transitions between those standards.

Cybersecurity tops ECRI's list of Top 10 Health Technology Hazards

The prospect of hackers gaining access to remote access to networked IT systems and connected medical devices raises concerns about serious safety risks.
October 03, 2018 08:00 AM
ECRI Institute has published its annual Top 10 Health Technology Hazards for 2019, and cybersecurity is atop the list as the biggest risk to patient safety.
Researchers at ECRI say they're concerned about software vulnerabilities that could allow  hackers or cyber criminals to gain unauthorized remote access to hospitals' networked IT systems and devices, disrupting operations, hindering care delivery and putting safety at risk.
Cyber attacks on healthcare have been steadily increasing, even as defenses have been stalling. ECRI noted that it has published 50 alerts and problem reports related to cybersecurity in just the past 18 months.

Ethical hacking: What to look for in a pen tester

Simulated attacks on a healthcare organization can help infosec leaders assess their security posture, but not all pen testers are created equal and not every provider is ready to be tested.
October 03, 2018 08:00 AM
Healthcare data breaches increased 70 percent between 2010 and 2017, according to a recent study published in the Journal of the American Medical Association. And with breaches costing healthcare organizations $408 per patient record, the stakes are higher than ever.
The cybersecurity conversations are increasing at the boardroom level and some states and organizations are crafting security models to help organizations make sure they are best protected against those threats. So just where does penetration testing fit in the infosec toolkit?
Pen testing is the practice of simulated cyberattacks on an organization’s network or a specific function, such as IoT devices or web apps. The goal is to identify any system flaws or weaknesses and just how likely it is that a hacker can exploit these vulnerabilities.

NIST Warns About Cybersecurity Vulnerabilities in Healthcare IoT

NIST has issued a draft report examining the cybersecurity vulnerabilities and privacy risks posed by Internet of Things (IoT) devices, including healthcare IoT.

October 01, 2018 - NIST has issued a draft report examining the cybersecurity vulnerabilities and privacy risks posed by Internet of Things (IoT) devices, including healthcare IoT. 
“Many organizations are not necessarily aware they are using a large number of IoT devices. It is important that organizations understand their use of IoT because many IoT devices affect cybersecurity and privacy risks differently than conventional IT devices do,” NIST observed in its draft report “Considerations for Managing IoT Cybersecurity and Privacy Risks.”
In the report, NIST laid out a number of high-level considerations that could impact management of the cybersecurity and privacy risks for IoT devices as compared to conventional IT devices.

Patient-matching tools viable but nowhere near perfect, Pew says

Author Rebecca Pifer

Published Oct. 2, 2018

Dive Brief:

·         No solution currently exists that could achieve perfect or near perfect match rates across EHR systems for all patients, according to a report released Tuesday by the Pew Charitable Trusts. However, actions can be taken to better link records, to the benefit of patients and providers.
·         In the short term, Pew recommends clarifying government funding restrictions for unique identifiers, agreeing on standardized demographics, assessing privacy ramifications, continuing to research (and adopt) referential matching using third-party data and verifying phone numbers and other identifying information provided by patients.
·         To develop a stronger patient matching chassis, long-term opportunities include creating a single countrywide oversight organization, launching pilot projects for patients to use their own smartphones to help match records and determining the infrastructure and standards necessary to use biometrics and other more secure and effective patient-matching strategies.

ECRI: Top 10 health IT hazards for 2019

Written by Anuja Vaidya (Twitter | Google+)  | October 02, 2018 | Print  | Email
ECRI Institute released its top 10 Health Technology Hazards for 2019. The increasing ability of hackers to disrupt healthcare operations by gaining unauthorized access to systems remotely tops the list this year.
Similarly, ransomware and other cybersecurity threats to healthcare delivery topped the institute's 2018 list. These annual lists detail the top issues that the ECRI Institute believes healthcare leaders should prioritize and plan for.
Here is the 2019 list:
1. Hackers can exploit remote access to systems, disrupting healthcare operations.
2. "Clean" mattresses can ooze body fluids onto patients.
3. Retained sponges persist as a surgical complication despite manual counts.

Patient matching efforts should focus more on standards than tech, experts say

Oct 2, 2018 4:14pm
The nagging issues around patient matching have plenty of potential solutions. That’s the good news.
The bad news: The healthcare industry still needs to figure out exactly where to focus all of its energy.
That was the central takeaway from a panel of health IT experts, researchers and executives who convened Tuesday morning at an event hosted by The Pew Charitable Trusts. The discussion followed the release of an exhaustive Pew report (PDF), which unpacked some of the key pain points around patient matching and outlined short- and long-term recommendations.

EHRs and impact on medical care a prime source of docs’ ire

Published October 03 2018, 7:26am EDT
About 70 percent of physicians wouldn’t recommend their profession as a career, with electronic health records systems being a major source of dissatisfaction.
Dissatisfaction with the profession is so high that more than half of physicians say they are contemplating retirement within the next five years—including a third of those under the age of 50.
Results of the nationwide Future of Healthcare Survey, by The Doctors Company, were based on more than 3,400 physicians, and showed significant unhappiness with the current state of EHRs and how they affect their delivery of healthcare.

HIT Think Why digital pathology is gathering momentum

Published October 03 2018, 5:44pm EDT
Pathology has long been targeted as an area ripe for digitalization and is commonly discussed as the next big opportunity in clinical IT. However, if you cut through the hype and explosive growth predictions, a different story is evident.
Adoption to date has been slow, regionalized and challenging, forcing some high-profile health technology vendors to write off investments in the sector. So is digital pathology really going to go mainstream and live up to the hype? Or will it continue to frustrate those looking for a new growth sector in clinical IT?
Even so, our organization believes digital pathology is starting to gain momentum.

E-health grows in Brazil, but online-only medical records still far off

By Pedro Ozores
Wednesday, October 3, 2018
The proportion of Brazilian hospitals and health establishments using electronic systems to store general patient information reached 81% last year.

Despite Patient Privacy Risks, More People Use Wearables for Health

Despite the patient privacy risks that collecting health data on insecure wearable devices could pose, many more US consumers are tracking their health data with wearables.

October 01, 2018 - Despite the patient privacy risks that collecting health data on insecure wearable devices could pose, the number of US consumers tracking their health data with wearables has more than doubled since 2013, according to the Deloitte 2018 Survey of US Health Care Consumers.
Of those who used wearables in the past year, 73 percent said they used them consistently.
Sixty percent of the 4,530 respondents said they are willing to share PHI generated from wearable devices with their doctor to improve their health.

Survey: EHRs, Value-Based Care Causing Docs to Sour on Profession

October 1, 2018
by Rajiv Leventhal, Managing Editor
Seven out of 10 physicians are unwilling to recommend their chosen profession to their children or other family members, with frustrations over electronic health records (EHRs) and value-based care ranking as key reasons why, according to new research.
The nationwide Future of Healthcare Survey of over 3,400 physicians was released today by The Doctors Company, a the physician-owned medical malpractice insurer. The survey collected 2,291 written responses voicing physicians' frustration at how EHRs and value-based care and reimbursement are compromising the traditional doctor-patient relationship, indicating their advocacy for preserving this relationship and providing high-quality care.
More specific key findings of the survey included:
  • 54 percent of physicians believe EHRs have had a negative impact on the physician-patient relationship.
  • Half of physicians believe value-based care and reimbursement will have a negative impact on overall patient care.
  • 61 percent of physicians believe EHRs are having a negative impact on their workflow, with many suggesting that EHR requirements are a major cause of burnout.
  • 62 percent of physicians said they don't plan to change practice models, perhaps indicating that the pace of practice change seen in recent years may have run its course.

FDA unveils cybersecurity attack response playbook for medical devices

In a statement, Dr. Scott Gottlieb detailed his agency’s ongoing cybersecurity efforts, which include the signing of two “significant memoranda of understanding” and discussions to facilitate collaboration across government agencies.
October 01, 2018
FDA Commissioner Dr. Scott Gottlieb released a statement today unveiling the Medical Device Cybersecurity Regional Incident Preparedness and Response Playbook — a document co-authored with the non-profit Mitre Corporation describing how healthcare delivery organizations can best prepare their medical devices and staff for a device security breach. The agency also announced the development of its own internal playbook to help agency staff develop and carry out an incident response plan.
In addition, the commissioner announced two memoranda of understanding (MOA) — non-binding, formal agreements between the FDA and other entities — with “multiple stakeholder groups” focused on developing panels of experts who will collect, analyze, and spread information on medical device security, called “information sharing analysis organizations.” FDA is planning discussions with the US Department of Homeland Security on another inter-agency MOA specific to medical device cybersecurity, according to the statement.

ONC: FHIR standard adoption in the U.S. is at a turning point

Published October 02 2018, 7:12am EDT
The adoption of HL7’s emerging Fast Healthcare Interoperability Resources standard for sharing electronic medical information has reached critical mass.
That’s the assessment of the Office of the National Coordinator for Health Information Technology.
“New analysis shows that the United States might be at a turning point when it comes to the adoption and implementation of (FHIR),” according to the agency. “Using CMS and ONC data, we analyzed how health IT developers used FHIR to meet 2015 Edition certification requirements. Additionally, we assessed how hospitals and clinicians’ access to 2015 Edition certified-APIs vary across the U.S.”
What the agency found was that about 32 percent of the health IT developers certified to “Application access—data category request” published that they are using FHIR Release 2, while almost 51 percent of developers are using a version of FHIR combined with OAuth 2.0 for authentication.

Consumer complaints on potential HIPAA issues are increasing

Published October 02 2018, 3:30pm EDT
Individuals’ complaints about misuse of protected health information is on the rise, according to an official within the Office for Civil Rights.
The office, within the Department of Health and Human Services, is on track to receive from 27,000 to 28,000 complaints this year, according to Nicholas Heesters, who works within OCR supporting HIPAA compliance and enforcement activities.
However, the vast majority of the complaints are resolved quickly, and providers generally are not found to be at fault, said Heesters, speaking last week during a packed session at the American Health Information Management Association conference in Miami.

HIT Think Why breach prevention needs to move up executives’ priority list

Published October 02 2018, 2:01pm EDT
The threat and occurrence of data breaches receive frequent attention in the healthcare industry. It often feels as though a new breach (or more) is reported on an almost daily basis. The significant rise in breaches also corresponds with the rise of electronic information from many sources. The general sense is being reinforced by studies and reviews as well.
A new analysis of data breaches conducted by researchers at Massachusetts General Hospital assessed breaches reported to the Office for Civil Rights (OCR) in the breach portal. The review dove into all reports from 2010 through 2017.
Because the review only included those breaches reported to OCR, it should come as no surprise that it certainly did not capture all breaches, since a fair number of breaches seem to slip by (whether deliberately or for some other reason) the required submission to OCR. Still, the reported breaches encompassed 2,149 incidents impacting 176.4 million records. Those are staggering numbers and mean that roughly half of the population of the United States has been subject to a data breach.

Catching FHIR: US ONC projects the data sharing standard to hit critical mass in hospitals and practices in 2019

Mike Miliard | 03 Oct 2018
Thanks to 21st Century Cures Act requirements, private-sector innovation from companies such as Apple and many other factors, the US "might be at a turning point when it comes to the adoption and implementation" of HL7's FHIR standard, according to the Office of the National Coordinator for Health IT.
Why it matters?
Almost four years after the launch of the HL7's Argonaut Project – which convened Epic, Cerner, Mayo Clinic, Intermountain and others to create a framework to speed development and deployment of Fast Healthcare Interoperability Resources – the specification seems to be reaching critical mass, potentially pointing to huge innovations for interoperability in the US.
What is the impact?
In a blog post, ONC's Steven Posnack and Wes Barker said several signs point to an inflection point for FHIR, with uptake of the useful data exchange standard on the rise.

Virtual Assistant Eases EHR Distractions for Physicians

By Mandy Roth  |   October 02, 2018

AI-powered smartphone app can reduce physician burnout, enhance patient experience.


·         Virtual assistant enables voice-activated EHR queries, diminishes data retrieval.
·         Nuance and Epic collaborate to produce app that improves physician-patient dynamic.
·         Vanderbilt tested the system; is further developing capabilities.
·         Across industries, virtual digital assistant revenue will grow to $15.8 billion by 2021.
Yaa Kumah-Crystal, MD, envisions a day when a voice-enabled, AI-powered virtual assistant summarizes a patient's recent history via a smartphone before each encounter. During the visit, the Siri-like assistant will respond to her queries about information stored in the electronic health record (EHR); it will provide trending or comparative data and context; and the system will help order medication, labs, and diagnostic tests.
Kumah-Crystal's eyes will be focused on the patient instead of a computer screen, her hands will be free to conduct the exam, she won't have to click through multiple interfaces to find information, and her day will be freer of administrative tasks.
The doctor won't have to wait long before science catches up. Some of these technological advances are already available thanks to a commercial venture between Nuance Healthcare, a division of Nuance Communications Inc., and Epic Systems Corporation. The remainder are in development by those entities or at Vanderbilt University Medical Center (VUMC) in Nashville where Kumah-Crystal works as an assistant professor of biomedical informatics and pediatric endocrinology.

Focus on Cybersecurity: 3 charts take a pulse of infosec today

New HIMSS Media research outlines hospitals’ top security concerns, ranks ways they’re addressing the problem and pinpoints who builds strategy and policy.
October 01, 2018 08:30 AM
Cybersecurity concerns are the stuff of healthcare nightmares. Data breaches, leaked records, patients harmed — or worse — lax data protection are more than enough to wake infosec teams at night. Then, there are the big federal fines and legal expenses to take into account.
The consequences these threats hold are among the reasons we’re focusing on cybersecurity during October. 
HIMSS Media research, in fact, surveyed 180 qualified professionals in healthcare provider and non-provider settings organizations among IT management and staff and clinical and business roles to determine their greatest security concerns, the most common ways they’re addressing the issue and just who is making these decisions on strategy and crafting internal policies.

ONC data projects FHIR catching on at hospitals and practices in 2019

A confluence of efforts from policymakers and tech companies – EHR vendors and consumer giants alike – have set the stage for HL7's interoperability standard to have a breakout year.
October 01, 2018 03:24 PM
Thanks to 21st Century Cures Act requirements, private-sector innovation from companies such as Apple and many other factors, the U.S. "might be at a turning point when it comes to the adoption and implementation" of HL7's FHIR standard, according to the Office of the National Coordinator for Health IT.
Nearly four year after the launch of the HL7's Argonaut Project – which convened Epic, Cerner, Mayo Clinic, Intermountain and others to create a framework to speed development and deployment of Fast Healthcare Interoperability Resources – the specification seems to be reaching critical mass, potentially pointing to huge innovations for interoperability nationwide.
In a blog post, ONC's Steven Posnack and Wes Barker, said several signs point to an inflection point for FHIR, with uptake of the useful data exchange standard on the rise.

How not to handle a data breach brought to you by Uber, Equifax and many others

As seen with Nuance and the Allscripts lawsuit, when a breach or cyber incident occurs – like ransomware or network outage – an organization can face serious ramifications for failing to be transparent about what happened.
October 01, 2018 09:00 AM
Without question, security incidents and breaches happen on a regular basis. But it’s the major cybersecurity events that thrust policies and procedures into the spotlight, allowing the public to learn from those lessons and apply them to their own businesses.
However, for organizations impacted by such events, as a whole, it can either make or break a company in the eyes of the public.

Equifax: A prime example of what not to do

Case in point: Equifax’s handling of its 2017 breach reporting. The data on about 143 million Americans was breached, officials discovered on July 29, 2017. However, hackers got into the system in May 2017 through an exploited Apache Struts vulnerability -- that Equifax failed to patch although it was released by Apache in March of the same year.

OEHRM Clinical Councils to Create National VA EHR Clinical Workflows

VA providers in clinical councils will develop national EHR clinical workflows and implement changes as needed at the local level.

September 27, 2018 - The Office of Electronic Record Modernization (OEHRM) is taking steps to optimize clinical efficiency, health IT standardization, and deployment processes as the agency prepares to move forward with its $10 billion Cerner EHR implementation project.
VA Secretary Robert Wilkie updated the Senate Veterans’ Affairs Committee on the status of the EHR implementation project seven weeks into his term as official secretary at a September 26 State of the VA hearing.
“OEHRM is working closely with DoD to ensure we are deploying an EHR that is fully interoperable,” said Wilkie in written testimony. “Veterans Integrated Service Network (VISN) 20 in the Pacific Northwest has been selected as the first Initial Operating Capability (IOC) site to deploy and test VA’s new EHR solution.”

Health IT Roundup—Athenahealth's newest suitor; ONC touts FHIR progress

Oct 1, 2018 2:51pm

ONC touts FHIR progress

A new blog post by officials with the Office of the National Coordinator for Health IT says 87% of hospitals and 69% of providers use EHRs with the Fast Healthcare Interoperability Resources (FHIR) standard build into their platform. 
Although just 32% of vendors have adopted the 2015 certification standards, those vendors account for the majority of hospitals and clinicians. Among the top 10 vendors with the largest market share, Cerner, Epic and Meditech serve nearly two-thirds of the hospitals using FHIR-certified products.
But that's not cause for celebration yet.
"While these data are encouraging, it’s not time to pop any champagne," ONC officials wrote in a blog post. "Industry-wide, much work remains from standards development to implementation." (Blog post)

Remote access exploits claim top technology hazard in ECRI's 2019 threat list

Oct 1, 2018 2:31pm
Remote access exploits are the top IT hazard facing providers in 2019, according to the ECRI Institute.
The vulnerability, wherein malicious actors infiltrate a network through remote access systems, is extremely common because the systems are publicly accessible by design. To make matters worse, they often give users a large degree of control over the remote system being accessed.
"Intended to meet legitimate business needs, such as allowing off-site clinicians to access clinical data or vendors to troubleshoot systems installed at the facility, remote access systems can be exploited for illegitimate purposes," ECRI said in its annual report on top tech hazards. "Once they gain access, … attackers can move to other connected devices or systems, installing ransomware or other malware, stealing data or rendering it unusable, or hijacking computing resources for other purposes, such as to generate cryptocurrency."

Blockchain’s best healthcare use cases could be supply chain management, administrative processes

Oct 1, 2018 1:19pm
As healthcare industry players pilot test the use of blockchain, the technology’s biggest near-term impact could be on back-end processes and supply chain management.
That’s according to the latest report from PwC, which predicts blockchain will be prevalent in certain areas of healthcare within just a few years, adding that those who could benefit have “precious little time to plan, adjust and adapt.”
But blockchain’s biggest impact could be on intermediaries that handle data, according to analysts. For instance, Walmart recently announced it will begin tracking leafy greens with blockchain technology to respond to foodborne outbreaks like E. coli. Pharmaceutical companies and medical suppliers could use a similar approach to accurately track product histories.

Machines to handle more work tasks, but precision medicine roles to grow

Published October 01 2018, 7:52am EDT
Machines and automated software will be handling fully half of all workplace tasks within seven years, says a new report.
But the World Economic Forum forecasts that technologies such as artificial intelligence, robotics and precision medicine, could create more jobs than they threaten.
In a study of executives and specialists across 12 industries, the WEF concluded that this so-called "Fourth Industrial Revolution" could create 133 million jobs globally, while 75 million workers may be displaced.

No comments: