Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, September 14, 2019

Weekly Overseas Health IT Links – 14 September, 2019.

Here are a few I came across last week.
Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----

Andy Kinnear looks back at his time at BCS Health and Care

After three years as chair of BCS Health and Care, Andy Kinnear reflects on his time trying to create the infrastructure for the professionalisation of health informatics, while looking towards the challenges that still lie ahead.
DHI Team
3 September, 2019
We get one go at life, one go at career and one go to be seen by others, to be recognised, to be judged and to be valued.
So far, my “go” at life has been brilliant, filled with adventures, travels, family, friendships and four trips to Wembley to watch the magnificent Crewe Alexandra (three wins and one loss on penalties), so I cannot grumble.
My career “go” has had some major ups too: significant triumphs that brought recognition and rewards for me and my team and, more importantly, major benefits for the public, our patients and our care professionals.  I am incredibly proud of what we have delivered, despite operating in an often chaotic, complex and cash-strapped health and care system.
But 29 years in the NHS has not been without the odd frustration, too. For example, in my opinion and despite our best attempts, the digital narrative remains far too peripheral to the health and care agenda.
-----

Another View: On seeing one person’s records

The difficulties surrounding looking at one person’s records is the theme of Neil Paul’s latest column for Digital Health. GP Neil delves into the complicated world of consent and who should have access to what when it comes to a patient’s record.
5 September 2019
How difficult can it be to see one person’s records? By this I mean only one. We have a range of people who come into the practice; medicines management, pharmacy support, audit, researchers, monitors for research studies. They often only need / want access to one or a few people’s records, however there is no way to do this?
With the creation of PCNs we increasingly being told to take on staff at a PCN level to support the member practices, do these staff get automatic access to every patient in the PCN? Perhaps they do. Perhaps they need it, but they could have unfettered access to 100,000 patients. What about patient security?
Locally the district nurses and community staff have their own implementation of EMIS web – EMIS community. They can see the records of any patient on their case load and each time they see someone it asks consent reason. Ok this isn’t perfect as you can just click the person consents but it’s better than nothing. However it does mean they can’t get into someone notes who isn’t on their books.
-----

Thousands of servers infected with new Lilocked (Lilu) ransomware

Researchers spot new ransomware targeting Linux-based servers.
By Catalin Cimpanu for Zero Day | September 6, 2019 -- 10:29 GMT (20:29 AEST) | Topic: Security
Thousands of web servers have been infected and had their files encrypted by a new strain of ransomware named Lilocked (or Lilu).
Infections have been happening since mid-July, and have intensified in the past two weeks, ZDNet has learned.
Based on current evidence, the Lilocked ransomware appears to target Linux-based systems only.
First reports date to mid-July, after some victims uploaded the Lilocked ransom note/demand on ID Ransomware, a website for identifying the name of the ransomware that infected a victim's system.
-----

AI Could Slash Diagnosis Costs in Stable Chest Pain Patients

Liam Davenport
September 06, 2019
PARIS — An artificial intelligence decision support system (AI DSS) to help decide which diagnostic tests to perform in individuals with stable chest pain (SCP) could lead to substantial reductions in healthcare costs versus standard human-led care, suggests research presented as two posters at the ESC Congress 2019.
The researchers, led by investigators at the Royal Brompton Hospital, London, examined the potential cost effectiveness of an AI DSS derived from clinical guidelines for the assessment of SCP.

Humans vs AI

They looked at data from the cooperative ARTICA registry database on individuals who underwent a standard evaluation by clinicians, alongside assessment via artificial intelligence, all on the same day.
In the first study, the two approaches were compared in more than 1700 individuals who underwent coronary tomographic angiography (CTA) to verify the presence of coronary artery disease but for whom a range of non-invasive and imaging tests were available.
-----

States With Drug Monitoring Programs See Fewer Prescriptions, Hospitalizations

SEPTEMBER 04, 2019
Aislinn Antrim, Assistant Editor
Researchers at Weill Cornell Medicine have found that states requiring prescribers and dispensers to register with and use prescription drug monitoring programs saw significantly fewer opioid prescriptions and reduced opioid-related hospital use, when compared to states with weak drug monitoring program mandates.

Drug monitoring programs are state-based electronic databases that collect and monitor prescribing and dispensing information of controlled prescription drugs.1 Currently, 37 states have operational monitoring programs, and 11 states have enacted legislation to establish a program, which is not fully operational.2

The researchers noted that monitoring programs vary by state. Some have mandates requiring all providers to register and use the program on initial prescribing, regardless of practice setting. They can also require use of the program every 12 months after initial prescribing for continuing prescriptions. Other states may have noncomprehensive mandates that only require registration, or have a weak use requirement, or both.1
-----

Guthrie to use AI-based system to help anticipate sepsis

September 06, 2019, 3:05 p.m. EDT
A four-hospital health system will implement the POC Advisor clinical intelligence platform of Wolters Kluwer Health to aid in quicker detection and treatment of sepsis.
Combatting sepsis is an ever-present challenge, says Terri Couts, vice president of Epic program applications at Guthrie, an integrated delivery system serving parts of Pennsylvania and New York. Based on feedback from providers, the organization sought a sepsis detection product with meaningful alerts that provide more accuracy and specificity than what could be achieved by the electronic health record, she adds.
 “Using natural language processing with POC Advisor can help us maximize the value of our EHR investment by using both patient data and extensive clinician notes to trigger alerts accurately and earlier, so our care team can effectively intervene to improve sepsis outcomes,” Couts explains.
-----

New technologies for evidence-based care are boosting patient outcomes

At Health 2.0 this month, seven disparate companies will show how their apps and platforms are being put to work leveraging clinical and social data to drive innovations in care delivery.
September 06, 2019 02:20 PM
As healthcare data proliferates by the nanosecond, the challenges of aggregating and analyzing it all have never been greater – but neither have the opportunities when innovative applications are put to work mining and harvesting it for more rigorous evidence-based care. 
Leaders from seven data-driven healthcare companies, some of them startups, some of them stalwarts, will take the stage in a session at Health 2.0 on Sept. 17 to show and tell how their technologies are helping stakeholders across the industry – consumers, providers, payers, biopharma and life sciences companies, other IT vendors – make more valuable use of clinical, behavioral, social and other health data.
-----

10 Areas Where Artificial Intelligence Can Revolutionize Primary Care

By Christopher Cheney  |   September 05, 2019

Top areas where AI can have a significant effect on primary care include risk prevention and intervention, population health management, and device integration.

KEY TAKEAWAYS

·         With more than 500 million patient visits annually, primary care is a prime area where artificial intelligence can jolt healthcare.
·         Successful AI initiatives in primary care augment rather than subvert the physician-patient relationship.
·         From the patient perspective, effective AI innovations should be invisible or in the background.
Artificial intelligence (AI) is poised to have a transformative impact on primary care, a recent journal article says.
-----

Healthcare Most Impacted by Data Breaches, Insiders Root Cause

Once again, insider error was found to be the primary cause behind the majority of data breaches across all sectors; the Egress report shows healthcare was the most impacted industry.

August 28, 2019 - About 60 percent of data breaches that occurred between January 1 and June 20, 2019 were the result of human error, according to a recent Egress report.
The London-based security firm analyzed both the 4,856 personal data breaches reported to the Information Commissioner’s Office, as well as a survey of more than 4,500 US and UK IT leaders and employees to gain insight into the root causes of internal breaches.
The researchers found that of the breaches reported during the first half of 2019 caused by insiders, 43 percent were due to incorrect disclosure and 20 percent were caused by posting or faxing data to the wrong recipient.
-----

Ransomware Attacks Double in 2019, Brute-Force Attempts Increase

A new report from McAfee sheds light on the current threat landscape: ransomware attacks are seeing a resurgence, while brute-force attacks on RDP and SMB have steadily increased this year.

September 03, 2019 - After several reports last year that showed ransomware attacks were in decline, a new report from McAfee shows cyberattacks leveraging the file-locking malware have more than doubled this year with hackers modifying attack methods for more lucrative payouts.
The healthcare saw its first surge of ransomware attacks in 2016 with health systems like MedStar Health and a host of others falling victim. Since that time, a wide range of providers have fallen victim to both targeted attacks and incidents initially directed at other entities, like NotPetya and WannaCry.
Most recently, hundreds of dental provider offices were infected and shut out of their systems, after an attack on their vendor Digital Dental Records and PerCSoft. Just a few weeks before, hackers demanded a $1 million ransom from Grays Harbor Community Hospital and Harbor Medical Group in Washington.
-----

Cybersecurity Leaders Increasingly Face Alert Fatigue, Tune Out Apps

A recent CRITICALSTART report shows the majority of cybersecurity leaders are seeing 10 or more alerts each day, of which, 50 percent are false-positive; each alert takes more than 10 minutes to investigate.

September 04, 2019 - The majority of cybersecurity leaders are seeing 10 or more alerts on a daily basis, which is adding to an ever-increasing risk of alert fatigue, according to a recent CRITICALSTART report.
The survey of 50 security operations center leaders, managed security services providers, and managed detection and response providers showed that 70 percent of respondents have seen an increase in alerts in the past year. In 2018, just 45 percent of SOC leaders reported investigating more than 10 alerts each day.
What’s more, 78 percent of these security leaders said it takes 10 or more minutes to investigate each alert. Just 22 percent of respondents said it takes less than 10 minutes to investigate an alert, which is down from 36 percent last year.
-----

CDC launches $900M effort to improve drug overdose data

September 05, 2019, 12:16 a.m. EDT
The Centers for Disease Control and Prevention is providing more than $900 million to help state, territorial, county and city health departments get better drug overdose data.
Under a new three-year cooperative agreement announced on Wednesday, the CDC is funding surveillance activities around the country to monitor and gather data about the scope and nature of the drug overdose problem.
CDC’s Overdose Data to Action initiative will support the work of 47 states and the District of Columbia, two territories, as well as 16 counties and cities nationwide. Initially, the CDC is releasing $301 million for the first year of the effort with the rest of the funding to follow in subsequent years.
-----

Prompt notification eases pain of data breaches, consumers say

September 05, 2019, 12:00 a.m. EDT
Consumers may be willing to forgive an organization that’s suffered a data breach if they get timely notifications about the incursion.
A recent survey by Experian, a consumer credit reporting company, found that 93 percent of consumers responding to its survey expected to hear from a bank within three days of a data breach occurring, with the vast majority—83 percent—saying they expected to hear from a financial institution within 24 hours.
When asked how they would respond to slow or ineffective communication after a data breach, 66 percent said they would stop doing business with the organization, and 45 percent said they would tell their friends and family to do the same.
-----

Decision support systems evolving to better serve docs and patients

September 05, 2019, 3:35 p.m. EDT
Clinical decision support systems represent a growing market that eventually will be more than a simple capability tacked onto electronic health records systems.
These systems are evolving beyond a selection of point solutions to a platform on which other health IT functions can be integrated, according to a new report from Frost & Sullivan. This gives the opportunity to accelerate the progress of value-based reimbursements, connected health and population health management, it contends.
Clinical decision support is a broad concept with many definitions depending on the perspective and role of the user. The market includes clinical, financial and workflow tools that provide data to physicians at the point of care. The data also includes information that can help a doctor understand prescription and patient adherence.
-----

Mental health websites in Europe found sharing user data for ads

Natasha Lomas @riptari / 10:19 pm AEST September 4, 2019
Research by a privacy rights advocacy group has found popular mental health websites in the EU are sharing users’ sensitive personal data with advertisers.
Europeans going online to seek support with mental health issues are having sensitive health data tracked and passed to third parties, according to Privacy International’s findings — including depression websites passing answers and results of mental health check tests direct to third parties for ad targeting purposes.
The charity used the open source Webxray tool to analyze the data gathering habits of 136 popular mental health web pages in France, Germany and the UK, as well as looking at a small sub-set of online depression tests (the top three Google search results for the phrase per country).
It has compiled its findings into a report called Your mental health for sale.
“Our findings show that many mental health websites don’t take the privacy of their visitors as seriously as they should,” Privacy International writes. “This research also shows that some mental health websites treat the personal data of their visitors as a commodity, while failing to meet their obligations under European data protection and privacy laws.”
-----

AMA launches Practice Transformation Initiative to combat physician burnout

The mission of the project is to fill the knowledge gaps regarding effective interventions to reduce burnout and dissatisfaction.
September 05, 2019 12:30 PM
The American Medical Association is ramping up its efforts in the fight against physician burnout with the launch of its new Practice Transformation Initiative. The project aims to advance evidence-based solutions that increase joy in medicine, say AMA officials.
WHY IT MATTERS
The causes and impact of fatigue and burnout among practicing clinicians have been well-researched, but practical solutions have seen much less rigorous analysis – and information on effective interventions remains limited.
The goal of the Practice Transformation Initiative is to fill those knowledge gaps, according to the AMA. The initiative will support research and advance evidence-based solutions by collaborating with organizations that are committed to the practice transformation journey.
Participating health systems will use validated assessment tools to measure burnout: field-testing workflows improvement tools, applying research methodology to evaluate their impact and then sharing best practices within an AMA-facilitated learning community.
-----

What population health IT vendors are doing to support SDOH

Three representative vendors discuss why social determinants of health are important to population health management, and describe how their technologies help put these important data points to work.
September 05, 2019 01:34 PM
Social determinants of health have proven and measurable impacts on the health outcomes of patient populations. This is why the healthcare industry is seeing heightened focus on SDOH from many sectors, including payer organizations, health systems and independent medical groups.
SDOH are factors influencing patient outcomes that are outside the scope of traditional medicine. These might include geographical factors such as where a patient lives, social factors like interpersonal relationships, cultural factors like religion and economic factors such as income.
Different from SDOH, and more foundational to patient health and well-being, are critical needs, such as water, food, shelter and clothing.
-----

Volume of EHR Related Medical Malpractice Claims Keeps Rising

September 5, 2019
A new study has concluded that as EHR use has become ubiquitous, the number of medical malpractice claims in which EHRs contributed to injuries is continuing to rise. While the absolute number of claims is still relatively small, the problems involved are quite common, suggesting we haven’t seen the worst of this yet.
The study, which was conducted by medical malpractice insurer The Doctors Company, looked at EHR-related med mal claims that closed between 2010 and 2018.
Researchers found that the number of claims in which an EHR was involved has climbed dramatically, from just seven cases in 2010 to an average of 22.5 cases per year in 2017 and 2018. Interestingly, EHR issues usually weren’t the primary cause for the claims. When they were a factor, most of the EHR-related issues were related to system technology and design issues and user-related problems.
-----
08.30.2019 07:00 AM

One Scientist’s Quest to Bring DNA Sequencing to Every Sick Kid

Ryan Taft didn’t know that he would become one of the world’s leading experts in diagnosing rare genetic diseases. Then he met Stephen Damiani.
Nicholas Law
Stephen Damiani is a numbers guy.
He can tell you that on May 26, 2010, he and his wife, Sally, listened as a doctor told them that there were no more tests to try to figure out what was wrong with their son. He can recall that at that point 306 days had passed since they’d first noticed he was sick and that Massimo was just shy of his first birthday when he started struggling to pull himself up to stand; his legs would stiffen, his toes would tightly curl, and he’d throw his head back in frustration.
Doctors knew Massimo suffered from a type of leukodystrophy, a genetic disorder of the central nervous system that destroys the brain’s white matter. The only option left would be to try to identify the specific gene responsible for his illness and hope that a diagnosis could eventually lead to a treatment—an endeavor that could take years. Although the human genome had been mapped almost a decade earlier, the practice of systematically scouring patients’ entire genetic code to find the culprit had yet to become routine.
-----

Prescription drug databases lead to fewer opioid-related inpatient stays, ED visits

Sep 4, 2019 3:10pm
States that require providers to use prescription drug monitoring databases (PDMPs) not only have a lower rate of opioid prescriptions, these PDMP mandates also lead to lower rates of opioid-related inpatient stays and emergency department (ED) visits, according to a study published in Health Affairs. 
The implementation of comprehensive PDMP mandates was associated with an 8.92% lower rate of opioid prescriptions in the Medicaid population, according to the study that looked at Medicaid prescription data and hospital utilization data across the U.S. from 2011 to 2016.
The study also found that the use of PDMPs might improve health, with comprehensive PDMP mandates associated with reduced rates of opioid-related inpatient stays and ED visits by 4.27% and 17.75%, respectively.
-----

Four ways to maintain access to patient data during natural disasters

Hurricane Dorian, a Category 2 storm that's said to be headed toward the Florida coast, is the latest natural disaster to threaten U.S. hospitals. While hospitals previously struggled to keep paper records free from physical damage, more recently hospitals have struggled with maintaining EHR connectivity after power outages or sharing patient medical histories if a patient is displaced from their usual hospital.
Here are four things to consider to maintain access to patient records during the storm:
1. On-premise versus cloud storage. Hospitals that use cloud-based EHR systems, and therefore don't have data physically stored within their facility, will likely have their information protected from a natural disaster. However, an EHR that stores data in an on-premise data center will need to assess whether the data center, as well as cables used to connect the data center to the facility, are safe from the storm—and if not, whether new cables can be placed to maintain access, as one New York hospital did in the wake of Hurricane Sandy in 2012.
-----

Artificial intelligence in medicine raises legal and ethical concerns

September 4, 2019 9.53pm AEST
Professor of Health Law and Bioethics, Case Western Reserve University
The use of artificial intelligence in medicine is generating great excitement and hope for treatment advances.
AI generally refers to computers’ ability to mimic human intelligence and to learn. For example, by using machine learning, scientists are working to develop algorithms that will help them make decisions about cancer treatment. They hope that computers will be able to analyze radiological images and discern which cancerous tumors will respond well to chemotherapy and which will not.
But AI in medicine also raises significant legal and ethical challenges. Several of these are concerns about privacy, discrimination, psychological harm and the physician-patient relationship. In a forthcoming article, I argue that policymakers should establish a number of safeguards around AI, much as they did when genetic testing became commonplace.
-----
HIT Think

Why cyber survey shows it’s time to improve security awareness

September 03, 2019, 3:43 p.m. EDT
Doing the right thing or merely demonstrating compliance with requirements is hard to do when knowledge of expected or necessary requirements is missing or not sufficient.
In such a situation, it becomes harder to fault individuals for the resulting missteps or violations. Unfortunately, lack of awareness is a primary issue plaguing security efforts in healthcare.
A recent study conducted by Kaspersky of healthcare organizations in the United States and Canada uncovered some fairly startling figures. Key finds from the study include the following.
Some 34 percent of respondents were not aware of their organization’s cybersecurity policies, with that percentage evenly split between respondents saying they should know about such policies if they exist or there is no need for aware.
-----

ONC picks The Sequoia Project to set info exchange rules

September 04, 2019, 12:56 a.m. EDT
The Office of the National Coordinator for Health IT has tasked The Sequoia Project with creating baseline technical and legal requirements for health information networks.
The requirements are intended to enable healthcare organizations to share electronic health information in support of the 21st Century Cures Act.
The Sequoia Project operates a national health information network. The organization was selected through a competitive process to help with the interoperable flow of health information, says Don Rucker, MD, the national coordinator for health information technology.
“We look forward to working in close collaboration with The Sequoia Project and across the broader health system to create a Common Agreement that best serves the needs of all stakeholders,” he adds.
-----

Mayo Clinic, Cerner expand into UK with new Oxford partnership

Mayo Clinic Healthcare in partnership with Oxford University Clinic will use Cerner technology to help enable more proactive health management, more coordinated care and better health outcomes.
September 03, 2019 01:45 PM
The Mayo Clinic is set to establish its first healthcare facility in the United Kingdom, via a collaboration with Oxford University Clinic. The new clinic, set to open later this month, will deploy Cerner Millennium as its foundational electronic health record platform.
WHY IT MATTERS
The provider, designed to bring leading-edge technology to its preventative health efforts, will be located on Portland Place in central London. It stems from the collaboration first announced in 2017 between Mayo and Oxford University Clinic – which is itself a project of both Oxford University and Oxford University Hospitals NHS Foundation Trust.
The goal, officials say, is to foster new clinical innovations that boost primary care, advance medical research and enable better patient outcomes.
Mayo Clinic Healthcare in partnership with Oxford University Clinic will use Cerner technology to help enable more proactive health management, more coordinated care and to deliver high-quality healthcare for patients.
-----

Black Book ranks the top EHR vendors in regions across the globe

Allscripts comes in on top in the UK/Ireland, Canada and Oceania. Epic is No. 1 in Southeast Asia and the Middle East. Cerner is first in Africa.
September 04, 2019 12:35 PM
Black Book Market Research, the parent group of Black Book Rankings, a healthcare-centric market research and public opinion research company, has released its annual global electronic health records research, including both country-specific adoption status and progress reports on 12 regions and 18 countries, as well as EHR vendor performance ratings for vendors including Allscripts, Cerner, Epic, Intersystems, Meditech and others.
WHY IT MATTERS
The report, 2019 State of Global EHR & Healthcare IT Adoption, assesses the top-rated vendors for various countries and regions.
Here are Blackbook’s top-rated EHR vendor for each country or region, followed by other leading health IT performers for the markets – as well as the number of regional provider organizations polled:
  • UK/Ireland: Allscripts; Cerner, Epic, Meditech (679)
  • Canada: Allscripts; Epic, Meditech (403)
  • Mexico: Harmoni MD Medware; Everis, MV Soul (99)
  • Central Europe: Agfa; Cerner, Chipsoft, Epic, Mediasys Dedalus, Philips (377)
  • Scandinavia: Cambio; Agfa, Dips, Epic, Tieto Lifecare (424)
  • Brazil: Everis; Intersystems, Philips (256)
  • Africa: Cerner; DXC, Epic, Intersystems (260)
  • Oceania: Allscripts; Cerner, IBM, Intersystems, Napier (390)
  • India: Omni MD; Allscripts, MD Synergy, Millennium, Spigot (511)
  • Southeast Asia: Epic; Allscripts, Intersystems, Mimsys, Napier (428)
  • China: Philips; Cisco, IBM, Yon You (78)
  • Middle East: Epic; Cerner, DXC (140)
-----

Surprising Number of Healthcare Employees Have No Cybersecurity Training

September 4, 2019
This week, the news broke that a data breach at the neurology department at Massachusetts General Hospital had exposed private health information on nearly 10,000 people. According to a story appearing in the Boston Globe, an authorized third party got to data stored in software used by MGH researchers.
What’s most remarkable about incidents like this is how….well…unremarkable they are of late. Since January of this year, there have been more than 200 hacking or IT-related incidents affecting 500 or more individuals, according to HHS. And that’s just the incidents we heard about because they crossed the 500-individuals threshold.
Given the extent of this threat, I was surprised to learn that many healthcare organizations aren’t putting major resources into cybersecurity training for their employees. And according to a new North American survey released by security vendor Kaspersky, this has left far too many healthcare employees ill-prepared.
-----

6 Best Practices To Improve Your Mobile Health App

September 4, 2019
The following is a guest blog post by Joe Tuan is the founder of Topflight Apps.
mHealth apps are meant to deliver life-saving functions. Whether it’s for e-prescription, appointment setting, patient management or even patient education, you want to make sure your users can find and fully utilize all the functions of your app. 
These are the types of apps that, even though meant to perform complex functions, you want to keep as simple as possible. If you’ve never worked with a professional UX designer, designing a mHealth app will make you appreciate the intensity and complexity of the work that goes into making something simple.
The user flow, the number of screens, messaging, colors, fonts, copy, images and more all have a direct impact on the effectiveness of your app. Depending on the type of user you are targeting, all these attributes will differ and require repeated testing until you find your sweet spot.
-----

When Apps Get Your Medical Data, Your Privacy May Go With It

 Americans may soon be able to get their medical records through smartphone apps as easily as they order takeout food from Seamless or catch a ride from Lyft.
But prominent medical organizations are warning that patient data-sharing with apps could facilitate invasions of privacy — and they are fighting the change.
The battle stems from landmark medical information-sharing rules that the federal government is now working to complete. The rules will for the first time require health providers to send medical information to third-party apps, like Apple’s Health Records, after a patient has authorized the data exchange. The regulations, proposed this year by the Department of Health and Human Services, are intended to make it easier for people to see their medical records, manage their illnesses and understand their treatment choices.
Yet groups including the American Medical Association and the American College of Obstetricians and Gynecologists warned regulators in May that people who authorized consumer apps to retrieve their medical records could open themselves up to serious data abuses. Federal privacy protections, which limit how health providers and insurers may use and share medical records, no longer apply once patients transfer their data to consumer apps.
-----

OCR Shares Best Practices for Managing Malicious Insider Threats

In a recent newsletter, HHS OCR revealed key steps organizations should take to mitigate and better detect malicious insider threats through risk assessments, data inventory, and other methods.

September 03, 2019 - In light of an increasing number of breaches caused by insiders with malcious intent, the Department of Health and Human Services Office for Civil Rights released guidance on ways healthcare organizations can better prevent, detect, and respond to insider threats.
A recent report from Egress showed that the healthcare sector has been the hardest hit by breaches. And about 60 percent of those security incidents were caused by human error, such as incorrect disclosure or posting or faxing data to the wrong recipient.
Meanwhile, Verizon’s annual Data Breach Investigations report found healthcare is hindered by privilege misuse and other miscellaneous insider errors.
-----

Cloud needs a modern data foundation, modern data needs a cloud foundation

Survey shows that cloud helps accelerate data modernization and transformation efforts. But it needs to be undertaken gradually, with an eye to security and performance.
By Joe McKendrick for Service Oriented | August 31, 2019 -- 15:18 GMT (01:18 AEST) | Topic: Cloud Priorities
It's almost a chicken-or-egg conundrum: going to cloud requires a modern data foundation, going to modern data requires a cloud foundation. The good news is both can be advanced along at the same time. 
That's the word from a recent survey of 504 IT executives by Deloitte, authored by a team which included Tom Davenport, Ashish Verma and David Linthicum. Both cloud computing and data modernization efforts are simultaneously reinforcing one another, the researchers report. More than nine in 10 organizations surveyed now primarily keep their data on cloud platforms, with 55% of respondents seeing data modernization as a key reason for cloud migration, second only to security and data protection.  
The majority of enterprises surveyed (84%) report having data modernization efforts underway, with 34% having such initiatives "fully implemented," while half have data modernization initiatives currently underway. They define data modernization as "moving data from legacy databases to modern databases," with an emphasis on storing unstructured data such as images, customer voice audio, social media comments, and clinical notes in health care."
-----

Utilizing Technology and Data to Improve Care for Patients With Complex Needs

Laura Joszt
Published on: September 02, 2019
Patients with complex needs may need more complex solutions to manage their health issues. Innovations in technology and integration of data have made it possible to improve patient interactions with the pharmacy to better manage their diseases. The American Journal of Managed Care® recently spoke with Christine Sawicki, senior director, specialty product development and innovation, CVS Health, about the impact new technology can have on patient experience, health outcomes, and drug spending.
Patients with complex needs may need more complex solutions to manage their health issues. Innovations in technology and integration of data have made it possible to improve patient interactions with the pharmacy to better manage their diseases.

The American Journal of Managed Care® (AJMC®) recently spoke with Christine Sawicki, senior director, specialty product development and innovation, CVS Health, about the impact new technology can have on patient experience, health outcomes, and drug spending.
-----

82% IoT Devices of Health Providers, Vendors Targeted by Cyberattacks

Most IoT cyberattacks result in downtime, compromised data, end-user safety, brand or reputational damage, or a loss of intellectual property, according to a new Irdeto report.

August 30, 2019 - The majority of healthcare organizations, IoT manufacturers, and other organizations that leverage IoT devices have faced a cyberattack focused on IoT within the last 12 months, according to a report from Irdeto, fielded online by Vanson Bourne.
Researchers surveyed 700 security decision makers from the US, UK, Japan, Germany, and China, from the connected health, connected transport, and connected manufacturing industries to determine the types of cyberattacks targeting IoT devices, concerns about the tech, and security measures in place.
They found that 82 percent of healthcare organizations’ IoT devices have been targeted with a cyberattack within the last year, compared with 80 percent of organizations, overall.
-----

Machine learning approach looks to reduce MRI scan times, costs

September 03, 2019, 1:01 a.m. EDT
Magnetic Resonance Imaging is a non-invasive and versatile technology, but MRI scans are expensive. Now, machine learning offers a potential solution to the costly procedure.
“It’s quite expensive—it’s about $2,500 per scan in the U.S. in a hospital setting,” says Mert Sabuncu, an assistant professor in the School of Electrical and Computer Engineering at Cornell University, whose focus is on implementing innovative tools for analyzing biomedical images.
According to Sabuncu, an important driver of MRI cost is scan time. He points out that the reason MRIs are so expensive are that they take a long time to acquire the scan—anywhere from 15 minutes to 90 minutes per scan.
However, Sabuncu contends that MRI can be accelerated through a compressed sensing approach that uses a novel unsupervised end-to-end learning framework.
-----

Social engineering attacks still rising, as hackers become cagey

September 03, 2019, 2:40 p.m. EDT
A new report says social engineering attacks are on the rise, with hackers using more spoofed phishing and HTTPS encryption in URL-based attacks.
In both cases, malicious actors are taking advantage of perceptions that HTTPS is a safer option to use on the Internet. HTTPS attacks, however, rose 26 percent in the first quarter, says the report from data security company FireEye.
The attacks work on all industries, including healthcare, and often focus on deceiving the CEO or another senior leader.
In the first quarter of 2019, phishing attacks rose 17 percent, compared with the prior quarter as hackers continue to focus on harvesting credentials or credit card numbers. Microsoft alone accounted for about 30 percent of all phishing detections.
-----

Duke leverages AI to identify patients with early stage sepsis

September 03, 2019, 1:27 a.m. EDT
Time is of the essence when it comes to detecting sepsis—the deadly condition has no clear time of onset and no clear biomarker, making it difficult to diagnose.
To address the problem, the Duke Institute for Health Innovation has developed an artificial intelligence system to help clinicians identify patients in the early stages of sepsis so that they can intervene before it’s too late.
The early warning system leverages a machine learning model, a custom dashboard to present risk scores, and a rapid response team to monitor patients at-risk of sepsis and deliver appropriate treatment.
The AI system, called Sepsis Watch, was initially implemented in November 2018 at Duke University Hospital’s emergency department—this past May, the pilot phase was completed.
-----

Technologies Helping Medical Practices Boost Patient Engagement, Efficiency

September 3, 2019
While there are obviously many options available, a small handful of technologies seem to have the greatest impact on patient engagement and efficiency within medical practices, according to a new survey.
The survey, which was backed by the Medical Group Management Association and vendor Cedar, found that patient portals, automated appointment reminder systems, check-in technologies, telehealth, digital payment options and data analytics tools were especially valuable.
This conclusion seems to track with an earlier poll by the MGMA, which found that within the 70% of respondents planning to adopt technology to make their practice more efficient, top choices included telehealth, patient portals and automated reminder systems, along with new/upgraded EHRs and kiosk/iPad check-in capabilities.
If practices are still on the fence but trying to increase engagement using health IT infrastructure, the report suggested they take five steps:
* Examine their operations to find opportunities for automation
* Review existing technologies to see how (if at all) they address patient engagement goals
* Pull together best practices and other insights from peers
* Create a list of the top three “easy wins” the practice can accomplish to boost patient engagement using technology
* Get stakeholders involved in changing the practice around this technology
-----

Investments in social determinants will pay off, with better outcomes and value

Momentum for more forward-looking SDOH initiatives is building across healthcare, as stakeholders recognize the key role of socioeconomic factors, environment and community in better health and wellness. But unlocking ROI will take some work.
September 01, 2019 12:00 PM
Massachusetts General Hospital estimates that as much as 80 percent of a patient's health status stems from social and economic factors. Other calculations, such as those spotlighted in a recent Health Affairs report, put the number as high as 90 percent.
This isn't exactly a new concept. The idea that where we live and work is an essential component of our overall health has been around for a long time,
"Geography has been recognized as important to our health outcomes since 4000 B.C.," said Dr. Este Geraghty, chief medical officer of Esri. In Hippocrates' book On Airs, Waters and Places, after all, the father of medicine explored the idea that "where people come from determines how likely they are to be healthy," she said.
Fundamental factors such as income, access to nutrition, access to transportation, homelife,  loneliness and more are key building blocks to a patient's health and wellness. So, of course, are pollution and other environmental factors.
-----

Weekly News Recap

  • Life insurance startup Ethos, which uses predictive analytics based on a customer’s EHR data rather than a medical exam to predict lifespan, raises $60 million in Series C funding round.
  • A KLAS-convened customer review of Cerner’s revenue cycle management progress finds that the user base feels the Cerner is listening, but they are frustrated with lack of progress since the initial meeting a year ago and are questioning both Cerner’s ability to execute and its sense of urgency.
  • Epic holds its UGM in Verona, WI.
  • Private equity firm Warburg Pincus acquires a majority interest in therapy EHR vendor WebPT.
  • Health Catalyst files its first quarterly earnings report following its July 25 IPO.
  • Politico reports that the VA’s initial rollout of Cerner will be delayed several months to October 2020.
  • A VA OIG report finds major backlogs of paper records scanning from outside providers at eight VA facilities, with some records going back to 2016 still piled up in storage rooms.
-----
Enjoy!
David.

No comments: