Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, April 30, 2016

Weekly Overseas Health IT Links - 30th April, 2016.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----

Joe’s view: of consent to share

As a stroppy teenager, Joe McDonald didn’t think much of his dad’s idea that the Falklands were “there for the asking but not for the taking.” Now, though, he thinks the idea has lot to recommend it, particularly when applied to sharing patient information.
19 April, 2016
As an adolescent psychiatrist, I frequently deal with the stage of development in which a certain amount of rebellion is quite normal.
Regular readers will know that I have previously referenced Erik Erikson’s stages of development, each of which is typified by what he called a psychosocial crisis.
The successful resolution of the psychosocial crisis allows an individual to progress to the next phase of development. The psychosocial crisis associated with adolescence is that of identity versus confusion.
-----

Artificial intelligence, cognitive computing and machine learning are coming to healthcare: Is it time to invest?

With Google, IBM and Microsoft all setting sights squarely on healthcare, and analysts predicting 30 percent of providers will run cognitive analytics on patient data by 2018, the risk of investing too late may outweigh the risk of doing so too soon.
April 22, 2016 07:27 AM
The arrival of artificial intelligence and its ilk — cognitive computing, deep machine learning — has felt like a vague distant future state for so long that it’s tempting to think it's still decades away from practicable implementation at the point of care.
And while many use cases today are admittedly still the exception rather than the norm, some examples are emerging to make major healthcare providers take note.
Regenstrief Institute and Indiana University School of Informatics and Computing, for instance, recently examined open source algorithms and machine learning tools in public health reporting: The tools bested human reviewers in detecting cancer using pathology reports and did so faster than people.
-----

Healthcare wearables to 'flood' market within three years

April 16, 2016 | By Judy Mottl
Healthcare wearables are predicted to become the cornerstone of future digital health strategies--driven by remote patient and population health management--with a big wave of devices hitting in the next two to three years, according to a new Tractica report.
The report predicts that worldwide shipments of wearables will spike from 2.5 million this year to 97.6 million units annually by 2021, according to an announcement.
"Overall we see a flood of healthcare wearable devices entering the market around the 2018 to 2019 timeframe," Tractica Research Director Aditya Kaul told FierceMobileHealthcare in an email. The prediction, however, is based on the industry overcoming two hurdles: federal agency approval and insurance provider approval, according to Kaul.
-----

CHIME to FDA: Collaboration on med device security between manufactures, providers critical

April 22, 2016 | By Katie Dvorak
The College of Healthcare Information Management Executives lauds the U.S. Food and Drug Administration for its work on medical device cybersecurity in a recent letter, but also says that increased collaboration between manufacturers and providers is critical.
CHIME's comments on the guidance cover the organization's overall reflections, commentary on the postmarket guidance and responses to specific questions from the FDA.
-----

Machine learning can help detect presence of cancer, improve public health reporting

April 22, 2016 | By Katie Dvorak
To support public health reporting, the use of computers and machine learning can better help with access to unstructured clinical data--including in cancer case detection, according to a recent study. 
Often, the unstructured free text data made available by electronic health records is obtained by means that are "resource intensive, inherently complex and rely on structured clinical data and dictionary-based approaches," according to the authors of the study, published in the Journal of Biomedical Informatics.
The researchers, from the Regenstrief Institute and Indiana University-Purdue University in Indianapolis, used about 7,000 pathology reports from the Indiana health information exchange to attempt to detect cancer cases using already available algorithms and open source machine learning tools.
-----

HealthTap to certify docs in ‘virtual care’

 Apr 21, 2016 at 6:04 PM
HealthTap, which bills itself as the “world’s first global health practice,” will be offering training and certification in “virtual care,” the Palo Alto, California-based company announced Thursday. The online program is free and eligible for continuing medical education credits.
The certification program is aimed at bringing best practices to virtual care. HealthTap CEO Ron Gutman said that there still is a lack of scientific rigor in this area, which he sees as being much broader than telemedicine.
“There’s a lot of interest in the physician community,” said HealthTap CEO Ron Gutman. “But there’s a lot of confusion” about how to practice medicine in a virtual environment.
-----

Chicago-area HIE sues IT vendor over shutdown plans

By Joseph Conn  | April 20, 2016
(Story updated at 12:29 p.m. ET)
The hospital association that operates a major Chicago-area health information exchange is suing its health information technology vendor that abruptly announced it will go out of business.
The hospital Metropolitan Chicago Healthcare Council, now merged with the Illinois Health and Hospital Association, operates the MetroChicago HIE that connects more than 30 northeastern Illinois hospitals, according to a membership list on its website.
A suit in U.S. District Court for the Northeastern District of Illinois names as defendants Sandlot Solutions and Santa Rosa Consulting, an owner of the company. The suit alleges that Sandlot breached its agreement “by shutting down the MetroChicago HIE system and denying MCHC's participants access to their client data on the system.”
-----
Apr 21, 2016, 10.59 AM | Source: PTI

India's healthcare sector poised to grow to $280 bn:

Report The CII-KPMG 'The Indian services sector: Poised for global ascendancy' report launched at the second edition of Global Exhibition on Services (GES) said that healthcare sector is forecast to reach USD 160 billion in 2017, accounting for about 4.2 percent of GDP.
Report The country's healthcare sector is poised to grow to USD 280 billion by 2020 while it is expected to be a leader in e-health by 2019, a new report said. The CII-KPMG 'The Indian services sector: Poised for global ascendancy' report launched at the second edition of Global Exhibition on Services (GES) said that healthcare sector is forecast to reach USD 160 billion in 2017, accounting for about 4.2 percent of GDP. "
-----

ECRI ranks health IT among the industry’s top safety concerns

Published April 21 2016, 6:47am EDT
While information technology has vast potential to improve patient outcomes, the ECRI Institute has ranked a health IT-related issue as the top 2016 patient safety concern facing healthcare organizations.
Heading ECRI’s list of this year’s top 10 patient safety worries is “health IT configurations and organizational workflow that do not support each other.” As ECRI’s report points out, when HIT configuration and workflow clash, communication suffers and can lead to delays in care or even medical errors.
That wasn’t the only patient safety concern with a health IT connection, says Bill Marella, executive director of patient safety reporting systems at ECRI.
-----

ICIT: Endpoint security crucial to ransomware protection

April 21, 2016 | By Dan Bowman
Endpoint security, while not a "sliver bullet solution" to cybersecurity issues in healthcare and other industries, is a vital component to any multi-layered protection strategy, according to a brief published by the Institute for Critical Infrastructure Technology (ICIT).
Such security, the authors say, instead must be considered as a first line of defense in an ever-evolving threat landscape and organizations must not see it as "static." This is particularly important as ransomware persists as a threat, the authors say, since it is easy and inexpensive to deploy and often targets endpoints.
"If only 1 percent of ... victims pay at least $1, the attacker has likely recovered whatever resources they initially invested in the campaign," the authors write. "Further, even unskilled modern adversaries pose a threat to unprotected organizations."
-----

Growing number of endpoints raises healthcare vulnerability

Published April 21 2016, 6:51am EDT
The risk of criminal access to networks and cyber attacks is rising because of endpoint vulnerabilities, according to results of a recent survey by the Ponemon Institute.
The survey, conducted by Ponemon on behalf of CounterTack, has significant implications for healthcare organizations, which have seen increased access to networks and information through the use of many kinds of devices, such as laptops and smartphones.
The fact that more devices are in use to access an organization’s network—often in the hands of unsophisticated users who may be careless with security practices—raises the number of ways that networks can be hacked.
-----

Caldicott and care.data stalled by EU referendum 'purdah'

Daloni Carlisle
21 April 2016
Dame Fiona Caldicott’s most recent review of data sharing will not be published until after the referendum on membership of the European Union, it has been revealed.
The review was commissioned by health secretary Jeremy Hunt in September 2015 and asked Dame Fiona to look at data security, consent and opt-out.
It also asked Dame Fiona to develop standards against which the CQC can carry out inspection of NHS and social care organisations in regard to their use of data.
-----

Office-Based Physician EHR Use Dips Below 60 Percent

By Kyle Murphy, PhD on April 20, 2016

Office-based physician EHR use decreases between 2015 and 2016; Epic Systems remains on top.

Office-based physician EHR use drops by close to four percent between 2015 and 2016, according to SK&A Market Insights Report on physician office EHR use.
A previous report put the percentage of office-based physician EHR use at 62.8 percent in 2015, but the most recent figure now numbers an even 59 percent. While dips in EHR use were consistent across practices of various sizes, smaller physician practices saw the largest decline year over year.
The survey data come from phone interviews with more than 290,000 medical offices between August 2015 and February 2016.
-----

HIT Think How to make sure only certified users access patient data

Published April 21 2016, 4:40pm EDT
Failing to certify user access to networks and information can have dire consequences.
A recent example is the recent jury decision to award Epic Systems Corp. $940 million in a trade-secret lawsuit against Tata Consultancy Services Ltd., an Indian multinational IT service, consulting and business solutions company.
The lawsuit alleges that a Tata Consultancy employee, working as a consultant for Kaiser Permanente, downloaded more than 6,000 documents from Epic's UserWeb, a portal through which Epic provides training and manuals to help customers with implementing and maintaining the company's products. The lawsuit also alleges that the Tata consultant gave his access credentials to other Tata employees in India and that the company used the stolen information to advance its own electronic health record software.
-----

Report to Congress suggests product guidance role for ONC

Published April 20 2016, 6:56am EDT
The Office of the National Coordinator for Health Information Technology has sent Congress a report examining the feasibility of helping providers compare and select certified electronic health records products.
The report was mandated under the Medicare Access and CHIP Reauthorization Act (MACRA), but with the EHR Incentive and Regional Extension Center programs winding down, ONC is examining how providers can continue to receive crucial support with implementing information technology.
Support is still essential, ONC believes, as many providers are upgrading or replacing EHRs they bought to achieve meaningful use, and they’re retooling as they get ready for reforms in healthcare.
-----

Tips for detecting ransomware and other malware before it cripples your network

CISOs and security analysts from top-tier firms offer highly effective advice and tactics for rooting out and getting rid of malicious code.
April 20, 2016 07:14 AM
Carolinas HealthCare CISO Robert Pierce said that installing security appliances can help detect malicious communications from malware on a network.
Before the prevalence of mobile phones and caller ID, there was an urban legend about a babysitter receiving frightening calls. Long story short: When an operator runs a trace, the babysitter is told to her horror, “The calls are coming from inside the house!”
Such is the case with cybersecurity today. Threats are not just coming from without, they also are coming from within. Cybercriminals might be trying to crack through a healthcare organization’s outer defenses, or, they may already be inside an organization’s network. Either way, the horror they can wreak upon a healthcare organization is considerable, including not just holding data hostage but bringing patient care to a standstill.
-----

Health IT workflow and patient ID concerns top list of patient safety issues

Jeff Rowe
Apr 20, 2016
What’s the biggest concern healthcare stakeholders have this year when it comes to health IT?
According to a new report from the ECRI Institute, it’s that EHR workflows don’t regularly meet the standard configuration for optimal patient safety. This report, titled Top 10 Patient Safety Concerns for Healthcare Organizations, is the third annual report from ECRI, which it compiles by drawing on its own large databases of reported safety events, in addition to conferring with a range of safety experts.  
The workflow problem stems from the fact that healthcare organizations are constantly updating their EHR systems: adding new modules, changing logic rules in the backend, adjusting data collection methodologies, and switching new features on and off.  
-----

Report: Providers must adopt sophisticated tech, stronger policies to prevent duplicate patient records

April 20, 2016 | By Katie Dvorak
To improve patient identification matching and lessen the chance of errors, more sophisticated technology will be necessary, according to healthcare experts, but human error will never be fully eliminated.
The authors of a report published recently in Perspectives in Health Information Management examined the causes of such errors, analyzing almost 400,000 records that had duplicates.
They found that the greatest mismatches were due to a field being left blank and the provider entering in a default entry. This happened most with either a person's middle name, a little more than 58 percent of the time, or a Social Security number, about 53 percent of the time.
-----

3-D Printing Comes Online

Sandra Gittlen, April 18, 2016

Using 3-D printing techniques, complex structures such as heart openings can be designed with such accuracy that implants work better and recovery from surgery is improved.

This article first appeared in the April 2016 issue of HealthLeaders Magazine.
Three-dimensional printing in healthcare has received a lot of attention as a gee-whiz, futuristic technology, with photos of prosthetics for injured soldiers and children. But 3-D printing is about to get a whole lot more personal. Sophisticated imaging and modeling means that complex structures such as heart openings can be designed with such accuracy that implants work better and recovery from surgery is improved.
"3-D printing already is becoming more patient-specific, and that will continue. Instead of having different sizes that you have to fit the patient into, implants will be modeled from the patient's own anatomy," says Joseph Lipman, MS, director of device development at Hospital for Special Surgery in New York City. Physicians at HSS perform more than 29,000 surgical procedures annually.
-----

Millions of patients to benefit from new digital NHS programme

Article posted on: April 20, 2016
Three million people will be able to access new innovations from a pioneering programme devised by the NHS, which will be exhibited at UK e-Health Week
(London, UK) Patients across the UK have started to log on to new apps, safety devices, online networks, and a host of other new technologies and services during the first nine months of a pioneering NHS programme, and its success so far is on show at UK e-Health Week today.
The NHS Innovation Accelerator programme was launched last year to help introduce new innovations into the NHS. Sixty-eight NHS organisations are using one or more of 17 new innovations which aim to improve care by cutting the number of clinical incidents, helping patients self-care and linking patients up with others or with research schemes.
-----

Portals, patient photos pose possible security gaps

Published April 18 2016, 7:32am EDT
As the healthcare industry continues to confront cybersecurity threats and seek ways to improve defenses, it must consider every avenue that might lead to access to patient information.
Some potential gaps are not as obvious, and providers must look carefully at any potential gap in their perimeter defenses, says security professional Keith Fricke.
For example, there is a potential security gap within the patient portals that providers are offering to patients as they seek to comply with requirements of the electronic health records meaningful use program, says Fricke, principal consultant at tw-Security in Overland Park, Kan.
-----

Artificial intelligence aids in Zika, Ebola diagnoses

April 19, 2016 | By Susan D. Hall
Rush University Medical Center is using artificial intelligence technology to alert doctors when a patient might have the Zika virus or Ebola, reports The Chicago Tribune.
The medical center's predictive software, called Guardian, analyzes and learns from data in electronic medical records. If a patient has recently traveled to South American or African countries, that information goes into the EHR and could alert physicians that the patient might have a rare disease, helping them make a diagnosis faster.
-----

Urgent care provider relies on telemedicine to reduce wait times

April 19, 2016 | By Susan D. Hall
Doctor's Care, a chain of urgent care centers in South Carolina and Tennessee, calls on telemedicine to balance the patient load at its centers and improve patient satisfaction, reports Health Data Management.
The organization found that wait times at some of its sites could last up to three hours or more, while other locations had no wait times. In those situations, it found patients opted to be examined remotely, aided by a nurse or medical assistant at their current location.
As some urgent-care providers see telemedicine siphoning off their business, Doctor's Care decided to embrace the trend.
-----

Majority of Healthcare Data Breaches Caused by Cyberattacks

By Jacqueline Belliveau on April 18, 2016

According to a recent study, most healthcare data breaches in 2015 were caused by cyberattacks, such as phishing scams and ransomware.

Cyberattacks were the top cause of healthcare data breaches in 2015, according to a recent study by Symantec Corporation on healthcare cybersecurity.
The study showed that providers have shifted their views on healthcare cybersecurity to account for the rise of cyber threats, such as ransomware and phishing scams, and the increasing risk to care delivery and patient safety.
 “For the first time in 2015, criminal attacks are the number one cause of data breaches in the health sector,” stated the study. “Why? Because, the cybercriminals have figured out that health data is deep and valuable, and that healthcare IT infrastructure, from traditional IT systems to connected medical devices, is typically vulnerable and easy to penetrate.”
-----

HIT Think Profit allure makes hospitals ‘ground zero’ for ransomware

Published April 19 2016, 3:54pm EDT
If you were worried about ransomware two years ago, you were almost certainly either a security specialist or a victim. According to the FBI, U.S. companies paid $25 million in ransom last year, and it expects the 2016 total to be more than $200 million.
What is driving this sudden explosion in what was once a rarely seen Internet crime? Who should be worried? Are the dire predictions likely to come true?
If my experiences during the early years of the phishing epidemic are any indication, the dire predictions will turn out to be wrong—because they weren’t dire enough.
-----

Home-grown Data Fuels Commercial Software for Better Risk Stratification

Scott Mace, April 19, 2016

How Delaware's Christiana Care Health System leveraged a CMMI grant to build out population health across a variety of patient populations.

In 2012, Christiana Care Health System, based in New Castle, Delaware received a $10 million grant from CMS's Center for Medicare and Medicaid Innovation. CMMI made the grant to design a new care model harnessing information technology to bridge gaps in coordinate care for chronic heart disease patients.
Recently I found out how this grant has impacted general knowledge of technology-enabled care coordination. I spoke with Terri Steinberg MD, chief health information officer and vice president of population health analytics at Christiana Care.
-----

Big Data Means Big Potential, Challenges for Nurse Execs

Jennifer Thew, RN, April 19, 2016

To ensure big data is used to influence outcomes that are meaningful to the nursing profession, nurse executives need to act as data visionaries and architects.

Have you ever found yourself poring over stacks of data, feeling more like a statistician than a nurse? If you have, welcome to the world of big data.
"You have all of these different data sources coming at you on a weekly, monthly, quarterly basis. The CFO has a stack of data for you, your productivity-management engineer people have a stack of data for you, HR has a stack of data for you, and then your quality director, your clinical folks, have a stack of data for you," says Jane Englebright, RN, PhD, CEBP, FAAN, chief nursing executive and senior vice president at Nashville, Tennessee-based HCA.
-----

NIST to release new guidance for strengthening hospital cybersecurity

The imminent set of best practices will help healthcare organizations become more penetration-resistant, more effective at limiting damage attackers can inflict and ultimately better able to withstand cyberattacks. 
April 18, 2016 07:59 AM
NIST fellow Ronald Ross said the agency is gearing up to publish new best practices that help hospitals avoid and withstand cyberattacks. 
The National Institute of Standards and Technology is poised to deliver new cybersecurty guidance, according to NIST fellow Ronald Ross.
NIST offers a security framework that was developed for the federal government that helps organizations understand, select and implement security controls.
-----

Customer Loyalty to EHR Systems Declines to 75% in 2016

By Jacqueline Belliveau on April 14, 2016

The 2016 Black Book survey on inpatient EHR systems revealed that overall customer loyalty to current EHR vendors has declined since last year.

Loyalty to inpatient EHR vendors decreased from 81 percent to 75 percent in 2016, according to a recent Black Book Inpatient EHR survey.
As the healthcare community seeks new innovations in EHR systems, cloud capabilities, and interoperability, healthcare providers are evaluating their inpatient EHR vendors for technological progress, EHR replacement, and meaningful use requirements.
Black Book surveyed 3,152 hospital EHR users and 640 healthcare IT leaders to find out about customer loyalty to current EHR vendors.
-----

Study: HIT use aligned with new payment, delivery models supported improved care delivery

April 18, 2016 | By Katie Dvorak
Providers with robust electronic health records who participated in an accountable care organizations or patient-centered medical homes were the most likely to routinely perform certain care processes, according to a study published in The American Journal of Managed Care.
The authors, using data from physicians participating in the 2012 National Ambulatory Medical Care Survey Physician Workflow Survey, also found that organizations using EHRs were more likely to perform such processes compared to those who didn't use the systems. The processes examined for the study included quality measurement, population management, communication and care coordination.
-----

HIT Think How providers can realize value from their EHRs

Published April 18 2016, 5:56pm EDT
Over the last 10 years, health systems and physicians have invested heavily in the current generation of electronic health records. With three out of four hospitals having at least a basic EHR in place, it is safe to say implementing a system has become a foundational requirement for being in the business of healthcare delivery.
The opportunities EHR offer for improvements in care delivery are promising—they include efficient care team communication, improved clinical outcomes through embedded decision support and standard use of evidence-based protocols, immediate access to patients’ clinical information, increased patient engagement and enhanced revenue cycle. However, achieving improvement has remained elusive.
-----

Time to Face the Ransomware Crisis in U.S. Healthcare: Industry Experts Speak Out

April 17, 2017
by Mark Hagland, Rajiv Leventhal, and Heather Landi
Industry experts agree it’s time for healthcare IT leaders to meet the ransomware crisis head-on
The ransomware phenomenon is menacing more and more U.S. hospitals and patient care organizations. What does it mean? And what can be done? Part one in a two-part series.
The first nationally reported mainstream media news story in this drama was that around Hollywood Presbyterian Medical Center. On Friday, February 12, NBC4News, the local affiliate of the NBC network in Los Angeles, reported in its noon and evening broadcasts, and then online, this story: “Hollywood Hospital ‘Victim of Cyber Attack.’” As the online version of the story, by Jason Kandel and Robert Kovacik, stated, “A Southern California hospital was a victim of a cyber-attack, interfering with day-to-day operations, the hospital’s president and CEO said. Staff at Hollywood Presbyterian Medical Center began noticing ‘significant IT issues and declared an internal emergency’ on Friday, said hospital President and CEO Allen Stefanek. A doctor who did not want to be identified said the system was hacked and was being held for ransom.”
-----

Enjoy!
David.

Friday, April 29, 2016

This Can't Be Good News! Healthcare The Biggest Target Of Security Issues

This appeared last week

Healthcare Data Breaches Top Reported Data Security Incident

By Jacqueline Belliveau on April 12, 2016

A recent study revealed that healthcare data breaches accounted for 39 percent of data breaches in 2015.

Healthcare data breaches were the most common type of data security incident reported in 2015, according to a recent study by Symantec Corporation.

Researchers found that approximately 39 percent of breaches during the year occurred in the health services sub-sector.

 “This comes as no surprise, given the strict rules within the healthcare industry regarding reporting of data breaches,” explained the authors of the study. “However, the number of identities exposed is relatively small in this industry. Such a high number of breaches with low numbers of identities tends to show that the data itself is quite valuable to warrant so many small breaches.”

There were 120 healthcare data breaches reported in 2015, which was the largest number of data breaches across all industries studied. The next leading industries for data breaches (business and education) only reported 20 incidents each.
Despite the prevalence of healthcare data security events, the study reported only 1 percent of incidents led to exposure of identities. That still accounted for nearly four million individuals who had their identities exposed as a result of a healthcare data breach.

The study attributes the growing volume of data breaches across all industries to a shift in how cybercriminals operate.

Researchers found that more cybercriminals used more zero-day attacks, including phishing scams and ransomware, in 2015.

The number of zero-day vulnerabilities in 2015 increased by 125 percent from a year ago. Meanwhile, 430 million new malware variants were found in 2015.

“Advanced criminal attack groups now echo the skill sets of nation-state attackers. They have extensive resources and a highly-skilled technical staff that operate with such efficiency that they maintain normal business hours and even take the weekends and holidays off,” said Symantec Security Response Director Kevin Haley. “We are even seeing low-level criminal attackers create call center operations to increase the impact of their scams."

Even though cyberattacks are becoming more sophisticated and business-like, the healthcare sub-sector is not being targeted as frequently as other industries.
The study reveals that, in the healthcare field, about 54.1 percent of emails are spam. Cybercriminals typically use spam to execute more advanced cyberattacks.

However, the phishing ratio in the healthcare field was only 1 out of 2,711 emails, which was the second lowest ratio across all industries.

The healthcare industry was also one of the least likely sectors to be targeted for spear-phishing attacks, the study confirmed.

Additionally, the healthcare sector was the least likely to encounter an email containing a virus. The virus ratio was 1 out of every 396 emails.

Here is the link:

http://healthitsecurity.com/news/healthcare-data-breaches-top-reported-data-security-incident

There is really little to add. Clearly everyone handling health information needs to be careful given they have a great big target on their back!

David.