Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----
Is Your MRI Machine a Hacking Conduit?
FEB 20, 2014
Information technology hackers aren’t just attacking websites and networks anymore, they increasingly are attacking the “Internet of Things,” which are devices linked to the Internet, such as a MRI diagnostic imaging machine in a hospital.
In a new health care cyberthreat report from SANS Institute, which offers cybersecurity training, certification and research, the organization predicts that the health care and pharmaceutical sectors will be among the industries experiencing the highest level of attacks involving “things.” Compared to traditional I.T. systems, “incidents involving things,” such as a hacked MRI machine, “can carry physical consequences as well as policy and financial impacts,” according to the firm. “Virtually all software, applications, systems and devices are now connected to the Internet. This is a reality that cybercriminals recognize and are actively exploiting.”
SANS notes that research by Ponemon Institute shows that 94 percent of surveyed medical institutions have suffered a cyber attack. “Now, with the push to digitize all health records, the emergence of HealthCare.gov and an outpouring of electronic protected health information being exchanged online, even more attack surfaces are being exposed in the health care field,” according to the SANS report.
-----
ONC releases recommendations for improving patient matching
February 21, 2014 | By Susan D. Hall
Delivering on an initiative that started last fall, the Office of the National Coordinator for Health IT on Friday released findings of its study of patient-matching practices in the private sector and federal agencies.
ONC was looking to describe common data attributes, processes, and best practices through an environmental scan to assess current industry capabilities, a literature review, feedback received at public stakeholder meetings, collaboration with federal partner agencies and written comments.
The problems include differences in the way names and addresses are formatted in various systems that can lead to high rates of unmatched records. Driven by concerns for patient safety, the review looked at both technical and human processes.
-----
Books Are Not Dead, Especially Informatics Books
FEB 19, 2014 10:07am ET
An article last fall in The New Republic noted that the book industry has not quite followed the music and film-camera industries in being disruptively innovated out of their traditional products [1]. Book publishing certainly has changed, but neither the decomposition of music albums into single songs has not happened with books, nor has the transition from a physical to digital medium undermined the basic economic model of books. Yes, the book industry has been transformed, particularly the role of brick-and-mortar booksellers. However, as this article points out, books themselves are still selling strong.
I have always been a book lover, one of those types who buys more books than he can possibly read. One can easily see this by walking into my work or home office, and finding the shelves lined with books. I run the gamut, from a small collection of antique medical books to rows of more recent volumes to those using the Kindle app (and other book apps) on my Mac, iPad, and iPhone.
-----
CMS to Conduct Limited End-to-End ICD-10 Testing
FEB 19, 2014 5:44pm ET
Bowing to intense industry pressure, the Centers for Medicare and Medicaid Services has announced it will conduct “limited” end-to-end testing of ICD-10 during the summer of 2014.
The agency has been stubbornly clinging to a previously announced March 3-7 ICD-10 “acknowledgement” testing period to enable providers, billers and clearinghouses to determine if CMS contractors can accept their claims as it sole testing period. But CMS has increasingly come under fire from stakeholders--primarily the American Hospital Association, American Medical Association and Medical Group Management Association--to conduct the far more extensive end-to-end testing to assure proper adjudication and payment of claims.
-----
AHRQ to fund new research on health IT safety
February 14, 2014 | By Marla Durben Hirsch
The U.S. Department of Health & Human Services' Agency for Healthcare Research and Quality is ramping up its research on the safe use of electronic health records and health IT, issuing two special emphasis notices of funding opportunities for interested researchers.
The funding opportunities encompass several different types of research projects. One addresses consumers' personal health management needs and health IT design principles; another focuses on how health IT improves healthcare quality, with an emphasis on design, implementation, use, impact on outcomes and measurement.
The money available to fund such research varies depending on the project and its length, but could amount to several hundred thousand dollars. AHRQ intends to use some of its $4 million appropriation for health IT on "high impact" patient safety risks after EHR deployment, according to a Bloomberg BNA blog post.
-----
Snooping staff still a big concern
Posted on Feb 20, 2014
By Erin McCann, Associate Editor
The findings of a new HIMSS healthcare security report have been released, and the data may surprise you.
Healthcare organizations appear to be taking patients' privacy and security a bit more seriously -- at least in the past 12 months, compared to previous years. Don't be too relieved, however: The numbers, though better, are hardly impressive.
Moreover, there are still some big time concerns. Employee snooping on patients' medical records, for example, remains the top threat motivator, according to the study.
The findings of the 2013 HIMSS Security Survey, profiling the experiences of some 283 healthcare IT security professionals, detail improvements the industry has made with making privacy and security an issue -- perhaps because of the hefty $810,000 price tag that accompanies a healthcare security breach -- but also highlights additional work that must be done to mitigate insider threat, such as the inappropriate access of data by employees.
-----
16 Regional HIOs Partner to Address Data Exchange Challenges
Sixteen regional health information exchange organizations from throughout the Midwest and Rocky Mountains states have banded together to address the challenges of exchanging patient information across state and regional lines.
The new partnership, called the Mid-States Consortium of Health Information Organizations, will advocate for HIE models, like query-based exchanges, that better allow patient information to be accessed outside of the patient's home state or region. The consortium will also focus on the unique HIE needs of rural providers in these states.
-----
Work Group Scales Back Number of Stage 3 Meaningful Use Objectives
February 19, 2014 by David Raths
Several public health objectives removed
With feedback from the Health IT Policy Committee that it should scale back the number of objectives in Stage 3 of meaningful use, the Meaningful Use Work Group held a session Feb. 19 to cull several objectives.
Paul Tang, M.D., co-chair of the committee, said the guidance from the Policy Committee was to reduce the overall number of objectives and focus on patient engagement, care coordination and population health. The MU work group was asked to consider the burdens on physicians and the needs of specialists, and to avoid requirements where standards are not mature. Several of the objectives eliminated have to do with public health reporting. Others involved efforts the committee members have been working on for years.
-----
ONC: Staying Focused on EHR Usability
Thursday, February 20, 2014
Most health IT stakeholders agree that lack of "usability" can make efficient use of electronic health records challenging. The Healthcare Information and Management Systems Society even identified usability as possibly the most important factor hindering widespread adoption of EHRs.
Despite this, policymakers and others involved in the nation's health IT implementation process sometimes prioritize the job of making EHRs easy to use below other health IT-related goals (e.g., making EHRs affordable and overcoming providers' resistance to change). Recognizing the potential for this important issue to fall by the wayside, the Office of the National Coordinator for Health IT recently highlighted EHR usability's priority status on the nation's health IT "To Do" list.
-----
ICO blog: NHS patient information and the Data Protection Act
The health sector always provides a wealth of data protection challenges, but without doubt the one currently at the forefront of most peoples’ minds are the changes to how patient information in England could be used by NHS bodies and others, with a view to improving care and health services.
With personal data at the centre of the new scheme, it’s no surprise that the ICO is being asked questions about how the Data Protection Act (DPA) applies to the scheme. It’s a complex legal area, and the way in which the DPA applies is different at each stage of the process, but this blog will try to explain it. (I’ll assume some understanding of what the scheme is about, but if you're looking for a simpler outline, then try this infographic).
Let’s quickly run through the key parties, from a DPA perspective. The patient is the data subject. Sensitive personal information about them is held by their GP, who is the data controller. And a third body, the Health and Social Care Information Centre (HSCIC for short, or ‘the Information Centre’ as we’ll be referring to it here) will have access to some of that data. This public body collects health and social care information and prepares it to go out to those who plan NHS services, as well as with approved researchers and organisations outside the NHS.
-----
5 ways to avoid health data breaches
Posted on Feb 19, 2014
By Diana Manos, Senior Editor
There have been a total of 804 large breaches of protected health information affecting more than 29.2 million patients since HITECH came out in 2009.
The findings of a new report from Redspin, Inc., show many healthcare organizations have been struggling to comply with HIPAA. The sheer number of large personal health information breaches in 2013 — the year saw a 138 percent increase — is perhaps all the evidence needed to back up that assertion.
How can you keep your organization from being one of the casualties of these HIPAA breaches?
“At the end of the day, your ultimate goal is to get your employees to believe that patient health information is part of their responsibility, their civic duty, so to speak,” says Daniel Berger, president and CEO of Redspin in a recent interview. “They need to look beyond, ‘here’s our policy,’ to adopting a personal stake in keeping patients records secure."
-----
Kaiser Permanente inks big HIE deal
Posted on Feb 19, 2014
By Erin McCann, Associate Editor
Colorado's largest nonprofit health plan has solidified a deal with the state's regional health information exchange, agreeing to participate in the network going forward.
Kaiser Permanente Colorado, which currently serves some 545,000 members, announced Tuesday it would be the first health plan in the state to join the Colorado Regional Health Information Organization, a deal which officials say will provide Kaiser physicians with holistic data on their members when care is provided outside of the health plan's network.
Kaiser Permanente plans to initially utilize the HIE for members in southern Colorado, including Colorado Springs and Pueblo, and hopes to later expand to other parts of the state.
-----
NHS trusts ranked on their clinical IT
17 February 2014 Rebecca Todd
The first national table ranking all NHS hospital trusts on their clinical IT systems has been launched by EHI Intelligence, in partnership with NHS England.
The Clinical Digital Maturity Index provides a complete picture of the clinical information systems in use at all 160 English acute trusts.
The new CDMI service, which is provided as a searchable online database and national baseline report, has been licensed by NHS England so that all NHS staff can see how their trust ranks on its use of IT and where it is on its digital journey.
Beverley Bryant, director of strategic systems and technology at NHS England said the information is freely available to NHS Trusts so they can see where they sit in relation to their peers.
-----
QUEST collaborative saves $11.65 billion
February 19, 2014 | By Susan D. Hall
Premier's national quality improvement collaborative, QUEST, says it has saved approximately $11.65 billion and prevented 136,375 deaths over the past five years through process improvements and analytics, according to a new whitepaper.
The collaborative launched in 2008 and has grown to include approximately 350 hospitals. Though hospital costs nationwide have increased 37 percent in that time, QUEST hospitals have held cost increases to 14 percent and they've remained flat for the past year, according to an announcement.
-----
Status of healthcare security: 'Alarming'
February 19, 2014 | By Susan D. Hall
The networks and Internet-connected devices of healthcare organizations--from hospitals to insurance carriers to pharmaceutical companies--are being compromised at an "alarming" frequency, according to analysis of malicious traffic by The SANS Institute.
Using data gathered by a live threat intelligence platform between September 2012 and October 2013, it found 49,917 malicious events, 723 malicious source IP addresses and 375 compromised U.S.-based health-related organizations.
-----
Researchers look to connect patient records between hospitals, med flight crews
February 19, 2014 | By Ashley Gold
Is it possible to link patient records between hospitals and medical flight crews? Doing so could save lives, according to researchers from Case Western Reserve University's (CWRU) nursing school.
When local hospitals transfer patients to higher-level care facilities, there's at least a 30 percent higher death rate than if they had stayed put, according to an announcement from Case Western. In response, Case Western researchers say they think "the answer is somewhere in the medical records."
Currently, it's difficult for flight crews to access information in electronic medical records from different hospitals because they're not interoperable.
-----
Most people say rating sites 'important' when picking doctors
Tue, Feb 18 2014
NEW YORK (Reuters Health) - When picking a new doctor, most people factor the reviews left on rating websites into their decision, according to a new study.
Researchers found 59 percent of people said those physician-rating sites were at least "somewhat important" when choosing a doctor.
"The numbers were actually substantially higher than just a few years ago," Dr. David Hanauer said.
He is the study's lead author from the University of Michigan Medical School in Ann Arbor.
-----
Mayo goes all out for decision support
Posted on Feb 18, 2014
By Bernie Monegain, Editor
A Mayo Clinic clinical team is launching a new company to provide clinical decision support tools for the ICU, operating room and emergency department. The startup is backed with $1.1 million in seed funding from Mayo Clinic and Silicon Valley investors The Social+Capital Partnership, and nonprofit Rock Health.
The idea behind the company Ambient Clinical Analytics is to take clinical decision support to the patient’s bedside. The technology gives clinicians real-time access to process-of-care information and analytics to help care providers make the best decisions.
-----
Care.data delayed
18 February 2014 Rebecca Todd
NHS England has announced a delay to the start of care.data extractions to allow more time to build public confidence in the scheme.
The first extractions from GP practices for the national database of patient information were due to begin next month, in a phased roll-out that would have covered the country by May.
However, public controversy regarding the programme has forced NHS England to delay the first extractions until the ‘autumn’.
A statement from national director for patients and information Tim Kelsey says patients need more time to learn about information sharing, the benefits and their right to object.
-----
Care.data: a media.disaster
Whatever the rights and wrongs of the care.data scheme, the leaflet campaign put together by NHS England and the Health and Social Care Information Centre, and their response to increasingly adverse media coverage, have been disastrous. Lyn Whitfield reports.
17 February 2014
When EHI reported that well-known privacy campaigner Phil Booth had “slammed” the leaflet that it was sending out about care.data, NHS England was very upset.
One of its press team contacted the newsdesk to complain that the story failed to adequately explain the benefits of the programme to expand the Hospital Episode Statistics and to link them to other datasets (previous stories had tracked its development, pros and cons in considerable detail).
The ‘media relations manager’ was also unhappy that the head of MedConfidential had been given space to compare the leaflet to “junk mail” - because it was going out unaddressed to every household in England - and to complain that it did not contain an opt-out form.
If NHS England has been sending similar emails to every organisation that has reported on care.data since then, its press team will have been extremely busy.
Over the past couple of weeks, the number of articles, think-pieces and slots on satirical radio programmes about care.data have exploded; and “slammed” has been one of the milder words in their headlines.
-----
E-referrals to be mandatory - Nicholson
18 February 2014 Lis Evenstad
Use of the new NHS e-referrals service could become mandatory for GPs, NHS England’s chief executive Sir David Nicholson has said.
NHS England is also considering an incentive and penalty system to ensure use of the online appointment booking service, which will replace Choose and Book.
The NHS e-referrals service, being developed by BJSS, is due to be in place by the end of this year and NHS England’s aim is to hit 100% paperless referrals in 2017.
In June last year, NHS England’s director of strategic systems and technology Beverley Bryant said that use of the e-referrals service would not be mandatory because the centre wants GPs to, “want to use it”.
-----
Cloud technology to propel growth in healthcare IT market
February 18, 2014 | By Dan Bowman
An increase in healthcare provider use of cloud technology combined with a decrease in the cost of IT implementation could propel big changes for the U.S. healthcare IT market in the next few years, according to a new report.
The analysis, by market research consulting firm RNCOS, predicts that between now and 2018, the health IT market will grow at a compound annual growth rate of close to 10 percent. Continued innovation and government suppport for such tools will factor into the market's success, according to the report's authors.
-----
Bing Health & Fitness app brings wellness craze to Windows Phone 8
But it's only in beta form
There are a lack of compatible Windows Phone 8 fitness trackers and apps at the moment, so Microsoft has decided to roll out its very own wellness app today.
Bing Health & Fitness Beta is available to download for free in the Windows Phone Store, and it actually rivals the M7 coprocessor-powered Fitbit and Nike Move apps on iOS.
Like its rivals, it uses a GPS tracker to record time, distance, pace and calories burned while walking, running and biking. But it goes a step further with nutritional calculations.
-----
Five Things To Watch at HIMSS14
Tuesday, February 18, 2014
With the 2014 Annual HIMSS Conference & Exhibition opening Feb. 23, I know our more than 37,000 attendees and 1,200 exhibiting companies will come to Orlando, Fla., with expectations on what they want to learn, see and do during their five days at the Orange County Convention Center. The Healthcare Information and Management Systems Society is ready to welcome our attendees and exhibitors and meet their expectations so that all experience first-hand how IT improves health at so many points in the patient care continuum.
-----
HIMSS Preview: Looking for HIE Needles in a Haystack
Scott Mace, for HealthLeaders Media , February 18, 2014
CIOs heading to the biggest health IT event of the year will encounter a vast array of new platforms and protocols promising health information exchange interoperability. Whether there's room for much optimism amidst the complexity remains to be seen.
As the healthcare industry prepares to head to Orlando for next week's HIMSS conference, should we be optimistic about the state of healthcare IT interoperability?
I'm not sure. So far this month, the healthcare IT news hasn't been all that promising. According to industry buzz, CMS found its Meaningful Use attestation Web site overwhelmed by traffic that made the Web site unusable from time to time, so much so that the agency postponed the deadline for 2013 attestations for 30 days to March 31, 2014.
-----
ICD-10 cost a 'crushing burden' for docs
Posted on Feb 12, 2014
By Mike Miliard, Managing Editor
Some physicians may end up paying nearly three times more for ICD-10 implementation than had been predicted just five years ago, according to a new report from the American Medical Association.
The updated AMA cost study, conducted by Nachimson Advisors, finds dramatic increases when compared to a similar 2008 report, also by Nachimson. That financial hit is now compounded by other federal mandates that weren't yet in existence back then.
With the Oct. 1, 2014 deadline to transition to ICD-10 code sets just months away, and physician practices grappling with a slew of new regulatory requirements related to meaningful use and payment reform, AMA – whose official position calls for ICD-10 repeal – sent a letter to Health and Human Services Secretary Kathleen Sebelius asking her to rethink the ICD-10 mandate.
"By itself, the implementation of ICD-10 is a massive undertaking," wrote James L. Madara, MD, executive vice president and CEO of AMA. "Yet, physicians are being asked to assume this burdensome requirement at the same time that they are being required to adopt new technology, re-engineer workflow, and reform the way they deliver care; all of which are interfering with their ability to care for patients and make investments to improve quality."
-----
http://www.healthdatamanagement.com/news/when-do-providers-need-to-report-a-data-breach-47251-1.html
When Do Providers Need to Report a Data Breach?
FEB 14, 2014 4:31pm ET
The Workgroup for Electronic Data Interchange recently published guidance on required steps to take to determine if a breach of protected health information must be reported to affected patients and the Department of Health and Human Services.
The guidance covers the HIPAA Omnibus Rule enacted in 2013 that changed some breach notification procedures, including a presumption that a breach is presumed to have occurred when discovered, until an entity can demonstrate a low probability that PHI has been compromised.
For instance, there are several ways that notification need not be made following a breach. Compromised information may turn out to not include protected health information, or compromised PHI is unusable, unreadable or indecipherable to unauthorized persons through encryption or other means. There also are three scenarios where unintentional access to PHI or inadvertent disclosure need not be reported because the incidents involved trusted authorized persons or the information disclosed is not retainable by the recipient.
-----
EHR rethink may reduce unneeded tests
Posted on Feb 17, 2014
By Mike Miliard, Managing Editor
When it comes to America's healthcare costs, spiraling ever upward, one of the main culprits is unnecessary testing.
Some 130 oft-overused screenings and treatments should be curtailed, according to the two-dozen organizations affiliated with the American Board of Internal Medicine Foundation's "Choosing Wisely" campaign.
Indeed, as Scientfic American pointed out in its article about that initiative, the Instiute of Medicine estimates that $750 billion – three-quarters of a trillion dollars! – was spent on unnecessary services and excessive administrative costs in 2009.
-----
Healthcare IT market to see continued growth through 2018
Author Name Nicole Freeman | Date February 14, 2014 |
The US healthcare IT market is expected to see continued growth according to RNCOS’ research study “US Healthcare IT Market Outlook 2018.” The market is set to grow at a compound annual growth rate (CAGR) of almost 20 percent between 2014 and 2018.
This growth is attributed to the continued introduction of new products, the decreasing costs of utilizing health IT, the adoption of cloud computing, and increased government support, as well as tightening regulations on healthcare providers. The report also identifies and analyses the areas expected to see the most growth in the coming years.
The report, which is available through ReportLinker.com, provides information on the most important industry players and their roles in the growth of healthcare. Examined market segments and components include health information technology (HIT) hardware, services, and software; hospital information systems; electronic medical records (EMR); telemedicine; and patient-centric monitoring.
-----
-----
Enjoy!
David.