Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, April 02, 2016

Weekly Overseas Health IT Links - 2nd April, 2016.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----

Apple's CareKit as an enabler for patient-generated healthcare data

"The desktop is dead. The phone is the future."
March 25, 2016 10:51 AM
As we move from fee for service to alternative payment models/value-based purchasing we will increasingly measure our progress based on outcomes and total medical expense.
HealthKit was an enabler that led Beth Israel Deaconess to create BIDMC@Home, an iPhone and iPad app that uploads internet of things (blood pressure cuff, glucometer, scale, activity, sleep data etc.) to our electronic health record.
CareKit, announced by Apple this week, takes us one step further on our wellness-focused journey.
Our vision is that objective data such as weight and blood pressure needs to be combined with subjective data such as activities of daily living, mood, and adherence to care plans in order to create a true measure of outcome.
-----

Ontario hospital website may have infected visitors with ransomware, security firm says

Norfolk General Hospital one of many hospitals recently hit by cybercriminals

By Emily Chung, CBC News Posted: Mar 24, 2016 9:00 AM ET Last Updated: Mar 24, 2016 9:28 AM ET
The website of an Ontario hospital may have infected the computers of patients and staff with ransomware planted on the site during a hack attack, the internet security company Malwarebytes warns.
Norfolk General Hospital, located in Simcoe, Ont., confirms its website was hacked by cybercriminals, but denies that visitors were ever at risk.
The attack appears to be part of a trend of cybercriminals targeting hospitals, including one on the Ottawa Hospital in March and another in February that hit the Hollywood Presbyterian Medical Center in Los Angeles, which paid a $17,000 ransom to have its systems restored. Three more U.S. hospitals were reportedly hit recently.
-----

Backup routines crucial to disaster, hack rebound

Published March 24 2016, 7:43am EDT
When Methodist Hospital in Henderson, Ky., recently fell victim to a ransomware attack, the organization told local media that it was using backup data unaffected by the attack while the main network remained down.
The degree to which Methodist Hospital continued to have the data it most needed isn’t known. But a good backup policy makes recovery from cyber attacks a lot easier, says Doug Abel, managing director of strategy and planning at Encore, a consultancy unit of Quintiles, and a former CIO and emergency manager at Anne Arundel Medical Center in Maryland.
 “Use of backups as a method of disaster recovery is always optimal,” Abel says.
-----

FTC steps up protection of consumer health data

Published March 23 2016, 3:40pm EDT
The Federal Trade Commission has been taking a tougher regulatory stance on healthcare information technology in recent years, in an effort to protect the privacy and security of consumer health data. A senior FTC official told Congress on Tuesday that lawmakers can expect to see more of the same.
Jessica Rich, director of the FTC’s Bureau of Consumer Protection, warned House Oversight and Government Reform subcommittees that because consumers are taking a more active role in managing their health data through mobile apps and wearable devices, this information is being collected, used and shared outside of doctors’ offices and other traditional medical contexts, putting consumers at risk.
“Many of the entities creating these new consumer-facing products and services are not covered by HIPAA, which only provides protections for health information held or generated by certain covered entities—namely healthcare providers, health plans, and healthcare clearinghouses, and their business associates,” Rich testified. “The entities creating these new products are, however, within the FTC’s jurisdiction in most instances.”
-----

Patient record access: March target likely to be met

Rebecca McBeth
22 March 2016
All GPs will be able to offer patients online access to their ‘detailed coded record’ by the end of the month, GP IT system suppliers have said.
However, the British Medical Association’s GP IT lead Dr Paul Cundy said the vast majority of patients are “completely uninterested in access to detailed coded records”.
The GP contract for 2015-16 says all practices must be able to offer patients online access to their DCR before the end of March 2016.
Digital Health News has confirmed that each of the four principal primary care suppliers expect to have the functionality enabled for all practices by then.
-----

Carolinas HealthCare boosts patient safety with palm-vein biometrics

CIO Craig Richardville said Carolinas has reduced its duplicate medical records error rate from 2.9 percent to 0.01 percent using the ID and authentication technology in conjunction with its master patient index.
March 24, 2016 07:42 AM
Carolinas HealthCare System has reduced its duplicate medical records error rate from 2.9 percent  to 0.01 percent using ID and authentication technology. That improvement, in turn, has helped bolster the health system’s patient safety initiatives, which CIO Craig Richardville called the ultimate return on investment for the technology.
“We were looking at it to uniquely identify patients, especially in an electronic health records environment, where problems with duplication of medical records, error rates, incorrectly combining records, and finding a perfect patient match get accentuated,” Richardville said. “In a manual world, you can pull information out and combine records fairly easily. In an electronic world, incorrect data potentially can get integrated.”
Additionally, Carolinas uses clinical decision support technology along with its EHRs, and if patient information getting pumped into the decision support system is incorrect, that can lead to improper guidance for providers, Richardville said.
-----

Electronic records offer chance to ensure patients' end-of-life plans aren't lost in critical moments

Epic and Cerner are building advanced directive features into their software to enable data sharing, an official said. Some lawmakers are looking to make directives portable while U.S. states are building databases to store them.
March 24, 2016 11:05 AM 
In a perfect world, patients with advance directives would be confident that their doctors and nurses — no matter where they receive care — could know in a split second their end-of-life wishes.
But this ideal is still in the distance. Patients’ documents often go missing in maze-like files or are rendered unreadable by incompatible software. And this risk continues even as health systems and physician practices adopt new electronic health records. So advocates and policymakers are pushing for a fix.
The problem isn’t new, experts noted. Advance directives were lost during the era of paper records, too. But, so far, digital efforts have fallen short.
-----

AHIMA Seeks Public Support for National Patient Safety ID

John Commins, March 22, 2016

Advocates for a voluntary patient safety identifier envision a process that would allow patients to create a way for medical systems to recognize them quickly and accurately, in much the same way as financial sector businesses.

A leading trade group for the nation’s health information technology sector is asking patients to endorse the creation of a national voluntary patient safety identifier.
The American Health Information Management Association said Monday that it has launched a petition and wants to send the Obama administration at least 100,000 signatures from patients who support the idea.
The petition, which AHIMA hopes to send to the White House by April 19, asks for the removal of a ban that prohibits the Department of Health and Human Services from participating in efforts to create a patient safety identification system.
-----

6 EHR vendors to test FHIR apps for PMI data collection

Published March 23 2016, 7:42am EDT
As part of the Obama administration’s Precision Medicine Initiative, the National Institutes of Health—in collaboration with the Office of the National Coordinator for Health IT—has initiated a pilot called Sync for Science (S4S) that will enable individuals participating in a national cohort of one million Americans to access their health data and share it with researchers.
NIH, ONC and the Harvard Medical School Department of Biomedical Informatics will coordinate the implementation of the S4S pilot in collaboration with six electronic health record vendors—Allscripts, athenahealth, Cerner, drchrono, Epic and McKesson—which will pilot the use of open, standardized applications to give individuals the ability to easily and securely contribute their data to research.
The S4S Pilot will leverage HL7’s emerging Fast Healthcare Interoperability Resources (FHIR) standard, an interoperability framework that makes use of the latest web standards, and OAuth security profiles. Many of the EHR vendors participating in the pilot are already involved in the Argonaut Project, an industry-wide effort to accelerate the development and adoption of FHIR.
-----

HIT Think Eliminating errors a key to value-based care

Published March 22 2016, 2:11pm EDT
As the U.S. healthcare system shifts emphasis away from volume-driven to value-centered care, the way that quality is defined, delivered and measured will characterize the essential elements powering the collective performance of every stakeholder.
In this new paradigm, providers that demonstrate positive clinical outcomes across episodes of care—while simultaneously lowering expenditures—will survive and thrive. Similarly, data analytics that help organizations to monitor, manage and report errors and adverse events will play a central role in realizing the delivery of safer, higher quality care.
Those who develop useful and usable solutions for this purpose will best position themselves to effectively meet the expectations of both providers and payers if they can provide a unique blend of functionality that centers on three fundamental areas—safety risk management and surveillance; pay-for-value reporting; and performance analytics.
-----

AMIA: Time to define the chief clinical informatics officer role and skillsets

The American Medical Informatics Association said that being a CCIO will require lifelong learning to master all the clinical, technological, and management skills the job demands.
March 22, 2016 02:57 PM
The American Medical Informatics Association embarked on the path to more clearly outline the role that chief clinical informatics officers play and the skillsets they need to succeed.
 “The CCIO role has not been well defined nor has the role been derived from a clear set of expectations, skillsets, or educational standards,” AMIA said in a new report. “Organizational position descriptions vary significantly.”
-----

Health information software market to hit $24B value by 2019

Written by Carrie Pallardy | March 22, 2016
The value of the global market for healthcare information software is projected to grow by nearly $10 billion between 2014 and 2019, according to a Technavio report. 
-----
22 Mar 16

Hospital Declares ‘Internal State of Emergency’ After Ransomware Infection

A Kentucky hospital says it is operating in an “internal state of emergency” after a ransomware attack rattled around inside its networks, encrypting files on computer systems and holding the data on them hostage unless and until the hospital pays up.
Henderson, Ky.-based Methodist Hospital placed a scrolling red alert on its homepage this week, stating that “Methodist Hospital is currently working in an Internal State of Emergency due to a Computer Virus that has limited our use of electronic web based services.  We are currently working to resolve this issue, until then we will have limited access to web based services and electronic communications.”
Jamie Reid, information systems director at the hospital, said malware involved is known as the “Locky” strain of ransomware, a contagion that encrypts all of the important files, documents and images on an infected host, and then deletes the originals. Victims can regain access to their files only by paying the ransom, or by restoring from a backup that is hopefully not on a network which is freely accessible to the compromised computer.
-----

IT Rounding Pays Off for Nurses, Patients…and IT Staff

Scott Mace, March 22, 2016

Rounding with IT staff has not only raised the IT skills of nurses, giving them a competitive advantage, it has also reduced the volume of help desk tickets and rewarded some IT staffers with a deeper level of purpose than ever before.

We hear about alert fatigue, but tech fatigue in general is also worthy of attention in healthcare.
As a way of combatting tech fatigue, the IT staff of HCA North Texas is making regular rounds of units, and in the process redefining how a healthcare IT department interacts with hospital and clinic staffs.
-----

HSE to spend €875m on health records system

Tuesday, March 22, 2016
Joe Leogue
The HSE is to spend up to €875m rolling out a national electronic health record system (EHR) that will enable patient information to be instantly accessed by approved medical personnel.
The project is being overseen by eHealth Ireland, a dedicated entity tasked with using information and communication technology to modernise the health system.
A document published by eHealth Ireland last summer outlined how the body envisages the system will work.
“When adopted across the healthcare system, the electronic health record will transform the delivery of health and social care by creating shared patient records that are the primary information source for all health and social care professionals,” it states.
-----

EHRs struggle to keep pace with providers’ needs

By John Morrissey
Published March 22 2016, 6:41am EDT
Perhaps the biggest shortcoming springing from broad adoption of electronic health records is their limited ability to interoperate with one another now that they’ve been sutured into healthcare systems everywhere.
But a more fundamental shortcoming is shaping up as just as big an issue: the limited ability of EHRs to keep pace with advancing demands for more varied, easily accessed, comprehensive information for direct care and analysis.
Changing times call for maximum flexibility in how clinicians access record systems and the full picture they need to see from not only structured textual data but also diagnostic images, wave forms, free text and, coming down the pike, genomic sequencing. To manage all that, EHR technology has to leave the 20th century behind and reduce its reliance on venerable relational databases, experts say.
-----

Ransomware to wreak havoc in 2016, ICIT study says

The Institute for Critical Infrastructure Technology said ransomware is so common that it’s becoming its own economy and criminals will be increasingly targeting healthcare entities via social engineering and other tactics.
March 21, 2016 09:47 AM
Ransomware attacks on healthcare and other organizations “will wreak havoc on America’s critical infrastructure community,” according to a new report that also found the malware is now so prevalent it’s creating an economy of its own.
“New attacks will become common while unattended vulnerabilities that were silently exploited in 2015 will enable invisible adversaries to capitalize upon positions that they have previously laid claim,” the report published by the Institute for Critical Infrastructure Technology explained. 
In the ransomware economy, criminals are using pricing calculations to target victims based on the most efficient ways to rake in money and, what’s more, criminals understand and engineer the pressures to put on victims.
-----

Hospital privacy officials: Make security a proactive process

March 22, 2016 | By Dan Bowman
While privacy has become increasingly top of mind for provider organizations over the past year, industry executives would be wise to focus on being more proactive about such efforts, a pair of hospital officials said Monday at the 24th National HIPAA Summit.
Rather than being an add-on to existing systems and protocols, privacy, instead, must be built in from the beginning, urged Jacki Monson, chief privacy and information security officer at California-based Sutter Health, and Morgan Vanderburg, a compliance/privacy officer at Mayo Clinic. Privacy teams must be "key stakeholders" when it comes to both decision-making and implementation of all projects, they said, noting that security is an ongoing effort, not a one-time deployment.
-----

Blog: Multimillion-dollar fed HIE effort produced some gains, some failures

By Joseph Conn  | March 21, 2016
The federal push to promote state health information exchanges has resulted in hits and misses, according to a report commissioned by the Office of the National Coordinator for Health Information Technology at HHS.
In early 2011, the ONC awarded $565 million to 56 states and territories. The number of acute care hospitals using “directed” health information exchange increased from just over 100 hospitals in 2011 to just under 1,000 in 2013, according to the report by NORC at the University of Chicago (PDF). Similarly, participation by “ambulatory entities” increased from 4,500 in 2012 to 21,000 in 2013, the report authors said.
Seven of the original participants in the four-year program are “no longer operational,” the report said. In the long run, maybe more HIEs will go belly up.
-----

How EHRs Help Make Successful Accountable Care Organizations

By Sara Heath on March 21, 2016

Through care coordination, population health management, and patient engagement, EHRs help enable successful accountable care organizations.

EHRs are an invaluable tool for accountable care organizations, offering a system upon which providers can store and reference important patient information and then easily disseminate that information to other care team members.
In fact, several of the key functions accountable are organizations are known for – care coordination, effective population health management, strong patient engagement – are dependent on EHRs. Through the EHR’s data storing abilities and shareability, accountable care organizations are able to effectively care for their patients’ overall wellness.
-----

Providers at risk for sloppy backup and migration practices

Published March 18 2016, 3:42pm EDT
Loss of data during information system backups, upgrades to operating systems and databases, and while migrating data from one storage vendor to another—such as from EMC to NetApp—is common, and human factors are the primary cause.
That’s the view from Dave Logue, senior data recovery engineer at Kroll Ontrack, which offers data recovery, restoration, erasure and e-discovery services. For instance, the challenge with data storage is moving from one storage platform to another, but the task often fails because of poor preparation and taking shortcuts, he contends.
An example: Before migrating data from one source to another target platform, data from the first source should be fully backed up. “Information technology pros know this, but the challenge is knowing what to do and actually doing it,” Logue says.
-----

AHIMA kicks off national patient ID petition drive

Calling the lack of a unique patient ID both costly and dangerous, the association is looking to the White House to help make healthcare safer and more effective.
March 21, 2016 11:41 AM
The American Health Information Management Association launched an effort to collect 100,000 signatures on a petition to ask the White House to address the need for a unique patient ID.
While other groups, such as HIMSS and CHIME, have both supported a national patient ID – CHIME notably with a million dollar contest – AHIMA is taking a new approach.
“As a patient, you know there’s only one you. But sometimes a name or some personal information is so similar to someone else’s that doctors’ offices or hospitals can have a hard time identifying records correctly,” AHIMA CEO Lynne Thomas Gordon said in a statement. “It’s a dangerous and costly problem that can lead to missed diagnoses, inappropriate treatments or unnecessary tests, as well as making it difficult for providers to exchange health information.”
-----

Task force creates framework to define skills, education for clinical informatics execs

March 21, 2016 | By Katie Dvorak
Required education and skills for chief clinical informatics officer roles (CCIO) is necessary for "a dynamic, motivated workforce," according to a report from an American Medical Informatics Association (AMIA) task force.
Currently, the report's authors say, a lack of such defined characteristics for chief medical informatics officer, chief nursing informatics officers, chief pharmacy informatics officers and chief dental informatics officers is complicating "the professional development of those aspiring to these types of roles."
"AMIA is offering these guidelines to help advise C-suite executives on potential staff selection criteria for CCIOs, as well as inform informatics professionals broadly on the state of the field," according to Joseph L. Kannry, M.D., head of the task force and lead Technical Informaticist-EMR Project at Mount Sinai Medical Center.
-----

OpenNotes helps to improve misunderstandings between docs, patients

March 21, 2016 | By Dan Bowman
One of the biggest benefits of the OpenNotes initiative has been clarification of misunderstandings between patients and clinicians, according to the Commonwealth Fund.
A new post describes some of the findings of a study published last month by the organization for which chronic patients at OpenNotes facilities were interviewed, face-to-face, to determine the impact on care quality of the effort. While "several thousand patients" in and around Boston were interviewed, the study's authors focused on 500 patients who viewed at least seven notes within a year's time, defined as "heavy users."
Some patients determined that their doctors misunderstood something they had said, while others indicated that simply being able to read their notes gave them a sense of increased control over their health.
-----

Providers using athenahealth EHR to track flu increases in real-time

Written by Max Green | March 17, 2016
Improvements in data analytics and tracking in recent years have enabled providers and epidemiologists to paint a picture of how viruses spread and change over time like never before. EHRs are increasingly becoming an important component in creating a more accurate narrative for the spread of infectious disease, as well.
-----

PCAST: Telehealth, other tech enable older Americans to remain connected, independent

March 18, 2016 | By Dan Bowman
Telehealth and electronic health records are among a number of key tools that can help older Americans live more connected yet independent lives, according to a new report published this week by the President's Council of Advisors on Science and Technology.
For telehealth, the report's authors urge the Centers for Medicare & Medicaid Services to advance policies that boost payments for and innovation of telehealth. They also call on both the Federation of State Medical Boards (FSMB) and the National Governors Association to speed the development of "reciprocal state licensure procedures." As of January, 26 states have introduced legislation to enact FSMB's Interstate Medical Licensure Compact; 12 states have enacted the compact.
The authors note the current limitations on CMS support of telehealth--in particular, many restrictions on its use in traditional Medicare--but also point out that the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA) calls on the Government Accountability Office to create a pair of reports on the Medicare telehealth program and remote patient monitoring technology. Policy shifts enacted by Medicare and Medicaid, the authors say, would cause a "ripple effect" on the industry.
-----

Apple unveils CareKit health tracking platform, first app is for Parkinsons

COO Jeff Williams said the framework will empower patients and care teams to have more formalized discussions with physicians, beginning with programs for Parkinson’s and post-surgical plans.
March 21, 2016 02:43 PM
Apple on Monday unwrapped CareKit and described the new software as a framework for building apps that can empower people take a more active role in their own care.
Whereas Apple’s HealthKit is geared for developers building apps that run on the iOS platform and the subsequent ResearchKit was created to enable researchers and scientists, CareKit was built with patients and their families in mind.
“When we introduced ResearchKit, our goal was simply to improve medical research and we thought our work was largely done,” Apple COO Jeff William said during an event on Monday. “But what became clear to us is that the same tools to advance medical research can also be used to help people improve care.”
Williams added that the first CareKit app is for Parkinson’s, a natural condition to target because 24 hours after Apple made ResearchKit available it led to the biggest Parkinson’s study to date.
-----

Moving data to the cloud: Questions you should be asking

Published March 21 2016, 2:45pm EDT
By all accounts, these are bright times for cloud computing. The majority of mid-size and large organizations now have some level of investment in the cloud, and the percentage of data and applications that a typical company is willing to store in the cloud is increasing significantly.
But not everything should go to the cloud, and IT execs should consider carefully the strategy behind each cloud investment. Information Management editor David Weldon spoke with Sean Jennings, co-founder and senior vice president of solutions architecture at Virtustream, an EMC Federation company, about current cloud trends and the questions that IT leaders should be asking when establishing a cloud migration strategy.
Where are your clients at in terms of cloud computing investments for private, public, and hybrid strategies?
Over the past couple years, we’ve witnessed a coming of age for cloud computing. The model has been proven and there are no longer hesitations around cost, efficiency or even security; the cloud has graduated from a niche, project-based IT initiative to the computing norm for businesses of all sizes.
-----

Electronic records and end-of-life plans

Shefali Luthra, Kaiser Health News 1:17 p.m. EDT March 19, 2016
In a perfect world, patients with advance directives would be confident that their doctors and nurses – no matter where they receive care – could know in a split second their end-of-life wishes.
But this ideal is still in the distance. Patients’ documents often go missing in maze-like files or are rendered unreadable by incompatible software. And this risk continues even as health systems and physician practices adopt new electronic health records. So advocates and policymakers are pushing for a fix.
The problem isn’t new, experts noted. Advance directives were lost during the era of paper records, too. But, so far, digital efforts have fallen short.
-----

Enjoy!
David.

Friday, April 01, 2016

Cyber Security Seems To Be Attracting A Lot Of Attention In The Health Sector This Week!

First we had this appear:

US hospital pays $24k ransom after cyber attack locks medical records

Date February 19, 2016

Justin Wm. Moyer

The eighth and final budget is announced by President Barack Obama, and it includes a $19 billion boost in cyber security funding aimed at replacing insecure and 'downright ancient' systems.
Not too long ago, taking the United States' wild, messy, unreliable system of medical records online seemed like a worthy goal.
"To improve the quality of our health care while lowering its cost, we will make the immediate investments necessary to ensure that, within five years, all of America's medical records are computerised," President Obama said. "This will cut waste, eliminate red tape and reduce the need to repeat expensive medical tests."
While the shift Obama and many others pushed may have improved care, electronic medical records led to quite the unique hostage situation in Los Angeles this week. There, a hospital fell prey to a cyberattack — and has escaped its plight by paying hackers a $US17,000 ($23,740) ransom.
Allen Stefanek, president and chief executive of Hollywood Presbyterian Medical Center, explained the situation in a statement.
"On the evening of February 5th, our staff noticed issues accessing the hospital's computer network," he wrote. "Our IT department began an immediate investigation and determined we had been subject to a malware attack. The malware locked access to certain computer systems and prevented us from sharing communications electronically."
What communications needed to be electronically shared? As Stefanek pointed out a few paragraphs later, medical records. As reports emerged of the hospital being forced to resort to the pre-historic days of paper charts, at least one patient was feeling the pain.
"I wasn't feeling very well, went in for a checkup and they said their computers were down," patient Melissa Garza told Fox 11 last week. "I asked, 'What's going on here?' and they said we were hacked."
Lots more here:
Second we have this:

Alert raised over cyber attacks on medical devices

Jo Hartley | 23 March, 2016 |
The Australian Prime Minister falls to the floor clutching his chest as cybercriminals play power games with his pacemaker. A final flip of the remote and he’s dead.
It makes for gripping TV, but could this Homeland scene really happen?
Yes, says cybersecurity expert Dr Robert Merkel (PhD), an IT researcher at Monash University, Melbourne.
Dr Merkel is speaking with Australian Doctor following the release of a TGA alert advising medical device makers and hospitals to carry out IT assessments to determine the risk of cyber attack.
The warning covers devices from PET scanners to life support machines.
Of particular concern are wireless heart monitors, infusion pumps and other medication-dispensing equipment that connects to the internet, as potential hackers can operate them remotely.
“Although there have been no reports of hacking attacks on medical devices in Australia, there have been reports of such attacks overseas,” the TGA says.
“Cybersecurity experts in Australia have demonstrated a wide range of potential vulnerabilities in simulated attacks,” it adds.
Dr Merkel agrees the opportunity to hack medical devices is real, especially for the growing number of  internet-connected devices.
Few ‘cybercrims’ would go to the effort of hacking a wireless device they had to be within 100 metres of, he says, but “if it is connected to the internet, then anyone in the world has the potential for easy access”.
More here:
It’s hard to say much more than to point the risks out and hope everyone in the sector can take sensible steps to minimise risks. There is clearly great pain to be felt if people are not successful!
David.