Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, March 23, 2019

Weekly Overseas Health IT Links – 23rd March, 2019.

Here are a few I came across last week.
Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----

NICE publishes updated standards for digital health technology

The National Institute for Health and Care Excellence (NICE) has published an updated version of its evidence standards framework for digital health technologies.
Andrea Downey – 11 March 2019
The update sets out requirements that need to be met different types of heath technologies, taking into account feedback from stakeholders after the first version was published in December 2018.
The standards were developed collaboratively by NICE, NHS England, NHS Digital, MedCity, Public Health England and Digital Health.London.
They set out evidence standards for both the clinical and economic impact of new digital health technologies (DHT), as well as the evidence needed to implement them in the NHS.
The standards are also there to provide commissioners with an idea of the type of information to ask for from technology developers.
-----

Partners HealthCare fully integrates state PDMP into its EHR

Published March 15 2019, 7:24am EDT
The Boston-based provider network is the first to have Massachusetts’ prescription drug monitoring program immediately available to clinicians at the point of care.
Partners HealthCare announced on Thursday that it has fully integrated the Massachusetts Prescription Awareness Tool (MassPAT) directly into its Epic electronic health record system, enabling doctors to check the database before writing opioid prescriptions.
According to Partners, integrating MassPAT into its Epic system will help prescribers by providing patients’ controlled substance prescription information within their electronic clinical charts.
-----

Northwell Health using AI and NLP to find clinical trial candidates

Published March 15 2019, 4:51pm EDT
Northwell Health, New York state’s largest healthcare provider, has adopted software from Clinithink Technology to accelerate patient identification for clinical trials. Northwell’s service areas covers 8 million people, served by 23 hospitals, with more than 30,000 clinicians and 700 outpatient facilities.
Northwell is using the artificial intelligence and national language processing technologies of Clinithink to quickly identify potential patients for clinical trials who have been missed previously. Clinithink analysis of unstructured patient data is identifying clinical trial candidates within hours, the provider’s executives say.
Northwell conducted a proof of concept study that showed the total patient cohort considered was 939,378 patients, from which there were 3.3 million associated documents for review. The vendor assessed the patients against 22 different criteria in 30 hours, identifying 88 patients highly relevant to the trial.
-----

Implementation best practices: Getting healthcare analytics right

Four experts in analytics offer key suggestions for starting with the technology at a provider organization. Current analytics users also can learn from these tips.
March 14, 2019 02:32 PM

Data and analytics have become increasingly critical to the operation of any successful healthcare organization. And with the advent of healthcare imperatives such as value-based care and population health management, analytics technology has become more important than ever.
Here, four experts in healthcare analytics technology offer their advice and suggestions for healthcare CIOs implementing analytics in their provider organization. These are a variety of best practices for analytics implementation in healthcare.
Stakeholders, and required data
Implementing an analytics system first requires outcomes defined by multiple stakeholders that second drives alignment on what data elements are required, said Bradley Hunter, a research director at KLAS Research.
-----

Indonesia’s MOH launches Sehatpedia health information app

The Sehatpedia app has an interactive consultation (live chat) feature and provides access to health articles, medical journals and health policies.
March 15, 2019 04:08 AM

Source: Ministry of Health, Indonesia
Last month, Indonesia’s Ministry of Health (MOH) announced the launch of their Sehatpedia app to facilitate the public’s access to health information. The app (currently only available on Android platforms) has an interactive consultation (live chat) feature and provides access to health articles, medical journals and health policies. Users can also register for outpatient appointments through the app but this is only limited to hospitals under the MOH.
With the live chat feature, the public can consult doctors on health information needs such as disease complaints, health tips, and other medical consultations.
“Sehatpedia can be accessed by all Indonesian people. Physicians from 32 vertical hospitals of the MOH will respond to the consultation queries,” said Secretary of the Directorate General of Health Services, Dr. Agus Hadian Rahim, Sp.OT (K), M.Epid, MH. Kes.
-----

The digital health Silk Road project

A recent article from the HIMSS Insights Global Innovators eBook explored how China could be working towards being a global innovator in healthcare through its Belt and Road Initiative.
March 15, 2019 02:11 AM
The Belt and Road Initiative (BRI), also known as One Belt, One Road, is the Chinese government’s development strategy that was introduced in 2013 to build ties along the overland Silk Road Economic Belt and the naval trading route known as the 21st Century Maritime Silk Road.
Although health is not at the core of the initiative, Ruwei Hu and his colleagues at the Sun Yat-sen University in Guangzhou and from the University of Utah in Salt Lake City, US, state that the BRI provides a common platform for regional public health emergencies through epidemic information sharing, exchange of preventive and interventional methods, and training health professionals.
-----

Health Care Technology Predictions For 2019

Post written by Charles Aunger
Managing Director of Technology at Health2047 with a comprehensive understanding of the digital transformation of health care IT.
In 2019, health care information technology (HIT) in the U.S. will continue to be transformed by external forces from around the world. To be honest, the whole of health care is feeling the pain of this evolution, and there are challenges that need to be met head-on.
But there are also inklings of light at the end of the tunnel. The digital transformation of this sector is only in the embryonic stages, but there’s clear evidence of enormous development and growth on the horizon. Here are my top five predictions for health care technology in 2019.
1. There Will Be A Major Push Toward Truly Digitized Health Care
Globally, the push to move to electronic medical records (EMR) and electronic health records (EHR) is ratcheting up. For example, Germany’s four-year drive toward a telematics infrastructure designed to connect over 2.5 million health care professionals with health data on over 70 million citizens is set to come to fruition this year. According to Remy Denzler, senior analyst at Health Advances GmbH, “Health care professionals will be able to store health-related patient data on the new and highly secure infrastructure in the form of a statutory electronic patient record (EPR).”
-----

Researchers say quasistatic signals will protect wearables and implants from hackers

Jeremy Horwitz @horwitz March 12, 2019 12:58 PM
As wearable devices and medical implants become more common, their likelihood of being targeted by hackers increases, with stakes that could be even higher than traditional computer viruses. But researchers at Purdue University have developed a way to improve both the security and longevity of these devices: a switch from conventional electromagnetic wireless signals to lower-frequency electro-quasistatic signals.
The premise of the research is that people are increasingly becoming “body area networks” for wrist, head, and internal devices that can either be controlled solely by the user or externally — the latter for better or worse. Someone with a Bluetooth-capable defibrillator might want to provide near-field wireless access for a doctor’s checkup or ongoing battery monitoring, but not be susceptible to getting shocked or disabled by a hacker sitting 10 or 30 feet away.
Today, most wearables and implants communicate using radio signals: Bluetooth transmitters operate in the 2.4GHz range, and can be picked up within at least 33-foot radiuses. Relying instead on low-frequency electro-quasistatic signals, the Purdue researchers can limit the broadcasting range to a centimeter beyond the user’s skin, enabling the wearer or a doctor to interact with the device while keeping hackers at bay.
-----

Delaware Guidance Services Ransomware Attack Impacts 50,000

Ransomware locked the mental health service provider out of its data servers and officials say they paid the ransom to unlock the encrypted files.

March 13, 2019 - Dover-based Delaware Guidance Services for Children and Youth is notifying about 50,000 parents and guardians that their child’s data was impacted during a December ransomware attack.
On December 25, DGS discovered ransomware on its data servers, which encrypted patient records that “could not be opened.” Officials said they were “required” to pay the ransom in exchange for the decryption key to unlock the files.
The files stored on the server contained patient names, Social Security numbers, medical data, addresses, and birth dates. DGS hired an external IT team to conduct a forensics analysis to determine if records were accessed or exfiltrated and found no evidence of compromise.
-----

Trump FY 2020 budget funds absorption of AHRQ into NIH

Published March 14 2019, 7:33am EDT
The President’s Fiscal Year 2020 Budget proposal includes $256 million to consolidate some activities of the Agency for Healthcare Research and Quality within the National Institutes of Health.
AHRQ, which supports health services research addressing patient safety and healthcare quality as well as the application of health IT, will cease to exist as a standalone agency with its funding zeroed.
AHRQ’s congressionally enacted appropriations in FY 2018 and FY 2019 were $334 million and $338 million, respectively. The agency also received mandatory transfers from the Patient-Centered Outcomes Research Trust Fund (PCORTF) in FY 2018 and FY 2019 for total program levels of $433 million and $451 million, respectively. However, the PCORTF “sunsets” in FY 2019.
-----

Health plans use third-party data, but privacy issues emerge

Published March 14 2019, 5:57pm EDT
To better target their members with customized messages, health plans are combining their claims data with non-health data, acquired through various third-party vendors.
The practice is helping health plans zero in on which patients need attention and helping health plans to address their healthcare needs, say industry experts. But some people think the practice is leaving a very tempting door open to discrimination and the violation of privacy.
Peter Eliason, director of analytics and data science at Revel Health, a company that partners with health plans and providers to run health action programs, says the data health plans typically purchase from third-party vendors includes information on members’ finances, shopping habits, leisure activities, family size, home purchases, moves and even community involvement. This data, purchased from companies like LexisNexis, Acxiom, Experian and PacificEast, is a resource for helping to predict health and wellness behaviors, health risks and the likelihood of being receptive to messages about healthcare.
-----

HIT Think How healthcare IT can help consumers with health choices

Published March 14 2019, 6:15pm EDT
A creatively illustrative scene from the 2008 film The Hurt Locker follows the primary character, William James, on a trip to a local grocery store.
James is an ordnance disposal technician home from the war in Iraq whose wife asked him to pick up a few things from the store, including cold cereal. As James stands dazed and overwhelmed before the wall of cereal options, the camera pans back to reveal an entire aisle wall—floor to ceiling, end to end— of cereal boxes from which to choose. James is smaller in the frame, looking less and less up to the task before finally grabbing a box and throwing it in the cart with obvious frustration. He’s decided because he must, but the decision comes with scant confidence or satisfaction because there is little in the way of a ‘best’ decision, a greater purpose.
Would that such consternating decisions were limited to cereal.
As data demonstrates, putting healthcare consumers in similar situations—asking them to opt in, to make active choices about their health and healthcare—yields similar results: Choices poorly made about which most will be unhappy.
-----

NHSX to join up the tech leadership and bridge the worlds of health and tech, Hancock says

Health secretary outlines his vision for setting up NHSX, a new unit for digital, data and technology.
March 14, 2019 02:45 AM
Health and social care secretary Matt Hancock gave delegates at the Digital Health Technology Show in London yesterday an insight into NHSX, the “latest addition to the NHS family,” a new unit for digital, data and technology that was unveiled earlier this year.
Since his appointment in July 2018, Hancock has been on a mission to overhaul the use of technology across the NHS, from releasing a policy paper outlining his tech vision and bringing together a Healthtech Advisory Board to banning fax machines, pagers (for non-emergency communications) and setting up NHSX - and some of these initiatives have drawn both praise and criticism.
“One of the things that’s really struck me [in this job],” Hancock said this week, “is how the world of tech and the world of healthcare have two very distinct cultures. In technology, you normally fail fast and you try to fail fast. As an NHS clinician, you’ve got to do all you can to get it right the first time. In technology, you whack out a prototype and collect the evidence as you go along.
-----

What could a no deal Brexit look like for the NHS?

NHS Confederation director of international relations Dr Layla McCay looks at the prospect of a no deal scenario.
March 06, 2019 06:22 AM
Subject to the second meaningful vote in the UK Parliament, the UK is set to leave the EU on Friday 29 March 2019. Continued uncertainty means that the NHS and wider health sector is now planning for three scenarios – leaving with a deal; leaving without a deal, or one which sees the extension of the article 50 process.
A "no deal" scenario means that the UK leaves the EU without a deal and that the UK would become a third country, with no withdrawal agreement or framework for a future relationship in place between the UK and the EU. The UK and the EU both state that this is an unlikely but possible outcome of the current negotiations.
-----

What to include in an enterprise cybersecurity plan

By Alison DeNisco Rayome Security
At RSA 2019, Steve Martino of Cisco discussed the top cybersecurity threats businesses are facing, and how to help employees improve their security posture.
At RSA 2019, TechRepublic Senior Editor Alison DeNisco Rayome spoke with Steve Martino of Cisco about the top cybersecurity threats businesses are facing, and how to help employees improve their security posture. The following is an edited transcript of the interview.
Steve Martino: So I think the top threats are three things. Number one, as businesses keep shifting and becoming more and more digital, they expose more threat surface. And so they have to think about what is that digital journey, what are the threats that they're introducing to themselves, and how are they gonna defend, or mitigate, or mange those threats?
Number two is the attackers are continuing to innovate and find new ways to attack and extract money or whatever they're after. And so they're constantly innovating, and we have to keep pace.
-----

AHRQ launches app to help patients prepare for medical visits

Mar 13, 2019 2:19pm
Patients often only have about 15 minutes with their doctors during an office visit and they often walk in unprepared for what questions they want their doctor to answer about their medical problem or treatment.
To help patients prepare for their medical visits, the Agency for Healthcare Research and Quality (AHRQ) developed a new consumer mobile app that builds off the agency’s “Question Builder” online tool.
The Question Builder app, which is available at no charge for smartphones, tablets and laptop computers on iTunes and Google Play, aims to help patients organize questions and other information prior to medical visits.
-----

How regular phishing drills keep providers’ data safe

Published March 13 2019, 4:35pm EDT
Healthcare organizations should look for incremental reduction of risks by making use of phishing education campaigns, says Kate Borten.
This is especially important because front-line workers play such a large role in data security, and hackers have become very sophisticated in their ability to fool individuals into clicking on a malware-infested email—even if an individual is watching out for such emails, says Borten, president at the Marblehead Group, a security consultancy.
The training needs to incorporate different examples of phishing lures, Borten advises.
-----

UK named the 'heartland of European healthcare AI' in new report

Although engaging with the NHS remains a challenge, companies now have more "accessible deployment opportunities", according to the research.
March 13, 2019 10:00 AM
Germany and France are two flourishing AI hubs, but the UK has been named the European AI “powerhouse” in a new report from London-based investment firm MMC Ventures.
Published earlier this month, the analysis sheds light on the hype around the technology, but identifies healthcare as an area of increasing focus for AI entrepreneurs as systems start to embrace emerging technologies.
Out of around 1,600 European early stage AI software companies, 21 percent are said to be focusing on health and wellbeing, with the UK dubbed the “heartland of European healthcare AI”.
-----

Mergers and acquisitions not leading to promised EHR integration

A new report in Health Affairs looks at the success rate of hospital IT system integration, post-consolidation.
March 12, 2019 10:38 AM
Improved information-sharing through electronic health record integration is often cited as a benefit of hospital mergers, but a new analysis published on the Health Affairs Blog suggests that sales pitch should be met with "healthy skepticism."
WHY IT MATTERS
The study by Harvard Business School doctoral student A. Jay Holmgren and renowned healthcare IT researcher Julia Adler-Milstein, which used data from 4,720 hospitals from the American Hospital Association survey and IT Supplement from 2012 to 2016, finds that only one-third of hospitals acquired in that period switched to the dominant vendor of their acquiring system, while 44 percent remained on a different EHR system.
Furthermore, the analysis shows how hospital consolidation is contributing to EHR vendor consolidation. Most hospitals that did switch vendors after being acquired by another system did so to Epic or Cerner.
-----

KLAS: Providers want more in a quality management tool

Development has been "fairly stagnant," from some vendors, causing providers to fill the gap with population health management platforms, EHRs and business intelligence tools.
March 12, 2019 03:25 PM
KLAS' newest report, "Quality Management for 2019: The Search for a One-Stop Shop," shows that healthcare providers are looking for a single platform to handle all of their quality management needs, but they aren’t necessarily getting it.
Providers want more than basic regulatory reporting tools, KLAS found. Researchers for the most recent report studies vendors such as Conduent, Healthmonix, IBM Watson Health (Truven), Medisolv, Mingle Health, Nuance, Premier, Quantros, SPH Analytics and Vizient.
WHY IT MATTERS
Providers want a more robust quality improvement functionality, according to KLAS researchers. Development has been "fairly stagnant," from some vendors, causing providers to fill the gap with population health management platforms, EHRs and business intelligence tools.
-----

Eric Topol: EHRs have 'taken us astray,' but AI could fix healthcare in a 'meaningful and positive way'

The famed digital health pioneer talks about his new book, Deep Medicine: How Artificial Intelligence Can Make Healthcare Human Again. The potential is immense, he says, but the U.S. needs a plan.
March 12, 2019 02:48 PM
Dr. Eric Topol, founder and director of Scripps Research Translational Institute, is a longtime healthcare visionary. A cardiologist, geneticist and digital health pioneer, his ideas have been at the forefront of digital health for decades.
Topol's research and reporting on emerging technology, data, devices, personalized medicine and more have been explored in four books – the most recent of which, Deep Medicine: How Artificial Intelligence Can Make Healthcare Human Again, was published today.
Healthcare has made some big strides with information and technology, says Topol, but too much of that has been to its detriment. Tech has helped make the practice of medicine "robotic," he writes, "to disastrous effect." Physicians are burned out, patient experience is suboptimal, to say the least, and medical errors abound.
-----

IBM's AI blood test could help with early Alzheimer's detection

The test can detect a person's risk for the disease decades before symptoms start showing up.
03.10.19 in Medicine
Previous attempts to find a cure for Alzheimer's ended up in failure, but a new study out of IBM Research has the potential to spark a major breakthrough. A group of IBM researchers have harnessed the powers of machine learning to figure out a way to detect a biological marker associated with the disease -- a peptide called amyloid-beta -- with a simple blood test. The solution they came up with can even detect an individual's risk for Alzheimer's earlier than a brain scan can and way before symptoms start showing up. It can arm doctors with the ammo they need to be able to take better care of their patients.
According to a study published in 2017, the concentration of amyloid-beta in a person's spinal fluid starts changing decades before the first signs of the disease show up. People already experiencing mild cognitive impairment with an abnormal concentration of the peptide in their spinal fluid are apparently 2.5 times more likely to develop the illness.
-----

How Artificial Intelligence Could Transform Medicine

In “Deep Medicine,” Dr. Eric Topol looks at the ways that A.I. could improve health care, and where it might stumble.
  • March 11, 2019
·  Last month, President Trump signed an executive order making the development and regulation of artificial intelligence a federal priority. But one area where artificial intelligence is already taking hold is health care.
Doctors are already using A.I. to spot potentially lethal lesions on mammograms. Scientists are also developing A.I. systems that can diagnose common childhood conditions, predict whether a person will develop Alzheimer’s disease and monitor people with conditions like multiple sclerosis and Parkinson’s disease.
Dr. Eric Topol, a cardiologist and the founder and director of the Scripps Research Translational Institute, has long heralded this convergence of technology and medicine. Now, in a new book called “Deep Medicine: How Artificial Intelligence Can Make Healthcare Human Again,” Dr. Topol explores how A.I. is likely to transform almost everything that doctors do.
-----

HL7 Standards Could Open Health IT Infrastructure to Cyberattacks

The HL7 standards, key for healthcare interoperability, could open up healthcare infrastructure to cyberattacks, warned researchers at the University of California system.

March 11, 2019 - The HL7 standards, key for healthcare interoperability, could open up healthcare infrastructure to cyberattacks, warned researchers at the University of California (UC) system.
The HL7 standards provide a widely used framework for the exchange, integration, sharing, and retrieval of electronic health information.  
“These standards define how information is packaged and communicated from one party to another, setting the language, structure and data types required for seamless integration between systems,” explained the HL7 International website.
Unfortunately, the HL7 standards are frequently implemented in an unsecure way, which results in unauthenticated, unvalidated, and plaintext transmission of sensitive data across networks. This could lead to data privacy breaches as well as patient injury, the researchers from UC San Diego and UC Davis Medical Center warned.
-----

EHRs reveal that many sepsis deaths may not be preventable

Published March 12 2019, 7:16am EDT
Despite being one of the most frequent causes of hospital mortality, sepsis remains a complex syndrome that generally cannot be prevented through better care.
That’s the assessment of researchers at Brigham and Women's Hospital who reviewed electronic health records for patients admitted across six acute-care hospitals who died in a hospital or were discharged to end-of-life hospice.
Investigators conducted a retrospective cohort study that leveraged EHR data from 568 patients admitted to three academic medical centers and three community hospitals from January 2014 to December 2015.
What they found was that sepsis was present in 300 hospitalizations (52.8 percent) and directly caused death in 198 cases (34.9 percent). However, researchers concluded that most underlying causes of death were related to severe chronic comorbidities, and only 3.7 percent of sepsis-associated deaths were either definitely or moderately preventable.
-----

ONC funding slashed by $17M in FY 2020 under WH budget

Published March 12 2019, 7:25am EDT
The Office of the National Coordinator for Health Information Technology has a lot on its plate in Fiscal Year 2020, but the agency may have to do more with less.
The Trump administration on Monday released the President’s FY 2020 budget request for the Department of Health and Human Services, which includes a total of $43 million for ONC—a reduction of $17 million from FY 2019.
“In FY 2020, ONC will continue to reduce operational and administrative costs in information technology, space, staff training and agency travel,” states the HHS justification. “ONC will continue to seek additional administrative and operational efficiencies.”
-----

Interoperability Commentary: Want to Do Something About It?

By Mandy Roth  |   March 07, 2019

Sequoia Project and ONC offer resources to help organizations understand and comment on HHS' Proposed Interoperability Ruling by the May 3 deadline.

With a May 3 deadline approaching, the clock is ticking on the comment period related to the Proposed Ruling on Interoperability of Electronic Health Information (EHI) issued by the U.S. Department of Health and Human Services' Office of the National Coordinator for Health Information Technology.
Since HHS announced this news on February 11 at the HIMMS19 conference, organizations have been scrambling to review details of the 724-page opus. There are resources available to help, including The Sequoia Project, a Vienna, Virginia-based non-profit dedicated to solving health IT interoperability for the public good.  
-----

VA plans to go live with Cerner EHR pilot by March 2020

Mar 8, 2019 8:44am
The VA plans to pilot initial operating capabilities of its new Cerner EHR platform a year from now across three sites in the Pacific Northwest. (JeffOnWire CC BY 2.0)
Veterans Affairs officials told House lawmakers on Wednesday that the VA plans to pilot initial operating capabilities of its new electronic health records platform in March 2020 across three sites in the Pacific Northwest.
VA officials testified before the House Appropriations subcommittee on Military Construction, Veterans Affairs and Related Agencies about the current status and timeline of the $10 billion, 10-year EHR project.
VA signed a deal with Cerner last May to move from the VA’s customized Vista platform to an off-the-shelf EHR to align the country’s largest health system with the Department of Defense, which has already begun integrating Cerner’s MHS Genesis system.
-----

Growing Malware, Malicious Insider Attacks Contributing to $13M Avg Company Cybersecurity Costs

by Carl Weinschenk
The cost of malware and malicious insider cyberattacks grew 12% in 2018 compared to the previous year, according to a report by Accenture and the Ponemon Institute. The two types of exploits now constitute one-third of company cybersecurity costs, the “Cost of Cybercrime Study” says.
The report found that malware and malicious insider attacks jumped 11% and 15%, respectively. The former now costs U.S. companies an average of $2.6 million annually and the latter $1.6 million. The combined totals equate to one-third of the $13 million average cybersecurity costs to companies, which is $1.3 million more than in 2017. The cost of phishing and social engineering attacks increased to $1.4 million on average.
-----
March 9, 2019 / 7:14 AM / 3 days ago

Healthcare organizations are battling phishing

 (Reuters Health) - Many healthcare organizations remain vulnerable to phishing attacks, a new study finds.
When researchers sent simulated phishing emails, nearly one in seven of the messages were clicked by employees of healthcare systems, according to the report published in JAMA Network Open.
“Cybersecurity is a really important issue for hospitals and healthcare organizations and it’s only getting more important,” said lead study author Dr. William Gordon, of Brigham and Women’s Hospital and Harvard Medical School in Boston. “One of the biggest risks for them is their own employees and it’s manifested through phishing attacks.”
The new study shows the importance of employee awareness of the dangers hidden in phishing emails, Gordon said. The good news, he added, is that “things get better over time with awareness, education and training.”
-----

ONC ramps up efforts to aid data exchange for precision medicine

Published March 11 2019, 7:43am EDT
Federal standards and interoperability efforts are intended to play a role in increasing the utility of healthcare data to support precision medicine efforts.
The Office of the National Coordinator for Health Information Technology is looking beyond efforts to ensure interoperability of data between providers’ information systems to ensure data can be utilized for medical research.
“Healthcare information technology is foundational to precision medicine,” said Teresa Zayas Caban, chief scientist for ONC, speaking at a Building Precision Medicine Summit conducted by KLAS Research in the Chicago area last week. One of “ONC’s roles is to accelerate innovative collaboration around pilots and tests of standards that support health IT interoperability for research.”
-----

HIT Think How to ensure business associate agreements protect all parties

Published March 11 2019, 4:46pm EDT
If an organization is involved in healthcare, whether as a provider, facility, consultant, vendor or in almost any other capacity, it is highly likely that HIPAA applies to internal operations and relationships with other parties.
As should be well known, when a relationship is established with one party providing services for or on behalf of a covered entity (such as a healthcare provider, health plan or healthcare clearinghouse), then the party providing the service is a business associate. Once a party is a business associate, then a business associate agreement (BAA) is needed. In fact, the BAA is mandatory and must be in place before any protected health information is shared.
A business associate, as noted above, is any party that provides services for or on behalf of a covered entity and then handles, creates, stores or otherwise interacts with protected health information for or on behalf of the covered entity. Any entity can become a business associate, even including an entity that is otherwise a covered entity. Additionally, determining a party’s status as a business associate is not an arbitrary one that either party can assert, or created by putting a BAA into place. Instead, it is a matter of assessing whether the definition of a business associate as set out in the HIPAA regulations is met.
-----

First quantitative AI tools for medical imaging receive clearance

The FDA has now cleared the radiology software product Quantib™ ND for distribution in the US.
March 11, 201911:30 AM
Quantib, a Rotterdam-based company that develops AI software for radiologists using machine learning, has received FDA clearances for Quantib™ Neurodegenerative (ND), a tool that supports radiologists with the reading of MRI brain scans.
The software measures brain atrophy (shrinkage) and detects white matter hyperintensities (WMHs), which are changes in the brain related to, for example, ageing, dementia and multiple sclerosis (MS).
The software includes fully automatic segmentation of lobes and hippocampus to objectively assess atrophy development. Additionally, it comprises white matter hyperintensity segmentation for easy monitoring neurological changes occurring in for example dementia and MS patients.
-----

ECRI's 2019 list of patient safety worries includes EHRs

Medical errors caused by mishandled diagnostic tools within the electronic health record join EHR-exacerbated physician burnout on the group's annual list of Top 10 concerns.
March 11, 2019 04:25 PM
Improper management of test results and diagnostic tools within EHRs are at the top of a list of patient safety concerns, according to a new report from ECRI Institute.
ECRI’s annual safety report, 2019 Top 10 Patient Safety Concerns, lists diagnostic stewardship and test result management as the number one concern, followed by burnout on patient safety as number three, and patient safety involving mobile health as number four.
These concerns topped safety concerns related to behavioral health, early recognition of Sepsis and infections from peripherally inserted IV lines.
-----

Diagnostic Errors, Managing Patient Data Top ECRI's Patient Safety List Again

By John Commins  |   March 11, 2019

A new report from the nonprofit patient safety organization pinpoints risks from EHRs, mobile health, behavioral health, clinician burnout, and more.


KEY TAKEAWAYS

·         ECRI Institute’s 2019 list of concerns addresses systemic issues facing health systems, such as behavioral health, clinician burnout, and skills development.
·         The report also highlights ongoing clinical issues with infections from peripheral IV lines, sepsis, and anti-microbial stewardship.
·         In the outpatient setting, at least 30% of antibiotic use is unnecessary.
For the second consecutive year, diagnostic error and managing test results were ranked No. 1 among the Top 10 Patient Safety Concerns for 2019 identified by the ECRI Institute.
"Medical errors are the third leading cause of death in the country," says Marcus Schabacker, MD, president and CEO, ECRI Institute. "This guidance can help healthcare leaders and clinicians save lives."
-----

Weekly News Recap

  • Livongo’s planned Q3 IPO could bring in $1 billion
  • Carestream Health sells its health IT business to Philips
  • Northwestern Memorial Hospital fires dozens of employees for looking at the EHR records of actor Jussie Smollett
  • Amazon, Berkshire Hathaway, and JPMorgan Chase name their healthcare venture Haven
  • FDA Commissioner and digital health advocate Scott Gottlieb, MD resigns
  • Newly formed Beth Israel Lahey Health says it will eventually consolidate its multiple EHRs into a single product
-----
Enjoy!
David.

Friday, March 22, 2019

A Useful Article Comparing The Australian And US Approaches To Electronic Health Records.

I am re-publishing this with the author’s permission. The differences from the US are quite telling.

Comparison of e-health records: Australia versus the US

Authored by
Heather Deixler
Bianca Phillips
This is the fifth article in a series on the digital health revolution.
AS debate continues over the implementation of the My Health Record for Australian patients, perhaps it would be instructive to compare it with the United States’ system. We provide an overview of the US federal laws that govern the privacy and security of electronic health records, including the Health Insurance Portability and Accountability Act (HIPAA), and draws on some comparisons with the Australian My Health Record system.
HIPAA was enacted by the US Congress and signed by President Bill Clinton in 1996. Over a decade later, it was amended by the Health Information Technology for Economic and Clinical Health Act (HITECH) which was enacted in 2009.
A number of regulations were promulgated thereunder including:
HIPAA establishes national standards for safeguarding individually identifiable health information; this applies to “covered entities” – health plans, health care clearinghouses, and health care providers who electronically transmit any health information in connection with transactions for which the US Department of Health and Human Services has adopted standards – and their “business associates” that create, receive, maintain or transmit information “protected health information” on their behalf. Patients also have certain rights to their health information, including rights to access their health records and amend such records.
While HIPAA is a federal law, there are similar state privacy laws and regulations that are not necessarily pre-empted by HIPAA, particularly if a state affords greater protection to individuals than HIPAA.
Records are not centralised
The US electronic health record system does not employ a single, centralised cloud database, but supports the use of multiple platforms through incentives schemes to the platform developers, including the Promoting Interoperability Programs, which encourage meaningful use and interoperability. In the US, there are over 600 patient management systems that achieve compliance with the incentive scheme rules.
Since the US electronic health record system is not centralised, patients often have difficulty maintaining all of their health-related information in one place, especially when transitioning from one health care provider to another. Currently, when patients change doctors, many physicians ask patients to sign an authorisation to release their medical records to a new health care provider.
However, in 2018, the White House Office of American Innovation launched the MyHealthEData initiative, which aims to create a patient-centric model for controlling health data. The initiative seeks to enable better care coordination and provide patients with the ability to manage their own health data and maintain control of their medical history.
With MyHealthEData, patients are able to share their data with providers, rather than defer to providers to maintain such data. Likewise, the US Centers for Medicare and Medicaid Services has introduced Medicare Blue Button 2.0, which enables Medicare beneficiaries to connect their Medicare health information to other applications, computer-based programs or research programs.
There is a movement in favour of patient control
Today, patient advocates are leading a movement in the US to provide patients with not only access to but also control over their electronic health records.
A new proposed rule from the US Department of Health and Human Services aims to improve, among other things, interoperability and patient access to data. If finalised, the proposed rule would go into effect on 1 January 2020. In the proposed rule, the Office of the National Coordinator calls on the health care industry to adopt standardised application programming interfaces, in an effort to permit individuals to more easily access their health information by using a smartphone app.
Record ownership is determined at the state level
While HIPAA provides individuals with certain rights with respect to their health information, including the right to access and amend it, it does not specify ownership rights over the information. In the US, state law generally governs whether medical records belong to patients or their providers. For instance, in Florida, the “records owner” is defined as:
“(i) any healthcare practitioner who generates a medical record after treating a patient; (ii) any healthcare practitioner to whom records are transferred by a previous owner; or (iii) any healthcare practitioner’s employer, such as a physician practice.”
In New Hampshire, on the other hand, medical information contained in a patient’s medical record is deemed to be the property of the patient.
Patients in the US generally have to opt in to their health care provider’s electronic health record system.
Another feature is that HIPAA requires health care providers to obtain patient authorisation before disclosing protected health information to the patient’s employer.
Patients may also restrict disclosure of protected health information to their insurer. While HIPAA permits a health care provider to disclose protected health information to a health insurance company for treatment, payment or health care operations purposes without patient authorisation, a patient has the right to request restrictions on the disclosure of protected health information to a health insurance company if the disclosure is for the purpose of carrying out payment or “health care operations” and not otherwise required by law, and the patient has paid out-of-pocket (ie, in full from a source other than the insurance company).
Security breaches have led to million-dollar settlements
The Office for Civil Rights at the US Department of Health and Human Services recently entered into a resolution agreement with Cottage Health – a California-based not-for-profit health system – for US$3 million to settle potential violations of HIPAA resulting from two separate breaches of electronic protected health information.
Comparison of the US system and My Health Record
The key differences between the Australian and US electronic health record systems can be summarised as follows:
  • My Health Record is a centralised “cloud” database, whereas the US system does not use a central database;
  • the US system promotes conversion of historical paper-based data to electronic format, whereas the Australian My Health Record does not;
  • the My Health Record System is now opt-out, whereas the US system is generally opt-in. The opt-in model is consistent with notions of patient-centric care and patient control;
  • ownership of health records in the US is determined at the state level. The My Health Record system does not define who owns a My Health Record, and questions of ownership may need to be clarified by Parliament; and
  • patient controls over records under the My Health Record System are broader than under the US system. Indeed, federal legislation permits patients to use their My Health information for any purpose. It is worth noting that the term “for any purpose” could be clarified by Parliament to make it clear whether there are any uses by patients of My Health information that would not be permitted, for example, because they would not align with the objects of the legislation as stipulated in Section 3 of the My Health Records Act 2012.
The similarities between the Australian and US systems can be summarised as follows:
  • both systems offer protections against employer and insurer access as defined in legislation above and also Section 70A of the My Health Records Act 2012;
  • incentives programs are used, albeit with varying rules and requirements;
  • there is a movement in favour of increased patient control over health records being advocated at the federal government level, and in Australia such controls have already been included in legislation under Section 67 of the My Health Records Act 2012. There is also the initiative in the US by the organisation Hu-manity, which advocates for increased consumer control over data and a human right to data ownership; and
  • interoperability is a significant issue in both jurisdictions, although to varying degrees.
The issue of patient control and the question of ownership over health records are big discussion points in the US; however, these matters receive little attention in Australia despite the broad controls that have been afforded to patients under the My Health Record system, as well as the unclear aspects in relation to data ownership. This comparison of the two systems highlights the need to pay more attention, in particular to these issues and to those pertaining to the use of an opt-in model versus an opt-out approach.
Heather Deixler is a health care regulatory and transactional attorney in the corporate group at Latham and Watkins, with a particular focus on health information privacy and security. She also works with clients to develop and implement compliance programs and respond to security breaches, advise on regulatory compliance matters related to health care privacy and security, and provides counsel on such issues in health care transactions. She is a Certified Information Privacy Professional in US and European privacy laws.
Bianca Phillips is a Victorian academic lawyer conducting medical law research. She completed her Master of Laws at the University of Melbourne with her thesis on telemedicine, and is currently completing a doctoral thesis on the law making of the digital health revolution. She has authored articles on the digitisation of medicine in both legal and medical publications. She can be found on Twitter @biancarphillips.
The article is found here:
It does of course need to be recognised that in Australia we have many EHRs in the hands of individual practitioners and that these are – much as in the US – subject to a mix of State and Commonwealth laws.
The comparison provided here is more focussed on the myHR and the centralised national approach in OZ and is a comparison with the way things are in the major health systems in the US.
Enjoy the read as the fundamental approach in the US is really quite different to what we have here – being more commercially and payments focussed among other things.
David.