Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Saturday, April 30, 2022

Weekly Overseas Health IT Links – 30th April 2022.

Here are a few I came across last week.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

-----

https://ehrintelligence.com/news/caqh-core-releases-guidelines-to-improve-information-exchange

CAQH CORE Releases Guidelines to Improve Information Exchange

The new operating rules aim to streamline how healthcare providers exchange information, optimize workflow, and support better administration operations.

By Sarai Rodriguez

April 22, 2022 - CAQH CORE, the author of national operating rules for the HIPAA-covered administrative transactions, recently released new operating rules to enhance information exchange and healthcare operations related to benefits coverage and supplemental documentation.

"The operating rules released today represent another step in improving the way plans, and providers exchange information millions of times every day," Tim Kaja, senior vice president, Optum Care, and CAQH CORE board chair, said in a press release. "These rules will improve operations — in administrative offices and at the point of care — and will enhance the experience for all stakeholders."

The new CAQH CORE Attachments Operating Rule aims to improve the exchange of attachments, a long-standing industry issue. The guidelines will establish key infrastructure and data content requirements, helping providers send electronic health plans documentation to support a claim or prior authorization in a uniform format, the press release stated.

Reassociation or linking the attachment with the original prior authorization request or claim submission is one of the most significant pain points in the attachment workflow, CAQH CORE added.

-----

https://healthitanalytics.com/news/ai-method-to-predict-sepsis-mortality-outperforms-conventional-approach

AI Method to Predict Sepsis Mortality Outperforms Conventional Approach

A new study shows that machine-learning algorithms outperform conventional methods for predicting sepsis mortality rates using administrative data.

By Shania Kennedy

April 22, 2022 - Machine learning (ML) algorithms that leveraged an administrative database outperformed conventional methods of predicting sepsis mortality rates, according to a study published in the Journal of Medical Internet Research.

The Centers for Disease Control and Prevention (CDC) report that 1.7 million adults in the US develop sepsis in a typical year, and 270,000 of them die as a result. Some patients who survive sepsis also develop permanent organ damage and have a higher risk of other medical conditions, even several years after recovering. Costs incurred from sepsis treatment vary based on the severity of the infection and whether the infection was present at the time of admission to the hospital, but research indicates potential costs between $16,324 and $51,022 per patient. Patients who develop other medical conditions resulting from sepsis incur additional costs.

ML models have previously been applied to point-of-care sepsis mortality prediction, but the new study aimed to compare the performance of ML algorithms to that of conventional prediction models for in-hospital sepsis mortality utilizing administrative data.

The researchers developed four ML models to analyze the data and compared the results with an already existing AI model, the Super Learner model, and the conventional prediction model, the Severe Sepsis Mortality Prediction Model. Data related to demographics, comorbidities, hospital characteristics, diagnosis, and procedure performed on the first day of admission were used as variables for prediction.

-----

https://healthitsecurity.com/news/cisa-aha-sound-alarm-on-russian-state-sponsored-cyber-threats

CISA, AHA Sound Alarm on Russian State-Sponsored Cyber Threats

CISA and AHA underscored the risk of Russian state-sponsored cyber threats to critical infrastructure.

By Jill McKeon

April 22, 2022 - The Cybersecurity and Infrastructure Security Agency (CISA) and authorities from Australia, the UK, New Zealand, and Canada released a new joint cybersecurity advisory regarding Russian state-sponsored cyber threats.

The advisory encouraged critical infrastructure entities to patch all systems, enforce multifactor authentication, and secure Remote Desktop Protocol (RDP) and other services.

The advisory serves as an update to CISA’s January advisory, which provided an overview of tactics, techniques, and procedures (TTPs) used by Russian state-sponsored actors. The latest advisory contains more information about specific Russian state-sponsored advanced persistent threat (APT) groups and Russian-aligned cybercrime groups.

“U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities urge critical infrastructure network defenders to prepare for and mitigate potential cyber threats—including destructive malware, ransomware, DDoS attacks, and cyber espionage—by hardening their cyber defenses and performing due diligence in identifying indicators of malicious activity. Refer to the Mitigations section of this advisory for recommended hardening actions,” the advisory stated.

-----

https://healthitsecurity.com/news/managing-risk-of-insider-threats-in-healthcare-cybersecurity

Managing Risk of Insider Threats in Healthcare Cybersecurity

Careless workers, disgruntled employees, and third parties are insider threats that can pose cybersecurity risks to healthcare organizations.

By Jill McKeon

April 22, 2022 - HHS’ Health Sector Cybersecurity Coordination Center (HC3) issued a brief outlining risk factors and mitigation tactics for managing insider threats in healthcare cybersecurity. From malicious insiders to careless workers and third parties, insiders with access to sensitive information could use that information to impact the organization negatively.

Specifically, HC3 defined an insider threat as “a person within a healthcare organization, or a contractor, who has access to assets or inside information concerning the organization’s security practices, data, and computer systems.”

HC3 divided insider threats into the following categories: negligent workers, malicious insiders, inside agents, disgruntled employees, and third parties. Insider threats can cause critical data loss, operational disruptions, brand damage, and legal liabilities, no matter the intent.

Some insider threats may have no motive to harm but can still make inappropriate decisions that hurt the organization. According to a 2020 Ponemon Institute report, 61 percent of data breaches involving an insider were largely unintentional and could be attributed to negligence. The finding highlights the need for more comprehensive employee cyber education. 

-----

https://www.digitalhealth.net/2022/04/nhs-app-saving-car-journeys/

NHS App saving around 22,000 patient car journeys every month

New analysis carried out by NHS Digital has found that the NHS App is saving an average of 22,000 car journeys to GP practices every month.

Jordon Soloff 19 April 2022

The results showed that around 200,000 appointments and repeat prescriptions arranged through the NHS App between April and December last year would previously have been made by people driving to their local surgery.

The NHS App allows users to access a range of NHS services on their smartphone or tablet. It was launched in 2018 and offers services including symptom checking and triage; appointment booking; repeat prescription ordering; access to patient records; national data opt-out; and organ donation preference.

This latest research into the app also estimates that around 4,100 fewer bus and taxi journeys and around 5,500 fewer train and motorbike journeys are being made every month, with patients using the app instead.

-----

https://healthitanalytics.com/news/ai-can-help-cut-colorectal-cancer-death-rates-reduce-costs

AI Can Help Cut Colorectal Cancer Death Rates, Reduce Costs

A new study suggests that using artificial intelligence detection tools in screening colonoscopy may prevent colorectal cancer incidence and mortality while reducing costs.

By Shania Kennedy

April 21, 2022 - A study published in The Lancet Digital Health indicates that the use of artificial intelligence (AI) during screening colonoscopies has the potential to prevent colorectal cancer (CRC) incidence, reduce mortality, and increase cost-effectiveness across the care continuum.

The Centers for Disease Control and Prevention (CDC) reports that CRC is the third most common cancer, not counting some types of skin cancer, and the third leading cause of cancer-related death in the US. Colonoscopies to screen for colorectal polyps are the standard method for CRC prevention and early detection.

AI has been shown to help reduce the miss rate of polyp detection in research settings, which may decrease CRC incidence rates if properly integrated into the clinical setting. The study aimed to investigate the effect of the implementation of AI detection tools during screening colonoscopies on CRC incidence and mortality, while also evaluating the cost-effectiveness of those tools.

The researchers conducted a microsimulation of using screening colonoscopies with and without AI for a hypothetical group of 100,000 people between the ages of 50 and 100 who are at average risk for colon cancer. The microsimulation was then subject to multiple analyses with various parameters.

-----

https://www.beckershospitalreview.com/ehrs/5-key-stats-on-clinicians-ehr-burnout.html

5 key stats on clinicians' EHR burnout

Katie Adams

The time clinicians spend on EHR documentation remains a significant factor contributing to burnout and sometimes the desire to leave their position. Here are five key statistics about clinicians' frustrations with EHR tasks, as reported by Becker's.

  1. During the first 15 months of the pandemic, physicians experienced "a small but sustained increase" in EHR messages from patients, according to a study released in October by researchers from Rochester, Minn.-based Mayo Clinic and New Haven, Conn.-based Yale University. The researchers found that between March 2020 and June 2021, the average messages received per day increased from 45 to 46 for primary care physicians, from 29.3 to 32.0 for medical physicians, and from 16.6 to 23.3 for surgical physicians.
  2. Nearly 33 percent of physicians spend two hours or more completing documentation outside work hours daily, according to KLAS research released in March.

-----

https://www.healthcareitnews.com/news/can-tech-help-patients-only-have-tell-their-story-once

Can tech help patients only have to tell their story once?

A communications technology expert discusses the fragmented processes patients endure getting in touch with a provider, and what she sees as solutions to the problems.

Bill Siwicki

April 22, 2022

78% of consumers say they want a choice of how they interact with providers, according to a survey by IT vendor Talkdesk. In part, that means they don't always want to have to call and sit on hold to get a healthcare issue resolved.

If a patient can only get so far in a healthcare interaction before hitting a wall and having to make that dreaded call, then the healthcare organization has failed them, contends Patty Hayward, vice president of industry strategy for healthcare and life sciences at Talkdesk. What's worse, the patient may have to repeat their story over and over again, she adds.

Healthcare IT News interviewed Hayward to talk about that survey, her opinion of text and chatbot tools, the importance of carrying a patient's story from voice to text to chatbot to virtual agent with nothing lost along the way, and the role technologies like AI, machine learning, natural language processing and medical-grade speech-to-text can play here.

Q. In the survey your company conducted, the vast majority of respondents said they want a choice of how they interact with their providers. Can you elaborate on this finding with more from your report, and what the finding truly means?

A. Our survey of nearly 700 healthcare consumers around the world showed that 78% said it was important to be able to engage with health systems through their preferred channels of communication. This desire reflects how digital technologies have increased the choices and expectations of consumers, including healthcare ones.

-----

https://www.healthleadersmedia.com/technology/cybersecurity-company-finds-vulnerabilities-hospital-robots

Cybersecurity Company Finds Vulnerabilities in Hospital Robots

Analysis  |  By Eric Wicklund  |   April 21, 2022

The vulnerabilities were found in the Aethon TUG smart autonomous robot, which is used by hundreds of health systems to ferry medications and other supplies throughout the hospital. 

An autonomous robot commonly used in hospitals to transport medication and other supplies from room to room could be hacked and used to spy on patients and staff, according to a New York-based healthcare IoT security company.

Cynerio announced earlier this month that its researchers had discovered five vulnerabilities in the innards of the Aethon TUG smart autonomous robot, which is sued in hundreds of healthcare sites around the world.

Robots like the Aethon TUG are used by hospitals to do light housekeeping and ferry items from one place to another, relying on radio waves, sensors and other technology to open doors, take elevators and maneuver through hallways without hitting anything. More advanced telepresence robots are being used to connect care providers in other locations with patients in their rooms or the Emergency Department and even perform some guided surgeries.

Collectively called the JekyllBot:5, the malware was found in the TUG Homebase Server’s JavaScript and API platforms, as well as a WebSocket that is used to relay commands from the server to the robot. According to a Cynerio press release, these vulnerabilities could:

-----

https://ehrintelligence.com/news/tripathi-2022-pivotal-for-digital-health-transformation-health-it

Tripathi: 2022 Pivotal for Digital Health Transformation, Health IT

At the virtual ONC annual meeting on April 13, Tripathi discussed initiatives that are helping to push the digital health transformation forward.

By Hannah Nelson

April 20, 2022 - 2022 is a pivotal year in the digital health transformation, according to Micky Tripathi, national coordinator for health IT.

At the virtual ONC annual meeting on April 13, Tripathi noted that over the last decade, the agency has established an electronic overlay of the healthcare system to move away from the constraints of paper, brick, and mortar.

"Now, the exciting part is that we get to think about how we want to redesign our healthcare system without the constraints of paper, brick, and mortar," Tripathi explained. "Our work in health IT is ultimately to create open architectures, both from a policy and a technical perspective, that allow for that reconceptualization of our healthcare system to happen."

Tripathi said that an open architecture perspective leverages open industry standards and policies built with the expectation of interoperability to break down silos between different parts of the healthcare industry.

"This isn't going to happen overnight," he noted. "It happens with discreet steps that keep pushing us in the right direction."

-----

https://healthitsecurity.com/news/healthcare-sector-faced-brunt-of-ddos-attacks-last-year-report-finds

Healthcare Sector Faced Brunt of DDoS Attacks Last Year, Report Finds

The pandemic spurred an increase in DDoS attacks against the healthcare, education, and government sectors.

By Jill McKeon

April 21, 2022 - Distributed Denial-of-Service (DDoS) attacks continued to plague all sectors last year, Comcast Business discovered. Nearly three-quarters of all multi-vector attacks targeted just four industries: healthcare, government, education, and finance.

DDoS attacks are extremely effective because they flood the victim’s network with traffic, rendering network resources unusable. DDoS attacks also may serve as a foothold for threat actors to deploy more sinister malware while distracting victims.

Compared to the 10.1 million global DDoS attacks that Comcast observed across all sectors in 2020, it observed 9.84 DDoS attacks in 2021. Although that number may be lower, it is still a 14 percent increase compared to 2019.

“A few factors account for the slight decrease in global attacks from 2020 to 2021. First, 2020 was a full lockdown year where the world operated remotely, giving threat actors a unique landscape against which to launch unprecedented numbers of DDoS attacks,” Comcast noted.

-----

https://patientengagementhit.com/features/are-patient-portals-the-future-of-patient-provider-relationships

Are Patient Portals the Future of Patient-Provider Relationships?

Even more than patient data access, patients see the patient portal or personal health records as tools to build the patient-provider relationship.

April 19, 2022 - It’s time for healthcare professionals to begin reconsidering patient portals as not only tools for patient data access, but also as tools for building the patient-provider relationship.

As digital health and patient engagement technologies become more ubiquitous, patient portals and personal health records are proving to be integral bridges between the patient and the provider, according to David Haggstrom, MD, MAS, director of the Regenstrief Institute Center for Health Services Research and a core investigator for the US Department of Veterans Affairs Health Services Research and Development Center for Health Information and Communication.

Haggstrom, who is also an associate professor of medicine at Indiana University School of Medicine, recently published data suggesting that patients and their caregivers want to use personal health records to build deeper relationships with their clinicians—important food for thought for providers seeking to seamlessly loop these tools into their workflows.

“There are a lot of lessons here about the sharing of health records, how they might be useful, how they might impact workflow,” Haggstrom told PatientEngagementHIT during a recent interview. “The aha moment for me was how virtual technologies perhaps not consciously have the potential to affect even the relationship. And that's something worth being deliberate and thinking concretely about so that we're aware of how things are changing.”

-----

https://www.healthdatamanagement.com/articles/mayos-john-halamka-on-boosting-confidence-in-ai-to-expand-application-speed-utilization?id=129938

Mayo’s John Halamka on boosting confidence in AI to expand application; speed utilization

As IT continues to advance ease of development for algorithms, health system leadership, clinicians and administrators are starting to understand AI’s larger role in care delivery, cost reduction and equity of care. But, these stakeholders need to see AI solutions not just the technology, and they need assurances that the science can be trusted.

Apr 21 2022


Fred Bazzoli

Editor-in-Chief, HDM

Artificial intelligence – once overhyped, then beleaguered by mistrust – is beginning to deliver on its long-awaited promise, says longtime healthcare IT leader John Halamka, MD.

Mayo Clinic – where Halamka has served as president of the Mayo Clinic Platform for the last two years – is rolling out algorithms that clinicians are finding useful in improving their clinical practice, which is the key to winning support.


“AI has a credibility problem right now. It is thought of as magic, when it is in fact math.”


“There are a few ways to motivate a clinician, and certainly one is better quality of practice life. And the other would be avoiding quality issues or malpractice assertions,” he says. “So what we’ve seen in the first 60 or so algorithms that we’ve produced is that, if you integrate them into workflow and they’re bringing some real value, adoption is not an issue at all.”

-----

https://www.healthcareitnews.com/news/feds-warn-healthcare-providers-exceptionally-aggressive-ransomware-group

Feds warn healthcare providers of 'exceptionally aggressive' ransomware group

Although Hive has only been operational since June 2021, it has reportedly breached hundreds of organizations.

By Kat Jercich

April 20, 2022 04:18 PM

The U.S. Department of Health and Human Services' cybersecurity arm released a warning this week about the ransomware group Hive.  

Described as an "exceptionally aggressive, financially motivated ransomware group," Hive has frequently targeted healthcare organizations, said the Health Sector Cybersecurity Coordination Center in its analyst note.  

"HC3 recommends the Healthcare and Public Health Sector be aware of their operations and apply appropriate cybersecurity principles and practices found in this document in defending their infrastructure and data against compromise," said the agency.  

WHY IT MATTERS  

Hive has only been operational since June 2021, the agency explained, but it has spent the intervening months aggressively targeting the U.S. healthcare sector.   

It cited reports of Hive affiliates breaching more than 350 companies over just four months – an average of three companies a day

-----

https://www.healthcareitnews.com/news/chatbots-and-related-automation-can-ease-staffing-shortages-triage-patients

Chatbots and related automation can ease staffing shortages, triage patients

The technology can also help with patient education and discharge, as well as combat clinician burnout, says the CEO of Amwell's Conversa Health.

By Bill Siwicki

April 21, 2022 10:56 AM

Automation has a major role in transforming the healthcare experience. For example, many hospitals and health systems use automation to ease the burden of staffing shortages and effectively manage and triage patients at scale.

One type of automation is chatbots and related technology that can automate the triage and symptom intake process, along with surfacing education and discharge materials.

For example, Northwell Health implemented health chats with its patients. The health system saw a 94% engagement rate among oncology patients, and 83% of clinicians say the health chats extend the care they can deliver, reported the health system's chatbot technology vendor, Conversa Health. Care navigators also commented on the additional peace of mind they had as a result of being able to see patients responding through the chats.

Healthcare IT News sat down with Murray Brozinsky, CEO of Conversa Health, which now is part of telehealth vendor Amwell, to discuss how chatbots and automation tech can ease the burden of staffing shortages; how the tools can help with patient education and discharge; how the technologies can be used to combat clinician burnout; and the potential importance of combining chatbots and similar technologies with virtual and in-person care.

------

https://ehrintelligence.com/news/ehnac-releases-updates-to-health-it-accreditation-programs-for-public-review

EHNAC Releases Updates to Health IT Accreditation Programs for Public Review

The process for commenting on the updated health IT accreditation criteria is open through June 21, 2022.

By Hannah Nelson

April 20, 2022 - The Electronic Healthcare Network Accreditation Commission (EHNAC), a non-profit health IT data standards development organization, announced that it has posted new versions of program criteria for three of its accreditation programs for public review.

The enhanced criteria programs include the Trusted Dynamic Registration & Authentication Accreditation Program (TDRAAP-Basic and TDRAAP-Comprehensive) and the Trusted Network Accreditation Program (TNAP-QHIN).

A key update to TDRAAP-Basic and TDRAAP-Comprehensive is the addition of CARIN Code of Conduct criteria for applicable organizations.

Additionally, EHNAC revised The Trusted Network Accreditation Program (TNAP-QHIN) to align with the final publication of the Trusted Exchange Framework and the Common Agreement (TEFCA). This program is designed for healthcare organizations looking to become Qualified Health Information Networks (QHIN).

-----

https://healthitanalytics.com/news/cdc-unveils-forecasting-outbreak-analytics-center

CDC Unveils Forecasting, Outbreak Analytics Center

The CDC announced a new center that aims to enhance the national capability for using data use, modeling, and analytics to address public health threats.

By Shania Kennedy

April 20, 2022 - The Centers for Disease Control and Prevention (CDC) has launched the Center for Forecasting and Outbreak Analytics (CFA), which aims to improve outbreak and public health threat response by using infectious disease modeling and analytics to enable timely, effective decision making by leaders at federal, state, and local levels.

CFA also plans to develop a program for providing infectious disease event insights to the public to help inform individual decision making.

“I am excited we have launched CDC’s Center for Forecasting and Outbreak Analytics,” said CDC Director Rochelle P. Walensky, MD, in the press release. “This new center is an example of how we are modernizing the ways we prepare for and respond to public health threats. I am proud of the work that has come out of this group thus far and eager to see continued innovation in the use of data, modeling, and analytics to improve outbreak responses.”

-----

https://healthitsecurity.com/news/60-of-healthcare-orgs-say-third-party-risk-management-needs-improvement

60% of Healthcare Orgs Say Third-Party Risk Management Needs Improvement

Most surveyed healthcare organizations admitted that third-party risk management and compliance efforts could use some improvement, Kiteworks found.

By Jill McKeon

April 20, 2022 - An overwhelming majority of surveyed healthcare organizations said that their third-party risk management and compliance strategies were due for some improvements, a survey conducted by Kiteworks found.

Researchers surveyed executives from multiple industries responsible for secure third-party content communications for their organizations. About 20 percent of the respondents came from healthcare organizations.

The survey results told a story of widespread unpreparedness for third-party security and compliance risks despite the growing frequency of cyberattacks against third-party vendors. The SolarWinds attack in 2020 impacted fewer than 100 organizations but highlighted the need for increased software supply chain security.

“Nearly two-thirds of respondents share content with more than 1,000 external organizations, and all do so with at least five communications channels,” the report stated.

-----

https://www.healthdatamanagement.com/articles/onc-to-focus-on-health-equity-data-sharing-public-health-it?id=129924

ONC to focus on health equity, data sharing, public health IT  

HHS and ONC leaders use the IT agency’s annual meeting to report on continued efforts to harness health IT to improve outcomes.

Apr 20 2022


Marla Durben Hirsch

As it works to support the widespread adoption of health IT and nationwide health information exchange to improve healthcare, the Office of the National Coordinator for Health IT is focusing on several key issues, including: reducing health disparities, improving data sharing and advancing public health use of IT.

“There have been significant advances in health IT and interoperability,” noted Department of Health and Human Services Secretary Xavier Becerra, speaking at ONC’s annual meeting plenary session on Wednesday, April 13.

Becerra outlined some of the areas that ONC expects to concentrate on this year.

Health equity

Reducing health disparities is a top priority, the HHS secretary stressed. “We’re putting equity at the center of the decisions we make,” Becerra said.

-----

https://hbr.org/2022/05/the-telehealth-era-is-just-beginning

The Telehealth Era Is Just Beginning

More gains in quality, affordability, and accessibility are on the way.

by  Robert Pearl and  Brian Wayling

From the Magazine (May–June 2022)

Summary.    Contrary to what many people think, virtual health care, also known as telemedicine or telehealth, is much more than a cheap digital knockoff of in-person care. When used appropriately, it improves patient health, reduces costs, and makes care more equitable...

Contrary to what many people think, virtual health care, also known as telemedicine or telehealth, is much more than a cheap digital knockoff of in-person care. When used appropriately, it improves patient health and reduces costs. It also makes care more equitable and accessible to the 89% of U.S. adults and 78% of adults globally who own a smartphone, including those in medically underserved communities.

And yet telemedicine usage in the United States has plunged from its peak in April 2020, during the first surge of Covid-19 cases, when it accounted for 69% of doctor-patient visits. Similar patterns have been seen across Europe and Asia over the past two years, prompting some governments to take actions in support of telehealth. The European Parliament and the European Council recently announced the EU4Health program to spur the sharing of digital health records, e-prescriptions, and telehealth in general. And Saudi Arabia is implementing a strategy that includes smartphone applications and a network to connect specialized facilities with primary care centers and hospitals in remote areas.

But in many countries, barriers in the form of regulations, payment regimes, and patient acceptance remain. Any nation seeking to raise health care quality, increase access, and lower costs should be expanding, not contracting, the use of virtual care.

-----

https://news.walgreens.com/our-stories/walgreens-and-wing-launch-drone-delivery-in-first-major-us-metropolitan-area.htm

April 12, 2022

Walgreens and Wing launch drone delivery in first major U.S. metropolitan area

The story behind Walgreens and Wing’s expansion to Dallas-Fort Worth, a milestone for customers and the drone industry alike.

By Sarah Cason, Walgreens Stories

It’s a sunny spring morning in Dallas, Texas. Representatives from Walgreens and Alphabet’s Wing are in Simpson Plaza, preparing to launch drone delivery in the Dallas-Fort Worth metroplex. The first two recipients, the mayors of Frisco and Little Elm, have inputted their order into Wing’s app.

Minutes later, the drone arrives and safely lowers the package to its recipients, bringing store-to-door drone deliveries to a major U.S. metropolitan area for the first time. The products? Allergy medicine and vitamin C gummies—perfect for quick relief from seasonal allergies.

The service is initially launching in Frisco and Little Elm, respectively. Select customers in the pilot program’s designated area can choose from over 100 products for delivery, including over-the-counter health and wellness items and snacks and drinks.
-----

https://www.upi.com/Health_News/2022/04/19/COVID-19-smartwatch-disease-progression-study/8191650374568/

Health News

April 19, 2022 / 11:00 AM

Smartwatch heart rate data can help track COVID-19 progression, study finds

April 19 (UPI) -- A smartwatch that can track heart rate can be used to monitor disease progression in people with COVID-19 and may predict how sick they will become, a study published Tuesday found.

Heart rate per step tracked with a smartwatch, a measure of heart and lung function, increased after COVID-19 symptom onset and was higher in study participants who reported a cough, data published Tuesday by Cell Reports Medicine showed.

In addition, circadian phase uncertainty, or the body's inability to time daily events, rose around the time of COVID-19 symptom onset in study participants, the researchers said.

Because circadian phase uncertainty relates to the strength and consistency of the circadian component of the heart rate rhythm, it may correspond to early signs of infection, they said.

Similarly, daily basal heart rate, or a person's heart rate when at rest, tended to increase on or before virus symptom onset. This may be due to fever or heightened anxiety, the researchers said.

-----

https://www.healthcareitnews.com/news/diagnostic-testing-company-offers-security-lessons-all-providers

A diagnostic testing company offers security lessons for all providers

When Brio Systems took on COVID-19 testing, it suddenly had employers and agencies as customers, which required a whole new view of security. It turned to a security platform vendor for help.

By Bill Siwicki

April 20, 2022 11:14 AM

Prior to the COVID-19 pandemic, Brio Systems' business was focused on helping individuals access diagnostic testing more easily to improve their health and manage their fitness and wellness efforts.

THE PROBLEM

When COVID-19 hit in early 2020, the company realized it had an opportunity to help. Initially, it was very difficult to access diagnostic tests in the United States. Brio quickly pivoted its business to help employers with employee bases that would be at risk of asymptomatic spread to access testing easily and consistently.

"While security and privacy had always been important to our business, previously we'd been a direct-to-consumer service and as such, health data was accessed only by the individual account holder managing their own biomarker results," explained Thos Niles, cofounder of Brio Systems.

"During the pandemic, we needed to share health data not just with the individual, but with the organizations that were now our customers," he continued. "This created enormous pressure to build a more robust security and privacy program and demonstrate compliance with health laws and regulations like HIPAA."

Every time a large company or government agency would look to work with Brio, the testing provider was confronted with intimidating security questionnaires and rigorous audit calls.

-----

https://www.healthcareittoday.com/2022/04/20/are-we-further-along-with-interoperability-than-we-think/

Are We Further Along with Interoperability Than We Think?

April 20, 2022

Colin Hung

The inability to easily exchange medical data is holding back healthcare improvements and innovation. Thankfully there has been concerted effort recently from governments, vendors, standards bodies, and healthcare organizations to address this. Key to this effort is a standardized way to measure our interoperability progress (or lack thereof). The Healthcare Leadership Council and other leading organizations have created a new measurement framework to address this gap.

Gauging our Progress

Healthcare’s lack of interoperability wastes time, funds, and resources across the entire ecosystem. It mans that every interaction between providers, payers, researchers, public health authorities, and patients comes with an unwanted and unnecessary friction. To overcome that friction requires specialized applications, development resources, or old-fashioned workarounds like printouts, CD-ROMs, and faxes.

Achieving interoperability means reducing costs and creating a more friction-free ecosystem.

The question is: how well are we doing in achieving that goal? Should we pat ourselves on the back for what we have achieved in the past 12 months? Or do we need to redouble our efforts because of the lack of progress we made? Without a framework to gauge our progress, we have no idea.

There is an old adage that I believe applies to healthcare’s interoperability challenge : What gets measured gets done. We cannot expect to make progress unless we know where we are and how far we still need to go.

-----

https://www.healthleadersmedia.com/technology/onc-chief-defends-health-it-investment-despite-cost-ownership-concerns

ONC Chief Defends Health IT Investment Despite Cost of Ownership Concerns

Analysis  |  By Scott Mace  |   April 20, 2022

In the second of a two-part interview, Micky Tripathi points to resources to optimize best practices, but says the ONC could do more.


KEY TAKEAWAYS

·         Additional upside for healthcare enterprises is available through value-based purchasing incentives.

·         The conversational natural language process, though it adds more cost, can reduce the burden of too many clicks.

·         The ONC provides additional educational materials impacting safety and efficiency, and continues to look to aviation industry for inspiration.

Micky Tripathi, PhD, MPP, took the helm of the Department of Health and Human Services Office of the National Coordinator for Health Information Technology on the first day of the Biden administration in 2021. In a sequel to his two-part conversation with HealthLeaders a year ago, Tripathi addresses ONC's top priorities. Part 1, published yesterday, explored top ONC priorities including data governance, data sharing, security, and privacy. This interview that has been lightly edited for brevity and clarity.

HealthLeaders: Some healthcare IT leaders continue to express concern about the total cost of ownership of digital health technology going on back a decade. It's as if the government helped fund the purchase of cars, but did not budget for funding for the fuel for the cars. Enterprises say they don't have the resources necessary to necessarily drive home the potential of this technology. What can the government do to help?

Micky Tripathi: I'm not sure I agree with the analogy. Every industry has to move forward, and I think there's a tremendous amount of value that's been gotten already from these systems as well. With anything, and particularly with technology, the costs are very, very clear and discrete -- what you pay eClinicalWorks or Epic or Cerner every month -- but the benefits are very diffuse. So your CFO doesn't see on their ledger, here is the return on investment that I got from that, even though there is a return in terms of quality, in terms of safety, and better documentation. So I disagree with the premise that that analogy is right. I don't think that there's a choice in that matter.

-----

https://www.healthleadersmedia.com/technology/onc-chief-lists-security-his-biggest-current-challenge

ONC Chief Lists Security as His Biggest Current Challenge

Analysis  |  By Scott Mace  |   April 19, 2022

In a two-part interview, Micky Tripathi, the head of the Health and Human Services Department's Office of the National Coordinator for Health Information Technology, talks about his department's top priorities and other pressing issues.


KEY TAKEAWAYS

·         Security, data governance and privacy top the list of concerns for the Health and Human Services Department’s Office of the Federal Coordinator for Health Information Technology.

·         The Trusted Exchange Framework and Common Agreement is making data sharing rules more transparent.

·         A federal interagency group is looking at equity issues raised by artificial intelligence.

Micky Tripathi, PhD, MPP, took the helm of the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology on the first day of the Biden administration in 2021. In a sequel to his two-part conversation with HealthLeaders a year ago, he addresses the ONC's top priorities, as well as health IT issues such as total cost of ownership and going beyond rule-making to help healthcare systems optimize their investment.

This interview has been lightly edited for brevity and clarity.

HealthLeaders: What you see right now as the top technology challenges facing U.S. healthcare?

Micky Tripathi: Certainly security is going to be top of mind for everyone. It's a huge and ongoing challenge. I don't know that that's any different than it should be at any given time. But as we have more and more electronic health record penetration and more interoperability, certainly the security issues related to that rise equally. So that's one very big challenge that we have from a technical perspective.

----

https://ehrintelligence.com/news/clinician-burnout-ehr-satisfaction-linked-to-likelihood-to-leave-org

Clinician Burnout, EHR Satisfaction Linked to Likelihood to Leave Org

A KLAS report suggests that addressing early signs of clinician burnout and improving EHR satisfaction could help healthcare organizations retain employees.

By Hannah Nelson

April 19, 2022 - EHR satisfaction and clinician burnout are correlated with the likelihood that a provider is planning to leave their organization, according to a KLAS report based on survey responses from 59,000 clinicians.

Clinicians who are very dissatisfied with the EHR have almost three times the proportion reporting they are likely to leave compared to clinicians who are very satisfied with the EHR.

“When clinicians feel the EHR is a help rather than a hindrance, they are more likely to want to stay at their organization,” the authors wrote. “Healthcare leaders should focus on improving the areas of EHR satisfaction with the most room to improve.”

On a basic level, organizations must ensure their EHR has solid reliability and quick response time, as these issues can overpower an otherwise satisfactory EHR experience.

-----

https://ehrintelligence.com/news/onc-leap-recipient-develops-framework-for-patient-ehr-data-consent

ONC LEAP Recipient Develops Framework for Patient EHR Data Consent

San Diego Health Connect created a framework for patient EHR data consent using HL7 FHIR-based application programming interfaces (APIs).

By Hannah Nelson

April 19, 2022 - San Diego Health Connect, a recipient of an ONC Leading Edge Acceleration Projects in Health IT (LEAP) program award, developed a scalable consent framework to improve patients’ ability to convey their preferences regarding access to and use of their EHR data, according to a HealthITBuzz blog post.

The organization’s work focused on how to use Health Level Seven (HL7) Fast Healthcare Interoperability Resources (FHIR)-based application programming interfaces (APIs) to create a computable consent framework.

“A computable consent workflow allows a patient’s privacy preferences to be encoded as machine-readable rules that enable interoperable services,” ONC officials Beth Ellinport and Brett Andriesen wrote in the blog post.

“Computable consent enables automated decision-making and enforcement of a patient’s privacy preferences,” they added. “This helps facilitate healthcare services and access to information that empower patients and throughout the healthcare journey.”

-----

https://healthitsecurity.com/news/employee-email-warnings-reduce-ehr-snooping-unauthorized-phi-access

Employee Email Warnings Reduce EHR Snooping, Unauthorized PHI Access

Employees who received an email warning after unauthorized PHI access were far less likely to commit the same offense again, research published in JAMA found.

By Jill McKeon

April 19, 2022 - Only 2 percent of healthcare employees who received an email warning after committing unauthorized protected health information (PHI) access carried out the same offense again, a research letter published in JAMA Network Open found.

Researchers flagged all unauthorized access to patient medical records at a large academic medical center from January 1 to July 31, 2018. Within that time, 444 employees viewed the patient medical records despite not being part of the patient’s care team.

To test the impact of an email warning, researchers randomly selected 49 percent of the employees to receive a warning on the night of their access. The email explained that the employee was identified for accessing a patient’s electronic medical record without a known work-related purpose. The remaining 51 percent of employees served as the control group and did not receive an email warning.

The email warning was extremely effective, with only 4 employees committing unauthorized access for a second time. Meanwhile, 40 percent (90 employees) of the control group repeated the offense, demonstrating a 95 percent effectiveness of email warnings to reduce repeated offenses.

-----

https://www.mobihealthnews.com/news/asia/fujifilm-develops-ai-tech-predicting-alzheimers-progression

Fujifilm develops AI tech for predicting Alzheimer's progression

A clinical trial has shown that it can predict AD progression with 88% and 84% accuracy in American and Japanese patients, respectively.

By Adam Ang

April 18, 2022 10:36 pm

Fujifilm Corporation has developed AI technology that can predict whether patients with mild cognitive impairment will progress to Alzheimer's disease within two years.

According to a press statement, the AI Technology for AD Progression Prediction has been found to have high generalisability, predicting patients who would progress to AD with high accuracy, even for subjects from different cohorts. 

FINDINGS

The AI predictive technology was built using Fujifilm's advanced image recognition technologies. Using both AI and deep tech, atrophy patterns as seen on 3D MRI brain images were extracted and calculated from the hippocampus and the anterior temporal lobe, both regions that are strongly correlated with the progression of AD. From these patterns, AD progression is predicted.

The technology was trained using patient data from the North American-Alzheimer’s Disease Neuroimaging Initiative (NA-ADNI), the world's largest AD research project. The study also used other clinical information such as cognitive test scores.

-----

https://www.healthleadersmedia.com/innovation/new-study-finds-value-video-games-treating-depression

New Study Finds Value in Video Games for Treating Depression

Analysis  |  By Eric Wicklund  |   April 14, 2022

Researchers have found that a digital therapeutic platform using gaming concepts can help adults diagnosed with major depressive disorder (MDD) improve their cognitive function

Researchers from Duke University and Stanford have found that a digital therapeutic video game can help people living with major depressive disorder (MDD).

In a study recently published in the American Journal of Psychiatry, adults diagnosed with MDD and taking antidepressant medication “significantly improved sustained attention” while playing the AKL-T03 game developed by Boston-based Akili Interactive. The mHealth game is designed to address cognitive challenges, including difficulties concentrating, decision making, slowed thinking, and forgetfulness, in people living with MDD.

“Society is facing a growing mental health crisis, with depression rates in the US increasing about 20% during the pandemic,” Richard Keefe, PhD, a professor of psychiatry at Duke University Medical Center and primary investigator of the study, said in a press release. “While mood symptoms are most often associated with MDD, equally concerning are the frequent associated cognitive impairments.”

“More than ever, we need safe and effective ways to support these patients – new tools that can be easily and broadly accessed,” he added. “Based on the results of this study, AKL-T03 has the potential to play a meaningful role in the treatment of MDD patients.”

-----

https://www.healthleadersmedia.com/innovation/using-measurement-based-care-turn-patient-data-treatment

Using Measurement-Based Care to Turn Patient Data Into Treatment

Analysis  |  By Eric Wicklund  |   April 19, 2022

Healthcare organizations are using digital patient questionnaires to gather real-time data from patients, allowing clinicians to adjust care management when and where needed.


KEY TAKEAWAYS

·         Digital health platforms and tools have enabled care providers to gather more information from patients outside the doctor's office or clinic, but the challenge is in learning how to use that information.

·         Measurement Based Care (MBC) is a relatively new strategy that uses patient surveys to gauge how a specific treatment is working, and virtual channels allow providers to push those questionnaires out to patients at any time.

·         The platform is allowing health systems like Ascension Illinois to better treat behavioral health care patients, collaborating with them and adjusting care plans on the fly.

Healthcare organizations are using digital health tools to gather more data about their patients, but the challenge has always been how to use that information.

At Ascension Illinois, care providers are using Measurement-Based Care (MBC) to improve outcomes in behavioral health treatment. The strategy is based on collecting information throughout treatment to assess outcomes, then modifying care management plans to improve treatment.

Chris Novak, vice president and chief operating officer for Ascension Illinois' behavioral medicine service line, says the process of gathering data to support treatment benefits not only the provider but also the patient. The health system uses a digital health platform developed by Owl to create a baseline assessment for each patient, then uses ongoing virtual questionnaires to demonstrate patient progress, giving providers the evidence they need to measure and then improve treatment.

-----

https://healthitanalytics.com/news/lack-of-data-readiness-preventing-healthcare-digital-transformation

Lack of Data Readiness Preventing Healthcare Digital Transformation

Although 95 percent of healthcare executives are focused on digital transformation, the lack of data readiness is preventing them from making permanent changes.

By Mark Melchionna

April 14, 2022 - A lack of data readiness is preventing the healthcare industry from committing to changes that could bring about digital transformation, according to a recent report by Morning Consult commissioned by Innovaccer.

Morning Consult collected responses from 75 US health system executives for the survey between Nov. 30 and Dec. 21, 2021.

The survey revealed that 95 percent of healthcare executives intend to transform their business digitally. However, leaders claim they are dealing with a crisis related to data readiness. As a result, 97 percent are calling for more healthcare data interoperability.

Data readiness is also key to unlocking the full potential of artificial intelligence (AI) in healthcare, according to the report. Healthcare executives expect to see AI have a large impact on care delivery in the next several years. About 60 percent of respondents expect it to impact clinical outcomes, and 17 percent said it would affect financial outcomes. In addition, 13 percent said AI would impact their operation outcomes, and 9 percent administrative outcomes.

-----

https://mhealthintelligence.com/news/genetics-behavioral-health-pediatric-subspecialists-use-telehealth-most

Genetics, Behavioral Health Pediatric Subspecialists Use Telehealth Most

A recent study showed that pediatric telehealth use among different subspecialties was inconsistent, indicating variation in patient needs.

By Mark Melchionna

April 18, 2022 - When comparing the use of telehealth among different pediatric subspecialties, a JAMA Network Open study found that pediatric telehealth use was inconsistent across subspecialties, with genetics and behavioral health subspecialists using the care modality the most.

The study included 549,306 patients, representing a total of 1.8 million visits from eight pediatric medical groups from the Children’s Specialty Care Coalition (CSCC). There were 11 different subspecialties, including cardiology, orthopedics, urology, nephrology, dermatology, genetics, behavioral health, pulmonology, endocrinology, gastroenterology, and neurology. The study period began Jan. 1, 2019, and ended Dec. 31, 2021.

Aside from collecting data regarding in-person and telehealth visits, researchers also noted no-show rates and demographic information along with differentiation before and after the COVID-19 pandemic.

Among subspecialties that used telehealth less frequently, like cardiology, orthopedics, and urology, the utilization rate was 6 percent to 29 percent. Among those that used telehealth at a higher rate, such as genetics, behavioral health, and pulmonology, virtual visit utilization ranged from 38.8 percent to 73 percent.

-----

https://healthitsecurity.com/news/healthcare-orgs-struggle-with-software-supply-chain-risk-management-policies

Healthcare Orgs Struggle With Software Supply Chain Risk Management Policies

The majority of surveyed healthcare organizations said that they had not fully implemented software supply chain risk management policies.

By Jill McKeon

April 18, 2022 - Despite increased attention toward supply chain security after the 2020 SolarWinds cyberattack, 74 percent of surveyed US healthcare organizations reported not having comprehensive software supply chain risk management policies, a survey commissioned by Trellix and conducted by Vanson Bourne found.

Researchers surveyed 900 cybersecurity professionals from a variety of critical infrastructure sectors. The report pointed to President Biden’s May 2021 executive order on improving the nation’s cybersecurity as a catalyst for change within many US organizations.

The executive order stressed the need for zero trust security policies, multifactor authentication, endpoint detection and response (EDR), extended detection and response (XDR), and software bill of materials (SBOM) implementation.

US survey respondents reported EDR and XDR as the most difficult cybersecurity solutions to implement and said that multifactor authentication was the easiest.

-----

https://www.mobihealthnews.com/news/how-health-app-rating-system-could-encourage-clinician-uptake

How a health app rating system could encourage clinician uptake

A development study published in JMIR describes the App Rating Inventory, which aims to help clinicians find high-quality tools to use with patients.

By Emily Olsen

April 18, 2022 12:08 pm

Researchers created a health app rating system aimed at helping clinicians find high- quality tools to recommend to their patients, according to a development study published in JMIR.

The App Rating Inventory, which was built by the Defense Health Agency’s Connected Health branch, scores apps in three categories: evidence, content and customizability. All 28 items in the system are weighted equally and the scoring system is binary, meaning the app either has a specific feature or it doesn't. The final score is the sum of the three categories. 

"The category and final scores derived from the rating system inform the clinician about whether an app is evidence informed and easy to use," the study's authors Rachel Mackey, Ann Gleason and Robert Ciulla wrote. 

"Although a rating allows a clinician to make focused decisions about app selection in a context where thousands of apps are available, clinicians must weigh the following factors before integrating apps into a treatment plan: clinical presentation, patient engagement and preferences, available resources and technology expertise."

-----

https://www.healthleadersmedia.com/telehealth/unitedhealthcare-sees-25k-increase-telehealth-usage

UnitedHealthcare Sees 2.5K% Increase in Telehealth Usage

Analysis  |  By John Commins  |   April 18, 2022

The payer's 2021 data show a massive increase in telehealth use when compared with pre-pandemic levels.


KEY TAKEAWAYS

·         Members used virtual care 28 million times in 2021, a 2,500% increase from the pre-pandemic baseline. Local providers delivered 95% of those virtual care visits.

·         Half of virtual visits were for behavioral health, and 63% of all behavioral health visits were done virtually, up from 1.5% pre-pandemic. 

·         The share of virtual care users aged 25 to 44 grew from 36% in 2020 to 38%. The share of virtual care users among women grew from 62% in 2020 to 64%.

UnitedHealthcare Inc. members logged more than 28 million virtual care visits in 2021, a 2,500% increase over pre-pandemic usage, the payer says.

"While the COVID-19 pandemic triggered an unprecedented spike in the number of virtual care visits, we are seeing that telehealth has staying power even as many people have returned to in-person appointments," UnitedHealthcare CMO Donna O'Shea, MD, tells HealthLeaders.

"Virtual care visits in 2021 by UnitedHealthcare members approximately matched the total for 2020, with continued significant use of telehealth so far in 2022."    

UHC data show that:

·         Members used virtual care 28 million times in 2021, a 2,500% increase from the pre-pandemic baseline and steady from 2020.
 

·         Local providers delivered 95% of those virtual care visits.
  

·         Half (50%) of virtual visits -- 14 million -- were for behavioral health, and 63% of all behavioral health visits were done virtually, up from 1.5% pre-pandemic.  
 

·         The share of virtual care users aged 25 to 44 grew from 36% in 2020 to 38%.
 

·         The share of virtual care users among women grew from 62% in 2020 to 64%.

-----

https://jamanetwork.com/journals/jamanetworkopen/fullarticle/2791007

April 13, 2022

Effectiveness of Email Warning on Reducing Hospital Employees’ Unauthorized Access to Protected Health Information A Nonrandomized Controlled Trial

John Xuefeng Jiang, PhD1; Nick Culbertson, BS2; Ge Bai, PhD, CPA3,4

JAMA Netw Open. 2022;5(4):e227247. doi:10.1001/jamanetworkopen.2022.7247

Introduction

Data breaches of protected health information (PHI) create substantial financial, reputational, and clinical risks for patients and health care entities.1-4 Prior research5 found that large academic medical centers face disproportionately higher PHI breach risks than other hospitals. Approximately one quarter of PHI breaches were caused by employees’ unauthorized access to PHI, in which the employee lacked authorization, permission, or other legal authority to access the data.6 A nonrandomized controlled trial was conducted in a large academic medical center to understand the effectiveness of email warning on reducing repeated unauthorized access to PHI.

Methods

This study was exempt from institutional review board approval from Michigan State University because it does not meet the criteria for human participants research (no identifiable private information or identifiable biospecimens were accessed). The study followed the Transparent Reporting of Evaluations With Nonrandomized Designs (TREND) reporting guideline.

------

https://www.dailymail.co.uk/news/article-10724773/Patients-hit-doctor-dismissed-concerns-difficulties-face-face-GP-appointments.html

Furious patients hit out as doctors' chief dismisses concerns about the difficulties of getting face-to-face GP appointments as 'a lot of noise'

·         Professor Dame Clare Gerada angered patient groups by dismissing concerns

·         She brushed off worries over struggling to get a face-to-face GP appointment 

·         The GP said the shift to online consultations was a positive part of the pandemic

·         Campaigner Dennis Reed slammed her for being 'dismissive' to senior citizens

By Stephen Adams Medical Correspondent For The Mail On Sunday

A leading GP has angered patient groups by dismissing concerns over the struggle to secure face-to-face appointments with family doctors as 'a lot of noise'.

Professor Dame Clare Gerada, President of the Royal College of GPs, made the remark after describing the shift to online consultations as the most positive development of the pandemic.

She holds a stake in eConsult, a company providing remote consultation software to about half the country's GP surgeries, which has profited hugely from Covid.

In an online conference hosted by the Royal Society of Medicine, Prof Gerada and other panel members were asked what they thought was 'the most positive surprise' to have come from the pandemic.

-----

Enjoy!

David.

Friday, April 29, 2022

A Little Levity With A Rather Serious Problem Underlying It!

This appeared last week.

Hospitals exposed to robot glitch

David Swan

10:46PM April 19, 2022

At least two Australian hospitals were using robots with security flaws that could have allowed hackers to spy on patients, tamper with medication or shut down hospital systems.

Cyber security researchers say the vulnerabilities, discovered overseas last week, affected Aethon TUG smart autonomous robots understood to be deployed in some Australian hospitals including the Royal Melbourne Hospital and Epworth in Richmond. The US’s Cybersecurity and Infrastructure Security Agency (CISA) warned last week that the bugs could allow hackers to take full control of robot functions or expose sensitive information.

The robots handle tasks including distributing medication, cleaning and transporting hospital supplies and use sensors, cameras and radio waves to avoid bumping into people and objects.

The technology that powers the robots and allows them to move throughout the hospital is also what made the vulnerabilities so dangerous, according to Asher Brass, an executive at cyber security start-up Cynerio and lead researcher on what has been dubbed JekyllBot: 5 vulnerabilities.

Mr Brass said the bugs were with the base servers used to control the robots, which could have allowed hackers to log in and remotely control the robots from afar, allowing them to potentially spy on patients or interfere with critical patient care.

According to Cynerio, some of the more severe attack scenarios ranked as high as a 9.8 CVE score, which is a measure out of 10 used to classify cyber security threats.

There was no evidence the vulnerabilities, which were in the Homebase Server’s JavaScript and API implementation, have been so far exploited.

More here:

https://www.theaustralian.com.au/business/technology/hospitals-exposed-to-robot-glitch/news-story/582101418ed345a856da54c934f48210

There is also international coverage:

Cybersecurity Company Finds Vulnerabilities in Hospital Robots

Analysis  |  By Eric Wicklund  |   April 21, 2022

The vulnerabilities were found in the Aethon TUG smart autonomous robot, which is used by hundreds of health systems to ferry medications and other supplies throughout the hospital. 

An autonomous robot commonly used in hospitals to transport medication and other supplies from room to room could be hacked and used to spy on patients and staff, according to a New York-based healthcare IoT security company.

Cynerio announced earlier this month that its researchers had discovered five vulnerabilities in the innards of the Aethon TUG smart autonomous robot, which is sued in hundreds of healthcare sites around the world.

Robots like the Aethon TUG are used by hospitals to do light housekeeping and ferry items from one place to another, relying on radio waves, sensors and other technology to open doors, take elevators and maneuver through hallways without hitting anything. More advanced telepresence robots are being used to connect care providers in other locations with patients in their rooms or the Emergency Department and even perform some guided surgeries.

Collectively called the JekyllBot:5, the malware was found in the TUG Homebase Server’s JavaScript and API platforms, as well as a WebSocket that is used to relay commands from the server to the robot. According to a Cynerio press release, these vulnerabilities could:

·         Disrupt or impede the timely delivery of medications and lab samples;

·         Shut down or obstruct hospital elevators and door locking systems;

·         Monitor or even take videos and pictures of patients, staff, and hospital interiors, as well as sensitive patient medical records;

·         Control the robots to allow them to access restricted areas, interact with patients or crash into staff, visitors, and equipment; and

·         Hijack administrative user sessions in the robots’ online portal and inject malware through their browser to enable future cyberattacks on IT and security team members at healthcare facilities.

More here:

https://www.healthleadersmedia.com/technology/cybersecurity-company-finds-vulnerabilities-hospital-robots

The fun for me came with the malware name ‘JekyllBot.5’ or maybe ‘JerkyBot’ with a shaking robot!

The serious message is just how many vulnerabilities there are out there with internet connected devices and how frequently they seem to be allacked.

There is a real need for the providers of these devices to do a good deal more to protect them against attack.

I note, in passing, to see how many of these robots are deployed. They must be useful and cost-effective compared with humans. I was not aware of all this happening so fast! I clearly must get out more!

David.