After A Couple Of Weeks It Is Clear That The “Optus Hack” Was A Symptom Of A Larger Problem!

As time passes we are starting to see more considered comments on the issue.

Here for example:

Optus data breach reveals ad hoc and immature response system

The near 10 million Optus customers at the centre of the identity credential scandal were essentially left to fend for themselves.

Tom Burton Government editor

Oct 2, 2022 – 2.39pm

Revelations that nearly 10 million Australians have had key identity credentials potentially breached finally provided the shock needed to modernise the country’s antiquated data management, security and privacy systems.

For years, under intense lobbying from financial, payment, telco, media and marketing interests, Australia has slow-walked reforms that would create a trusted, secure, reliable and efficient regulatory regime to manage the burgeoning digital economy and the data that fuels it.

Identity theft, fraud, criminality and scams have ballooned amid a plodding, patchwork response from policymakers. A 2017 Australian Institute of Criminology study found one in four Australians had been a victim of identity crime at some point.

That was before COVID-19 “uberised” the online economy, opening a cornucopia of opportunity for bad actors. The emergence of near real-time payment systems has also created a new fertile field for scammers. Officially known as Authorised Push Payment (APP) fraud, a typical scam involves bad actors duping renovators or property buyers into sending payments to them rather than the legitimate builder or vendor.

Privacy backwater

Attempts to require lenders to confirm account holder details (the name of the account) before making these payments, for example, have been resisted by Australian banks. This is despite a 35 per cent drop in fraudulent and mistaken payments when British authorities mandated confirmation of payment for intra-bank account payments.

At the same time, privacy regulators have been pleading for stronger enforcement powers, with graduated and meaningful penalties and straightforward powers for courts to award compensation.

As Home Affairs Minister Clare O’Neil noted, if Optus had breached basic privacy protections in other jurisdictions (notably Europe and California), it would be facing fines in the hundreds of millions of dollars.

Australia is almost alone among Anglo peers in not having any personal right of privacy nor any broader tort under which to sue for privacy breaches.

Vastly more here:

https://www.afr.com/technology/optus-data-breach-reveals-ad-hoc-and-immature-response-system-20220930-p5bmcl

Also here:

Optus fiasco shows how lost we are on digital security

Peter Jennings

11:00PM October 2, 2022

One good thing about crises is that they provide opportunities to learn. We will be working through the consequences of the cyber attack on Optus for years.

A steadier government voice on the Optus mess has been Clare O’Neil, Minister for Home Affairs and Cyber Security. Last week she told Channel 9’s A Current Affair: “It’s really important that everyone enters this conversation with a little bit of humility. The truth is we are probably five years behind where we need to be with cyber security in this country and government is not immune from that.”

Few players come out of this crisis with reputations intact. The government’s handling has involved multiple ministers all separately racing to sheet home blame to Optus for what, frankly, is a shared responsibility.

Optus must carry the blame for what, on our current knowledge, looks to be a human not technological error exposing over 10 million customer records via inappropriate testing of an application program interface.

A knowledgeable cyber specialist told me a savvy 15-year-old could have achieved this hack. Time will tell if that is true, but we should be sceptical for the moment about online claims of responsibility. Optus carries responsibility for the cyber breach but setting the policy framework for cyber security is squarely a government task and managing the consequences of breaches is shared between the public and private sectors.

There is a lot of blame to be shared. While the Morrison government did strengthen national laws around the security of critical infrastructure, it unaccountably chose to exclude telecom-munications providers from the more stringent reporting and management rules set out in the 2021 Security of Critical Infrastructure Act. It was claimed existing telecommunications laws would “better manage national security risks of espionage, sabotage and foreign interference to Australia’s telecommunications networks and facilities”.

More here:

https://www.theaustralian.com.au/commentary/optus-fiasco-shows-how-lost-we-are-on-digital-security/news-story/1020f4bdc1444f708af52bab20d1f498

And here:

The easy way to prevent a data breach: don’t collect data

John Davidson Columnist

Oct 6, 2022 – 1.31pm

At the Sonoma Bakery in a downtown café strip in Canberra, customers have to hand over not just their payment details to complete orders from their table.

They also have to hand over their email address and phone number.

Regardless of whether they opt into Sonoma’s mailing list, its ordering app – written by the Brisbane-based hospitality software provider Bopple – won’t let them pay for their coffee and baked goods if the email and phone number fields are left blank.

Anna Johnston, a former deputy privacy commissioner for NSW, who now runs the consulting firm Salinger Privacy, says it’s an example of the excessive and oft-times illegal data-gathering that has crept into Australian society since COVID-19 got everyone in the habit of pulling out their phones and checking into government apps whenever they entered an establishment.

Attorney-General Mark Dreyfus, responding to the Optus data breach last week, promised to crack down on excessive data harvesting, which is believed to have exacerbated the problems caused to Optus customers by exposing Medicare, driving licence and passport details that the telco may not have been required to keep.

“For too long, we have had companies solely looking at data as an asset they can use commercially,” Mr Dreyfus said.

“We need to have them appreciate very, very firmly that Australians’ personal information belongs to Australians. It’s not to be misused, it absolutely has to be protected. And if the Privacy Act is not getting us those outcomes, then we need to look at reforms to the Privacy Act.”

But collecting email addresses and phone numbers of customers just to take an in-store coffee order or allow someone to make an in-store purchase could be a breach of the existing Privacy Act, Ms Johnston said.

One necessary reform is as simple as funding Australia’s Privacy Commissioner to police the law.

“It’s symptomatic of a failure of Australian businesses to constrain their collection of personal information,” Ms Johnston told The Australian Financial Review.

Data collection practices that had become prevalent since COVID-19 were “absolutely excessive”, she said.

“What was necessary for public health reasons in a pandemic is entirely different from what’s necessary just to order a coffee.

“There is a widespread failure of businesses to understand that there is actually a law that says you’re not supposed to collect personal information unless it’s reasonably necessary for a particular function.

“And it’s not necessary to collect someone’s name or email address or phone number just to order a coffee.”

The best data security can have to prevent a data breach is to not collect the information in the first place.

— Privacy expert Anna Johnston

Bopple did not respond to questions about why its app required customers to enter their personal information when it already knew which table they were seated at. It also did not respond to questions about its data retention and destruction policies, and about its cybersecurity standards and history of data breaches.

In its app, which it “white labels” to several hospitality chains around Australia, customers are informed that “unless you opt in to receive new and exclusive offers, your phone number will only be used to communicate with you about your order”.

But on its website, Bopple points its hospitality customers to other advantages of collecting data from customers using its app.

“Build a customer database and own the data. Track ad performance and re-target your most valuable customers to drive repeat sales,” the company advertises.

Online marketing

Elsewhere on its site, under the headline “Online marketing channels collect a lot of data – use it”, Bopple tells its customers: “With [direct-to-consumer] marketing being heavily online, it’s easy to gather customer data and get a clear insight into buying behaviours.”

Alexander Avramides, managing director of Sonoma Baking Company, which runs the bakeries, said “Sonoma has never had cause, nor has it ever accessed the customer data collected by Bopple.”

Giving customers no option but to enter their personal details when ordering in-store was a default setting in the Bopple app that Sonoma was unable to change, he said.

In response to questions from the Financial Review, Mr Avramides said “Sonoma has requested this option and is waiting on a reply from Bopple”.

More here:

https://www.afr.com/technology/the-easy-way-to-prevent-a-data-breach-don-t-collect-data-20221003-p5bmu8

When you put all this together it is totally clear that the Optus event is a sad symptom of regulatory neglect and a failure of both Government and Business to take seriously the responsibilities to protect our private personal data.

It has been a situation of ‘so far, so good’ while waiting for a problem to arise! Well arise it has and we need an effective, considered and in-depth response – and at speed and with care.

Frankly when compared with the approach of Europe with the General Data Protection Regulation (GDPR) we really can be seen to have totally dropped the ball – with even California and whole range of other countries adopting the EU model holus-bolus!

See here:

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

We really only have ourselves to blame for the mess we are in and it is up to Government and Industry to work urgently to get Australia into the 2020’s.

It is really pretty sad just how the privacy and security expectations of Joe Citizen have just been ignored - largely to save money I suspect!

If you have been damaged by this mess you really do have the right to be ‘pretty bloody angry’ at the slack incompetents who just chose to do nothing and wait for the hammer to fall!

David.

AusHealthIT Poll Number 652– Results – 9th October, 2022.

Here are the results of the poll.

The Indian State Of Tamil Nadu (Pop. 75 million) Is Seeking Advice On Digital Health From The ADHA. Is The ADHA An Ideal Choice To Seek Advice From?

Yes                                            12 (24%)

No                                             39 (76%)

I Have No Idea                           0 (0%)

Voters: 51

A clear outcome suggesting that there may be better sources of help!

Any insights on the poll are welcome, as a comment, as usual!

A fair number of votes. and a reasonable majority outcome. 

0 of 51 who answered the poll admitted to not being sure about the answer to the question!

Again, many, many thanks to all those who voted! 

David.

Weekly Overseas Health IT Links – 8th October, 2022.

Here are a few I came across last week.

Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment

-----

https://mhealthintelligence.com/news/patients-indicate-high-levels-of-satisfaction-following-telehealth-use

Patients Indicate High Levels of Satisfaction Following Telehealth Use

New research shows that 57 to 80 percent of patients prefer telehealth when obtaining care, revealing high levels of satisfaction with the care modality.

By Mark Melchionna

September 30, 2022 - According to new research findings from the JD Power 2022 US Telehealth Satisfaction Study, telehealth has become more than a temporary replacement for in-person care due to high consumer preference and its role in expanding access to mental health treatment.

At the beginning of the COVID-19 pandemic in 2020, many providers turned to telehealth due to the restrictions placed on in-person care. Data collected in 2022 by JD Power indicates that patient satisfaction with telehealth is high, with many claiming that they now prefer it to in-person care.

“Telehealth and digital technologies are transforming how patients seek and receive healthcare,” said Christopher Lis, managing director of global healthcare intelligence at JD Power, in a press release. “Telehealth has the potential to increase access, convenience, care coordination and continuity, improve outcomes, and fill in gaps in provider coverage, particularly in underserved areas.”

The 2022 survey, which polled 4,306 healthcare customers between June and July, revealed several noteworthy data points. For example, 67 percent of patients indicated that they had used telehealth in the preceding year, which is significantly higher than the 37 percent that did the same in 2019.

-----

https://patientengagementhit.com/news/opennotes-pilots-initiative-for-caregiver-engagement-data-access

OpenNotes Pilots Initiative for Caregiver Engagement, Data Access

The OpenNotes program launching this fall will work to identify care partners, assess their needs, and offer practical resources to improve caregiver engagement.

By Sara Heath

September 30, 2022 - Beth Israel Lahey Health Primary Care and two other clinical sites will be piloting OurNotes for Care Partners, an OpenNotes project to support caregiver engagement and data access.

Caregivers are an essential part of a patient’s care team, often providing a wide range of services, like emotional support and medication management, while also participating in patient care decisions.

However, their needs often go unnoticed. The healthcare industry has struggled to engage family caregivers as care partners, with many caregivers going without the health information necessary to facilitate care for their loved ones.

This project aims to develop a healthcare organization-specific system that leverages technology to identify caregivers, improve caregiver-patient communication, and connect care partners with needed services.

-----

https://www.digitalhealth.net/2022/09/nhs-app-reaches-30-million-sign-ups-milestone-by-4th-anniversary/

NHS App reaches 30 million sign-ups milestone by 4th anniversary

The NHS App has recorded more than 30 million sign-ups as well as close to 450,000 new organ donation decisions since it was launched four years ago.

Core Lydon – 30 Sep, 2022

The app was launched back in September 2018 and people are now being encouraged to use the app to register their organ donation preferences during Organ Donation Week (26 September – 2 October). The total number of organ donation decisions that were registered for the first time through the app increased 69% in a year and since last September there have been 183,000 new decisions registered.

Susie Day, NHS digital director of delivery, NHS App said: “Millions of people are continuing to use the NHS App to take control of their healthcare directly from their phone or the NHS website, with over 30 million sign-ups now recorded.

“It’s great to see rising numbers of people using the app to register and manage their organ donation decisions and we encourage everyone, if they haven’t already done so, to record this important decision through the app or online.”

Figures from NHS Digital show:

·         Organ donation preferences have been managed over 3.7 million times through the NHS App in total, including updates to existing decisions.

·         448,000 new organ donation decisions have been registered.

·         4 million GP appointments were booked via the app between September 21 and August 22.

·         Over 19.3 million repeat prescriptions were ordered through the app between September 21 and August 22.

-----

https://www.digitalhealth.net/2022/09/the-christie-goes-live-with-eproms-on-new-digital-health-platform/

The Christie goes live with ePROMs on new digital health platform

The Christie NHS Foundation Trust has gone live with an electronic Patient Reported Outcome Measures (ePROMs) system which connects cancer patients with the trust.

Cora Lydon – 23 Sep, 2022

The ePROMS is part of the trust’s five-year strategy where it it aims to modernise its electronic health record which includes underpinning it by openEHR data standards. As part of that strategy, The Christie selected Better last September to deliver a digital health platform.

ePROMs is the first of more than 680 forms which will be digitalised by the trust using Better’s low-code tools with 24 forms being launched across 10 cancer pathways and a further 10 more are planned for by the end of this year

The development of the ePROMs saw the joining up and structuring of siloed data to be used in the forms. The data that is collected then feeds into the Better platform, so that data from both patients and clinicians is made instantly available trust-wide.

-----

https://www.statnews.com/2022/09/27/hold-accountable-doctors-who-knowingly-spread-covid-19-lies/

Doctors who knowingly spread Covid-19 lies should be held accountable

By Juliana E. MorrisSept. 27, 2022

The California State Legislature has sent a bill to Gov. Gavin Newsom that strengthens discipline for doctors who knowingly spread Covid-19 misinformation. Legislation like this is sorely needed across the country.

More than two years into the pandemic, Covid-19 misinformation still runs rampant. Some comes from doctors spreading lies about unproven — and actually harmful — “treatments” for Covid-19 and promoting anti-vaccine conspiracy theories. Physicians account for three of the 12 individuals thought to be responsible for up to 73% of anti-vaccine content on Facebook. These physicians have been highly influential in their claims that, for example, masks suppress the immune system and that, after getting the vaccine, “becoming sterile [is] almost a certainty.” These lies have real and potentially deadly consequences.

An effective response to misinformation and its effects requires a multilayered approach, including one that holds rogue physicians accountable for their pronouncements, helping to preserve integrity within the medical profession.

As a primary care physician, I see the effects of Covid-19 misinformation every day. Some of my patients continue to decline getting vaccinated against SARS-CoV-2, the virus that causes Covid-19, based on false theories about immunizations causing death or decreased fertility. A few have become severely ill from the virus just weeks after saying “no” to vaccination during their visit to my office.

-----

https://ehrintelligence.com/news/over-50-of-text-in-ehr-notes-is-duplicate-clinical-documentation

Over 50% of Text in EHR Notes is Duplicate Clinical Documentation

Duplicate content in EHR notes increases the time for physicians to determine which data is accurate and creates viral copies of errors that can spread through clinical documentation.

By Hannah Nelson

September 30, 2022 - More than half of all text in EHR notes is duplicated, according to a study published in JAMA Network Open that suggests the need for a new clinical documentation paradigm that supports the stability of shared information over time.

Researchers analyzed more than 100 million notes to characterize the prevalence of duplication in the EHR.

Duplicate content was prevalent in notes written by physicians at all levels of training, nurses, and therapists.

Physicians wrote the notes with the largest amounts of novel information and the longest notes. While comprehensive, the documentation was repetitive; physician EHR notes included 30 percent to 70 percent duplicate content.

-----

AI study finds 50% of patient notes duplicated

Investigators used natural language processing and deep learning to explore the prevalence of patient information duplicated from prior notes in medical records.

By Andrea Fox

September 30, 2022 10:04 AM

A new health informatics study found that clinical care documentation results in a high prevalence of text duplication and that systemic hazards require systemic interventions to fix.

WHY IT MATTERS
Earlier this year, a team led by researchers from the University of Pennsylvania Perelman School of Medicine in Philadelphia used artificial intelligence to analyze all inpatient and outpatient notes written within the UPenn Health System from January 1, 2015, through December 31, 2020.

The investigators quantified the text duplicated from a different author versus text copied from the same author to find out how much duplication is present in the electronic health record and why.

Of the total notes for more than 1.96 million unique patients (104,456,653), 50.1% of the words were duplicated from prior notes written about the same patient (32,991,489,889 of 16,52, 85, 210 total words).

The researchers also found that the rate of duplication increased year-over-year, from 33% for notes written in 2015 to 54.2% for notes written in 2020.

-----

https://healthitanalytics.com/news/fda-releases-guidance-on-ai-driven-clinical-decision-support-tools

FDA Releases Guidance on AI-Driven Clinical Decision Support Tools

The FDA has released new guidance recommending that some artificial intelligence-powered clinical decision support tools, like sepsis prediction devices, should be regulated as medical devices.

By Shania Kennedy

September 29, 2022 - The Food and Drug Administration (FDA) has released new guidance stating that some artificial intelligence (AI) tools should be regulated as medical devices as part of the agency’s oversight of clinical decision support (CDS) software.

The new guidance includes a list of AI tools that should be regulated as medical devices, including devices to predict sepsis, identify patient deterioration, forecast heart failure hospitalizations, and flag patients who may be addicted to opioids, among others.

In recent years, AI and machine learning (ML) have been increasingly incorporated into medical devices because these algorithms are capable of “learning” from experience and improving performance over time.

As a result, the FDA Center for Devices and Radiological Health (CDRH) is considering “a total product lifecycle-based regulatory framework for these technologies that would allow for modifications to be made from real-world learning and adaptation, while ensuring that the safety and effectiveness of the software as a medical device are maintained.”

-----

https://mhealthintelligence.com/news/telehealth-care-quality-better-than-in-person-for-some-measures

Telehealth Care Quality Better Than In-Person For Some Measures

New research shows that telehealth can enhance healthcare quality, with telehealth patients experiencing a similar or better performance in some quality measures than patients receiving in-person care.

By Mark Melchionna

September 29, 2022 - While researching the effects of telehealth and in-person care within a large integrated health system, a study published in JAMA Network Open found that virtual care methods can expand healthcare capabilities, performing on par or better than in-person care on most quality measures evaluated.

Due to in-person care restrictions implemented during the COVID-19 pandemic, many patients and providers turned to telehealth to ensure necessary access to healthcare. Though telehealth use has since leveled off, it remains popular. Thus, researchers set out to assess the quality of patient care among those who used telehealth compared to those who did not.

Researchers conducted a retrospective cohort study that included 526,874 patients, 409,732 of whom received only in-person care, and 117,142 participated in telehealth visits. Of those who received only in-person care, 49.7 percent were women, 85 percent were non-Hispanic, and 82 percent were White. Of those who received care via telehealth, 63.9 percent were women, 90 percent were non-Hispanic, and 86 percent were White.

Researchers noted that patients in the in-person-only group performed better on medication-based measures. But only three of the five measures had significant differences: patients with cardiovascular disease (CVD) receiving antiplatelets, those with CVD receiving statins, and those with upper respiratory infections avoiding antibiotics.

-----

https://mhealthintelligence.com/news/chronic-care-patients-88-more-likely-to-use-telehealth-than-their-peers

Chronic Care Patients 88% More Likely to Use Telehealth Than Their Peers

New research shows that telehealth use continues to impact healthcare delivery positively and remains popular among patients, especially chronic care, female, and mental health patients.

By Mark Melchionna

September 28, 2022 - Research from athenahealth shows that despite a decrease in pandemic-related restrictions, telehealth continues to improve care delivery by helping to fill care gaps and providing various benefits aside from solely replacing in-person visits.

athenahealth conducted a survey that gathered information regarding telehealth use and patient demographics. The survey, fielded by Dynata, polled 2,000 US adults between Jan. 1, 2019, and April 30, 2022.

During the COVID-19 pandemic, many providers turned to telehealth amid in-person care restrictions. The survey notes that virtual visits accounted for approximately 12.1 percent of all visits during spring 2020.

Although that figure dropped to 8.9 percent in the first half of 2022, the research indicates that telehealth has enhanced care access and emerged as a reliable mode of treatment delivery.

-----

https://patientengagementhit.com/news/patient-portal-use-in-mental-health-is-up-but-digital-literacy-key

Patient Portal Use in Mental Health Is Up, But Digital Literacy Key

Although research noted increases in patient portal use in mental health, digital health literacy and accommodations for all patient populations are still needed to reach full potential.

By Sara Heath

September 29, 2022 - Patient portal use in mental health is getting more common, but still, only about half of those with self-reported anxiety or depression are using the health IT, according to data published in Psychiatry Research Communications.

Moreover, the study found considerable disparities in patient portal use based on gender, age, income, and race or ethnicity.

The healthcare industry has thrown a lot of its efforts behind the patient portal, lauding the health IT as the bedrock of patient engagement. As a key metric in the Medicare and Medicaid EHR Incentive Programs, patient portal use and patient data access were argued to be the defining factor in patient activation. A patient cannot self-manage an illness when she does not have access to her medical information, experts have reasoned.

And although leading industry groups, including the Office of the National Coordinator for Health IT (ONC), have conducted extensive research about patient portal use and adoption—and the barriers to access—less is known about how the technology is used in the mental health space.

-----

https://www.beckershospitalreview.com/innovation/whenever-there-s-chaos-there-s-opportunity-says-stanford-health-care-chief-data-scientist-dr-nigam-shah.html

'Whenever there's chaos, there's opportunity,' says Stanford Health Care chief data scientist Dr. Nigam Shah

Giles Bruce – 29 Sep, 2022

The first supercomputer for artificial intelligence in medicine was developed at Stanford University in the early 1970s. So it makes sense that the health system affiliated with the university recently named its inaugural chief data scientist to integrate AI into patient care.

But before unveiling cool, innovative tools, Nigam Shah, PhD, has been spending his first few months in the role at Palo Alto, Calif.-based Stanford Health Care trying to prove that AI is actually useful in healthcare.

"The chatter tends to be about: Is it fair? Is it going to impact people? Is it going to increase disparities? Is it going to put people out of work?" Dr. Shah told Becker's. "Very few places, if any, ask the question that if we use AI to guide care, will we get any value?"

Dr. Shah and some colleagues recently analyzed assessments of 15 healthcare AI models. They found that of the 220 items of information requested, more than half focused on the model itself, while only four pertained to fairness and none looked at usefulness.

-----

https://www.nextgov.com/cxo-briefing/2022/09/hhs-needs-ensure-telehealth-patients-and-providers-understand-privacy-risks/377700/

HHS Needs to Ensure Telehealth Patients and Providers Understand Privacy Risks

By Alexandra Kelley,
Staff Correspondent

September 27, 2022

An oversight report underscored the need for improved patient privacy and security disclosures following the pandemic-related telehealth boom.

The federal government needs to take stronger action in informing Medicare patients about their rights to privacy and security surrounding their medical and health data following the dramatic surge in telehealth uses during the COVID-19 pandemic, according to a new oversight report.

The Government Accountability Office examined the telehealth care used by the Health and Human Services Department for Medicare patients during the height of the COVID-19 pandemic. Due to a sudden influx in need, HHS officials temporarily waived select Medicare restrictions on telehealth. 

While the need for in-home, remote medical care was critical during the onset of the pandemic, the GAO reports that stricter procedures are needed to enforce telehealth providers’ disclosure of privacy and security risks associated with virtual treatment. 

The HHS Office of Civil Rights “encouraged covered providers to notify patients of potential privacy and security risks. However, it did not advise providers of specific language to use or give direction to help them explain these risks to their patients,” the report said. “Providing such information to providers could help ensure that patients understand potential effects on their protected health information in light of the privacy and security risks associated with telehealth technology.”

-----

https://www.fiercehealthcare.com/providers/podnosis-artificial-intelligence-healthcare-how-payers-invest-social-needs

'Podnosis': Broadening artificial intelligence's scope in healthcare, how payers can invest in social needs

By Teresa Carey

Sep 28, 2022 06:00am

While there has been a lot of hype about artificial intelligence radically transforming healthcare, adoption has been slower and more measured than previously predicted. Instead of replacing doctors, clinicians are using AI as a tool to improve everything from their diagnoses to billing practices. Last year, healthcare AI startups raised $12.4 billion. That’s nearly double the previous year. But there are some concerns, such as privacy around using patients' data. Fierce Senior Editor Heather Landi talks with John Halamka, M.D., who leads Mayo Clinic’s digital health and AI projects, to find out about what is standing in the way of more widespread use and what organizations should be doing to protect patients’ data. 

Also on the podcast, we'll discuss social factors that in fact play a significant role in a person’s overall health like poverty, racism, unequal access to healthcare or lack of education. Healthcare industry insiders are aware of this challenge. So, with that backdrop, payers have invested significantly in bringing on the expertise necessary to tackle these social needs both at scale and across a variety of communities. At UnitedHealthcare, that work is led by Alex Billioux, M.D. He chats with Fierce Healthcare's senior editor Paige Minemeyer to discuss how payers can address social needs to really make a difference in these challenges. 

------

https://www.fiercehealthcare.com/ai-and-machine-learning/how-google-mayo-clinic-and-kaiser-permanente-say-theyre-addressing-health

How Google, Mayo Clinic and Kaiser Permanente tackle AI bias and thorny data privacy problems

By Dave Muoio

Sep 28, 2022 08:00am

Provider and tech organizations alike often say that artificial intelligence, if fully realized, could herald a new paradigm for healthcare delivery.

Even today, teams across major names like the Mayo Clinic, Google and Kaiser Permanente are working on tools that can rapidly scan images to predict medical diagnoses, skim medical records to highlight optimal clinical decisions for practitioners, triage patients, streamline administrative tasks and nudge consumers toward healthier tasks or information.

But those same AI evangelists are also quick to acknowledge the numerous barriers and pitfalls where the technology has so far stumbled. Chief among these are issues of privacy, transparency and equity.

“Everyone should have the opportunity to achieve the full benefits of AI from their healthcare system,” Michael Howell, M.D., chief clinical officer and deputy chief health officer at Google, said Monday during an online discussion about healthcare AI. "We should work systematically to eliminate those barriers.”

-----

https://www.healthcareitnews.com/news/new-free-software-enables-3d-image-sharing-pacs

New free software enables 3D image sharing in PACS

The new software, developed in-house at San Diego-based Rady Children's Hospital, allows physicians to easily view and interact with 3D patient models, saving time and improving patient care.

By Andrea Fox

September 28, 2022 01:24 PM

Created by a collaborative team at the Rady Hospital's Helen and Will Webster Foundation 3D Innovations Lab, or 3DI Lab, this freely available software is being touted as the first-ever tool of its kind.

WHY IT MATTERS

With Digital Imaging and Communications in Medicine standardization software, or DICOM doctors can use the standard picture archiving communication system imaging to import and export individual patients’ 3D models.

Previously, 3D imaging was accessible only with specialized software. 

Called Media2DICOM, the software developed at Rady allows image technicians to either convert videos of patients’ 3D models or the 3D datasets themselves into standardized DICOM files. 

The files are then embedded within patient medical records and accessible through the healthcare facility’s PACS, where other patient media, such as computerized tomography and magnetic resonance imaging scans, are also available.

-----

https://www.healthcareittoday.com/2022/09/28/vocal-markers-move-toward-clinical-use/

Vocal Markers Move Toward Clinical Use

September 28, 2022

Andy Oram

Readers of this publication probably have heard of the impressive advances in analyzing voice patterns for disease. These automated models can monitor so many people efficiently that they have potential applications in public health as well as diagnosis and treatment.

A simple app on a cell phone can detect unusual patterns in speech that suggest when a person is depressed or anxious, is losing cognitive function, or has pulmonary disease.

But there are several reasons that “prediagnostic” data from popular devices can’t be trusted: lack of regulation, user error, lack of information about the device’s operation, etc.

Nobody is relying on vocal markers for diagnosis yet, according to David Liu, CEO of Sonde Health. But the analyses are useful input to doctors’ diagnoses. I talked to Liu recently about what Sonde Health is doing in India and other parts of the world with vocal markers.

-----

https://ehrintelligence.com/news/usa-health-cuts-sepsis-mortality-rate-with-oracle-cerner-ehr-workflows

USA Health Cuts Sepsis Mortality Rate With Oracle Cerner EHR Workflows

The Sepsis Performance Improvement team included a diverse representation of departments to oversee the adoption of workflow changes within the Oracle Cerner EHR.

By Hannah Nelson

September 27, 2022 - After implementing new Oracle Cerner EHR workflows and alert algorithms, USA Health reduced its sepsis mortality rate by 16.5 percent.

The health system initiated a performance improvement effort in early 2021 to reduce mortality by improving early identification and evidence-based treatment of sepsis.

The team set out to identify opportunities to support staff in providing evidence-based care to patients through cross-department collaboration among pharmacy, nursing, quality, IT, and physicians. Ultimately, they implemented a sepsis alert algorithm in August 2021. Oracle Cerner deployed alert workflows and PowerPlans with client-developed sepsis content in October 2021.

The alert algorithms, along with better workflow and alert response options, were aimed at supporting near real-time patient monitoring and early identification and treatment of sepsis.

-----

https://www.medscape.com/viewarticle/981445

Sharpen Your Telehealth Skills: 9 Tips for Doctors

Maya Ordoñez

September 26, 2022

In early April 2020, family medicine Kyle Leggott, MD, was logging into a telehealth visit from his Aurora, Colorado, home. He'd shifted to 100% virtual visits but was struggling with one thing.

Connection.

Not the internet kind, but the human kind. The kind that helps you earn a patient's trust and can be hard to form through a computer screen.

Today, Leggott was meeting with James and Sarah, an older couple at risk for COVID-related complications. Five minutes in, the doorbell rang, the mail carrier leaving a package. Leggott cringed as his two dogs starting barking and racing to and from the door.

Leggott started to apologize, but James's and Sarah's faces lit up. "Is that an Australian shepherd?" they asked. Turned out, the pup looked just like their old dog, Roy, who'd been with them for 15 years but recently passed away.

That's when James and Sarah opened up. Holed up in their mountain home, they hadn't interacted with anyone in weeks. They missed Roy dearly and seeing Leggott's dogs brought them joy in a time of anxiousness and isolation. To this day, though James has passed away, Leggott makes sure his dogs are at his feet for every virtual visit with Sarah.

-----

https://www.healthcareitnews.com/blog/lose-covid-19-public-health-emergency-keep-progress

Lose the COVID-19 public health emergency, but keep the progress

Healthcare organizations must urge the Senate to pass critical telehealth legislation, and enact at least a two-year extension of the important PHE-era policies while working toward a permanent solution.

By David Gray

September 27, 2022 11:09 AM

When President Joe Biden recently declared on national television that “the pandemic is over,” he offered a glimpse into the strategy his administration will be using on COVID-19 going forward: We’re ready to move on. 

Biden’s statement, which divided the public health community and the public, has wide-reaching implications for the fate of connected health and vital telehealth services.

In January 2020, then-Secretary of the U.S. Department of Health and Human Services Alex Azar signed the first Public Health Emergency declaration, declaring COVID-19 a national emergency. The PHE has been renewed every 90 days and is currently set to end on Oct. 13, 2022, unless it’s renewed yet again. 

All signs point to the PHE extending for another 90-day period until January 2023 because the 60 day advance notice wasn’t given in August, but the president’s latest statement indicates this could be the final renewal, and the PHE may finally expire in the new year.

Without action from Congress, most of the telehealth flexibilities will cease, cutting off telehealth access to a majority of Medicare beneficiaries. It would also stall much-needed progress to fully integrate telehealth as a central element of healthcare delivery. We cannot afford to let that happen. Patients and providers deserve to have continued access to every tool at their disposal.

-----

https://www.healthcareitnews.com/news/health-system-cisos-offer-tips-building-cybersecurity-muscle-memory

Health system CISOs offer tips for building cybersecurity 'muscle memory'

Rigorous and routine training for incident response across the enterprise is critical to maintaining patient safety in the event of a cyber attack, say three security leaders.

By Andrea Fox

September 27, 2022 08:00 AM

By focusing on broader incident response training efforts – which involves medical, operational and other teams – as part of overall emergency preparedness programs, healthcare providers will be better positioned to maintain and deliver patient care when systems are breached and potentially disabled following a cyberattack.

Cyber attacks risk patient care

A recent study by the Ponemon Institute involving more than 640 healthcare IT and security leader participants found that while most of the provider organizations experienced nearly an attack each week last year, 57% also say these attacks are resulting in adverse impacts on patient care.

Half of respondents cited an increase of complications from medical procedures – and 20% reported an increase in mortality rates.

"This report aligns with the reality that healthcare organizations are facing in terms of the effects to patient safety," said Anahi Santiago, chief information security officer at Delaware-based ChristianaCare.

She and other healthcare cybersecurity leaders spoke with Healthcare IT News about the connection between cyber hygiene and patient safety and how to prepare for healthcare cyber attacks. 

-----

https://ehrintelligence.com/news/meaningful-use-ehrs-may-be-key-to-improved-quality-of-care

‘Meaningful Use’ EHRs May Be Key to Improved Quality of Care

Hospitals that meet the “Meaningful Use” EHR requirements were able to improve quality of care and reduce patient mortality rates more than other hospitals.

By Hannah Nelson

September 26, 2022 - The use of EHRs has resulted in improved quality of care, according to a study published in Journal for Healthcare Quality.

In 2011, CMS established the “Meaningful Use” program, now known as the “Promoting Interoperability Program,” which offers financial incentives to providers who effectively use EHRs in a way that promotes public health reporting and interoperability.

University of Missouri researchers analyzed the impact of EHRs on mortality rates for patients with various medical procedures and conditions.

The study included more than five million patients in 300 hospitals, which merged large datasets from EHRs, the American Hospital Association, and CMS.

The researchers found three main categories:

1. Hospitals that meet the “Meaningful Use” requirements with their EHRs
2. Hospitals that fully implement EHRs but not in a way that meets the “Meaningful Use” requirements
3. Hospitals that have either none or only partially implemented EHRs.

-----

https://www.healthcarefinancenews.com/news/new-digital-masks-touted-means-protecting-patient-privacy

Sep 22 2022

New 'digital masks' touted as means of protecting patient privacy

The technology could effectively remove identity attributes, and was met with a positive reaction by patients with ocular diseases.

Jeff Lagasse, Editor

Technologists writing in the journal Nature have created a digital "mask," dubbed the DM, which they say offers a pragmatic approach to safeguarding patient privacy in electronic health records and during virtual healthcare visits.

There appear to be clinical benefits to the DM as well.

The technology is based on real-time 3D reconstruction and deep learning, and is meant to retain the clinical attributes contained in patient videos, while minimizing access to nonessential biometric information. This is designed for added personal privacy in clinical practice.

Early experimental results show that with the DM, examination videos of patients with ocular disease can be precisely reconstructed from 2D videos containing original faces. A clinical diagnosis comparison showed that ophthalmologists achieved high consistency in reaching the same diagnosis when using the original videos and the corresponding DM-reconstructed videos.

This technology could effectively remove identity attributes, and was met with a positive reaction by patients with ocular diseases. They expressed an increasing willingness to share their personal information and have it stored digitally with this added layer of biometric protection.

-----

https://www.fiercehealthcare.com/health-tech/oracle-plans-rewrite-vas-cerner-ehr-system-fix-outages-amid-increased-scrutiny-congress

Oracle plans to 'rewrite' VA's Cerner EHR system to fix outages amid increased scrutiny from Congress

By Heather Landi

Sep 22, 2022 06:00pm

Tech giant Oracle promised lawmakers this week that it would revamp the beleaguered Cerner computer system being deployed at Veterans Affairs (VA) hospitals.

The company acquired Cerner only months earlier and is now focused on righting the ship on the $16 billion medical records system project that has been plagued by delays, leadership turnover and infrastructure problems since it kicked off in 2018. 

VA signed a $10 billion deal with health IT company Cerner in May 2018 to move from the VA’s customized VistA platform to an off-the-shelf EHR to align the country’s largest health system with the Department of Defense (DOD), which has already started integrating Cerner’s MHS Genesis system.

The VA has pushed off deployment of its new EHR system to additional medical facilities until 2023 to address outages that have plagued the software at current sites. Recent watchdog reports found that the new EHR system had caused nearly 150 cases of patient harm at a Spokane VA hospital.

-----

https://www.healthcareitnews.com/blog/agile-practices-they-re-not-just-software-development

Agile practices – they’re not just for software development

At Penn Medicine, agile methods have been adopted by a number of information technology teams, including teams that support its enterprise EHR, data analytics, IT operations and systems administration.

By Glenn Fala

September 26, 2022 10:29 AM

Agile software development methodologies such as Scrum and Kanban have been widely adopted by industry software development teams. Although agile practices originated in the realm of software development, other types of information technology teams can benefit from adopting similar approaches.

Fundamentally, agile methods are a set of practices that help teams to collaborate, organize their work, and see it through to completion.

Agile methods for software development

Agile methodology has emerged as a widespread practice for software development in response to the frustrations common in traditional software development projects, with their distinct, lengthy phases of scoping, requirements definition, design, build, and testing. Each of these sequential phases can take months, leading to long software development cycles.

Especially in large organizations, traditional software projects can be difficult to manage and unsatisfying for those involved. If you’ve ever had to grapple with business requirement documents that are hundreds of pages long, or if you’ve sat through requirements and design walkthroughs for days on end, only to be disappointed by the software that was eventually delivered nine to12 months down the road, you’ll understand those frustrations.

-----

https://www.healthleadersmedia.com/innovation/healthcare-executives-plot-path-forward-digital-health-transformation

Healthcare Executives Plot a Path Forward With Digital Health Transformation

Analysis  |  By Eric Wicklund  |   September 26, 2022

CIOs and other healthcare executives gathered in Boston this week for the HealthLeaders Innovation Exchange, where they talked about moving past the pandemic and into a new era of connected health.

---

KEY TAKEAWAYS

·         Roughly two dozen healthcare CIOs and other executives gathered this week in Boston at the HealthLeaders Innovation Exchange to talk about innovation strategy.

·         Many agreed that innovation and digital health transformation weren't taken seriously until the pandemic, and health systems are now trying to figure out how to plan a long-term strategy that balances innovation with sustainability.

·         They also pointed out that innovation isn't limited to one department head or one department, but needs input and support from all the levels of the healthcare system to succeed.

As the healthcare industry seeks to regain its footing after the pandemic, those in charge of innovation strategy are looking to balance lessons learned from COVID-19 with the need to be on solid financial ground.

That's a challenging task, say health system CIOs and other executives attending the HealthLeaders Innovation Exchange this week in Boston. In many cases, health systems have adopted telehealth and digital health out of necessity, to deal with COVID-19, but they haven't really put the work into shaping a long-term strategy.

"For the better part of the last decade we've been paying lip service to digital transformation," said Saad Chaudhry, MSc, MPH, CHCIO, CDH-E, chief information officer at Annapolis, Maryland-based Luminis Health. The pandemic "was a splash of water in everyone's faces."

-----

Enjoy!

David.

 

Someone Who Really Knows myGov Issues A Pretty Dire Warning About Its Future!

This appeared last week:

A myGov makeover? This pig will need more than lipstick

Glenn Archer
Contributor

29 September 2022

Just over a week ago, I upgraded my three-year-old iPhone to a shiny new model. It was a pretty smooth experience until I went to use the myGovID app so that I could, as you might expect, log into myGov.

While I anticipated that it might be necessary to reauthenticate myself/phone to the app, I never dreamed I’d need to also redo my biometric, scan my passport and enter my Medicare card number. This was hardly the user-centered experience I was led to believe was to be the future.

Not so much the promise of “set up once and use it again and again”, and more like “set up again and again…”.

The myGovID is the digital identity that is the key to the portal that is myGov. It will progressively take the place of the myGov account sign-in using username and password. However, the experience of having to reverify my identity to my iPhone was just my most recent of several examples of myGov failing to meet one of its most basic criteria – that being ease of use.

As it happened, this occurred only 24 hours after the announcement by Bill Shorten that David Thodey would lead a “user audit” to help “unlock the potential of myGov to turn it into a world-class citizen centric service that supports citizens throughout their life-course.”

A user centred review of how the federal government enables its citizens to interact online seems way overdue.

Some might suggest that being “world-class” is aspirational, but what might surprise many is that for the last decade Australia has been ranked in the top 10 of countries in the world on the UN’s well regarded biennial eGovernment Survey for digital service delivery. So, while there’s certainly some work to do, it’s not an unreasonable target.

Unfortunately, given what I believe are the fundamental challenges facing the government in improving myGov, the review’s narrow terms of reference, together with some recent comments attributed to the review’s chair, I doubt that the review will provide the sort of guidance or advice we truly need to improve citizen’s myGov experience.

“The truth is Services Australia has done a lot of work in this area. I think we’ll just look at what they’ve done and see if we can take the best-in-class out of that,” Mr Thodey told the Sydney Morning Herald when the review was announced.

Many of myGov’s shortcomings can be traced back to the failure by the DTO/DTA to implement the program in a manner consistent with the vision originally espoused by the Reliance Framework. This framework was endorsed in 2011-12 by the then Labor government and represented the basis for subsequent decisions to adopt the myGov model and to invest significantly in establishing and operating it.

Under the framework, myGov was expected to deliver improved online service delivery for citizens, including a single digital credential. This was to be supported by a governance framework, standardised business processes, and common standards.

As documented in the ANAO’s audit of the program conducted in 2016, good progress was being made. However, that was until later that year, when the DTO became “responsible for myGov service strategy, policy and user experience including: any changes to the current myGov service capabilities that related to policy objectives or user needs; and the on-boarding of new member services.”

Unfortunately, by this stage DTO was no longer recognised by agencies as having the expertise or capability to perform this role and, in part, this led to the establishment of the DTA, which was given far greater direct authority to influence agency policy, programs and business processes.

For various reasons that go beyond the scope of this note, the DTA failed dismally to leverage this authority or to put in place any effective governance structure to support myGov’s advancement. Hence, Services Australia now takes the lead here.

In 2015, when I was at Gartner, I produced a research note on government portals. It included a number of observations and made several recommendations, but perhaps the most critical ones relevant to myGov today were that:

• the choice of online credential used by the portal is critical and importantly, that a “good online credential is necessary but not sufficient to ensure portal success. It won’t guarantee success but a poor one will ensure failure.”
• any whole-of-government portal should “enable multiagency service integration, the transformation of business processes and a transition to digital government”; and
• the government must understand that “portal success is dependent on citizen centricity, policy and business process redesign, together with engaged leadership, appropriate governance and the authority to simplify and consolidate policy”.

Firstly, as the research showed even then, you cannot separate the matter of having a simple, reliable, and secure digital credential from that of enabling an effective and user-friendly digital service. These are interdependent, and the latter simply will not deliver the benefits expected without the former.

A digital credential without an application that makes use of its various levels of confidence or identity proofing (IP) levels, is a waste of effort and money.

Which reminds me, based on the little detail that’s been shared, the investment by the federal government on the Trusted Digital Identity Framework (TDIF) along with GovPass, myGovID and the Digital ID Beta program components, in total is approaching half a billion dollars.

Let that sink in for a moment.

While the ATO’s use of myGovID to replace the failing AUSkey credential (used by businesses), has arguably been a success, the same cannot be said for Services Australia’s approach to using it for citizens.

In particular, the implementation at the IP3 level is simply not fit for this purpose and broad adoption will only be achieved through compromise or some clever changes to definitions.

Overall, its difficult to see how a case could be made that the level of investment by the government on the TDIF program has delivered Value For Money. Then again, that should probably come as no surprise really, given the recent ANAO audit report on DTA’s approach to procurement.

Secondly, one of the critical design criteria for any government portal that acts as a platform to integrate services provided by multiple independent agencies, must be the need to ensure a common user interface and experience. This is especially true for users as they move virtually across agency boundaries.

…… Lots Omitted.

Glenn Archer is a Visiting Fellow at the ANU and former Australian Government CIO and head of AGIMO.

Read the rest of the very long article here:

https://www.innovationaus.com/a-mygov-makeover-this-pig-will-need-more-than-lipstick/

All I can say is that someone has a great deal of work to do!

David.