Note: Each link is followed by a title and few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.
-----
Patient data breaches widespread, beyond healthcare
Posted on Nov 13, 2015
By Jessica Davis, Associate Editor
It's not just hospitals. Or even payers. Some 392 million health records have been accessed in 1,931 protected health information breaches across a staggering 90 percent of industries, according to preliminary findings from a new Verizon report.
These industries, across 25 countries, have seen health insurance information, personnel files or other data outside of traditional healthcare settings or industries stolen, the study shows.
Indeed, of the 20 industry sectors examined in the study, only utility and management industries were free from reported PHI breaches.
-----
The path forward for meaningful use
Posted on Nov 11, 2015
By John Halamka, Beth Israel Deaconess Medical Center
Below is my assessment of the current meaningful use program and a proposal to better serve the needs of stakeholders. I'm likely going to violate many rules with this post. First, it's over 1500 words, which is not ideal for social media. Second, there are many who will find my conclusions politically unpopular. I'm not criticizing people, I'm just commenting on ideas. Finally, many of these topics do not have black and white answers. I hope my suggestions improve upon our current trajectory.
Where We Are
1. I believe that the meaningful use programs have served their purpose.
Stage 1 created a foundation of functionality for everyone. That was good. Stage 2 tried to change too much too fast and required an ecosystem of applications and infrastructure that did not exist. Clinicians struggled to engage patients and exchange data because they could send payloads but there were few who could receive them. Stage 3 makes many of the same mistakes as Stage 2, trying to do too much too soon. It requires patient accessible Application Programming Interfaces (APIs) without specifying any standards. It requires sending discharge e-prescriptions although pharmacies cannot widely support the cancel transaction that is essential to discharge medication management workflow. It requires public health transactions but CMS has no authority to require public health authorities to standardize the way they receive data.
-----
FDA a 'toothless dragon' on med device security, researchers say
November 13, 2015 | By Susan D. Hall
Security researchers accuse the U.S. Food and Drug Administration of being "a toothless dragon" in dealing with medical device vulnerabilities, according to a Bloomberg Business article.
In the report, hacker Billy Rios recounts how the Mayo Clinic, in 2013, engaged him and other "white hat" hackers and set them off in teams in an effort to exploit about 40 different medical devices.
"Every day, it was like every device on the menu got crushed," Rios tells Bloomberg. "It was all bad. Really, really bad."
-----
EHR Adoption Comes at Expense of Doctor-Patient Relationship
NOV 12, 2015 7:45am ET
The healthcare system is too focused on technology-based checklists and protocols requiring data entry by physicians, leaving less time for patients and getting in the way of productive doctor-patient relationships.
So argues Douglas Wood, M.D., medical director of the Mayo Clinic’s Center for Innovation. Speaking earlier this week at the HIMSS Connected Health Conference in Washington, D.C., Wood asserted that with the advent of electronic health record systems and the ubiquitous presence of computers in examination rooms something tangible has been lost in the practice of medicine.
“Patients are afraid of the complexity of the system because they’ve learned that oftentimes they’ll tell us their story—sometimes in great detail—but we fail to listen and to synthesize the details of that story into something that we can use to really make them better,” he observed. “Think if we stopped paying for healthcare in terms of office visits, with all of the inputs like ‘did I do all of the bullets of the history and examination’ and really started listening.”
-----
Rise of the Medical Robot
NOV 12, 2015 2:44am ET
Use of a pillcam, a swallow-able capsule with a tiny video camera that lets physicians examine the colon, is common today. But what about a pillcam that actually can do a procedure, such as attach a surgical clip to stop bleeding?
Researchers at Vanderbilt University’s School of Engineering have built early versions of this surgical clip capsule as well as about two dozen other function-specific capsules—called medical capsule robots—that collect biopsies, screen for colorectal cancer with a magnet outside the body manipulating a magnet in the capsule to get better views, screen for stomach cancer with tiny jets of water moving the capsule to places of interest, or check PH levels in the gastrointestinal tract, among other uses.
These and other first-generation capsules won’t be ready for human testing for about five years, but they are real and could be in widespread use in a decade, says Pietro Valdastri, assistant professor of mechanical engineering at Vanderbilt who did early work on the capsules with Akos Ledeczi, associate professor of computer engineering at the university, along with other team members.
-----
Senators question HHS on efforts to curb medical identity theft
November 12, 2015 | By Susan D. Hall
Four senators are asking the Department of Health and Human Services what it's doing to prevent data breaches at provider and payer organizations.
In a letter to Andy Slavitt, acting administrator for the Centers for Medicare & Medicaid Services, and Jocelyn Samuels, director of the HHS Office for Civil Rights, the senators point to five major breaches in the past year--Anthem, Premera, Carefirst, Excellus and UCLA Health--that have affected up to 105 million people.
The danger of medical identity theft increases with the proliferation of breaches, they note. The authors include Lamar Alexander, chairman of the Senate Committee on Health, Education, Labor and Pensions (HELP); Patty Murray, ranking member of the HELP committee; Orin Hatch, chairman of the Senate Finance Committee; and Ron Wyden, the finance committee's ranking member.
-----
NHS IT needs £8 billion - McKinsey
10 November 2015
The NHS needs to spend an additional £7.2 billion to £8.3 billion on digital technology over the next five years in order to achieve savings of between £8.3 billion and £13.7 billion, according to a report by management consultancy firm McKinsey.
If the McKinsey investment case was funded and the projected savings were subsequently fully achieved, the report suggests they could account for up to a quarter of the £30 billion shortfall in NHS finances projected by 2020-21.
A copy of a PowerPoint presentation of the report, which underpins NHS England’s bid to the Treasury spending review, has been sent to Digital Health News by pressure group Spinwatch, which obtained it via a Freedom of Information Act request.
-----
Can the NHS bank on IT for productivity gains?
NHS England is bidding for billions of IT investment to improve NHS productivity. If it succeeds, a McKinsey presentation obtained by Digital Health News shows that it will be required to deliver on a scale never before achieved, argues editor Jon Hoeksma.
Against the background of one of the toughest spending reviews ever, the Treasury is being asked to consider a multi-billion pound investment in NHS IT.
A report from management consultancy McKinsey, obtained via the Freedom of Information Act by Spinwatch, argues that this would drive health service productivity.
If agreed, it would certainly demonstrate a strategic commitment to NHS modernisation and sustainability. However, if the Treasury were to commit anything like the additional £3.3 billion to £5.2 billion, the NHS would be required to deliver.
The report suggests this investment – which, with training, adoption and running costs could reach £7.2 billion to £8.3 billion over five years – should deliver efficiency savings of between £8.3 billion and £13.7 billion.
-----
Prediction: Health app market to top $31B by 2020, driven by hardware sales
The health app market, currently valued at $10B, will grow at a compound annual growth rate of 15 percent to reach $31 billion by 2020, according to a report from research2guidance.
Although the health app market has seen significant growth, Zuzana Vranova, a senior research analyst at research2guidance, said that app developers are still trying to find effective monetization strategies. Existing app revenue sources, for example advertising and paid downloads, that developers in other industries use, are not sufficient for monetizing health apps, she added.
One strategy that health app developers have found is to use the apps to sell connected devices, like activity trackers and glucometers.
-----
EHRs, Alarm Fatigue Remain Top ECRI Patient Safety Concerns
Workflow woes, data integrity concerns, and EHR alarm fatigue are still tops on ECRI's watch list of dangerous healthcare technologies for 2016.
EHRs may be changing the healthcare industry at a lightning pace, but it appears that the patient safety downsides of health IT, including alarm fatigue and workflow struggles, remain sadly the same. These issues, along with patient monitoring and surveillance shortfalls, have consistently camped out on the annual ECRI Institute Top 10 Health IT Hazards list, and are likely to continue to plague the industry in 2016.
"With all of the issues that hospital leaders are dealing with, technology safety can often be overlooked," says Anthony Montagnolo, chief operating officer at the ECRI Institute. "Based on our experience with independent medical device testing in our laboratory, accident investigations, and reported events, we're very aware of serious safety problems that occur."
After a shocking series of patient deaths due to improperly cleaned reusable endoscope devices, the difficult-to-clean equipment snagged the unenviable top spot on this year’s hazards list. Insufficient staff education or haphazard processing before reuse can contribute to the spread of deadly carbapenem-resistant Enterobacteriaceae (CRE) infections, the list warns.
-----
It’s Way Too Easy to Hack the Hospital
Firewalls and medical devices are extremely vulnerable, and everyone’s pointing fingers
By Monte Reel and Jordan Robertson | November 2015
from Bloomberg Businessweek
In the fall of 2013, Billy Rios flew from his home in California to Rochester, Minn., for an assignment at the Mayo Clinic, the largest integrated nonprofit medical group practice in the world. Rios is a “white hat” hacker, which means customers hire him to break into their own computers. His roster of clients has included the Pentagon, major defense contractors, Microsoft, Google, and some others he can’t talk about.
He’s tinkered with weapons systems, with aircraft components, and even with the electrical grid, hacking into the largest public utility district in Washington state to show officials how they might improve public safety. The Mayo Clinic job, in comparison, seemed pretty tame. He assumed he was going on a routine bug hunt, a week of solo work in clean and quiet rooms.
-----
Q&A: Epic President Carl Dvorak
Posted on Nov 11, 2015
By Skip Snow, Contributing writer
Epic President Carl Dvorak wrote much of the original code in the system and made some of the enduring architectural decisions empowering its growth. With the company since 1987, he is often referred to as the technology brains of the organization.
Healthcare IT News had an opportunity to speak with Dvorak about Epic's approach to population health. Here's what he had to say.
Epic's DNA is population health management-centric
"We are making significant investments in research and development around the broader issues relating to population health. Our history with population health goes way, way back to our very earliest electronic health records systems. In the early days of electronic health records, managed care organizations that jumped in first and because of that the core Epic system have just an absolute wealth of population health management features built in. Think of it as our healthcare operating system.
"We are making significant investments in research and development around the broader issues relating to population health. Our history with population health goes way, way back to our very earliest electronic health records systems. In the early days of electronic health records, managed care organizations that jumped in first and because of that the core Epic system have just an absolute wealth of population health management features built in. Think of it as our healthcare operating system.
-----
How popular will wearables ultimately be?
Jeff Rowe
Nov 09, 2015
However much FitBits, Jawbones and Apple Watches have been embraced by the usual “early adoption” suspects, there’s disagreement among some fairly prominent stakeholders about whether the masses, so to speak, will end up following the enthusiasts.
In a keynote address at the recent 12th annual Connected Health Symposium in Boston, Dr. Ezekiel Emanuel, vice provost for global initiatives and chair of the Department of Medical Ethics and Health Policy at the University of Pennsylvania, made his feelings quite clear when he said, “I think you can forget about wearables for the masses. Investing in them is not going to pay off.”
He explained that wearables enthusiasts “tend to be young, rich, healthy and connected,” then pointed out that 60 percent of healthcare spending comes from the 10 percent of the population that is older, has multiple chronic conditions and is often poorer then the average citizen.
-----
Privacy principles set for Precision Medicine Initiative
November 11, 2015 | By Susan D. Hall
The White House has released a set of privacy principles to govern the Precision Medicine Initiative.
The administration worked with experts from inside and outside government, who crafted the principles after analyzing bioethics literature and privacy policies for large biobanks and research cohorts as well as taking into account more than 100 comments on their draft suggestions.
The comments emphasized the importance of engaging participants as collaborators and the need for a robust data security framework, according to an announcement about the initiative.
-----
Boston Children's Hospital partners with digital health company Grand Rounds to offer expert 2nd opinions
November 10, 2015
Boston Children's Hospital and San Francisco-based Grand Rounds are joining up to offer pediatric patients and their parents online-based second opinions for medical diagnoses and treatments.
When pediatric patients or their parents request a second opinion online, Grand Rounds aggregates the patient's medical records electronically and prepares them for review. Along with imaging and test results, Grand Rounds prepares all of the necessary information for review before matching the patient with a Boston Children's specialist who provides a detailed second opinion within days.
-----
Industry Uses De-Identification To Protect Health Data, but Privacy Risks Remain
Wednesday, November 11, 2015
As health care organizations increasingly share patient data with public health entities and use patients' information for big data analytics and precision medicine initiatives, the consensus is that de-identification will become a more important tool for health care researchers and academics to minimize privacy risk.
However, an October report from the National Institute of Standards and Technology raises concerns about the practice, noting that "de-identification approaches based on suppressing or generalizing specific fields in a database cannot provide absolute privacy guarantees, because there is always a chance that the remaining data can be re-identified using an auxiliary dataset."
The report bemoans the fact that "after more than a decade of research, there is comparatively little known about the underlying science of de-identification."
-----
Why Interoperability Efforts are Heating Up
NOV 11, 2015 7:53am ET
In recent weeks, participation in interoperability initiatives has been growing from different constituencies within the healthcare industry. Most striking has been an influx of interest from groups that have not been at the table before, such as professional groups and the pharmaceutical industry.
Input and assistance by provider organizations gives added impetus to ongoing efforts of standards groups, hospital information system vendors and a few select provider organizations that have taken on interoperability as a mission.
These new participants in the interoperability movement say changes in reimbursement approaches are driving the new interest. Value-based care is a key component of the Department of Health and Human Services to rein in healthcare costs. HHS has set a goal of tying 30 percent of traditional, or fee-for-service, Medicare payments to quality or value through alternative payment models, such as Accountable Care Organizations (ACOs) or bundled payment arrangements by the end of 2016, and tying 50 percent of payments to these models by the end of 2018.
-----
Software Reduces Catastrophic Care Events, Provides Lessons Learned
NOV 11, 2015 3:15am ET
When a “never event,” a catastrophic failure of care resulting in significant harm or death to a patient occurs, a hospital may focus on capturing and analyzing data on the event and classifying it. But how often does a hospital translate findings into actionable and measurable programs to improve safety?
When a critical incident occurs, the first step is to assess what happened, says Andy Weissberg, senior vice president at Quantros, a vendor of safety software supporting analytics, incident response and clinical quality reporting. Then, a hospital will conduct investigations and analyses then check off the appropriate compliance and peer review boxes on a form.
However, what Quantros and its competitors often see missing is a third process to really learn and make improvements, Weissberg laments. “There seems to be a gap in learning from mistakes; that 360-degree view is really lacking.”
-----
Boston Children's, IBM Watson take on rare diseases
Posted on Nov 10, 2015
By Bernie Monegain, Editor-at-Large
IBM Watson and Boston Children's Hospital are taking on rare children's diseases that are hard to diagnose and treat. First up is a rare form of kidney disease.
The giant computing firm and the renowned hospital announced the collaboration on Monday at the Global Pediatric Innovation Summit + Awards in Boston.
Their first project will focus on kidney disease. Watson will analyze the massive volumes of scientific literature and clinical databases on the Watson Health Cloud to match genetic mutations to diseases and help uncover insights that could help clinicians identify treatment options.
-----
Lack of adherence sinks UCLA remote monitoring study
November 10, 2015 | By Susan D. Hall
Telemonitoring failed to improve readmission rates for heart failure patients in research from the University of California-Los Angeles.
A major problem was that 43 percent of patients dropped out of the study.
"There are individuals who do seem to benefit from these type of approaches, and then identifying [those who will adhere] to these interventions is probably the key issue in terms of use of these type of devices," lead author Michael K. Ong, M.D., told MedPage Today.
The study, known as BEAT-HF, aimed to catch problems early before they led to readmission. After discharge, patients were directed to measure and transmit their weight, blood pressure, heart rate and whether they were taking their medications. They used a Bluetooth-enabled digital scale and automated blood pressure machine with texting capabilities to transmit the data via a cellular transmitter to a central call center at UCLA. They also received regularly scheduled phone calls with a registered nurse, explains an article from the American Heart Association.
-----
Majority of healthcare institutions aren't using HIPAA-compliant mobile messaging services: 6 findings
November 09, 2015
Only 8 percent of healthcare institutions prohibit consumer messaging apps for employee communication, according to a study released today by Infinite Convergence Solutions.
Additionally, of the healthcare institutions using an official mobile messaging platform, only one in four are using an internal, company-authorized app, the study found. The rest are recommending or using consumer-facing messaging apps and services that fail tot provide the enterprise-grade security needed to comply with regulations like HIPAA.
-----
Cybercrime is the new healthcare crisis
By James Socas on November 9, 2015 Data Breach, Data Loss Protection, Employee Risk, HIPAA, Identity Theft, Phishing
The scale and intensity of healthcare related cybercrime is a critical and growing threat to the U.S. medical system. In the past year, organizations such as UCLA Health Systems, Anthem, Premera, and CareFirst have announced major breaches, bringing the five year total of compromised patient records to over 143 million or 45 percent of the U.S. population, according to data from the U.S. Department of Health and Human Services. When nearly half of the U.S. population has been a victim of a data security breach, it is an epidemic that can and will hit any healthcare provider.
To put it simply: Cybercrime is the new healthcare crisis.
The reported figures likely understate the severity of the problem, as some organizations may not yet be aware they have been breached and others may not have reported the incident. According to the Health Information Management Society (HIMSS), 2015 Cybersecurity Survey, 64 percent of healthcare organizations have experienced an external cyber-attack during the last twelve months. The Identity Theft Resource Center, which tracks data breaches across industries, reports that more data breaches happen in the medical and healthcare industry now than in any other sector, accounting for 46 percent of the reported breaches in 2014.
-----
Doctors Prescribe New Apps to Manage Medical Conditions
Patients record symptoms and communicate back to their doctor
By Laura Landro
Nov. 9, 2015 1:40 p.m. ET
Your doctor may soon prescribe you a smartphone app in addition to drugs and physical therapy.
Hospitals are developing new mobile apps to help patients manage serious medical conditions and feed information back to their doctors between visits, often in real time.
The new apps aim to help with highly specific issues such as recovering from surgery and managing cancer-related pain. Because they are prescribed by physicians and used under medical supervision, researchers say, they stand a better chance of being integrated into patients’ daily routines, compared with health apps that consumers download and use without their doctors’ involvement.
Researchers are conducting clinical trials to test apps that help patients adhere to HIV medications, manage the symptoms of inflammatory bowel disease and asthma, and prevent repeat heart problems after a cardiovascular rehabilitation program. In addition to sending messages, reminders and instructions, the apps can alert providers to developing problems before they become a crisis. Researchers say their use could help reduce costly emergency room visits and hospitalizations.
-----
Marc Benioff-backed Gobiquity launches children’s vision screening app for pediatricians
Gobiquity Mobile Health (formerly iCheck Health Connection), has officially launched its vision screening smartphone app, called GoCheck Kids.
The company began rolling out the product to pediatric practices at the end of last year on handheld devices that were issued to practices, but has since added more functionality and released it on the Apple App Store. Now, physicians have the option to download the app on their own iPhone or use it on a preloaded handheld device.
GoCheck Kids screens for amblyopia, a functional disorder of the eye that typically comes from squinting and can lead to severe visual impairment.
-----
Performance is the top priority for 53% of healthcare CIOs: 9 insights into CIO perspective
November 06, 2015
Deloitte’s CIO Program has released its 2015 global CIO survey, which includes insight from 1,200 CIOs and senior IT executives from across the world.
Here are the nine top priorities for healthcare CIOs.
1. Healthcare services performance: 53 percent
2. Growth: 52 percent
3. Innovation: 48 percent
4. Global cost: 45 percent
5. Customers: 41 percent
-----
2. Growth: 52 percent
3. Innovation: 48 percent
4. Global cost: 45 percent
5. Customers: 41 percent
-----
Enjoy!
David.
