Tuesday, February 28, 2017

Healthcare Scam: Identity theft scam targets Berkeley Medical Center

WVU Medicine University Healthcare in the region of West Virginia has confirmed 113 sufferers to date as victims of identity theft scam and is giving 1 year of identity monitoring services to a total of 7,445 patients after a worker at Berkeley Medical Center was discovered to be removing patient information from the premises.

While inquiring other examples of identity theft scam, the FBI and local law enforcement linked the hospital to the scam and notified officials of a potential breach on the day of January 17, 2017, in accordance to a WVU spokesperson.

An internal inquiry then confirmed a link between the worker and people who had their identity stolen. The employee had access to patient data and was writing down information through pad and pencil and taking the data home.

The worker was suspended on January 19, terminated on the day of January 27 and now is being prosecuted. Along with written patient data, other protected health information found in the employee’s possession involved drivers’ licenses, ID cards, insurance cards and Social Security cards. Additional tracking later found the worker also viewed physician orders that consisted of diagnoses and other information.

The hospital sustains to work with law enforcement to notify affected individuals and has contracted with Kroll for the identity theft monitoring services.

 

Monday, February 27, 2017

Security skills gap increases, raising cyberattacks fears

Agencies are struggling with a worsening cybersecurity skill shortage while confronting the rising threat levels of cyberattacks fears, in accordance to a new study by Crowd Research Partners, an agency that produces peer-sourced market research reports.

A survey of more than 1,900 security experts indicated that more than half (54%) say they anticipate that hackers will victoriously launch cyber attacks on their organizations in the next twelve months.

Heightening the alarm over all of this is the increasing skills gap in IT security. A separate study from the Center for Cyber Safety and Education that was recently issued discovered that gap will grow to as many as 1.8 million IT security workers by the year of 2022. That is a 20% increase from the 1.5 million IT security worker shortfall that was assumed by the center in 2015

The 2017 Cybersecurity Trends Report, produced in partnership with various cyber security vendors, also indicated that 46% of organizations surveyed for the research are boosting their security budget, by an average of 21%.

The focus areas where companies will increase security spending involve cloud infrastructure (33%), training/education (23%) and mobile devices (23%).

That study’s findings mirror outcomes of a study issued this week by Thales, a security services vendor, and 451 Research, which found that 81% of U.S. healthcare organizations and 76% of global healthcare agencies will increase information security spending in the year of 2017 to tackle the cyberattacks fears.

To overcome security issues and develop a stronger security posture, 54% of organizations need to train and certify their current IT staff, the study stated. Internal training is followed by partnering with a managed security service provider (29%), and leveraging security technology solutions (27%).

To better handle the cyberattacks fears and decrease the threat of a security breach, companies prioritize 3 key capabilities including improved threat detection (62%), better analytical capabilities (43%) and threat blocking (39%).

 

Sunday, February 26, 2017

Umatilla County Human Services rolls out the expansion of drug, alcohol; treatment

Umatilla County Human Services rolled out an expansion of drug treatments and alcohol rehab programs at the start of February month. Department director Amy Ashton-Williams claimed that the moves are about offering more services to more individuals.

Ashton-Williams took the job in the year of July 2016 to head up a county division that lost its director and 2 alcohol and drug counselors the year before after an administrative investigation. She stated that the department’s staff was doing the best it could in the wake of the turmoil, but she needed to explore ways to better give intensive outpatient treatment for individuals with drug or alcohol issues.

“It took about 4 months of evaluating what new curriculum we required, what really were the requirements of our clients ... and getting a couple of clinicians trained in a specialized parenting program,” she said.

The expansion gives a “pretty comprehensive outpatient program,” she stated, that considered the needs in Pendleton, Hermiston and Milton-Freewater.

Milton-Freewater went from 3 drug and alcohol groups to five, involving two for Spanish speakers and an English-speaking group concentrated on how to stop addiction relapses. Ashton-Williams also said a third Spanish-speaking group is likely.

Hermiston and Pendleton added groups in the mornings and afternoons to better meet the requirements of swing and day shift workers. The Umatilla County Human Services also added a drop-in group at 8:30 a.m. in Hermiston and one at noon in Pendleton. She stated that these are good fits for those who’re not certain they have an issue or about treatment but want to check out the possibilities.

Hermiston and Pendleton also now have groups meeting twice a week for youth with addiction issues. Ashton-Williams claimed that there are 5 clients in Hermiston and 3 in Pendleton, and she is hopeful those will draw more youth in need.

“We know in our communities there are youth who’ve struggled hard with alcohol and drug use,” she stated, and these groups can assist break those cycles of addiction.

And 2 human services workers learned the community model of the Parenting Inside Out program, which the prison system utilizes to teach parenting skills to offenders. Ashton-Williams claimed that the community model is for parents with open cases in the Oregon Department of Human Services.

“We’ve many clients that come to us from DHS,” she asserted, and this program deals with parenting “from birth until they leave the home.”

Ashton-Williams applauded the clinicians with making the improvements while still giving stress and anger management and other services.

And starting in the month of March, she said her department is joining hands with county public health to have an alcohol and drug prevention worker take on suicide prevention.

Umatilla County Human Services, like other regional governments, is searching at a tight budget for the time period of 2016-17. Ashton-Williams said her staff knows that road well and know how to do more with less.

“We have seen a minor decrease in our budget from the state,” she said, “but not so much that we cannot continue the services that we are presently providing.”

 

Saturday, February 25, 2017

How social determinants can assist to improve pop health approaches

Population health management is a rapid-growing capability within health IT, and handling the growth of country in overall care expenditures will need providers to expend more efforts taking care of underserved populations. This post will let you know that how social determinants can help improve pop health approaches.

Over 43 million individuals in the United States live below the poverty level and their care consumes 67% of healthcare dollars, in accordance to Arthur Kapoor, president at Health EC, a population health management company.

The requirements of this segment of the country have been ignored for a long time, he emphasized, and bringing them into the fold and gathering data on their social determinants is the key to population health success.

Vendors in the population heath arena have massive amounts of information that several providers are not taking benefit of, Kapoor says. Providers are too busy attempting to maximize revenue while being pressed to cut rates, to also massage and observe population health data.

Kapoor analyzes a new way to help burdened providers-- have their vendors bring the data to them.

Social determinants data can assist providers better understand underserved populations and the problems they face. Providers mostly do not know if their sufferers have access to transportation, food and housing, or if they are socially isolated and have no one to take them to doctor appointments. “No one talks to them,” Kapoor stated. “They keep taking medication when they no longer require it because they like it.”

But there is a simple way to reach these sufferers. Almost all of them have a smartphone, Kapoor noted, and population health vendors have tools to assist providers’ better monitor their patients.

For example, a hospital or physician practice can give out grocery cards to assist patients in poverty buy food. HealthEC can track the purchases and notify a physician or case manager if a sufferer bought food that is injurious and harmful to their health. A phone call can educate the patient and gives an opportunity for a quick assessment of current health and requirements, which can determine if the patient should come in for a visit.

Among other problems, population health vendors should offer one electronic health record (EHR) on a patient covering the whole spectrum of care to help providers execute and see the advantages of keeping patients healthy, and give providers quality reports so they can negotiate better terms with insurers and with other providers when forming an accountable care organization (ACO), in accordance to Kapoor.

 

Friday, February 24, 2017

Office of the National Coordinator for Health IT declares phase 2 winners of API challenge

The Office of the National Coordinator for Health IT has declared phase 2 winners of an ONC challenge seeking proposals for utilizing API challenge or application programming interfaces (API) to enable customers to share their personal health data safely and securely with providers, family members and other caregivers.

The Phase 2 winners of ONC’s Move Health Data Forward Challenge—5 awardees in all—each got a $20,000 award for their proposed plans involving operational, technical, financial and business components of their respective solutions.

The five winners of API challenge involve:

  • EMR Direct: The HealthToGo solution facilitates the deployment of apps capable of leveraging several data sources in consumer-mediated health data exchange, thereby decreasing the number of identities to maintain and grant data to store while enabling customers to handle data sharing and making better the accessibility of data while maintaining its privacy and security.

  • CedarBridge Group LLC: CareApprove is a smartphone app enabling sufferer to grant or revoke permission for providers to access, send or get health information electronically. Providers can utilize the CareApprove software plugin with their EHR system to stay connected with their sufferers through the mobile app and to interact with one another via a secure messaging system.

  • Live and Leave Well, LLC: Live and Leave Well is a solution that gives both a consumer-mediated exchange of end of life plans and develops a transportable package of data about a person’s end of life plans that can be scored for goodness and shared with several systems using a combination open APIs and direct integration.

  • Lush Group, Inc.: HealthyMePHR system permits sufferers to import their health information from their primary care provider’s EHR system, define how it is shared with others, and authorize electronic access. Extra features will accelerate patient clinical data sharing on a patient-by-patient basis.

  • Foxhall Wythe LLC: Docket is a secure system for consumers to seamlessly store and share data with trusted care experts, eradicating the requirement for tedious paper-based patient intake processes. The solution promotes HIPAA compliance through a user-managed access approach and end-to-end encryption for all records as well as interoperability through the emerging FHIR standard.


These winners of API challenge now will move on to the final phase of challenge, which will award $50,000 for up to 2 winners based on the capability to implement their solution through the establishment of a mobile or web-based app.

 

Thursday, February 23, 2017

IBM Cognitive computing to search reasons behind eldercare problems

IBM and the companies operated by Avamere plan a 6-month research project that will apply the power of IBM cognitive computing to assist caregivers make better eldercare at senior living and health centers.
The agencies say that, by observing data streaming from sensors in senior living facilities, Avamere expects to gain insights into physical and atmospheric conditions, and acquire deeper learnings into the factors that impact thirty-day hospital readmission rates in sufferers.
Avamere is working with IBM researchers to review movement, air quality, gait analysis, usually seen as factors that generally lead to fall risk, and daily activities, involving personal hygiene, sleeping patterns, incontinence and trips to the bathroom.
IBM cognitive computing will observe this streaming sensor data to assist Avamere create and maintain a contextual understanding of its residents.
"By merging the expertise of IBM in cognitive eldercare with Avamere's knowledge of sufferers in the post-acute setting, we can gain insights that might assist transform the way individuals age in place," stated Ruoyi Zhou, director of accessibility research at IBM. "Helping Avamere uncover new insights can assist family members, caregivers, nurses and physicians recognize potential risks and better prescribe care to minimize hospital readmission."
"Smarter care management and creative population health solutions are essential to meet the ever-evolving requirements of our seniors," claims John W. Morgan, CEO of Avamere.
Infinity Rehab, which gives physical, occupational and speech therapy to Avamere patients and residents, has already taken measures to integrate data collection and analysis into existing modalities to standardize therapies across the whole company. By integrating extra data sources, like sensors, Infinity Rehab and Avamere expect to make better patient outcomes, increase efficiencies, and decrease cost to payers.

Wednesday, February 22, 2017

Health IT security stature increases, in fits and starts, at healthcare agencies

Security worries for health IT are increasingly being perceived as a huge enough threat to command the attention of top executives and boards of directors for healthcare agencies.

That is progress from merely a couple years ago, when securing patient healthcare information was seen as only a health IT problem, in accordance to the outcomes of a recent HIMSS Analytics study.

Cybersecurity budgets are increasing, the survey discovered. Now, 24% of respondents to the survey say their agencies spent from 7% to 10% of their health IT budgets on security in the year of 2016, compared with only 10% of respondents in the year of 2015.

Recent healthcare security events that made front-page news in 2017—specifically, hospitals or healthcare systems that were hit and crippled by ransomware—assisted to heighten fear of cyber attacks among top execs and board members, claims David Finn, health IT officer for Symantec, which commissioned the HIMSS Analytics study.

The logic that clinical care can grind to a halt due to a ransomware event, and also affect revenue streams as well, has raised awareness that such tragedies represent a business risk that requires an agency-wide response.

But that awareness is yet in an early stage, Finn claims. “Many healthcare agencies continue to view cybersecurity as a health IT problem, instead of as a business risk management problem,” he says.

HIMSS Analytics expanded the significance of the survey to involve clinical executive leaders, like chief medical information officers and chief medical officers, and those positions are increasingly forcing the security agenda forward in their organizations, Finn noted. Those leaders comprehend that cyber attacks ultimately could stop clinicians from providing care services to patients.

More healthcare agencies understand the need for a lead position to be designated for information security—the survey found that 67% of respondents said they have a dedicated chief information security officer role.

While that is a positive development, Finn points out that it means that a third of healthcare organizations have not designated anyone to take the lead on information security. Since federal security rules were passed in the year of 2005 requiring healthcare agencies to have someone in charge of security, that represents slow progress, he adds.

Staffing for IT security in healthcare agencies is growing, but inconsistently across healthcare organizations. There is been progress among staff roles designated to information security—for instance, 13% of respondents reported having 6 to ten employees dedicated to IT security, compared with 10% in 2015, and 11% of respondents said their organizations have 11 to 20 workers tasked with security.

Although, the majority of respondents have fewer than four staff dedicated to information security in the year of 2016, and a major number of organizations have only one person responsible for securing their organization’s networks, Finn says.

More budget and commitment is required, he notes. For instance, the survey discovered that 57% of clinicians responding to a survey on IT security recognized the significance of training and asked for more training in security.

“Healthcare agencies are missing an opportunity here,” Finn says. “When you’ve clinicians recommending that they want more training, they understand they’ll be the biggest losers if an attack occurs.”

 

Tuesday, February 21, 2017

What healthcare agencies require hearing from their Chief Information Security Officers?

After almost 8 years as chief information security officer (CISO) at the institute of Temple Health University Health System, Mitch Parker last September joined Indiana University Health. There, he told executives what he had told his team at Temple—cyber threats aren’t an information technology department issue but a security issue. Chief Information Security Officers who are new to an agency need to stress the problems that cyber threats represent and the adequacy, or lack thereof, of current security procedures, Parker stated Sunday during a presentation at HIMSS17.

That initiates with educating other executives about breaches—why they occur in the first place, the significance of discussing the technology behind breaches, but most significantly, the procedures and failures that cause breaches.

Chief Information Security Officers (CISOs) should talk about the cyber atmosphere using non-biased sources from firms like Gartner, Ponemon and health insurers to report to coworkers on trends and emerging threats. And Chief Information Security Officers (CISOs) require insisting that the agency join cyber threat sharing initiatives across their region and the industry.

Information security must be tied to 2 enterprise levels—information systems and the organization strategy, Parker stressed. “Metrics need to concentrate on augmenting and supporting the overall strategy,” he adds.

Parker recommended adopting the Lean methodology for improving security performance, as the program is all about process improvements and asking why less than optimal processes continue to exist. And workers responsible for information security, regardless of where in the agency, should be told that they require understanding Lean.

Moreover, Lean should be utilized to design and maintain systems covering business customers, enterprise architecture, legal contracting, compliance, supply chain and enterprise risk scoring, making sure that several teams are on the same page with security.

This is grunt work, Parker cautioned: “You cannot buy your way into this.”

If an agency decides to purchase cyber insurance, it must understand the requirement to complete a comprehensive risk assessment that includes pointed queries to determine the strength of the security program. Not merely are insurers looking for that assessment, but so also is the HHS Office for Civil Rights, which enforces the HIPAA privacy, security and breach notification rules.

Good information security, Parker claimed, has its hooks in clinical risk management, insurance, emergency preparedness, privacy, corporate compliance, supply chain, revenue cycle, information management and Joint Commission requirements, among others.

To be victorious with this laundry list, an agency must embrace change management in an overall enterprise model, Parker advised. “If one player claims, ‘I do my own change management,’ it will not work. Either there is one change management program or there is none.”

 

Monday, February 20, 2017

Electronic health records systems are at the threat for disruptive change

Healthcare agencies are increasingly selecting electronic health records systems from among a handful of leading HIT vendors. Relying on how you measure penetration, among the leaders are Epic, Cerner and Allscripts. Electronic health records systems are at the threat for disruptive change.

While the market is being dominated by major vendors now, Eric Topol, MD, recently claimed that he anticipates radical change ahead. “I do not see Epic, Allscripts or Cerner in existence in another decade,” Topol asserts.

Joel Selanikio, MD, analyzes the rationale for prediction of Topol. As healthcare morphs from an emphasis on institutional care to motivating consumers to become active participants in maintaining their health, current vendors require changing or risk irrelevance. Electronic health records systems are at the threat for disruptive change.

Selanikio, a practicing pediatrician and an ex-epidemiologist for the Centers for Disease Control, recommends that electronic health records systems could possibly follow the evolution of other kinds of technology that have been changed in the lifetime of CIOs.

Addressing those top IT executives at the February 19 CIO Forum of the College of Healthcare Information Management Executive in the Orlando, he mentioned the example of Nokia, which rolled out the E61 phone in the year of 2006 to rave reviews and with designs to capture the business cell phone market from Blackberry. That year, Nokia reported $75 billion in revenue, the largest it had ever achieved, stated Selanikio, who’s currently CEO of Magpi, which gives applications for mobile data collection.

That was the high-water for Nokia, as revenues shrunk from then on—instantly, the company was sold to Microsoft for merely $7 billion, a fraction of its 2006 revenues.

The iPhone emerged in the year of 2007, and that changed the cell phone market forever, Selanikio claims. “There was a consumer mobile market back in the year of 2006, but it was quite small,” he says. “Apple identified that the consumer mobile market was going to be capable to grow a lot faster. The things that consumers needed to do on their devices weren’t what Blackberry and Palm were trying to do.”

Apple eventually circled back in the year of 2011 to establish a line of service for business users, but just after transforming, and building a substantial lead in the consumer phone market.

“What we are searching at here is a large company invading the market by looking at a piece of the market that the big boys were not interested in,” Selanikio states.

The competition in healthcare today is that the market for selling healthcare IT to consumers is a small spot in the market, but focus of consumers on health and IT is increasing rapidly. For instance, the Apple Watch is “fascinating,” he claims, “Because it is regarded as a failure. Apple has revenue of over $10 billion a year from the Apple Watch, about the total made by large electronic health records systems companies.”

The Apple Watch and other consumer electronic devices are initiating to give more capabilities that consumers need, and bring together information, like health administration and assisting consumers to track progress in achieving health goals.

“What is most interesting is that they are pulling stuff out of the healthcare system,” Selanikio claims. “Things that used to happen in the doctor’s office or physical therapists’ office are now being offered outside the traditional healthcare system. Consumers can diagnose their own issues, with devices that use artificial intelligence, and prescribe a treatment for themselves. Artificial intelligence is the turbocharger for this new growth.”

Technology will be capable to give better health with less healthcare, and the consumer market will grow. The interest of huge technology companies, like Apple, Google and Amazon, will be piqued at that point, he predicts. “$10 billion is not enough to get Apple interested in going into a market that is so fraught with regulation,” he claims. “But outside the healthcare system, there is a much larger amount being spent on health. It can follow a very simple pattern—the large tech companies will concentrate on low end parts of HIT that incumbents do not worry about, but have huge potential. Then, they will make a lot of money on that and then put it into taking the high end of the market.”

Selanikio claims that his feelings about Topol’s prediction is not intended to induce gloom. “What we are talking about is a better way to maintain and improve our health,” he says. “It is a real chance to meet needs that consumers will want.”

 

Sunday, February 19, 2017

CHIME begins effort to empower diversity in HIT leadership

Those leading HIT leadership departments are leading staffs that have become more diverse, and that is increasing the requirement for expanding diversity among the execs that lead them.

The College of Healthcare Information Management Executives (CHIME) is taking on that challenge as it starts plans to establish programs that expand leadership training for females and minorities.

The agency, which represents healthcare IT executives nationwide, claims it will empower HIT leadership among females and minorities through mentorship and focused professional development.

Increased executive diversity is critical because the sufferers that healthcare agencies serve are more diverse, as are the staffs they direct, CHIME board members claim.

“The sufferer is the ultimate customer,” states Liz Johnson, CHIME’s board chair and CIO for acute care hospitals at Tenet Healthcare. “IT strategy and decision-making must include having an understanding of the diverse population that is being served.

“There is no better way to do that than to increase diversity, not merely at the HIT leadership level but entire throughout IT and from within the staffing ranks.” Johnson adds. “This will develop an atmosphere that promotes distinctive perspectives, creative approaches and opportunities to better meet the requirements of our customers and organization.”

Healthcare, like other industries, has struggled to expand leadership to females and minorities. For instance, minorities represent only 14% of hospital board members, 11% of executive leadership positions and 19% of first- and mid-level managers, in accordance to respondents to a 2015 survey from the Institute for Diversity in Health Care and the Health Research and Educational Trust.

And, previous year, an analysis by the Healthcare Information and Management Systems Society discovered important disparities in compensation between male and female respondents to its recent yearly surveys.

Within CHIME and its related agencies, of about 700 members who recognized race or ethnicity on their membership profile, 136 said they belong to a minority group. And about 25% of its membership is female.

It is time for CHIME to take a leadership role in the initiative because the traditional CIO role is evolving.

“We require being responsive to that,” she claims. “We require being mentoring those who are following in our footsteps. We identify that the workforce that is coming behind us has many diversity. It is just significant that we recognize that there is tremendous change occurring.”

The progress in diversity underscores the requirement for healthcare IT leaders to have new skills and HIT leadership traits, claims Myra Davis, CIO and senior vice president at Texas Childrens Hospital, and a CHIME board member.

“As the healthcare IT atmosphere continues to evolve, it mentions a requirement for competencies in areas that we did not have in the past,” Davis says. “We need to promote opportunities to increase awareness that anyone, of any background, can be a leader. We’ve a chance, as CHIME board members and leaders in our field, to promote that change.”

Cletis Earle, vice president and CIO at Kaleida Health and a CHIME board member, agrees that the CHIME initiative is timely and sorely required.

“When you’ve a diverse culture, you require a more dynamic workforce to have different ideas and thought procedures,” Earle states. “As an African American, there’s not a lot of folks who look like me in the workforce. We require doing something about it and providing a conduit to permit the workforce to equalize, to open the doors up to a larger constituency.”

The CHIME initiative is in the early stages, discussing the issues and challenges that presently exist in increasing diversity in HIT leadership, and will utilize that dialogue to formulate education and services that the agency can deliver.

“It is important for CHIME to take a stand and appreciate that the workforce is changing,” Davis says. “If we do not do that, who are we fooling? We’re looking for a different kind of leader and a different type of workforce that can be the innovators of health IT.”

The emphasis to increase the number of females and minorities entering into STEM (science, technology, engineering and mathematics) education programs also is timely, Davis points out. “In healthcare, we’ve a chance to educate the population we serve and share what we do in the world—how do we convey that message that you can be one of us?”

The CHIME push comes at a time period when the HIT is struggling to fill positions, and it is significant for HIT leaders to indicate that top management ranks are open to women and members of minority groups, Johnson notes.

Next week at its spring forum and during the HIMSS conference, CHIME will seek opportunities to network with diverse populations to inquire what it can do and otherwise collect intelligence that will assist direct future efforts, Johnson claims.

“What’s significant is that, in coming from CHIME, it’s the senior-most IT executives in healthcare taking a stance to say we’re going to address (diversity) and improve it,” Earle says. “From that as a base, I look forward to what’s going to come.”

 

Saturday, February 18, 2017

Office for Civil Rights (OCR) hits Memorial Healthcare System with $5.5M Massive Fine

Memorial Healthcare System in the region of South Florida is being hit with a massive fine as part of a resolution agreement from the OCR (Office for Civil Rights) of the Department of Health and Human Services.

The healthcare agency was cited for lapses in auditing worker access to protected health information, resulting in data breaches impacting 115,143 people. Now, the six-hospital delivery system has paid a $5.5 million massive fine to OCR as part of the resolution agreement to settle violations of the HIPAA privacy and security rules. The Memorial Healthcare System also has agreed to follow a corrective action plan to stop similar data breaches in the future.

The monetary fine is the 2nd largest ever levied by the agency, second merely to the $5.55 million penalty OCR levied previous August against Advocate Health Care for breach tragedies.

Few of the breached information were used to file fraudulent tax returns, OCR noted.

Enhanced OCR enforcement of HIPAA rules continues, and the size of fines for violations is increasing as well. Before the year of 2016, the last record for total fines that OCR levied in any year was $7.9 million; previous year, settlement payments hit $25.6 million.

In the contract that Memorial Healthcare System signed, OCR asserts employees at Memorial and an affiliated physician practice impermissibly accessed PHI. A former worker at the practice, for example, was provided access to PHI for more than a year.

“On the day of April 12, 2012, MHS submitted a breach report to HHS demonstrating that 2 MHS employees unsuitably accessed patient information, involving names, dates of birth and Social Security numbers,” according to OCR. “On the day of July 22, 2012, MHS submitted an extra addendum breach report to notify HHS that during its internal investigation, it discovered extra impermissible access by twelve users at affiliated physician offices. Few of these incidents led to federal charges related to selling protected health information and filing fraudulent tax returns.”

From the time period of January 2011 to June 2012, MHS failed to execute procedures to regularly review audit logs, access reports and security incident tracking reports, and the system further failed to oversee access authorization policies that develop, document, review and modify user rights of access, OCR charged.

Electronic protected health information must be given merely to authorized users, and “Organizations must execute audit controls and review audit logs regularly,” stated Robinsue Frohboese, acting director for OCR, in a statement declaring the sanctions.

In response to the OCR charges and settlement, Memorial Healthcare System released the following statement:

“Safeguarding health information of patient has always been a top priority at Memorial Healthcare System. More than 5 years ago, Memorial was notified that 2 workers were engaging in criminal conduct including theft of patient confidential information in the year of 2011. Memorial instantly terminated those people and started an in-depth internal investigation. During its investigation, Memorial discovered that people who worked in affiliated physicians’ offices had inappropriately accessed patient data by using legitimate log-in credentials of workers in those physicians’ offices.

“True to its culture of compliance and transparency, Memorial proactively reported the actions of the 2 employees and the findings of its internal investigation regarding the affiliated physicians’ staff to the Department of Health and Human Services’ Office of Civil Rights (OCR). It also simultaneously notified all sufferers who might have been affected and provided them with free credit monitoring. Memorial worked closely with law enforcement to help in their investigations, which finally led to federal prosecution and conviction of the criminals.

“Upon learning of the breaches, Memorial rapidly acted to execute new, sophisticated technologies developed to monitor use and access of patient data, further restricted access to protect patient data, and enacted new policies and processes to enhance password security. Memorial employed IBM, a global leader in cybersecurity, to give assessment, response, and monitoring services. IBM sustains to provide cybersecurity services to Memorial today. Memorial also hired an independent technology firm to conduct network audits and scans.

“Memorial’s February 2017 settlement with the OCR resolves entire allegations surrounding these breaches. While Memorial powerfully disagrees with several of OCR’s allegations, has admitted no liability and has opted to settle this case, it nevertheless agrees with the significance OCR places on maintaining the security of patient data.

“Memorial…will sustain to vigorously monitor access and use of patient data and maintain rigorous cybersecurity and internal safeguards.”

 

Friday, February 17, 2017

Chief Information Officers (CIOs) look to optimize EHRs, but confront budget realities

Several chief information officers at healthcare agencies plan to heavily invest in optimizing their electronic health record (EHR) systems during the next 3 years, but most will be attempting to do that within the constraints of their existing budgets.

That is because these executives say they won’t see expansion of current IT budgets, in accordance to research and consulting firm KPMG.

KPMG in the month of January surveyed 112 CIO members of the College of Healthcare Information Management Executives, finding that the IT experts are searching for solutions to physician dissatisfaction with the EHRs they have in place, claims Ralph Fargnoli, managing director at KPMG.

With the Trump Administration in place, it still is not clear what will happen with the Affordable Care Act (ACA). That makes it even more imperative for Chief Information Officers “to continue down the path to get the best efficiencies in IT spend and utilize data to support accountable care and payment changes,” in accordance to Fargnoli.

Survey respondents demonstrated technology investments would target EHR optimization (38%), cloud computing (25%), accountable care/population health (21%), and consumer/clinical/operational analytics (16%), virtual/telehealth enhancements (13%), revenue cycle optimization/replacement (7%) and enterprise resource planning system optimization/replacement (6%).

Some 36% of responding CIOs expect an increase in operating budgets during the next 2 years.

In general, Chief Information Officers are expecting to achieve savings from optimization efforts and then reinvest those funds, specifically in telehealth and analytics, because executive leadership is telling them, “We cannot give you any more money,” Fargnoli claims.

Areas being considered to control or decrease IT operating expense involve centralization and standardization of IT services and systems, eradicating redundant apps and their infrastructures, terminating or turning around underperforming IT projects, adopting cloud services, lowering labor spend or eliminating contractors, outsourcing low value services, and renegotiating outsourcing contracts or insourcing.

The requirement for greater interoperability, although, could take a bite out of few of the savings, Fargnoli adds. “Interoperability has an effect on costs; if you require more integration steps and are building code that impacts the budget. Interoperability plays immensely on IT budgets if you need analytics but do not have free flow access to data.”

In the end, Fargnoli states, optimization should concentrate not just on technology but on change management, with one key query to consider: “How does an information system impact sufferers and clinicians and support quality outcomes and patient care?”

 

Thursday, February 16, 2017

Why customers are ripe for getting virtual healthcare services?

Rising demand by customers for virtual healthcare services is putting more pressure on providers and payers to expand delivery choices for on-demand health services.

A survey of 1,501 customers commissioned by Accenture found that most respondents say they are eager to use a broad range of virtual healthcare services.

For instance, about three-quarters of all respondents claimed that they would use virtual healthcare services to track health indicators, like blood pressure, pulse and glucose levels (77% of respondents); for follow-up appointments (76%); or to be analyzed for non-urgent health problems, like a rash or a sore throat (70%).

Although, despite that rising interest, only one in 5 respondents (21%) stated that they have really got health services virtually.

For those who have got care virtually, the reasons they cited most often for seeking virtual care are higher convenience in comparison to the traditional in-person healthcare services (37%); familiarity using technology to handle their health (34%); and curiosity to try virtual health (34%).

Provider endorsement of the technology is critical, they note. Consumers stated that they would be more likely to try virtual care if motivated by a physician (cited by 44%) or a healthcare payer (31%).

“Technology-enabled services will be equally significant as traditional in-person services, permitting the modern sufferer to select when and how they get health and care services,” said Frances Dare, managing director of Accenture’s virtual health services.

Dare adds that customers now are searching for their care to be delivered in a variety of ways, so that it is convenient for them. In fact, more than three-quarters (78%) of those surveyed said they would be fascinated in getting healthcare virtually some or most of the time. Findings recommend that health systems need to balance and integrate virtual and in-person services so consumers perceive that they are in charge of their own health, both today (cited by 85%) and if they become ill or wounded (51%).

“Given evolving consumer attitudes toward virtual care, making virtual health a priority could be a boon for provider agencies that are resource- and finance-constrained,” Dare stated. “As more and more sufferers take control of their own healthcare in the age of consumerism, provider agencies must be capable to provide meaningful choices for virtual care, in-person care and a combination of both.”

 

Wednesday, February 15, 2017

Why DirectTrust secure messaging technology is at crisis

The DirectTrust secure messaging technology developed by industry stakeholders is inquiring electronic health records (EHRs) companies and other health information technology (HIT) vendors to up their game.

Utilization of the DirectTrust secure messaging technology protocols has been ramping up over the years, but increased significantly in the year of 2016 with 98 million message transactions, which is the bulk of the 165 million transactions since being started in the year of 2013.

In large part, electronic health records (EHRs) and other health information technology products have been certified under the EHR meaningful use program to send and get Direct messages, “but the issue with certification is it does not test usability and certain features,” claims David Kibbe, MD, president and CEO at DirectTrust.

In a new report, DirectTrust secure messaging technology gives a series of suggestions for better functionality of Direct messaging covering transitions of care, clinical messaging and administration of the program. Direct works, Kibbe asserts, “but EHR usability is largely variable.”

For example, some suggestions for improving transitions of care involve all Direct messages sent in real-time and never batched for timed sends, certain kinds of messages might be automatically triggered by specific events like discharges or referrals, automated sending of messages to providers of record with Direct accounts in the sending system, and inclusion of patient-specific attachments.

The recently enacted 21st Century Cures Act involves provisions to measure EHR interoperability and usability in real episodes of use and Kibbe hopes framers of the act will look at Direct’s suggestions. The agency also might work with medical specialty groups to establish an EHR vendor grading system.

“We need to give vendors a great idea of what improvements are required to take better care of patients,” he adds.

Representatives of the HIMSS Electronic Health Record Association weren’t instantly available for comment. The report is available here.

 

Tuesday, February 14, 2017

Why customers feel personal healthcare information is vulnerable to hackers

Approximately half of Americans (44%) are worried about having their personal healthcare information stolen as an outcome of a breach of a healthcare provider’s information systems.

Although, respondents to the survey consider that electronic records can be utilized in such a way to augment the security and protection of their personal healthcare information; some 76% of respondents to a survey of 3,000 U.S. adults consider it would be more protective and safe to share personal healthcare information between providers through a secure electronic method rather than faxing paper documents.

The survey, undertook by the Harris Poll in January for the 2017 Xerox eHealth Survey, indicated growing concern by customers over how providers are securing data. The report noted that, in the year of 2016, more than one health data breach was reported per day.

In addition to added security, Americans also consider better data sharing across providers can assist to improve patient care. Some 87% believe wait times to get test results and diagnoses would reduce if providers were capable to securely share and access digital patient data from various providers, and the same percentage of respondents say they believe that quality of service of healthcare providers would make better if there was better information sharing and coordination among different providers.

“It is clear sufferers are frustrated by the deficiency of care coordination and disjointed processes, so much so, that our Xerox survey indicates 19% of Americans would rather wait in line at the DMV than coordinate between different doctors’ offices to ensure they have all of their records and health information,” claimed Cees Van Doorn, senior vice president of healthcare for Xerox.

 

Monday, February 13, 2017

Tabula Rasa HealthCare Initiates Part D Enhanced Medication Therapy Management Program To Make Better Medication Use

Tabula Rasa HealthCare, Inc., a healthcare technology company giving medication safety solutions for health plans and provider groups, victoriously launched, on the day of January 1, 2017, a pilot program to establish and deliver an Enhanced Medication Therapy Management (i.e., Enhanced MTM) program. The pilot involves 7 states included in Medicare Part D Region 25: Iowa, Minnesota, Nebraska, Montana, North Dakota, South Dakota, and Wyoming. The program deals the requirements of the Part D Enhanced MTM Model test proposed by the Centers for Medicare and Medicaid Innovation (CMMI), a division of the Centers for Medicare and Medicaid Services (CMS).

Tabula Rasa HealthCare has deployed its proprietary science and technology Medication Risk Mitigation products and services to conduct 360-degree reviews and safety assessments of complex medication regimens, giving an innovative, alternative approach to personalized pharmacotherapy. In this pilot, Tabula Rasa HealthCare has performed medication risk stratification of almost 240,000 members to recognize members at the highest risk for adverse drug events.  As a next step, TRHC is cooperating with members who recognize as high risk for an adverse drug event, and their prescribers, to more personalize their medication regimens thereby optimizing pharmacotherapy treatment.

“This EMTM compliance is a thrilling project – and new market – for us, as we’re tasked with optimizing medication use, hence decreasing medication-related hospitalizations, and making better coordination of care for tens of thousands of older Americans. This is the 1st application of our proprietary software outside of the Program for All-inclusive Care of the Elderly (PACE) market, and we consider we can drive similar improvements in outcomes as we do with our PACE partners, involving reductions in falls, emergency room visits, and hospitalizations,” claimed Calvin H. Knowlton, PhD, Chairman and CEO of Tabula Rasa HealthCare. “We consider TRHC’s approach to medication risk mitigation, which is deployed on the science of individual drug metabolism within a multi-drug regimen, fosters personalization of each medication regimen, which enables better member health outcomes and cost savings. Moreover, this is a great instance of the scalability and flexibility for our Medication Risk Mitigation Software Platform, MedWise Advisor®, as well as our personalized Medication Decision Support procedures.”

 

Sunday, February 12, 2017

Children’s Medical Center of Dallas pays $3.2M fine after lost device, HIPAA non-compliance

The Children’s Medical Center of Dallas has paid $3.2 million (£2.58m) to the United States government after a lost device in the year of 2009 was found to have breached HIPAA protocol or HIPAA non-compliance.

The inquiry came about after Children’s Health filed a breach report with the Office for Civil Rights (OCR) in the year of January 2010 which demonstrated the loss of an unencrypted, non-password protected BlackBerry device at the Dallas/Fort Worth International Airport 2 months earlier. In the year of July 2013, the hospital submitted a separate report stating an unencrypted laptop had been stolen from its premises during April of that year. Children’s Medical Center of Dallas has paid $3.2 million fine after lost device and HIPAA non-compliance.

A statement confirming the payment released by the Department of Health and Human Services (HHS) claimed that the OCR investigation had disclosed Children’s Health’s “HIPAA non-compliance rules, particularly, a failure to execute risk management plans, contrary to prior external suggestions to do so, and a failure to deploy encryption or an equivalent alternative measure on all of its laptops, work stations, mobile devices and removable storage media until the day of April 9 2013.”

It added that “despite Children’s information about the risk of maintaining unencrypted ePHI (electronic protected health information) on its devices as far back as the year of 2007, [it] issued unencrypted BlackBerry devices to nurses and permitted its workforce members to continue using unencrypted laptops and other mobile devices until the year of 2013.”

Children’s Medical Center of Dallas has paid $3.2 million fine after lost device and HIPAA non-compliance.

“Ensuring precise security precautions to secure health information, involving recognizing any security risks and instantly correcting them, is important,” claimed Robinsue Frohboese, OCR acting director.

Back in the year of 2013, the Information Commissioner’s Office (ICO) in the UK laid down the law following a data breach from the Royal Veterinary College (RVC). An RVC employee lost a camera which consisted of passport images of 6 potential job applicants in its memory card. In terms of healthcare, one of the more recent customer wins for VMware was to bring LCMC Health on board; a blog post at the time noted how the healthcare provider was ‘moving toward innovations like self-serve kiosks in lobbies…and bring your own device models for medical professionals.’

“However OCR prefers to settle cases and assist entities in executing corrective action plans, a deficiency of risk management not merely costs individuals the security of their data, but it can also cost covered entities a sizable fine,” added Frohboese.

 

Saturday, February 11, 2017

Why practices are confronting difficulties to exchange patient records

Medical record administrators are sustaining to have difficulties exchanging patient records with other providers.

Data exchange of patient records is specifically difficult when getting providers are not on the same electronic health records (EHRs) as the sender, in accordance to results of a survey conducted in the month of January by Black Book Research, which discovered that more than 40% of responding administrators admitted to record exchange challenges.

Those mixed outcomes come even though vendors of EHRs are reconfiguring systems to better enable data exchange. The survey also measured how well respondents’ electronic health records (EHRs) vendors are optimizing EHRs, including the use of the emerging FHIR interoperability standard, to better support HIE.

“As inpatient agencies execute optimized EHR software that uses FHIR to advance interoperability and HIE, the whole provider network gains the data exchanging functionality to better serve sufferers,” claims Doug Brown, managing partner at Black Book. “Physician groups continue to lack the financial and technical expertise to adopt complex EHRs which are necessary to attain higher reimbursements by public and private payers.”

  • 70% of responding hospitals do not use patient records information outside of their own EHR because information from external providers isn’t made available in the EHR workflow.

  • 22% of records administrators say transferred patient information isn’t presented in a usable format.

  • 21% of hospital-based physicians say the data they view can’t be trusted for precision when sent between disparate information systems.


In all, more than 80% of independent physicians in the survey aren’t confident of having the technology and skills to manage the financial risk of quality payment programs.

Black Book also inquired how providers feel about their EHR vendor. Those ranked greatest are: Evident CPSI for hospitals with fewer than hundred beds; Cerner for community hospitals with 101-250 beds; Allscripts for facilities with more than 250 beds; and Cerner for hospital chains and integrated delivery systems.

 

Friday, February 10, 2017

Behavioral health provider turns EHR to prepare for accountable care

HealthWest, a community mental health organization serving Muskegon County in west Michigan, recently opted its 4th electronic health record (EHR) system, a shift predicated on better supporting sufferers and the staff during the era of value-based and accountable care.

The agency used its earlier EHR for more than 5 years, but the state of Michigan has changed its behavioral health procedures, and HealthWest required extra functionality that involves better connectivity with medical providers to support accountable care, claims David McElfish, chief information officer.

“The aim is to have an integrated medical and behavioral health record and exchange data with primary care physicians throughout the county,” he further adds. “The result in the end is offering better care to our clients.”

HealthWest engaged in a 6-month vendor selection procedure and recently settled on the Cx360 EHR from Core Solutions. Clinicians and staff liked an interface on the latest records system that gives data views on all clients or just one client, provides more relevant data on lookup screens, is more intuitive and has more convenient workflow, in accordance to McElfish.

Other vendor candidates didn’t give a managed care module that involved electronic billing and claims management, and would not permit HealthWest’s in-house information technology team to establish add-on screens for reporting purposes.

HealthWest also needed a sufferer portal, seamless eligibility verification checks and appointment schedules viewable on mobile devices, since most staff members work in the community. Moreover, HealthWest has been working to automate more procedures so that data moves in real time, another initiative that Cx360 could support.

When it came down to a final pick among 2 products with comparable price tags, it was the extra offerings and greater flexibility that Core Solutions offered that sealed the deal.

“As HealthWest progressed, there was no way to continue to have manual procedures,” McElfish concludes. “We required functionality to get local provider claims electronically instead of on paper.”

An implementation kick-off meeting is planned for the day of February 22. HealthWest previously was looking to go live in the month of October, but uncertainties that the timetable may be too aggressive makes a January 2018 go-live look more likely, McElfish claims.

 

Thursday, February 9, 2017

Two providers take decidedly different approaches with sufferers after breaches

2 more healthcare agencies have reported cyber attacks that resulted in unauthorized access to patient information, but the two providers took decidedly different approaches in offering protective services to affected people after breaches.

Princeton Pain Management in Plainsboro, N.J., discovered on the day of Nov. 28, 2016, that a third party gained unauthorized access to its computer system, and the data at risk included some 4,668 patients.

Compromised health information involved names, telephone numbers, addresses, dates of birth, Social Security or Medicare numbers, driver license or government identification numbers, insurance information, and diagnostic and treatment information.

Despite the sensitivity of much of the data included in the breach, the agency’s announcement didn’t involve an offer of credit or identity protection services after breaches.

Princeton Pain Management, which used its declaration to provide sufferers with information on how to secure themselves, didn’t respond to a request for extra information on the tragedy or its response.

Six-hospital Verity Health System in California is notifying more than 9,000 people after protected health information was accessed by an unauthorized person. On the day of Jan. 6, 2017, the agency tracked the hack of its Verity Medical Foundation-San Jose Medical Group web site that is no longer being used. Access was discovered to have originated between the time period of October 2015 and January 2017.

Compromised patient information involved the dates of birth, names, medical record numbers, home addresses, email addresses, phone numbers and the last four digits of credit card numbers. Social Security numbers and complete credit card information wasn’t being compromised, the organization says.

Verity Health System is providing 1 year of credit monitoring services. The organization didn’t respond to a request for extra information on the breach or remediation attempts.

 

Wednesday, February 8, 2017

PCHA, IHE emphasizes to work on info exchange

Two industry agencies—one that is fairly new, and another that is been in operation for many years—say they plan to work together this year on joint initiatives to make better ways that IT systems share health information or info exchange.

The Personal Connected Health Alliance (PCHA) and Integrating the Healthcare Enterprise (IHE) say they plan to pursue 3 initiatives in attempts to make better and simplify interoperability. PCHA and IHE signed a joint liaison contract in the year of 2016, and this latest declaration builds off of that, executives say.

PCHA is a not-for-profit agency developed by the Healthcare Information and Management Systems Society to support technology that enables personal connected health. IHE, which has been in existence for nearly 2 decades, is an initiative by healthcare professionals and the industry to make better the way healthcare computer systems share information and info exchange.

The agencies will further their collaboration on future IHE Profiles and Continua Design Guidelines development, to make sure the combined deployment of fully interoperable systems. The 2 groups will also cooperate on conformity testing and certification, aligning their respective tools and procedures. Ultimately, PCHA and IHE are “devoted to advancing communication, education and interoperability demonstrations to eradicate confusion among providers, vendors and standards bodies,” executives claim.

Standards-based exchange of healthcare information among facilities, health information agencies and government agencies is identified as significant in improving care. IHE's Profiles and PCHAlliance's Continua Design Guidelines are both standards-based, open specifications that have been developed to be deployed together, and make sure that device data—whether captured by the sufferer or in a care delivery setting—flows into electronic health records (EHRs) in the similar format and coded content.

Continua Design Guidelines are identified as an international standard for personal health systems and comprise a reference architecture, implementation tools and services.

IHE Profiles give a common language for purchasers and vendors to meet the integration requirements of healthcare sites and the integration capabilities of HIT products.

"PCHAlliance and IHE share the similar vision. That is, we consider that health info exchange is possible throughout the worldwide healthcare ecosystem and, together, we can support latest innovations and develop solutions to make better health outcomes, enhance understanding and assist to make big data possible," stated Michael Kirwan, vice president, Personal Connected Health Alliance. "We’re looking forward to expanding our collaboration and working closely to further extend interoperability in healthcare."

Monday, February 6, 2017

Pennsylvania Superior Court finds UPMC not responsible for data breach

The Pennsylvania Superior Court has ruled that the institute of University of Pittsburgh Medical Center has no duty under state law to secure employee information and dismissed a class action lawsuit against the delivery system.

The ruling, which is in reaction to a February 2014 tragedy that instantly affected all of UPMC’s 62,000 present and former employees, has ramifications not just for healthcare agencies, but for all businesses in the state, observers claims.

Data compromised in the breach involve names, dates of birth, Social Security numbers, tax information, addresses, and salary and bank information. In the year of April, 2014, UPMC confirmed compromised data for as many as 27,000 workers with at least 788 employees becoming victims of tax fraud, and a month later confirmed all workers were compromised, in accordance to the Pennsylvania Superior Court filings.

Attorneys for the employees argued in the Pennsylvania Superior Court that UPMC had a legal duty to secure employee information and that the organization didn’t properly encrypt data, develop firewalls and implement appropriate user authentication protocols.

A trial court ruled that UPMC didn’t owe a duty of reasonable care in gathering and storing employee information. The Superior Court agreed, pointing put the pervasiveness of electronic storage of information with an obvious social utility to promote efficiency. Moreover, the Pennsylvania Superior Court in its opinion said the mere duty that Pennsylvania’s legislature has enforced on companies in the state is notification of a data breach, and it is not for the courts to change the direction of the legislature because public policy is a matter for the legislature.

“While a data breach (and its ensuring harm) is basically foreseeable, we don’t consider that this possibility outweighs the social utility of electronically storing employee information,” the Pennsylvania Superior Court pointed out in its decision. “In the modern era, more and more data is stored electronically and the days of keeping documents in file cabinets are long gone. Without doubt, workers and consumers alike derive substantial benefits from efficiencies resulting from the transfer and storage of electronic data.”

The Superior Court doubled down on its assertions, saying a judicially created duty of care is not required to incentivize companies to secure their confidential information. “We find it unimportant to need employers to incur potentially significant charges to increase security measures when there is no true way to stop data breaches altogether. Employers strive to run their businesses efficiently, and they have an incentive to secure employee information and stop these types of occurrences.”

Appellants, the court ruled, didn’t provide their information to UPMC for the consideration of its safe keeping but for employment purposes. The full ruling is available here.

 

Beacon Health System ACO Expands Relationship with Koan Health for Value-Based Analytics

The federally recognized accountable care organization (ACO) owned by Beacon Health System in South Bend, Ind. — has expanded its relationship with Dallas-based Koan Health. Koan will now give comprehensive healthcare analytics, risk management and performance improvement services for several CHA ACO and Beacon initiatives.

"CHA ACO and Beacon are innovators in the region of Indiana," pointed out Jeff Hayes, Koan Health executive vice president. "We are excited to assist them strengthen results in all of their value-based attempts."

Through the contract, CHA ACO and Beacon will have approach to proprietary analytic tools and consulting services of Koan Health that observe and target areas for improvement in population health and particular episodes of care.

“Analytics of Koan Health are much more flexible, transparent and detailed in contrast to any of the competition's," stated Diane Maas, Beacon Health vice president. "And their responsiveness and service make them true partners."

Koan will support the Beacon team in setting, monitoring and achieving performance improvement aims in 2 strategic areas:

  • Accountable care relationships (Employee ACO and Medicare Shared Savings Program) with almost 30,000 covered lives and over $300 million in yearly expenditures.

  • Episode-of-care relationships (Medicare Bundled Payments for Care Improvement Initiative and Comprehensive Care for Joint Replacement Model) with nearly 700 episodes and $15 million in yearly expenditures.


"Our analytics develop a deep link between clinical and financial performance," claimed DT Nguyen, Koan Health chief executive officer. "Our experience with accountable care and bundled payments enables us to assist organizations to coordinate improvement across all of their public, private and employee programs."

Value-based arrangements are part of a continual revolution in health care delivery and financing. Government and private payers seek to control charges by reimbursing providers deployed on clinical and financial results—rather than on the number of services they deliver.

Precise predictive analytics, like those given by Koan Health, are a critical tool in comprehending current performance, setting improvement goals, designing interventions and measuring outcomes.

 

Sunday, February 5, 2017

Indiana University School of Medicine startup launches EHR-embedded pediatric software

Digital Health Solutions, a startup initiated by 2 Indiana University School of Medicine professionals, is commercializing software it said will assist pediatricians better target care for their sufferers. The Indiana University School of Medicine startup launches EHR-embedded pediatric software.

The tool, known as Child Health Improvement through Computer Automation, or CHICA, augments electronic health records (EHRs) to assist physicians better assess sufferer risks, identify issues earlier and better document care quality. It was established by DHS President Stephen Downs, MD, section director of Children's Health Service Research at IU, and Tammy Dugan, senior software developer at IU and chief technology officer of Digital Health Solutions. The Indiana University School of Medicine startup launches EHR-embedded pediatric software.

The pediatric population "does not get as much attention due to the reimbursement structures in hospitals," Dugan claimed in a statement.

By licensing CHICA via the Indiana University Research and Technology Corp., the target is to give pediatricians tools that can assist improve care for children.

The technology works by first screening families in office waiting rooms through an electronic tablet that inquires twenty queries.

"Deployed on the responses of family, the software uses its prioritization procedure to opt the most significant issues for the physician to address during the visit," Downs added. "The family can give information on a broad range of topics, involving general preventive counseling, asthma, attention deficit hyperactivity disorder, autism, domestic violence, iron deficiency, lead exposure, maternal depression, tuberculosis and more. It also permits physicians to alert sufferers to problems that might otherwise be overlooked."

When physicians access a sufferer’s EHR, the embedded link connects them with CHICA. The Indiana University School of Medicine startup launches EHR-embedded pediatric software.

"Once the doctors have checked all the boxes, demonstrating how they responded to the alerts, the data is submitted as a block of text to EHR software that can then be incorporated into the note of provider, thereby streamlining clinical documentation," stated Dugan.

"Payers of health care are searching for ways for providers to indicate superior-quality care," Downs said. "The system captures data that improves and indicates the quality of care, which could be used to make better reimbursement. It also gathers patient-reported information that cannot be captured any other way."

 

Friday, February 3, 2017

Microcephaly case links Directly to deadly Zika Virus

The Health Secretariat has confirmed about the very first microcephaly case in a newborn infant in Mexico, one that is linked straightly to the deadly Zika virus.

The premature baby passed away during childbirth in the month of November in the state of Oaxaca.

The National Institute of Perinatology in the city of Mexico confirmed that the microcephaly case diagnosis, and discovered traces of the Zika virus in the amniotic fluid, along with congenital deformities.

The Health Secretariat claimed in a press release that between the time period of November 2015 and January 2017 it confirmed 7,634 cases of Zika infections, 4,252 of which were pregnant females. Of those, 588 have given birth.

The health agency cautioned that it was possible there would be more cases.

The secretariat repeated its suggestions to ignore contracting the Zika virus by using long-sleeved shirts and pants and mosquito repellent; turning pails and bottles upside down, and accurately discarding those no longer in use; keeping water containers clean and covered; and keeping doors and windows closed or secured with mosquito nets.

Pregnant females should certainly attend their prenatal appointments and, along with the general public, seek medical consultation in case of suffering any of the symptoms.

The deadly Zika virus is like a mild form of dengue fever transmitted by the same mosquito, and is normally treated by rest. It can’t be stopped by drugs or vaccines.

Official figures demonstrated that last July there were 667 cases of Zika infections, and that 287 of them were pregnant females.

 

Several agencies lack effective direction on cybersecurity

Despite all the attention now concentrated on cybersecurity, a major number of agencies say they aren’t sure they know the most effective protection strategy to combat and tackle these kinds of attacks.

This deficiency of knowledge and protection “is putting businesses across the globe at threat of grinding to a halt,” in accordance to the new Corporate IT Security Risks survey from Kaspersky Lab.

The study discovered that 39% of agencies appreciate that they are not confident that they have precise IT security safeguards for cybersecurity in place.

“DDoS attacks in specific can rapidly incapacitate a targeted business’s workflow, bringing business-critical procedures to a stop,” the study pointed out. Although, the research discovered that 16% of businesses aren’t protected from DDoS attacks at all, and 49% depend on built-in hardware for protection.

“This isn’t effective against the increasing number of large-scale attacks and ‘smart’ DDoS attacks which are difficult to filter with standard methods,” the report added.

In several cases, agencies assume that they are already secured for cybersecurity from these kinds of attacks, but that confidence is mostly misplaced.

Some 40% of the agencies surveyed fail to put measures in place because they consider that their Internet service provider (ISP) will give protection. The survey discovered that 30% believe that their data center or infrastructure partners will secure them.

“The reality is that these agencies mostly secure businesses from large-scale or standard attacks, while ‘smart’ attacks, such as those utilizing encryption or imitating user behavior, need an expert approach,” the study elaborates.

Perhaps most surprisingly, the survey discovered that almost a third of agencies fail to take action because they consider they are unlikely to be targeted by DDoS attacks. Some 12% even appreciate that they consider that a small amount of downtime because of DDoS would not cause a major problem for the company.

“The reality is that any company can be targeted because such attacks are convenient for cybercriminals to launch. What is more, the potential cost of a single attack can be in the millions,” in accordance to the report.

“As we have seen with the recent attacks, DDoS is immensely disruptive, and on the rise,” claims Kirill Ilganaev, head of Kaspersky DDoS protection at Kaspersky Lab. “When hackers launch a DDoS attack, the damage can be devastating for the business that is being targeted because it disables a online presence of company. As an outcome business workflow comes to a halt, mission-critical processes can’t be completed and reputations can be ruined.”

“Online services and IT infrastructure are merely too significant to leave unguarded,” Ilganaev sustains. “That is why specialized DDoS protection solution should be considered an important part of any effective protection strategy in business today.”

Thursday, February 2, 2017

EHR analysis: Childbirth complications can raise autism spectrum disorder risks

An analysis of data from electronic health records (EHRs) of almost 600,000 kids born in Kaiser Permanente hospitals in the region of southern California between the time period of 1991 and 2009 has discovered a link between complications soon before or during birth and a higher risk of a child establishing an autism spectrum disorder (ASD).

The research indicates the power of using EHRs to give data for medical research that could affect care delivery and lay the groundwork for additional analysis.

Of the 594,638 records analyzed, 6,255 kids were diagnosed with autism spectrum disorder; of those, 37% experienced perinatal complications, in accordance to the study, released in the American Journal of Perinatology.

These kids with complications during birth had a 10% higher risk of autism spectrum disorder, and that number increased to 22% if complications began before labor. In all, kids exposed to complications before and during birth had a 44% higher risk.

Complications with the highest risk of ASD involved birth asphyxia, premature separation of the placenta from the uterus, preeclampsia, breech/transverse fetal presentation, fetal dystocia/abnormal size or position, and a prolapsed/exposed umbilical cord, in accordance to study results.

“Our study recommends that kids exposed to certain perinatal complications, particularly birth asphyxia and preeclampsia, were more likely to be diagnosed with ASD than those who weren’t exposed, even after adjusting for factors like gestational age at birth and a mother’s age, race and education,” lead author Darios Getahun, MD, claims.

2 other Kaiser studies in the time period of 2014 and 2015 found siblings have fourteen times higher risk of establishing ASD if an older sibling has it, and children with mothers that developed gestational diabetes by the 26th week of pregnancy also confronted increased risk.

The most recent study is available here.

 

Wednesday, February 1, 2017

Use cases will indicate development in data exchange

Data exchange among healthcare agencies has acquired increased significance as many in the regulatory sphere now recognize the significance of ensuring the free flow of information among all constituents.

Pressure is rising to make sure that the industry isn’t engaged in blocking information, either due to the competitive pressure or technical issues.

This year’s progress in acquiring interoperability will be on display at HIMSS17, where 34,000 square feet of floor space will be utilized to show industry progress in exchanging data or information among several partners in healthcare.

In the Interoperability Showcase, HIMSS gives an immersive experience that indicates the use of data and its exchange or data exchange, through several profiles and standards with live products that are presently in the marketplace.

“Because of the shift from fee-for-service to value-based models, the new showcase moves from beyond concentrating on the EHR as the sole data source for electronic health information, to a wide range of health information technologies utilized by individuals, providers and researchers,” HIMSS claims.

The emphasis at HIMSS17 will go beyond just indicating interoperability in transactions to more complex information exchanges. The showcase has been redesigned to show how interoperability will be fleshed out in a variety of use cases.

Several tours in the interoperability showcase will follow the exchange of information in the following areas:

  • Accountable care

  • Public health reporting

  • Commonwell care transitions

  • Community health

  • Diabetes management

  • Surgery and recovery

  • Patient data reconciliation


The showcase is the outcome of collaborative effort between public and private sector vendors and represents months of work to develop standards-based demonstrations of interoperability from the perspective of an individual like a clinician, caregiver, administrator or patient.

The Interoperability showcase is open February 20 through 22 anytime during exhibit hours in booth 9000 in the exhibit hall.

Basic information about the Interoperability showcase can be found here.