Wednesday, August 2, 2017

Protenus receives $3M in series A funding

Protenus, a company that is established an analytics platform intended to stop data breaches and secure patient information, recently gained $3 million in funding from investors to advance research and product development.

Kaiser Permanente Ventures and F-Prime Capital Partners invested in Protenus in its series A funding.

Protenus collaborates with several healthcare systems and hospitals across the country, and is capable to secure data for more than 44 million patients.

“This extra funding will assist us explore the cost and benefits of different kinds of products built off of our analytics platform to understand what is most needed in healthcare and how we can help best,” claims Nick Culbertson, the company’s CEO.

Protenus utilizes artificial intelligence techniques to better understand workflows in the healthcare industry, and the approach enables it to distinguish unsuitable access to patient information.

“We develop profiles on patients based on what kind of treatment they are getting, and we build profiles based on human resources data to understand what type of employees are accessing patient data,” Culbertson states.

In the year of 2016, over 27 million patient records were breached, as reported by the Protenus Breach Barometer, and so far this year, there has been an average of at least one health data breach a day, with 40% of them a result of insider access.

“We use system access logs to explain how certain kinds of workers are accessing (records of) certain kinds of patients throughout that care workflow process. In other words, we develop the clinical workflow in a virtual environment and understand how employees are virtually passing medical records from one to another,” says Culbertson.

Protenus expects to be able to use its platform to identify other anomalies in those workflows, enabling it to catch problems such as prescription abuse, fraud or other types of medical anomalies.

“We like to consider it [Protenus] as a tool to cause cultural reform, because a lot of individuals are doing things because they do not realize it is illegal, and so when you are able to identify it early, educate them and remind them that they are abusing access to sufferer data, that is a chance to educate and stop that in the future,” says Culbertson.

 

Tuesday, August 1, 2017

CMS Reduces Burden on Meaningful Use programs for the year of 2018

The CMS has acted to substantially decrease burdens on hospitals targeting to acquire the meaningful use programs of electronic health records (EHRs).

Hospitals are being given another year to use the 2014 Edition of Certified EHR Technology (CEHRT) software. Facilities also now have the option of continuing to meet modified Stage 2 measures for meaningful use programs, instead of being required to move to Stage 3 in 2018. Under the new final rule, hospitals now are not required to meet Stage 3 until the year of 2019.

Hospitals, at their option, also can use a combination of the 2014 and 2015 editions of meaningful use software.

The revisions to meaningful use regulations were issued today in a final rule covering the Fiscal Year 2018 Inpatient Prospective Payment System, which broadly covers payments to providers under Medicare.

Moreover, hospitals will be needed to report only four electronic clinical quality measures (eCQMs) in 2017 and 2018, rather than eight measures. And, providers can select any quarter of data for eCQM reporting for both years.

Also under the final rule, CMS is developing new requirements or revising existing requirements for eligible professionals (EPs), eligible hospitals and critical access hospitals (CAHs) participating in the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs.

The College of Healthcare Information Management Executives, an expert group that represents chief information officers and other healthcare IT professionals, highly praised the new policies.

“CMS took into account that both hospitals and vendors require more time to prepare for 2015 certified EHRs,” stated Liz Johnson, CHIME board chair and CIO of acute hospitals and applied clinical informatics at Tenet Healthcare. “Taken together, the common sense changes CMS made will give greater stability and certainty to hospitals, permitting them to continue to forge ahead using technology to better treat the patients they serve.”

The 2,456-page final rule, of which just a small portion addresses the meaningful use programs changes, is available here.

 

Contractor breach impacts data of 18,500 Anthem Medicare members

Only one week after Anthem accepted to pay $115 million to victims of its massive February 2015 data breach that impacted the 78.8 million people, the company confronts another data breach discovered by a contractor, this time affecting over 18,500 of Anthem Medicare members.

LaunchPoint Ventures, which gives insurance coordination services to Anthem, learned in the month of April that a worker likely was engaged in identity theft activities. The contractor then employed a forensic firm to assess suspicious incidents.

In the month of late May, LaunchPoint learned that the employee might have accessed data of other LaunchPoint customers, in addition to that of Anthem. The inquiry further determined that the worker emailed a file with information on Anthem members to his personal address in the month of July 2016; the inquiry couldn’t determine if the employee had a legitimate work-related reason for doing so.

LaunchPoint says the worker has since been terminated and is now being held by law enforcement on charges that are unrelated to the Anthem breach.

In June, LaunchPoint was capable to confirm that the Anthem data emailed by the worker contained protected health information of Anthem Medicare members. There is not yet evidence the data was misused. Compromised member information includes Medicare ID numbers including Social Security numbers, health plan ID numbers, Medicare contract numbers, dates of enrollment, and a restricted number of last names and dates of birth.

LaunchPoint is now reinforcing policies and protocols, and evaluating additional safeguards. The company is providing affected individuals 2 years of free credit monitoring and identity theft services with AllClear ID.

Anthem refused to comment on the incident, and executives didn’t say whether it will continue to use LaunchPoint’s services.