Healthcare and Technology news
43.9K views | +10 today
Follow
Healthcare and Technology news
Your new post is loading...
Your new post is loading...
Scoop.it!

Who ‘owns’ the healthcare consumer of the future?

Who ‘owns’ the healthcare consumer of the future? | Healthcare and Technology news | Scoop.it

CVS and Aetna are merging. Amazon, JPMorgan Chase, and Berkshire Hathaway are forming a joint venture aimed at reducing health care costs and improving outcomes. Cigna is acquiring Express Scripts. The proposed mergers promise a revolution that could fundamentally alter the current healthcare landscape and the relationships between providers and patients. With these giant corporations betting big on healthcare, a logical question to ask is: What’s behind it all?

 

The answer is simple: ownership of the healthcare consumer experience, and by extension, the consumer.

Digitalization and healthcare consumerism

In the past few years, Amazon has reshaped the relationship between consumers and marketers. It has forged itself into being the preferred destination for consumers seeking convenience. Now, imagine Amazon applying this power to the healthcare sector. The company already offers a wide range of the over-the-counter drugs in their health and wellness section. Going from there to selling prescription drugs is not a big step. However, that step could become a big leap in terms of the shift in consumer loyalties if consumers are provided the option to order their 90-day medication refill and have it delivered to their doorstep (maybe even by a drone).

 

Recognizing the threat, many health systems are taking measures to digitalize their relationships with consumers by focusing on something they have long neglected: convenience. Virtual visits and e-visits are now becoming commonplace. A young mother of three no longer has to bundle her kids into the car and drive an hour each way to her hospital for a routine follow-up that takes all of fifteen minutes in the physician's office. A senior citizen in a wheelchair on multiple chronic-care medications no longer needs to "check in" by getting physically to a physician's office. They can both do their visits through secure messaging, or if required, through a virtual real-time consultation.

 

The above is just one example of how digitalization could reshape relationships between consumers and providers.

Data, analytics, digital

Here is another scenario that is already starting to play out. Consider a patient with high blood pressure. Technology is enabling patient-generated health data (PGHD) from wearables and sensors that include blood pressure, heart rate, glucose levels, and medication adherence to be transmitted seamlessly into the patient’s electronic health record (EHR). The combined data is being analyzed for trends and insights and made available to everyone involved in that patient’s care, enabling care teams to manage the patient more effectively. The patient can still control who can see the information by following an e-consent process through an app right on the mobile device. If a patient opts to participate in clinical studies, that person can be matched automatically with relevant opportunities. Both the individual patient and the population improve their health outcomes as a result.

 

Data-driven advancements are arriving in the form of both precision medicine and healthcare consumerism. Advancements in precision medicine are expected as the relationship between data from wearables, sensors, social determinants and other emerging sources is better interpreted through advanced artificial intelligence (AI), and yielding better outcomes. We are in the early stages of a new push toward patient-centered, consumer-directed care that is demonstrating strong growth potential.

 

What we are also starting to see is some redistribution of the in-person visits between traditional providers and emerging ones. As an example, CVS and Aetna are betting that consumers may prefer to visit one of their many walk-in clinics for minor conditions instead of waiting to schedule an appointment with their primary care physician in the hospital down the road. Urgent care is already shifting out of hospitals, and in many cases, going virtual altogether. The rise of companies such as Teladoc and Doctor-on-demand is clear evidence of this.

Bricks and mortar is not going away

None of this suggests that the traditional healthcare setting is fading into obscurity. Health systems, especially those with strong brands in their local and regional markets, have an unassailable lead today as trusted healthcare partners in their communities. Many of them are already making big investments in digitalization programs that will enable consumers to get the best of both worlds, namely a virtual experience for routine healthcare and urgent care needs, and an in-patient experience for acute care needs. For a high-quality patient journey, these two worlds must be tightly integrated. Only traditional hospitals can provide that truly integrated experience today.

The future of healthcare consumerism is not an either/or

If Big Data’s relationship to precision medicine has been on a more or less predictable trajectory, the explosive growth of healthcare consumerism has opened up options for healthcare consumers seeking convenience in addition to the quality of care. The healthcare leaders of tomorrow will ideally sit at the intersection of these two critical aspects of healthcare delivery. A reputation built on high-quality care alone will no longer be enough; neither will a reputation for slick user interfaces and transactional convenience.

 

A friend, who is also the CIO of a large health system, recently suffered a heart attack during a race. As he felt it coming on, he wisely checked himself into the medical tent from where he was rushed to a nearby hospital. A stent was put into his chest that saved his life. Imagine a scenario where with the help of real-time, advanced analytics and AI technologies, his imminent heart attack could have been predicted. Imagine, too, if he had not had access to one of the most experienced and qualified cardiologists in the country to attend to him during the emergency. Digitalization can ensure that the cardiologist's knowledge, wisdom, and experience are still accessible no matter the current physical location of the patient.

 

Ownership of the healthcare consumer experience requires a mixture of convenience and quality enabled by a robust data and analytics capability. No one sits precisely at that happy intersection today. However, the race is already underway to get there.

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

Safe Texting In HealthCare : Do’s And  Dont’s 

Safe Texting In HealthCare : Do’s And  Dont’s  | Healthcare and Technology news | Scoop.it

Texting is the most popular feature of a smartphone and 97% of Americans sent texts to their friends and family because texting is easy, quick and an effective method to communicate. However, texting is considered as an unsafe method of communication for healthcare purposes. In the healthcare world there are many rules that govern this form of communication.

 

The privacy and security rule of HIPAA/HITECH covers communication of electronic protected health information (ePHI) that includes social media, email and text messages. For example, the nurses at a nursing facility sent patient information to the medical providers through a text message. Though there was no evidence that an unauthorized person viewed the messages, CMS chalked out a ten point remediation plan to train staff and appoint a HIPAA security officer and change the HIPAA policies and procedures of the nursing facility.

 

Immediate action was taken by CMS because texting creates a record, unlike a telephone call. In a telephone call, it is easier to know that you are communicating to the right person. While texting sensitive patient information is not at zero risk, because at least one third of people who have text their medical information to public surveys say that they have sent it to the wrong person by mistake. Further, HIPAA/HITECH privacy violation rules can charge fines up to $50,000. It is advisable to avoid the tendency to text patient information to a colleague for a quick patient consultation.

 

HIPAA Compliant Texting

 

Even though texting has many downsides, a secure mobile messaging compliant with HIPAA can be used with the following rules:

  • Secure data centers – Offsite or onsite data centers must adhere to high levels of physical security and policies. This is to control and conduct continuous risk evaluation for data exchange through texts.
  • Encryption – ePHI must be encrypted both in transit and at rest.
  • Recipient authentication – Confirmation that text communication containing ePHI goes only to the intended recipient
  • Audit controls – The ePHI message must be automatically recorded and it should be available for any type of audit such as sender, receiver, content, etc.

The volume of text messages indicates the preference for all to follow this method of communication. The number of texts sent by American in 2008 was 1 trillion and the number of text sent by Americans last year was 1.92 which is almost the double. Therefore texting cannot be abandoned fully, but the HIPAA rules mentioned above can make it safer to send and receive patient information through texting.

 

Appointment and Wellness Reminders using Text message

 

It may be a practice in your clinic to send reminder texts to patients for appointments. There are statistical evidence that text reminders reduces the rate of patient no-show. HIPAA rules does not regulate communications that are not a part of ePHI.

 

Text reminders help patients to follow medication, healthcare and recommended lifestyle. Researchers point out that text reminder help patients with chronic disease to manage diabetes. It helps African Americans to take their medication for time, especially those suffering from high blood pressure. Reminder texts help people to exercise and maintain their physical activity levels. In addition to the above advantages, more research is required to find out more best practices in texting patients.

 

Secure texting for the above services are now made available by Healthcare vendors through simple apps that allow medical professionals and physicians to use texting within a HIPAA approved platform. Government agencies usually do not use these apps, so it is important to make sure that these apps are HIPAA compliant. If you wish to avail texting service using a third party secure texting platform check for the three guidelines that offer security to PHI: integrity, confidentiality and availability. Nowadays, more than 80% of medical clinics and physicians use EHRS to communication with patients. Electronic health record systems allow communication with patients through text or email over a secure patient portal that meet the Meaningful Use requirement.

Whichever method of electronic communication is used, train your staff at the medical clinic to never transfer ePHI over a non-secure mode to save yourself from being penalized.

Technical Dr. Inc.'s insight:

Contact Details :
inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com/tdr

more...
No comment yet.
Scoop.it!

Obama Gives Data Security Some Needed Momentum

Obama Gives Data Security Some Needed Momentum | Healthcare and Technology news | Scoop.it

Every year, I see Mac McMillan at HIMSS and wonder if he’ll ever be positive.

Of course I’m joking, but in a way you can’t blame McMillan—a renowned data security expert, chair of the Healthcare Information and Management Systems Society (HIMSS) Privacy and Security Policy Task Force, and CEO of the consulting firm, CynergisTek—for being a “Debbie Downer.” Data security in healthcare has been and is abysmal.

Every year, the Traverse City, Mich.-based Ponemon Institute releases its annual patient privacy and security study and the results are somewhat startling. This past year, 90 percent of respondents say they’ve had at least one data breach over the past two years, while 38 percent have had more than five data breaches in the same time period. The economic impact of a breach has remained steadily high.

And this is just one study of many, one voice of many, and one indication that healthcare has a big problem with data security. It’s not exactly far-reaching to say we have a long ways to go if these abysmal statistics are to reverse.

Moreover, it could get worse before it gets better. Hackers are now starting to target healthcare data holders. This week, Jason Roos, CTO at Stanford Hospital & Clinics and Stanford University Medical Center in Palo Alto, Calif., explained to me why the exposure of the threat is significant in healthcare, compared to other sectors.

 One of the big problems is that it seems like a lot of high-level executives in hospitals don’t care about data security until it’s too late. They don’t want to be put in protections, do a risk analysis, and pay for extensive training until they have the Department of Health and Human Services’ (HHS) Office of Civil Right (OCR) knocking at their door.

It’s not just healthcare that lags in this way. The retail, entertainment, finance, education, and government sectors seem to have this problem too. In our podcast conversation, McMillan called 2014 the year of the incident. You could say that again. Sony, JP Morgan, Community Health, Home Depot all had high profile breaches. Incidents were everywhere in 2014.

I guess that’s why I was excited to read about President Barack Obama’s dedication to data security, which made the news this week. Specific information on his proposal is sparse, with most details expected to be announced during the State of the Union on Tuesday, but let’s just acknowledge that something is better than nothing. As a privacy expert said in this CNET article, "This is a huge shot in the arm to a much-needed advancement for our legislative protections.”

A nationally recognized data security policy tells every higher up, whether they are in healthcare or not, “Respect the threat. Be prepared.”  

In New York, Attorney General Eric Schneiderman quietly took it a step farther. He proposed a bill that would expand the definition of private information to include email addresses in combination with a password or security question and answer; require entities that store private data have reasonable technical and physical safeguards, assess risks regularly, and obtain third-party certifications showing compliance with these requirements; incentivize companies to provide higher levels of data security and share forensic reports with law enforcement officials. I admire the fact that he wants the strongest data security law in the country.

While these measures are not directed at the healthcare industry specifically, they very well could have a trickledown effect that gives it the kick start that is so desperately needed. In other words, maybe in a few years, I’ll go to HIMSS and Mac McMillan will be a little less annoyed at the way things are with data security in healthcare.


more...
No comment yet.
Scoop.it!

How blockchain can address the two biggest challenges in healthcare IT

How blockchain can address the two biggest challenges in healthcare IT | Healthcare and Technology news | Scoop.it

A recent study on blockchain adoption in health care by Blackbook Market Research indicated that a large percentage of payers surveyed, and a small but growing percentage of providers, were either considering deploying or were in the process of implementing, some blockchain solution sets. Blockchain appears to have moved from the awareness and education phase to actual deployment of solutions.

 

“Blockchain can solve two of the biggest problems in health care today," says Lidia Fonseca, CIO of Quest Diagnostics, a leader in lab testing services. She is referring to the gnarly issues of interoperability and data quality. While data quality has long been an issue in health care, the interoperability challenge is a legacy of the massive digitization of patient medical records over the past eight years which have left us with proprietary electronic health record (EHR) systems that don't "talk" to one another. The result is inefficiency and waste, as stand-alone information systems slow down processes and create redundant work. 

Taking a look at the healthcare blockchain pioneers

Some technology solution providers, including IBM and Change health care, along with a number of other companies listed in the Blackbook Research study, have made initial moves in establishing blockchain capabilities and launching solutions. Federal agencies such as FDA and CDC have expressed interest in applying blockchain to find solutions for public health issues.

 

Amazon, with its long-awaited entry into health care, recently announced the launch of blockchain templates for health care, aimed at making it easier for developers to create blockchain-based projects and deploy blockchain networks via open source frameworks. In a sense, Amazon has started the democratization of the blockchain-enabled application development, something we saw before with machine learning algorithms in the wake of the big data and analytics hype a few years ago.

 

A group of large healthcare enterprises, including large payers such as Humana and United Health Group (UHG), along with Quest Diagnostics, UHG subsidiary Optum, and Multiplan Health recently came together to launch a blockchain pilot program to solve for one of the most significant data challenges in health care today – provider data management. Provider data, a fundamental enabler for all manner of healthcare transactions, is a key building block for processing claims and maintaining up-to-date provider directories. Today, most provider data is stored in siloed and independent databases. Provider data quality is estimated to be a $2.1 billion problem today, according to a report by CAHQ, a non-profit alliance focused on creating shared initiatives to streamline the business of health care. By streamlining the inefficiencies in provider data maintenance, participants can have a "single source of truth." It is estimated that up to 75 percent of provider data management costs can be eliminated using blockchain solutions.

What it will take for blockchain initiatives to succeed

While blockchain is coming of age in health care, we’re still in the early stages of the hype cycle for blockchain. The initial mania around bitcoin, the very first use case for blockchain, is now giving way to more carefully considered use cases for business with tangible benefits. Healthcare, a sector that generally lags in the adoption of technologies, is currently in a wait-and-watch mode; notwithstanding the high levels of interest among payer organizations, the Blackbook survey also points to low levels of interest among health systems, citing the undetermined cost of blockchain solutions as the major issue that stops health system executives from committing to a timeframe for deploying the technology. Our best hope is that the early pilots will bring tangible proof points and provide more confidence to the industry in the technology.

 

Health care is a team sport and so is blockchain. The more participants there are in a blockchain network, the better it is for the network and the industry. Pilot programs such as the provider data management initiative by Quest Diagnostics and others will need a much higher level of participation across the industry to reap the benefits of the network effects.

 

As with most transformative technologies, the big challenge is usually not the technology; it’s managing culture and workflow changes, driving collaboration, and an execution focus. In blockchain, there is an added dimension of a commitment and willingness to work across company boundaries, which is an entirely new paradigm for most health care enterprises.

In a unique development, a group of health care industry executives has come together to launch a peer-reviewed blockchain journal to share both the positive and the negative experiences with blockchain in health care.

 

The potential for blockchain to improve health care operating efficiencies is significant. High-value use cases include revenue cycle management, supply chain, clinical trials, and provider data management. The initial pilots will need to demonstrate the real benefits of the technology and lead to higher adoption of blockchain in the coming year.  

Technical Dr. Inc.'s insight:
Contact Details :

inquiry@technicaldr.com or 877-910-0004
www.technicaldr.com

more...
No comment yet.
Scoop.it!

Hospital employee gets indicted for fraud

Hospital employee gets indicted for fraud | Healthcare and Technology news | Scoop.it

A former employee at a major New York health system has been indicted, along with seven others, for stealing personal data of 12,000 patients, enabling more than $50,000 in fraud.


Manhattan's district attorney last week announced the indictment of Monique Walker, 32, a former assistant clerk at the eight hospital Montefiore Health System, for swiping patient data and supplying it to an identity theft ring. Walker, who had access to patient names, Social Security numbers, dates of birth, among others, reportedly printed the records of as many as 12,000 patients and supplied them to seven other individuals who used the data to make multiple purchases from department stores and retailers.


Walker, according to the New York County’s District Attorney’s office, sold the patient records for as little as $3 per record. Co-conspirators were able to open credit cards and make several unauthorized big ticket purchases at Barneys New York, Lord & Taylor and Bergdorf Goodman, among others. Defendants have been charged with grand larceny, unlawful possession of personal identification information, identity theft and criminal possession.


"In case after case, we've seen how theft by a single company insider, who is often working with identity thieves on the outside, can rapidly victimize a business and thousands of its customers," said New York County District Attorney Cyrus R. Vance Jr. in a June 18 press statement announcing the indictment. "I thank Montefiore Medical Center for taking immediate steps to alert authorities to ensure that those involved are held responsible, and moving swiftly and responsibly to notify and protect patients."

The case of insider misuse with patient data within healthcare organizations is nothing new. In fact, according toVerizon's annual data breach investigations report published this spring, security incidents caused by insider misuse – think organized crime groups and employee snooping – jumped from 15 percent last year to 20 percent in 2015.


"We're seeing organized crime groups actually position people where possible in healthcare organizations so they can steal information for tax fraud," Suzanne Windup, senior analyst on the Verizon RISK team, told Healthcare IT News this spring. "As organizations are putting in better monitoring and they're reviewing access logs, they're finding more cases of snooping."


As Cathleen A. Connolly, FBI supervisory special agent explained at Healthcare IT News' Privacy & Security Forum this past March, "your people that work for you are a very large threat," speaking in the context of combatting insider threats within healthcare.


What's more, according to data from the U.S. Department of Health and Human Services, unauthorized access or disclosure accounts for 5.3 million of the patient data compromised in HIPAA breaches. 

more...
No comment yet.
Scoop.it!

NIST to Address Medical Device Security

NIST to Address Medical Device Security | Healthcare and Technology news | Scoop.it

In an effort to address the cybersecurity challenges of networked medical devices, the National Institute of Standards and Technology, through the National Cybersecurity Center of Excellence, is launching a project to secure those devices from risks such as malware, hacking and access control.


The project, done in collaboration with the Technological Leadership Institute at the University of Minnesota and the medical device industry, is inviting comments on ways to properly secure medical devices that are increasingly being connected to central systems within hospitals, the NCCoE says, starting with draft use case on wireless infusion pumps.

While security experts see the move as a positive step forward in raising awareness on security risks to such devices, it may not be enough to get device manufacturers to address the issues. For one, NIST doesn't have any regulatory oversight, says Mac McMillan, CEO of security consulting firm CynergisTek. "Whatever they come up with is not going to get us where we need to go," he says. "What we need is for the Food and Drug Administration to put out a hard and fast rule that [manufacturers] have to pay attention to."

Still, NCCoE's initiative is a comprehensive effort to address medical device risks, says Christopher Paidhrin, security administration manager in the information security technology division at PeaceHealth, a healthcare system in the Pacific Northwest. "We need to start with a realistic use case, and infusion pumps are a high-use medical device."

The push by NCCoE to address medical device security comes two months after the Food and Drug Administration issued final guidance calling for manufacturers to consider cybersecurity risks as part of the design and development of medical devices.

In Aug. 2013, the FDA also issued guidance on the radio frequency of wireless medical devices, including recommending authentication and encryption for reducing security risks and related patient safety threats.

Project Details

The draft use case NCCoE is launching will focus on wireless infusion pumps, which transport fluids, drugs and nutrients into a patient's bloodstream. "A networked infusion pump can allow centralized control of the device's programming as well as automated cross checks against pharmacy records and patient data to ensure the right dose of fluids or medication are delivered," NCCoE says. "But these connected devices can introduce new risks in safety and security compared with stand-alone devices."

The case identifies the people and systems that interact with infusion pumps, defines their interactions, performs a risk assessment, identifies applicable security technologies and provides an examples method or implementation to secure the system, NCCoE says. Comments on the draft use case should be submitted by Jan. 18, 2015.

After the use case is finalized, the NCCoE will invite organizations to participate in developing a practice guide that contains materials and information needed to deploy an example solution of off-the-shelf products that address the technical security problems.

Moving into 2015, the NCCoE would like to have a set of practice guides dealing with different types of medical devices, says Gavin O'Brien, project manager at NCCoE. "For instance, MRIs ... have lots of computing power on them," he says. "They're very different than infusion pumps and all of those are different from say implantable [devices]."

But for now, the practice guide being developed around the infusion pump use case will be written in a way that people can use pieces from the guide to secure devices within their own organization, O'Brien says. "In the use case, we talk about issues that are specific to infusion pumps, but where those issues apply to other devices ... the [practice guide] will be beneficial to them."

Analyzing the Latest Effort

Before all medical devices are networked, standards and baseline security controls need to be in place, PeaceHealth's Paidhrin says. "Healthcare will leverage them, if they are available," he says. "Medical device manufacturers are wakening to the challenge, but the pace is slow compared to the advance of technology and exploits."

A key challenge will be getting the medical device manufacturers on board with the latest efforts around medical device security, says privacy and information security expert Rebecca Herold. "The overall sentiment coming from the manufacturers has been that they will basically do only the minimum necessary to secure the devices, as required by the FDA," she says.

And while the FDA recently released high-level guidance, "it really did not provide the details necessary to spur medical device manufacturers to take action and engineer their devices" with certain security controls built in, Herold says.



more...
No comment yet.