Motivated Attackers Will Find a Way Into Any Given Network

Guest post by David Thompson, senior director, product management, LightCyber.

David Thompson
David Thompson

Healthcare organizations are stuck between being an ever increasing target of a data breach and generally having less security resources than a comparable enterprise. It’s a classic situation of needing more with less, with all of the urgency of a full-scale crisis.

Now it’s not uncommon to see the same organization suffer its second or third data breach, and patience (patients too) are wearing thin. At the same time, we know that many organizations have intruders that are lingering and have stayed hidden for a year or more. It’s possible the cybercriminals are using an undiscovered foothold in one organization to get to another within the same health or provider network.

Almost without exception, healthcare organizations of all sizes seem helpless to be able to stop a data breach. Stopping a breach means different things to different people, and that is part of the problem. A good portion of the industry is still focused on completely keeping an intruder from getting into their network. This is a fool’s errand and simply not achievable. Motivated attackers will find a way into any given network. Some professional vulnerability contractors will guarantee that they can break in to your network within two days. There are far too many ways for an attacker to get in, particularly through an employee account or computer.

So, you can’t keep a network intruder out, but you can try to detect their presence as quickly as possible. Almost all healthcare organizations currently lack this capability, but some newer solutions and procedures are showing great promise in making the speedy detection of a network attacker a reality. The good news is that these approaches might only require an hour or two of personnel time each day—and sometimes quite a bit less than that—so it is well within the means of a small healthcare IT group that wears multiple hats and is always pulled thin.

Continue Reading

How HIT Employee Expectations Are Changing and What You Need to Do to Hold Onto Your Best Employees

Guest post by Ben Weber, managing director, Greythorn.

Ben Weber
Ben Weber

The pace of life has changed over the last few decades, and it’s changed absolutely everything. Now, we expect communication to be instantaneous by email and text. We expect delivery to be two-day (and free), thanks to Amazon. And increasingly, expectations about work and careers have changed as well. The time spent at a single organization has been condensed, going from 40 years down to three, five or sometimes even less. Most people anticipate working for multiple companies over the course of their career, not to mention some may have multiple careers in the course of their working lives. Either way, this is a costly trend for employers.

That’s one reason we here at Greythorn conduct an annual survey of healthcare IT professionals: so we can understand what’s motivating them to stay, or seek out new employment. Have a look at some of our key findings and consider what this may mean for you and your team/organization. Perhaps there’s a nugget or two within that may help you ensure you’re doing everything you can to retain your top talent.

Motivation #1: A higher salary

It should come as no surprise that a higher salary can tempt someone away, even from a job they love. What might surprise you, however, is how many of your employees expect their salary to increase right now in their current roles: a full 87 percent of survey respondents said they expect at least a 3 percent increase in the next 12 months. If this expectation isn’t managed or met, the odds are good that you may start seeing some of your best employees begin to grumble.

According to our research, job security is no longer a top motivator for healthcare IT professionals. In our last survey, it slid from the top three—where it’s remained for several years—to number six. Meanwhile, 71 percent of the full-time employees who participated in our research said they’d consider joining the uncertain world of consulting—mainly, because the money’s superior. They’ve accepted that in consulting, job security is rare, and are choosing to embrace that higher degree of risk to capitalize on their earning potential.

So what can you do? Besides the obvious and often less feasible option of increasing everyone’s salary, you can provide transparency to your staff.  Ensure they understand what’s expected of them and are accountable for delivering on your key objectives. Provide documentation to support a salary review and/or a guaranteed raise based on meeting those objectives.  Explain some of the  obscured issues going on within your hospital or health system, which may make a raise unattainable (for now), and/or why the annual bonus was potentially smaller than what they’d hoped for. Although they may be disappointed with the news you’re sharing, you’ll further a trusted relationship—and their loyalty—with your honesty.

Continue Reading

Expanded Funding for HIE Connectivity

Guest post by Joe Cernik, vice president business development, eMedApps.

CMS and ONC recently announced an initiative (read: funding) to connect a variety of providers to health information exchanges, expanding the list of eligible providers to include long-term care, behavioral health and substance abuse treatment providers. Meant to increase the sustainability of HIEs and support improved access to the right patient data at the right time, the increased funding supports categories of providers that have been slow to adopt HIE technology.

The intent of increased funding for HIEs translates to better, more comprehensive access to patient data, improved patient care and reduced costs.

From a recent CMS blog post: ‘The great promise of technology is to bring information to our fingertips, connect us to one another, improve our productivity, and create a platform for the next generation of innovations. Technology, when widely distributed and available, enables providers to improve patient care by distributing information and best practices leading to better experiences of care for individuals in the health care system.” *

What does expanded funding for HIE connectivity mean for patients and providers?

One organization making the most of the initiative is the Massachusetts League of Community Health Centers, the statewide primary care association representing and serving the needs of the state’s 49 community health centers (CHCs). This organization partnered with eMedApps (infographic author below), to define a programmatic approach to onboarding CHCs to the IHE and extending the value of the funding increase.

Ellen Hafer, MTS, MBA executive vice president and chief operating officer for the Massachusetts League of Community Health Centers, shared her insight and experience connecting disparate providers to the Mass HiWay: “Health information exchange is critical as I envision it for quality of care in the short run now as well as the long run. Much of those benefits revolve around connecting disparate aspects of the care continuum at the community-health level. Community Health Centers (CHCs) are often independent organizations who serve as primary care providers, social support agencies and economic engines transforming their communities, one patient at a time. Many offer integrated care, but it’s across the spectrum of clinical specialties like behavioral health or oral health and not necessarily the full complexity of medical specialties. The information connection to behavioral health and substance abuse treatment in high risk populations extends the care continuum where it’s needed.”

Continue Reading

Recent Updates Give Home Health Agencies the Star Treatment

By Jackie Birmingham, RN, MS, vice president, emeritus, of clinical leadership, Curaspan.

Jackie Birmingham
Jackie Birmingham

The Affordable Care Act calls for provider quality to be publicly reported and widely shared. As a result, the Centers for Medicare and Medicaid Services (CMS) extended star ratings to home health agencies (HHAs) on Home Health Compare (HHC) in 2015 to provide home health care beneficiaries with a summary quality measure in an accessible format.

By supporting consumer choice and encouraging provider quality improvement, public reporting will remain a pillar for improving healthcare quality. Currently, CMS reports 27 process, outcome and patient experience of care quality measures on the HHC website to equip patients and their families with the right tools to make choices about home healthcare.

Calculating the Two Types of Star Ratings

1) The Quality of Patient Care Star Rating – This rating probes nine specific evidence-based process and outcomes measures for each home health agency such as timely initiation of care, improvement in patients’ functional status and hospital readmissions.  The measures are calculated into a composite score and star rating, which are typically calculated on a quarterly basis and include:

2) Patient Survey Star Ratings –These ratings incorporate the patient experience of care measures based on Home Health Care Consumer Assessment of Healthcare Providers and Systems (HHCAHPS). These surveys reflect patients’ views on a variety of issues including whether the staff checked patients’ prescriptions for side-effects and properly explained dosing instructions.

Continue Reading

The Final Frontier: Reduce Turnover and Differentiate Your Patient Experience

Guest post by Dr. Jennifer Yugo, chief scientist, Corvirtus.

Jennifer Yugo, PhD, SPHR
Jennifer Yugo, PhD, SPHR

This is a time of tremendous growth and change in healthcare. As in any industry, growth sparks competition as patients have more and more providers from which to choose. From the supply side, this means increased competition for new, repeat, and referral patients. Simultaneously, providers are being pressed to reduce costs while improving the patient experience as they compete for market share.

Healthcare is becoming more competitive as patients have more choices and better information about their choices, especially through social media. To compete, providers have to focus on delivering quality service, a compelling patient experience, and – like competitors in retail – generate buzz.

Our research shows that a healthcare provider’s employees are the most significant contributor to delivering quality, being compelling, and generating buzz. The first component of this formula is ensuring you are hiring the right people. These are employees who perform, fit, and stay.

Pre-employment assessments are widely used across other industries as a key ingredient to quality. Healthcare is a final frontier where personality tests can be leveraged to improve individual and team performance, reduce costs, and most importantly, improve and differentiate patient care.

Sadly, healthcare positions are often viewed as “The Untouchables” where intuition and gut-instinct for hiring and management are used over evidence-based best practices. Following our intuition often results in hiring the wrong people – those who do not perform, are difficult to work with, and either quit or get fired.

Turnover is a huge component of costs and an obstacle to improving care, as well as the patient experience. With shortage of 68,000 primary care physicians predicted by 2025, consider the cost of turnover for one physician:

Continue Reading

How IT Solutions of Medical Practice Can Help Streamline Your Business

Guest post by Saqib Ayaz, co-founder, Workflow Optimiation.

IT solutions are intended to making businesses more efficiently run and developed. In terms of medical practice, the business extends way beyond tending to patients only. Factors such as keeping both medical and billing record of patients, scheduling appointments that do not clash with each other, adhering to medical laws and regulations, and maintaining cross communication with patients as well as the support staff are central to smooth running of the medical practice.

The streamlining of these central factors among others constitutes “medical practice management” that is fueled and run consistently with the application of IT Solutions. These mainly include the usage of relevant software to help keep up with the daily operations; be it the medical activities or the administrative and support activities.

Some of the ways information technology solutions can help streamline your medical practice have been discussed in detail below.

Record Keeping

Higher the number of patients a medical practice tends to see, the trickier it is to keep up with the specific information and follow up instructions for them. IT solutions help manage the plethora of information ranging from medical record numbers to past medical prescriptions, medical tests history and health graph of specific patients. Employment of software such as the electronic health record help streamline these jobs, thereby making it easier to access detailed data regarding each patient.

Same goes for billing records. The best part about such software is their ability to converge different aspects of information about a patient at a single point, accessible through the patient’s medical record number prescribed by the practice.

Continue Reading

BYOD and eCOA: A Match Made in Heaven?

Cher pictureAsk anyone involved in the world of clinical trials about the biggest trend facing the industry, undoubtedly they will say “BYOD.” The idea of allowing patients to use their own mobile devices to report data related to their trial participation isn’t necessarily a new one, but with more people using smartphones and tablets than ever before, it’s moved to the forefront of discussions about the best way to manage eCOA data collection.

Why BYOD Is Gaining Traction

On the surface, incorporating BYOD into eCOA seems like a perfect, and obvious, solution. Using dedicated applications on devices that they already own and are familiar with — and most likely have on them most of the time — they can enter data easily, and in real time. The benefits don’t end there, either.

Cost — One of the most significant cost centers for clinical trials, accounting for about a third of the costs of clinical trials, is reporting. More specifically, those costs are incurred in the provisioning of devices for study participants to use in reporting their data. With BYOD, those costs are reduced significantly.

Improved Engagement and Compliance — BYOD in clinical trials removes some of the learning curve inherent in providing devices to participants. Patients are already familiar with how to work their devices, and generally use them on a regular basis, which has the effect of increasing their engagement with the study, and more likely to record the data when and how they are supposed to. There’s no need to carry or learn about a second device, or go to any extra effort, which has the potential effect of improving the accuracy of study results.

Improved Access — Some experts argue that allowing patients to use their own devices for data collection can help increase access to clinical trials for patients living in remote areas. Currently, patients in those areas cannot participate in trials due to limited broadband, but reporting via cellular connections may open new opportunities.

Clearly, there are some significant benefits to using BYOD for clinical trials, and the potential for improved outcomes cannot be ignored. However, there are some concerns about BYOD in this capacity — concerns that have significantly affected adoption rates.

Continue Reading

To Predict Healthcare’s Future: Look to Education

Guest post by Edgar T. Wilson, writer, consultant and analyst.

The current plight of America’s healthcare industry is not wholly unprecedented. In fact, it isn’t even unique.

Edgar T. Wilson
Edgar T. Wilson

American education — higher education in particular — is going through a parallel period of turmoil and scrutiny. It is really uncanny how closely the two industries actually reflect one another. Consider:

In the race to modernize and reconcile many of these conflicts of purpose and identity, it appears that higher education as a whole may be slightly ahead. Because of this relative lead on the healthcare industry, behavior within the American college and university system can act as a rough preview for the health sector. So, what do we see upon gazing into this crystal ball?

All for One?

A helpful place to direct this gaze is the recent ASU GSV Summit. The name alone reveals much about what is happening in higher education, and needs to happen in healthcare: Arizona State University, in the interest of promoting innovation, collaboration, and evolution in the higher education sector, joined forces with Global Silicon Valley’s family of companies to create their joint summit.

The summit began in 2009, seven years into the tenure of ASU president Michael Crow, who has become one of the leading voices and actors in higher education’s 21st century evolution. The summit is just one of the many strategic partnerships Crow has helped organize through ASU. Aligning the school with everything from technology startups supporting the development of ASU’s online degree programs, to the Mayo Clinic Medical School to offer future doctors transdisciplinary education in fields like business or engineering, Crow is expanding the reach of America’s largest public university by strategically sharing its resources.

In American medicine, there is a clear need for a similar attitude toward strategic partnerships and mission alignment, especially with technology companies and developers. This need is most acute in terms of EHR interoperability. Despite all the rhetoric, the old mentality of siloes, competition, and proprietary ownership prevail, and information remains immobile.

This symptom has implications that extend into every other facet of healthcare.

Patrick Soon-Shiong, billionaire, surgeon and incorrigible optimist, has set his sights on curing cancer. Much like the Precision Medicine Initiative, Soon-Shiong’s approach to this challenge is a matter of getting more, better data from as many partner institutions as possible.

“Cancer is really a rare disease,” he explains. “Because of the molecular signature, because of the heterogeneity, no single institution will have enough data about any [single] cancer. So you actually need to create a collaborative overarching global connected system.”

The end result — better medicine, better outcomes — is something common to the mission of every clinical organization, and ever caregiver practicing medicine. But the means — large scale collaboration, facilitated by transparency and a suspension of select elements of competition — are seldom realized in the current environment. Reconciling the ends and the means requires organizations to think bigger than themselves, and prioritize the sort of partnerships that bring new perspectives, larger pools of data, and creative solutions where they are desperately needed.

Continue Reading

Health IT Startup: Modio Health

Founded in 2014, Modio Health is a cloud-based credentialing and career management solution for healthcare providers and organizations.

Elevator pitch

Modio logoModio Health makes physician career management easier. Replacing outdated and time consuming credentialing processes, expensive middlemen and pushy recruiters with a technology platform that serves both physicians and healthcare organizations. Our goal is to streamline hospital operations, from straightforward, cost-effective credentialing to transparent physician staffing.

Product/service description

The Modio platform is home to thousands of healthcare providers, as well as many larger healthcare organizations and practices. By integrating with government agencies, public databases, and private sources, Modio has built a centralized practitioner database, called the Unified Provider Record, for healthcare providers and their affiliated organizations. Case studies show that the Modio platform decreases both provider credentialing time and the associated costs, reducing administrative burdens and eliminating lapsed licensure.

Origin story/founder story

Modio Health was born from the firsthand experiences of our team of doctors. Our founders had all been stung by the inefficiencies they encountered in their years of practicing medicine. The hassle of credentialing, the constant, nagging contact from recruiters, and high fees for licensing and job placements encouraged them to create a solution to these pain points. After heading a successful EHR implementation business in the early 2010s, they left their full-time jobs to get Modio off the ground. With the help of a Bay Area network of technology and production experts, and their own connections with healthcare providers, our founders launched Modio in July of 2015. Modio immediately gained traction with large ASCs, medical groups, and hospitals. Just nine months after its initial launch, Modio is already an integral part of many healthcare practices.

Marketing/promotion strategy

Our marketing strategy is heavily based on our extensive network of providers. Whether that’s our in-house team of physicians, or providers whom we’ve helped to get credentialed or find jobs, our network is constantly building up through referrals and simple word-of-mouth communication. We also promote the Modio name through targeted media, conferences, and mail campaigns.

Market opportunity (in your particular space—numbers, competitors, etc. are helpful)

Modio offers a scalable solution for healthcare management in a chaotic landscape. Few platforms aim for the level of comprehensivity that we do; Modio is the only service that combines credentialing services, an open job marketplace, and practice management all in one. In an industry that wastes more than $200 billion dollars every year in hospital administration costs, our efficient, inexpensive system is the first step to solving the problem.

Continue Reading

Does the US Technology Gap Push Med Errors into the Third Leading Cause of Death?

Guest post by Thanh Tran, CEO, Zoeticx, Inc.

Thanh Tran
Thanh Tran

Hardly a day goes by without some new revelation of a US IT mess that seems like an endless round of the old radio show joke contest, “Can You Top This”, except increasingly the joke is on us. From nuclear weapons updated with floppy disks to needless medical deaths, many of which are still caused by preventable interoperability communication errors as has been the case for decades.

According to a report released to Congress, the Government Accountability Office (GAO) has found that the US government last year spent 75 percent of its technology budget to maintain aging computers where floppy disks are still used, including one system for US nuclear forces that is more than 50 years old. In a previous GAO report, the news is equally alarming as it impacts the healthcare of millions of American’s and could be the smoking gun in a study from the British Medical Journal citing medical errors as the third leading cause of death in the United States, after heart disease and cancer.

The GAO interoperability report, requested by Congressional leaders, reported on the status of efforts to develop infrastructure that could lead to nationwide interoperability of health information. The report described a variety of efforts being undertaken to facilitate interoperability, but most of the efforts remain “works in progress.” Moreover, in its report, the GAO identified five barriers to interoperability.

CMS Pushing for “Plug and Play” Interoperability Tools that Already Exist

Meanwhile in a meeting with the Massachusetts Medical Society, Andy Slavitt, Acting Administrator of the Centers for Medicare & Medicaid Services’ (CMS) acknowledges in the CMS interoperability effort “we are not sending a man to the moon.”

“We are actually expecting (healthcare) technology to do the things that it already does for us every day. So there must be other reasons why technology and information aren’t flowing in ways that match patient care,” Slavitt stated. “Partly, I believe some of the reasons are actually due to bad business practices. But, I think some of the technology will improve through the better use of standards and compliance. And I think we’ll make significant progress through the implementation of API’s in the next version of (Electronic Health Records) EHR’s which will spur innovation by allowing for plug and play capability. The private sector has to essentially change or evolve their business practices so that they don’t subvert this intent. If you are a customer of a piece of technology that doesn’t do what you want, it’s time to raise your voice.”

He claims that CMS has “very few higher priorities” other than interoperability. It is also interesting that two different government entities point their fingers at interoperability yet “plug and play” API solutions have been available through middleware integration for years, the same ones that are successfully used in the retail, banking and hospitality industries. As a sign of growing healthcare middleware popularity, Black Book Research, recently named the top ten middleware providers as Zoeticx, HealthMark, Arcadia Healthcare Solutions, Extension Healthcare, Solace Systems, Oracle, Catavolt, Microsoft, SAP and Kidozen.

Medical Errors Third Leading Cause of Death in US 

The British Medical Journal recently reported that medical error is the third leading cause of death in the United States, after heart disease and cancer. As such, medical errors should be a top priority for research and resources, say authors Martin Makary, MD, MPH, professor of surgery, and research fellow Michael Daniel, from Johns Hopkins University School of Medicine. However, accurate, transparent information about errors is not captured on death certificates which are the documents the Center for Disease Control and Prevention (CDC) uses for ranking causes of death and setting health priorities. Death certificates depend on International Classification of Diseases (ICD) codes for cause of death, but causes such as human and EHR errors are not recorded on them.

According to the World Health Organization (WHO), 117 countries code their mortality statistics using the ICD system. The authors call for better reporting to help capture the scale of the problem and create strategies for reducing it. “Top-ranked causes of death as reported by the CDC form our country’s research funding and public health priorities,” says Makary in a press release. “Right now, cancer and heart disease get a ton of attention, but since medical errors don’t appear on the list, the problem doesn’t get the funding and attention it deserves. It boils down to people dying from the care that they receive rather than the disease for which they are seeking care.”

The Root Cause of Many Patient Errors

Better coding and reporting is a no-brainer and should be required to get to the bottom of the errors so they can be identified and resolved. However, in addition to not reporting the causes of death, there are other roadblocks leading to this frighteningly sad statistic such as lack of EHR interoperability. Unfortunately, the vast majority of medical devices, EHRs and other healthcare IT components lack interoperability, meaning a built-in or integrated platform that can exchange information across vendors, settings, and device types.

Various systems and equipment are typically purchased from different manufacturers. Each comes with its own proprietary interface technology like the days before the client and server ever met. Moreover, hospitals often must invest in separate systems to pull together all these disparate pieces of technology to feed data from bedside devices to EHR systems, data warehouses, and other applications that aid in clinical decision making, research and analytics. Many bedside devices, especially older ones, don’t even connect and require manual reading and data entry.

Healthcare providers are sometimes forced to mentally take notes on various pieces of information to draw conclusions. This is time consuming and error-prone. This cognitive load, especially in high stress situations, increases the risk of error such as accessing information on the wrong patient, performing the wrong action or placing the wrong order. Because information can be entered into various areas of the EHR, the possibility of duplicating or omitting information arises. Through the EHR, physicians can often be presented with a list of documentation located in different folders that can be many computer screens long and information can be missed.

The nation’s largest health systems employ thousands of people dedicated to dealing with “non-interoperability.” The abundance of proprietary protocols and interfaces that restrict healthcare data exchange takes a huge toll on productivity. In addition to EHR’s physical inability, tactics such as data blocking and hospital IT contracts that prevent data sharing by EHR vendors are also used to prevent interoperability. Healthcare overall has experienced negative productivity in this area over the past decade.

Continue Reading