Guest post by Karen Holzberger, vice president and general manager, diagnostic solutions, Nuance Healthcare.
A few years ago, there was a witty car commercial advertising an alert feature that took the guesswork out of filling your tires by gently beeping to signal the appropriate pressure had been reached. It featured a series of vignettes where the car horn would beep, cautioning the owner to reconsider just as he was about to overdo something (for instance, betting all of his money on one roll of the dice). The concept of getting a reminder at the point of a decision is a compelling one, particularly if it can save you time or aggravation and guide you to do the right thing. In healthcare, any technology that can provide that level of support will have a profound impact on patient care.
Albeit humorous, that car commercial wasn’t far off the mark with healthcare challenges. Unnecessary medical imaging exposes patients to additional radiation doses and results in approximately $12 billion wasted each year, but it has also has another unintended downstream effect. It has fueled a culture of medical certainty, where tests are ordered in hopes of shedding light on some of the grey areas of diagnostic imaging, including incidental findings. The reality is that incidental findings are almost always a given, but not always a problem. So how do you know what to test further and what to monitor? And while one radiologist may choose the former option with a patient who has an incidental node finding, another might decide to go with the latter option, so who is right?
Beep! It’s important It is important that when a radiologist sees a nodule and it has certain characteristics, he or she makes recommendation for follow-up imaging, which is why the American College of Radiology (ACR) has released clinical guidelines on incidental findings. By offering standard clinical decision support on findings covering eleven organs, the ACR is helping radiologists protect their patients through established best practices for diagnostic testing.
The results of having this information at the radiologists’ fingertips are impressive. In fact, studies show that when these clinical guidelines are built into existing workflows, 90 percent of radiologists align with them, as opposed to alternative methods, such as paper print outs, which result in 50 percent concordance.
Chris Strammiello, vice president of marketing and product strategy, Nuance.
Patient admissions and discharge processes implemented at many hospitals today are rife with vulnerabilities and potential HIPAA violations. One of the greatest challenges hospitals face is how they can successfully deliver on dual requirements to make the information in a patient’s electronic health record (EHR) more accessible while at the same time making it more secure, especially because of their reliance on paper, analog fax machines and unmonitored multi-function devices (MFDs).
Every time a document or form is copied, scanned, printed, faxed or emailed — on either an analog fax machine, digital MFD or mobile phone or tablet — a patient’s protected health information (PHI) can be accidentally exposed or intentionally compromised. In light of this, federal standards have now defined digital MFDs as workstations, where PHI must be protected with administrative, physical and technical safeguards that authenticate users, control access to workflows, maintain an audit trail of all activity and encrypt data at rest and in motion.
Healthcare organizations need to add a layer of security and control to electronic and paper-based patient admissions and discharge processes to help minimize the manual work and decisions that invite human error, automatically mitigate the risk of non-compliance and avoid the fines, reputation damage and other costs of HIPAA violations and privacy breaches.
As hospitals are rapidly approaching an FY 2015 deadline for meaningful use, they must demonstrate their “meaningful use” of certified EHR technology, including the ability to protect patients’ health information, or face reduced Medicare payments. The recent HIMSS Analytics survey found that despite the vast majority of hospitals reporting progress toward Stage 2 EHR, barely half of them — just 54 percent — were yet capable of protecting electronic health information, a required Core Objective in Stage 1.
Acting under provisions of HITECH, the Department of Health and Human Services Office of Civil Rights issued new rules in 2013 that enhance patients’ privacy protections, expand individuals’ rights to their health information and strengthen the government’s ability to enforce the law. One new development from these rules is that a security risk assessment tool prepared by the Office of the National Coordinator for Health Information Technology (ONC) mentions copiers 15 times as being workstations where PHI must be protected with administrative, physical and technical safeguards that authenticate users, control access to workflows, encrypt data handled on the device and maintain an audit trail of all activity.
Hospitals also need to conduct a risk assessment to identify threats and vulnerabilities (including copiers), implement and train workers in data loss protection (DLP) technology and procedures, and establish security incident reporting.