I hope healthcare organizations delivered lots of TUMS and Advil to their beleaguered cybersecurity teams as a holiday bonus in 2018 – and maybe even a masseuse! With an overload of alerts, attacks and system compromises, it’s safe to say that working in a security operations center (SOC) can take both a mental and physical toll:
From 2010 to 2017, nearly 2,150 breaches involving more than 176 million patient records were reported to the Office of Civil Rights at the U.S. Department of Health and Human Services, according to a study published by the Journal of the American Medical Association (JAMA). During this period, the total number of breaches increased every year (except for 2015), with 199 reported in 2010 and 344 reported in 2017.
Following the release of its proposed new rules designed to improve the interoperability of electronic health information, members of leadership from the Centers for Medicare & Medicaid Services (CMS) hosted a call to provide additional detail about the proposed rule, and to answer questions from the media. The following includes the key takeaways from the officials hosting the call.
Seema Verma
Seema Verma, Administrator, CMS
CMS shares a commitment with patients to obtain and share their health data.
The proposed rules ensure patients have access to their records in digital format.
We are “unleashing” data for research and innovation while tackling what might be the greatest healthcare challenge in our history, including the potential upcoming healthcare cost crisis that could destroy the US economy.
MyHealthEData unleashes innovation and focuses on results.
CMS is doubling down by requiring health plans to release claims data. All health plans in Medicare, Medicaid and that have plans within the federal exchange must allow for information be shared so patients can take their records with them when they move on.
Through these efforts, more than 125 million patients will have access to health information and be able to take information with them.
We are putting an end to information blocking and will publically identify doctors, hospitals and others who engage in information blocking.
Patient data doesn’t belong to doctor, but to the patient.
We’re putting the patient at the center of healthcare data. The time of keeping patients in the dark to trap them in systems so that they can never leave are over.
We are empowering patients to understand their healthcare information.
This rule allows patients to aggregate their data in one place through APIs/apps – putting the data in one place to help them understand it. They can organize the information, create care reminders, take data for the next provider when they go to a new provider.
This allows for aggregation of data in one place; physicians no long need to duplicate tests, for example.
Patients can donate their data for research, if they so desire, possibly opening up new wave of innovation of development.
Don Rucker
Don Rucker, MD, National Coordinator for Health Information Technology (ONC)
Through this rule, ONC has put the technical underpinnings asked for in the 21st Century Cures Act.
Provisions have been made for security and privacy for patients.
Information blocking has not be enforceable until now.
Interoperability is technically there, but pricing strategies were not effective, but this proposed rule changes that.
This strikes a role for transparency – and helps lead toward providing information about what patients are buying and they are getting for a certain cost.
Getting transparency in pricing is very complicated, primarily because of decades of previous regulation.
Eric D. Hargan
Eric Hargan, deputy secretary, HHS Office of the Secretary
These proposals contain a number of historic measures designed so that individual patients can securely access their health records.
We believe empowering patients with this access will build an ecosystem that improves individual care and provides access to healthcare.
This also should reduce the burden on providers.
We can’t built a vale-based healthcare system with these rules.
The U.S. Department of Health and Human Services (HHS) today proposed new rules to support seamless and secure access, exchange and use of electronic health information. The rules, issued by the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC), would increase choice and competition while fostering innovation that promotes patient access to and control over their health information. The proposed ONC rule would require that patient electronic access to this electronic health information (EHI) be made available at no cost.
“These proposed rules strive to bring the nation’s healthcare system one step closer to a point where patients and clinicians have the access they need to all of a patient’s health information, helping them in making better choices about care and treatment,” said HHS secretary Alex Azar. “By outlining specific requirements about electronic health information, we will be able to help patients, their caregivers, and providers securely access and share health information. These steps forward for health IT are essential to building a healthcare system that pays for value rather than procedures, especially through empowering patients as consumers.”
By Brad Spannbauer, senior director of product management, eFax Corporate.
Bradley Spannbauer
When it comes to cybersecurity, healthcare organizations are up against a constantly shifting threat landscape. New technologies and techniques, employed by increasingly advanced criminals, require organizations to be proactive in their defense efforts, or they risk being outsmarted by those who seek to expose them. But security threats don’t just come from external sources; risks are just as prevalent within organizations. In fact, the latest edition of Verizon’s Data Breach Investigations Report found that healthcare is the only industry where insiders pose the greatest threat to sensitive data, with 58 percent of incidents coming from within.
Whether malicious in intent or the result of innocent mistakes by healthcare workers doing their best in a high-stress environment, a failure to recognize these risks and apply appropriate safeguards can have grave consequences for healthcare providers. For example, an IBM & Ponemon Institute study revealed that healthcare data breaches cost organizations $408 per record on average, which is more than three times the global average across all other industries. That may not seem like a lot of money, but multiplied by the thousands of records that could be contained on a stolen and unencrypted laptop, it adds up to a significant financial penalty.
The data backup plan was established as a mandatory stage of HIPAA compliance to create, implement and maintain a set of rules and procedures for healthcare organizations to follow when managing the backup and restore requirements of electronic protected health information (ePHI). A data backup plan is part of the HIPAA Security Rule and encompasses wider contingency planning processes that any chosen business associate (BA) or managed service provider (MSP) must be able to demonstrate a compliant backup service capable of backing up and restoring exact copies of healthcare data when required.
The data backup plan should be integrated within a wider contingency plan because it is designed as a failsafe for the protection of patient data. Most MSPs will already be offering disaster recovery technology capable of moving over data and services to a secondary location almost instantaneously. But backups are often considered the last line of defense in the event of a catastrophic system failure. It allows for data restoration capability to be available in the worst possible scenarios.
Anyone can become addicted to benzodiazepines, or benzos, and like any addiction, it can be a difficult thing to overcome but it is possible. Knowing the fine line between dependence and addiction can help you determine the next best steps to take. Like Xanax, Benzos are prescribed by doctors to treat patients with anxiety and panic disorders, however, it’s common that people start abusing the drug, eventually leading to a full-blown addiction. If you think you or a loved one may have a problem or beginning to develop a problem, there is help available.
By Allison Hart, vice president of marketing, West.
Allison Hart
Americans expect customer service to be fast. Whether they’re at the bank, the airport, their doctor’s office or elsewhere, they don’t like to be kept waiting. When waits are long, consumers are disappointed – or worse. But like it or not, consumers know waiting is probable in certain situations. For example, patients have come to expect they will have to wait when visiting healthcare providers. They aren’t wrong. In the U.S., the average in-office wait time when visiting a doctor is 18 minutes and 13 seconds, according the 2018 Vitals Index report.
Despite their best efforts, healthcare providers and organizations haven’t been able to eliminate waits in healthcare offices. Doing so may not be realistic. However, healthcare teams can minimize waiting and deliver better patient experiences by being more transparent about delays and communicating proactively with patients.
A majority of Americans feel healthcare keeps them waiting more than other industries. A West survey of 1,036 adults and 317 healthcare providers in the U.S. revealed 83 percent of patients believe healthcare organizations are more likely than companies in other industries to run behind schedule or keep them waiting. Think about that. Airlines frequently run late. When they do, passengers can be delayed for hours, or even sometimes days. So, why is healthcare the industry known for making people wait? It may be partially due to how healthcare communicates, or rather doesn’t communicate, about delays. Here are two communication strategies healthcare teams can use to repair their reputation and give patients better experiences, even when they must wait.
Health Wizz is an electronic file cabinet for your health records on your smartphone. We help provide the tools to help people aggregate their medical records, organize them, and format them so that they can be shared easily, seamlessly and securely on a blockchain, such as Ethereum.
Elevator pitch
It’s our body, it’s our data. Health Wizz is a secure mobile platform that provides consumers with the necessary tools for aggregating, organizing and sharing their medical health records with other family members or caregivers, as necessary, over the blockchain.
Founders’ story
Raj Sharma
The idea to take on the big health industry interoperability problem came to Raj Sharma, Health Wizz CEO, when he was sitting in the emergency room, helplessly watching his mother undergo yet another series of unnecessary, duplicative medical tests. This was even more painful as she had already done all those tests just a day before, at the first Emergency Room, where she was admitted after a fall. Because of interoperability issues that plague the healthcare industry, the tests could not be obtained in time for her second ER visit. As Raj sat watching his mother, exhausted and annoyed with all of the time and money wasted, he thought that if he had the healthcare data in a secure, portable format, it would have saved time and money, while ensuring better, timelier care. With this idea, he and his two co-founders Sirish Bajpai (CTO) and Dr. Nitin Desai (chief medical officer), founded Health Wizz.
The U.S. Department of Health and Human Services (HHS) today proposed new rules to support seamless and secure access, exchange and use of electronic health information. The rules, issued by the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC), would increase choice and competition while fostering innovation that promotes patient access to and control over their health information. The proposed ONC rule would require that patient electronic access to this electronic health information (EHI) be made available at no cost.
Anyone can become addicted to benzodiazepines, or benzos, and like any addiction, it can be a difficult thing to overcome but it is possible. Knowing the fine line between dependence and addiction can help you determine the next best steps to take. Like Xanax, Benzos are prescribed by doctors to treat patients with anxiety and panic disorders, however, it’s common that people start abusing the drug, eventually leading to a full-blown addiction. If you think you or a loved one may have a problem or beginning to develop a problem, there is help available.
