By Dena Bauckman, vice president of product management, Zix.
Dena Bauckman
When you go to the hospital, you want to be under the care of the best personnel and state-of-the-art technology. It’s easy to assume that’s the case when you’re surrounded by astronomically expensive devices like MRI machines, CT scanners, and surgical robots.
Behind the scenes, however, systems might not be on the cutting edge. According to a report from the Institute of Global Health Innovation at the Imperial College of London, the National Health Service is plagued by inadequate cyber defenses that could put the service system’s patients at risk. The picture isn’t any rosier on this side of the Atlantic Ocean. In September 2019 alone, just shy of 2 million records were breached in American healthcare hacks.
Antiquated computers, insufficient funding, and a lack of necessary expertise in cybersecurity are all combining to create a dangerous situation in healthcare. Sensitive as patient data may be, its theft isn’t even the biggest risk. “A cyberattack on a hospital’s computer system can leave medical staff unable to access important patient details — such as blood test results or X-rays, meaning they are unable to offer appropriate and timely care,” one of the aforementioned report’s authors wrote. “It can also prevent life-saving medical equipment or devices from working properly.”
A Typical Diagnosis
Despite the plethora of healthcare cybersecurity breaches in the headlines, most organizations still aren’t prepared to defend themselves against the latest generation of cyber threats. That’s no surprise because the number of threats they must contend with is increasing each day. In order to provide the best care possible, healthcare organizations must also collect some of the most valuable data available to enterprising cybercriminals.
Birthdays, Social Security numbers, payment information, and health records all add up to an identity theft gold mine. Once they have the information, hackers can steal even more with targeted phishing campaigns (a practice called spearphishing) that are almost impossible for the average user to detect. If all else fails, the granular detail associated with healthcare information means that the data can fetch a large sum on the dark web — especially when records are stolen by the millions.
As healthcare organizations adopt exciting new technologies, the problem only becomes worse. Those new technologies come with new vulnerabilities, some of which won’t be discovered until they’ve caused a breach. With so many digital devices (including those owned by employees) being used to access, store, and transmit sensitive data, it’s no wonder hackers are having an easy time finding an entry point.
By Glenn Day, chief sales officer and practice leader of healthcare, HUB International.
True Story: An employee at one New England medical practice stayed after hours to search patient records for gossip on her neighbor. She found what she was looking for – evidence that the neighbor was seeking psychiatric counseling. She posted it on Facebook. As soon as the clinic discovered what happened, the employee was terminated.
But, the damage had already been done. The practice was named in a lawsuit for failing to properly supervise the employee and safeguard patient medical records. Without cyber coverage, the medical clinic was on their own for legal fees and settlements.
Healthcare data breaches are complex and this story is just one example. It doesn’t matter who the perpetrator of the breach is, the responsibility for regulatory-compliant breach response almost always falls upon the original data collector.
With more than half – or 63% – of healthcare cybersecurity breaches caused by criminal or malicious activity; hacking accounts for 20% and ransomware represents 10% of healthcare breach claims.
Data breaches have also brought new regulations and guidelines to healthcare, like the HIPAA and ransomware guidelines published by the Department of Health and Human Services. The rule requires HIPAA-covered entities that have suffered a ransomware attack to prove thorough a documented investigation that their data wasn’t actually acquired, but only frozen by the hacker.
These forces have contributed significantly to healthcare’s rising data breach costs. According to the Ponemon 2017 Cost of Data Breach Study, healthcare has the highest per capita data breach cost.
Having a robust healthcare cybersecurity policy, and understanding what’s covered and what’s not can help alleviate losses and put your healthcare institution into the driver’s seat post-breach.
Here are seven things you need to know about healthcare cybersecurity coverage:
By Robin Cavanagh, chief technology officer, GetWellNetwork.
Robin Cavanagh
We’ve come so far in the medical field, from a treatment perspective. Over the past twenty years, major breakthroughs have occurred in all aspects of the healthcare industry, from pharmaceuticals to minimally invasive surgery. Isn’t it time we saw that same type of revolution, when it comes to the patient journey?
The “Patient Room of the Future” sounds futuristic, but many of the technologies needed to create an innovative space for optimal healing already exists. To make this patient-centered environment a reality, hospitals must find new ways to seamlessly integrate technology, like cloud computing, machine learning, artificial intelligence and IoT – doing so will facilitate better patient engagement, improve communication, and offer patients more control over their surroundings.
The Medical University of South Carolina (MUSC) is one hospital that recently recognized the need to revolutionize their patients’ experience and decided to reimagine a futuristic environment, combining technology with human-centered design principles to give patients choice, control and comfort—key components in the healing process.
Based on MUSC’s experience, here are seven tips for success when it comes to other organizations looking to create the next iteration of the patient room:
Involve patients and families in most, if not all decisions.
Creating the best patient room requires a team of people working collaboratively and bringing different perspectives to the table. While it’s critical to include doctors and nurses on this team, it’s also important to engage patients and families and hear what they’re looking for firsthand. In creating MUSC’s new children’s hospital, the organization formed 26 teams made up of doctors, nurses and family members, and collectively these teams – not architects – designed the new patient rooms. Involving patients and families in this process was invaluable and brought up conversations that the hospital’s team wouldn’t have had otherwise.
Develop a set of guiding principles for what your vision is and then stick with them.
Before getting started, organizations should hone in on their vision for the project and think through how they are going to get there. It may take multiple visioning sessions to come to an agreement on these guiding principles, but it’s important to think deeply about what the ideal experience will look like and how each decision will tie back to the patient. Organizations also must consider which vendors will help them achieve their goals and objectives. When MUSC began the process, they discussed the need to partner with vendors that believed in the hospital’s vision and could help them seamlessly integrate technologies from various vendors to create an enhanced experience for their patients.
Establish strong, trusting relationships with your leadership team and your strategic partners.
Constant communication and transparency are keys to success when undertaking this type of project. The closer that strategic partners work with the leadership team, the more likely the partners will understand the leadership team’s vision and, therefore, more likely to align on recommendations. As part of the technology planning at MUSC, vendors constantly mapped out and presented different use cases to the leadership team, providing opportunities to confirm how the team envisioned the technology functioning or bring up other barriers that the vendors needed to consider.
Though vision is one of the most important of all five senses combined, most people don’t think about their eye health until something goes wrong. Each year, millions of people are diagnosed with vision problems and eye diseases that alter their way of life. The unfortunate part is that many of these complications can be prevented with the assistance of an optometrist. While seeing the eye doctor is the responsibility of each individual, eye centers can do more to spread the word to encourage patients to make appointments.
So, how do you get people interested in their eye health and visiting places like Sharper Vision Centers? Here are some digital marketing solutions that have proven effective:
Have a website
A company website serves as the “first impression” of the brand. Patients need to have a place they can visit to get to know more about who you are, what services you provide, and how said services benefit them. Your optometry website should provide a professional yet inviting presence that encourages visitors to schedule an appointment for an eye exam, surgery, or other treatment solution.
As technology has come a long way, simply having a web address with your company contact information on it isn’t quite enough to keep visitors engaged. Your website needs to be user-friendly, easy to navigate, provide detailed information on your practice and services provided, and also engaging. Adding resources like company blogs, explanation videos, or customer reviews can also help to build your authority and strengthen the trust between your practice and the community it services.
It’s perhaps the greatest gift a person can have, but we usually take it for granted until it’s gone. Without it, nothing else in life is quite the same. And once it’s gone, it can be very hard to get it back. And while patients play the ultimate role in safeguarding and directing their health, the truth is that no one can do it alone. No matter what your role in the healthcare industry may be, you are charged with a sacred obligation to treat your patients with respect, honor, and care.
No matter who our patients are — rich or poor, young or old, sick or well — they depend on healthcare experts to help them protect this most precious gift of health. They expect and assume that those whom they entrust with their lives and the lives of those they love will be respectful of that trust, will care for them and their dear ones ethically and honorably. But what does this mean for your clinical practice? What do healthcare ethics look like in the year 2020?
Honoring the Human in the Technological Age
Privacy is one of the most sacred rights and significant concerns in healthcare. However, there’s no escaping the fact that we live in the era of big data, and there’s also no escaping the fact that big data can be a tremendous asset in healthcare. Even if a patient is thousands of miles away from home and from their primary healthcare providers, electronic health data can facilitate the sharing of essential medical records, from scans to lab results, with just the click of a button.
Big data can also make diagnosis much quicker and more accurate, and can give physicians instant access to the latest research to ensure that patients are receiving the best, most state-of-the-art, evidence-based therapies.
But how, in this age of big data and breathtakingly fast technological evolution do we ensure that respect for the human is not lost? How do we avoid reducing individual patients to a mere system of lab results and scans? How do we prevent losing the person in a sea of data sets? That will and must be one of the principal ethical considerations in 2020.
By Ken Perez, vice president of healthcare policy, Omnicell, Inc.
Ken Perez
“If you like your healthcareplan, you can keep it,” President Barack Obama famously said—many times—of his landmark Patient Protection and Affordable Care Act.
But the promise was impossible to keep.
In the fall of 2013, when cancellation letters—notices of cancelled plans—went out to approximately four million Americans, the public realized Obama’s assurances were wrong. As a result, PolitiFact named “If you like your healthcare plan, you can keep it” the “Lie of the Year” for 2013. Readers in a separate online poll overwhelmingly agreed with the choice.
The ambitious Medicare-for-All plan of Sen. Elizabeth Warren (D-MA), by explicitly abolishing private health insurance, obviously doesn’t promise that you’ll be able to keep your health plan, but many tenuous assumptions about it are being made, without much scrutiny. To be fair, some of these assumptions are of the wishful thinking variety, residing just in the minds of the public.
To date, the vast majority of the media coverage and, therefore, the public’s general understanding of the Warren plan have focused on its economics—the societal cost, i.e., what the nation as a whole will spend on healthcare over 10 years, from 2020 thru 2029, and the plan’s federal cost, i.e., the increase to the federal government’s spending over the same period of time and how that will be funded.
Warren promises that with her plan “Americans [will] have access to all of the coverage they need … including vision, dental, coverage for mental health and addiction services, physical therapy, and long-term care …”
But will they really have access? Canada, with a single-payer healthcare system, scored last of 11 high-income nations in terms of wait times for elective surgery and specialty consultations according to studies by the Commonwealth Fund. In Canada, according to Michael McKee—a Canadian surgeon who worked for more than 30 years under that country’s single-payer system—hospital resources, operating room time, implant budgets and other revenues are tightly and strictly rationed.
And what will happen to the quality of care when Americans manage to see a physician under Medicare-for-All? Based on a study of 67 countries published in the British Medical Journal in July 2017, the United States ranked second in average physician consultation time, at slightly above 21 minutes. Only in Sweden do physicians spend more time meeting with patients.
Rapidly advancing technology has made its presence felt in many branches of the healthcare sector, causing dramatic and drastic changes. Healthcare professionals today rely on technology in many different ways – from maintaining documents and keeping records to optimizing patient out-times and remote treatments. Not to mention the ability to provide more accurate diagnoses.
After years of effort to sort out PR, regulatory, and reimbursement challenges, telemedicine appears to be on the right track of becoming commonplace, ready to represent a sizable portion of care delivery. That near-term future has crafted a new term – virtual hospitals.
Catch the definition, if you can
Now, what does that term actually mean? We’re certainly talking about telemedicine, but that can mean a lot of different things to different people. Is it about iPad chats between doctors and rural patients, or about the implementation of IoT technology for AI-powered remote monitoring? The fact is that even professionals who’ve been involved with connected health technologies for over 20 years are not able to catch the definition by its tail.
The meaning behind “virtual hospital” usually varies by organization. In most cases, it stands for the group of intensive care physicians who are working in a call center environment. There’s a lot of screens and technology involved, but mostly to guide other users in remote places. Many smaller institutions, besides the fact that they’re difficult to reach, also don’t have full-time specialists. Doctors from virtual hospitals can prevent the waste of time by guiding the staff through medical procedures in an emergency or in critical cases.
Other organizations have embraced the concept of virtual hospitals as central freestanding facilities staffed with healthcare professionals. The best-known example of this concept is the St.Louis-based Mercy Virtual Care Center, opened in 2015 and labeled as the first virtual hospital. Their aim is to reduce the time it takes patients to meet their healthcare providers, but also to eliminate the need for very sick patients to come into hospitals frequently.
Efficient access across the globe
The term ?virtual? may not be the best pick since it sounds like it’s not real, while the provided care is very real. The point is that clinicians can be located anywhere across the globe. Although almost none of them dub themselves as a virtual hospital, around 65% of U.S. hospitals connect patients and practitioners remotely.
On the other hand, a recent survey carried out in Australia has shown that nearly 50% would never visit a virtual hospital. And this is not just because they have Medicare – it’s also about the lack of knowledge on the topic, resulting in the fear that they won’t get the same quality of care as an in-office visit.
To spread across the globe, it’s obvious that this puzzling term needs to be pinned down and explained. So, what does it all boil down to? Its core value is about two things — access and efficiency, and they need to work together.
The U.S. Department of Health and Human Services (HHS) released the draft 2020-2025 Federal Health IT Strategic Plan for public comment. The draft plan outlines federal health information technology (health IT) goals and objectives to ensure that individuals have access to their electronic health information to help enable them to manage their health and shop for care. The strategic plan was developed by the HHS Office for the National Coordinator for Health Information Technology (ONC) in collaboration with more than 25 federal organizations.
“The draft federal strategic plan supports the provisions in the 21st Century Cures Act that will help to bring electronic health information into the hands of patients through smartphone applications,” said Don Rucker, M.D. “We look forward to public comment to help guide the federal government’s strategy to have a more connected health system that better serves patients.”
The federal agencies that helped to create the draft strategic plan regulate, purchase, develop, and use health IT to help deliver care and improve patient health. Through these efforts, stakeholders such as providers, payers, and researchers are increasingly using health IT tools and systems that can provide individual patients access to their health information, provide for tracking and managing of their health care treatments, and allow for interactions with their healthcare providers. These can include the use of:
Electronic health records and patient portals through programs like Medicare and Medicaid at CMS, and health service programs at the Indian Health Service, Veterans Administration, and the Department of Defense,
Data systems to help monitor and pay for health care services, and
Health IT systems used for public health surveillance and research.
“The Federal Health IT Strategic Plan represents the work being done, collectively and individually, to help ensure that patients and their providers can electronically access the health information they need to help them manage their care,” said Lauren Thompson, interoperability director for the Federal Electronic Health Record Modernization Program Office. “We are looking for public comment about ways to expand the use of health IT to help improve the quality of care for people, so that those currently serving in or retired from the armed forces can benefit from a great care delivery experience, along with all other Americans.”
The final 2020-2025 strategic plan will serve as a roadmap for federal agencies and drive private sector alignment. Agency officials will use it to prioritize resources, align and coordinate efforts across agencies, signal priorities to the private sector, and benchmark and assess change over time.
True Story: An employee at one New England medical practice stayed after hours to search patient records for gossip on her neighbor. She found what she was looking for – evidence that the neighbor was seeking psychiatric counseling. She posted it on Facebook. As soon as the clinic discovered what happened, the employee was terminated.
Rapidly advancing technology has made its presence felt in many branches of the healthcare sector, causing dramatic and drastic changes. Healthcare professionals today rely on technology in many different ways – from maintaining documents and keeping records to optimizing patient out-times and remote treatments. Not to mention the ability to provide more accurate diagnoses.