As the technology industry continues to experience continuous, rapid change and advancements, other industries are faced with the challenge of incorporating these new technologies, creating rules and regulations in order to ensure the safety and privacy of consumers and businesses. In 2020, technology will continue to lead to new developments in the healthcare industry, but will also leave room for new threats. In particular, telehealth will grow in popularity for both doctors and their patients, allowing for streamlined communication, more convenient consultations, an increase in treatment accuracy and the ability for patients to receive healthcare anywhere in the world.
As the health industry normalizes digitizing health data and providing telehealth services, we must also prepare for what lies in the year ahead for healthcare and data privacy – specifically as it relates to a rise in cyber threats, increase in regulations and the adoption of blockchain.
Protecting Privacy in the Wake of Cyber Threats
Today, telehealth is segmented, essentially meaning that “walls” exist in the network that protect data and act as a defense against hackers and cyber criminals. However, in the coming year, many networks will be streamlined and optimized into an end-to-end solution, likely under the umbrella of one vendor and cutting out third party applications. This has the potential to minimize costs, resources and time. However, accelerating digital health convergence in this way will open the door for network security vulnerabilities. Ultimately, this will provide hackers new avenues to access private patient data and find ways around pre-existing cyber defense mechanisms.
This increase in cyber threats due to the implementation of end-to-end solutions is something that the healthcare industry cannot be prepared for without proper regulation and a dedication to provider compliance.
Increasing and Reforming Regulations
As telehealth becomes a normalcy in patient-provider communication in 2020, we will see a rapidly evolving regulatory environment in order to combat the increase in cybersecurity threats and data breaches. This will lead to a need for additional regulatory compliance codes and demand for more security compliance assessments for healthcare providers and organizations engaging with personal health data.
After the enactment of the Affordable Care Act, insurers had to cut down on the “cherry-picking” of members and not provide insurance to just low-risk individuals. To some extent, the scope for earning high-profit margins had decreased for health insurance companies. This rule created an imperative for them to look for ways to curb expenses in other ways.
As a result, influential insurers came up with an innovative idea to merge with their contemporaries. Mergers and acquisitions reduce the competition and empower payers to negotiate better with the providers.
However, a lot of Medicare Advantage (MA) markets are served by just one or a small number of insurers and the competition is already bleak. If the few existing insurers also lobby to negotiate contracts, the providers wouldn’t stand a chance to get a decent deal.
US healthcare dynamics are already far from ideal with costs soaring high and quality parameters below most developing nations. The lopsided power play between providers and payers can exacerbate the existing healthcare problems.
To prevent this, the government is making it a point to put brakes on major insurance mergers and acquisitions. At the beginning of 2017 U.S. District John D. Bates ruled against Aetna’s acquisition of Humana. Along with that, the Anthem–Cigna merger was also stopped from going through. It seems like it’s time for payers to think beyond this strategy of creating an oligopoly. It also means that insurers have to compete with each other instead of relying on their collective clout.
Gaining an edge over competitors with improved star ratings
Now that there is no way for insurers to earn strong profits other than by capturing increased market share, they need to look for ways to increase the number of enrollments. For MA plans, their best shot to grow their member enrollments is by achieving credible star ratings. Medicare’s Star Rating system was developed to provide Medicare beneficiaries some concrete insights about a plan’s performance. Every year, CMS evaluates the performance of each MA Plan on quality and cost measures and rates them on a scale of one to five stars. The more stars a plan gets, the more appealing it appears to the beneficiaries, which leads to increased enrollments.
Every health plan aims to achieve maximum operational and cost efficiency and tries to create lucrative offerings for the members. However, unless they are able to do it better than other health plans, their efforts will not bear fruit. The first step to improving their Star ratings is to assess the performance measures of other health plans.
Evaluating the performance of MA plans over the last few years
In 2011, only 24 percent out of all MA Plans got 4+ Star Ratings. By 2018, this figure grew almost by a whopping 50 percent. In a bid to perform better, the health plans brought remarkable changes in their performance. As a result, member enrollments also increased by 17 percent in this tenure.
Since the inception of the Medicare Advantage, some measures were modified. However, there were 22 measures that remained consistent between 2009 and 2018. On calculating the average Star ratings of each measure, it was revealed that the average Star ratings had improved by 0.56. The average outcome measures had improved by 0.45 stars, the process measures by 0.49 stars, the patient experience measures by 0.55 Stars and the access measures by 1.12 stars.
Overall, most of the measures showed some improvement. Since 73 percent of the health plans have ratings above 4 Stars, it can be established anything below this can gravely impact the number of member enrollments. On top of that, to match the average performance scores of other health plans, health plans have to earn an average of at least 3.5 Stars.
Creating strategies to perform better than other health plans
An overarching picture of how all the MA plans in the country are performing can be helpful in revealing the measures you need to work on. However, understanding the area-specific operational nitty-gritty is important to find out what steps you need to take to improve the performance of your health plan.
Comparing your plan with top-performing health plans in your area and diving deeper into their measures can unveil what they are doing to perform better than others. This information can be instrumental in devising winning strategies to score star ratings that are better or at the very least at par with other high-performance plans.
Response by Christopher Gerg, CISO and vice president of cyber risk management, Gillware.
With 2020 nearly upon us, I am finding that many organizations are doing a poor job of prioritizing information security risks appropriately. Part of this is a product of how the information is presented and the context within which it is presented. Part of it is mindset – many organization’s management teams think of IT and information security as a cost center.
They also think of the role of technology as one of convenience; websites are a nice way to market your company, and email is a nice way to communicate. In reality, many organizations find that their entire business grinds to a halt when their computing infrastructure is locked up with ransomware. In addition, I think that senior management roles think about finances and classic business (MBA-style) strategy.
Ultimately, management can do one of three things to address a risk: fix it directly (buy something or change something), insure against the risk (transfer the risk to your cybersecurity insurance policy), or simply assume the risk (with knowledge of the impact if there is an issue as a result of the risk materializing).
A report of risk to management should include a discussion of the nature of the risk, a likelihood of it materializing, and finally the impact on the business. This will give management context to decide how to address the reported risks (in a language that business people will appreciate).
The solution revolves around communication. Basing the message in terms of risk to the organization, and having that be the core of your reporting is essential. Why do we need to change how we do something, or spend money to address something? What risks are we trying to address, and how significant are they? How will the proposed fix address that risk? Is it sustainable?
Everywhere, everyone is building dashboards: Tableau reports, Excel spreadsheets and others. To paraphrase many hospital leaders I meet: “We’ve spent tens of millions of dollars on an EHR implementation. On top of that, we have invested a lot on reporting capabilities; we have lots of dashboards throughout the hospital to keep track of everything. And teams of people dedicated to BI, reporting, data visualization, ETL, and custom report generation. How can we leverage this investment to improve operational performance?”
The issue is we often “admire the problem” and end up with results that aren’t too actionable, resembling what you can do by looking at yesterday’s weather. As an example, for operating room performance, most health systems can track room and block utilization and drill down to individual surgeons to see their metrics: utilization, first-case on-time starts, turnover time, etc. However, making the metric visible isn’t the same thing as improving on it. If a surgeon’s block utilization is, say, 53%, what can we do about it? Can we take away 47% of his or her allocated time? No. Let’s say, hypothetically, that we eliminated all first-case delays. Can we really reclaim those pockets of time and put cases in them? Not likely. So, what exactly is the purpose of measuring block utilization?
Going forward, hospitals will need to go beyond dashboards and describing or diagnosing the problem and actually predict what’s likely and prescribe the action they can take in a data-driven and defensible way. For example, in the above scenario, imagine looking at truly repurposable portions of time being left on the table by block owners; taking into account past case volume and mix, seasonality, and other key factors to predict which ones won’t need all the time allocated; and being able to produce the type of “prescription” that is surgeon-centric and data-driven as well as fully defensible.
Data will drive action based on prediction and prescription — much like Waze, Uber surge pricing, and so many other real-world examples that we all use in our day-to-day lives.
Drug abuse isn’t something you see on a “special” episode of your favorite sitcom. It’s an epidemic and continues to spread throughout the world. Whether you’re a suburban resident or city girl, you’re going to see the effects of drug abuse. According to the World Health Organization (WHO), about 11 million people inject drugs. Some users live with an STI like HIV (1.3 million) and Hepatitis C. (5.5 million).
But people suffering from substance abuse issues don’t have to live this way. There are many different treatment options for those suffering from alcoholism and drug abuse.
The history of drug abuse shows the availability of substance abuse treatment wasn’t always this accessible. Follow along as we discuss the origins of drug addiction and its forms of treatment.
The History of Drug Abuse
The origins of drug treatment go back to the 1700s, where the focus centered on alcoholism. Native Americans created sobriety societies or “circles” within their tribes. Towards the end of the 1700s, Dr. Benjamin Rush published a piece discussing the impact of alcohol on the human mind and body, according to Visual.ly.
Between 1857-1868 homes for alcoholics opened in Boston, MA. and 24,000 pounds of Opium came into the country through New England, according to the Atlantic.
The first asylum for alcoholics opened in Binghamton, NY. The first center for alcoholic women, The Martha Washington Home, began in 1867 in Chicago. In 1879, Dr. Leslie Keeley started the first for-profit addiction treatment facilities, according to daily.JSTOR.org. By 1919 to 1924, Morphine maintenance clinics open in 44 cities but soon shut down.
Alcoholism continued to be the focal point of substance abuse treatment until the 1970s. In 1972, Methadone was approved by the Food and Drug Administration (FDA) to treat heroin addiction, according to NCBI. By the mid-70s, alcohol and drug treatment programs become integrated.
In the 80s, crack-cocaine appeared, the legal drinking age was raised to 21, and Drug Abuse Resistance Education (D.A.R.E.) was created. By the 90s, drug abuse by teens rises, and the 2000s sees the dependence of prescription pills increase.
Current Drug Treatment
Drug treatment offers many options such as detox, counseling, inpatient rehab, outpatient treatment, group counseling, medication, and follow-up, according to DrugAbuse.gov.
Current treatment allows the patient to change their behavior through counseling and medication. The person learns skills for handling life stressors without alcohol or drugs. Rebuilding and strengthening relationships with family and friends is also part of becoming sober.
Groups like alcoholics and narcotics anonymous help people with substance abuse by using the 12-step model. Speaking with people going through similar problems allows support and transformation.
Get Help
The history of drug abuse is long and detailed. But without the trial and error of the past, the present would be bleak. The treatment of drugs and alcohol has improved and continues to evolve each year.
If you or someone you know needs help with addiction, please reach out and guide them to a treatment facility. To learn more about helpful health-related information, check out United Healthcare drug rehab providers.
The healthcare industry has grown by leaps and bounds over the past few decades. The paper-loaded clinics and hospitals have been replaced by tech-savvy smart data applications that extend themselves to more agile hospital management systems. Data lies at the key of the healthcare industry and is considered the true treasure of the trove. However, this data needs to be easily accessible and adhere to the relevant security protocols. This is where DevOps in healthcare weighs in.
It is the answer to gaining a competitive edge through responsive, data-driven, and superior care-giving.
The hindrances with traditional healthcare software development, whether it is the Waterfall, V, or RUP model, is lacking with the agility toward today’s business needs. Higher costs with lower productivity, lack of flexibility, and accessibility to data are the common backdrops of the traditional software delivery lifecycle method. Implementation of DevOps is an efficient way to combat the inadequacies through custom healthcare software development.
What is DevOps? DevOps is the expertise of the merger of agile infrastructure and operational excellence. Healthcare software developers collaborate to create a process of operations and development for better efficiency and agility into the entire lifecycle to provide integrated care solutions. DevOps for healthcare is a qualitative integration of software development with operational efficiency. It is an extension of Agile technology toward the overall operations of custom healthcare solutions.
Traditional IT and DevOps – Key Differences Rigidity vs. Flexibility: Traditional healthcare IT solutions go through a rigid lifecycle from the development of the software, testing, Q&A, staging, delivery, and finally, feedback.
DevOps in healthcare focus keenly on the value of development and delivery for value creation and risk mitigation.
Macro vs. Micro: Traditional healthcare software solutions focused on a big project release that involves high costs and occurs infrequently. In contrast, DevOps and healthcare adopt a micro approach, avoiding complex releases and mitigating risks for gradual advancement at regular intervals with lower risks.
Data Monitoring vs. Data Sharing: Traditional healthcare IT solutions have a cumbersome data sharing process due to management approvals and lengthy reports. DevOps and healthcare solutions have a dedicated data sharing team to reduce management time wastage and provides relevant data to the specific team.
Step-by-step Guide to Implement DevOps in Healthcare Step 1 – Continuous planning:
Examine the development and operational activities to modify them towards the implementation of DevOps. Financial implications of development and required human resources must be planned during this phase.
Step 2 – Code repository with version control:
Ensure a version control system, which is an essential requirement for developers to coordinate and control coding. Every custom healthcare solution code repository can be tracked, along with the changes applied. Healthcare application development with DevOps should provide developers with an offline copy of the code repository, along with every change recorded on the main server.
Step 3 – Continuous Integration (CI): Focus on continually merging changes in the code to the central repository, before building and testing. Deploy CI tools toward the efficient management of the healthcare application development to ensure the accuracy of the configuration and integration. CI assists with the automation of software updates and cross-departmental integration of data.
Step 4 – Automated Build: Bring automation toward integrated care solutions, wherein scripting and automated retrieval of the code are deployed. This recovery should be enabled from the code repository and is then compiled into a binary artifact to allow for periodic testing.
Step 5 – Automated Release through Continuous Deployment (CD): This step toward delivery and deployment of custom medical solutions involves the delivery of the software and regular updates in an automated and continual fashion. CD is a process that ensures any time release of the custom healthcare solutions through regular updates to the production.
Step 6 – Constant feedback and monitoring: This final step is the deployment of DevOps is the key to sustainability. Adopt continuous monitoring to ensure that healthcare software development applications are performing at an optimal level. A micro approach should be adopted to look into every small detail and seeks feedback at regular intervals through self-monitoring analytics that gathers data in an automated fashion.
DevOps in Healthcare Best Practices Understand the collaboration and shared tools strategy for the Dev, QA, and infrastructure.
The healthcare industry has been at risk of cyberattack since long before the proliferation of patient networks, web applications, cloud services, and other connected devices increased the attack surface exponentially. For financially motivated attackers, attempting to obtain and then profit from patient information sold on the black market or disrupt hospital services for ransom, there’s no shortage of entry points or sophisticated attack techniques at an attacker’s disposal.
As one of 16 critical infrastructure sectors as defined by the Department of Homeland Security, the healthcare sector protects the health of the entire population from physical and digital harm, safeguarding millions of health records and private information. If the infrastructure were to collapse due to a security breach, healthcare providers would be unable to deliver necessary medical services to the public. This was most evident when a cyberattack crippled a network of Alabama hospitals, prohibiting healthcare professionals from providing medical services to new patients in need.
As a new decade approaches, the traditional networks and devices, along with Medical Internet of Things (MioT), that keep healthcare organizations afloat, remain vulnerable to cyberattacks despite advances in cybersecurity. With a single patient’s medical record being worth up to $1,000, attackers will continue to identify and attack the weakest points in their networks and supply chains to take advantage of the endless web of patient records and proprietary information.
Attempts to reduce cyber risk stall
Since 2016, more than 93% of healthcare organizations have experienced a data breach according to a recent study by Black Book Market Research. This same report also discovered that only 21% of hospitals claim to have a dedicated security executive tasked with leading the charge against cyber risk, leaving a huge gap in cybersecurity efforts. Without the support of healthcare leaders and staff who are narrowly focused on improving patient health outcomes, IT and security teams simply cannot keep up with the influx of threats that come in on a daily basis.
Training the entire healthcare industry in cybersecurity is a “must-have”
With 2020 imminent, the burden is truly on healthcare leaders to take various steps to make all employees, regardless of role or responsibility, understand that any interaction with technology can play a role in a cyberattack. Ultimately, it’s an education of cybersecurity that goes beyond training or learning the “how,” to a shift in understanding a concept from an awareness standpoint. This type of focus will represent a change to both culture and strategy — which is never easy to deploy despite its necessity. And healthcare leaders must do so without the overuse of scare tactics but with the goal of demonstrating to all employees how cyberattacks operate and how to respond and mitigate them upon suspicion or confirmation.
By Ryan VanDePutte, associate director, Bits In Glass.
Ryan VanDePutte
Each day in the U.S., about 10,000 seniors turn 65. By 2050, there will be 83.7 million seniors in the country, representing about one-fifth of its population. Even with the growing awareness of health and fitness, it’s a hard reality that about three-quarters of these older Americans live with multiple chronic health conditions, ranging from diabetes to dementia, meaning that ongoing care and monitoring is simply a fact of life.
The way we deliver senior care has been evolving, and more patients are seeking to “age in place,” which means that they opt to remain in their own homes for as long as possible while receiving any necessary medical care.
This desire to remain at home is driven by many factors including a desire for comfort, access to friends and family, familiarity and privacy. Not to mention the economic benefits – with the cost of nursing homes easily topping $70,000 a year.
Because of this, home healthcare services have been growing in popularity, despite the fact that patients who receive care at home are more likely to experience a higher 30-day re-admission rate after leaving the hospital, compared to those in nursing homes. Still, the lower costs and comfort make home care an attractive option.
Your Doctor is Only as Good as the Information They Have
One challenge that home healthcare providers face is consistency in tracking and communicating information to the patient’s primary doctor. Not only information from care at home, but also information from clinics or hospital visits. This lack of insight into patient data can significantly increase the cost of care for patients because without access to the full history of the patient, unnecessary tests may be run, wasting both money and the doctor’s time. It is reported that a whopping $210 billion is spent annually on unnecessary medical care each year in America. Put in perspective, this is almost twice the U.S. 2019 federal education budget.
Further, there can be even more serious consequences to this lack of information and tracking. Without access to accurate patient records, medical errors are more likely because, for example, the patient may have an allergy unknown by the care provider. Medical errors are in fact the third leading cause of death in the U.S. Each year, approximately 250,000 patients in the U.S. die because of such errors.
With 2020 nearly upon us, I am finding that many organizations are doing a poor job of prioritizing information security risks appropriately. Part of this is a product of how the information is presented and the context within which it is presented. Part of it is mindset – many organization’s management teams think of IT and information security as a cost center.
Everywhere, everyone is building dashboards: Tableau reports, Excel spreadsheets and others. To paraphrase many hospital leaders I meet: “We’ve spent tens of millions of dollars on an EHR implementation. On top of that, we have invested a lot on reporting capabilities; we have lots of dashboards throughout the hospital to keep track of everything. And teams of people dedicated to BI, reporting, data visualization, ETL, and custom report generation. How can we leverage this investment to improve operational performance?”
The healthcare industry has grown by leaps and bounds over the past few decades. The paper-loaded clinics and hospitals have been replaced by tech-savvy smart data applications that extend themselves to more agile hospital management systems. Data lies at the key of the healthcare industry and is considered the true treasure of the trove. However, this data needs to be easily accessible and adhere to the relevant security protocols. This is where DevOps in healthcare weighs in.
The healthcare industry has been at risk of cyberattack since long before the proliferation of patient networks, web applications, cloud services, and other connected devices increased the attack surface exponentially. For financially motivated attackers, attempting to obtain and then profit from patient information sold on the black market or disrupt hospital services for ransom, there’s no shortage of entry points or sophisticated attack techniques at an attacker’s disposal.