Data breaches and HIPAA violations became common, almost daily, news in 2015, exposing sensitive client information with devastating results. Understanding HIPAA compliance will be critical in 2016, especially since the Office for Civil Rights (OCR) will begin a new round of HIPAA audits.
In spite of record spending on firewalls, anti-virus software, malware detectors and the widget of the day, healthcare organizations keep getting hacked because the focus is in the wrong place. Here are three trends taking presence in 2016 that can help any organization fight the good fight against cyberattacks.
Buying Technology Alone is a Security Strategy That Does Not Work
Healthcare is under constant pressure to safeguard assets, however too many firms focus on security for HIPAA compliancy and then call it a day. Compliance is a legal necessity, but organizations expose themselves to cyberattack when use technology as a crutch. Many organizations will need to look at their operations as a critical network and seek ways to defend it.
A majority of breaches are from data that has been stolen, via record removal, virtually and physically. We see the trend in 2016 shifting from technology to people if healthcare organizations are going to defeat hackers.
Focus on the Human Element
Examine the largest data breaches of 2015. Technology did not protect the vast majority of these companies. In each case, data was breached due to hackers successfully exploiting humans.
The proliferation of mobile devices in healthcare like smartphones and tablets have also made the human element even more vulnerable because this area of security is often overlooked and is, in fact, the weakest link.
Technology is only as good as the people who use it and is merely a tool in the fight against cybercrime. Technology alone cannot fully protect an organization’s data, networks, or interests. This is a trend in 2016 and beyond that must be recognized if organization hope to safeguard patient records.
Guest post by Jean Van Vuuren, regional vice president, Alfresco.
Jean Van Vuuren
Hospitals, clinics and other healthcare organizations are constantly evolving due to the proliferation of technology, the increasingly digital workforce and advancing patient expectations. In addition to evaluating the constant flow of new technologies in the healthcare market, they must be nimble to meet the technological needs of healthcare workers and patients. In addition, the increasingly multigenerational workforce has varying requirements when it comes to technology, organizational culture and career progression. Finally, it is becoming more important for healthcare organizations to deliver a consistent patient experience. Today’s patient is better informed, more in sync with their health and expects a superior healthcare experience. To address these somewhat competing forces, healthcare organizations will focus on consolidation, integration and digitization in 2016.
Consolidation
Shared services is a growing model across industries, and healthcare organizations will follow this trend in 2016. This model allows organizations to consolidate tools and processes to meet a number of needs across their organizations. Hospitals, clinics and other healthcare facilities will look to take existing services and the tools that support them, and coalesce them into a more agile and flexible platform for IT solutions that support their entire organizations. For example, hospitals that have a system to manage EHRs and a different system to manage employee records may be able to use one, the other or an entirely new system to address both needs (and, potentially, others across the organization). The latter would obviously involve the decommissioning of legacy applications in favor of more robust tools that are open, have flexible deployment options and support mobility.
Integration
Similarly, healthcare facilities will only be able to meet the technological, organizational and clinical needs required today by employing tools that integrate not only with the systems they already have in place, but also with the tools that employees and patients use both personally and professional. And, in 2016, they will focus on integration, bringing in technology that can work with many other tools now and into the future. Using the example above, if a healthcare organization has an EHR system that they plan to keep, but they also want to get another system to manage employee records, they will seek to purchase a tool that integrates with their current EHR system. And for good reason.
Guest post by Cassie Phillips, an online security blogger, who writes about the best Internet privacy apps.
Cassie Phillips
App technology is revolutionizing the world. The sudden rise to popularity of the smartphone and tablet has put more power in our hands and more information at our fingertips than ever before. This has opened up a world of opportunities in many different fields, and medicine is no exception to that rule.
For health professionals, the vast quantity of ever-changing knowledge required to do the job properly has always been one of the most trying elements of the work. Now, there are many apps available that allow quick and easy access to a wealth of information at the push of a button. Here are just seven of the many offered.
Medscape
Designed and brought to you by the creators of WebMD, this app has been hailed as one of the best for reference and diagnosis assistance. Available for free download for both Android and iOS, it is an incredible tool with many features including drug identification and information, in depth patient care tutorials, disease and condition referencing and up-to-date medical education courses. This app is a vital medical resource for medical students and professionals alike and has a huge part to play in the electronic modernization of healthcare.
3D4 Medical
This clever piece of software allows you to explore anatomy like never before. With intricate on-screen models of all parts and elements of human anatomy, this is a valuable tool that gives healthcare professionals a chance to take a look inside the body. It’s completely anatomically accurate and uses impressive 3D technology.
Alongside this, it has features to customize body parts and add labels, which makes it a perfect assistant for keeping track of cases. It also offers tutorials and introductory anatomy lessons, which are great for medical students or anyone wanting to refresh their knowledge.
ReferralMD
When working in healthcare, it’s not just the patients that you have to worry about. All treatments come at a cost and as much as many of us would like that not to be the case, it’s a fact that isn’t going to change anytime soon. Trying to balance treatment costs can be a nightmare but ReferralMD is a great app that cuts your budget dramatically through one simple idea—optimizing referral communication. By moving all referrals to this app, a vast amount of money is saved through paper and fax machine expenses. It also ensures immediate processing of the request, which avoids handling costs.
Guest post by Robert Williams, MBA/PMP, CEO, goPMO, Inc.
Robert Williams
I continue to view 2016 as a shakeup year in healthcare IT. We’ve spent the last five plus years coming to grips with the new normal of meaningful use, HIPAA and EMR adoption, integrated with the desire to transform the healthcare business model from volume to value. After the billions of dollars spent on electronic health records and hospital/provider acquisitions we see our customers looking around and asking how have we really benefited and what is still left to accomplish.
All politics is local
Our healthcare providers are realizing their clinical applications, specifically EMR vendors, are not going to resolve interoperability by themselves. When the interoperability group, CommonWell formed in 2013 much of the market believed the combination of such significant players (Cerner, Allscripts, McKesson, Athenahealth and others) would utilize their strength to accelerate interoperability across systems. Almost three years late CommonWell only has a dozen pilot sites in operation.
Evolving HL7 standards and a whole generation of software applications are allowing individul hospitals to take the task of interoperability away from traditional clinical applications and creating connectivity themselves.
Help wanted
Black Book’s survey published last month, stated that three out of every four hospitals with more than 300 beds are outsourcing IT solutions. Hospitals have been traditionally understaffed to meet the onslaught of federal requirements. Can they evolve into product deployment organizations as well? Across all the expertise they need within the organization? Most are saying no and searching out specialty services organizations to supplement their existing expertise and staff.
Are you going to eat that?
Patient engagement is on fire right now at the federal level (thank you meaningful use Stage 3), in investment dollars and within the provider
community. But to truly manage hospital re-admissions and select chronic diseases (diabetes, obesity and congestive heart failure for example)
providers need data and trend analysis on daily consumer behavior. The rise of wearable technology and the ability to capture data/analyze data from them will be a major focus going forward. These technologies will likely help to make us healthier but with a bit of big brother side affect.
Guest post by Mohan Balachandran, co-founder and president, Catalyze.
Mohan Balachandran
As we look back upon 2015, we can reflect, review and based on that and other factors, make some predictions about what next year will bring us. John Halamka had an interesting post that reflect on the bigger challenges, such as ICD-10, the Accountable Care Act and its implications on data analytics, the HIPAA omnibus rule and its impact on cybersecurity and audits and the emergence of the Cloud as a viable option in healthcare. We can expect to see some of these trends continue and grow in 2016. So based on these key learnings from 2015, here are a few predictions for 2016.
Cybersecurity will become even more important
In 2015, insurers and medical device manufacturers got a serious wake up call about the importance and cost of cybersecurity lapses. Healthcare data will increasingly be looked at as strategic data because we can always get a new credit card but since diagnoses cannot change, the possibilities of misuse are significant. Just as the financial industry has settled on PCI as the standard, expect the healthcare industry to get together to define and promote a standard and an associated certification. HITRUST appears to be the leader and recent announcements are likely to further cement it as the healthcare security standard. Given all that, one can safely expect spending on cybersecurity to increase.
IoT will get a dose of reality
The so-called Internet of Things has been undergoing a boom of late. However, the value from it, especially as applied to quantifiable improvement in patient outcomes or improved care has been lacking. Detractors point out that the quantified-self movement while valuable, self selects the healthiest population and doesn’t do much to address the needs of older populations suffering from multiple chronic diseases. Expect to see more targeted IoT solutions such as that offered by those like Propeller Health that focus on specific conditions, have clear value propositions, savings, and offer more than just a device. Expect some moves from Fitbit and others who have raised lots of recent cash in terms of new product announcements and possible acquisitions.
Electronic health records (EHRs) were supposed to transform the healthcare industry in the same way that digital technology has transformed the rest of our lives – organize and simplify. EHRs held the promise of easier access to patient health history, greater patient engagement, and improved clinical decision making and outcomes. And yet, despite the potential, electronic health records thus far have proven to be just another industry headache. Doctors contend with complicated and incompatible systems that stifle collaboration and enhanced patient care. Patients lack adequate access to their own records and methods to conveniently communicate with their care team.
While patients and doctors struggle, EHR system vendors benefit from the stagnant and uncompetitive market, charging exorbitant installation and maintenance fees, with no real incentive to innovate. It is a broken system, but it can be fixed, with the tech industry’s penchant for disruptive innovation. There is great opportunity for tech companies to develop fixes that will benefit customers and reignite development in digital healthcare.
Electronic medical records are currently locked away in walled gardens that inhibit vital information exchange between care team members and patients. These walls need to be broken down to allow for the collaboration that patients expect between their care team members. EHRs based on Software-as-a-Service (SaaS) platforms would allow vendors and medical providers to cut installation and maintenance costs, while offering genuine compatibility and simplicity. SaaS platforms are also cost efficient, with transaction-based business models that only require subscription and access fees. A SaaS health record system would be cost-effective, compatible, and ultimately serve the doctors and their patients.
Currently, one patient can have several associated identifiers from different physicians, hospitals and EHR vendors. Data is often duplicated and workflow becomes complicated for providers. An industry-wide standard could work, but there is no guarantee that a solution can be selected and implemented nationwide in a timely manner. An outside approach would offer much-needed perspective and an injection of fresh ideas into the conversation. Silicon Valley could assist by developing simpler, tech-based solutions, with industry stakeholders providing input. For instance, a master patient index, successfully driven by heuristic real-time matching algorithms, would offer similar functionality to the universal account log-ins offered by Facebook and Google and further simplify access to electronic health records.
EHRs should behave more like part of a “clinical network” that combines simplified workflows with stronger communications. Lab tests, referrals, pre-authorizations and results can be delivered instantly, retooling today’s overcomplicated systems with a more effective transactional eco-system. The network simplifies physicians’ day-to-day activities, and aggregates the collected data into an electronic health record. Tapping into the success of social and business platforms, such as Facebook Messenger and Slack, secure communication between patients and their complete care team, built around these universal health records, adds a layer of proactive care management that was previously unattainable.
As any holiday TV-loving baby boomer can attest, the island of misfit toys is not a happy place. In the 1964 stop-motion animated television show, “unwanted” were destined to live out their toy lives without the joy of playtime with the child they were built to please. Unfortunately, some EHR products share certain misfit qualities which can make their use more difficult for a busy provider.
So how do you know if you are using a misfit EHR? Here are a few signs:
There is little to no communication with others or outside entities, and you are stuck with the same, less than perfect software environment that is dysfunctional and aging fast.
No one calls to see how your EHR is doing and no one responds to your outcries for help.
Sound familiar? This is essentially your situation when you have committed to an outdated and under-supported EHR system for your practice. You are land-locked by an older system that is not cloud-based or does not leverage the many cloud resources for communication and interoperability.
So, your technology is old, the code base has been put on the shelf by the EHR vendor and no updates are coming. This is despite the rapid changes surrounding your practice and the healthcare industry in general.
You feel isolated, and when you call for support you get little to no relief, as the vendor has moved on to bigger and better customers. In the TV show, Santa promised to come back to save the misfits, just as your EHR vendor promised customized support, ongoing upgrades and improved efficiency. But the costs are prohibitive and your confidence in the vendor is low.
Maybe it is time to get off the island, and hitch a ride with a new vendor. If a new EHR is on your holiday list, here some criteria you should consider:
Cloud-Based Platform
Leverage the power of the cloud to connect to labs, e-prescribing networks, HIEs and other data hubs such as the Commonwell Health Alliance. With a cloud-based EHR system these connections are built into the application, and any new features or connections to other entities become available to all users, no upgrades, no updates required to your infrastructure.
Don’t buy expensive hardware, servers and IT support staff to manage them. All you need to run a cloud-based EHR is a desktop web browser or mobile device.
By 2050, the world population will grow to more than nine billion people, according to the U.S. Census. As our world grows more diverse, so do the languages associated with different populations. Today, there are at least 6,909 distinct, known languages, and as globalization continues to grow, the number of non-native English speaking people living in the United States will grow in parallel. For the healthcare industry, this means hospitals and health systems must think about how this plays into patient engagement and care. Communication is crucial to managing patient relationships, caring for patients and working with their families to follow treatment plans correctly.
U.S. law requires hospitals to provide medically trained interpreters for patients with limited-English proficiency. This requirement aims to bridge the patients’ needs with how physicians plan to care for these needs.
How do healthcare organizations acquire interpreters?
When it comes to providing interpretive services, healthcare organizations have several options. Some hospitals that have significant limited English proficiency (LEP) populations keep interpreters on staff. Others rely on relationships with interpretation agencies to bring in interpreters as needed. Many facilities use remote, on-demand interpreters either over-the-phone or on video. More often than not a hospital will rely on a combination of these resources.
Perhaps the most important component of any language access network in healthcare is agility. Take the incoming Syrian refugee population – suddenly Arabic interpreters are in demand in areas they never worked in before. Healthcare facilities have to remain nimble to meet their patients’ needs. Interpretation needs can change over night, and hospitals need to be ready to respond.
