Guest post by Daniel Piekarz, vice president of life sciences business development at DataArt.
The life sciences industry will be defined in 2014 by the growing market demand to apply newly developed technology, including big data analysis, to healthcare and medical device practices. While many of the amazing technological advances in the space are driven by a desire to aid humanity, the industry is also caught between increased economic and regulatory pressure that is forcing many to electronically collect heaps of data while looking for custom technology solutions that will allow them to leverage this valuable data and adhere to new industry standards.
Over the next year, trends that reflect newly available technology will start to develop. The adoption of healthcare big data technology will become a major theme in the sector this year, just as it has in several other industries. Many new technology offerings have been created to tie together data from multiple sources that can be accessed by researchers and physicians to allow them to easily exchange information. This also aids in research and development practices by offering another valuable tool to gather and analyze data.
Tied to the big data trend is the emergence of personal healthcare data aided by physicians’ adoption of EHR technology. By allowing patients to own and access their healthcare data on a healthcare information dashboard, patients can more easily understand risks and preventable care options. Pooling anonymized patient data together can also lead to better analysis, and physicians are already starting to work with vendors to develop big data diagnostic tools. These new technology advancements have started to create a generation of patients more committed to their own healthy future than ever before. Through an intelligent system database, patients and physicians can better understand patterns and symptoms that affect their healthy lifestyles. While this type of big data solution is gaining a foothold, there is still resistance from some doctors due to their concern over critical review of their procedures.
Interesting insight below from Practice Fusion about meaningful use stage 2 adoption trends, specifically state-by-state rates of effective EHR adoption. Am I surprised that large states like California and New York lag behind the rest of the country in EHR adoption progress? For some reason, I’m not really.
What surprises me here is that my native state of South Dakota leads every state in the country in the adoption of EHRs with Minnesota, Wisconsin, Iowa and North Dakota all making the top 10.
I’m also surprised that no other state really comes close to So. Dak. Minnesota, the next closest state in level of adoption is a full 10 percent behind.
Nevertheless, what does this suggest about rural healthcare facilities? Do they need the money more than their urban counterparts? Does the technology make it easier for them to practice with such a dispersed population or are they just able to make the move more quickly because they are smaller, more agile facilities?
The last reason is less likely. I’d think it’s a combination of the first two points I make, and that they fee the technology makes it easier to communicate and track patient outcomes across their respective geographies.
I’d love your thoughts.
The second chart below tells which organizations are implementing specifically. It’s no surprise to me that family practice has a healthy lead.
In today’s dynamic healthcare industry, it is important that providers embrace modern information technology and innovations to achieve organizational success. It’s no surprise that the health IT landscape is changing rapidly, driven by the interrelated trends of mobility, cloud, security and big data. This will fundamentally change the way that healthcare organizations communicate and collaborate moving forward. But, these health IT trends are not only driving change, they are also serving as the path to deal with many of the new dynamics created in today’s office environment.
In turn, healthcare organizations will need a “new style of IT” that helps them become more agile and efficient while reducing operational costs. In addition to these megatrends, changes to government regulations are driving an industry-wide shift to improve healthcare IT, which have increased healthcare IT spending projections to $34.5 billion in North America.
There will be an abundance of technology resources available to help healthcare providers facilitate this transition; however, IT decision makers must be able to identify the technologies that will work best for their business. The following three strategies are key consideration points when looking for new technologies to help you manage IT megatrends.
Benefit from Healthcare Big Data
Regulatory changes associated with the Patient Protection and Affordable Care Act (PPACA) will create a surge of newly insured patients. The Congressional Budget Office expects that the PPACA will cover around 14 million of the uninsured in 2014 and 25 million by the end of the decade. There is a significant financial opportunity with these new patients, but it is important to consider that the number of practitioners will not immediately increase to accommodate this influx.
Investing in technology and tools designed to specifically address big data and the vast amounts of patients’ personal information will help healthcare organizations provide more personalized care to these newly insured patients. By selecting tools that help collect, store and search for patient information, healthcare organizations can increase productivity by significantly reducing time spent managing patient records. Converting documents into searchable digital formats is an important part of this process, and educating staff on how to properly scan and organize documents in their digital form will help make patient data more accessible and usable.
With the implementation of the Affordable Care Act pushing hospitals and health systems to provide services more efficiently, a significant number of hospitals, health systems and providers are sharing secure patient information through health information exchanges (“HIEs”), and accountable care organizations (“ACOs”). The advent of both the HIEs and the ACOs are additional opportunities for protected health information to be shared by hospitals, doctors and other providers.
HIEs allow for patient information, including lab tests, imaging tests, prescriptions and treatments, to be shared by the participants in the HIE. The development of these electronic HIEs allow for the secure exchange of health information among entities participating in the HIE. Generally, the rights and responsibilities of those entitled to share the information is governed by participation agreements. Many providers believe that sharing data will improve healthcare and promote not only quality of care, but efficient care, as well. Similarly, the development of ACOs by otherwise independent providers results in more patient information shared in electronic fashion. The advent of both HIEs and ACOs provide another medium for possible breaches of the privacy rule.
The privacy rule requires that covered entities verify the identity and authority of persons requesting Protected Health Information (“PHI”) if the individual requesting it is not known to the entity. The Rule, however, does not specify in great detail the verification that must be made and, thus, there is flexibility that can be applied with regard to HIEs and ACOs.
Generally, in a HIE, the participants agree, by contract or otherwise, to provide to the HIE a list of authorized persons so the HIE can appropriately authenticate users of the network. Documentation required for uses and disclosures may be provided in electronic form, and documentation requiring signatures may be provided as scanned images. It is important from an HIE perspective for the various participants to agree on a common set of privacy safeguards that are appropriate to the risk associated with exchanging PHI to and through the HIE. Similarly, with ACOs, the ACO should establish a common set of privacy safeguards that are appropriate to the privacy risks associated with multiple providers using PHI. These common standards would include a breach notification policy or procedure. To fully understand what must be done, one must have a basic understanding of what is considered a breach.
Today’s healthcare IT departments have a relatively tall order when it comes to effective EHR data management. In an environment that often requires them to be simultaneously budget-conscious, growth-minded and patient-driven, healthcare IT must also address the often-competing data management needs for:
Access
Instant
Secure
Anytime, anywhere
Availability
Security
Data sharing
Data at rest
Privacy
Compliance
HIPAA
PPACA
CFR
Data protection
Backups
Operational recovery
Disaster recovery
Capacity planning
Archival
Growth
Data mining and analytics
Popular EHR system vendors have made significant strides to address several of these data management issues. Unfortunately, they can only go so far given the current state of many healthcare IT environments. Some departments may still require custom software applications, complete with specially configured servers, storage and network hardware to support them.
Guest post by Michael Sherling, MD, MBA, co-founder and chief medical officer, Modernizing Medicine.
At most hospitals and academic medical centers, physicians come together once a month to learn new approaches to treatment, to exchange ideas and to debate the possibilities of a challenging diagnosis. We call this Grand Rounds.
Grand Rounds keeps physicians up to date and helps patients too. Instead of relying on one doctor’s opinion, patients get a collective experience of several doctors. Through open debate, a more thoughtful approach to disease treatment is generated. Unfortunately, 80 percent of physicians do not practice in a hospital or academic medical center where Grand Rounds happen.[1] They practice in private practice. While there are opportunities for physicians in private practice to maintain continuing medical education through journals, online courses and annual meetings, most of these practitioners are on their own, so to speak.
When physicians in private practice see a challenging case, they can read about it in a medical textbook, phone a friend (another specialist) or refer the patient to another physician. They don’t have the luxury of calling a “time out” and presenting the case to five other physicians. Pressured by time constraints of increased documentation and decreasing reimbursement, many doctors opt to refer out the more challenging cases, or shy away from newer treatments simply because they don’t have the same access or shared experiences as doctors practicing in hospitals and academic medical centers.
Today, innovative cloud-based electronic health record (EHR) systems can present an opportunity to break down the barriers in private practice so that physicians can make more informed decisions at the point of care. Cloud-based systems rely on one instance of the software where all de-identified medical data is stored. These systems are HIPAA compliant and patient information is protected and secured. Yet, to advance medicine and improve healthcare outcomes for patients and physicians alike, the cloud-based systems can provide physicians access to de-identified patient data. Instead of relying on underpowered clinical control trials for common diseases, outdated studies for rare diseases and anecdotal evidence for orphan diseases, cloud based systems can reveal to physicians which treatment patterns are used for any given disease.
When Edward Snowden shed light on the National Security Administration’s surveillance programs, Americans were left asking many questions. Questions ranging from “How can the government do this?” to “What information are they gathering?” became conversation topics for many Americans. In the healthcare world, these revelations have made both patients and healthcare providers concerned over how secure information is in the hands of third-party vendors. These vendors, which providers rely on for many things, are being scrutinized for their attention to detail, data storage and potential for breach.
The impact Snowden’s whistleblowing has had on healthcare providers and third-party vendors across America is far reaching. People are closely examining privacy policies now, whereas signing privacy forms at a doctor’s office used to be just an afterthought. It has forced businesses that rely on American third-party vendors to ask if their data is being protected, and at what level. The NSA surveillance program brought awareness to the word privacy and the actions and steps that are, or aren’t, taken by providers and their vendors to keep information protected.
Healthcare providers cannot afford to take security and privacy for granted and assume that their patients’ information is being adequately protected. Patients will hold their healthcare providers accountable if there is a breach. Therefore, to truly ensure data is protected, it is the job of providers to ask vendors the appropriate questions to ensure that the proper security and privacy policies are in place to lessen the risk of a security breach. And beyond asking tough questions, the emphasis on proper due diligence to vet accurate answers and understand processes has never been greater. There are two key focus areas: security and privacy. It is important to remember that you can have security without privacy, but you cannot have privacy without security. In a world where our information can and has been looked at by our government, making information both private and secure is vitally important. Finding a third-party vendor that ensures the information is private and secure has to be a top priority.
Guest post by Michelle Blackmer, director of marketing, Healthcare, Informatica.
The volume of protected health information (PHI) in electronic form is exploding – both from the wholesale move from paper charts to electronic health records for capturing clinical data and with the proliferation of new sources of electronic data from networked medical devices. Additionally, IT staff have been overwhelmed by regulatory mandates, rampant technology changes (e.g., virtualization, BYOD, big data), massive application projects and flat or decreasing budgets.
This increase in electronic PHI combined with the challenges for health systems IT make it even more important for providers and non-providers to find efficient ways to secure their data. However, with malicious activity showing a consistent upward trend, absent a change to an almost maniacal leadership focus on protecting patient data and the deployment of available tools and processes as an organizational imperative, 2014 will bring even more frequent and larger breaches of PHI.
Current data security climate
Even still, many healthcare organizations are not taking the necessary steps to reduce the proliferation of unprotected PHI in non-production test and development environments. Ninety-four percent of respondents to the third annual Ponemon Institute Benchmark Survey on Patient Privacy and Data Security had at least one data breach in the past two years, and 45 percent reported having had more than five total incidents each. Even more surprising is that the leading cause for a breach is a lost or stolen computing device that houses PHI. The survey also found that:
Unrestricted database administrator (DBA) access heightens risk: 73 percent of DBAs can view all data.
Data compromise/theft remains rampant: 50 percent of respondents say data has been compromised or stolen by a malicious insider such as a privileged user.
Organizations are under-coping:68 percent have difficulty restricting user access to sensitive data, 66 percent have difficulty complying with privacy/data protection regulations and 55 percent lack confidence that they would even detect data theft/loss from their own production environments.
