When Edward Snowden shed light on the National Security Administration’s surveillance programs, Americans were left asking many questions. Questions ranging from “How can the government do this?” to “What information are they gathering?” became conversation topics for many Americans. In the healthcare world, these revelations have made both patients and healthcare providers concerned over how secure information is in the hands of third-party vendors. These vendors, which providers rely on for many things, are being scrutinized for their attention to detail, data storage and potential for breach.
The impact Snowden’s whistleblowing has had on healthcare providers and third-party vendors across America is far reaching. People are closely examining privacy policies now, whereas signing privacy forms at a doctor’s office used to be just an afterthought. It has forced businesses that rely on American third-party vendors to ask if their data is being protected, and at what level. The NSA surveillance program brought awareness to the word privacy and the actions and steps that are, or aren’t, taken by providers and their vendors to keep information protected.
Healthcare providers cannot afford to take security and privacy for granted and assume that their patients’ information is being adequately protected. Patients will hold their healthcare providers accountable if there is a breach. Therefore, to truly ensure data is protected, it is the job of providers to ask vendors the appropriate questions to ensure that the proper security and privacy policies are in place to lessen the risk of a security breach. And beyond asking tough questions, the emphasis on proper due diligence to vet accurate answers and understand processes has never been greater. There are two key focus areas: security and privacy. It is important to remember that you can have security without privacy, but you cannot have privacy without security. In a world where our information can and has been looked at by our government, making information both private and secure is vitally important. Finding a third-party vendor that ensures the information is private and secure has to be a top priority.
Guest post by Michelle Blackmer, director of marketing, Healthcare, Informatica.
The volume of protected health information (PHI) in electronic form is exploding – both from the wholesale move from paper charts to electronic health records for capturing clinical data and with the proliferation of new sources of electronic data from networked medical devices. Additionally, IT staff have been overwhelmed by regulatory mandates, rampant technology changes (e.g., virtualization, BYOD, big data), massive application projects and flat or decreasing budgets.
This increase in electronic PHI combined with the challenges for health systems IT make it even more important for providers and non-providers to find efficient ways to secure their data. However, with malicious activity showing a consistent upward trend, absent a change to an almost maniacal leadership focus on protecting patient data and the deployment of available tools and processes as an organizational imperative, 2014 will bring even more frequent and larger breaches of PHI.
Current data security climate
Even still, many healthcare organizations are not taking the necessary steps to reduce the proliferation of unprotected PHI in non-production test and development environments. Ninety-four percent of respondents to the third annual Ponemon Institute Benchmark Survey on Patient Privacy and Data Security had at least one data breach in the past two years, and 45 percent reported having had more than five total incidents each. Even more surprising is that the leading cause for a breach is a lost or stolen computing device that houses PHI. The survey also found that:
Unrestricted database administrator (DBA) access heightens risk: 73 percent of DBAs can view all data.
Data compromise/theft remains rampant: 50 percent of respondents say data has been compromised or stolen by a malicious insider such as a privileged user.
Organizations are under-coping:68 percent have difficulty restricting user access to sensitive data, 66 percent have difficulty complying with privacy/data protection regulations and 55 percent lack confidence that they would even detect data theft/loss from their own production environments.
Guest post by Barbara Casey, Senior Executive Director for Healthcare Business Transformation at Cisco.
Imagine taking your car in for a routine service, only to be told you’ll need to visit five or six more garages on your own to procure an accurate assessment and treatment of the problem(s). In our current healthcare climate, this disconnected and complicated process is what most patients experience in assessing and treating their health conditions. Many of the most compromised patients, those that are elderly, co-morbid or chronically ill, are alone in their experience, left to connect the dots from cardiologist to radiologist to primary care. Layer in the emotional experience of, for example, being told you have stage four cancer and it’s difficult to focus on, let aloneremember, what the oncologist or surgeon says to do next. Yet, the onus falls solely on the patient, family member or caregiver to create continuity in the care experience.
So, as healthcare professionals, how do we help patients navigate the continuum of care when they are seeing an array of physicians and specialists in currently disconnected care settings? We need to treat the patient more like a true customer, which means upgrading the tools and methods we use to interact with them to be more intuitive and user-friendly so we touch base with them on a more regular basis.
Take for example the retail industry—Amazon and Netflix invest in complex algorithms to understand us better as individuals. As online businesses, they have enough information to recommend the next Father’s Day gift or determine if we prefer science fiction to drama. Can we apply that same logic to healthcare? Wouldn’t you want your own doctor and healthcare network to know you as well as Amazon does—for example, the medications you take, what you’re allergic to and the surgeries you’ve had—so they can recommend what you need to do next to advance your health and wellbeing?
It’s our obligation as technology experts and partners to those in the healthcare industry to find the answers and provide patients guidance in what they need before they need it. So in the end, patients can make the choice about how to approach their health can make the choice. After all, where else would you want to be known more intimately as an individual than in your own healthcare network?
mHealth, video and collaboration tools offer an opportunity to create a true continuum of care and a more seamless patient experience. Communication tools which integrate voice, video and data can also help deliver healthcare more effectively and efficiently. If these mechanisms are in place, the patient is more in control of where, when and how to communicate with care providers. She has the choice of how she wants to connect and communicate with her caregiver—the only question is will it be live in a doctor’s office, via video from her home living room, from a desk chair at the office, or from the path where she’s fulfilling a lifelong goal to hike the Appalachian Trail?
The past five years have seen monumental changes in the world of healthcare information technology. As 2013 comes to a close, it seems appropriate to look forward to the developing trends for 2014 and beyond and how they will impact vendors, providers and patients.
Open Source Technology Use and Development Will Accelerate
The continuing acceptance and use of open source software is the most important healthcare trend, since it ties directly into every point on this list. Open source software has become part of the healthcare mainstream and is used in many areas of the healthcare industry. Open source software is behind everything from the EHR system doctors use to enter patient data to the web browser or smartphones and tablets patients use to check their records through patient portals. Even the much talked about Healthcare.gov website utilizes open source software.
The benefits of open source development over proprietary software will continue to fuel its expansion over the next few years. Open source software has many advantages for providers and patients, including interoperability, speed of problem resolution, flexibility and more frequent updates.
An example of how open source software provides these benefits can be found in the area of EHR systems. One of the most common complaints by physicians and staff about EHR software is that the software is difficult to use. Now that EHR adoption has become widespread, there is much more thought and resources going into refining the user interface. With proprietary software, the amount of developer resources that can put into refinements may be limited to that one vendor’s resources. With open source software, countless companies and individuals are constantly collaborating to make the software easier to operate and more user-friendly for everyone.
As we head into the new year, I’d like to thank you for helping me grow Electronic Heath Reporter through your readership, comments, dedication and support.
I also ask that you continue to join me in 2014 to assist me with what I enjoy doing most—providing news, insight, editorial and opinion to those in health technology. You inspire and encourage me to keep bringing you the latest developments.
I look forward to what next year will bring and how, with your continued support, the site will grow and expand. Hopefully this year I’ll get a chance to meet with you – I’ll be at HIMSS — and work with more of you to deliver engaging content.
If I have not had the chance to be introduced to you, please feel free to contact me with your questions, comments or suggestions you may have. I’m always open and ready to hear from you — day or night, and I encourage you to reach out.
On a final note, I’d like to thank SpiceWorks for advertising on the site this year. The organization has been great to work with and I am extremely grateful to them for taking a chance on this site. I encourage readers of this site to check them out at http://www.spiceworks.com/. They really are where IT goes to work!
That said, I wish you and your family a happy holiday season and a Merry Christmas, as well as a healthy, successful and eventful new year.
With another new year on the horizon, many are wondering what 2014 will bring. For those in health IT, the more important question might actually be wear – as in wearable devices. The popularity of wearables will continue to explode and the burgeoning trend will move from a mainstay primarily in Silicon Valley and other tech meccas to mainstream America.
Wearables on the rise
Just as smartphones have evolved from being the hot gadgets of the early adopter set into the must-have devices for teens, soccer moms and business people alike — after all, 55 percent of global phone sales in the last quarter were smartphones — so too will wearables proliferate in the year ahead. Indeed, ABI Research has predicted the wearables space is in for a huge growth spurt, estimating the global market for health and fitness wearables to reach 170 million devices by 2017 (2).
2014 will see evolutionary advancements in wearable devices: they’re going to get smaller, sleeker, and more beautiful; battery life will increase; syncing will go wireless for everyone; a huge new generation of devices will emerge both from existing players and new players, and an even larger number of applications based on the new chips phone manufactures are building directly into smartphones will emerge with user interfaces as varied as ice cream flavors. But, at the current rate of innovation, I’m really hoping to see more revolutionary changes in the year ahead as well. My favorite would be anything that cracks the laborious food and calorie tracking nightmare for consumers.
One of the quite enlightened (though likely also overwhelming) healthcare initiatives directed at making healthcare more transparent and understandable is the Medicare and Medicaid electronic health record (EHR) incentive program. This is an act that forces all healthcare providers servicing Medicare and Medicaid patients, and by extension pretty much every patient, to use or expand their EHR systems for a large set of requirements, including making their notes, prescriptions, test results, diagnostic images and additional information all available to their patients on a web-based portal. And, unlike many other regulations that have no enforcement, this act not only requires that providers make these services available to their patients, it also measures and compensates providers on what percentage of their patients actually use said services.
As we all know, however, leading a horse to water is not enough. One of the most important and critical factors that all providers are facing is how to make their patients actually use these portals. Studies already indicate that a large percentage of the public wants more complete access to their medical records and doctor’s instructions electronically, via the web. It also makes sense that access to more complete information regarding your health status increases the odds that you’ll do what is necessary to do to get better.
The good news: We have technology to make that available. Unfortunately, it’s not working as well as it should.
As you’ve likely heard, ONC has named has its next leader, city of New Orleans Health Commissioner and senior health policy advisor Karen DeSalvo, MD, MPH, MSc.
She takes the post January 13, 2014.
DeSalvo is a former professor of medicine and vice dean of community affairs and health policy for Tulane University in New Orleans, according to Modern Healthcare. She led the effort to establish a network of primary-care medical homes as part of the city’s post-Hurricane Katrina rebuilding process. She also served as president of the Louisiana Health Care Quality Forum.
She will take over the role currently held by Acting National Coordinator Jacob Reider, MD, who is filling in for the departed Dr. Farzad Mostashari.
Department of Health & Human Services Secretary Kathleen Sebelius’s announced the move to HHS staff today (text here courtesy of EHR Intelligence):
I would like to announce that Dr. Karen DeSalvo, who currently serves as the City of New Orleans Health Commissioner and Senior Health Policy Advisor to Mayor Mitch Landrieu, will be the next National Coordinator for Health Information Technology here at the Department.
Guest post by Jonathan A. Handler, MD, FACEP and chief medical information officer for M*Modal.
The U.S. Government officially recognizes that filling out paperwork is expensive. The most costly paperwork requires us to measure and report information – like our yearly income. If you have ever filled out a government form, you may have noticed that it provides an estimated cost to complete.
For example, the simplest “EZ” income tax form will cost each taxpayer an average of four hours and $40 (http://goo.gl/C6ra — page 41). This is a result of the Paperwork Reduction Act, which requires the government to reduce the paperwork burden on the public and publish the estimated cost of completing each form. However, the Paperwork Reduction Act may have a loophole, because it seems to be limited to government documents.
The government creates a tremendous documentation burden on healthcare providers that appears to fall outside the scope of the Act. In 2014, new government requirements will increase that workload dramatically even as reimbursement drops. Since we do not have consensus on how to address these changes without sacrificing patient care, I believe a key trend in 2014 will be “Managing the Cost of Measuring Care.”
Clinicians are already at the breaking point in the time they spend on documentation and care measurement. This year, regulations demand more than ever. The move to ICD-10 significantly increases the cost of choosing the right billing code because ICD-10 is more complex and about eight times bigger than ICD-9. Stage 2 of the government’s meaningful use program requires clinicians to record more patient information in structured form, to report clinical quality measures, to perform medication reconciliation, and much more. The Two-Midnight rule requires physicians to anticipate when an admitted patient will need to stay in the hospital longer than “two midnights” and justify that in writing.
Healthcare organizations today are pursuing a wide range of health IT initiatives in the hopes of reducing costs, improving efficiencies and, most importantly, enhancing patient care. While a great deal of attention is being paid to high-profile health IT topics, such as electronic health records (EHRs) and health information exchange (HIE), there are basic aspects of the workflow at healthcare organizations that can also play a key role in driving healthcare efficiencies. One of these is the patient discharge experience.
How well patients are communicated with upon discharge is a leading threat to a healthcare organization’s top-line revenue, as well as an endangerment to the patient experience. With Medicare/Medicaid regulations now making it difficult to collect revenue for a patient’s second visit for the same problem within 30 days, special attention needs to be paid to how well healthcare organizations are preparing the patient when they walk out the hospital door—and at home following their release. Patients need to be able to understand their at-home instructions for post-visit care so they don’t have to return to the healthcare facility for more treatment or instructions, which will negatively impact the hospital’s revenue and the patient experience.
Creating a more effective discharge experience for patients requires providing clear, easy to read discharge instructions. Accomplishing this is not always a simple task given that the instructions typically are compiled from a large set of data feeds, gathered from multiple treating physicians and need to be provided in a language that the patient can understand. Health IT can play a critical role in overcoming these hurdles.
Similarly, healthcare organizations will benefit from considering the archival system in place. It is important to have an archival process that will enable the organization to prove that discharge instructions were complete and comprehensive. This will avoid the potential for losing Medicare/Medicaid reimbursements in the event of an audit. Not having the ability to easily retrieve all relevant records exposes the healthcare organization to avoidable revenue loss.