By Manish Mathuria, chief technology officer and co-founder, Infostretch.
The truism that “prevention is better than cure” is especially true in software, where a defect can have serious, sometimes life-threatening, consequences. Digital health presents a unique set of challenges and opportunities for those operating in this competitive and demanding market. The pressure to innovate and advance is immense, but so are concerns about safety, functionality, cost and privacy, to name a few.
When clinical insights combine with IT brilliance, the results can lead to fascinating health innovations. Radical new approaches, such as wearables and mobile devices which monitor, analyze and diagnose conditions, bring special meaning to the importance of error prevention versus recovery.
Lightning-fast technological innovation, fierce competition and stringent regulation combine to bring special challenges to a tester. The implications of software failure are severe. Another adage, “evolve or die,” springs to mind. The traditional testing function is what needs to evolve in this sector perhaps more than any other.
The quality assurance approach to testing must now make way for quality engineering, a new way of tackling quality control which focuses on improving the inherent design of the product throughout the software development life cycle. Why? Because traditional testing, performed at the end of the SDLC is out of its depth in the new era of digital transformation.
Today’s healthcare workforce is increasingly mobile. The industry has seen a dramatic increase in the use of mobile devices by both staff and patients, but often as single point solutions that do not solve for the fragmentation of clinical workflow at the point of care. Health system IT and clinical leadership are responding with a more strategic approach to clinical communication and collaboration to improve the care delivery experience at scale.
PatientSafe Solutions partnered with HIMSS Analytics to survey more than 300 healthcare leaders about the current state and future plans for mobile communication in their organizations. The vast majority of hospitals (77 percent) have invested in some form of mobile app to support communication amongst the care team, the most commonplace being secured messaging. However, clinical workflow suffers from the continued use of multiple, single-point device and applications. The average care team member — from physicians to nurses to allied health professionals – must use as many as five different devices or modalities to communicate and execute a defined plan of care.
The study also found that that nearly 50 percent of respondents plan on standardizing and consolidating onto a smartphone platform to streamline care collaboration. We all know by now that smartphones present the opportunity to deliver care at the bedside in a more effective, personalized and productive manner. However, despite investment in secured messaging and the desire to move towards smartphone-based platforms, the care team’s communication, care collaboration and documentation workflow still can be disorganized, incomplete and at worse, not secure. To address the clinical mobility challenge, PatientSafe developed the Mobile Maturity Model for Healthcare as common framework to assess the current state of mobile adoption in your health system and align the various people, technologies and processes to be successful with mobility at scale. Our goal? To get industry-wide participation in using and evolving the healthcare mobile maturity model – so clinicians and patients benefit from a streamlined, secure, context-rich mobile care experience.
The Mobile Maturity Model seeks to assess and categorize an organization’s proficiency in six key capabilities: infrastructure management, mobile device management, integration planning, application selection, workflow design and outcomes management.
Infrastructure management – To support mobility at scale, it is important to avoid underestimating infrastructure investments. Elements to consider when it comes to infrastructure include an organization’s wireless network, telephone systems and data center.
Mobile device management (MDM) – The choice of mobile device is a key consideration in mobile adoption, but equally important is the consideration of how to successfully manage and support an entire fleet of mobile devices. Jamf, the standard in Apple device management, recently surveyed 600 global healthcare IT professionals and found that 78 percent of healthcare organizations have an MDM in place, but over 50 percent lack satisfaction, 70 percent had concerns around security and compliance, and 90 percent think their MDM can be doing more. It’s important to invest in an MDM that aligns with overall mobility strategy and are experts in the device platform selected for an organization. An MDM should have an integrated partner ecosystem for devices, applications and infrastructure and training, services and support. Indicators like customer retention and CSAT are also helpful. Most importantly, the MDM should be nearly invisible to end users, as if an approach to deployment and management hinders usability of the device an organization wants to use to improve its patient care and clinical communications, it’s not the right fit.
Exactly how secure are the mobile health apps we use? Arxan Technologies set out to find that answer with its 5th Annual State of Application Security report. The new research assessed 71 popular mobile health apps from the US, UK, Germany, and Japan. It also examined the perception of app users and app executives in regards to the level of confidence they have in the security of their applications. Arxan discovered a huge discrepancy between consumer confidence in the level of security and the degree to which organizations address known application vulnerabilities.
Below are some of the report’s key findings:
Mobile health apps approved by regulatory/governing bodies are just as vulnerable as other mobile apps. Eighty-four percent of the US FDA-approved apps tested did not adequately address at least two of the OWASP Mobile Top 10 Risks. Similarly, 80 percent of the apps tested that were formerly approved by the UK NHS did not adequately address at least two of the OWASP Mobile Top 10 Risks.
Most of the mobile health apps were susceptible to application code tampering and reverse-engineering. Ninety-five percent of the FDA-approved apps, and 100 percent of the apps formerly approved by the NHS, lacked binary protection, which could result in privacy violations, theft of personal health information, and tampering.
HIMSS released the results of the 2015 HIMSS Mobile Technology Survey at the annual HIMSS conference. This year’s study, of more than 200 healthcare provider employees, found that nearly 90 percent of respondents are utilizing mobile devices within their organizations to engage patients in their healthcare. The report also showed that respondents believe that mHealth technologies are beginning to drive cost savings and improve the quality of care delivered.
The adoption of mobile technologies has been rapid in recent years with 90 percent of American adults owning a mobile device. The healthcare industry continues to keep up, as these technologies are critical to the industry’s shift to patient-centered and value-based care. Respondents of this year’s survey reported leveraging a variety of mobile tools including: app-enabled patient portals (73 percent), telehealth services (62 percent) and text communications (57 percent). Of these technologies, 36 percent of respondents believe the use of app-enabled patient portals is the most effective tool in patient engagement to date.
“mHealth continues to evolve as a tool to drive healthcare efficiencies. The proposed Meaningful Use Stage 3 rule realizes this with the concept of APIs and patient generated health data, and this year’s survey showed that the wide spread availability of mobile technology has had a positive impact on the coordination of patient care,” said David Collins, senior director of HIMSS mHealth Community.
According to a new report from InMedica, a subsidiary of IMS Research, American healthcare providers are turning to telehealth in large numbers to help cut costs and projects patients using telehealth services to grow by nearly a factor of six by 2017. While 51 percent of HIMSS Mobile Technology Survey respondents indicated budget tolls as a key barrier to further implementation of mobile technologies, 54 percent indicated they had achieved cost savings when asked if the deployment of mobile technology had a positive effect in this capacity. Specifically, areas of impact included preventative support care (24 percent), telehealth interventions (23 percent) and resource utilization (21 percent).
Guest post by Komal Papneja, IT research and marketing expert, Calance.
It’s time for healthcare organization to conduct a routine checkup on their data management and storage capabilities. Wondering why? To put this into perspective, Kaiser Permanente, nation’s largest health plan based out of California alone manages 26 to 44 petabytes of data from its electronic health records only. And if you are wondering how much is that, it would take around 223,000 DVDs (4.7 GB each) to just hold 1 petabyte of data, according to a Delloittestudy. Now couple this issue of data explosion with the HIPAA/HITECH compliance regulations and you see healthcare industry struggling to keep pace with the emerging technologies. Gone are the days when you could manage data with pen and paper…or even in onsite data centers.
Data explosion has become a generic problem with US healthcare organizations, says Gaurav Garg, vice president – healthcare solutions at Calance Corporation. While working with a large US Healthcare provider, team Calanceobserved that their data was growing at the rate of 50TB per month and also that their onsite data centers will soon run out of capacity. Healthcare organizations in general need a secure, future-proof, and compliant solution that can help eliminate data explosion while remaining cost-effective. This is where hybrid cloud solution comes in.
Why hybrid? Because hybrid cloud model allows for tighter security than traditional public cloud while offering more flexibility than a private cloud. Here is a detailed overview of how a hybrid cloud solution can help healthcare industry overcome the biggest IT challenge which is – data explosion.
Get Storage Space Scaled for You
Critical patient data, confidential communications, and medical records, everything is stored digitally. There is always a need for more storage space. And hybrid cloud gives you that storage space without having to spend IT dollars on in-house data center expansion or to pay for under-utilized capacity. This enables maximum elasticity and efficiency. You only pay for the space you use! But that’s with every cloud model, whether private, public, or hybrid. What makes hybrid more suitable for healthcare industry then? Keep reading as we unfold a few reasons.
Guest post by Tom Giannulli, MS, MD, chief medical information officer, Kareo.
It seems like everywhere you look there is a new piece of wearable technology to help people monitor their health and lifestyle. The latest and greatest, of course, is the Apple Watch, which hit the newswire with a bang last month.
There is no doubt that mobile health apps and wearable technology and devices are big business. Both patients and clinicians are using mHealth apps on their smartphones and other devices. There are tens of thousands of these apps, and the Robert Wood Johnson Foundation says this number will grow by 25 percent a year. Their research also shows that by 2018 1.7 billion people worldwide will download a health app.
Despite what the media may say, the fact is most people aren’t using these apps and devices yet according to a new study from Technology Advice. Their research found that nearly 75 percent of adults do not track their weight, diet, or exercise using a fitness tracking device or app and most cited reason was general lack of interest.
However, one interesting thing to note is that more than half said they would be more likely to use a health tracking app or device if there was a possibility of lowering their insurance premiums. Just over 40 percent said better advice from their healthcare provider would be a possible incentive to use a fitness tracker.
Guest post by Scott Parker, senior marketing analyst, CureMD.
Healthcare needs to be efficient in delivering care to the patient. What if iPad and iPhone apps provide the services healthcare professionals need? Wouldn’t that be a dream come true? The mobile healthcare market is talk of the town in healthcare circuits. The amazing thing is, mostly mobile EHRs are free. Soon to be launched CureMD’s app Avalon will be free too. It is free because you only pay for the services you use.
Medical history on fingertips: Healthcare professionals only dreamt about a day, when the ease of access in terms of patient data could take a step further, and somehow make them get off their boring computer screens. All of patient’s data is just a few taps away with mobile EHR. Providers can access an up-to-date list of current and past diagnoses of the patient; along with list of medications the patient has been formally prescribed.
Empowering patients: Mobile EHRs are not just for care providers. They are for patients as well. Patients can use mobile EHR to view their test results along with clinical summaries of their visit to the practice. They can keep track of their vaccinations, making it convenient for the providers and staff to arrange an appointment. If providers are able to empower patients through mobile EHR they are essentially empowering themselves.
Accurate sharing of patient information: Mobile EHRs provides a coordinated system of care through its function of interoperability. It allows for secure exchange of data among multiple providers, practices and healthcare facilities in real-time. This will provide a better support structure for informed clinical decisions. All in all, it reduces manual medical errors caused by humans trying to provide information through lethargic channels.
Guest post by John Sung Kim, CEO of DoctorBase.com.
As been reported here and many other industry publications – patient use of mobile health apps is skyrocketing. So why can’t we email our doctors yet?
Since 2010, vendors of patient communications applications have seen a gradual uptick in healthcare providers who accept email from patients, but they are often for special circumstances and providers generally do not make their email address available to their entire patient tablet. When asked in an informal survey of 500 small to medium sized practices (SMB defined here as one to seven doctors in a single location) the top three reasons for not accepting patient email in 2011 were:
1) Lack of reimbursement
2) Potential to divest the practice of traditional in-office revenue
3) Security issues
In the same survey when asked how many doctors offered their email address to their patients the respondents indicated –
1) All my patients – less than 3%
2) In special circumstances – more than 22%
3) Rarely – more than 74%
4) If they were paid for their email response time – 46% said they would accept email from their general patient tablet if the reimbursement came direct from patients and bypassed payer paperwork.
That same survey in 2012 yielded as the top three reasons for not accepting patient email —
1) Lack of reimbursement
2) Potential to divest the practice of traditional in-office revenue
3) Security issues
When asked how many offered their email address to their patients the respondents indicated –
1) All my patients – less than 6%
2) In special circumstances – more than 37%
3) Rarely – more than 56%
4) If they were paid for their email time – 66% said they would accept email from their general patient tablet if the reimbursement came direct from patients and bypassed payer paperwork.
The lack of reimbursed time continues to be the primary concern for providers as they wrestle with the increasingly mobile and digital world of communications, with divesture of traditional in-office revenues as a close second. One thing not mentioned in the stats above was that “HIPAA compliance and security concerns” was a distant third behind economic factors in both annual surveys.
While we saw the explosion of smartphone sales from 2011 to 2012, the number of doctors offering their email address to their general patient tablet grew very little (about 3%) while the biggest gain was in doctors who offered their email in “special circumstances.”
From this sampling we can potentially infer that economic forces – not security – is the primary driver in doctors offering their patients email services. And who can blame them – would we work for free?
Most of those surveyed were small to medium sized (SMB) group practices that ranged from specialties such as OB/GYN to Internal Medicine. As such, the statistical significance is more relevant to this segment of the provider market. As well, the patient communications industry is in its infancy and coming regulatory changes with HIPAA Omnibus 2013 and Meaningful Use Stage 2 may affect provider behavior in the next 24 months. Surveys conducted using Surveymonkey.
The inventor of the first Cloud-based contact center and founder of Five9.com, John Sung Kim is the current CEO of DoctorBase.com – the leading provider of mSaaS (Mobile Software as a Service) that allows healthcare providers to easily monetize mobile communications with patients.
Guest post by Stein Soelberg, director of marketing, KORE Telematics
As a provider of machine-to-machine (M2M) wireless networking services specifically designed for connecting mHealth solutions, KORE is approached every day with new use-case scenarios where telemedicine can provide life-saving or quality-of-life improving solutions for patients.
Currently, there are many health conditions that are being positively affected by the growth of mHealth applications; however, the top five health conditions for telemedicine treatment are active heart monitoring, blood pressure, diabetes, prescription compliance and sleep apnea.
1. Active heart monitoring. For at-risk patients, wireless heart monitoring devices have already proven to reduce hospitalization through early detection of heart failure. In addition, these devices are able to limit the time that physicians spend looking at data that is not pertinent, since they only send notifications with information that is outside an acceptable range.
2. Blood pressure. Wireless sensor nodes have become cost-effective, compact and energy efficient, which allows for continuous cycle reporting and electronic dispatch in urgent situations. It is important, however, to distinguish in this category between “critical monitoring” and “convenience monitoring.” The former are able to account for stress, eating habits and other external triggers more completely and pinpoint life-or-death issues. The latter are iPhone Apps for the health conscious consumer.
3. Diabetes. Wireless glucose monitoring devices can send alerts to patients and doctors alike when values move outside an acceptable range. These devices can also monitor for dietary intake to help impact a patient’s lifestyle choices.
4. Prescription compliance. On the surface this is an easy one. Patient health risks — and the risk of hospital admission — get greatly reduced by patients taking their medications as directed. But there is also a need to ensure that people take entire drug courses and eliminate the potential for re-prescribing. Literally billions of dollars each year reach their expiration date in patient’s medicine cabinets. Additional intangible benefits include fewer provider phone calls, and even shorter wait times in provider offices, by eliminating visits from improper prescription utilization.
5. Sleep Apnea. The thing that is really interesting about telemedicine devices for sleep apnea is that they can handle both investigatory and direct treatment. The two-way nature of the device can report on sleep patterns, body position and breathing to refine research and treatment course for any given patient. There is a direct cost saving here as well, since the devices directly eliminate the need for expensive Polysomnography exams and limit the need for overnight hospital stays, on an ongoing basis.
These mHealth applications are helping to promote more efficient use of medical equipment and resources, ensuring that devices and medication are being used as prescribed, improving patient outcomes by providing real-time data, improving patient quality of life, decreasing treatment costs and minimizing travel to and from offices and hospitals to allow for ease in care. Overall, the rise of mHealth/telemedicine will drastically and positively affect the lives of patients with a wide variety of health conditions.
Stein leads a team whose responsibility is to own the branding, advertising, customer engagement, loyalty, partnership and public relations initiatives designed to propel KORE into the 21st century. With more than 15 years of technology marketing experience in the business to business software, Internet services and telecommunications industries, Stein brings a proven track record of launching successful MVNOs and building those brands into leaders.
In a great new white paper, “Essential Enterprise Mobile Security Controls,” sponsored by Blackberry and posted by Tech Target, mobile device security is the feature show. As it continues to be the main event for mobile technology, mobile devices will continue to be used to carry high-value personal and company information, as expected.
When personal devices are disconnected from company networks, security risks were relatively low, according to the report, but as the technology permeates and its use becomes even more closely connected to the work environment, the risks to security increase significantly.
Apparently things have been pretty slow until now, but that’s not likely to last. The turning point is here and hackers are on the move, including on iPhones, as well as the Android market place. Given these continual threats, and the importance of the data healthcare organizations protect, the need for improved mobile security controls an imperative for any organization looking to leverage mobility for competitive advantage.
According to the report, “A key challenge for improving mobile security is to understand what tools are available and how they can be leveraged.”
The following is a list of must-have mobile device security controls to protect workers and organizations, again according to Blackberry:
Device security. Remote lock, wipe and backup/recovery can help reduce the risk associated with lost or stolen devices. According to SearchSecurity.com, lost and stolen devices rank among organizations’ top mobile security concerns, and for good reason: “The easiest way to lose data via a mobile device is to lose the device itself. Every enterprise sanctions (or doesn’t prohibit) BYOD must ensure that any supported device can be locked and erased remotely, and that valuable data is backed up to a location under the organization’s control.”
Network security. The increased number of smartphones and other devices that are carried into the enterprise by end users increases the threat to corporate networks.” Attackers have started seeking ways to use unsecured mobile devices as a means to leapfrog into otherwise protected areas of the network, including databases.
Malware defense. The oncoming wave of mobile malware requires protection, like antivirus, personal firewalls, Web filtering and anti-spam. “It’s becoming necessary to invest in mobile add-ons from traditional antimalware vendors, or consider a mobile device management (MDM) product that can, among other things, facilitate the extension of anti-malware to a variety of mobile devices.”
Threat intelligence. Large enterprises should invest in threat monitoring tools and research teams, and train them on how to not only identify mobile threats, but enable rapid response. These functions can be closely tied to existing log analysis and security information and event management (SIEM) processes. “The most important tactic here is to develop a baseline of “normal” mobile device activity and use analytics and real-time monitoring to spot deviations that may be a sign of an attack.”
Centralized management. Central management tools provide a “single pane of glass” to set and enforce policies and perform many other security-related functions across all mobile devices. This is becoming an increasingly important capability in organizations where multi-platform support is essential.
Data encryption. Files, contacts and email need to be encrypted on mobile devices in the event of loss or theft. Each platform comes with different encryption challenges, some requiring additional encryption application for the data that lives on the device. While the market for mobile encryption for data in motion is immature, new options are emerging all the time.
Over-the-air capabilities. Mobile security requires over-the-air provisioning and configuration to ensure that workers always have the latest security capabilities without burdening IT, forcing them to physically touch each device. As demand grows for an increasingly diverse landscape of mobile devices, this feature is crucial for enterprises that need to scale their mobile security provisioning efforts.
According to the report, and this is a nice summation of the report (and I quote): “Mobile security is still in its infancy, but the trends around connectivity, device evolution and worker mobility means organizations must start planning their mobile security strategy now, and that process begins with assessing what mobile security controls are needed and developing a plan to put those controls into action.”