Posts

Health Data is a Prime Target: How to Minimize Risk

Health Data is a Prime Target: How to Minimize Risk

More than 60 percent of healthcare organizations suffered a data breach in the past 12 months, according to information security researcher Ponemon Institute. In total, over 5 million healthcare records were exposed or stolen among entities studied by Ponemon.

Recent incidents show no abatement in cybercriminals’ attraction to healthcare data. For example, Florida Hospital reported earlier this month that patient information on 12,724 individuals might have been exposed through a malware infection on three of the organization’s websites. Three months earlier, St. Peter’s Surgery & Endoscopy Center in New York disclosed that hackers had potentially gained access to server-based medical records of nearly 135,000 patients.

Healthcare in the Crosshairs

Approximately 7 million patients will have their data compromised by hacks in 2019, estimates consulting firm Accenture, racking up billions of dollars in costs to hospitals and health systems.

What makes the healthcare particularly vulnerable?

A Computerworld report explains that healthcare data, which includes personal identifiers and medical histories, can be sold virtually unchallenged over time on the black market. In contrast, financial data often becomes useless once a breach has been discovered and passcodes changed. Cybercriminals, aware of the premium value of healthcare records, focus their attacks in pursuit of the greatest possible returns.

Other factors contributing to healthcare’s data security liability include:

  • increasing access to medical records as entities share information across integrated sites of care;
  • legal requirements to store medical records for extended periods of time;
  • efforts to connect electronic health record systems, often relying on unsecured patches that can open the door to unauthorized entry; and
  • inadequate education of employees about modes of cyberattacks.

On a broader scale, but not to be discounted, foreign governments’ so called “state actors” may attempt to accumulate healthcare data that could help in social engineering of future attacks. Such a tactic might deploy emails to individuals who have a specific medical condition — with malware linked to prompts for more information.

Risk Mitigation

Big data sets in healthcare, despite ever-increasing volume, can be managed through ongoing risk assessments and implementation of preventative security controls, such as continuous monitoring programs. However, those measures come at a cost that must be weighed against the uncertainty of threat protection.

“Each organization needs to evaluate risk and its security needs in the context of its organizational and business requirements to determine where it makes the most sense to invest their people, time and financial resources,” advises Christine Sublett, a member of the Department of Health and Human Services’ Healthcare Industry Cybersecurity Task Force.

NetDirector’s HealthData Exchange platform deserves consideration as healthcare organizations work through their cybersecurity evaluations. The system combines HIPAA-based security and HL7 standard interfacing compliance — with attestations available upon request. Additionally, NetDirector uses a physically secure Peak10 facility for hosting customer data. This approach ensures data integrity without the need for additional IT investment and the associated risk of self-managing connection points among exchange partners.

For more information on HealthData Exchange, please contact us or request a free demo.

Predictive Recurrence: The Fight Continues Against Opioids

U.S. opioid overdose deaths spiked five-fold between 1999 and 2016, culminating in 42,249 fatalities two years ago, according to official statistics from the Centers for Disease Control and Prevention. The government figures also estimated 11.5 million Americans misusing prescription opioids and 2.1 million people confirmed with opioid use disorder.

Federal response has prioritized better addiction prevention, treatment and recovery services, along with improved public health surveillance and new approaches to pain management.

Meanwhile, academic and private sector entities are making headway applying technology to combat the nationwide epidemic.

How Technology Can Help

Researchers at the University of Colorado investigated how frontline physicians could identify patients susceptible to chronic opioid use. A study published in the Journal of General Internal Medicine (February 2018) applied a statistical model to retrospective electronic health record (EHR) data and correctly predicted chronic opioid therapy (COT) — a measure of future chronic opioid use — in 79 percent of hospitalized patients.

Integration of the COT model within EHRs could enable clinicians to “provide early patient education about pain management strategies and [potentially] wean opioids prior to discharge while incorporating alternative therapies for pain into discharge planning,” says the research team’s report.

Among the variables incorporated into the model: medical and health diagnoses; substance and tobacco use disorder; chronic or acute pain; surgical intervention during hospitalization; past year receipt of opioid or non-opioid analgesics or benzodiazepines; opioid receipt at hospital discharge and morphine equivalents prescribed per hospital day.

Lead author Susan Calcaterra, MD, told Health Data Management, “The nice thing is that all of the data required to assess risk are available already documented in the EHR, and providers do not need to ask for additional information from patients.”

The research team, which anchored the study at a Denver safety-net hospital, plans to expand its work to validate the model in a wider patient population.

Separately, a paper released (May 2018) by health information network Surescripts focuses on technologies that could inform decisions at the point of care with more actionable intelligence. The paper points out that standard transactional information flow — captured in medical and medication histories, electronic prescriptions, provider communications and medication adherence alerts — could help close the loop on drug diversion and improper dispensing.

Simply increasing use of current technologies could have a significant impact on curtailing the opioid epidemic, the paper emphasizes. Author Paul Uhrig writes, “[The] good news is that health data and information technology exist today that can lead to better care decisions and curb fraud and abuse.”

Automated Tracking

Likewise, NetDirector is actively engaged in leveraging integration technology in support of addiction recovery caregivers. Cloud-based integration with state-sponsored controlled substance databases allows seamless monitoring and comparison of data to ensure that recovering patients are not seeking drugs beyond their treatment program.

Integration is live for North Carolina, with application to other state programs available on demand. Delivered on a platform-as-a-service basis, the Controlled Substance Tracking Model is priced per data extraction/use. For more details on pricing and delivery, contact NetDirector or request a free demo.

Technologies That Impressed at HIMSS18

Last month in larger-than-life Las Vegas, nearly 50,000 healthcare IT professionals and vendors convened for HIMSS18, the industry’s yearly focal point. Attendees sought common ground in improving care and business operations through the use of technology.

Reports from the conference yielded a wealth of new information from more than 1,000 exhibitors and scores of expert presenters. And — indicative of a setting where anything could happen — Jared Kushner and Magic Johnson stopped by to share their respective insights on better access to patient data and health, leadership and community-building.

But at the heart of the event, discussion of challenges and pursuit of new ideas revealed common themes among those serving at healthcare organizations and their counterparts on the developer side. The infographic below summarizes key aspects of health IT’s ongoing quest to support better patient outcomes in a fiscally sustainable ecosystem.

 

 

NetDirector’s cloud-based HealthData Exchange addresses these points of emphasis through low-cost, high-speed, secure data and document sharing capabilities among hospitals, physician practices, nursing facilities, pharmacies, labs, imaging centers, vendors, government agencies and insurance providers. The format- and transport-agnostic technology eliminates the need to maintain multiple interfaces while ensuring data consistency and integrity.

For more information on the HealthData Exchange platform, please contact us or request a free demo.

Disruptive Technologies Make Their Mark for Healthcare Providers

Despite uncertainty about national healthcare policy, investors continue to fuel the red-hot health technology sector, which leverages innovation in the quest to improve outcomes, streamline care and cut costs.

Digital health startup firms banked $23 billion in venture funding over the past seven years, according to analysis from Rock Health. In 2017 alone, digital health investments hit an all-time high approaching $6 billion, with a record number of “mega-deals” (each exceeding $100 million) coming to fruition. Repeat investments also reached a peak last year, indicating confidence in future growth.

Rock Health’s research reveals the top value propositions funded during 2017:

  • Consumer health information (investments of $1.6 billion) — Empowering individuals to better understand their own health and the overall healthcare system.
  • Clinical decision support and precision medicine ($811 million) — Delivering timely information to providers to help inform care decisions and/or tailor the prevention, management or treatment of disease.
  • Fitness and wellness ($752 million) — General health maintenance and promotion, where illness prevention does not associate with a diagnostic billing code.
  • Disease monitoring ($517 million) — Using biometric devices to track specific clinical conditions.
  • Disease diagnosis ($493 million) — Identifying specific clinical indications.
  • Non-clinical workflow ($482 million) — Managing administrative operations such as scheduling and billing in a provider setting.

In short, digital health has aggressively moved past the fledgling stage. From here, innovators will need to demonstrate much more than a unique idea. They’ll be asked to show verifiable advancement in building, sustaining and scaling a profitable business model.

Imminent Innovations

Venture capitalists aside, doctors and researchers agree that technology-backed breakthroughs will figure prominently among major medical developments expected in 2018.

Cleveland Clinic, which annually publishes a top-ten list of innovations vetted by an internal panel of physicians and scientists, predicts disruption in areas such as diabetes management, telehealth and centralized monitoring of hospital patients.

For example, a closed-loop insulin delivery system, essentially an artificial pancreas, will improve outcomes for Type 1 diabetes patients and increasingly be reimbursable by insurers this year, according to the report. The system will continuously link a monitoring device to an insulin pump to stabilize blood glucose at an unprecedented level, rather than requiring the patient to determine how much insulin to inject.

Also on the immediate horizon, distance health technologies will be widely adopted, with 90 percent of healthcare executives reporting active or emerging telehealth programs. Telehealth is now integrated with more than 19 million patients using attachable devices to record and report medical information. The technology will remove geographic barriers to care, enabling timely treatment to vulnerable populations at significantly reduced cost.

We’ll also see provider organizations implementing “mission control”-type operations, through which off-site personnel use sensors and high-definition cameras to monitor patients’ blood pressure, heart rate, respiration, oxygen level and other essential readings. This type of system can double the number of monitored patients per technician while initiating advance warnings of trouble in areas such as cardiology wards.

The Agility Factor

Disruptive healthcare technologies typically incorporate some aspect of data integration geared toward actionable intervention or prevention that justifies initial and ongoing investment. The takeaway for healthcare decision-makers is that traditional spending on day-to-day IT activities will give way to hand-picked services available through the cloud.

“The role of the chief information officer won’t be so much operations and keeping disks spinning and data centers powered as much as it will be integration and figuring out how procured cloud services fit together,” observes John Halamka, MD, CIO at Boston’s Beth Israel Deaconess Medical Center.

“So you might even imagine that IT departments will start to shrink because so much of what we have done in the past with internal staff will be done with cloud-hosted services,” Halamka continues. “And the great joy of this is that if you don’t like one cloud-hosted service, you can change it. So it’s going to give you some agility.”

NetDirector’s cloud-based HealthData Exchange precisely fits today’s model for disruption with low-cost, high-speed data and document sharing capabilities. For more information on the HealthData Exchange platform, please contact us or request a free demo.

Healthcare Giants Attack Rising Costs, Pursue Greater Efficiency

Whether on the vendor or provider side, the business of healthcare isn’t getting any easier. Across the sector, companies and caregiver organizations are tightening their respective belts while firing up initiatives to increase efficiencies.

At the end of last year’s third quarter, EHR developer athenahealth — which supports a nationwide network of more than 100,000 providers and 100 million patients — reported a 7 percent earnings shortfall. The company simultaneously announced several cost-cutting measures, including a 9 percent workforce reduction, shutdowns of redundant business operations, and sell-offs of real estate assets and a corporate jet.

Athenahealth CEO Jonathan Bush said the moves reflected the company’s “changing mindset as we evolve the way we do business.”

Additionally, the firm revealed a major follow-up move this month by naming former General Electric CEO Jeff Immelt as athenahealth chairman. Immelt previously grew GE’s healthcare technology business from fledgling status to a $20 billion operation during his tenure.

Immelt is viewed as a “door opener” and deal closer among hospital and health system C-suite executives, an area where athenahealth has lagged competitors, according to George Hill, an analyst for RBC Capital Markets.

Referring to Immelt’s appointment, Bush added, “Jeff shares our vision for more connected, efficient and human-centered healthcare … Like us, [he] believes a platform-oriented business and technology strategy is fundamental to executing against that vision.”

More Heavy Hitters Step In

Healthcare’s door swung open again recently when the powerhouse trio of Amazon, Berkshire Hathaway and JPMorgan Chase revealed plans for a partnership aimed at cutting costs and improving services.

Initially, the enterprise will focus on healthcare system improvements for their collective 1.1 million employees. Nonetheless, the independent new company will strive to leverage technology to simplify the healthcare throughout the country.

Berkshire CEO Warren Buffett said combined resources within the group would be tasked with reining in healthcare’s “ballooning” costs while enhancing patient satisfaction and outcomes.

Adam Fein, president of Pembroke Consulting, commented that the new, as-yet-unnamed organization could help physicians and patients make more informed and cost-effective decisions.

Idris Adjerid, management IT professor at Notre Dame’s Mendoza College of Business, told CNBC that Amazon, in particular, could play a strong role in bringing artificial intelligence and information-sharing platforms to healthcare. “We find that technology initiatives that facilitated information sharing between disconnected hospitals resulted in significant reductions in healthcare spending,” Adjerid noted.

What remains to be seen, however, is the full scope of the companies’ collaborative effort.

Robert Field, professor of health management and policy at Drexel University, predicted that the alliance would leverage technology to change healthcare delivery across the board. “We’re going to lose the personal touch in healthcare, but perhaps we need to be going in [that] direction,” Field observed. “We don’t have the corner bookshop the way we used to, and we don’t have a corner pharmacy the way we used to. Healthcare is going there one way or another.”

Staying Ahead of the Curve

NetDirector agrees that technological innovation will steer healthcare toward brighter days ahead in terms of fiscal stability and enhanced patient care.

Cloud-based integration and strong record management — hallmarks of NetDirector’s HealthData Exchange platform — create not only cost savings but also greater efficiencies on the non-revenue-generating side of the patient lifecycle. In doing so, the platform increases the number of patients a provider organization can reasonably sustain.

For more information on HealthData Exchange, please contact us or request a free demo.

Healthcare, Ransomware, and Security Breaches

Ransomware, a treacherous malware exploit that encrypts victims’ data or prevents access to their devices, netted cybercriminals an estimated $1 billion in 2016.

Data-related extortion attacks on businesses rose three-fold during the first nine months of last year, equating to one every 40 seconds. Two-thirds of those hit by ransomware lost all or part of their corporate data and one-quarter spent weeks trying to restore access, according to Kaspersky Labs, a data security firm.

Perhaps even more alarming is a predicted shift from chaotic and sporadic ransomware incidents to steadier assaults in higher volumes. “There is no such thing as a low-risk sector anymore,” Kaspersky’s research warned.

Healthcare, with 16 percent of organizations having been hit by ransomware, ranks in the top 10 among targeted industries.

High stakes for healthcare

Hospitals and health systems, as HIPAA covered entities, must adopt safeguards to ensure the confidentiality, integrity and availability of electronic protected health information (ePHI). The Department of Health and Human Services’ Office for Civil Rights (OCR), which enforces HIPAA, issued guidance in 2016 presuming a breach in the event of a ransomware attack involving ePHI. In other words, it’s up to the provider organization to prove that a breach did not occur by demonstrating low probability that ePHI was not compromised.

Nonetheless, many organizations remain non-compliant or take a stance of “calculated non-compliance.” That means they deem any potential fine to be cheaper than the reporting costs or technical resources needed to investigate incidents to OCR’s satisfaction, according to James Scott, senior fellow at the Institute for Critical Infrastructure Technology.

All the same, providers should be concerned whether ePHI is properly encrypted and adequately protected against compromise by ransomware. And from a system-wide perspective, additional safeguards should include proper use of passwords, removal of outdated software and unauthorized apps, adherence to regular backup procedures, and educating users not to open attachments or click links from unknown senders. Additionally, operating systems, browsers and antivirus programs should be updated to the latest version on all devices.

Also worth noting: Security shortfalls may be present in system integrations written in-house or by contracted developers.

In any event, “negligence gives cyber criminals the incentive to continue to launch ransomware attacks,” notes security website CSO.

And — as if on cue — a newly discovered form of ransomware may be released this month, reports TechRepublic. The malware, known as RedBoot, not only encrypts files but also permanently repartitions hard drives, rendering data unrecoverable. The alert advises businesses to back up workstations to some form of network or cloud storage, refresh all antivirus software definitions, and train users to avoid phishing scams.

A big ask

Hospitals have their hands full providing the best care possible for patients, around the clock, every day of the week. In that light, they shouldn’t be expected to shoulder the entire load of locking down data against an ever-expanding array of intruders.

Networking companies such as NetDirector have the expertise and capabilities needed to properly secure and integrate healthcare data. All of our certifications and processes (e.g., HIPAA and SOC2) are maintained above industry standards in a fully redundant, cloud-based platform. Healthcare clients put their trust in NetDirector to securely handle more than 10 million data and document transactions per month.

Although ransomware and related intrusions are real concerns, NetDirector stands ready to consult and assist in hardening defenses across the healthcare ecosystem.

For more information, please contact us or request a free demo.

Why EHRs Don’t Have to be a Hindrance

Doctors persistently claim that electronic health record (EHR) systems take up too much of their time.

Bearing out that assertion, a just-published study in Annals of Family Medicine found that a cohort of 142 primary care physicians spent more than half their workday interacting with their EHR during and after clinic hours. Worse, the physicians, who were retrospectively followed through EHR event logs over the course of three years, allocated two-thirds of their computer-facing time to clerical and inbox work.

A separate commentary earlier this year issued a stark challenge to the healthcare IT industry: “[Talk] to ten practitioners at random who are involved in day-to-day emergency medicine or primary care medicine, the guys and gals on the busy front line, and find two of them who are enamored with their [EHR] tools.” The author, small-town physician Kenneth Bartholomew, MD, describes systems designed around billing and collections functions. Such EHRs, he argues, lack the ability to actually improve the workflow of diagnosis and patient management.

Closing the gap on EHR drawbacks

The clearly frustrated Dr. Bartholomew concludes that current EHRs put the wrong tools in the hands of everyday caregivers. While EHRs help assemble patient history, along with physical and laboratory evidence, the technology requires doctors to “push the chain” of information from behind — rather than “pulling it from the front.”

Nonetheless, it’s also important to recognize EHRs’ positive impacts within a digital, connected healthcare environment. Evidence of benefits include:

  • cost savings derived from prevention of adverse drug events;
  • enabling access by emergency personnel to patients’ pre-existing health information (such as medication lists, allergies, and medical histories);
  • use of medical histories to remind physicians of the best methods of care for specific patients; and
  • improvement of reporting, investigation, response, and communication between public health officials and clinicians.

What’s more, EHRs have been shown to mitigate risk for healthcare providers and health systems by enabling evidence-based decisions at the point of care, aiding in research directed toward improvements in care, and preventing liability actions by documenting complete records of care and informed consent.

Also, significant, EHRs can help drive up patient satisfaction. More than 90 percent of patients report being happy that their doctor used EHR-powered e-prescribing capabilities — and that they rarely encounter prescriptions not being ready at their connected pharmacy.

EHRs and interoperability

Looking ahead, the federal Office of the National Coordinator for Health IT (ONC) has prioritized enhancing EHR usability, as well as facilitating seamless exchange of information among different EHR systems. In fact, the 21st Century Cures Act, enacted at the end of 2016, specifies the development of a national framework and common agreement to promote comprehensive network-to-network health data sharing. ONC will be organizing work in these areas and expects to have preliminary plans in place by next year.

NetDirector actively supports strong, automated integration of EHR capabilities throughout the healthcare ecosystem. Hospitals and physicians can deploy NetDirector’s HealthData Exchange to normalize data to standard HL7 and other formats to achieve EHR interoperability while removing the bottlenecks of traditional interfacing — all without adding hours to the physician’s already hectic schedule.

For more information, please contact us or request a free demo.

What Can We Learn from eClinicalWorks’ Big Mistake?

Electronic health record (EHR) vendor eClinicalWorks (eCW) and several of its executives are on the hook for $155 million to resolve a False Claims Act lawsuit alleging that the company misrepresented the capabilities of its software. The U.S. Department of Justice announced the settlement on May 31.

Resolution of the case also required eCW to enter into a Corporate Integrity Agreement (CIA) with the Office of the Inspector General at the U.S. Department of Health and Human Services (HHS-OIG), which oversees “meaningful use” incentive payments to healthcare providers relating to their adoption and implementation of certified EHR technology.

According to the government, eCW concealed that its software was “hardcoded” to meet certification requirements for standardized drug codes instead of actually retrieving the proper drug codes from a complete database. Other cited faults in eCW’s software included:

  • not having an audit log for accurate recording of user actions;
  • not reliably recording diagnostic imaging orders;
  • not reliably performing drug interaction checks; and
  • failing to satisfy data portability requirements for transferring patient data from eCW’s system to other vendors’ software.

All told, because of the deficiencies, “eCW caused the submission of false claims for federal incentive payments based on the use of eCW’s software,” HHS-OIG charged. $125 million of the company’s fines will go to repay Medicare and Medicaid for incentive disbursements under their respective meaningful use programs. (eCW customers who successfully attested to meaningful use in good faith will not be linked in on the government repayments.)

Aside from the financial penalties, eCW’s CIA, which extends for five years, requires the company to retain an independent oversight organization to assess its software quality control systems, with semi-annual written reports to be filed with HHS-OIG. The CIA also mandates that eCW allow its customers to obtain free software updates; customers also have the option of transferring their data to another EHR vendor without penalties or service charges.

Industry fallout

eCW agreed to the settlement without acknowledging any wrongdoing. The company said it did so to avoid lengthy and costly litigation. eCW’s EHR system remains certified under the meaningful use program. Nonetheless, the underlying facts of the case appear to have cast a broad shadow across the health IT landscape.

A report compiled by market research firm Reaction Data after announcement of the settlement found 71 percent of respondents saying they would be extremely unlikely to consider eCW in the future. What’s more, 27 percent indicated that the case had lowered confidence in their current EHR vendor, and 35 percent reported being “significantly more suspicious” of other EHR vendors.

Healthcare attorney Bob Ramsey told Healthcare Informatics that the eCW allegations may be an extreme case, but added, “Interoperability and data portability is viewed as necessary in the health world, but it’s easier said than done.”

Peter DeVault, vice president of interoperability at EHR vendor Epic, recently noted that healthcare providers would be well served to rely less on EHR certifications moving forward and to concentrate more heavily on demonstrated benefits.

NetDirector’s vendor-neutral approach to data exchange elevates providers’ ability to achieve EHR interoperability while working toward meaningful use incentives. In an environment currently clouded by skepticism, the HealthData Exchange platform automates integrations in a manner that exceeds industry standards.

NetDirector CEO Harry Beisswenger puts the technology in perspective: “It’s important for us to aid healthcare providers and vendors in reaching meaningful use benchmarks because we know that ultimately impacts the level of patient care.”

For more information, please contact us or request a free demo.

NetDirector Streamlines Patient Experience in Healthcare with New Health Logix Integration Suite

Tampa, FL – June 27, 2017 – NetDirector, a cloud-based data exchange and integration platform, continues to expand the presence of their cloud-based integration-platform-as-a-service (iPaaS) in the healthcare industry. In their most recent integration, NetDirector has partnered with Health Logix to deliver a technologically advanced patient experience and to streamline the process of data acquisition for providers.

Health Logix is a Software-as-a-Service (SAAS) offering delivering its customers the ability to engage patients both before and after exams or appointments by confirming scheduling, for surveys, create a seamless check-in process, and more. The cloud-based integration with NetDirector helps those clients move pertinent information directly into their Information System (RIS, EHR, HIS, etc.) and patient billing databases, to keep patient records current and to leverage collected data most efficiently.  Health Logix additionally allows for the utilization of its full functionality including automating check-in procedures at a digital kiosk, and more.

By utilizing Health Logix and integrating with NetDirector the entire continuum of healthcare data becomes more accessible to both patient and provider. Patients feel more cared for and satisfied by having reminders and surveys, while providers have the information they need faster and more cost-effectively. The information collected through Health Logix is passed through the NetDirector HealthData Exchange and is delivered directly to billing databases and information systems through a one-to-many style integration.

Health Logix chief technology officer Reynold Yordy stated that “NetDirector’s ability to simultaneously, accurately, and cost-effectively move critical patient information, to multiple partner platforms, allows us to deliver a service that both saves cost and generates real revenue to our customers.”  He further stated, “after searching for many months, we are excited to have finally found an integration partner that actually deliver on true interoperability, one of the biggest gaps in healthcare”

Interoperability has been a major hurdle in healthcare – as providers and vendors work towards Meaningful Use Stage 3, interoperability becomes critical for all systems. Communication between existing and future systems is a must have, and the NetDirector integration with Health Logix is a strong example of this kind of interconnected healthcare environment.

“It’s important for us to aid healthcare providers and vendors in reaching their Meaningful Use benchmarks because we know that ultimately impacts the level of patient care,” said Harry Beisswenger, CEO of NetDirector. “Health Logix is an exceptional system, and we’re excited to make it even easier for healthcare providers to maximize the potential it has.”

Company Bio:

NetDirector provides a secure cloud-based data and document exchange solution for the healthcare and mortgage banking industries to deliver seamless data integration between parties. NetDirector bridges gaps created by disparate systems & technologies by allowing companies at any location to share data & documents securely over a single internet connection with any other member of the ecosystem. Our approach allows trading partners to collaborate and exchange data in a seamless, bi-directional, real-time manner. With security and longevity as a focus, NetDirector is a Certified HIPAA Compliant company, a 6-year member of the prominent Inc. 5000, and currently, processes more than 9 million transactions per month.

Midyear Healthcare and Technology Progress Report

High availability, interoperability, and utility in population health management all figured prominently in an early 2017 forecast of areas where healthcare CIOs expect information technology (IT) to deliver significant impact for their organizations.

Here’s a look at how things are shaping up at the year’s midpoint.

Systems availability

While natural disasters or cyber-attacks can knock out — or lock out — critical IT systems without warning, healthcare entities still need to prepare for such events. In fact, the HIPAA Security Rule requires health care covered entities to have a contingency plan for responding to unavailability of electronic health information systems.

The Department of Health and Human Services’ Inspector General reported last year in a survey of 400 hospitals that about two-thirds have contingency plans addressing data backup, disaster recovery, emergency mode operations and testing/ revision procedures. Nonetheless, over half of the surveyed hospitals confirmed an unplanned disruption to their electronic health record (EHR) system, and about a quarter of those experienced delays in patient care as a result.

So far this year, EHR outages continue to make headlines:

  • An April 2017 poll, conducted by online physician community Sermo, found that 55 percent of 1,678 responding U.S. doctors had experienced an EHR outage or malfunction that jeopardized the health or safety of a patient.
  • Also in April, Erie County Medical Center and an associated long-term care facility experienced a system-wide shutdown attributed to a ransomware attack. The hospital’s backup process prevented loss of any patient records or financial data, but its EHR was taken offline for six weeks, during which time activities such as patient admissions and prescription writing had to be handled manually.
  • In a separate incident at the end of February, an ophthalmology-specific EHR experienced “technical difficulties” due to outages of Amazon’s S3 cloud-based hosting service.

Data center and cloud services provider Peak 10 recommends that healthcare entities not only review their IT privacy and security policies and procedures but also insist that their service level agreements with technology providers specify agreed-upon security objectives and how compliance will be ensured.

Interoperability

In late March, the Office of the National Coordinator for Health IT (ONC) shared several examples of what it described as “interoperability in action from coast to coast.” Among the programs ONC showcased:

  • An app that imports patient data — including personal and medical device data, remote monitoring and reminders — into a comprehensive family health dashboard.
  • A solution that allows clinicians to create customizable push notifications that can be tailored to individual patients or groups.
  • A smartphone app that allows patients to grant or revoke permission for providers to access, send or receive health information electronically.
  • A secure system for users to seamlessly store and share data with trusted care professionals.

Additional projects outside of ONC’s purview are taking aim at other aspects of interoperability. In April, Ascension Health, Cedars-Sinai Health System and Hospital Corporation of America opened the Center for Medical Interoperability. The lab will provide resources for researchers to test data-sharing connections for medical devices and EHRs. In February, the Personal Connected Health Alliance agreed to partner with the Integrating the Healthcare Enterprise initiative in efforts to improve health data exchange through conformity testing and certification with a focus on standards-based, open specifications.

Population health

No single type of data serves as a comprehensive source of information for population health management. For example, claims data includes patient demographics, diagnosis codes, and dates and costs of services; however, the information is retrospective and limited to just billable aspects of care, explains a recent HealthITAnalytics report. Likewise, EHR systems provide clinical details but often contain unstructured, free-text descriptions that are difficult to extract and analyze.

Still, healthcare organizations continue to press forward with population health initiatives. Vanderbilt University just released a report card — the first of its kind in the nation — intended to guide the planning, implementation, and evaluation of programs and policies to improve men’s health across the entire state of Tennessee. It identifies heart disease and cancer as the leading causes of death in the state and reveals a deficit in men having a personal health provider. Meanwhile, Stanford University’s Center for Population Health Sciences has awarded $275,000 in pilot grants to fund studies seeking to improve population and community health, including a mobile surveillance system that will map autism and gaps in treatment services.

Efforts such as these will help drive discovery of what works in real-world practice of population health management. “As an industry, we can increase the socialization of toolkits and case studies so that healthcare organizations can more clearly define all aspects of population health management model design,” observes Jennifer Rogers, an analyst at Chilmark Research. She adds that optimal IT deployment will speed up gains in value for current and future adopters of population health models.

Availability, interoperability, and population health projects face a balance of challenges and opportunities as we enter the second half of 2017. NetDirector continues to innovate with cloud-based, foundational integration solutions that will help healthcare organizations seamlessly handle the electronic exchange of information in each of these areas within their respective ecosystems. For more information, please contact us or request a free demo.