Julia Adler-Milstein appointed to ONC task force on health IT

Assistant professor of information Julia Adler-Milstein will join a short-term task force assembled by the Health IT Policy Committee (HITPC), a federal advisory committee to The Office of the National Coordinator for Health Information Technology (ONC).

The HITPIC makes policy recommendations on the development and adoption of a nationwide health information infrastructure, which includes standards for the exchange of patient medical information. The task force will be responsible for reviewing clinical, technical, organizational and financial barriers to interoperability (information exchange across diverse information systems) within the healthcare sector.

Formed at the request of Congress, the task force is expected to submit its final recommendations on October 14. This move is part of a larger discussion about information blocking and policy standards for increasing interoperability in healthcare.

“We’ve heard before…how big a difference medical records can make for patients and their families,” said Sen. Patty Murray (D-Wash.) at a Senate Health, Education, Labor and Pensions (HELP) committee meeting earlier this week. “And because a strong national health IT system depends on different electronic health record systems being able to talk to each other, we simply can’t afford to…block information that hospitals, providers, and patients need to be able to share with one another.”

ONC is the principal federal entity responsible for coordinating nationwide efforts to advance health information technology and the electronic exchange of health information.

In March, Adler-Milstein testified before a Congressional committee exploring why hospitals have been slow to adopt electronic health record systems.

View the original content and more from this author here: http://ift.tt/1KENZGX

from health IT caucus http://ift.tt/1DeJumD
via IFTTT

IBM Watson, CVS deal: How the smartest computer on earth could shake up health care for 70m pharmacy customers

The artificial intelligence system known as Watson is going to supercompute your health. IBM and CVS announced on Thursday that they will work together to come up with algorithms that use physiological indicators and red-flag behaviors to predict whose health is fine and whose may be on the decline. The first stage of the deal will focus on patients with chronic conditions, such as heart disease and obesity, but after that the sky’s the limit. Here’s why the deal is poised to shake up the way you think about health care.

Reach: CVS has 7,600 retail stores, about 1,000 walk-in medical clinics, and a pharmacy program with more than 70 million participants. That’s nearly 22 percent of the U.S. population. The IBM-CVS partnership could transform the roles of a pharmacist, retail clinic practitioner and your primary-care doctors and specialists. A routine trip to the drugstore could involve consulting with Watson at a kiosk about your health or having your pharmacist let you know to alert your doctor that the medicine you’re taking is not working as well as you both think.

Big data: With mobile phones everywhere and wearable fitness devices proliferating, the average person is predicted to generate more than 1 million gigabytes of health data in their lives. IBM is working with Apple, Johnson & Johnson, and Medtronic to use Watson to glean insights about people’s health and the effectiveness of interventions. The company also recently purchased health data companies Explorys, which spun out of Cleveland Clinic and specializes in predictive analytics, and Phytel, which provides insight for hospitals on groups of patients. Adding CVS data to the mix (which is not part of this deal but may be on the table later) may allow the companies to learn huge amounts about consumer behavior and how it impacts their health.

Control over your own data: One of the most frustrating things for patients can be a lack of access to their health or prescription history and the ability to share it. This is one of the things both IBM and CVS officials have said they hope to solve.

Cancer: While this isn’t one of the conditions targeted in the first stage of the deal, IBM has several partnerships with leading cancer centers to train Watson to be a cancer expert. IBM has said it hopes to roll out the cancer adviser service to community physicians. Could they be used by the nurse practitioners who staff CVS Minute Clinics as well?

View the original content and more from this author here: http://ift.tt/1JyVwIx

from health IT caucus http://ift.tt/1MBcHLn
via IFTTT

Dear Health Care, the Internet Is Here to Stay

While most other industries have enjoyed a decades-long marriage with the Internet, in health care, we’re still in the “getting to know you” phase, working to establish a level of trust. Understandably, there are major concerns in our industry surrounding data integrity, both in and outside of the firewall.

Even as health care and the Internet continue their awkward slow dance (Jonathan Bush of Athenahealth likes to poke fun, with respect to health care, “that Internet thing is going to be big!”), the Internet of Things is already upon us. And while almost all (physicians are on the fence about the worth of some of the data and their ability to be present with it) appreciate the IoT’s tremendous promise in health care toward enabling a digital health revolution and the future of care delivery, as an industry, we must get the security piece right.

Gartner estimates that approximately 3.9 billion connected things were in use in 2014. This number is expected to increase to 25 billion by 2020, a growth trajectory that will surely impact the health-care industry, which is already being flooded with devices for generating valuable patient data. It is my belief that as consumers become more and more comfortable with sharing data through wearables (a market expected to reach $35 billionon its own by 2020), our industry will get used to the idea of sharing personal health information.

---

The transformative potential of the IoT won’t be realized for health care unless data integrity and security are built into the foundations of the IoT movement.

---

However, the transformative potential of the IoT won’t be realized for health care unless data integrity and security are built into the foundations of the IoT movement. Other industries, that are further along in this journey, have struggled with how to establish a continuity of trust that the data is accurate and secure. Through security measures that are built into apps like Venmo, we now see broad acceptance of IoT in mobile payments. Innovations like Amazon Dash, which allows consumers to order their favorite products from Amazon with literally the push of a button by automatically charging an Amazon Prime account, continue to push the envelope.

The charge in health care is clear: We must implement similar security technologies in order for IoT to be fully realized. There is no question that the IoT’s network of IP-connected computers, sensors and devices allows care providers and patients to share information to a transformative degree.

But in order to get there, the data generated by a series of connected devices can only be captured, aggregated, analyzed and put to meaningful use on a broad scale if the identities of providers and patients are verified. The data being generated, collected and shared through networked devices must be protected with strong, usable authentication methods.

To be clear, I don’t foresee a dark future where (absent security) medical devices like pacemakers are routinely hacked from afar like the attack depicted in the Showtime series “Homeland” that resulted in the vice president meeting his end. But we need to manage for that, as well.

Where I am focused is the more regular usage of technology. Imagine a world where your monthly health-plan fee could be discounted for healthy behavior like not smoking, averaging eight hours of sleep a night, or drinking the recommended amount of water. Yes, some companies have begun programs like this, but the data is largely self-reported and therefore open to manipulation. Now imagine a world where those data points are tracked by a sensor and sent automatically to the health plan — no paperwork for you! We are not far from that reality, but secure, reliable data is needed.

For providers, authentication is required to meet compliance and privacy regulations (we have HIPAA to consider). Ensuring that it’s your doctor accessing your medical data, not a nosy fellow patient who enters the room after your appointment, is key.

Patient authentication is also essential in the IoT paradigm because it ensures that the correct information is being generated by and shared with the correct patient. Creating a one-to-one link between patients and their medical records can establish a foundation for additional forms of patient identification. As with providers, devices like Fitbit or theApple Watch will become part of the digital credential set for patients, necessitating a secure enrollment process to bind one or more devices to unique patient identities.

Constructing the necessary infrastructure to properly manage and optimize the proliferation of connected devices in health care starts with security. Putting these security building blocks in place will help create a closed-loop system in which patients and providers can securely interact in a more engaging, meaningful way.

View the original content and more from this author here: http://ift.tt/1MwWJ44

 

from health IT caucus http://ift.tt/1MX8HSw
via IFTTT

Obamacare: 70 percent of previously uninsured Californians now have health plans

MENLO PARK — Nearly 70 percent of California’s previously uninsured adults have gained health insurance coverage under the Affordable Care Act — and most of them say their health care needs are being met, according to the latest survey of the Kaiser Family Foundation.

But the survey released Thursday by the Menlo Park-based group also found that plenty of challenges for the newly insured remain when it comes to paying for and accessing care. That applies both to those enrolled in plans through Covered California, the state’s health insurance exchange established under the Affordable Care Act, and Medi-Cal, the state’s program for the low-income and disabled that was greatly expanded under the health care law.

The survey results didn’t surprise some consumer health advocates.

“We have a long way to go towards affordability when half of the newly insured say they have a hard time affording health care, even as subsidies have been successful in expanding access and getting more low-income Californians insured,” said Carmen Balber, executive director of the Santa Monica-based Consumer Watchdog.

But the latest data was welcomed by many health care experts.

“For me, it was really the size of the gains in people’s sense of financial security and in their health care,” said Mollyann Brodie, director of public opinion and survey research at the foundation.

“I had hoped and thought that those numbers would go up, but I did not expect them to improve in those gaps as much as they did,” Brodie said. “It appears that getting health insurance really helps people to feel more financially secure and health secure.”

The foundation’s survey is the third of a series it began in 2013 that aims to track how the health care law, commonly called Obamacare, has affected the lives of the previously uninsured.

Since its debut in the fall of 2013, Covered California has enrolled 1.3 million Californians, while Medi-Cal has enrolled almost 4 million since January 2014.

Both the exchange and Medi-Cal have had problems. In the Covered California plans, many of the complaints have focused on the narrow networks of doctors and hospitals. And access to Medi-Cal doctors — already a chronic problem in a state that offers one of the lowest Medicaid reimbursements in the nation — only worsened with the expanded number of Medi-Cal enrollees.

But the survey found 83 percent of Medi-Cal enrollees and 63 percent of Covered California enrollees are mostly satisfied with their plans.

Other survey highlights:

• Of the Californians who didn’t have insurance in 2013, 86 percent said it was difficult to afford health care. But in the latest survey, only 49 percent of the newly insured who were surveyed said it’s difficult to pay for health care.
• The recently insured are about half as likely to say they have had problems paying medical bills in the past year (23 percent now compared with 45 percent in 2013).
• When asked how well their health needs are being met, 86 percent of the recently insured now say they are being somewhat or very well met — up from 51 percent of the uninsured group in 2013. But 28 percent say that in the past 12 months they have had to wait longer than they thought was reasonable for a medical appointment.
• Sixteen percent of the recently insured say a doctor’s office told them in the past 12 months that they would not accept them as a new patient. The share was highest for those enrolled in Covered California plans (23 percent), compared with Medi-Cal plans (17 percent) and employer-sponsored plans (6 percent.)Richmond resident Paula Genosick is among those who said she cannot easily find a doctor or hospital willing to take her Medi-Cal plan, which she receives at no cost.”I’ve tried to make doctor’s appointments, but I could not get in — except for one appointment for vision,” said Genosick, a part-time cashier at Home Depot. As a result, she said, she had to twice seek medical care at the emergency room at the Kaiser Permanente hospital in Richmond. That’s where doctors removed shards of glass from her foot and treated her strained back.

View the original content and more from this author here: http://ift.tt/1VQBxdl

 

from health IT caucus http://ift.tt/1MBcKad
via IFTTT

Legacy health software lands SA Govt in court

blog Those of you who have been following State Government IT news for some time may be aware that not all systems in this area are kept (even vaguely) up to date. But what you may not realise is that some are so old they are starting to lead to lawsuits. Global Health, which owns a company called Working Systems Software, recently announced it was suing the South Australian Government to stop it using the ageing platform, which Global Health appears to want everyone off pronto. The company’s media release states:

“Working Systems claims breaches of contract and infringements of copyright by the State, arising from the State’s continuing use of the CHIRON Patient Administration System software and HARMONY Financial System software (collectively, CHIRON) beyond 31 March 2015, as outlined in the Company’s abovementioned previous announcements. Working Systems seeks relief by way of damages, declarations and a permanent injunction restraining the State from continuing to use CHIRON.”

The Adelaide advertiser has a bit more, noting that the South Australian Government has been the last customer of the software since 2008 — seven years ago. Global Health cannot keep supporting the software any more — but the South Australian Government has not yet been able to organise a replacement, leading to the current Mexican stand-off where SA is claiming that it has Crown-related copyright exemptions to continue to use the system.

Now, there are two things to note here. The first is the obvious fact that state governments around Australia are continuing to delay upgrading crucial IT systems that, in some cases such as this one, date back to the 1980’s. This is a clearly unsustainable approach and will lead to countless inefficiencies. We can only imagine just how much South Australia’s medical staff hate this dated platform by now.

However, the other thing to notice here is that health IT — patient management systems, electronic health records and the like — are notoriously difficult to implement. This kind of problem with outdated health IT systems is chronic to the industry, and things aren’t getting better any time soon. It’s a global issue and one that will likely not go away until hospitals and other health facilities start to operate on a more standardised basis, leading to less deep customisation being needed in health IT packages.

By the way, this is not the only legal stoush the SA Government is involved in with an IT vendor at the moment. As iTnews notes, it could actually be the third in a year. Sounds like the lawyers are going to be making a killing in Adelaide in the next few months.

View the original content and more from this author here: http://ift.tt/1MX8WwS

from health IT caucus http://ift.tt/1MX8Jd4
via IFTTT

HIPAA technical controls no silver bullet for securing patient data

Putting too much trust in technical controls could be a big mistake in a provider organization’s security strategy, according to Jeffrey Wilson, director of information services in assurance and IT security at Albany Medical Center.

While controls such as encryption and access management go a long way toward securing patient data, employee training remains “absolutely indispensable, absolutely top of the priority list,” Wilson says in an interview with HealthITSecurity.

The cyberattack at Anthem, which compromised records for close to 80 million of the payer’s customers, is among the recent breaches attributed to stolen employee credentials rather than lack of encryption.

“So you can encrypt all day long, you can build Fort Knox, you can build the most sophisticated castle that you’ve ever had, with all kinds of defenses known to man,” Wilson says. “But if somebody’s going to hand over the keys, it’s game over.”

He also stresses the need for role-based access–and an ongoing review of that access.

“Organizations need to put the effort into attaining some clarity on the roles within the organization and have that translated into system access,” he says, describing the problems associated with longevity. “[I]t’s like a snowball rolling down the hill. The longer you’re there, the more access you accumulate. And that’s the exact opposite of what we’re trying to achieve.”

He says organizations should be conducting ongoing risk assessments, determining whether the controls in place are the right ones and making sure they’re being vigilant day to day.

Sudhakar Gummadi, chief information security officer at California-based Molina Healthcare, recently said that there is great need for privileged access management. Privileged access, which IT workers use to do their jobs of building and maintaining the infrastructure, essentially gives them the keys to the kingdom. These days, though, it doesn’t make sense to offer them 24/7 privileged access, Gummadi said.

A report from the U.S. Office of Personnel Management’s Office of the Inspector General nearly a year before a recently announced breach of Mountlake Terrace, Washington-based payer Premera found a number of vulnerabilities. Among its recommendations was for Premera to require multi-factor authentication for access to the computer room.

View the original content and more from this author here: http://ift.tt/1I3F2WP

from health IT caucus http://ift.tt/1I3F0hx
via IFTTT

Big data from EHRs bolsters drug research

With the help of big data, researchers have discovered that the combination of two drugs can significantly lower patients’ blood pressure, according to a study published in the Journal of General Internal Medicine.

The drugs included one often prescribed to conserve potassium in the blood and a diuretic frequently prescribed to patients with hypertension, according to the researchers, who hail from the Regenstrief Institute and Indiana University.

The researchers studied de-identified information from the electronic medical records of 17,291 hypertensive patients treated between 2004 and 2012. The patients were prescribed the diuretic hydrochlorothiazide with or without triamterene, a drug commonly prescribed to conserve potassium in the blood, according to an announcement.

“It is unlikely that a large clinical trial would be conducted to reexamine the blood pressure effect of triamterene, a drug that has been on the market since 1965,” lead researcher Wanzhu Tu, a Regenstrief Institute investigator and a professor of biostatistics at IU School of Medicine, says in the announcement. “Yet smaller clinical trials simply do not provide sufficient power to determine the drug’s effect. Observational studies based on big data, like ours, provide a viable alternative.”

The researchers also looked at the effects of triamterene when patients were taking antihypertensive agents, such as ACE inhibitors and calcium channel blockers. They found that the mean systolic BP in the group taking triamterene and hydrochlorothiazide together was 3.8 mmHG lower than those taking only hydrochlorothiazide. Lower BP of 1 to 4 mmHG was found in subgroups taking triamterene in combination with other drugs.

Innovation in drug development, however, is often hindered by regulation. A new report by the Bipartisan Policy Center provides policy actions that Congress can undertake when it comes to reducing the time and cost of developing drugs and devices and delivering them into the healthcare marketplace. Specifically, the report examines how to “modernize the development of drugs and devices,” especially when it comes to the work of the U.S. Food and Drug Administration.

Big data is also being used at other hospitals to advance care. Advocate Health Care is using data to predict readmission risks, and Penn Medicine has a number of data projects under way using its clinical data warehouse that holds records on 3 million patients going back 10 years.

View the original content and more from this author here: http://ift.tt/1MzcgRS

from health IT caucus http://ift.tt/1Mzcd8x
via IFTTT

Did Early Interoperability Focus Help Cerner Beat Epic at DOD?

The Department of Defense has made what many industry hawks might consider a surprising move.  Today, DOD officials announced that the Pentagon has awarded its $9 billion EHR modernization contract to Leidos Health Solutions Group, the leader of the bid, as well as its partners, Cerner Corporation and Accenture Federal Services.

The bidding, which started in August 2014 after many years of political wrangling and hemming and hawing by Pentagon officials, attracted the interest of top technology vendors in the space, including Allscripts, IBM, and PricewaterhouseCooper.   However, the DOD quickly whittled down their options to just three teams, leaving the industry breathlessly awaiting what has been widely viewed as a Cerner-Epic showdown.

The standoff may have ended with victory for Cerner, Leidos, and Accenture, but speculation about the reasoning behind the process is only beginning.  As health data interoperability becomes increasingly important for large-scale population health management and care coordination – both major challenges for the beleaguered military health system – how important is a vendor’s reputation for interoperability and openness with its big data?

While Epic Systems holds an enviable portion of the EHR and health IT market share, particularly among large, complex systems, thanks to perceptions of its stability and cohesiveness, Cerner’s vocal promotion of health data interoperability and foundational work in the CommonWell Health Alliance may have given it an edge among DOD procurement officials looking for a nimble, scalable infrastructure that can meet its incredibly diverse needs.

“We didn’t just come to this focus on interoperability,” said Travis Dalton, General Manager at Cerner Federal to EHRintelligence last November.  “This is something we’ve been working on for a long time.”

“I know there’s a healthy level of cynicism out there, and everyone’s claiming they’re going to be the one who will finally do it,” he added.  “But we’ve been working on this for over a decade in terms of health information exchanges, connecting communities, and working with a number of states to do some of that work.  So I think that we’re excited that we’ve come to this point, because it’s something that we’ve really been trying to focus on for a long time.”

One of the most pressing requirements for Cerner now that it has won its bid for the DOD EHR modernization project, a massive undertaking that may last a decade, is integrating the Department of Defense’s patient data stores and documentation systems with the sprawling network of hospitals, clinics, and other care sites run by the Department of Veterans Affairs.

The VA has been facing its own technology and care quality conundrums, and has expressed ongoing frustration with a lack of cooperation from its counterparts at the Pentagon.  Veterans seeking care at VA facilities may also receive services at civilian organizations, complicating an already-difficult process of care coordination, chronic disease management, and access to services.

Health IT upgrades at the VA are also in progress, as the health system attempts to reform some deeply rooted cultural and operational deficiencies that have led to scandal, condemnation, andpatient deaths.

The drawn-out saga has angered Congress and prompted lawmakers to withhold funding unless the two healthcare systems could agree on an approach to interoperability.  During the lengthy spat, the VA repeatedly offered to help the DOD implement its highly regarded VistA health IT systems, but the DOD demurred, opting to choose an off-the-shelf product instead.

The DOD took a “hard and thoughtful look” at all the major market leaders, said Jerry Hogge, Deputy Group President of Leidos Health Solutions Group.  Leidos, a member of the winning team, is a familiar name on government contracts, and the organization’s experience with federal projects may also have given the group an advantage.  “[The DOD] invited EHR developers and providers to demonstrate their products, and did research to decide what they thought were the best features available in the commercial marketplace today.”

“And then the question became how to adapt those features to meet military health requirements where needed, both in the United States and at forward operating bases around the world and then in the theater of war or in a military operational environment.”

“Its scale is unlike anything else in the world,” Hogge added.  “The system has to operate in a fully connected environment as well as low-connectivity and no-connectivity environment.  Where health care is first being supplied, there may be no network connectivity between the system and the clinician providing care to the patient.  So you have to collect data there.”

“You have to have data available in a disconnected or unconnected fashion, and you have to have that data follow the patient as they move through the military health system to wherever they receive their remaining or final care, whether it’s at a base somewhere around the world, or at one of the bases in the United States.  That’s a key element of their requirements.”

While Epic Systems certainly has experience with large-scale implementations and knows how to manage big data, it has not embraced data fluidity across external systems as readily as many of its peers.  In recent months, the company has touted its involvement in Carequality, a “network of networks” approach to interoperability, but its public image has suffered somewhat from itsresistance to joining the popular CommonWell Alliance since it was announced at HIMSS in 2013.

Epic Systems founder and CEO Judy Faulkner labeled the group a “competitive weapon,” while the company’s Executive VP Carl Dvorak said it was “yet another distraction” taking attention away from the development of national standards.

With accusations of data blocking still plaguing EHR vendors as healthcare organizations struggle to meet the escalating data exchange requirements of meaningful use, perhaps Cerner’s more positive take on industry-wide cooperation, along with its partners’ experience in government contracting, helped tip the scales in its favor.

The DOD is unlikely to divulge many details about the selection process, but the $9 billion contract is obviously a big win for Cerner, catapulting it into the highest echelons of the EHR vendor market – and perhaps ensuring its long-term survival in a market that may have been artificially inflated in the wake of the EHR Incentive Programs.

The finalized procurement only opens more questions: will Cerner be able to meet the interoperability, big data analytics, and population health management needs of such a complicated healthcare ecosystem?  Will the DOD implementation guide more healthcare stakeholders towards meaningful interoperability?  Can the VA and DOD cooperate during the integration process well enough to produce necessary care quality improvements?  How will the DOD ensure that the decade-long process of modernization will keep its technology on the cutting edge as innovation continues its rapid progress?

Only time will tell if the Department of Defense has made a wise decision, but one thing is abundantly clear: health data interoperability is no longer a “nice to have” for the healthcare industry, but a fundamental requirement for doing business in a new era of patient care.

View the original content and more from this author here: http://ift.tt/1I3F2WK

from health IT caucus http://ift.tt/1MzcaJW
via IFTTT

Malkin: Obama cronyism is bad for your health

It’s the most far-reaching scandal in Washington that no one wants to talk about: Tens of millions of federal employees had their personal information hacked as a result of Obama administration incompetence and political favoritism.

Ethnic community organizer-turned-Office of Personnel Management head Katherine Archuleta recklessly eschewed basic cybersecurity in favor of politically correct “diversity” initiatives during her disastrous crony tenure. This Beltway business-as-usual created an irresistible opportunity for hackers to reach out and grab massive amounts of sensitive data — compromising everyone from rank-and-file government employees to CIA spies.

Could it get worse? You betcha.

Amid increasing concerns about these massive government computer breaches, the Defense Department is expected to announce the winner of a lucrative high-stakes contract to overhaul the military’s electronic health records system this week.

The leading finalist among three top contenders is Epic Systems, a Wisconsin-based health care software company founded and led by top Obama billionaire donor Judy Faulkner. Thanks in significant part to President Barack Obama’s $19 billion stimulus subsidy program for health data vendors, Epic is now the dominant electronic medical records player in the U.S. health IT market.

According to Becker’s Hospital Review, CVS Caremark’s retail clinic chain, MinuteClinic, is now adopting Epic’s system, and “when the transition is complete, about 51 percent of Americans will have an Epic record.” Other major clients include Kaiser Permanente of Oakland, Calif.; Cleveland Clinic; Johns Hopkins Medicine in Baltimore; Arlington-based Texas Health Resources; Massachusetts General Hospital in Boston; Mount Sinai Health System in New York City and Duke University Health System in Raleigh, N.C.

As I’ve reported previously, Epic employees donated nearly $1 million to political parties and candidates between 1995 and 2012 — 82 percent of it to Democrats. The company’s top 10 PAC recipients are all Democratic or left-wing outfits, from Democratic Congressional Campaign Committee (nearly $230,000) to DNC Services Corp. (nearly $175,000) and America’s Families First Action Fund Democratic super PAC ($150,000). Faulkner received a plum appointment to a federal health IT policy panel in 2011.

Brandon Glenn of Medical Economics noted “it’s not a coincidence” Epic’s sales “have been skyrocketing in recent years, up to $1.2 billion in 2011, double what they were four years prior.”

Stunningly, Epic “has the edge” on the gargantuan Pentagon medical records contract, The Washington Post reported on Monday. This favored status comes despite myriad complaints about the interoperability, usability and security of Epic’s closed-end proprietary software. Just last week, the UCLA Health system run by Epic suffered a cyber attack affecting up to 4.5 million personal and medical records, including Social Security numbers, Medicare and health plan identifiers, birthdays and physical addresses. The university’s CareConnect system spans four hospitals and 150 offices across Southern California.

The university’s top doctors and medical staff market their informatics expertise and consulting services to other Epic customers “to ensure the successful implementation and optimization of your Epic EHR.” Will they be sharing their experience having to mop up the post-cyber attack mess involving their Epic infrastructure?

UCLA Health acknowledged the hack forced it to “employ more cybersecurity experts on its internal security team and to hire an outside cybersecurity firm to guard its network,” according to CNN.

Now another Obama crony is poised to cash in on her cozy ties and take over the mega-
overhaul of millions of Pentagon and Veterans Affairs medical records to the tune of at least $11 billion.

View the original content and more from this author here: http://ift.tt/1MzcecN

from health IT caucus http://ift.tt/1I3EY9o
via IFTTT

Health Canada approves abortion pill

TORONTO – A quarter century after women in France were first given access to it, the abortion drug known as RU-486 is finally going to be available in Canada.

Health Canada confirmed late Wednesday that it had approved the drug for use here, 2 1/2 years after the manufacturer’s application was submitted. Women will need to obtain a prescription from a doctor to purchase the drug.

“The application has been before Health Canada since December 2012, so it is long overdue that they approve this very safe and effective method of early abortion care that millions of women around the world have been able to access since 1988,” said Vicki Saporta, president and CEO of the National Abortion Federation and its Canadian offshoot, NAF Canada.

“No one can claim that they fast-tracked the approval process and didn’t very thoroughly and completely review the application.’

NAF Canada represents the health-care professionals who provide most of the abortion care in this country. The group spearheaded efforts to bring the drug to Canada.

The drug has been available since 1988 in France and nearly as long in Britain. The drug was approved for use in the United States in 2000. Saporta said women in 60 countries have access to the drug, which is used to safely terminate a pregnancy.

Federal Health Minister Rona Ambrose had little to say Wednesday night about her department’s decision.

“Drug approval decisions are arms-length decisions made by Health Canada officials based on analysis by Health Canada scientists,” a spokesperson for Ambrose said in an email.

The drug will be sold under the brand name Mifegymiso in Canada. It is made by Linepharma International Limited.

It is often called mifepristone. But in fact Mifegymiso is two drugs, mifepristone and misoprostol. The former blocks production of the hormone progesterone, needed to sustain a pregnancy. The latter prompts the uterus to contract and expel the placenta and the fetus.

Studies have shown the drug can be used safely as late as 70 days into a pregnancy, although it is thought Health Canada may have set an earlier limit on the use of the drug.

Reproductive medicine experts have called the drug the best known option for abortion and have been advocating for its approval in Canada.

While some countries allow the drug to be dispensed by pharmacists, Health Canada has opted not to go that route.

Saporta said initially the drug will probably only be available through health-care professionals who already provide abortion services. But she said it’s hoped that over time more doctors will agree to prescribe the drug – especially those serving remote communities or working in areas where women have to travel long distances to see a doctor who will perform an abortion.

“Mifepristone holds the promise of improving access to abortion care for women in more rural communities where there isn’t a current abortion provider,” she said.

Saporta said it is likely the drug will only become available in Canada in early 2016.

View the original content and more from this author here: http://ift.tt/1It29eT

 

from health IT caucus http://ift.tt/1MzccSf
via IFTTT

Behavior Analytics takes center stage in DC

Securonix was recently invited as an ICIT fellow and industry leader to participate in an advisory meeting with senate staffers on the benefits of Behavior Analytics and to help describe the extensive ways in which it can be leveraged for insider and cyber threat detection and risk reduction.

As we sat waiting for our appointment in the senate cafeteria, senators and political figures walked by and the realization on what type of impact our discussion could have began to set in. The opportunity to help set the bar higher for cyber threat detection through data analytics and educate a room – possibly a nation – on the next generation of insider threat detection and mitigation capabilities.

The discussions were engaging, dialog flowed freely, and an appetite to learn and absorb could be felt throughout the room. With the OPM breach and Anthem still showing fresh scars, the importance and need for these discussions is bigger than ever.

Insider threat awareness has dramatically increased over the last 18-24 months, but organizations still focus on external threats, when the very access and data these actors are striving to obtain is available to your internal user population and the modus operandi for the external attackers is to compromise existing internal credentials to obtain access to the data.

The importance of peer analysis, volume spikes, and establishing a baseline of normal behaviors play a pivotal foundation to all conversations around behavior analytics. The complexities of technical vs. non-technical control points, data aggregation and catering to different industries and company sizes all provide their own unique challenges.

It is hard not to feel a great sense of satisfaction at times like these. There is a sense of pride when your daily job includes providing objective analysis that helps other organizations identify how existing technologies can address their insider threat needs. Securonix is leading the innovation for these problems.

To our Securonix partners, customers, and family: we consider these types of moments a reminder that together we are part of a dramatic change in the cyber security space.

View the original content and more from this author here: http://ift.tt/1glQjIU

from health IT caucus http://ift.tt/1JuOBAi
via IFTTT

ONC awards $38.5M for HIE, population health, health IT workforce

Even as the chorus grows to delay or even scrap Stage 3 of the Meaningful Use EHR incentive program amid accusations of “information blocking,” the Department of Health and Human Services continues to back interoperability efforts.

Tuesday, HHS’ Office of the National Coordinator for Health Information Technologyannounced $38.5 million in new grants for state-level health information exchange, population health and health IT workforce development.

ONC is giving $29.6 million over the next two years to agencies or state-designated entities in 12 states to promote interoperability of health information and services. Those states are: Arkansas, California, Colorado, Delaware, Illinois, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, South Carolina and Utah.

Another $2.2 million goes to healthcare research organization AcademyHealth to support develop population health strategies under the new Community Health Peer Learning Program. AcademyHealth will select 15 communities nationwide to participate.

“These communities will work to address their population health challenge through improved data aggregation, data portability and data analysis,” ONC Chief Medical Officer Dr. Thomas A. Mason wrote on the Health IT Buzz blog.

ONC said that the Community Health Peer Learning Program “builds upon the success” of the 17 survivors of the Beacon Communities program. Nearly half of the original 32 participants dropped out of Beacon Communities.

The remaining $6.7 million in grants will go to seven colleges and universities to update the curriculum from an earlier ONC-funded health IT workforce training program. Some of this money also will help the schools train 6,000 current health IT workers to use new technology.

“The training will be completed in five days or less to accommodate professionals with restricted schedules and will be offered in various settings, such as online, in-person, or train-the-trainer programs,” according to Dr. William Hersh, chair of medical informatics and clinical epidemiology at Oregon Health & Science University. Portland-based OHSU is one of the seven grantees.

“It should be noted that these trainings are targeted towards a variety of settings: team-based care environments, long-term care facilities, patient-centered medical homes, accountable care organizations, hospitals and clinics,” ONC’s Mason said.

View the original content and more from this author here: http://ift.tt/1H0zuZ8

from health IT caucus http://ift.tt/1JuDvLu
via IFTTT

KIDS COUNT: education, health improve, poverty worsens

Alabama improved in all health measures and in three out of four education measures in an annual nationwide examination that looks at the well-being of children.

Nearly 300,000 children live in poverty in Alabama, a 5 percent increase since 2008, according to the 2015 KIDS COUNT Data Book, released this month by the Annie E. Casey Foundation.

The data book is an annual publication that examines child well-being across the country. This year, the focus was on key trends in child well-being in the post-recession years, measuring child well-being in four domains — economic well-being, education, health and family and community. Key findings shows that economic recovery in the form of increasing employment and concentrated wealth has bypassed many low-income, struggling communities and families, where a child’s future is anchored in scarcity and hardship.

Overall, the state ranked 45th — down from 44th in overall child well-being. In the area it improved the most — health — it ranked 40th. The lowest it ranked was 45th in education.

The state also ranked 41st in economic well-being and 44th in family and community.

Alabama has traditionally been ranked in the bottom 10 and has experienced one of the highest poverty rates nationally for a number of years, according to the report.

Alabama improved in three out of four education measures and all health measures (included in the report), but economic well-being for Alabama children deteriorated, including an increase in the number of children living in poverty. The report said this is significant given the current General Fund Budget crisis and as lawmakers consider solutions to address this crisis.

“The state’s economic crisis has deeply affected the lives of Alabama’s children and at a time when our state is seeing progress on some indicators of child well-being, we can’t help but be discouraged that the number of children living in poverty has increased since 2008,” said Melanie R. Bridgeforth, VOICES for Alabama’s Children’s executive director.

“Poverty does not determine the fate of a child, but it can impede their optimum development. Children cannot alter their family’s economic circumstances which is why it is imperative for our state leaders to make meaningful investments and do no harm to programs and services that provide opportunities for working poor families.”

Although parents are working, they still often struggle to provide health care and child care — both of which are essential to child well-being and keeping parents employed. State and federal investments in health and education can create lasting positive changes for children. Investments in critical services, such as the subsidized child care program, for example, helps low-income families pay their child care fees. This critical work support program aids working poor families in overcoming extraordinary challenges.

The 2015 Data Book also shows that poverty affects children of color at a higher rate than their white peers. There are several contributing factors to wealth disparities that are difficult to overcome including generational poverty and limited access to higher-paying jobs. Limited access to quality early learning opportunities can perpetuate poverty by widening the academic achievement gap between children of color and their white peers.

Alabama’s First Class Pre-K program has been instrumental in reducing the achievement gap for low-income children and children of color. As the state’s voluntary Pre-K program, it provides effective, high-quality early childhood experiences that prepare Alabama’s children for school success and lifelong learning. The program has been championed by a mix of sectors in Alabama including business leaders, lawmakers and child advocates because it effectively prepares children to be successful in school and later in life as they enter the workforce.

Similar programs with successful track records such as child day care subsidies, mental health services, and Medicaid are left in limbo since lawmakers failed to produce a General Fund budget for 2016. These services and the working poor families that need them must wait for their fate to be decided by lawmakers later this summer during a special legislative session.

“This is a pivotal time for child well-being in Alabama and state leaders must stay the course on investing in children and families. We cannot maintain these investments without addressing the state’s budget challenges including passing a General Fund Budget that includes revenue enhancing measures. Without this step, Alabama will lose ground on improving child well-being and our children and families will suffer,” said Bridgeforth.

View the original content and more from this author here: http://ift.tt/1SMrNfY

from health IT caucus http://ift.tt/1JuDtDt
via IFTTT

Health Spending Forecast: No Drastic Rise, but Slowdown Seems Over

IS IT SAFE? GREAT DEBATE ON HEALTH IT SAFETY AND REGULATION

The International Society for Quality in Health Care (ISQua) is inviting comments and votes on an online debate on whether health IT is improving the safety of healthcare.

Introduced by David Bates, chief innovation officer at Brigham and Women’s Hospital in Boston, and featuring Australian surgeon Guy Maddern speaking for the negative, the debate also queries whether further regulation of the industry would inhibit innovation and make safety worse.

“We have a lot of evidence that health information technology (HIT) does improve safety, at least in selected institutions, but now the HIT that is being implemented is largely vendor developed and it is being implemented much more broadly,” Dr Bates said.

“There have been many reports of new problems that have been created by health information technology.”

Dr Bates said there had also been a substantial amount of discussion about the amount of regulation required, which led to the topic of the debate: HIT is already improving healthcare safety and current regulation around it is sufficient.

Speaking for the proposition were Aziz Sheikh from the Centre for Medical Informatics at the University of Edinburgh, a former GP who is now one of the world’s leading evaluators of health IT; and Dean Sittig from the University of Texas School of Biomedical Informatics, who has a specific research interest in the design, development, implementation and evaluation of clinical information systems.

Speaking against was Professor Maddern, who in addition to his roles as a practising surgeon at The Queen Elizabeth Hospital and as professor of surgery at the University of Adelaide, is also the surgical director of the Australian Safety and Efficacy Register of New Interventional Procedures – Surgical for the Royal Australasian College of Surgeons.

He was joined by Ross Koppel, a professor of sociology from the University of Pennsylvania and a senior fellow at the Wharton School’s Leonard Davis Institute for Healthcare Economics.

Professor Sheikh argued that the evidence base points to the fact that HIT can affect safety but in reality, there “isn’t an epidemic of harm associated with HIT”. He also argued that regulation can be well-intended but it can also have unintended consequences, including the stifling of innovation.

“I have for a number of years been summarising the international evidence on HIT and its impact on the quality and safety of care, and I’ll be the first to admit that whilst there is enormous potential, quite often this is not being realised,” Professor Sheikh said.

“The challenges are largely in relation to limited functionality, it quite often doesn’t meet the needs of front-line physicians, there are challenges with usability, there are socio-technical issues about how this can interface with workforce deliberations on clinical workflows.

“This can sometimes lead to professional frustration and lead to poor patient experiences and there are certainly some cases where patients come to harm, but if I reflect from general practice in the UK for example, where we have been digital for the last at least 15 years … there is no large-scale evidence of any epidemic of HIT-associated, iatrogenic harm.”

He argued that there was already a raft of legislative and regulatory approaches in the UK, the EU and the US, all of which are designed to enhance the safety of HIT devices or software, and that regulation quite often has unintended consequences such as stifling innovation.

“If innovation is stifled, if the regulatory bar is so high that new entrants can’t enter into the marketplace, what this will do is it will really stifle competition,” he said. “What we actually need at this point in time is that we need new entrants, we need more dynamism in the vendor marketplace, what we need is competition because what this will do is it will force innovations in new directions.”

Professor Koppel countered by saying that while HIT continues to hold immense promise for reducing medical errors and collecting instant and vast data, clinicians find this technology frustrating and falling short of its promised benefits.

Professor Sittig argued for the proposition, saying the fact that HIT is already improving patient safety should be abundantly clear to anyone who can even remotely remember what healthcare was like in the pre-computer age.

With the recent advances in technology, our newly acquired capability to measure and monitor various aspects of medical care has already had a significant positive impact on the safety of healthcare and this will only increase as we learn more about how to collect and interpret these large databases, he said.

He also argued that current regulation is sufficient and that there is a risk to patient safety due to our limited understanding of any unintended consequences that might arise due to inappropriate additional legislation.

Speaking last, Professor Maddern said that as a clinician, he constantly has to wrestle with the realities of dealing with IT systems.

“At present, many hospital systems, certainly outside of North America, are still using paper-based systems,” he said. “One has to ask oneself why this is the case, given that we are all very used to having smartphones, computers in our offices and navigation systems in our cars.

“Why is it that the health sector has been so slow to embrace the electronic health record and the promise that it brings?”

He argued that despite companies spending billions of dollars trying to develop electronic health records and IT systems, they have largely been developed by “computer geniuses” without much reference to the doctors, nurses and allied health professionals who are going to have to use the technology.

“For this reason, the capabilities of many of the systems is extraordinary but the usability is anything but remarkable,” he said.

He used the example of Australia’s PCEHR, which while it may have millions of people enrolled it only contains records numbering in the tens of thousands, not the hundreds of thousands or millions.

He argued that there was tremendous support given to GPs to use the PCEHR but nothing to specialists or the hospital sector.

“In a country like Australia where particularly as people get older, they travel quite large distances, the ability to have a portable record is obvious,” he said. “The reality however is that this is largely unused and I would have to say in my own hospital, I would not have any idea how we would access it despite the fact that I know it’s available.”

He argued that digitising and storing health records was an obvious enticement to hackers, and that the use of electronic health records in practice could and does interfere with the doctor-patient relationship.

He also argued that many hospital-based EHRs were built for accounting rather than care delivery reasons, and regulation was absolutely essential if we are going to be able to maintain sensible control of the data generated.

“No doubt the next decade will see these technologies become widespread but at the moment they are at best primitive, unhelpful and poorly developed.”

View the original content and more from this author here: http://ift.tt/1JuDB5R

from health IT caucus http://ift.tt/1JuDtDj
via IFTTT

Will Pentagon Health IT Project Be Another Healthcare.gov Disaster?

The Pentagon is close to awarding a $10.5 billion, 18-year health information technology contract – the largest since the problem-plagued HealthCare.gov award – to upgrade a system used by 9.5 million active and retired military members, reports say.

But some critics fear any Pentagon health IT contract will be another disaster in the making.

Critics say the project to build a new electronic health record (EHR) system will bloat budgets but won’t be able to let doctors for service members smoothly and securely share medical records across the military, Veterans Administration and private health systems,Politico reports.

Tennessee Republican Rep. Phil Roe, a doctor who tracks the project, vows to keep tight appropriations controls over the project.

“I don’t want some other congressman to be sitting where I am 10 years from now and saying, ‘Why can’t the military and the Veterans Administration share records?'” Roe, a senior member of the Veterans Affairs Committee, tells Politico.

Three private industry giants are in the running for the contract: Epic Systems, Cerner and Allscripts Healthcare Solutions, the Washington Post reports.

But critics complain EHR systems are hard to use, and none are Internet-based, making sharing information between different systems difficult, the Post reports – fueling fears the Pentagon won’t be able to build a records system that interacts seamlessly with the Veterans Health Administration.

“None of the three finalists has been able to improve overall outcomes or reduce costs in the private sector despite a track record spanning more than a decade with complete freedom from oversight,” Dean Kross, a Pittsburgh cardiologist who studies health-care IT, tells the Post. “How can anyone expect that to change now?”

Politico notes that in April 2009, President Barack Obama committed the VA and Pentagon to building a smooth record-sharing program, and in 2011 they set off to create a joint EHR system.

But after spending nearly $1 billion, the agencies went their separate ways in 2013.

Instead, the VA is updating its homemade, open-source EHR system, known as VistA, while the military decided to scrap its EHR and buy a commercial version.

Investors in the health IT sector are skeptical about the Pentagon contract, since none of the EHR bidders has had to contend with a client as complex as the Defense Department, Politico reports.

And retired Air Force Brig. Gen. Thomas Verbeck worries whoever wins the Pentagon bid will become “the Standard Oil of health IT.”

“It will become a monopoly at a time when we need to be moving to solutions that allow everyone to participate,” he tells Politico, adding there should be a year-long delay in awarding the contract.

“They should take some time to look at what the cloud has to offer. Look at a more creative acquisition.”

The Post reports the Pentagon contract award could be awarded “within days.”

The finalists have teamed up with tech or defense powerhouses to bolster their chances: Epic with IBM; Cerner with Leidos and Accenture; and Allscripts with Hewlett-Packard and Computer Sciences.

Industry insiders tell the Post Epic has the edge; it already controls the medical records of 6.3 million patients in the United States.

View the original content and more from this author here: http://ift.tt/1DayztV

from health IT caucus http://ift.tt/1ezraIV
via IFTTT

Hackers Selling Healthcare Data in the Black Market

With the drastic increase in Cyber Crime, the healthcare industry is a potential target for data hungry hackers. Patient safety may not directly relate to data security, but an individual’s personal health information includes everything from their address, private medical records to credit card information. Approximately 29.3 million patient health records have been compromised in a HIPAA data breach since 2009, according to healthcare IT security firm Redspin. In this article, we will be trying to figure out how hackers turn these hacked healthcare data to cash in the cyber underworld or black market.

Introduction

It took a health insurance company almost a year to notify some 1.1 million of its members that their personal data had been swiped by hackers. In another incident, more than 80 million health data was stolen from Anthem breach because of a network server hack. In 15 months from January 2014 into March 2015, the healthcare industry had 15 separate major breaches of protected health information that affected well over 100,000 individuals.

Now, why are hackers behind the health data of an individual or a patient? What can be gained from such data? According to a report by the Aberdeen Group, it costs about $500 per patient, depending on who is buying. Health care companies experienced a 72% increase in cyberattacks between 2013 and 2014.

Cost of Stolen data

More and more health data are showing up in the dark web. One cannot simply delete or change their birthdate or social security numbers. Stolen patient health records can fetch as much as $363 per record, according to data from the Ponemon Institute, which is more than any other piece of data from any other industry.

There have been more than 270 public disclosures of large health data breaches. “These breaches will keep happening because the healthcare industry has built so many systems with thousands of weak links,” said Dr. Deborah Peel, founder of Patient Privacy Rights in Austin, Texas. While stolen credit card numbers tend to be sold for a few dollars or even quarters, a set of Medicare ID numbers for 10 beneficiaries found online by Greg Virign, CEO of the security company RedJack, was being sold for 22 bitcoins, or about $4,700.

These records are used for identity theft and can be classified as following:

• Credentials: Name, date of birth, contract or group number, type of insurance plan, deductible and co-pay formation, insurer contact information for claims and customer service. Another $20 each is available for associated dental, vision, or chiropractic plans.
• Complete electronic dossier or Fullz: An electronic dossier of credentials for an individual compiled and packaged with other Personally Identifiable Information (PII). Fullz are worth more because they take time to compile but facilitate the identify theft process for the black market purchaser. They may include everything in the credentials package above plus address, phone numbers, email address with password, social security number or employer ID number, bank account information, online banking credentials, and credit card information.
• Finished kit of phony ID and credential documents or Kitz: Includes custom-manufactured physical credentials and documentation related to the identity information from Fullz. It becomes a complete identity theft kit and may include fake versions of the victim’s insurance card, social security card, driver’s license and credit cards.

Hacking is not the only means through which medical information are compromised, sometimes healthcare workers steal data, while in other cases, friends or family members use a person’s health insurance information to obtain fraudulent or fake medical claims.

Under estimating the healthcare data security

Many healthcare organizations do not perform encryption of records within the internal networks. They also do not use encryption of data at rest and transit. This interest the hackers since the attack surface area is very huge. Health insurance information can be used to purchase drugs or medical equipment, which are then resold illegally, or even to get medical care. The latter can have consequences that go far beyond the financial.

Ken Westin, security analyst at Tripwire said, “In general, healthcare organizations are not prepared for the level of sophistication associated with the attacks that will be coming at them. It’s no surprise that several organizations have been targeted and compromised. Vulnerabilities that are endemic within an industry through common tools, frameworks, data storage/sharing methods or business processes.” Maybe the wrong assumption that the hackers are only interested in financial data and perimeter firewalls would stop any kind of external attacks. Such wrong assumptions by healthcare organizations result in absence of application security and encryption of data. The Health Insurance Portability and Accountability Act (HIPAA) addresses a number of patient privacy issues but doesn’t require encryption of people’s data.

Why is Patient Health Information (PHI) considered more valuable than financial data?

In the world of black market, medical information has a higher value than a credit card information. One reason medical data is coveted by thieves is that it has more lasting value than other types of information. Once the bad guys get their hands on it, it’s difficult for the victim to do anything to protect themselves. While a stolen credit card can be cancelled and fraudulent charges disputed, the process for resolving medical ID theft is not as straightforward.

Hospitals and insurers usually don’t have a clear process for fixing errors on someone’s health record or for helping patients cope with the other consequences of identity theft. “Unlike credit card numbers, healthcare information is non recoverable, and potentially lethal in the wrong hands” Robert Hansen, the vice president of WhiteHat Security, told the Christian Science Monitor. Banks have stepped up their online security in the recent years by incorporating better secure transactions and transfers while many health insurers and hospitals have not taken security seriously.

Twenty-one percent of doctors said they believed their cybersecurity was below average, while 8 percent of IT workers and administrators had the same view. A Ponemon Institute report indicates cyber criminals have increased their attacks on healthcare 125 percent, costing the industry $6 billion annually. Recently UCLA Health System data breach affected 4.5 million patients. The unusual activity was detected on October 2014 and an investigation from FBI confirmed a hack on 5^th of May 2015. The exfiltrated servers contained names, dates of birth, Social Security numbers, Medicare and health plan identification numbers as well as some medical information such as patient diagnoses and procedures. “Despite these painful lessons, it seems that personal data compromised in the latest breach were still not encrypted,” said Igor Baikalov, chief scientist at Securonix, a data security firm in Los Angeles.

Regulatory compliance program for Electronic Health Records (EHR)

A regulatory compliance program requires some level of central coordination. It supports gathering controls and testing information, developing a common set of control objectives, and coordinating efforts to meet multiple regulations. Typically, a new or updated regulation or other requirements (such as PCI compliance) are followed by new corporate and departmental policies and procedures. Eventually, these policy and procedure documents begin to overlap, resulting in redundancies such as a HIPAA policy and a separate PCI policy that address the same controls and requirements, increasing complexity and confusion. It is more practical to create one Access Control Policy or one Password Management Policy, for example, that meets both HIPAA and PCI requirements.

Electronic health record systems are designed to store data accurately and to capture the state of a patient across time. It eliminates the need to track down a patient’s previous paper medical records and assists in ensuring data is accurate and legible. It can reduce risk of data replication, as there is only one modifiable file, which means the file is more likely up to date, and decreases risk of lost paperwork. Some organizations still look at compliance as a check-the-box, document-and-audit exercise. However, more mature organizations realize that they need to take a risk-based approach as a way to focus their resources on areas with the highest risks. We should also note that compliance may be a key focus of the healthcare industry, but that hasn’t always translated into secure environments. The newly revised HIPAA Security Rule requires providers to assess the security of their databases, applications, and systems that contain patient data against a list of 75 specific security controls. These controls include specific safeguards to be in place for protecting PHI.

View the original content and more from this author here: http://ift.tt/1JKB97c

from health IT caucus http://ift.tt/1DLszTr
via IFTTT

PHI Data Breaches, Fraud in Georgia and New York

PHI data breach security is a primary concern for all healthcare professionals. However, in recent weeks, it has been challenged at both the Georgia Divisions of Aging Services and at Healthfirst, a health insurance agency based in New York. Between data exchange via email and the threat of fraud, both cases show that PHI security is always open for improvements.

Georgia Divisions of Aging Services discloses PHI via email

The Georgia Divisions of Aging Services notified approximately 3,000 clients of a PHI data breach, according to a statement made by the Georgia Department of Human Services (DHS). The breach, which affected individuals in the Community Care Services Program (CCS), is reportedly small in breadth and has been completely resolved.

The cause of the breach was an accidental email sent to one of the program’s contracted providers, and it disclosed information regarding patient diagnoses. No other information, including contact information, Social Security numbers, or Medicaid numbers were disclosed. All individuals affected have been notified in accordance with federal mandates.

Despite the small scale of the incident, the Department of Aging Services is still taking measures to improve its security systems. According to the statement, the Department has added new safeguards to their data systems, and also implemented new training practices for members of the department.

Officials from the Department expressed regret for the incident, and emphasized that patient safety and security are of the utmost concern.

“While we are confident that this data breach was limited in nature and resolved almost immediately, we are obligated to ensure that our clients and the public can trust the integrity of our programs,” said Georgia’s Human Services Commissioner Robyn A. Crittenden. “We take client privacy very seriously, and it is important that the public is fully aware of this situation and aware of our efforts to prevent such an event in the future.”

Healthfirst notifies 5,300 clients of data breach

After a cyberattack on Healthfirst’s online portal, the health insurance company is notifying approximately 5,300 individuals that their PHI may have been compromised, according to a company statement. However, no Social Security information was disclosed in the data breach.

Healthfirst was first informed that it was a victim of fraud by the US Department of Justice (DOJ) on May 27, 2015, and from there prosecuted the perpetrator and continued a joint investigation with the DOJ. The two organizations discovered that the culprit, who committed the fraud in 2013, had also gained access to Healthfirst records, and that a PHI data breach had occurred. On July 10, 2015, both Healthfirst and DOJ agreed that there had been an official breach of data between April 11, 2012 and March 26, 2014.

The company has stated that perpetrator gained access to patient names, dates of birth, addresses, health insurance plan information, description of missing services, physician numbers, Healthfirst member ID numbers, patient ID numbers, Medicare and Medicaid ID numbers, claim numbers, and diagnosis codes.

Healthfirst began notifying affected individuals on July 25, and also notified the proper government channels such as the US Department of Health and Human Services (HHS). Notice of the breach can also be found on Healthfirst’s website.

The insurance plan is also making strides to protect the patients whose PHI had been compromised. It has promised one full year of identity and credit monitoring, as well as anonymous access to identity theft specialists. Healthfirst is also taking preventative measures to keep this from happening in the future, including revising its security policies and its online portal securities.

The company expressed its disappointment that the incident occurred, reinforcing its commitment to patient security.

“Healthfirst sincerely regrets that this incident occurred,” the company said in its statement. “Healthfirst takes the privacy and security of its members’ health information very seriously. Healthfirst values the trust its members have placed in it as their health plan and it is Healthfirst’s priority to reassure its members that it is taking steps to ensure its members’ information is protected.”

View the original content and more from this author here: http://ift.tt/1LSJmMD

from health IT caucus http://ift.tt/1DLszD9
via IFTTT

Pentagon gets ready to award big contract for electronic medical records

The Pentagon is poised within days to award one of the most coveted health information-technology contracts in history — the first phase of a deal that could ultimately be worth more than $10.5 billon over the 18-year life of the contract.

This is the first major federal IT contract since HealthCare.gov, which was so plagued by defects that hundreds of thousands of Americans were initially frustrated in trying to sign up for health insurance.

The effort, designed to provide a much-needed upgrade to the current system used by 9.5 million military personnel, including active duty and retirees, is being hotly pursued by three of the heaviest hitters in private industry: Epic Systems, Cerner and Allscripts Healthcare Solutions.

“We are not just buying an off-the-shelf system; we’re really looking to modernize how the department delivers health care,” Christopher Miller, the director of the Defense Department’s selection process, said when the contract was first announced.

Skeptics, however, say choosing any of these three big commercial systems is risky. Doctors and other health-care professionals have complained that these electronic health records systems, as now configured, are clunky to use. The proprietary software means fixes and upgrades can be performed only by the manufacturer. And because none of the systems is Internet-based, sharing information between different systems can be difficult, critics say.

Those complaints fuel concerns that the Pentagon will be unable to achieve one of its main goals anytime soon — building a records system that seamlessly interacts with the Veterans Health Administration.

“None of the three finalists has been able to improve overall outcomes or reduce costs in the private sector despite a track record spanning more than a decade with complete freedom from oversight,” said Dean Kross, a Pittsburgh cardiologist who studies health-care IT. “How can anyone expect that to change now?”

A fundamental challenge for the Pentagon project, some say, involves the nature of the commercial health IT industry itself: The software is better suited for accounting and billing than for tracking medical problems and treatment.

“Business computing and clinical computing are as different as psychiatry and neurosurgery,” said Scot Silverstein, a physician and expert in medical informatics. “They both work on the same body part and involve doctors, but if you try and treat a brain tumor with talk therapy, that’s not going to help.”

Some critics are harsher. “Epic and Cerner are mediocre products that should be a lot better for the cost,” said Ross Koppel, a sociologist at the University of Pennsylvania who studies and writes about health-care information technology. He said that requests by health professionals to make upgrades and repairs “are hundreds of thousands [of items] long. . . . These systems take years to implement.”

Through a spokesman, All­scripts said it will bring “a unique combination of deep DoD mission, medical and IT knowledge” to the project if chosen. It also said that the company “is winning new business as well as expanding its relationships with existing clients globally.” Cerner declined to comment for this story.

Col. Nicole Kerkenbush, an executive member of the Healthcare Management Systems Office at Defense, disputed the notion that commercial systems — “off-the-shelf” products — weren’t up to the job of overhauling the Pentagon’s medical records.

“The commercial EHR [Electronic Health Records] products have really matured since we first started on our modernization journey,” Kerkenbush said, indicating that, in any case, the department didn’t have much choice: “We were so far behind that by the time we invested money, people and time to develop and deploy our solution, we would find ourselves behind industry again.”

In a statement, Epic said it looked forward to the Defense Department’s announcement. “Today, about 5,800 Epic clinics, 340 Epic hospitals, and 100,000 providers use our interoperability platform to exchange data with all of the VA sites in the U.S.,” the statement said. “In addition, Epic customers exchange with the Social Security Administration, the DoD, and with third-party EHRs.”

View the original content and more from this author here: http://ift.tt/1DLszCW

from health IT caucus http://ift.tt/1LSJmwb
via IFTTT

Concepts of contraception: It’s a public health issue

Somehow, the moral debate over the use of contraceptives has been carried into the 21st century. It is not known for being a debate that changes very much even as more contraception methods become available to us.

Although the contraception issue has never been one prone to periods of dormancy, it has in recent years experienced relatively strong media and political presence. This high period began with laws and healthcare providers offering contraception to insured women with no additional cost outside of insurance.

The groundwork was laid through the Affordable Healthcare Act by the Obama Administration to mandate that most healthcare plans provide free contraceptive coverage. This action is not without backlash in the form of lawsuits by many employers and organizations against the mandate.

The viewpoints against widespread contraception availability are largely religious, and so tend to debate morally right or wrong. They are grounded in the idea that contraceptive use promotes premarital sex, particularly in teens.

It is a point that, while not unreasonable, is not supportable at its base level and becomes less so at higher levels of the debate.

While contraceptives may contribute to a generally more casual attitude toward premarital or underage sex, the numbers simply are not there to make the point more rational than idealistic.

The United States simply has not reached that level of technology-driven apathy toward invasive screening of our personal lives. Even if we had, those numbers would still not be enough to serve as indicators of attitude, an entirely too elusive abstraction to chase. History shows that the society’s attitude fluctuates over years – increasingly less years in the modern age – and the individual’s attitude fluctuates within even less time.

The viewpoints for widespread contraception availability, though exceedingly more supported by quantifiable research, are largely philosophical and often phrased directly in response to religious viewpoints, meaning that they end up debating right or wrong even when they do not mean to. To be fair, the numbers make these responses far more rational than their counterparts.

A NY Times article recently praised the Colorado Department of Public Health and Environment whose outreach program offering long-acting contraceptives to teens, particularly poor teens, correlated with a phenomenal 40 percent drop in teen pregnancy and a 42 percent drop in teenage abortions between 2009-2013.

Not only are the findings positives for the pro-contraception argument in and of themselves, there are more to be found as a result of them while the negatives struggle to achieve undeniable existence.

The numbers in no way indicate that teens are having more sex than previously, and the evidently high teen pregnancy and abortion rates prior to this outreach program indicate that a lack of access to contraception in no way discourages teens from sex.

Those against contraception would of course then debate that the answer would be instead to teach abstinence more rather than providing contraception. The number one issue with that is that abstinence is taught in schools and discussed even in textbooks along side contraception methods as rightfully the best form of birth control. Despite this education as well as at least basic level understanding in teens that they could just not engage in intercourse, teen pregnancy remains a prevailing issue.

The problem with both sides of the debate is what they are – religious and philosophical, debating right or wrong and who should get to dictate right or wrong. Religious arguers maintain that the government should stay out of a religious issue of right or wrong while their counterparts argue that religion cannot claim ownership over a general people issue of right or wrong.

The issue is more what the Colorado Department of Public Health and Environment evidently realizes – contraception is an individual medical issue and on the macro level an issue of public health and economics.

It’s important to communicate that no contraceptive is perfect. Different contraceptives can cause issues in women relating to hormone balance, ability to get pregnant in the future, and more. However, these issues are rare and even more rarely untreatable. Pregnancy can cause issues in the body as well.

On a larger scale, teen pregnancy and unplanned pregnancy are both symptoms of poverty and reinforce socioeconomic immobility. Contraception allows poorer women to finish education and pursue careers.

On the global level, contraceptives have been linked both with too-low birth rates in highly modernized countries including but not limited to Japan, China, the United States, and many European Countries.

However, also on the global level, contraceptives have been linked to mobilizing more poor or otherwise restricted women into higher education and the workforce in both lesser and more developed countries worldwide, helping many economies become more active,

View the original content and more from this author here: http://ift.tt/1LSJmfE

from health IT caucus http://ift.tt/1DLszCQ
via IFTTT

Top University Health Network doctor steps down amid falsified data investigation

A top Toronto doctor has stepped down from running the country’s largest medical laboratory amid a University Health Network (UHN) investigation that found falsified data in two scientific articles she co-authored.

The papers, which describe the genetics of breast cancer, were authored jointly by UHN physicians Dr. Sylvia Asa and her husband, Dr. Shereen Ezzat, and two other authors.

The papers, originally published in the May and December 2010 editions of theAmerican Journal of Pathology, have since been retracted.

According to a notice in the publication’s latest issue, the authors agreed with the retraction but stood by their findings.

“We wish to state we have collectively confirmed the validity and reproducibility of the findings,” wrote Ezzat. “Nevertheless, we request that these papers be retracted.”

Both Asa and Ezzat declined to comment when contacted at their home Sunday; neither responded to phone calls or emails to their workplace.

The Star has since learned the authors have asked for a judicial review of the investigative committee’s findings in provincial court, according to UHN spokesperson Gillian Howard. She would not say whether or not the investigation is complete or still ongoing.

Howard did confirm Asa and Ezzat’s research lab had been suspended as a result of the investigation, affecting 10 staff and research trainees.

Details are scarce surrounding the UHN-led investigation. The retraction notice reads that investigators found the presence of “manipulated and/or fabricated data” in the form of several figures used in the papers.

Skepticism originally arose over the articles in 2012, after the journal’s editors received notice from a concerned reader.

When communication with Dr. Ezzat failed to resolve the matter, the editorial office requested the UHN launch an investigation. Further in the retraction notice, it is revealed the committee informed the journal’s editors this past April “that the articles in question contained falsified data.”

A source with knowledge of the incident told the Star the committee asked the authors for original source data and it was not provided.

According to the American Journal of Pathology’s ethical standards, every author listed in an article is responsible for its content.

“The corresponding author is also asked if all authors have read and approved of the submission, at every version submitted,” wrote the journal’s managing editor, Audra Cox, in an email to the Star.

Before resigning from her leadership position in the spring, Asa had led the University Health Network’s Laboratory Medicine Program since 2000. As medical director, she earned just over $430,000 last year, according to the Ontario Sunshine List.

It is not clear if she stepped down as a result of the investigation.

Today, Asa remains employed by the UHN as a clinical pathologist while Ezzat continues in his role as physician.

Also, the retraction notice by itself does not provide enough information to fully understand who is at fault, according to Retraction Watch cofounder, Dr. Ivan Oransky.

“All we know is that Dr. Asa’s name was on papers that contained the falsified images,” he said. “And she has stepped down from her position as program medical director of the lab.”

Together, the two doctors have previously co-authored more than 90 other works, according to the U.S. National Library of Medicine’s PubMed.gov database.

Throughout the past 16 years, Asa and Ezzat have been named recipients of more than $3.2 million worth of government grant money, according to the Canadian Institutes of Health Research’s Information System database.

According to the articles, the pair’s research involved human breast tissue samples. It is “highly probable” these samples were obtained from UHN patients, according to Howard.

The cost of committing one of science’s most egregious sins can taint an entire study’s results.

“Even if one variable in the study has been altered or compromised, it puts the whole study under a cloud of suspicion,” said Colleen Derkatch, vice-chair of the research ethics board at Ryerson University.

But just one intentionally incorrect study deals damage to the credibility of researchers everywhere, said Raywat Deonandan, a health sciences professor at the University of Ottawa.

“It is pretty serious. It is as bad as it can get,” Deonandan said. “Any time there is a falsification in science, it is a black mark on all of us.

“This puts more bullets in the guns of people aiming to kill science and show it as untrustworthy.”

View the original content and more from this author here: http://ift.tt/1IE2g9j

from health IT caucus http://ift.tt/1DLqCGx
via IFTTT

Young people find plenty of career opportunities in the health IT field

Career experts say that for those deciding on a field of study for their future careers, the health care industry is a good option.

Professionals agree that health care, including veterinary care, has perhaps the most extensive variety in career choices of any field.

Health care workers can personalize their job experiences by deciding which diseases and conditions they want to focus on and the age group of their patients – or even to have no patients at all. Jobs in health care could involve research science, pharmaceutical science, dentistry and veterinary medicine, amongst others.

Education requirements vary based on the job type, ranging from four years of high school to 10 or more years of college and medical school. Medical receptionists, for example, according to the U.S. Bureau of Labor Statistics (BLS), need at least a high school diploma with on-the-job training, along with optional completion of a medical reception or medical office technology program.

For registered nurses, the education requirements are, as stated by the BLS, a bachelor’s degree (four years), associate’s degree (two years), or a nursing diploma (three years).

Cardiac surgeons, who have some of the most extensive education requirements, must earn a bachelor’s degree, a Doctor of Medicine degree (four years after bachelor’s) and complege residencies and fellowships in cardiac surgery, according to the BLS.

The diversity in health care allows for a wide range of people to hone in on their interests and to follow their passions in whatever way is feasible for them, with education and its costs in mind.

Another benefit of a career in health care is job security.

According to the BLS, health care and social assistance are projected to have the greatest growth in demand for employees by 2022. With all the opportunities that are opening up in health care, the rising demand for workers is likely to outpace the increase in the workforce, providing most health care workers with a variety of job offers as soon as they finish school.

Along with stable jobs, according to the BLS, health care workers should expect growing paychecks over the next several years as demand for workers increases.

The benefits of a career in health care attract many students, but some may not know where to begin in order to enter this field.

Capt. Robert Tosatto, the director of the Division of the Civilian Volunteer Medical Reserve Corps, a division of the U.S. Department of Health and Human Services (HHS) said in an interview, “One of the most important things that students can do for themselves is to get involved – in their schools, their communities – whatever interests them.”

He explained that this is especially valuable in the health care field, which provides such an extensive variety of options.

“You never know,” he said. “Volunteering – especially if you are doing it in the field that interests you – helps you gain perspective, and sometimes that perspective can end up impacting your whole life.”

Tosatto explained the importance of what he calls “generational succession planning,” in which today’s professionals help teach volunteers and interns in the health care industry in order to ensure a sustainable flow of educated, capable new workers for each successive generations.

He further encouraged students to get involved, explaining how volunteering allows students not only to see all of the possibilities for them, but also to help the professionals themselves learn and grow, thanks to students’ fresh, innovative approaches to issues.

Yash Patel, an Esperanza High School graduate who will be a freshman at California State University, Fullerton during the coming school year, is involved in Health Occupations Students of America (HOSA), an organization whose “two-fold mission is to promote career opportunities in the health care industry and to enhance the delivery of quality health care to all people.”

Patel was one of over 8,000 students who attended HOSA’s 38^th Annual National Leadership Conference in Anaheim June 24-27. He explained how HOSA and its conferences have allowed him to learn more about health care and its applications in medicine and forensic science, helping him explore his interests and meet people with different perspectives from across the nation.

“It is guaranteed that whoever joins an organization like HOSA will walk away more educated and social than he or she was before,” he said.

Nicole King, a recent graduate from the North Orange County Regional Occupational Program, is another HOSA member who attended the National Leadership Conference.

To her, health care means more than just a career. When King was 6 years old, one of her siblings, then just 8 years old, was diagnosed with cancer.

“I decided then and there that I wanted to help ease the suffering of children by studying oncology (the study and treatment of tumors) for children. There is something about the way that [health care professionals] boost the spirits of kids and help give them hope that makes me want to do the same,” she said.

View the original content and more from this author here: http://ift.tt/1gWosza

from health IT caucus http://ift.tt/1fzusNp
via IFTTT

Vanguard health project announced for Peterborough

The NHS in England has announced a new ‘’vanguard’’ project in Peterborough aimed at driving forward more integration between health and social care.

The Cambridgeshire and Peterborough Clinical Commissioning Group is one of eight bodies across the country chosen to pioneer a move which will see the “transformation” of urgent and emergency care for more than nine million people.

It aims to change the way organisations work together to provide care in a more joined up way.

NHS England chief executive Simon Stevens said it would link up the “often confusing array of A&E, GP out of hours, minor injuries clinics, ambulance services and 111 so that patients know where they can get urgent help easily and effortlessly, seven days a week”.

Another aim is to break down boundaries between physical and mental health.

It follows the first wave of 29 vanguard sites which were announced in March and are all part of NHS England’s five-year plan, the Five Year Forward View.

Six vanguards will cover smaller local systems, which may include hospitals and surrounding GP practices and social care, while two network vanguards will be working with much larger populations to integrate care on a greater scale.

In north-east England, services across the region will be aligned to a single joined-up system to ensure all patients including those living in remote rural locations will get the care they need, including a rapid specialist opinion should they need one.

The West Yorkshire network will launch mobile treatment services and, working with mental health providers and the police, create rapid crisis response and street triage services.

Other vanguards, such as Leicester, Leicestershire and Rutland, will focus on establishing same-day response teams with GPs, acute home-visiting and crisis response services, community nursing, an older people’s assessment unit and a new urgent care centre.

The announcement about the new sites comes as frontline emergency services face rising pressure, with increased A&E attendances and emergency admissions, and both ambulance and NHS 111 services facing rising demands.

Professor Keith Willett, NHS England’s director of acute care, who is leading the urgent and emergency care transformation, said: “This proves a modern NHS needs a very different approach and shows we can transform patient care.

These networks and new vanguards will support and improve all our local urgent and emergency care services, such as A&E departments, urgent care centres, GPs, NHS 111 and community, social care and ambulance services, so no-one is working isolated from expert advice 24 hours a day. All over the country there are pockets of best practice yielding enormous benefits, but to ensure our urgent care services are sustainable for the future every region must begin delivering faster, better and safer care.

“Now it is time for the new urgent and emergency care vanguards to design the best solutions locally.”

The new vanguard projects are:

South Nottingham System Resilience Group

Cambridgeshire and Peterborough Clinical Commissioning Group

North East Urgent Care Network

Barking and Dagenham, Havering and Redbridge System Resilience Group

West Yorkshire Urgent Emergency Care Network

Leicester, Leicestershire and Rutland System Resilience Group

Solihull Together for Better Lives

South Devon and Torbay System Resilience Group

View the original content and more from this author here: http://ift.tt/1S74nqB

from health IT caucus http://ift.tt/1fzusNl
via IFTTT