Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Channel Catalog


older | 1 | .... | 24 | 25 | (Page 26) | 27 | 28 | .... | 66 | newer

    0 0

    As they sort out their population health management efforts, provider organizations are increasingly realizing that they are masters of their own destiny when it comes to value-based care.

    In the absence of a "one-size-fits-all model that generates positive outcomes across all metrics," Chilmark instead took a look at three different health systems that have been pursuing pop health for years, drawing lessons from the clinical and technology choices they made as they sought success in the era of accountability.

    The takeaway? Despite their different approaches, many factors affecting the ability to drive value are within their own control. Enterprise-level strategy is key to developing sound population health management frameworks – especially when it comes to setting business and clinical goals before implementing technology and workflow.

    And good vendors are essential – however they might fit into the larger strategic framework. Providers should select "one key IT partner, but be prepared to recruit others to fully enable strategy, as PHM solutions remain immature," according to the Chilmark report.

    The report profiles three diverse but representative health systems. New Jersey's Trenton Health Team pursues pop health by leveraging a health information exchange that relies on a single-sourced vendor. Boston-based Partners HealthCare, meanwhile, "has taken an extremely broad build-and-buy" approach to its IT systems. And Wisconsin's Marshfield Clinic has self-developed its own proprietary platform for EHR and pop health integration.

    Trenton Health Team: learning from longitudinal exchange

    Trenton Health Team recognized back in 2010 that it needed to have a longitudinal patient record across the motley array of EHRs at use in it provider sites, so it set about implementing an HIE to connect them.

    "As its needs matured and evolved beyond being able to see a holistic patient history across multiple sites of care, THT recognized the need for advanced analytics and workflow tools to enable it to help with community-wide care coordination. Through this process, THT went through two IT vendor relationships that were not able to keep up with rapidly advancing needs. The continuous learning and on-the-ground experience led THT to its third technology solution provider."

    That vendor, CareEvolution, helps the health system manage data aggregation, harmonization, risk stratification, notification, workflow management and more.

    "THT continuously seeks to balance its view into its own data insights as well as its view into what it is clinically attempting to accomplish. It strongly believes neither data analysis nor PHM goal-setting can exist in isolation of each other," said Chilmark.

    Partners HealthCare: to build or to buy?

    Partners HealthCare has been a longtime leader in population health, having embraced the process in earnest more than a decade ago and having "continuously evolved its clinical and business strategies, enabled by heavy reliance on supporting in-house and vendor- based PHM technologies," according to the report.

    The Partners' culture of innovation "reveals itself in its technology approach to PHM," said Chilmark: It has vetted "a wide range of HIT vendors and has executed contracts with an astounding number of them. Yet, if a tool does not yet exist in the current market that will meet its needs, it does not hesitate to build that tool on its own. As such, (Partners') development strategy serves as a bellwether of PHM HIT maturity and capabilities."

    The decision whether to build or buy is "reached by determining the cost-benefit of each, including speed to deploy. If the decision is to build internally, PHS then subsequently leverages its internal department to potentially commercialize those specific IT solutions it has developed in-house."

    As for vendors Epic is the health system's EHR, in both acute and ambulatory settings, and Partners puts it to work for bi-directional alerts to improve care coordination, clinical decision support to enable point of care adherence to evidence-based medicine and more. Partners has also contracted with Health Catalyst to develop "approaches and tools related to performance monitoring and data analytics."

    Marshfield Clinic Health System: Homegrown history

    Marshfield was making use of electronic data as far long ago as the 1960s, when it built an electronic health record thanks to requests from its own physicians. Its EHR was fully in place by 1985 – a quarter-century before the HITECH Act spurred nationwide health IT adoption.

    MCHS is now in the midst of implementing its next-generation EHR, MCIS Clinicals. With it, the existing CattailsMD system is being reconfigured to better meet Marshfield's population health management needs, according to Chilmark, which notes that the new system offers:

    "Configurability: Experience taught the MCIS team exactly how and where providers need system flexibility. The system now allows for end-user configuration as much as possible without the need for the practice to make a request of MCIS, which in turn makes the health system far more agile. Examples include quickly creating a foot exam form, adding a new clinical decision support guideline, or editing a benchmark for the provider to self-elevate his or her own stretch target.

    "Real-time data alignment: The replatformed system eliminates data discrepancies that often occur with the traditional EDW and data latency approach. It now integrates real-time PHM metrics at the point of care, with data consistency across components including order sets, the patient portal, care reminders, care management assessments, and PHM."

    Population health management is a complicated process with an array of different approaches, said Chilmark, and specific market circumstances vary for healthcare organizations.

    While healthcare organizations' approaches to PHM vary widely, "all can benefit from common best practices that can serve as a baseline" and then "modify from baseline to reflect its particular starting point and the variables within its ecosystem," according to the report.

    For those looking to get their pop health efforts off the ground, it's worth taking lessons from cases studies such as these and staying aware of this "emerging collection of best practices, lest they risk reinventing the wheel at their own cost."

    Twitter: @MikeMiliardHITN
    Email the writer: mike.miliard@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Feeding data directly from a medical device into medical records has reduced errors, improved patient safety and increased caregiver efficiency.

    What is a “frenemy”? According to Dictionary.com: “person or group that is friendly toward another because the relationship brings benefits, but harbors feelings of resentment or rivalry.”.

    Within healthcare organizations, there is a lot of history between the people who support the medical devices that touch patients and those who support the information systems used by clinicians. It has not always been positive and collaborative. In fact, there are such differences in the culture of each group that they don’t always get along. Maybe they are even “frenemies” in some organizations.

    In your hospital, you may know the function as Biomedical Engineering, Biomed, Clinical Engineering or Health Technology Management, HTM as it is now called as part of elevating the profession within healthcare. Those in the field now refer to themselves as “HTMs.”.

    AAMI, the Association for the Advancement of Medical Instrumentation, is a standards development organization and the professional society for HTMs. AAMI is celebrating its 50th anniversary this year. Its mission is to advance safety in healthcare technology.

    [Also: Healthcare costs a concern across all generations new survey finds.]

    Four years ago, I was the first CIO ever to be elected to the AAMI board when AAMI leaders recognized the trend towards HTM and IT convergence and integration. I have provided the IT perspective to the AAMI board as the HTM profession continues to evolve.

    A second CIO was elected to the board this year: Pamela Arora, SVP and CIO, Children’s Health in Dallas. She will bring a valuable perspective given her extensive experience with cybersecurity and overseeing an HTM function that is integrated into the IT organization.

    One of the panels at the recent AAMI annual conference was titled “HTM/IT Collaboration: Keys to Success.” HTM leaders who manage an advanced HTM program discussed their experience with successful HTM/IT collaboration.

    During the Q&A and to a room of a few hundred HTMs, I introduced myself as a CIO and asked the panelists a question: What one thing do they want IT leaders to understand?

    IT leaders need to hear these key themes from their responses:

    • Common language – HTMs should not have to depend on knowing one person in IT that they can count on and trust.
    • Urgency of HTM tickets – Responsiveness is key; the problem could involve a device depended on during surgery.
    • Mutual support – HTM and IT need to have each other’s back.
    • Roles and responsibilities – Clarify this for each group in IT that HTM interacts with; HTMs need to know who to talk to regarding specific issues.
    • Education – Help all of IT to understand HTM and why it is critical. Provide cross training between HTM and IT for similar functions.
    • Proactive communication – To avoid a disconnect between IT and the staff at the bedside, IT needs to understand the downstream impacts of their decisions and actions.
    • And finally, collaboration – As one of the panelists said so well, we need open eyes and open hearts to make it work.

    I have served as CIO in four different organizations in the past 17 years. While I was at Brigham and Women’s Hospital and again now as interim CIO at Stony Brook Medicine, HTM reports up to me. I’ll be the first to say we could do more to fully integrate HTM with IT, but we’re on the journey.

    At Stony Brook Medicine, we still refer to the department as Biomedical Engineering, or BME. The department was moved under IT eight years ago. With the development of medical devices that can now be interfaced with our electronic health record, BME has become more important. Feeding data directly from a medical device into a person’s medical record has reduced medical errors, improved patient safety and increased caregiver efficiency. It has also led to further advances for our EMR and patient care.

    HTM integration with IT makes sense in the long run and may take different forms. It can help to elevate HTM as hospital leadership recognizes the importance of HTM services for safe patient care. Integration opens more possibilities for the data integration and analytics potential with the electronic health record and other systems.

    To my CIO and IT colleagues, let’s be sure to meet HTM more than halfway and be true collaborators. There is clearly a mutual benefit to our working together to serve our patients.

    This post was first published on Sue Schade's Health IT Connect blog.

    Disable Auto Tagging: 

    0 0

    Several top Silicon Valley executives including Apple’s Tim Cook, Jeff Bezos from Amazon, Microsoft’s Satya Nadella – and more are headed to the White House today for the first meeting of the American Technology Council.

    The council was created by President Donald Trump last month, and more than 20 members are expected to be on hand Monday.

    [Also: Apple reveals plans to put health records on the iPhone]

    The agenda appears to be wide-ranging – and not limited to healthcare. But healthcare is likely to receive plenty of attention, especially following reports last week that Apple is working on technology that would gather personal health records together in one place – the iPhone.

    Apple has not confirmed those plans, first reported by CNBC, but it did not deny them either. Moreover, it has hired a couple of digital leaders who may be working on the project.

    There are likely to be discussions also about the technology in other parts of government. The federal government spends more than $80 billion a year on IT. Many of the government’s information systems are considered outdated and inefficient.

    Today’s meeting will be led by Jared Kushner, Trump’s senior adviser and son-in-law.

    Trump created the American Technology Council by executive order signed on May 1, calling for an overhaul of technology across government.

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Aledade is joining forces with UnitedHealthcare, marking its first accountable care program for Medicare Advantage plan members – more than 15,000 of whom could participate in the new initiative.

    Aledade – which was founded three years ago this month by former National Coordinator for Health IT Farzad Mostashari, MD – will work with UnitedHealthcare in Arkansas to put technology and clinical best practices to work enhancing care coordination and promoting more team-based patient care.

    [Also: Mostashari's ACO startup Aledade raises $20 million]

    "With this partnership, our Arkansas accountable care program now offers the benefits of Aledade’s model of care whether patients are covered by Medicaid, traditional Medicare or Medicare Advantage,” Mostashari said in a statement.

    The partnership will work to improve data sharing among the providers visited by patients, especially those with complex or chronic illnesses.

    Aledade and UnitedHealthcare will harness technology to enable care management across physicians' patient populations, working together to identify missed opportunities (medication nonadherence), encourage interventions (preventative cancer screenings) and pinpoint other actionable data that can identify high-risk patients and help reduce emergency department visits and hospital readmissions.

    More than 15 million people currently enrolled in UnitedHealthcare plans across the country have access to accountable care, delivered through more than 800 arrangements nationwide as the health plan engages in more substantive relationships with physicians and hospitals.

    "By working more collaboratively with local care providers and creating a more connected healthcare experience, we can help improve patient care and enhance people’s ability to live healthier lives," said Gregg Kunemund, CEO of UnitedHealthcare Medicare & Retirement in Arkansas.

    Twitter: @MikeMiliardHITN
    Email the writer: mike.miliard@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    The Office of the National Coordinator for Health Information Technology updated its Certified Health IT Product List’s landing page on June 20.

    The idea is to keep the list current – and easy to navigate.

    A prime example, new on the part of the site listing Products Under Corrective Action, is eClinicalWorks. The EHR maker agreed to pay $155 million to make allegations of faking meaningful use certification go away.

    [Also: DOJ to probe more EHR vendors for false claims, sources say]

    Deficiencies in eCW’s software caused the submission of false claims for federal incentive payments based on the use of its software, the authorities found.

    The updated database not only means current information is available on this and other products, it also means the site is easier to navigate.

    “Before the update, in order to see all of the certified products with a non-conformity found through surveillance, one would have needed to build a search filter in the CHPL (Certified Health IT Product List) and then drill down into the details of each product individually,” Steve Posnack, Director, Office of Standards and Technology, wrote in a June 20 post on the ONC blog.

    Now, users of the site can click on that resource shortcut to access a full, sortable listing of certified products.

    There’s another shortcut that relates to APIs. Just one click produces a list of all of the 2015 Edition products that have been certified.

    “As more health IT products are certified to these API criteria this resource will be your “go-to” source for a global view of certified product API documentation.,” Posnack added.

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Sponsor: 
    Oracle
    Resource Central: 
    External url: 
    http://www.himsslearn.org/hipaa-attested-cloud-services-run-healthcare-workloads-oracle-cloud?source=HITNSite_7_26
    Thumbnail: 
    Body: 

    Want to reduce costs and increase flexibility and agility by running healthcare workloads in the Cloud?  Oracle successfully concluded another series of HIPAA attestations for Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) Cloud Services, adding to existing HIPAA-attested Software as a Service (SaaS) Cloud Services.  We also recently achieved SOC1 and 2 attestations for PaaS and IaaS Cloud Services. We will discuss the results of the latest 3rd party attestations, healthcare use cases relevant for Oracle Cloud, and successful customer illustrations.

    Disable Auto Tagging: 

    0 0

    Author: 
    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20slideshow.png
    Slideshow Description: 

    Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is, unfortunately, following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations appear to still have much to learn about security.

    This gallery highlights some of the biggest breaches across the industry – and points to some mistakes to avoid in the future.

    Updated June 21, 2017

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-6K.png
    Slideshow Description: 

    Data has been dumped from two healthcare providers in a game the hacker, TheDarkOverlord, is calling: “A Business a Day.” The hacker leaked 6,000 patient records on June 8 from Feinstein & Roe MDs in Los Angeles and 6,300 patient records from La Quinta Center for Cosmetic Dentistry on June 9.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-1M.png
    Slideshow Description: 

    A hard drive containing the personal data of about 1 million people was stolen from Washington State University in April. The university discovered a locked safe that contained the hard drive was stolen from a WSU storage unit in Olympia. The stolen data is from survey participants and contained names, Social Security numbers and, for some, personal health data.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-undisclosed.png
    Slideshow Description: 

    California-based Torrance Memorial Medical Center notified patients that two email accounts containing work-related reports were hit by a phishing attack in April. Officials didn’t reveal how many patients were affected, and the incident is not on the Office of Civil Rights’ breach reporting site.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%204-8million.png
    Slideshow Title: 
    Molina Healthcare
    Slideshow Description: 

    Molina Healthcare, a major Medicaid and Affordable Care Act insurer, shut down its patient portal on May 26 in response to a security flaw that exposed patient medical claims data without requiring authentication, according to security researche Ben Krebs. At the time, it’s unclear how long the vulnerability was in place. Ben Krebs was first made aware of the security flaw in April through an anonymous tip, which could allow any Molina patient to access other patients’ medical claims by simply changing a single number in the URL.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/breaches-150-countries.png
    Slideshow Title: 
    National Health Service in England and Scotland
    Slideshow Description: 

    The National Health Service in England and Scotland was hit by a large ransomware attack that has affected at least 16 of its organizations on May 12. The organization launched an investigation and determined the ransomware is likely the Wanna Decrytor. It’s one of the most effective ransomware variants on the dark web, and at the moment, there is no decryptor available. Within two days, 150 countries were affected by the #wannacry ransomware.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014633k.png
    Slideshow Title: 
    New Jersey Diamond Institute
    Slideshow Description: 

    The third-party server that hosts the electronic health records of New Jersey Diamond Institute for Fertility and Menopause was hacked by an unauthorized individual, exposing protected health information of 14,633 patients.

    The database and EHR system was encrypted, which prevented the hackers from gaining access, officials said. However, many supporting documents stored on the hacked server were left unencrypted and could have been accessed.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2093k.png
    Slideshow Title: 
    Harrisburg Gastroenterology
    Slideshow Description: 

    Pennsylvania-based Harrisburg Gastroenterology is notifying patients that their records might have been breached. The Health and Human Services Department’s Office for Civil Rights’ Wall of Shame lists the breach at 93,323 records on a network server exposed because of a hacking/IT incident.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20millions.png
    Slideshow Title: 
    Bronx-Lebanon Hospital Center
    Slideshow Description: 

    Tens of thousands, and possibly up to millions, of patient records at Bronx-Lebanon Hospital Center in New York City were exposed in a recent data breach, according to the Kromtech Security Research Center, which uncovered the records on May 3. The records were part of a backup managed by iHealth Innovations, the research center said.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20180k.png
    Slideshow Title: 
    Aesthetic Dentistry and OC Gastrocare
    Slideshow Description: 

    Dark Web hacker TheDarkOverlord has released 180,000 patient records from three hacks, DataBreaches.net revealed May 4. More than 3,400 patient records were released from New York City-based Aesthetic Dentistry, 34,100 from California’s OC Gastocare and 142,000 Tampa Bay Surgery Center. TDO used a Twitter account to post a link to a site that allows any user to download the patient databases from these organizations.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20500k.png
    Slideshow Title: 
    Children health records
    Slideshow Description: 

    The patient records of about 500,000 children are up for grabs on the dark web, a hacker named Skyscraper told DataBreaches.net on April 26. These records contain both child and parent names, Social Security numbers, phone numbers and addresses. DataBreaches didn’t name the breached organizations but also said that another 200,000 records were stolen from elementary schools. The amount of breached records for pediatricians reported to the Department of Health and Human Services’ Office of Civil Rights is not equal to that number, meaning many of these providers are likely unaware their data has been exposed.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2020k.png
    Slideshow Title: 
    Lifespan
    Slideshow Description: 

    Providence-based Lifespan, Rhode Island's largest health network, has notified about 20,000 of its patients that a laptop theft may have exposed their sensitive information. The health organization said an employee's MacBook was taken after a car break-in on Feb. 25. The employee immediately contacted both law enforcement and Lifespan officials, who were able to change the employee’s credentials used to access Lifespan system resources.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20918k.png
    Slideshow Title: 
    HealthNow Networks
    Slideshow Description: 

    The personal health data of 918,000 seniors was posted online for months, after a software developer working for HealthNow Networks uploaded a backup database to the internet, an investigation by ZDNet and DataBreaches.net found. Boca Raton, Florida-based HealthNow Networks is a telemarketing company that used to provide medical supplies to mostly seniors who rely on diabetic equipment. However, it’s no longer a registered business as of 2015, when it failed to file an annual report with Florida authorities. The software developer was contracted to build a customer database for HealthNow Networks, but the developer told researchers it was "too much work."

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2055k.png
    Slideshow Title: 
    ABCD Children's Pediatrics
    Slideshow Description: 

    A ransomware attack at San Antonio-based ABCD Children’s Pediatrics may have breached the data of 55,447 patients. Affected files may have included patient names, Social Security numbers, insurance billing information, dates of birth, medical records, laboratory results, procedure technology codes, demographic data, address and telephone numbers. Investigators determined it was the Dharma virus, a variant of the Crisis ransomware family. While this virus doesn’t typically exfiltrate data, the provider was unable to rule it out, officials said.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2080k.png
    Slideshow Title: 
    Washington University School of Medicine
    Slideshow Description: 

    A Washington University School of Medicine employee fell victim to a phishing attack that may have compromised 80,270 patient records. The medical school learned of the incident on Jan. 24 -- seven weeks after the phishing attack occurred on Dec. 2, officials said in a statement. The employee responded to a phishing email designed to look like a legitimate request. As a result, an unauthorized party may have gained access to employee email accounts that contained patient data.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2017k.png
    Slideshow Title: 
    Metropolitan Urology Group
    Slideshow Description: 

    This Milwaukee-based provider began notifying patients that a November ransomware attack may have exposed their personal data. There were 17,634 patients affected, according to the U.S. Department of Health and Human Services' Office for Civil Rights. Two of Metropolitan Urology’s servers were infected by the virus, which may have exposed data of patients between 2003 and 2010. Officials said the data contained names, patient account numbers, provider identification, medical procedure codes and data of the provided services. About 5 percent of these patients had their Social Security numbers exposed.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20years%20vuln.png
    Slideshow Title: 
    Denton Heart Group
    Slideshow Description: 

    An unencrypted hard drive that contained seven years of backup electronic health record data was stolen from the Denton Health Group, a member of the HealthTexas Provider Network. The backup files contained a hoard of patient data from 2009 until 2016: Names, Social Security numbers, dates of birth, addresses, phone numbers, driver's license numbers, medical record numbers, insurance provider and policy details, physician names, clinic account numbers, medical history, medications, lab results and other clinical data.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014k.png
    Slideshow Title: 
    Brand New Day
    Slideshow Description: 

    In March, the Medicare-approved health plan notified 14,005 patients of a potential breach of electronic protected health information after an unauthorized access through a third-party vendor system. On Dec. 28, Brand New Day discovered that an unauthorized user had accessed the ePHI provided to one of its HIPAA business associates on Dec. 22. The access occurred through a vendor system used by a contracted provider, officials said.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2022k.png
    Slideshow Title: 
    Singh and Arora Oncology Hematology
    Slideshow Description: 

    In February, the Flint, Michigan, cancer center notified 22,000 patients of a breach discovered in August 2016. Hackers had access to the practice's server between February and July of 2016, local affiliate ABC12 reported. The files contained names, Social Security numbers, addresses, phone numbers, dates of birth, CPT codes and insurance information.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2010k.png
    Slideshow Title: 
    Verity Medical Foundation-San Jose Medical Group
    Slideshow Description: 

    Verity Medical Foundation-San Jose Medical Group website, part of the Verity Health System in Redwood City, California, was hacked, exposing the data of 10,164 patients. Verity includes six California hospitals, the Verity Medical Foundation and Verity Physician Network. An unauthorized user hacked into the website from October 2015 until it was discovered by Verity Health on January 6. The website was no longer in use.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20220k.png
    Slideshow Title: 
    CoPilot Provider Support Services
    Slideshow Description: 

    More than a year after discovering a potential breach to its websites, healthcare administrative services and IT provider, CoPilot Provider Support Services notified 220,000 patients and doctors who used its service. An unauthorized user breached one of CoPilot's databases, used by both healthcare providers and patients, in October 2015, according to officials. The hacker downloaded files that contained names, dates of birth, addresses, phone numbers, health insurers and some Social Security numbers of some users. No financial, medical treatment or other information was accessed.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2043-ransom.png
    Slideshow Title: 
    Indiana-based Cancer Services
    Slideshow Description: 

    The server and back-up drive of Muncie, Indiana-based Cancer Services of East Central Indiana-Little Red Door were hacked and the data stripped, encrypted and taken for ransom by the cybercriminal organization, TheDarkOverlord, or TDO, the agency revealed Jan. 18. The hack took place on Jan. 11. TDO asked for 50 bitcoin, or about $43,000, in ransom, first in a text message to the personal cellphones of the company’s executive director, president and vice president. Officials said, TDO followed up in a form letter and several emails that contained extortion threats and promises to contact family members of the cancer patients, donors and community partners.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20Slide.png
    Slideshow Title: 
    Emory Healthcare
    Slideshow Description: 

    Atlanta-based Emory Healthcare was hacked by the Harak1r1 the 0.2 Bitcoin Ransomware, MacKeeper security researcher Chris Vickery discovered on Jan. 3. On Dec. 30, MacKeeper Security Research Center discovered a misconfigured MongoDB database that contained data from over 200,000 patients and other sensitive information. On Jan. 3, the firm confirmed this data was linked to Emory Brain Health Center. It appeared Harak1r1 wiped a database of the Brain Health Center and blocked access to these records, Vickery said.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2011GB.png
    Slideshow Title: 
    Potomac Healthcare
    Slideshow Description: 

    Subcontractor Potomac Healthcare exposed more than 11 gigabytes of sensitive data for health workers employed by the U.S. military's Special Operations Command, or SOCOM, according to security researcher Chris Vickery. Potomac Healthcare is a Department of Defense subcontractor, which provides health workers to the government through management consulting firm Booz Allen Hamilton. Vickery, a white hat hacker with MacKeeper, discovered the flaw in an unprotected remote synchronization service and brought the information to the attention of Potomac Health via both phone and email, he said, but after an hour the data remained online.

    Read the full article.

    Teaser: 

    Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit. This gallery highlights some of the biggest breaches in healthcare -- and points to mistakes to avoid in the future.

    Thumbnail: 
    biggest healthcare breaches 2017
    Custom OAS pagetag: 
    Primary topic: 
    Additional Topics: 
    Disable Auto Tagging: 

    0 0

    Troubled EHR vendor eClinicalWorks announced this week that its customer Eagle Physicians & Associates exchanged health data with hospitals running rival Epic’s electronic health record system through the Carequality Interoperability Framework.  

    The news comes after eClinicalWorks said in early June that federally qualified health center Ezras Choilim signed on for its EHR and population health cloud services.

    Both announcements follow the $155 million settlement in which the U.S. Department of Justice charged eClinicalWorks with fraudulently obtaining certification under the meaningful use EHR program that enables customers to attest to certain criteria and, in turn, collect reimbursement incentives from the federal government. The DOJ settlement also mandates that eClinicalWorks either upgrade existing customers for free or transfer their data to rival EHRs.

    [Also: DOJ will probe more EHR vendors for false claims, sources say]

    Eagle Physicians, for its part, needed a way to connect with Cone Health to share patient records at the point of care, according to Robert Fried, MD, CMIO at Eagle Physicians.

    Fried said that eClinicalWorks put “significant resources into interoperability and providing it to users at no additional cost.”

    [Also: eClinicalWorks scores federally qualified health center contract despite EHR fraud case]

    And because they used the Carequailty Interoperability Framework, Eagle and Cone can also exchange health data with larger systems that participate in Carequality, notably UNC-Chapel Hill Medical Center, Wake Forest Baptist Medical Center and Novant Health, even though those hospitals use Epic’s EHR.

    In the wake of the eClinicalWorks settlement, legal and health IT experts said they anticipate that the DOJ will widen the scope of its false claims investigations to look at other EHR vendors as well.
     

    Twitter: SullyHIT
    Email the writer: tom.sullivan@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    The Centers for Medicare and Medicaid Services on Tuesday delivered a 2018 MACRA proposed rule that would add more flexibility to the health IT mandates associated with the law.

    The proposal pushes back the requirement that clinicians use 2015-certified electronic health records for another year. Instead, doctors can continue to use legacy systems if they choose and those that opt to use 2015 editions would get a 10 percent payment bonus from CMS.

    “The proposal to reward those clinicians who demonstrate a more advanced use of health IT to support patient care through 2015 Edition CEHRT will improve interoperability and provide patients with better access to their data,” said American Medical Informatics Association CEO Doug Fridsma, MD.

    The new rule aims to move the country’s healthcare system from a fee-for-service approach to one centered on value-based care and aimed at improving patient health. CMS also intends to boost care access for Medicare and CHIP beneficiaries through MACRA. 

    Clinicians who need more time to upgrade or adopt 2015 Edition CEHRT, meanwhile will benefit from another 90-day reporting period.

    Fridsma also gave CMS kudos for expanding the list of “improvement activities” that can count as bonus payments for the MIPS System’s Advancing Care Information performance category.

    “This helps credit clinicians for using health IT within a care improvement context, and we see this as a more outcomes-focused approach to measuring health IT use,” Fridsma said. 

    One of CMS’ stated goals is to simplify the Quality Payment Program, especially for small, independent and rural practices, an issue that has the attention of healthcare leaders.

    “We’ve heard the concerns that too many quality programs, technology requirements, and measures get between the doctor and the patient,” CMS Administrator Seema Verma said in a statement. “That’s why we’re taking a hard look at reducing burdens. By proposing this rule, we aim to improve Medicare by helping doctors and clinicians concentrate on caring for their patients rather than filling out paperwork.”

    Both the American Medical Association and the American Hospital Association publicly showed support for the proposed rule. 

    “Many doctors see MACRA's requirements as daunting, but Tuesday's proposed rule helps settle those fears,” AMA President David Barbe said. "This flexible approach will give physicians more options to participate in MACRA and takes into consideration the diversity of medical practices throughout the country."

    AHA Executive Vice President Tom Nickels added that the rule brings its members "much-needed relief from unrealistic, unfunded mandates for EHR capabilities" by extending modified Stage 2 requirements through next year. "We encourage CMS to provide the same relief to hospitals.” 

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    The hacker known as TheDarkOverlord released another data dump last night, which contained patient data from California-based Dougherty Laser Vision.

    TDO made the announcement on his Twitter account late Tuesday night. Unlike previous leaks, there’s no mention of attempted extortion on the healthcare provider.

    The leaked data includes names, dates of birth and addresses of nine celebrities who endorsed the provider. For some, Social Security numbers were listed.

    [Also: TheDarkOverlord honors threat, exposes 180,000 patient records]

    At time of publication, there was no mention of the breach on Dougherty’s website. And calls for an official statement were not immediately returned.

    The hacker, per the norm, did not specify how he or she was able to obtain these records, but it’s clear TDO has no intention of stopping.

    [Also: The biggest healthcare breaches of 2017 (so far)]

    So far data has been dumped from two healthcare providers in a game the hacker is calling: “A Business a Day.” The hacker leaked 6,000 patient records on June 8 from Feinstein & Roe MDs in Los Angeles and 6,300 patient records from La Quinta Center for Cosmetic Dentistry on June 9.

    The hacker began threatening Coliseum Pediatric Dentistry of Hampton, Virginia with a data leak on June 9.

    This is not the first leak from TDO. The hacker was responsible for stealing over 10 million records in 2016 from organizations connected to the HL7 network by exploiting vulnerabilities in email software that supports the technology.

    TDO is also responsible for hacks on the Indiana Cancer Agency, Aesthetic Dentistry, OC GastroCare, Tampa Bay Surgery Center and a long list of others.

    Twitter: @JessieFDavis
    Email the writer: jessica.davis@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Health IT giant Cerner will roll out its HealtheIntent population health management platform across Carolinas HealthCare System.

    The technology will coordinate and manage care for the health system’s more than 12 million patient interactions each year across its clinically integrated network and all its facilities.

    CHS will continue to use the Cerner Millennium EHR, and will also extend its remote hosting relationship with Cerner.

    [Also: Carolinas chases dream of becoming healthcare's 'Amazon Prime']

    HealtheIntent is designed to aggregate data in near real-time from multiple sources to create a single, comprehensive view of a patient’s experiences.

    The suite includes: HealtheEDW, Cerner’s enterprise data warehouse; HealtheRegistries,, designed to identify gaps in care and recommend interventions; and HealtheCare, Cerner’s community care management solution that identifies, stratifies and prioritizes individuals for care management services.

    CHS’ goal is to provide care teams with a holistic and timely picture of each patient’s experience with the health system – and also to give system-wide insights to improve quality of care and reduce costs, Ruth Krystopolski, senior vice president, population health at CHS, said in a statement.

    “As the healthcare industry transitions into value-based care, the ability to access all data becomes invaluable, added Craig Richardville, chief information and analytics officer at CHS. “This allows us to create a 360-degree view of each patient. That view, he added, provides insights for caregivers regarding treatment, prevention and cost.

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Secretary of Veterans Affairs David Shulkin, MD, told a Senate subcommittee on Wednesday he does not yet know the cost for the new Cerner electronic health record that the VA plans to purchase.

    While Sen. Brian Schatz, D-Hawaii, said he supports the decision to replace the VA’s existing Vista EHR, he worried the cost was not part of the 2018 budget. “I understand you don’t want to just pick a number,” Schatz told Shulkin. “But it’s not zero. And we’re about to mark this bill up and it’s difficult to do a markup when, lacking information, we’re expected to sort of book it at zero.” 

    [Also: House committee earmarks $65 million for VA's Cerner EHR transition, but there's a catch]

    Shulkin agreed: “It’s not zero. We don’t know the cost yet.” 

    “It makes me extremely nervous that you say you can absorb these costs,” Schatz said. “The EMR thing is a brand new hard cost. You’re going to have to cannibalize your budget to some extent … are you not?” 

    Schatz was not the only lawmaker worried about whether it would be enough to handle unanticipated expenses.

    [Also: Poll: Choosing Cerner for VA wasn't a surprise, but not necessarily the best call]

    Sen. Jon Tester, D-Montana, said the EHR system could run as much as $16 billion and advised against “throwing budgets up that don’t fully address the problems of our veterans in this country.”

    Sen. Jerry Moran, R-Kansas, told Shulkin, “I want to hear from you today, Mr. Secretary, how we can help avoid situations where you don’t have the funds needed to provide the care that veterans expect.”

    [Also: Will Cerner rollout at VA advance interoperability? Maybe]

    Shulkin said the 2018 VA budget is $186.5 billion – an increase of $6.4 billion or 3.6 percent over 2017 – and that the VA budgeted $200 million for 2018 to start the process of change management, which will consume the majority of EHR costs for the first two years. The 2018 budget also provides for VA’s replacement of specific systems. 

    The budget request also includes $358.5 million to replace the financial management system. VA will establish an Integrated Project Team to develop the requirements and acquisition strategy for a new enterprise health information platform. It will also invest $340 million for information security to protect Veterans’ information and improve VA’s information networks’ resilience, Shulkin said. 

    Shulkin added that VA intends to include the cost of the EHR in its 2019 budget.

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Medication errors have dropped and the number of nurses using bar code medication administration systems and physicians using computerized order entry systems has soared at Kaiser Permanente, which implemented a barcode system for medication management and an electronic health record system with built-in CPOE to accomplish these goals. 

    Achieving these goals also helped the health system meet medication error reduction standards promulgated by The Leapfrog Group.

    Kaiser’s assistant medical director of quality and clinical analysis Benjamin Broder, MD, explained that minimizing medical errors and improving the safety of ordering and administering medications takes people-centered techniques and cultural adjustments on top of requisite technologies. 

    “The order entry was part of our deployment of the EHR,” Broder said. “The BCMA was planned and implemented as part of our strategy for medication safety.”

    In the summer of 2008 when the bar code management system was launched, the compliance rate for caregivers scanning the medication and the patient wristband was at 80 percent. Today, that rate is at 98.5 percent, Kaiser Permanente Southern California said. To put the numbers in context, in April 2017, there were 1,695,172 drug administrations.

    [Also: Medication errors: Hospitals slow to meet barcode standard, big on CPOE]

    Broder added that Kaiser’s IT and operational teams understood well the importance and elements of a good medication safety system, and that the organization believed if it did the right things it certainly would meet the standards set forth by various organizations, including The Leapfrog Group.

    “Medication errors have dropped after our implementation of the EHR and the BCMA,” he said. “Both of those technologies provide multiple opportunities for guardrails to encourage correct and safe behaviors and discourage unsafe behaviors. That includes things like alerting physicians to medication allergies or that an ordered dose seems suspiciously high or low. And at the point of medication administration, alerts to potential wrong patients or wrong doses.”

    [Also: See the 832 hospitals that earned an 'A' in patient safety]

    On achieving more than 95 percent in the scanning of both patient and medication barcodes, Broder said there are three components to Kaiser’s success.

    “One is the personnel have to believe it’s important,” he explained. “We educate our nurses, and it was not difficult to show this was a technology that would improve patient safety. Two is making the technology easy to use, like having a bar code scanner on every mobile cart with a computer that is in or right outside the room for each patient. And three is transparency of data. We provided reporting down to the unit level of how components with the BCMA are doing. In Southern California, less than 2 percent of medication administration does not use BCMA, for example.”

    Data transparency allows operational leaders to focus on areas and processes where medication administration via bar code can be more difficult, such as mental health, he added, an area of focus where Kaiser has been able to improve over time.

    “There is a people process of educating doctors about the change, and making it clear in the hospital that if there is any resistance by physicians to entering their own orders then the nurses are expected to put the patient first and if needed escalate things to physician leadership,” Broder explained. “That process ended up not being required as it was a pretty painless process to get physicians to enter their orders. Computerized order entry is a fairly seamless process.”

    Computers are ubiquitous in the hospital setting, of course, so there’s rarely an instance where a physician does not have a computer to use, he added.

    “And again, data transparency – we publish in an open manner across the system how physicians are doing on these metrics,” Broder said. “And we far exceeded the metrics. We’re on the order of 95 percent physician order entry today.”

    Twitter: @SiwickiHealthIT
    Email the writer: bill.siwicki@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Health IT vendor TeleTracking offers this year’s top solution when it comes to managing patient flow, according to a new report by technology ratings company KLAS.

    EHR giant Epic came in a close second, according to the outcomes data analyzed by KLAS.

    Managing patient flow in hospitals is one of the more complicated challenges confronting providers today, KLAS said, but there are some organizations that balance the discipline, intuition and the right technology needed to excel.

    “Epic’s functionality has improved in recent years, and customers are excited about perceived cost savings and future improvements,” KLAS said.

    Epic customers are particularly happy with the EHR maker’s highly specialized analytics departments that are proficient in leveraging Epic's data warehouse tools. On the downside, they cite inconsistently implemented dashboards and varying accuracy.

    McKesson users say its dashboards are easy to navigate.

    Cerner’s most recent update has addressed some of the challenges with its discharge-planning tool, but there is still plenty of room for improvement, KLAS states.

    “KLAS found that high customer satisfaction among Epic customers comes from highly specialized analytics departments proficient in leveraging Epic's Data Warehouse tools.

    When it comes to integration, KLAS ranks Epic and Teletracking “neck-and-neck.”

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    EHR maker Epic Systems and blood bank software company Mediware have partnered to provide integrated laboratory and blood bank software.

    Mediware, which provides blood management and cellular therapy software, is collaborating with Epic to offer licensing of Mediware’s Hemocare Lifeline Transfusion blood bank management system in combination with Epic’s Beaker laboratory technology.

    [Also: KLAS picks Epic, TeleTracking as top platforms for managing patient flow]

    The partnership is expected to significantly streamline the procurement process and make it possible for clients to complete the entire laboratory and blood bank systems purchase more quickly and efficiently, and at a lower cost than purchasing the modules separately, according to Mediware executives.

    Mediware is already integrated with Epic at several facilities, including UW Health in Madison, Wisconsin, and UF Health Shands Hospital in Gainesville, Florida.

    “Customers often purchase laboratory and blood bank solutions together, and this agreement provides them that option when purchasing Epic’s Beaker,” Mediware President and CEO Thomas Mann said in a statement.

    As Mann sees it, Mediware’s HCLL Transfusion system benefits from Epic’s technology and open integration capabilities to provide integration for the blood bank, physicians, and bedside caregivers.

    Mediware, which has been in business for more than 30 years, has its software in use by more than 1,500 blood banks and blood centers.

    Twitter: @Bernie_HITN
    Email the writer: bernie.monegain@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    The University of Pennsylvania Health System is rolling out a natural language processing platform from Linguamatics Health to build queries and mine insights from its patient encounter records, specialist reports and unstructured electronic health record data.

    The technology will also help with the identification for specific patient cohorts and locating clinical notes from its translational research data warehouse, PennOmics.

    [Also: EHR natural language processing isn't perfect, but it's really useful]

    "Our organization needed an NLP tool to make unstructured clinical data more accessible for our research and clinical efforts," said Jason Moore, director of the Penn Institute for Biomedical Informatics, in a statement. "We look forward to exploring different opportunities to use Linguamatics I2E's NLP capabilities to gain additional insights from our unstructured patient data."

    [Also: How Penn Medicine primed its IT infrastructure for precision medicine]

    Simon Beaulah, senior director of healthcare at Cambridge, UK-based Linguamatics, noted that more and more academic medical centers in the U.S. are deploying the platform, integrating it with their enterprise systems and putting its NLP capabilities to work for rapid query development.

    "We look forward to working with Penn Medicine to help them unlock valuable insights from clinical notes in order to advance research initiatives and enhance the delivery of care," he said.

    Twitter: @MikeMiliardHITN
    Email the writer: mike.miliard@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Memorial Healthcare and Orange Care Group revealed a new technology partnership Friday to connect the hospital system with Orange’s accountable care organization and independent physician association via Epic’s Connect program.

    The tech partnership arose from ongoing conversations about data sharing and how to make it easier for Orange to navigate its patients through Memorial’s system and close gaps in care, according to Orange EVP and COO Frank Exposito.

    “These discussions evolved into the opportunity to share their Epic platform,” Exposito said. “It became increasingly clear that the best way to seamlessly care for our shared population would be a single platform.”

    That decision resulted in what Orange and Memorial consider to be a first-of-its -kind arrangement because it enables clinicians to manage shared patients collectively and all access the same information — rather than exchanging data between various electronic health records systems.

    Orange Care Group, in turn, can make the Epic EHR and population health management platform available to its providers to give independent ambulatory practices tools to coordinate and manage patient care.

    What’s more, Orange's 700 providers will have an entry into Epic’s Connect.

    “Our providers will now be able to access and share this clinical information through the Epic platform, which includes close to 60 percent of all U.S. patient charts,” Exposito said.

    Twitter: SullyHIT
    Email the writer: tom.sullivan@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    Author: 
    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20slideshow.png
    Slideshow Description: 

    Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is, unfortunately, following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations appear to still have much to learn about security.

    This gallery highlights some of the biggest breaches across the industry – and points to some mistakes to avoid in the future.

    Updated June 26, 2017

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach500k.png
    Slideshow Title: 
    Airway Oxygen
    Slideshow Description: 

    Michigan-based Airway Oxygen was hit by a ransomware attack in April that may have compromised the data of 500,000 clients, the home medical equipment supplier reported to the U.S. Department of Health and Human Services on June 23. The hacker gained access to the network and installed ransomware, which shut employees out of the system where personal health information was stored.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-6K.png
    Slideshow Description: 

    Data has been dumped from two healthcare providers in a game the hacker, TheDarkOverlord, is calling: “A Business a Day.” The hacker leaked 6,000 patient records on June 8 from Feinstein & Roe MDs in Los Angeles and 6,300 patient records from La Quinta Center for Cosmetic Dentistry on June 9.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-1M.png
    Slideshow Description: 

    A hard drive containing the personal data of about 1 million people was stolen from Washington State University in April. The University discovered a locked safe that contained the hard drive was stolen from a WSU storage unit in Olympia. The stolen data is from survey participants and contained names, Social Security numbers and, for some, personal health data.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-undisclosed.png
    Slideshow Description: 

    California-based Torrance Memorial Medical Center notified patients that two email accounts containing work-related reports were hit by a phishing attack in April. Officials didn’t reveal how many patients were affected, and the incident is not on the Office of Civil Rights’ breach reporting site.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%204-8million.png
    Slideshow Title: 
    Molina Healthcare
    Slideshow Description: 

    Molina Healthcare, a major Medicaid and Affordable Care Act insurer, shut down its patient portal on May 26 in response to a security flaw that exposed patient medical claims data without requiring authentication, according to security researche Ben Krebs. At the time, it’s unclear how long the vulnerability was in place. Ben Krebs was first made aware of the security flaw in April through an anonymous tip, which could allow any Molina patient to access other patients’ medical claims by simply changing a single number in the URL.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/breaches-150-countries.png
    Slideshow Title: 
    National Health Service in England and Scotland
    Slideshow Description: 

    The National Health Service in England and Scotland was hit by a large ransomware attack that has affected at least 16 of its organizations on May 12. The organization launched an investigation and determined the ransomware is likely the Wanna Decrytor. It’s one of the most effective ransomware variants on the dark web, and at the moment, there is no decryptor available. Within two days, 150 countries were affected by the #wannacry ransomware.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014633k.png
    Slideshow Title: 
    New Jersey Diamond Institute
    Slideshow Description: 

    The third-party server that hosts the electronic health records of New Jersey Diamond Institute for Fertility and Menopause was hacked by an unauthorized individual, exposing protected health information of 14,633 patients.

    The database and EHR system was encrypted, which prevented the hackers from gaining access, officials said. However, many supporting documents stored on the hacked server were left unencrypted and could have been accessed.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2093k.png
    Slideshow Title: 
    Harrisburg Gastroenterology
    Slideshow Description: 

    Pennsylvania-based Harrisburg Gastroenterology is notifying patients that their records might have been breached. The Health and Human Services Department’s Office for Civil Rights’ Wall of Shame lists the breach at 93,323 records on a network server exposed because of a hacking/IT incident.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20millions.png
    Slideshow Title: 
    Bronx-Lebanon Hospital Center
    Slideshow Description: 

    Tens of thousands, and possibly up to millions, of patient records at Bronx-Lebanon Hospital Center in New York City were exposed in a recent data breach, according to the Kromtech Security Research Center, which uncovered the records on May 3. The records were part of a backup managed by iHealth Innovations, the research center said.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20180k.png
    Slideshow Title: 
    Aesthetic Dentistry and OC Gastrocare
    Slideshow Description: 

    Dark Web hacker TheDarkOverlord has released 180,000 patient records from three hacks, DataBreaches.net revealed May 4. More than 3,400 patient records were released from New York City-based Aesthetic Dentistry, 34,100 from California’s OC Gastocare and 142,000 Tampa Bay Surgery Center. TDO used a Twitter account to post a link to a site that allows any user to download the patient databases from these organizations.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20500k.png
    Slideshow Title: 
    Children health records
    Slideshow Description: 

    The patient records of about 500,000 children are up for grabs on the dark web, a hacker named Skyscraper told DataBreaches.net on April 26. These records contain both child and parent names, Social Security numbers, phone numbers and addresses. DataBreaches didn’t name the breached organizations but also said that another 200,000 records were stolen from elementary schools. The amount of breached records for pediatricians reported to the Department of Health and Human Services’ Office of Civil Rights is not equal to that number, meaning many of these providers are likely unaware their data has been exposed.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2020k.png
    Slideshow Title: 
    Lifespan
    Slideshow Description: 

    Providence-based Lifespan, Rhode Island's largest health network, has notified about 20,000 of its patients that a laptop theft may have exposed their sensitive information. The health organization said an employee's MacBook was taken after a car break-in on Feb. 25. The employee immediately contacted both law enforcement and Lifespan officials, who were able to change the employee’s credentials used to access Lifespan system resources.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20918k.png
    Slideshow Title: 
    HealthNow Networks
    Slideshow Description: 

    The personal health data of 918,000 seniors was posted online for months, after a software developer working for HealthNow Networks uploaded a backup database to the internet, an investigation by ZDNet and DataBreaches.net found. Boca Raton, Florida-based HealthNow Networks is a telemarketing company that used to provide medical supplies to mostly seniors who rely on diabetic equipment. However, it’s no longer a registered business as of 2015, when it failed to file an annual report with Florida authorities. The software developer was contracted to build a customer database for HealthNow Networks, but the developer told researchers it was "too much work."

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2055k.png
    Slideshow Title: 
    ABCD Children's Pediatrics
    Slideshow Description: 

    A ransomware attack at San Antonio-based ABCD Children’s Pediatrics may have breached the data of 55,447 patients. Affected files may have included patient names, Social Security numbers, insurance billing information, dates of birth, medical records, laboratory results, procedure technology codes, demographic data, address and telephone numbers. Investigators determined it was the Dharma virus, a variant of the Crisis ransomware family. While this virus doesn’t typically exfiltrate data, the provider was unable to rule it out, officials said.

    Read the full article

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2080k.png
    Slideshow Title: 
    Washington University School of Medicine
    Slideshow Description: 

    A Washington University School of Medicine employee fell victim to a phishing attack that may have compromised 80,270 patient records. The medical school learned of the incident on Jan. 24 -- seven weeks after the phishing attack occurred on Dec. 2, officials said in a statement. The employee responded to a phishing email designed to look like a legitimate request. As a result, an unauthorized party may have gained access to employee email accounts that contained patient data.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2017k.png
    Slideshow Title: 
    Metropolitan Urology Group
    Slideshow Description: 

    This Milwaukee-based provider began notifying patients that a November ransomware attack may have exposed their personal data. There were 17,634 patients affected, according to the U.S. Department of Health and Human Services' Office for Civil Rights. Two of Metropolitan Urology’s servers were infected by the virus, which may have exposed data of patients between 2003 and 2010. Officials said the data contained names, patient account numbers, provider identification, medical procedure codes and data of the provided services. About 5 percent of these patients had their Social Security numbers exposed.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20years%20vuln.png
    Slideshow Title: 
    Denton Heart Group
    Slideshow Description: 

    An unencrypted hard drive that contained seven years of backup electronic health record data was stolen from the Denton Health Group, a member of the HealthTexas Provider Network. The backup files contained a hoard of patient data from 2009 until 2016: Names, Social Security numbers, dates of birth, addresses, phone numbers, driver's license numbers, medical record numbers, insurance provider and policy details, physician names, clinic account numbers, medical history, medications, lab results and other clinical data.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014k.png
    Slideshow Title: 
    Brand New Day
    Slideshow Description: 

    In March, the Medicare-approved health plan notified 14,005 patients of a potential breach of electronic protected health information after an unauthorized access through a third-party vendor system. On Dec. 28, Brand New Day discovered that an unauthorized user had accessed the ePHI provided to one of its HIPAA business associates on Dec. 22. The access occurred through a vendor system used by a contracted provider, officials said.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2022k.png
    Slideshow Title: 
    Singh and Arora Oncology Hematology
    Slideshow Description: 

    In February, the Flint, Michigan, cancer center notified 22,000 patients of a breach discovered in August 2016. Hackers had access to the practice's server between February and July of 2016, local affiliate ABC12 reported. The files contained names, Social Security numbers, addresses, phone numbers, dates of birth, CPT codes and insurance information.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2010k.png
    Slideshow Title: 
    Verity Medical Foundation-San Jose Medical Group
    Slideshow Description: 

    Verity Medical Foundation-San Jose Medical Group website, part of the Verity Health System in Redwood City, California, was hacked, exposing the data of 10,164 patients. Verity includes six California hospitals, the Verity Medical Foundation and Verity Physician Network. An unauthorized user hacked into the website from October 2015 until it was discovered by Verity Health on January 6. The website was no longer in use.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20220k.png
    Slideshow Title: 
    CoPilot Provider Support Services
    Slideshow Description: 

    More than a year after discovering a potential breach to its websites, healthcare administrative services and IT provider, CoPilot Provider Support Services notified 220,000 patients and doctors who used its service. An unauthorized user breached one of CoPilot's databases, used by both healthcare providers and patients, in October 2015, according to officials. The hacker downloaded files that contained names, dates of birth, addresses, phone numbers, health insurers and some Social Security numbers of some users. No financial, medical treatment or other information was accessed.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2043-ransom.png
    Slideshow Title: 
    Indiana-based Cancer Services
    Slideshow Description: 

    The server and back-up drive of Muncie, Indiana-based Cancer Services of East Central Indiana-Little Red Door were hacked and the data stripped, encrypted and taken for ransom by the cybercriminal organization, TheDarkOverlord, or TDO, the agency revealed Jan. 18. The hack took place on Jan. 11. TDO asked for 50 bitcoin, or about $43,000, in ransom, first in a text message to the personal cellphones of the company’s executive director, president and vice president. Officials said, TDO followed up in a form letter and several emails that contained extortion threats and promises to contact family members of the cancer patients, donors and community partners.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20Slide.png
    Slideshow Title: 
    Emory Healthcare
    Slideshow Description: 

    Atlanta-based Emory Healthcare was hacked by the Harak1r1 the 0.2 Bitcoin Ransomware, MacKeeper security researcher Chris Vickery discovered on Jan. 3. On Dec. 30, MacKeeper Security Research Center discovered a misconfigured MongoDB database that contained data from over 200,000 patients and other sensitive information. On Jan. 3, the firm confirmed this data was linked to Emory Brain Health Center. It appeared Harak1r1 wiped a database of the Brain Health Center and blocked access to these records, Vickery said.

    Read the full article.

    Slideshow Image: 
    http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2011GB.png
    Slideshow Title: 
    Potomac Healthcare
    Slideshow Description: 

    Subcontractor Potomac Healthcare exposed more than 11 gigabytes of sensitive data for health workers employed by the U.S. military's Special Operations Command, or SOCOM, according to security researcher Chris Vickery. Potomac Healthcare is a Department of Defense subcontractor, which provides health workers to the government through management consulting firm Booz Allen Hamilton. Vickery, a white hat hacker with MacKeeper, discovered the flaw in an unprotected remote synchronization service and brought the information to the attention of Potomac Health via both phone and email, he said, but after an hour the data remained online.

    Read the full article.

    Teaser: 

    Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit. This gallery highlights some of the biggest breaches in healthcare -- and points to mistakes to avoid in the future.

    Thumbnail: 
    biggest healthcare breaches 2017
    Custom OAS pagetag: 
    Primary topic: 
    Additional Topics: 
    Disable Auto Tagging: 

    0 0

    A want ad recently appeared on the website of Verona, Wisconsin-based electronic health record colossus Epic Systems Corp. for "bright, motivated individuals to join our new billing services team as we enter the world of medical billing."

    The ad notes that Epic is seeking billers who have good communication and customer service skills; are familiar with medical terminology and remittance/denial codes; are knowledgeable about Medicaid, Medicare, and other insurance guidelines, and have a coding certification or background. Applicants should also live within 45 minutes of the Verona campus.

    [Also: Epic partners with M*Modal on AI to improve EHR workflow]

    "Our goal is to simplify the payment process by helping Epic organizations with the complexities of submitting claims and posting payments," according to the ad. "Attention to detail is vital as you'll be posting payments and denials; reconciling payment files, claims, and statements; resolving posting errors; and calling payers to follow up on outstanding or unpaid claims."

    The ability to offer billing could be a boon for Epic's efforts to grow its business with resource-strapped small hospitals and physician practices.

    [Also: Epic partners with Mediware for blood bank tech]

    The company is targeting organizations such as those as it rolls out the new streamlined EHR versions it announced earlier this year: a mid-range "utility" version, and a system called Sonnet whose scaled-back features and lower price point could make it appealing to smaller providers.

    "We’re finding that people need different things," Epic CEO Judy Faulkner told Healthcare IT News at HIMSS17 in February. "If you are a critical access hospital, you don’t need the full Epic."

    The value-add of billing service could make the choice for a simpler EHR that much more appealing.

    "With a billing presence across all 50 states, Epic is well-positioned and excited to share our best practices and take on some of the billing work, and associated IT functions, for our Resolute Professional Billing customers," said Epic spokesperson Meghan Roh.

    "Launching later this year, this new offering will help those who are struggling to scale their billing services, looking to keep a light operational footprint, or those who are just simply hoping to step away from revenue cycle management," she said.

    Twitter: @MikeMiliardHITN
    Email the writer: mike.miliard@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

    0 0

    The U.S. Department of Veterans Affairs announcement in early June that the agency would move its outdated EHR system to Cerner has been received with mixed reviews.

    While some wonder if Cerner is the best choice, Congress and the President hailed the decision as the best route to data sharing between VA and DoD.

    However, HL7 Chief Technology Officer Wayne Kubick hopes the decision to move specifically to Cerner wasn’t based on interoperability alone. That’s because the VA should be able to capitalize on FHIR with whatever platform the agency chose, he said.

    The HL7 standard for electronically exchanging health data is web-based and makes it easy for providers to receive targeted requested data.

    “So doing it for the sake of interoperability doesn’t make sense,” Kubick said. “There are a lot of APIs that work for individual products.”

    A lot of organizations have both: their own product and a move to FHIR APIs. Kubick said that HL7 has been encouraging its customers to do that. If the common interoperability mechanism is being used, the VA could go with any commercial product.

    But the move will be good for interoperability, as both Cerner and Epic are some of the largest adopters of FHIR specifications. Both Cerner and Epic have attested to the intention to use FHIR-based APIs within the platforms to fuel interoperability.

    Further, the move to Cerner should shift the VA from being a single player that everyone needs to plug into to become interoperable, to a platform more similar to what everyone else in the industry is using, said Kubick. The agency will also gain a lot of data and functions.

    “Cerner is a good platform and its team is doing things in a similar environment [with the DoD],” said Kubick. “But to me, the important thing is moving from a very robust platform that needed support. With the technology getting older, it was a good idea to move away from it.”

    Further, since “Cerner has adopted FHIR intrinsically within the platform, the interoperability function should be there,” he said.

    Before the decision was made, industry experts pointed out that VistA could be fixed and that a commercial EHR wouldn’t be able to replace the broken system.

    While that may be the case, custom products add risk and added costs, said Kubick. 

    “The VA should leverage what Cerner is offering and use what everyone else is using,” he said. “It brings more people into the same FHIR-based fold: people doing things the same way, using the same applications and the FHIR capabilities.”

    “It’s a good choice for Cerner and for the VA, but I don’t think it makes a big impact on interoperability,” he added. “I don’t think the VA picker Cerner for just interoperability… The fact is there’s a major healthcare system adopting a commercial system that supports interoperability, which is positive trend.”

    Twitter: @JessieFDavis
    Email the writer: jessica.davis@himssmedia.com


    Like Healthcare IT News on Facebook and LinkedIn

    Disable Auto Tagging: 

older | 1 | .... | 24 | 25 | (Page 26) | 27 | 28 | .... | 66 | newer