Quantcast
Channel: Healthcare IT News - Electronic Health Records (EHR, EMR)
Viewing all 1989 articles
Browse latest View live

Epic Systems CEO Judy Faulkner adds a billion to her fortune

0
0

Forbes is out with its annual list of richest people in tech, and it updates the estimated net worth of Epic Systems founder and CEO Judy Faulkner to $3.4 billion.

Forbes' previous estimate had been $2.4 billion.

Not bad for someone who started her EHR software company in a basement. That was in 1979. Today, Faulkner has sold electronic health record systems to some of the most prestigious healthcare systems in the country, and Epic reportedly has 53 percent of the market.

Epic is a privately held company and the software maker says she wouldn’t have it any other way.

At HIMSS17 last February, Faulkner announced she had two new EHR options in development.

Faulkner is giving away her billions. She signed the Giving Pledge in 2015, promising to donate 99 percent of her fortune to philanthropic causes within her lifetime. Faulkner is No 73 on the Richest in Tech List.

Other healthcare tech billionaires include Microsoft founder Bill Gates, who is maintaining his No.1 spot with $84.5 billion. He and his wife, Melinda Gates, have also signed the Giving Pledge to give away their fortune. Gates gave $4.6 billion to charity earlier this month. It was his biggest donation since 2000.

Dell Technologies CEO Michael Dell is No. 10 on the Forbes list with $22.6 billion. He started his business 33 years ago – in his dorm room.

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Additional Topics: 
Specific Terms: 
Disable Auto Tagging: 

Digital divide widening in hospital EHR deployments, report says

0
0

Meaningful use has done its job: More than 96 percent of U.S. hospitals are by now using certified electronic health records, according to the Office of the National Coordinator for Health IT. But are they all using them to their fullest potential?

A report published in this month's Journal of the American Medical Informatics Association suggests that some hospitals are making more advanced use of their EHRs than others.

[Also: Cerner picking up big business from small hospitals]

In the JAMIA study, researchers from University of Michigan, American Hospital Association and ONC sought to find out how the post-HITECH landscape has been evolving, and how inpatient EHRs were being put to work. Were small and rural hospitals able to keep pace with larger, more resource-rich organizations when it came to using IT to improve patient outcomes?

The researchers looked at AHA data from 2008–2015, distinguishing between basic and comprehensive EHR adoption. ("Basic" EHRs have a core set of functionalities, according to ONC, which has detailed definitions for how basic and comprehensive systems are deployed and used.)

They then applied a new set of questions meant to specifically assess the use of EHR data for both performance measurement and patient engagement. From there, they homed in on those characteristics most associated with high adoption in the advanced use domains, helping assess a the divide between advanced and more basic uses.

While 80.5 percent of hospitals have installed at least a basic EHR system – up 5.3 percent since 2014 – researchers said that just 37.5 percent of hospitals have adopted at least eight of 10 components measuring EHR use for performance measurement, while 41.7 percent of hospitals made use of at least eight of 10 patient engagement functions. Critical access hospitals were less likely to have adopted at least eight of the functions for each category.

While HITECH and meaningful use have led to near-ubiquitous EHR implementation, in other words, "use of advanced EHR functions lags and a digital divide appears to be emerging, with critical-access hospitals in particular lagging behind," according to the report. "This is concerning because EHR-enabled performance measurement and patient engagement are key contributors to improving hospital performance.

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Disable Auto Tagging: 

Pew to ONC chief Rucker: Patient matching and data standardization can fix interoperability

0
0

The Pew Charitable Trusts has called on the Office of the National Coordinator for Health Information Technology to advance interoperability by focusing on patient matching and standards for clinical data elements.

Citing provisions of the 21st Century Cures Act that mandate ONC establish a framework for exchanging data between health information networks, Ben Moscovitch,
 manager of health information technology at Pew, wrote in a letter to national coordinator Donald Rucker that “effective exchange of information across networks, as envisioned in Cures, could benefit from advances in both patient matching and data standards.”

Patient matching

Moscovitch pointed to ONC data demonstrating that today’s match rates are as low as 50 percent when clinicians are seeking patient data across healthcare facilities. That reality, of course, can inhibit doctors from accessing information that is critical to care decisions.

“Facilities treating the same patient may not all belong to the same data exchange network. When this occurs, facilities must be able to identify and locate their patients’ records even when those records are held by other organizations and in another network,” Moscovitch said. “Through improved matching across networks, healthcare facilities can obtain data on their patients to enable care coordination, integrate and reconcile data, and access relevant information to avoid duplication of tests and other services.” 

Standards 

While there are many varying standards associated with interoperability, Moscovitch called for those applicable to clinical data elements, notably vital signs, medications and lab results because organizations tend to document and share such data in different ways such that it is difficult to either code or process that information when accessing it from another hospital. Without a foundation of standards, ONC’s vision of nationwide interoperability cannot be achieved and, it follows, that ironing out clinical data element standards can enable more effective data exchange.

“By prioritizing advances in these areas,” Moscovitch noted, “ONC can help foster more accurate and robust data exchange to drive interoperability so that patients, their caregivers, and healthcare providers have the information they need to coordinate care and make informed decisions.” 

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com

Disable Auto Tagging: 

Indiana will integrate PDMP into EHRs statewide to fight opioid crisis

0
0

Indiana is launching a program to give providers the ability to see patient's controlled-substance prescription history more easily within their electronic health records.

Gov. Eric J. Holcomb said the state will implement a platform to support Indiana’s prescription drug monitoring program, known as INSPECT.

Already in place at two healthcare systems in the Hoosier State, Holcomb said a more comprehensive statewide rollout of the INSPECT platform will be a valuable tool in the fight against opioid abuse.

[Also: National e-prescribing bill gains support as Trump declares opioid state of emergency]

"INSPECT helps healthcare professionals around the state limit the number of controlled-substance prescriptions that contribute to our state’s devastating drug crisis," he said. "I commend Indiana’s Professional Licensing Agency, Board of Pharmacy and Appriss Health for their hard work and partnership to make a statewide platform for INSPECT possible."

The program, which keeps track of the prescribing and dispensing of controlled substances statewide, can be used by physicians and pharmacists to help prevent doctor shopping and fraudulent prescriptions. INSPECT data shows up directly in EHRs, rather than requiring providers to use separate website or portal to see patients' prescription histories.

The technology is developed by Louisville, Kentucky-based Appriss Health, which specializes in giving state government agencies controlled substance dispensing data and real-time clinical decision support for physicians, pharmacists and care teams.

The Indiana Professional Licensing Agency first partnered with Appriss Health this past year in an effort to make INSPECT data more effective and accessible for providers across the state, whose emergency departments have seen a 60 percent increase in opioid overdose visits in the past five years.

IPLA partnered with Kroger Pharmacy to integrate INSPECT data into its pharmacy software, and Evansville, Indiana-based Deaconess Midtown was the first hospital to add the data to its EHRs.

"Every practitioner and dispenser should have access to this program, as it can be a vital tool for addressing opioid abuse and misuse." said Deborah Frye, executive director of the Indiana Professional Licensing Agency. "The IPLA and the state of Indiana hope this new PDMP advancement will improve the health and safety of patients and serve as a resource to prescribers and dispensers in the coming years."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Disable Auto Tagging: 

What's next for health information exchanges?

0
0

Health information exchanges have for years been plagued by the looming question: Is HIE as a business model actually sustainable? And while few argue that they have faced challenges to basic survival, experts are now saying that many HIEs have grown strong roots. Some are even thriving.

“HIEs are alive and well and we’re moving forward to support our communities,” said Dick Thompson, chairman of the Strategic Health Information Exchange Collaborative, which counts 55 HIEs as members. “The exchanges have begun to readily identify value and they are monetizing that value to sustain themselves.”

Health information exchanges are poised to become increasingly important as the Office of the National Coordinator for Health IT focuses even more on interoperability, as is mandated by the 21st Century Cures Act and as ONC head Donald Rucker, MD, has publicly said it will.

“There will be significant discussion about the role that HIEs play in furthering those goals,” said HIMSS Analytics executive vice president Blain Newton.

HIE momentum growing amid challenges

SHIEC’s Thompson said that the collaborative has seen a 67 percent spike in memberships since this time last year. He attributed that to HIEs establishing themselves as trusted data repositories, experts in connectivity and apt problem solvers in their communities. 

[Register Now: Upcoming HIMSS Pop Health Forum]

That said, HIE is not a one-size-fits-all business model. Some of the success stories Thompson pointed to include serving Medicaid populations, alerting payers when members present at the emergency department, and aggregating patient data across hospitals, ambulatory care providers and specialists — tasks that those participants cannot easily access elsewhere.

That’s not to say HIEs have reached perfection. Far from it, instead, and Thompson acknowledged that they’re getting better one step at a time.

“The current feedback from providers indicates the need for HIEs to evolve as the market evolves as they leverage the appropriate data for different healthcare initiatives, such as population health and MACRA,” Newton added.  

HIMSS Analytics research, in fact, found that as of 2016 HIEs had not been widely implemented for population health. 

While HIMSS Analytics is continuing to investigate how providers will leverage exchanges for such initiatives moving forward, SHIEC’s Thompson said that many HIEs are well-positioned to support pop health efforts. Same goes for MACRA, behavioral health and social determinants, he added, work that is already starting in some organizations.

HIE 3.0 coming?

In January of 2013, Micky Tripathi, CEO of the Massachusetts eHealth Collaborative, declared that the industry had entered into a bold new world of health information exchange.

That would be HIE 2.0. The second generation is built on modern technologies, including cloud services, mHealth apps and IoT devices, inexpensive storage and broadband connectivity and adjusted market expectations wherein consumers and caregivers demand electronic access to their records, not to mention the ability to share that data among providers.

Thompson said that the next generation of exchanges, call it HIE 3.0, will harness that IT infrastructure to integrate social determinants and behavioral health into medical data within EHRs, and HIEs are best-positioned to accomplish that.

They will also be able to support information aggregations that combine clinical quality elements with payer data to help hospitals and insurers more effectively associate quality with cost and, in turn, to make that value more transparent to those buying and delivering care services. Thompson added that such work will then enable HIEs to understand and analyze the data they have in new ways.

“We’re on the frontier,” Thompson said. “HIE 3.0 will engage with patients. That takes a level of trust that is less about technology than it is about people and process and building networks of trust between individuals.” 

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com

Disable Auto Tagging: 

Health IT vendors, trade groups demand HHS eradicate information blocking

0
0

A group consisting of IT vendors and healthcare industry associations has recommended that the U.S. Department of Health and Human Services take actions to eliminate information blocking.

“This business practice barrier to interoperability does not just thwart federal and private efforts to fully share clinical information, it may pose a significant risk to patient safety,” the group wrote. “For instance, information blocking impedes provider access to the most current, accurate, or complete information on their patients.”

[Also: Pew to ONC chief Rucker: Patient matching and data standardization can fix interoperability]

The letter was spearheaded by Health IT Now and addressed to both Donald Rucker, MD, who leads the Office of the National Coordinator for Health IT, and HHS Inspector General Daniel Levinson. 

In addition to Health IT Now, it was signed by the American Academy of Family Physicians, American Academy of Ophthalmology, American Medical Informatics Association, DirectTrust, Healthcare Leadership Council, National MS Society, National Partnership for Women & Families as well as technology vendors athenahealth, ION Solutions, McKesson, IBM and Oracle.

The organizations suggested that HHS propose a rule designed to answer five key questions about information blocking mandates in the 21st Century Cures Act: What is and is not information blocking? What qualifies as a so-called special effort when it comes to eliminating blocking? How to define “should have known” within the context of information blocking? How should the industry measure patient access to health information? And how does the 21st Century Cures Act relate to HIPAA and medical malpractice laws?

The letter also said that the proposed rule would benefit by HHS looking at other issues, including which reasonable business practices are not actually information blocking, what data to collect about information blocking, and any unintended consequences regulators should avoid, among others. 

Lastly, the groups suggest a September meeting between those signing the letter and HHS and ONC officials to help develop the proposed rule.

“This is a way for various stakeholders to show solidarity in ending this practice that is affecting the healthcare industry at large and placing patient lives at risk,” they wrote.

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com

Disable Auto Tagging: 

The biggest healthcare breaches of 2017 (so far)

0
0
Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20slideshow.png
Slideshow Description: 

Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is, unfortunately, following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations appear to still have much to learn about security.

This gallery highlights some of the biggest breaches across the industry – and points to some mistakes to avoid in the future.

Updated Aug. 25, 2017

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-106k.png
Slideshow Title: 
Mid-Michigan Physicians Imaging Center
Slideshow Description: 

Just over 106,000 patients of are being notified by Mid-Michigan Physicians Imaging Center of a potential data breach of their personal health information. The records of both past and current patients may have been accessed after the McLaren Medical Group – which manages Mid-Michigan – discovered a breach of its Radiology Center computer system in March.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-33k.png
Slideshow Title: 
St. Mark’s Surgery Center
Slideshow Description: 

St. Mark’s Surgery Center discovered a ransomware attack on May 8, although the attack occurred from April 13 until April 17. The installed virus prevented patient data from being accessed during that time. The impacted servers contained patient names, dates of birth, Social Security numbers and medical information of this Florida provider.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-266k.png
Slideshow Title: 
Pacific Alliance Medical Center
Slideshow Description: 

Los Angeles-based Pacific Alliance Medical Center disclosed that it was hit by a ransomware attack in June. In August they determined that the breach involves the health information of 266,123 patients.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach10k_0.png
Slideshow Title: 
Plastic Surgery Associates of South Dakota
Slideshow Description: 

The cyberattack was first discovered in February, but crucial evidence was lost during the investigation on April that rendered it impossible for officials to rule out a breach.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-18k.png
Slideshow Title: 
Anthem BlueCross BlueShield
Slideshow Description: 

Anthem BlueCross BlueShield began notifying customers last week of a breach affecting about 18,000 Medicare members. The breach stemmed from Anthem’s Medicare insurance coordination services vendor LaunchPoint Ventures, based in Indiana.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-300k_0.png
Slideshow Title: 
Women’s Health Care Group of Pennsylvania
Slideshow Description: 

The breach on Women’s Health Care Group of Pennsylvania was discovered in May, but hackers had unauthorized access to the system as early as January.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach176k.png
Slideshow Title: 
Peachtree Neurological Clinic
Slideshow Description: 

While Peachtree Neurological Clinic avoided paying ransom after a recent cyberattack, the investigation that followed revealed a hacker had access to its system starting in February 2016.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach15k.png
Slideshow Title: 
UC Davis Health
Slideshow Description: 

An employee of UC Davis Health responded to a phishing email with login credentials, which officials said the hacker used to view patient data and send emails to other staff requesting large sums of money.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach14M.png
Slideshow Title: 
Verizon's data breach
Slideshow Description: 

As many as 14 million U.S. customers of the telecommunications company were exposed after a user mistake caused a database to go public online.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach108k2.png
Slideshow Title: 
Bupa global health insurance
Slideshow Description: 

A Bupa employee -- who has since been fired -- copied private information from global health insurance policies, which cover those who frequently travel or work overseas.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-IndianaMedicaid.png
Slideshow Title: 
Indiana Medicaid
Slideshow Description: 

Indiana’s Health Coverage Program said that patient data was left open via a live hyperlink to an IHCP report until DXC Technology, which offers IT services to Indiana Medicaid, found the link on May 10. That report, DXC said, contained patient data including name, Medicaid ID number, name and address of doctors treating patients, patient number, procedure codes, dates of services and the amount Medicaid paid doctors or providers.

There were 1.1 million enrolled in Indiana's Medicaid & CHIP program in April 2017 according to KFF.org.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-DataBreach-22k.png
Slideshow Title: 
Cleveland Medical Associates
Slideshow Description: 

While the compromised computer was both locked and encrypted, the forensic investigation team couldn’t determine with certainty if there was unauthorized access to patient data during the April 21 attack.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach500k.png
Slideshow Title: 
Airway Oxygen
Slideshow Description: 

Michigan-based Airway Oxygen was hit by a ransomware attack in April that may have compromised the data of 500,000 clients, the home medical equipment supplier reported to the U.S. Department of Health and Human Services on June 23. The hacker gained access to the network and installed ransomware, which shut employees out of the system where personal health information was stored.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-6K.png
Slideshow Description: 

Data has been dumped from two healthcare providers in a game the hacker, TheDarkOverlord, is calling: “A Business a Day.” The hacker leaked 6,000 patient records on June 8 from Feinstein & Roe MDs in Los Angeles and 6,300 patient records from La Quinta Center for Cosmetic Dentistry on June 9.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-1M.png
Slideshow Description: 

A hard drive containing the personal data of about 1 million people was stolen from Washington State University in April. The University discovered a locked safe that contained the hard drive was stolen from a WSU storage unit in Olympia. The stolen data is from survey participants and contained names, Social Security numbers and, for some, personal health data.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-undisclosed.png
Slideshow Description: 

California-based Torrance Memorial Medical Center notified patients that two email accounts containing work-related reports were hit by a phishing attack in April. Officials didn’t reveal how many patients were affected, and the incident is not on the Office of Civil Rights’ breach reporting site.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%204-8million.png
Slideshow Title: 
Molina Healthcare
Slideshow Description: 

Molina Healthcare, a major Medicaid and Affordable Care Act insurer, shut down its patient portal on May 26 in response to a security flaw that exposed patient medical claims data without requiring authentication, according to security researche Ben Krebs. At the time, it’s unclear how long the vulnerability was in place. Ben Krebs was first made aware of the security flaw in April through an anonymous tip, which could allow any Molina patient to access other patients’ medical claims by simply changing a single number in the URL.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/breaches-150-countries.png
Slideshow Title: 
National Health Service in England and Scotland
Slideshow Description: 

The National Health Service in England and Scotland was hit by a large ransomware attack that has affected at least 16 of its organizations on May 12. The organization launched an investigation and determined the ransomware is likely the Wanna Decrytor. It’s one of the most effective ransomware variants on the dark web, and at the moment, there is no decryptor available. Within two days, 150 countries were affected by the #wannacry ransomware.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014633k.png
Slideshow Title: 
New Jersey Diamond Institute
Slideshow Description: 

The third-party server that hosts the electronic health records of New Jersey Diamond Institute for Fertility and Menopause was hacked by an unauthorized individual, exposing protected health information of 14,633 patients.

The database and EHR system was encrypted, which prevented the hackers from gaining access, officials said. However, many supporting documents stored on the hacked server were left unencrypted and could have been accessed.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2093k.png
Slideshow Title: 
Harrisburg Gastroenterology
Slideshow Description: 

Pennsylvania-based Harrisburg Gastroenterology is notifying patients that their records might have been breached. The Health and Human Services Department’s Office for Civil Rights’ Wall of Shame lists the breach at 93,323 records on a network server exposed because of a hacking/IT incident.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20millions.png
Slideshow Title: 
Bronx-Lebanon Hospital Center
Slideshow Description: 

Tens of thousands, and possibly up to millions, of patient records at Bronx-Lebanon Hospital Center in New York City were exposed in a recent data breach, according to the Kromtech Security Research Center, which uncovered the records on May 3. The records were part of a backup managed by iHealth Innovations, the research center said.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20180k.png
Slideshow Title: 
Aesthetic Dentistry and OC Gastrocare
Slideshow Description: 

Dark Web hacker TheDarkOverlord has released 180,000 patient records from three hacks, DataBreaches.net revealed May 4. More than 3,400 patient records were released from New York City-based Aesthetic Dentistry, 34,100 from California’s OC Gastocare and 142,000 Tampa Bay Surgery Center. TDO used a Twitter account to post a link to a site that allows any user to download the patient databases from these organizations.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20500k.png
Slideshow Title: 
Children health records
Slideshow Description: 

The patient records of about 500,000 children are up for grabs on the dark web, a hacker named Skyscraper told DataBreaches.net on April 26. These records contain both child and parent names, Social Security numbers, phone numbers and addresses. DataBreaches didn’t name the breached organizations but also said that another 200,000 records were stolen from elementary schools. The amount of breached records for pediatricians reported to the Department of Health and Human Services’ Office of Civil Rights is not equal to that number, meaning many of these providers are likely unaware their data has been exposed.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2020k.png
Slideshow Title: 
Lifespan
Slideshow Description: 

Providence-based Lifespan, Rhode Island's largest health network, has notified about 20,000 of its patients that a laptop theft may have exposed their sensitive information. The health organization said an employee's MacBook was taken after a car break-in on Feb. 25. The employee immediately contacted both law enforcement and Lifespan officials, who were able to change the employee’s credentials used to access Lifespan system resources.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20918k.png
Slideshow Title: 
HealthNow Networks
Slideshow Description: 

The personal health data of 918,000 seniors was posted online for months, after a software developer working for HealthNow Networks uploaded a backup database to the internet, an investigation by ZDNet and DataBreaches.net found. Boca Raton, Florida-based HealthNow Networks is a telemarketing company that used to provide medical supplies to mostly seniors who rely on diabetic equipment. However, it’s no longer a registered business as of 2015, when it failed to file an annual report with Florida authorities. The software developer was contracted to build a customer database for HealthNow Networks, but the developer told researchers it was "too much work."

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2055k.png
Slideshow Title: 
ABCD Children's Pediatrics
Slideshow Description: 

A ransomware attack at San Antonio-based ABCD Children’s Pediatrics may have breached the data of 55,447 patients. Affected files may have included patient names, Social Security numbers, insurance billing information, dates of birth, medical records, laboratory results, procedure technology codes, demographic data, address and telephone numbers. Investigators determined it was the Dharma virus, a variant of the Crisis ransomware family. While this virus doesn’t typically exfiltrate data, the provider was unable to rule it out, officials said.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2080k.png
Slideshow Title: 
Washington University School of Medicine
Slideshow Description: 

A Washington University School of Medicine employee fell victim to a phishing attack that may have compromised 80,270 patient records. The medical school learned of the incident on Jan. 24 -- seven weeks after the phishing attack occurred on Dec. 2, officials said in a statement. The employee responded to a phishing email designed to look like a legitimate request. As a result, an unauthorized party may have gained access to employee email accounts that contained patient data.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2017k.png
Slideshow Title: 
Metropolitan Urology Group
Slideshow Description: 

This Milwaukee-based provider began notifying patients that a November ransomware attack may have exposed their personal data. There were 17,634 patients affected, according to the U.S. Department of Health and Human Services' Office for Civil Rights. Two of Metropolitan Urology’s servers were infected by the virus, which may have exposed data of patients between 2003 and 2010. Officials said the data contained names, patient account numbers, provider identification, medical procedure codes and data of the provided services. About 5 percent of these patients had their Social Security numbers exposed.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20years%20vuln.png
Slideshow Title: 
Denton Heart Group
Slideshow Description: 

An unencrypted hard drive that contained seven years of backup electronic health record data was stolen from the Denton Health Group, a member of the HealthTexas Provider Network. The backup files contained a hoard of patient data from 2009 until 2016: Names, Social Security numbers, dates of birth, addresses, phone numbers, driver's license numbers, medical record numbers, insurance provider and policy details, physician names, clinic account numbers, medical history, medications, lab results and other clinical data.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014k.png
Slideshow Title: 
Brand New Day
Slideshow Description: 

In March, the Medicare-approved health plan notified 14,005 patients of a potential breach of electronic protected health information after an unauthorized access through a third-party vendor system. On Dec. 28, Brand New Day discovered that an unauthorized user had accessed the ePHI provided to one of its HIPAA business associates on Dec. 22. The access occurred through a vendor system used by a contracted provider, officials said.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2022k.png
Slideshow Title: 
Singh and Arora Oncology Hematology
Slideshow Description: 

In February, the Flint, Michigan, cancer center notified 22,000 patients of a breach discovered in August 2016. Hackers had access to the practice's server between February and July of 2016, local affiliate ABC12 reported. The files contained names, Social Security numbers, addresses, phone numbers, dates of birth, CPT codes and insurance information.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2010k.png
Slideshow Title: 
Verity Medical Foundation-San Jose Medical Group
Slideshow Description: 

Verity Medical Foundation-San Jose Medical Group website, part of the Verity Health System in Redwood City, California, was hacked, exposing the data of 10,164 patients. Verity includes six California hospitals, the Verity Medical Foundation and Verity Physician Network. An unauthorized user hacked into the website from October 2015 until it was discovered by Verity Health on January 6. The website was no longer in use.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20220k.png
Slideshow Title: 
CoPilot Provider Support Services
Slideshow Description: 

More than a year after discovering a potential breach to its websites, healthcare administrative services and IT provider, CoPilot Provider Support Services notified 220,000 patients and doctors who used its service. An unauthorized user breached one of CoPilot's databases, used by both healthcare providers and patients, in October 2015, according to officials. The hacker downloaded files that contained names, dates of birth, addresses, phone numbers, health insurers and some Social Security numbers of some users. No financial, medical treatment or other information was accessed.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2043-ransom.png
Slideshow Title: 
Indiana-based Cancer Services
Slideshow Description: 

The server and back-up drive of Muncie, Indiana-based Cancer Services of East Central Indiana-Little Red Door were hacked and the data stripped, encrypted and taken for ransom by the cybercriminal organization, TheDarkOverlord, or TDO, the agency revealed Jan. 18. The hack took place on Jan. 11. TDO asked for 50 bitcoin, or about $43,000, in ransom, first in a text message to the personal cellphones of the company’s executive director, president and vice president. Officials said, TDO followed up in a form letter and several emails that contained extortion threats and promises to contact family members of the cancer patients, donors and community partners.

Read the full article.

Teaser: 

Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit. This gallery highlights some of the biggest breaches in healthcare -- and points to mistakes to avoid in the future.

Thumbnail: 
biggest healthcare breaches 2017
Custom OAS pagetag: 
Subheader: 
Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit.
Primary topic: 
Disable Auto Tagging: 

PriorAuthNow scores $3.6 million in funding

0
0

Columbus, Ohio-based startup PriorAuthNow has raised $3.6 million to fast-track the rollout of its platform to healthcare systems across the country. The company also plans to use the funds to expand its team.

NCT Ventures led the funding with participation from Detroit Venture Partners.

Founded in 2014, PriorAuthNow works with EHR systems and connects directly with insurance carriers. Company executives claim it’s the fastest, most economical way to submit, monitor and complete prior authorizations.

[Also: Health IT startups to watch in 2017: A running list]

By PriorAuthNow figures, a single provider spends on average 20 hours per week and $65,000 per year on prior authorizations – or PAs. Forty percent of PAs are abandoned due to complex approval policies.

The PriorAuthNow platform does away with lengthy phone calls, going to many different payer sites, and filling out multiple authorization forms, according to Joe Anstine, PriorAuthNow co-founder and CEO.

It saves providers and their staff countless administrative hours, Anstine asserts, because the platform tracks the life cycle of each prior authorization to ensure everything is done correctly the first time.

“Few words cause more frustration with physicians and their staff than ‘prior authorization’ Anstine, said in a statement. “By removing the inefficiencies and the fragmented experience of the current process, we’re able to save both providers and individuals time and money.”

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Primary Topic: 
Disable Auto Tagging: 

CHIME backs DirectTrust health data exchange, announces collaboration

0
0

CHIME will work with DirectTrust to advocate the deployment of the DirectTrust framework and health information exchange network as the universal common electronic interface for health information exchange.

The healthcare CIO association announced the collaboration with DirectTrust on Wednesday.

DirectTrust is a healthcare industry alliance for participants in the Direct exchange network. It is used for secure, interoperable exchange of personal health information between provider organizations and between providers and patients.

[Also: Using both Direct and FHIR standards could improve data exchange]

There are other similar frameworks for data exchange in place, including CareQuality and CommonWell Health Alliance.

CHIME and DirectTrust are working together to promote and ensure that secure, interoperable exchange of healthcare information via Direct exchange is available and able to be used at every location in the healthcare system where a patient’s data and information might be needed.

The effort includes making Direct exchange universally available at hospitals, medical practices, pharmacies, labs, long-term care facilities, payers, insurers and health departments, as well as on applications. 

“There is great potential in our new collaboration to further standardize and simplify health information exchange interfaces on a national basis for an expanded variety of use cases,” DirectTrust CEO and President David C. Kibbe, MD, said in a statement.

Kibbe adds that DirectTrust’s network is the largest standards-based network for the exchange of health information, with more than 1.5 million send and receive endpoints, at more than 100,000 healthcare organizations, via more than 350 ONC-certified EHRs.

CHIME CEO and President Russell P. Branzell said CHIME members strongly support the further development of a standards-based national platform to safely and securely exchange patient data

“DirectTrust offers an infrastructure that goes hand-in-hand with our goals to assist and lead where needed to improve patient care, engage patients in their health and reduce patient safety incidents,” he said in a statement.

“The National Patient ID Challenge, which we launched to accurately and safely identify patients no matter what the healthcare setting, is a perfect example of these needs that require a strong national exchange infrastructure.”

As Kibbe sees it, the value of a simple secure and reliable means of exchange of health data and information is a necessary step forward in attaining the goals of interoperability.

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Disable Auto Tagging: 

Allscripts picks Vidyo to add telehealth features to patient portal

0
0

EHR vendor Allscripts has selected the Vidyo.io platform from Vidyo to power virtual consultations directly embedded into the Allscripts FollowMyHealth patient portal.

On-demand video visits can be launched directly from the patient portal workflow, with the aim of simplifying remote consultations between physicians and patients. 

Vidyo’s technology platform powers telemedicine systems for other vendors, as well, including American Well, Avizia, Care Innovations, Iron Bow Technologies and Philips, placing Vidyo technology in a vast array of healthcare provider organizations.

[Also: Comparing 11 top telehealth platforms: Company execs tout quality, safety, EHR integrations]

Vidyo also has partnered with Allscripts rival Epic for telehealth consults between caregivers and patients or caregivers and other clinicians in the workflow tools the caregivers use for patient records.

Allscripts general manager Kim South said integrating Vidyo into its patient portal enables physicians and patients to connect face-to-face via a mobile app or the web. 

Research firm IDC said that “patient convenience is becoming more critical as they take on more financial accountability and are demanding levels of service they experience in other industries.”

Vidyo’s ability to integrate into EHR workflows to provide remote consultations creates accessibility and increased communication for physicians and patients, Vidyo said. The Vidyo integration with FollowMyHealth can streamline collaboration, help improve patient care and satisfaction and help provide better health outcomes, Vidyo said.

Vidyo CEO Eran Westman said that its platform is interoperable with other EHR systems and portals, which helps to simplify clinical adoption of telehealth. 

In December 2015, Kaiser Permanente Ventures invested $10 million in Vidyo. Kaiser Permanente Ventures is the venture capital arm of Kaiser Permanente.

Vidyo is used by 40 of the top 100 health systems in the United States, the company said, and in its last fiscal year, Vidyo added more than 50 provider organizations to its base of nearly 300 U.S. health systems.

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com

Disable Auto Tagging: 

How smart pump EHR integration could save a community hospital $2 million

0
0

Dave Baumgardner, chief information officer at Dover, Ohio-based Union Hospital, said there was one primary driver for the decision to link the hospital's 160 or so smart infusion pumps with its Meditech electronic health record.

"First of all, for patient safety and quality," said Baumgardner. "Those were the main drivers. Our director of pharmacy has been a strong advocate of this for years."

Beyond the safety that automation provides, however, there were financial benefits for the project. It streamlined nursing workflow, he said, and in doing so enabled big savings.

[Also: Hospira and Iatric partner on EMR-medical device interoperability]

The reduction of manual inputs has led to time efficiencies, and more accurate billing of medicine start and stop times has obvious benefits to the community hospital's bottom line.

"Cost savings from enhanced charge capture and reimbursement opportunities are about $2 million a year," he said.

The initiative was enabled by a recent partnership between Hospira, which makes infusion pumps, and Iatric Systems, which specializes in interfaces and interoperability.

Iatric's Accelero Connect technology enables two-way data exchange between devices and EMRs. Combined with Hospira's MedNet software, the integration can create efficiencies and quality improvement.

"On the clinical side, we're sending IV medication orders from the EMR to the infusion pump, which significantly minimizes the chance of human errors and helps improve patient outcomes," said Iatric President Frank Fortner in a statement when the partnership was announced this past December. "On the financial side, we're sending start times, stop times, and other infusion details from the pump back to the EMR, which saves nurses time and may improve hospital reimbursements."

"When Iatric and Hospira approached us about developing this, and being a beta site for the Meditech project, we jumped right on it," said Baumgardner.

Pursuing a project like this depends on strategy and collaboration.

"You need to assemble a very strong team, led by pharmacy, nursing, clinical informatics," he said. :With strong support from IT, quality education and executive sponsorship, including the CMO."

Robust Wi-Fi is also a must. "We have a strong wireless implementation across the hospital and had been certified a couple years ago by Hospira – and we just redid that certification this past summer," said Baumgardner. "From a technology standpoint it's best to be on one standard pump and have your wireless network certified to make sure you don't have any holes there."

He said one of the trickier hurdles so far has had to do with understanding of "how the smart pumps interact with the wireless technology when they're online, when they acknowledge the network."

Challenges such as those show why stakeholder involvement and careful planning are so important, he said.

"It's important that when you do have some hiccups, some hurdles in the implementation, that you keep the nursing staff engaged and not lose any of that momentum," said Baumgardner.

"We've had a couple hurdles in that area – some connectivity issue with the pumps. with the server losing that connection," he said. "The nurses were forced to do a manual entry. Expect some hurdles to happen in that rollout process. You want to have your IT staff involved so you can do testing in those locations with a nursing informatics specialist and the staff – work out those bugs and address them immediately."This was a huge project, but has been worth it on both the clinical and financial side, said Baumgardner, and the lessons learned along the way "reinforce the importance of having a cohesive, collaborative, communicative group between IS, nursing and pharmacy on these types of projects. You need that strong foundation and a commitment to making this a success."

This was a huge project, but has been worth it on both the clinical and financial side, said Baumgardner, and the lessons learned along the way "reinforce the importance of having a cohesive, collaborative, communicative group between IS, nursing and pharmacy on these types of projects. You need that strong foundation and a commitment to making this a success."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Disable Auto Tagging: 

Intermountain, University of Utah Health embark on plan for advanced cancer screening tool

0
0

Researchers at the University of Utah Health, Intermountain Healthcare, and Huntsman Cancer Institute revealed their intentions to couple electronic health records with advanced clinical decision support to screen for several types of cancer. 

The goal is to identify and manage high-risk patients within primary care settings and also in the broader healthcare system, the hospitals said. 

“It is crucial that primary care physicians who are the frontline of care identify patients who are at high risk of developing cancer,” said Scott Narus, chief clinical systems architect for Intermountain. Narus added that early diagnosis and screening of cancer greatly increases the chances for successful treatment. 

The idea is to couple electronic health records with advanced clinical decision support to screen for several types of cancer and to identify and manage high-risk patients within primary care settings and also in the broader healthcare system.

Researchers note common barriers when it comes to clinical decision support: some EHR systems have limited clinical decision support capabilities: there is minimal sharing of clinical decision support rules among healthcare organizations; existing clinical decision support systems rely on closed architectures

Fueled by a $3.8 million grant from the National Cancer Institute, the three organizations 
will be tackling those challenges. As they see it, there is a critical need for EHR-agnostic clinical decision support platforms that enable sharing across healthcare organizations.

They intend to enable a standards-based and scalable clinical decision support platform for individualized cancer screening to be used across healthcare organizations. To that end, the researchers will extend and solidify two well-established open source CDS Web services based on rule logic – OpenCDS – and information retrieval – OpenInfobutton.”

The researchers plan to work with primary care physicians, oncologists, and genetic counselors, to develop CDS algorithms and interventions to support individualized screening of breast and colorectal cancer.

With consultation from Intermountain, University of Utah Health will be responsible for developing the CDS platform and workflows and demonstrating it in its care delivery system. Intermountain will then evaluate the solution and test its performance within another healthcare system with another EHR.

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Specific Terms: 
Disable Auto Tagging: 

The biggest healthcare breaches of 2017 (so far)

0
0
Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20slideshow.png
Slideshow Description: 

Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is, unfortunately, following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations appear to still have much to learn about security.

This gallery highlights some of the biggest breaches across the industry – and points to some mistakes to avoid in the future.

Updated Sept. 1, 2017

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-19k.png
Slideshow Title: 
Medical Oncology Hematology Consultants
Slideshow Description: 

The cyberattack was discovered on July 7, but the attack began nearly a month earlier on June 17. Officials said the hackers targeted certain electronic files on the provider’s server and workstation

Read the full article.

 

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-744.png
Slideshow Title: 
Kaleida Health
Slideshow Description: 

While only 744 patients were included in this month’s breach, Kaleida Health already notified 2,800 of its patients in July of a separate phishing incident.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-106k.png
Slideshow Title: 
Mid-Michigan Physicians Imaging Center
Slideshow Description: 

Just over 106,000 patients of are being notified by Mid-Michigan Physicians Imaging Center of a potential data breach of their personal health information. The records of both past and current patients may have been accessed after the McLaren Medical Group – which manages Mid-Michigan – discovered a breach of its Radiology Center computer system in March.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-33k.png
Slideshow Title: 
St. Mark’s Surgery Center
Slideshow Description: 

St. Mark’s Surgery Center discovered a ransomware attack on May 8, although the attack occurred from April 13 until April 17. The installed virus prevented patient data from being accessed during that time. The impacted servers contained patient names, dates of birth, Social Security numbers and medical information of this Florida provider.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-Data-Breach-266k.png
Slideshow Title: 
Pacific Alliance Medical Center
Slideshow Description: 

Los Angeles-based Pacific Alliance Medical Center disclosed that it was hit by a ransomware attack in June. In August they determined that the breach involves the health information of 266,123 patients.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach10k_0.png
Slideshow Title: 
Plastic Surgery Associates of South Dakota
Slideshow Description: 

The cyberattack was first discovered in February, but crucial evidence was lost during the investigation on April that rendered it impossible for officials to rule out a breach.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-18k.png
Slideshow Title: 
Anthem BlueCross BlueShield
Slideshow Description: 

Anthem BlueCross BlueShield began notifying customers last week of a breach affecting about 18,000 Medicare members. The breach stemmed from Anthem’s Medicare insurance coordination services vendor LaunchPoint Ventures, based in Indiana.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-300k_0.png
Slideshow Title: 
Women’s Health Care Group of Pennsylvania
Slideshow Description: 

The breach on Women’s Health Care Group of Pennsylvania was discovered in May, but hackers had unauthorized access to the system as early as January.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach176k.png
Slideshow Title: 
Peachtree Neurological Clinic
Slideshow Description: 

While Peachtree Neurological Clinic avoided paying ransom after a recent cyberattack, the investigation that followed revealed a hacker had access to its system starting in February 2016.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach15k.png
Slideshow Title: 
UC Davis Health
Slideshow Description: 

An employee of UC Davis Health responded to a phishing email with login credentials, which officials said the hacker used to view patient data and send emails to other staff requesting large sums of money.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach14M.png
Slideshow Title: 
Verizon's data breach
Slideshow Description: 

As many as 14 million U.S. customers of the telecommunications company were exposed after a user mistake caused a database to go public online.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach108k2.png
Slideshow Title: 
Bupa global health insurance
Slideshow Description: 

A Bupa employee -- who has since been fired -- copied private information from global health insurance policies, which cover those who frequently travel or work overseas.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-IndianaMedicaid.png
Slideshow Title: 
Indiana Medicaid
Slideshow Description: 

Indiana’s Health Coverage Program said that patient data was left open via a live hyperlink to an IHCP report until DXC Technology, which offers IT services to Indiana Medicaid, found the link on May 10. That report, DXC said, contained patient data including name, Medicaid ID number, name and address of doctors treating patients, patient number, procedure codes, dates of services and the amount Medicaid paid doctors or providers.

There were 1.1 million enrolled in Indiana's Medicaid & CHIP program in April 2017 according to KFF.org.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN-DataBreach-22k.png
Slideshow Title: 
Cleveland Medical Associates
Slideshow Description: 

While the compromised computer was both locked and encrypted, the forensic investigation team couldn’t determine with certainty if there was unauthorized access to patient data during the April 21 attack.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach500k.png
Slideshow Title: 
Airway Oxygen
Slideshow Description: 

Michigan-based Airway Oxygen was hit by a ransomware attack in April that may have compromised the data of 500,000 clients, the home medical equipment supplier reported to the U.S. Department of Health and Human Services on June 23. The hacker gained access to the network and installed ransomware, which shut employees out of the system where personal health information was stored.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-6K.png
Slideshow Title: 
Feinstein & Roe MDs; La Quinta Center for Cosmetic Dentistry
Slideshow Description: 

Data has been dumped from two healthcare providers in a game the hacker, TheDarkOverlord, is calling: “A Business a Day.” The hacker leaked 6,000 patient records on June 8 from Feinstein & Roe MDs in Los Angeles and 6,300 patient records from La Quinta Center for Cosmetic Dentistry on June 9.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-1M.png
Slideshow Title: 
Washington State University
Slideshow Description: 

A hard drive containing the personal data of about 1 million people was stolen from Washington State University in April. The University discovered a locked safe that contained the hard drive was stolen from a WSU storage unit in Olympia. The stolen data is from survey participants and contained names, Social Security numbers and, for some, personal health data.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITNDataBreach-undisclosed.png
Slideshow Title: 
Torrance Memorial Medical Center
Slideshow Description: 

California-based Torrance Memorial Medical Center notified patients that two email accounts containing work-related reports were hit by a phishing attack in April. Officials didn’t reveal how many patients were affected, and the incident is not on the Office of Civil Rights’ breach reporting site.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%204-8million.png
Slideshow Title: 
Molina Healthcare
Slideshow Description: 

Molina Healthcare, a major Medicaid and Affordable Care Act insurer, shut down its patient portal on May 26 in response to a security flaw that exposed patient medical claims data without requiring authentication, according to security researche Ben Krebs. At the time, it’s unclear how long the vulnerability was in place. Ben Krebs was first made aware of the security flaw in April through an anonymous tip, which could allow any Molina patient to access other patients’ medical claims by simply changing a single number in the URL.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/breaches-150-countries.png
Slideshow Title: 
National Health Service in England and Scotland
Slideshow Description: 

The National Health Service in England and Scotland was hit by a large ransomware attack that has affected at least 16 of its organizations on May 12. The organization launched an investigation and determined the ransomware is likely the Wanna Decrytor. It’s one of the most effective ransomware variants on the dark web, and at the moment, there is no decryptor available. Within two days, 150 countries were affected by the #wannacry ransomware.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014633k.png
Slideshow Title: 
New Jersey Diamond Institute
Slideshow Description: 

The third-party server that hosts the electronic health records of New Jersey Diamond Institute for Fertility and Menopause was hacked by an unauthorized individual, exposing protected health information of 14,633 patients.

The database and EHR system was encrypted, which prevented the hackers from gaining access, officials said. However, many supporting documents stored on the hacked server were left unencrypted and could have been accessed.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2093k.png
Slideshow Title: 
Harrisburg Gastroenterology
Slideshow Description: 

Pennsylvania-based Harrisburg Gastroenterology is notifying patients that their records might have been breached. The Health and Human Services Department’s Office for Civil Rights’ Wall of Shame lists the breach at 93,323 records on a network server exposed because of a hacking/IT incident.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20millions.png
Slideshow Title: 
Bronx-Lebanon Hospital Center
Slideshow Description: 

Tens of thousands, and possibly up to millions, of patient records at Bronx-Lebanon Hospital Center in New York City were exposed in a recent data breach, according to the Kromtech Security Research Center, which uncovered the records on May 3. The records were part of a backup managed by iHealth Innovations, the research center said.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20180k.png
Slideshow Title: 
Aesthetic Dentistry and OC Gastrocare
Slideshow Description: 

Dark Web hacker TheDarkOverlord has released 180,000 patient records from three hacks, DataBreaches.net revealed May 4. More than 3,400 patient records were released from New York City-based Aesthetic Dentistry, 34,100 from California’s OC Gastocare and 142,000 Tampa Bay Surgery Center. TDO used a Twitter account to post a link to a site that allows any user to download the patient databases from these organizations.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20500k.png
Slideshow Title: 
Children health records
Slideshow Description: 

The patient records of about 500,000 children are up for grabs on the dark web, a hacker named Skyscraper told DataBreaches.net on April 26. These records contain both child and parent names, Social Security numbers, phone numbers and addresses. DataBreaches didn’t name the breached organizations but also said that another 200,000 records were stolen from elementary schools. The amount of breached records for pediatricians reported to the Department of Health and Human Services’ Office of Civil Rights is not equal to that number, meaning many of these providers are likely unaware their data has been exposed.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2020k.png
Slideshow Title: 
Lifespan
Slideshow Description: 

Providence-based Lifespan, Rhode Island's largest health network, has notified about 20,000 of its patients that a laptop theft may have exposed their sensitive information. The health organization said an employee's MacBook was taken after a car break-in on Feb. 25. The employee immediately contacted both law enforcement and Lifespan officials, who were able to change the employee’s credentials used to access Lifespan system resources.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20918k.png
Slideshow Title: 
HealthNow Networks
Slideshow Description: 

The personal health data of 918,000 seniors was posted online for months, after a software developer working for HealthNow Networks uploaded a backup database to the internet, an investigation by ZDNet and DataBreaches.net found. Boca Raton, Florida-based HealthNow Networks is a telemarketing company that used to provide medical supplies to mostly seniors who rely on diabetic equipment. However, it’s no longer a registered business as of 2015, when it failed to file an annual report with Florida authorities. The software developer was contracted to build a customer database for HealthNow Networks, but the developer told researchers it was "too much work."

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2055k.png
Slideshow Title: 
ABCD Children's Pediatrics
Slideshow Description: 

A ransomware attack at San Antonio-based ABCD Children’s Pediatrics may have breached the data of 55,447 patients. Affected files may have included patient names, Social Security numbers, insurance billing information, dates of birth, medical records, laboratory results, procedure technology codes, demographic data, address and telephone numbers. Investigators determined it was the Dharma virus, a variant of the Crisis ransomware family. While this virus doesn’t typically exfiltrate data, the provider was unable to rule it out, officials said.

Read the full article

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2080k.png
Slideshow Title: 
Washington University School of Medicine
Slideshow Description: 

A Washington University School of Medicine employee fell victim to a phishing attack that may have compromised 80,270 patient records. The medical school learned of the incident on Jan. 24 -- seven weeks after the phishing attack occurred on Dec. 2, officials said in a statement. The employee responded to a phishing email designed to look like a legitimate request. As a result, an unauthorized party may have gained access to employee email accounts that contained patient data.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2017k.png
Slideshow Title: 
Metropolitan Urology Group
Slideshow Description: 

This Milwaukee-based provider began notifying patients that a November ransomware attack may have exposed their personal data. There were 17,634 patients affected, according to the U.S. Department of Health and Human Services' Office for Civil Rights. Two of Metropolitan Urology’s servers were infected by the virus, which may have exposed data of patients between 2003 and 2010. Officials said the data contained names, patient account numbers, provider identification, medical procedure codes and data of the provided services. About 5 percent of these patients had their Social Security numbers exposed.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20years%20vuln.png
Slideshow Title: 
Denton Heart Group
Slideshow Description: 

An unencrypted hard drive that contained seven years of backup electronic health record data was stolen from the Denton Health Group, a member of the HealthTexas Provider Network. The backup files contained a hoard of patient data from 2009 until 2016: Names, Social Security numbers, dates of birth, addresses, phone numbers, driver's license numbers, medical record numbers, insurance provider and policy details, physician names, clinic account numbers, medical history, medications, lab results and other clinical data.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2014k.png
Slideshow Title: 
Brand New Day
Slideshow Description: 

In March, the Medicare-approved health plan notified 14,005 patients of a potential breach of electronic protected health information after an unauthorized access through a third-party vendor system. On Dec. 28, Brand New Day discovered that an unauthorized user had accessed the ePHI provided to one of its HIPAA business associates on Dec. 22. The access occurred through a vendor system used by a contracted provider, officials said.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2022k.png
Slideshow Title: 
Singh and Arora Oncology Hematology
Slideshow Description: 

In February, the Flint, Michigan, cancer center notified 22,000 patients of a breach discovered in August 2016. Hackers had access to the practice's server between February and July of 2016, local affiliate ABC12 reported. The files contained names, Social Security numbers, addresses, phone numbers, dates of birth, CPT codes and insurance information.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2010k.png
Slideshow Title: 
Verity Medical Foundation-San Jose Medical Group
Slideshow Description: 

Verity Medical Foundation-San Jose Medical Group website, part of the Verity Health System in Redwood City, California, was hacked, exposing the data of 10,164 patients. Verity includes six California hospitals, the Verity Medical Foundation and Verity Physician Network. An unauthorized user hacked into the website from October 2015 until it was discovered by Verity Health on January 6. The website was no longer in use.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%20220k.png
Slideshow Title: 
CoPilot Provider Support Services
Slideshow Description: 

More than a year after discovering a potential breach to its websites, healthcare administrative services and IT provider, CoPilot Provider Support Services notified 220,000 patients and doctors who used its service. An unauthorized user breached one of CoPilot's databases, used by both healthcare providers and patients, in October 2015, according to officials. The hacker downloaded files that contained names, dates of birth, addresses, phone numbers, health insurers and some Social Security numbers of some users. No financial, medical treatment or other information was accessed.

Read the full article.

Slideshow Image: 
http://www.healthcareitnews.com/sites/default/files/HITN%20Data%20Breach%2043-ransom.png
Slideshow Title: 
Indiana-based Cancer Services
Slideshow Description: 

The server and back-up drive of Muncie, Indiana-based Cancer Services of East Central Indiana-Little Red Door were hacked and the data stripped, encrypted and taken for ransom by the cybercriminal organization, TheDarkOverlord, or TDO, the agency revealed Jan. 18. The hack took place on Jan. 11. TDO asked for 50 bitcoin, or about $43,000, in ransom, first in a text message to the personal cellphones of the company’s executive director, president and vice president. Officials said, TDO followed up in a form letter and several emails that contained extortion threats and promises to contact family members of the cancer patients, donors and community partners.

Read the full article.

Teaser: 

Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit. This gallery highlights some of the biggest breaches in healthcare -- and points to mistakes to avoid in the future.

Thumbnail: 
biggest healthcare breaches 2017
Custom OAS pagetag: 
Subheader: 
Healthcare proved itself a lucrative target for hackers in 2016, and so far 2017 is unfortunately following suit.
Primary topic: 
Disable Auto Tagging: 

KLAS: Pros and cons of health IT systems for managing antibiotic resistance threat

0
0

When it comes to helping hospitals intervene, track internal metrics and use antimicrobial stewardship systems to their fullest potential, certain vendors have varying points of strength and weakness. 

KLAS evaluated different software products – from BD, Epic, Premier, Vigilanz, Wolters Kluwer and others – that can help hospitals manage their antibiotic use, helping ensure they administer the right drugs to the right patients in the right doses for the right duration. 

The problem AMS systems address 

More and more hospitals are pursuing comprehensive strategies to govern their antibiotic use. In the effort to improve patient safety and comply with increasingly prescriptive guidelines, antibiotic stewardship programs aim to stave off antibiotic resistance and protect against adverse events such as Clostridium difficile infection.

The Joint Commission announced a new standard that went into effect at the beginning of 2017, in fact, that details how antimicrobial stewardship initiatives should be staffed and what their protocols should achieve. 

"Improving the use of antibiotics is an important patient safety and public health issue as well as a national priority," according to the Centers for Disease Control and Prevention – which has found that as many as 50 percent of antibiotics prescribed in U.S. hospitals are unnecessary or inappropriate, and has launched numerous initiatives meant to promote smarter use antibiotics in acute care settings.

What KLAS found about AMS vendors

"As is often the case in markets where many users are switching from manual to automated processes for the first time, users' initial reactions to their AMS technology have been positive," according to KLAS researchers. 

For instance, Premier and Wolters Kluwer do best with arming clinicians with real-time data for timely interventions, according to the report

"Premier users highlight the real-time notifications," according to KLAS. "Wolters Kluwer customers like the flexibility of the rules. Both can make on-the-fly adjustments to the rules and are able to build complex, prioritized rules that strengthen provider interventions and lead to better overall outcomes, such as decreased days of therapy and improved drug optimization."

Epic, meanwhile, does well integrating lab, EMR, and pharmacy data into a single AMS tool, though customers said they'd like better drill-down functionality for reports. And users of VigiLanz technology like its custom-built notifications, but said system adjustments are too dependent on vendor resources which can cause delays.

Such customization is a powerful strong suit, according to the report, which finds that VigiLanz customers value those capabilities and its robust interfaces, which successfully pull in data from many areas.

"The ability to track internal AMS metrics is crucial to a good AMS program because it enables users to see trending and benchmarking data," researchers said. "It can be tricky to do well because data from many different sources must be aggregated, analyzed, and made easy to digest."

KLAS added that "the core functionality of any AMS system – the custom rules and the antibiogram – is what allows users to identify opportunities for intervention and track internal metrics."

Vigilanz’s rule sets, meanwhile, are highly customizable but often rely on the vendor’s help, researchers said. On the other hand, Wolters Kluwer clients like being able to customize and create rules on their own without having to depend much the vendor.

Meanwhile, "operationalizing Epic’s tools requires significant internal resources and expertise, which can lead to frustration," according to KLAS, and although Premier users "can adjust the rules on their own, the tool is complex and has a high learning curve. Likewise, the complexity of BD’s tool makes it difficult for some customers to get all the customization they want."


Whichever vendor they use, most hospitals told KLAS they want more-advanced antibiogram functionality, with improved drill-down capabilities and the opportunity to examine more types of data.

AMS programs are a relatively new phenomenon, and hospitals tend to appreciate guidance and expertise from their vendors, according to the report. In that respect, VigiLanz proactive customer support has led to its top overall satisfaction rating, researchers said.

Wolters Kluwer and BD clients also like those companies' knowledgeable support, but both say they'd like to see their customer feedback implemented more quickly. Premier has focused on up-front training for its complex system, according to KLAS, while Epic users "feel the overall development is improving but want more guidance for optimizing the solution."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Specific Terms: 
Disable Auto Tagging: 

Apple, IBM, Google hold keys to make EHR data more actionable, Kalorama says

0
0

Big data: There’s an abundance of excitement yet so few practical applications deployed in healthcare today.

The current fistful of overarching industry trends — precision medicine, population health, next-generation EHRs and value-based care among those — is creating enormous opportunities for traditional and new health IT vendors to serve hospitals customers in new ways.

What’s more, industry analysts are saying that traditional technologies are not up the big data demands America’s next-generation of healthcare will require. One such demand is the growing need to make use of all the information stored within electronic health records platforms.

[Register Now: Upcoming HIMSS Big Data & Health Analytics Forum]

Kalorama, in fact, ranks more than 40 companies as chasing big data market share in a report published this week. Tech titans Alphabet, Amazon, Apple, Dell, Hewlett-Packard, IBM, Intel, Microsoft, Oracle and SAP are on the list. And those are just the household names involved with healthcare analytics in some form.

“With the data mining skills of Apple, IBM and Google, there is increased hope that their entrance into the healthcare market will help realize the industry goal of turning EMR data into actionable Big Data insights,” said Bruce Carlson, publisher of Kalorama Information.

There are a couple of reasons for that hope. Healthcare still spends less on IT than other industries, Carlson said, and many common tasks are laborious, meaning analytics and big data could potentially offset some of that rote labor.

Carlson added that the large companies have both existing networks and the ability to create new networks promising to disseminate medical knowledge even to small hospitals is another advantage.

He pointed to IBM and Hangzhou CognitiveCare announcing in August of last year that 21 hospitals across China plan to adopt Watson for Oncology trained by Memorial Sloan Kettering, to help deliver personalized, evidence-based cancer treatment options, as one example.

Another that happened during this same month was Stanford Medicine and Google collaborating to combine Stanford Medicine’s healthcare research and clinical expertise with Google’s know-how in cloud technology and data science.

Even before that Apple made moves with IBM to integrate data from HealthKit and ResearchKit with Big Blue’s Watson supercomputer.

More recently, reports have circulated that Amazon and Apple are investigating forays into the EHR space, whether by using iPhones as hubs for patient data or creating new EHR-like software.

“For all the industry excitement, applications of Big Data in healthcare from the large concerns are still in their infancy,” Carlson added. “The most contemporary advances are coming from the large healthcare companies using tissue data, genomics and clinical outcomes to develop more precise testing.”

Twitter: SullyHIT
Email the writer: tom.sullivan@himssmedia.com

Primary Topic: 
Specific Terms: 
Disable Auto Tagging: 

Coalition publishes CDS software design guidelines for a post-21st Century Cures Act landscape

0
0

The Clinical Decision Support Coalition comprises healthcare industry stakeholders – software developers, patient advocacy groups, clinical societies, providers and healthcare payers – working to develop policy positions on CDS technology that safeguard patient safety while also encouraging innovation free from overregulation.

"The Coalition’s focus is to proactively develop a proposal for how to draw the line between regulated and unregulated CDS software," according to its mission statement. "The Coalition will develop answers to two basic questions: What types of CDS software should be regulated? And for those types of CDS software that are regulated, to what level should they be regulated?"

[Also: Clinical decision support: no longer just a nice-to-have]

This past week, the group released its "Voluntary Industry Guidelines for the Design
of Medium Risk Clinical Decision Support Software to Assure the Central Role of Healthcare Professionals in Clinical Decision-Making."

The 21st Century Cures Act removes certain CDS software from the scope of FDA regulation. While FDA governs high-risk software, according to CDSC, medium-risk tools are those that use patient-specific information and organized clinical knowledge; perform some analysis using that information and knowledge (rather than just displaying or transmitting the data); produces a particular actionable recommendation (with or without additional recommendations) for the diagnosis, treatment or management of a disease or condition for a particular patient; and is not an accessory to a medical device.

"Separately, over the last several years, many companies developing CDS software have been sorting through the various design options for empowering the user to take control of the decision-making," according to the CDSC. "In this quest, some companies have been looking for guidelines on the proper approach to user engagement.

The need for some guidance is especially acute as more and more companies innovative with the use of "machine learning and other forms of artificial intelligence to power CDS software," said CDSC officials.

For those technologies not regulated by the FDA, CDSC recommends self-regulating through voluntary design guidelines, in order to provide a unified approach to software development and "a basic level of transparency."

Essentially, the guidelines are meant "to give software developers a framework for discerning whether additional validation – beyond that which they would ordinarily do – is required as a consequence of the software taking over decision-making from healthcare professionals," according to the group. "These guidelines reflect the view that taking over, in any substantial way, the healthcare decision-making carries with it heightened responsibility for validation."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Primary Topic: 
Specific Terms: 
Disable Auto Tagging: 

Cerner creates advisory board to consult on VA Vista replacement

0
0

Healthcare IT giant Cerner has assembled an advisory group of former government, military and private sector leaders to advise the Cerner team deploying a new VA EHR how best to care for the nation’s veterans.

The move coincides with the anticipated deployment of a Cerner electronic health record system at the Department of Veterans Affairs. The VA selected Cerner last June to replace its outdated VistA electronic health record system with a Cerner EHR. Cerner is already at work overhauling the U.S. Department of Defense’s system.

[Also: VA picks Cerner to replace VistA; Trump says EHR will fix agency's data sharing 'once and for all']

“Each member of our VA Advisory Group brings exceptional knowledge and experience, which will help us deliver a seamless care experience for our nation’s veterans,” Travis Dalton, senior vice president, Cerner, said in a statement.

Dalton said the advisors would give the EHR implementation team guidance on how best to improve each veteran’s experience across the system of care – both within VA and with community providers.

Former U.S. Senator and Nebraska Gov. Bob Kerrey, a U.S. Navy Veteran, will chair the VA Advisory Group. Kerrey served in Vietnam as a U.S. Navy SEAL, and was awarded the Medal of Honor for heroism in combat.

“Our Veterans deserve continuous access to their medical records while in the service and afterward, whether they are seen in VA or a private healthcare system,” Kerrey, said in a statement. He added that he received years of treatment from VA, leaving him with firsthand experience of the challenges veterans often face when receiving care.

Other members of the advisory group are:

Roger Baker, a consultant advising federal organizations and services companies on government technology issues. He is the former assistant secretary of information and technology and CIO for the VA, the former CIO for the U.S. Department of Commerce. He has also served as a chief executive for multiple privately held IT companies.

Daphne Bascom, MD, is the senior vice president and medical director of community integrated health for the YMCA of Greater Kansas City and has more than 10 years of experience in clinical integration, performance improvement, and deployment of health IT systems.

Vivian Greentree is the senior vice president and head of global corporate citizenship at First Data Corp. A U.S. Navy Veteran, Greentree helped found Blue Star Families, the largest chapter-based military support organization in the country, where she most recently served as director of research and policy.

Karen DeSalvo, MD, is the former acting assistant secretary for health, former national coordinator for health information technology, and former director of the Office of the National Coordinator for HHS. Before serving at HHS, DeSalvo served as the New Orleans health commissioner and the senior health policy advisor to New Orleans Mayor Mitchell Landrieu.

Marina Martin is a technology entrepreneur and former chief technology officer for the U.S. Department of Veterans Affairs. During her tenure at VA, Marina built the first agency United States digital service team, which focused on transforming the veteran digital experience.

James Peake, MD, is a senior vice president at CGI Federal, a leading IT and business process services provider. Peake is a former secretary of the U.S. Department of Veterans Affairs, and served as the 40th Surgeon General of the United States Army. Peake was awarded the Silver Star, Bronze Star and the Purple Heart during his service in Vietnam.

Jonathan Perlin, MD, is the president, clinical services and Chief Medical Officer for the Hospital Corporation of America, where he provides leadership on advancing electronic health records and driving value through data science and advanced analytics. Perlin is a former undersecretary for health at the U.S. Department of Veterans Affairs, and CEO of Veterans Health Administration.

Brigadier General Donald Scott is a retired veteran of the U.S. Army with a 30-year military career, serving in Vietnam and receiving the distinguished service medal, Legion of Merit, the Bronze Star Medal, Meritorious Service Medal, Army Commendation Medal and Combat Infantryman’s Badge.

Twitter: @Bernie_HITN
Email the writer: bernie.monegain@himssmedia.com

Disable Auto Tagging: 

What's next for Allscripts-McKesson? Innovation and interoperability will be key

0
0

One month after Allscripts announced it would purchase McKesson's hospital IT business for $185 million, there are still plenty of open questions about how the deal will play out in a competitive landscape of consolidating hospitals.

Allscripts has certainly expanded its footprint, especially west of the Mississippi. But how it absorbs those McKesson customers – or, more to the point, just how it reconciles its Enterprise Information Solutions business with its own existing portfolio of technologies – will be worth watching, said Justin Campbell of Boston-based consultancy Galen Healthcare Solutions.

Campbell has worked on integration and interfacing projects involving Allscripts, Cerner, Epic, Meditech and others. And he's curious to see how the McKesson acquisition – probably the biggest EHR vendor meld since Cerner scooped up Siemens Health Services for $1.3 billion in 2014 – will play out.

Reaction Data executive vice president Chris Jensen agreed that only time will tell how the deal ultimately plays out. 

“Sometimes taking over a stalled brand or line of products can improve circumstances for customers and other times, they are just along for the ride, at least until they’ve had enough and decide to get off the bus,” Jensen wrote in a post-acquisition report based on research collected from Allscripts and McKesson customers. 

Reaction Data, in fact, found that 27 percent of Allscripts customers had a negative perception of the merger’s impact, while 47 percent were positive about it. Among McKesson customers 30 percent were negative and 27 percent positive. 

"From an Allscripts point of view, it was a very shrewd investment," said Campbell. "You've got to think that with their sales staff, their ability to cross-sell, they're going to demonstrate some return on investment."

But there's little question that their hand was forced, he said. "They're one of the companies that has to answer to Wall Street, and where else are you going to get growth in this market? Cerner and Epic already have big footprints and everyone is moving to their platforms. In order for Allscripts to grow, it's acquiring a legacy platform."

The Chicago-based company has long experience with integrating other vendors' technologies, of course. (Not that it's always been easy.) Unlike Epic, which has grown entirely organically, Allscripts' history is one of mergers and acquisitions: Misys, Eclipsys, dbMotion, Jardogs and, just recently, part of NantHealth.

"This is a company that has grown by acquisition," said Campbell. "One of their challenges is a lack of a single source of truth, a unified database that Epic and Cerner have across their settings. But I understand Paul Black's strategy. The only way they're going to compete in this game is to demonstrate the lowest total cost of ownership."

Campbell added that the deal is a good bet for Allscripts when it comes to smaller and rural hospitals that cannot afford Epic. 

"But certainly the consolidation that's happening – maybe some of these small hospitals will be acquired by larger health systems – could hinder Allscripts' strategy," he added. "If one of these health systems scoops up a hospital that has Horizon or Paragon, and that health system is already on Epic, there's no question they'll go with Epic. There's not much Allscripts can do about that. So their long-term outlook may be a bit out of their own control."

Another way they can win? Interoperability. 

"Allscripts really casts themselves as being open, and that's exhibited by 120-plus apps that are currently in their app store as part of their Allscripts Developer Program.,” Campbell said. "But you're going to be truly open with the dev platform, allow insights to be delivered to the point of care, insert extensibility into your applications to truly be interoperable, so you can facilitate innovation," he said. 

Campbell suggested that Allscripts must double down on its ADP program, make its technology extensible, focus on core customers and fuel more innovation than ever. "They now have the footprint, and they should be able to do it themselves across this portfolio," he said. "It will come down to the consolidation that happens in the market as these health systems continue to merge. As such it will be unequivocally important to differentiate with innovation," he added. "But that's easy for me to say, because I don't have to answer to Wall Street."

Indeed, there is a lot at stake. 

“The acquisition appears to be a deterrent to attracting new customers as 42 percent of non-customers state they are less likely to consider Allscripts,” Jensen added. “It’s not surprising that more McKesson customers are likely to find an alternative EHR after learning of the acquisition.”  

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Disable Auto Tagging: 

Lakeland Health touts patient monitoring system for cutting cardiac, respiratory arrests in half

0
0

Michigan-based Lakeland Health has lowered the number of cardiac and respiratory arrests by 56 percent through the use of a patient monitoring system, the system said.

Lakeland deployed monitors to collect vital signs at the patient bedside. The patient monitoring system combines software, clinical decision support algorithms and mobile connectivity that help identify patients in need of early intervention.

[Also: Lovelace Health System goes live on Epic EHR]

The monitoring system uses a configurable early warning score engine that is adaptable to commonly used early warning score calculations and can be customized to support variations of early warning score protocols preferred by Lakeland Health. The bedside monitors upload vital signs data to Lakeland’s Epic EHR via a wireless network.

“In our organization, the nurses and nursing assistants collect the majority of the vital signs,” said Arthur Bairagee, chief nursing informatics officer at Lakeland Health. “The purpose of the integration was to eliminate transcription errors by directly uploading the vital signs data into the EHR in real time to reduce the vital signs collection time and provide an early patient deterioration score and direction on the monitor.”

[Also: How smart pump EHR integration could save a community hospital $2 million]

The patient monitoring system – IntelliVue from Philips – contains software and clinical decision algorithms that enable caregivers to accurately obtain vital signs and seamlessly integrate validated patient data directly to the EHR, reducing human errors and saving time, Bairagee said.

The process includes scanning a nurse’s ID badge barcode and a patient’s arm band barcode, collecting vital signs, and validating the data. The data then is calculated by the software and displayed on the monitor as a score from 0 to 8 with a set of instructions per scoring algorithm. If the score is 3 or higher, the nursing assistant calls the nurse to assess the patient. If the score is 5 or higher, the nurse assesses the patient and escalates the situation to the rapid response team, as necessary.

“The nurses and nursing assistants are more vigilant and communicate effectively with each other about their patients’ vital signs,” Bairagee said. “When the alert score is 3 or 4, the nursing assistant notifies the nurse and changes the vital sign sequence from four hours to every two hours. If the alert score continues to go up, the nurse escalates the patient’s condition to the physician and provides immediate intervention.”

The cultural change among the health system’s nurses is evident by the number of rapid response and reduced codes, he added.

In March, Lakeland Health completed the integration of the patient monitoring system and training at all three of its sites. So far, time savings for each nursing assistant is about an hour for every eight-hour shift. As a result, the associates can spend more time with patients.

According to Bairagee, the systems has also seen significant reduction in transcription errors and improved quality of vital signs.

“And since we first implemented this technology in June 2016, the number of rapid responses has increased significantly, with the number of cardiac and respiratory arrests decreasing by approximately 56 percent, moving toward our goal of zero codes,” he said.

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com

Additional Topics: 
Specific Terms: 
Disable Auto Tagging: 

FDA final guidance on medical device interoperability highlights connectivity, risk management

0
0

The U.S. Food and Drug Administration this week released its final guidance for "smart, safe, and secure" interoperability, both among different medical devices and with IT systems.

Developed using feedback from industry, device designers and the public, the guidance is meant to give manufacturers specific considerations to keep in mind with developing their technologies, and recommendations for information to include in pre-market submissions.

"Today’s healthcare providers and their patients are relying more than ever on rapid, secure interactions among different medical devices," said Bakul Patel, associate director for digital health at FDA' Center for Devices and Radiological Health, in a blog post. "From electrocardiograms to infusion pumps, medical devices must reliably communicate and operate in concert."

[Also: FDA finalizes cybersecurity guidance for medical devices]

He offered the example of a neonatal intensive care unit, where a pulse oximeter is "sending data on changes in the newborns' blood oxygen level to a hospital computer system that simultaneously gathers data from EKGs that are monitoring the electrical activity of their hearts." Proper synchronization of that data is critical to patient safety and quality of care.

The voluntary new guidance focuses on three areas that manufacturers should keep focused on to provide a "reasonable assurance of safety and effectiveness" for their interoperable devices, according to FDA.

First, they should design systems with interoperability top-of-mind as a core objective.

"In designing a medical device’s electronic interface, manufacturers should consider the level of interoperability needed to achieve the purpose of the interface, as well as the information necessary to describe the interface," according to the document. "The labeling should be in sufficient detail to allow anticipated users to connect and use the medical device and interface as it is intended."

Second, they should conduct "verification, validation and risk management activities" as appropriate.

"Manufacturers’ risk management strategies should address the risks associated with the anticipated users of the device, reasonably foreseeable misuse of the device, and reasonably foreseeable combinations of events that could result in a hazardous situation," according to the guidelines. "However, FDA recognizes that a manufacturer cannot be responsible for all possible uses outside of the purpose of the interface."

Third, they should be sure to specify, with clear labeling, the devices' relevant functional, performance and interface characteristics in a user- available manner such as labeling.

"One way to reduce risk and facilitate safe and effective medical device interoperability is to include in labeling the functional and performance requirements of the electronic interfaces that may be used to connect medical devices with other electronic equipment," according to FDA. "The manufacturer should determine the appropriate way to provide the information based upon the anticipated users and the risk analysis."

In his blog post, Patel said the agency's top concern is patient safety.

"Errors and inadequate interoperability, such as differences in units of measure (e.g., pounds vs. kilograms) can occur in devices connected to a data exchange system. Our guidance recommends appropriate functional, performance, and interface requirements for devices with such interactions."

One way to help safeguard that is through clear labeling and transparency. Without communicating devices' capabilities, clinical users could use them inappropriately, especially in conjunction with IT systems, in ways that could cause device malfunction – leading to potentially serious adverse events.

"Problems or misuse of interoperable medical devices can be minimized by making the functional, performance, and interface requirements openly available to all users," said Patel. "Our guidance is a good step towards safer devices, and we will continue to work with all stakeholders to adapt along with the technology."

Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com

Specific Terms: 
Disable Auto Tagging: 
Viewing all 1989 articles
Browse latest View live




Latest Images