Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Top 3 Tips for Taking on Digital Health

Posted on January 18, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest blog post by Brittany Quemby, Marketing Strategist of Stericycle Communication Solutions as part of the Communication Solutions Series. Follow & engage with them on Twitter: @StericycleComms
Brittany Quemby - Stericycle
The other day I deleted several apps from my mobile phone. One I had downloaded when I was traveling, one took up too many gigs on my phone, and the last was one I downloaded to track specific health activities last January probably hoping to achieve one of my many New Year’s resolutions.  This happens to me all the time – I download an app or tool, use it once or twice, realize I don’t have any use for it or haven’t used it in 3 months and end up deleting to free up space on my phone.

This got me thinking about digital technology in the healthcare industry. Unfortunately, every day there is a slew of digital health tools developed that take a lot of time, money and effort and then go unused by the user for a variety of reasons. I picture something like a digital health tool graveyard that exists somewhere in the cloud.

After I got the mental image of a technology version of the Lion King’s Elephant Graveyard out of my head, I began to ask myself why so many digital heath technologies went stale. What needed to change? The time, money, and beautiful design that is put into development won’t draw patients by the masses.  The thing about digital health is that there has to be something in it to evoke a user’s actions.  Below are 3 important strategies I believe we need to all keep in mind when taking on digital health:

1. What does the patient EXPECT?

It’s no surprise that patients want technology incorporated into their healthcare.  However, it’s essential to couple the right technology with appropriate expectation of the user.  What you THINK a patient expects, might not always turn out to be the case.  According to a recent study by business and technology consulting firm West Monroe Partners, 91 percent of healthcare customers say they would take advantage of mobile apps when offered.  However, according to an Accenture report, 66% of the largest 100 US hospitals have consumer-facing mobile apps, 38% of which have been developed for their patients, and only 2% of patients are actively using these apps. When users are met with digital health technology that lacks the expected user experience, they are left feeling disappointed, unfulfilled, and begin looking elsewhere for services.

2. What does the patient WANT?

Patients are longing for a consumer experience when it comes to their healthcare.  New research shows that “patients today are choosing their providers, in part, based on how well they use technology to communicate with them and manage their health,” says Joshua Newman, M.D., chief medical officer, Salesforce Healthcare and Life Sciences.  Patients crave technology, customization and convenience.  There is no doubt that digital health tools satisfy the convenience factor.  However, they are nothing without a customized experience. Limiting your interactions with patients to an out-of-the-box, one-way digital communication strategy can be disadvantageous and could mean you aren’t reaching patients at all.  Digital health that is personalized, optimized, and sent through multi modalities allows you to be sure that you are engaging your patient in a way they want.

3. Where does the patient GO?

It’s no surprise that patients expect a consumer experience when it comes to interacting with their healthcare provider. But mastering digital health must include more than just mobile apps and the doctor’s office.  A digital health strategy that connects with patients across the entire continuum of care will optimize their experience and satisfaction.  In a recent study by West Monroe Partners called No More Waiting Room: The Future of the Healthcare Customer Experience, Will Hinde, Senior Director says “we’re starting to see more providers incorporate the digital experience with their office visit, by shifting to more online scheduling of appointments, paperless office interactions, following up via email, portals, and mobile apps and taking steps towards greater cost and quality transparency.”  Connecting with patients outside of the doctor’s office and in places where they frequent most allows for better changes of engagement, leading to greater experiences.

Tackling digital health can be daunting and unsuccessful if it’s looked at solely from the angle that technology is king. Looking at it from the lens of the patient becomes less intimidating and more likely that your digital health efforts don’t end up in the Elephant Graveyard.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality call center & telephone answering servicespatient access services and automated communication technology. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media: @StericycleComms

Identifying, Engaging, and Learning from Health IT Influencers, Leaders & Organizations – #HITsm Chat Topic

Posted on January 17, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 1/20 at Noon ET (9 AM PT). This week’s chat will be hosted by Juliana Ruiz from Bryte Box Consulting (@BryteBox) on the topic of “Identifying, Engaging, and Learning from Health IT Influencers, Leaders & Organizations“.

The ability to create, curate and disseminate information is getting easier and easier every day. In addition to running a blog and participating in things like tweetchats, the average Joe or Josephine can now publish their own podcast, broadcast their own video and reach people in ways that were just not economically or technically feasible not too long ago.

Because of the rapid and explosive expansion of information, it’s more important than ever to be able to identify and vet the information flooding our senses via the channels we observe each day. This chat will explore some ideas and approaches regarding Identifying, Engaging, and Learning from Health IT Influencers, Leaders & Organizations.

Join us as we discuss the following questions for this week’s #HITsm chat:

T1: What are key attributes you look for in a thought leader – whether an individual or an organization? #HITsm

T2: How do you prefer to interact w/ IT thought leaders? (ex. email, webinars, group discussion, FTF, etc.) #HITsm

T3: What are some ways you prefer to learn about products/services offered by a vendor? What are key attributes of vendor-supplied info? #HITsm

T4: What is your preferred media/approach for learning about something in depth? i.e. a complex topic #HITsm

T5: What is a 3-5 word phrase that can be used to describe a “good” Healthcare Thought Leader? #HITsm

Bonus: Who are some of your favorite influencers and thought leaders in the healthcare space? #HITsm

Here’s a look at the upcoming #HITsm chat schedule:

1/27 – Key Components of Health IT Strategy and Disaster Recovery
Hosted by Bill Esslinger (@billesslinger) from @FogoDataCenters

2/3 – Healthcare Robots!
Hosted by Mr RIMP (@MrRimp, Robot-In-My-Pocket), mascot of the first ever #HIMSS17 Innovation Makerspace! (Booth 7785) (with assistance from @wareflo)

2/10 – TBD
Hosted by Steve Sisko (@shimcode)

2/17 – Enough talk, lets #GSD (Get Stuff Done)
Hosted by Burt Rosen (@burtrosen) from @healthsparq

2/24 – HIMSSanity Recovery Chat
With #HIMSS17 happening the week of this chat, we’ll take the week off from a formal chat. However, we encourage people that attended HIMSS or watched HIMSS remotely to share a “Tweetstorm” that tells a #HIMSS17 story, shares insights about a topic, rants on a topic of interest, or shows gratitude. Plus, it will be fun to test out a new form of tweetstorm Twitter chat. We’ll post more details as we get closer.

We look forward to learning from the #HITsm community! As always let us know if you have ideas for how to make #HITsm better.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

IBM Watson Partners With FDA On Blockchain-Driven Health Sharing

Posted on January 16, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

IBM Watson Health has partnered with the FDA in an effort to create scalable exchange of health data using blockchain technology. The two will research the exchange of owner-mediated data from a variety of clinical data sources, including EMRs, clinical trial data and genomic health data. The researchers will also incorporate data from mobiles, wearables and the Internet of Things.

The initial project planned for IBM Watson and the FDA will focus on oncology-related data. This makes sense, given that cancer treatment involves complex communication between multispecialty care teams, transitions between treatment phases, and potentially, the need to access research and genomic data for personalized drug therapy. In other words, managing the communication of oncology data is a task fit for Watson’s big brain, which can read 200 million pages of text in 3 seconds.

Under the partnership, IBM and the FDA plan to explore how the blockchain framework can benefit public health by supporting information exchange use cases across varied data types, including both clinical trials and real-world data. They also plan to look at new ways to leverage the massive volumes of diverse data generated by biomedical and healthcare organizations. IBM and the FDA have signed a two-year agreement, but they expect to share initial findings this year.

The partnership comes as IBM works to expand its commercial blockchain efforts, including initiatives not only in healthcare, but also in financial services, supply chains, IoT, risk management and digital rights management. Big Blue argues that blockchain networks will spur “dramatic change” for all of these industries, but clearly has a special interest in healthcare.  According to IBM, Watson Health’s technology can access the 80% of unstructured health data invisible to most systems, which is clearly a revolution in the making if the tech giant can follow through on its potential.

According to Scott Lundstrom, group vice president and general manager of IDC Government and Health Insights, blockchain may solve some of the healthcare industry’s biggest data management challenges, including a distributed, immutable patient record which can be secured and shared, s. In fact, this idea – building a distributed, blockchain-based EMR — seems to be gaining traction among most health IT thinkers.

As readers may know, I’m neither an engineer nor a software developer, so I’m not qualified to judge how mature blockchain technologies are today, but I have to say I’m a bit concerned about the rush to adopt it nonetheless.  Even companies with a lot at stake  — like this one, which sells a cloud platform backed by blockchain tech — suggest that the race to adopt it may be a bit premature.

I’ve been watching tech fashions come and go for 25 years, and they follow a predictable pattern. Or rather, they usually follow two paths. Go down one, and the players who are hot for a technology put so much time and money into it that they force-bake it into success. (Think, for example, the ERP revolution.) Go down the other road, however, and the new technology crumbles in a haze of bad results and lost investments. Let’s hope we go down the former, for everyone’s sake.

Kill Passwords

Posted on January 13, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

One time I was attending the crazy SXSW conference in Austin. As part of the event, there was a startup company from Las Vegas (where I live) that had a small tower in the big Vegas Tech booth. Their startup was a method to use your phone as your password and a few other password related things. I’m not sure how they came up with this idea, but half way through the conference they switched their monitor which previously had their logo on it to just say “Kill Passwords” in big black letters with a white background. It was amazing how much traffic they drove to their small table because of that simple digital signage.

While this is a story in marketing that’s worthy of the Healthcare IT Marketing and PR Conference which I host, it also illustrated how much we hate passwords. Turns out that this is a universal truth, but it’s particularly poignant in healthcare because of absurd password policies that many healthcare organizations put in place in the name of security (even if many of the choices they make don’t actually improve security).

Doctors password frustration was illustrated well in the latest ZDoggMD video “Doc Vader on The Password Menace.” Check it out below:

I felt it was appropriate to use ZDoggMD’s latest video in today’s Fun Friday post, but I do it with some sadness. A couple days ago, ZDoggMD announced that his Turntable Health clinic in Las Vegas was shutting down. As a Vegas resident and former member of Turntable Health, I was sorry to see this happen. No doubt this is not the end for ZDoggMD. In fact, for those that are fans of his video and his message, I think this will give him more time to evangelize and inspire. So, that’s a good thing. Healthcare can use a shakeup that points out the challenges we face with a little lot of humor. Thanks ZDoggMD for all you do.

Now, I agree that passwords are a pain. Although, I think we’ve all learned to deal with them. I do look forward to the day when passwords will no longer exist in their current form. I’m not sure what it will look like, but it will be a welcome day!

8th Annual New Media Meetup at #HIMSS17 Sponsored by Stericycle Communication Solutions

Posted on January 12, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

8th Annual New Media Meetup - HIMSS17 in Orlando

For those of you planning to attend the HIMSS 2017 conference in Orlando, I’m excited to share the details of the 8th Annual New Media Meetup at HIMSS. For those who’ve missed the last 7 events, it’s a unique event that brings together healthcare IT bloggers, tweeters, and other social media influencers at the mecca of Healthcare IT conferences.

It’s incredible to think how far social media, blogging, and other new media formats have changed since we first started the New Media Meetup 8 years ago. What hasn’t changed is how many incredible connections happen on social media and how much fun we have meeting in person at the New Media Meetup during HIMSS. We’re lucky to have Stericycle Communication Solutions supporting our desire to bring together the best healthcare IT influencers at this incredible event. I hope everyone will spend some time checking out Stericycle Communication Solutions and thank them for sponsoring the event.

If you’d like to attend the event, please make sure you register.

Here’s a quick summary of what we have planned for the event:
When: Tuesday 2/21 6:00-8:00 PM
Where: Cuba Libre at Pointe Orlando, 9101 International Dr, Orlando, FL 32819 MAP (Cuba Libre is a short walk from the convention center.)
Who: Anyone who uses or is interested in New Media (Blogs, Twitter, Social Media, YouTube Live, Facebook, etc)
What: Food, Drinks, Dance Floor, Giveaways, and Amazing People

Register Now!

Sponsored by Stericycle Communication Solutions
SRCL Communication Solutions
Stericycle Communication Solutions helps bring patients and healthcare organizations closer together. We believe that the key to patient engagement and positive patient experiences is effective and timely communication. Stericycle Communication Solutions is a leading provider of live agent services and technology solutions including high quality telephone answering, online appointment scheduling, and automated communication services; allowing patients and providers to interact through multiple communication channels such as phone, email, voice, text and online.

Learn more at: www.stericyclecommunications.com

Those interested in the New Media Meetup at HIMSS will want to check out the full scale Healthcare IT Marketing and PR Conference that we’re hosting in Las Vegas April 5-7, 2017. It’s a special 3 days devoted to health IT marketing and PR professionals.

A really big thank you also goes out to all the members of Influential Networks and Healthcare Scene that help promote the New Media Meetup. This event was originally brought together through social media and is still largely organized thanks to social media.

Let me know if you have any questions and I look forward to seeing many of you in Orlando very soon!

The “Disconnects” That Threaten The Connected World

Posted on January 11, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

I’m betting that most readers are intimately familiar with the connected health world. I’m also pretty confident that you’re pretty excited about its potential – after all, who wouldn’t be?  But from what I’ve seen, the health IT world has paid too little attention to problems that could arise in building out a connected health infrastructure. That’s what makes a recent blog post on connected health problems so interesting.

Phil Baumann, an RN and digital strategist at Telerx, writes that while the concept of connecting things is useful, there’s a virtually endless list of “disconnects” that could lead to problems with connected health. Some examples he cites include:

  • The disconnect between IoT hardware and software
  • The disconnect between IoT software and patches (which, he notes, might not even exist)
  • The disconnect between the Internet’s original purpose and the fast-evolving purposes created in the Connected World
  • The disconnects among communication protocols
  • The disconnect between influencers and reality (which he says is “painfully wide”)
  • The disconnects among IoT manufacturers
  • The disconnects among supply chains and vendors

According to Baumann, businesses that use IoT devices and other connected health technologies may be diving in too quickly, without taking enough time to consider the implications of their decisions. He writes:

Idea generation and deployment of IoT are tasks with enormous ethical, moral, economic, security, health and safety responsibilities. But without considering – deeply, diligently – the disconnects, then the Connected World will be nothing of the sort. It will be a nightmare without morning.

In his piece, Baumann stuck to general tech issues rather than pointing a finger at the healthcare industry specifically. But I’d argue that the points he makes are important for health IT leaders to consider.

For example, it’s interesting to think about vulnerable IoT devices posing a mission-critical security threat to healthcare organizations. To date, as Baumann rightly notes, manufacturers have often fallen way behind in issuing software updates and security patches, leaving patient data exposed. Various organizations – such as the FDA – are attempting to address medical device cybersecurity, but these issues won’t be addressed quickly.

Another item on his disconnect list – that connected health deployment goes far beyond the original design of the Internet – also strikes me as particularly worth taking to heart. While past networking innovations (say, Ethernet) have led to rapid change, the changes brought on by the IoT are sprawling and almost unmanageable under current conditions. We’re seeing chaotic rather than incremental or even disruptive change. And given that we’re dealing with patient lives, rather than, for example, sensors tracking packages, this is a potentially dangerous problem.

I’m not at all suggesting that healthcare leaders should pull the plug on connected health innovations. It seems clear that the benefits that derive from such approaches will outweigh the risks, especially over time. But it does seem like a good idea to stop and think about those risks more carefully.

New Year’s Goals for Healthcare IT – #HITsm Chat Topics

Posted on January 10, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 1/13 at Noon ET (9 AM PT). This week’s chat will be hosted by John Lynn (@techguy) from @HealthcareScene on the topic of “New Year’s Goals for Healthcare IT“. Should be a great time looking at the healthcare IT industry and evaluating what goals might help move the industry forward. Plus, we’ll talk about personal goals we can make in our own life and as an #HITsm community to make healthcare IT better as well.

Here’s the full list of questions that will serve as the framework for the #HITsm chat on New Year’s Goals for Healthcare IT:

T1: What big, hairy, audacious, goals (BHAG) should healthcare IT strive to accomplish? #HITsm

T2: What small, reasonable goals could healthcare IT achieve in 2017 that would make a big difference? #HITsm

T3: Which organizations can have the most impact on health IT and what goals should they strive for? #HITsm

T4: As an #HITsm community, what goals should we strive to achieve in 2017?

T5: Personally, what do you commit to do in 2017 to move healthcare IT forward? #HITsm

Bonus: What’s your prediction on what will really happen in healthcare IT in 2017? #HITsm

Here’s a look at the upcoming #HITsm chat schedule:

1/20 – Identifying, Engaging, and Learning from Health IT Influencers, Leaders & Organizations
Hosted by Juliana Ruiz from Bryte Box Consulting (@BryteBox)

1/27 – Key Components of Health IT Strategy and Disaster Recovery
Hosted by Bill Esslinger (@billesslinger) from @FogoDataCenters

2/3 – Makers
Hosted by MrRimp (with assistance from @wareflo)

2/10 – TBD
Hosted by Steve Sisko (@shimcode)

2/17 – TBD
Hosted by Burt Rosen (@burtrosen) from @healthsparq

We look forward to learning from the #HITsm community! As always let us know if you have ideas for how to make #HITsm better.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

An Intelligent Interface for Patient Diagnosis by HealthTap

Posted on January 9, 2017 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

HealthTap, an organization that’s hard to categorize, really should appear in more studies of modern health care. Analysts are agog over the size of the Veterans Administration’s clientele, and over a couple other major institutions such as Kaiser Permanente–but who is looking at the 104,000 physicians and the hundreds of millions of patients from 174 countries in HealthTap’s database?

HealthTap allows patients to connect with doctors online, and additionally hosts an enormous repository of doctors’ answers to health questions. In addition to its sheer size and its unique combination of services, HealthTap is ahead of most other health care institutions in its use of data.

I talked with founder and CEO Ron Gutman about a new service, Dr. AI, that triages the patient and guides her toward a treatment plan: online resources for small problems, doctors for major problems, and even a recommendation to head off to the emergency room when that is warranted. The service builds on the patient/doctor interactions HealthTap has offered over its six years of operation, but is fully automated.

Somewhat reminiscent of IBM’s Watson, Dr. AI evaluates the patient’s symptoms and searches a database for possible diagnoses. But the Dr. AI service differs from Watson in several key aspects:

  • Whereas Watson searches a huge collection of clinical research journals, HealthTap searches its own repository of doctor/patient interactions and advice given by its participating doctors. Thus, Dr. AI is more in line with modern “big data” analytics, such as PatientsLikeMe does.

  • More importantly, HealthTap potentially knows more about the patient than Watson does, because the patient can build up a history with HealthTap.

  • And most important, Dr. AI is interactive. Instead of doing a one-time search, it employs artificial intelligence techniques to generate questions. For instance, it may ask, “Did you take an airplane flight recently?” Each question arises from the totality of what HealthTap knows about the patient and the patterns found in HealthTap’s data.

The following video shows Dr. AI in action:

A well-stocked larder of artificial intelligence techniques feed Dr. AI’s interactive triage service: machine learning, natural language processing (because the doctor advice is stored in plain text), Bayesian learning, and pattern recognition. These allow a dialog tailored to each patient that is, to my knowledge, unique in the health care field.

HealthTap continues to grow as a platform for remote diagnosis and treatment. In a world with too few clinicians, it may become standard for people outside the traditional health care system.

Healthcare Humor – Fun Friday

Posted on January 6, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’m battling through the CES conference this week, so it’s a bit crazy around here. Plus, you know that Friday we like to have a little fun. I found these two healthcare cartoons that I thought would be a fun Friday post.

Of course, this is only funny until you’re in that position. It’s a crazy world we live in. Have a great weekend!

FDA Weighs In On Medical Device Cybersecurity

Posted on January 5, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

In the past, medical devices lived in a separate world from standard health IT infrastructure, typically housed in a completely separate department. But today, of course, medical device management has become much more of an issue for health IT managers, given the extent to which such devices are being connected to the Internet and exposed to security breaches.

This has not been lost on the FDA, which has been looking at medical device security problems for a long time. And now – some would say “at long last” – the FDA has released final guidance on managing medical device cybersecurity. This follows the release of earlier final guidance on the subject released in October 2014.

While the FDA’s advice is aimed at device manufactures, rather than the health IT managers who read this blog, I think it’s good for HIT leaders to review. (After all, you still end up managing the end product!)

In the guidance, the FDA argues that the best way to bake cybersecurity protections into medical devices is for manufacturers to do so from the outset, through the entire product lifecycle:

Manufacturers should build in cybersecurity controls when they design and develop the device to assure proper device performance in the face of cyber threats, and then they should continuously monitor and address cybersecurity concerns once the device is on the market and being used by patients.

Specifically, the agency is recommending that manufacturers take the following steps:

  • Have a way to monitor and detect cybersecurity vulnerabilities in their devices
  • Know assess and detect the level of risk vulnerabilities pose to patient safety
  • Establish a process for working with cybersecurity researchers and other stakeholders to share information about possible vulnerabilities
  • Issue patches promptly, before they can be exploited

The FDA also deems it of “paramount” importance that manufacturers and stakeholders consider applying core NIST principles for improving critical infrastructure cybersecurity.

All of this sounds good. But considering the immensity of the medical device infrastructure – and the rate of its growth – don’t expect these guidelines to make much of an impact on the device cybersecurity problem.

After all, there are an estimated 10 million to 15 million medical devices in US hospitals today, according to health tech consultant Stephen Grimes, who spoke on biomedical device security at HIMSS ’16. Grimes, a past chair of the HIMSS Medical Device Security Task Force, notes that one 500-bed hospital could have 7,500 devices on board, most of which will be networked. And each networked monitor, infusion pump, ventilator, CT or MRI scanner could be vulnerable to attack.

Bottom line, we’re looking at some scary risks regardless of what manufacturers do next. After all, even if they do a much better job of securing their devices going forward, there’s a gigantic number of existing devices which can be hacked. And we haven’t even gotten into the vulnerabilities that can be exploited among home-based connected devices.

Don’t get me wrong, I’m glad to see the FDA stepping in here. But if you look at the big picture, it’s pretty clear that their guidance is clearly just a small step in a very long and complicated process.