Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

How Secure Are Wearables?

Posted on October 1, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

JaneenB asks a really fantastic question in this tweet. Making sure that wearables are secure is going to be a really hot topic. Yesterday, I was talking with Mac McMillan from Cynergistek and he suggested that the FDA was ready to make medical device security a priority. I’ll be interested to see what the FDA does to try and regulate security in medical devices, but you can see why this is an important thing. Mac also commented that while it’s incredibly damaging for someone to hack a pacemaker like the one Vice President Cheney had (has?), the bigger threat is the 300 pumps that are installed in a hospital. If one of them can be hacked, they all can be hacked and the process for updating them is not simple.

Of course, Mac was talking about medical device security from more of an enterprise perspective. Now, let’s think about this across millions of wearable devices that are used by consumers. Plus, many of these consumer wearable devices don’t require FDA clearance and so the FDA won’t be able to impose more security restrictions on them.

I’m not really sure the answer to this problem of wearable security. Although, I think two steps in the right direction could be for health wearable companies to first build a culture of security into their company and their product. This will add a little bit of expense on the front end, but it will more than pay off on the back end when they avoid security issues which could literally leave the company in financial ruins. Second, we could use some organization to take on the effort of reporting on the security (or lack thereof) of these devices. I’m not sure if this is a consumer reports type organization or a media company. However, I think the idea of someone holding organizations accountable is important.

We’re definitely heading towards a world of many connected devices. I don’t think we have a clear picture of what this means from a security perspective.

A Few Thoughts After AHIMA About the HIM Profession

Posted on September 30, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This year was my 4th year attending the AHIMA Convention. There was definitely a different vibe this year at AHIMA than has been at previous AHIMA Annual Convention. I still saw the humble and wonderful people that work in the HIM field. I also still saw a passion for the HIM work from many as well. However, there seemed to be an overall feeling from many that they were evaluating the future of HIM and what it means for healthcare, for their organization, and for them personally.

This shouldn’t really come as a surprise. Think about the evolution that’s been happening in the HIM world. First, they got broadsided by $36 billion of stimulus money that slapped EHR systems in their organizations which questioned HIM’s role in this new digital world. Then, last year they got smashed by a few lines in a bill which delayed ICD-10 another year. It’s fair to say that it’s been a tumultuous few years for the HIM profession as they consider their place in the healthcare ecosystem.

While a little bit battered and scarred, at AHIMA I still saw the same passion and love for the work these HIM professionals do. I might add, a work they do with very little recognition outside of places like AHIMA. In fact, when EHR systems started being put in place, I think that many organizations wondered if they’d need their HIM staff in the future. A number of years into the world of EHRs, I think it’s become abundantly clear in every organization that the HIM staff still have extremely important roles in an organization.

While EHR software has certainly changed the nature of the work an HIM professional does, there is still plenty of work that needs to be done. We’d all love for the EHR to automate our entire healthcare lives, but it’s just not going to happen. In fact, in many ways, EHR software complicates the work that’s done by HIM staff. Remember that great HIM modules, features, and functions don’t sell more EHR software (more on that in future posts). Sadly, the HIM functions are often an afterthought in EHR development. We’ll see if that catches up with the EHR vendors.

As I’ve dived deeper into the life and work of an HIM professional, I’ve seen how difficult and detailed the job really can be. Not to mention, the negative consequences an organization can experience if they don’t have their HIM house in order. Just think about a few of the top functions: Release of Information, Medical Coding, Security and Compliance. All of these can have a tremendous impact for good or bad on an organization.

What is clear to me is that the HIM professional has moved well beyond managing medical records. If done well, the HIM functions can play a really important part in any healthcare organization. The challenge that many HIM professionals face is adapting to this changing environment. I see a number of real stand out professionals that are doing phenomenal things in their organization and really have an important voice. However, I still see far too many who aren’t adapting and many who quite frankly don’t want to adapt. I think this will come back to bite them in the end.

A Little #AHIMACon14 Twitter Roundup

Posted on September 29, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’m in San Diego today at the AHIMA Annual Convention. It’s a great event that brings together some really passionate and wonderful Health Information Management professionals. There’s been some interesting Twitter activity at the event. Here’s a roundup of some of the interesting tweets:

Some really great insights. I’d love to hear your thoughts on the tweets above.

The Future of Healthcare IT Publishing

Posted on September 26, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

During today’s #HITsm chat, Karen DeSalvo joined the chat and asked what healthcare IT will be like in 2024. Brian Eastwood, Senior Editor at CIO.com, tweeted the following:


The topic was of interest to me as a health IT blogger myself. However, this was my response:


This of course led to Brian and I contributing to a series of possible 2024 Health IT Headlines we have to look forward to:

I’m pretty sure this wasn’t what Karen DeSalvo had in mind when she asked the question, but I thought it was fun to think about these possible headlines. Plus, I think there’s a fair amount we can learn from thinking about the future in this type of headline fashion. What do you think the healthcare IT headlines will say in 2024?

Outsourcing Claim Creation Infographic

Posted on September 24, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

You know I’m a sucker for an infographic. You can see my Health IT Infographic collection on Pinterest. I found the following infographic interesting since I’d describe it more as a sales infographic. It makes the case for outsourcing claim creation. I’d love to hear your thoughts on the infographic or on outsourcing claim creation. What do you think?

Outsourcing Claim Creation Infographic

Full Disclosure: ClinicSpectrum is a sponsor of the “Cost Effective Healthcare Workflow Series” on this site, but this post is not a sponsored post.

Has the Google Glass Hype Passed?

Posted on September 23, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It seems to me that the hype over Google Glass is done. Enough people started using them and many couldn’t see the apparent value. In fact, some are wondering if Google will continue to invest in it. They’ve gone radio silent on Google Glass from what I’ve seen. We’ll see if they’re planning to abandon the project or if they’re just reloading.

While the future of Google Glass seems unsure to me, I think the idea of always on, connected computing is still alive and well. Whether it’s eyeware, a watch or dome other wearable doesn’t matter to me. Always on, connected computing is a powerful concept.

I’m also interested in the telemedicine and second screen approaches that have been started using Google Glass in Healthcare. Both of these concepts will be an important part of the fabric of health care going forward.

I still remember the wow factor that occurred when I first used Google Glass. It still amazes me today. I just wish it were a little more functional and didn’t hurt my eyes when I used it for long periods.

What do you think of Google Glass and the category of always on computing?  Do you see something I’m missing?

What’s the Black Market Value of a Health Record?

Posted on September 22, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Somewhere in the past, an article put the value of a health record at $50. I’m really not sure who or what wrote the original article or set the price at $50, but that value has been perpetuated in article after article on the internet. Yes, that’s one of the features of the internet. It perpetuates misinformation (kind of like an EMR).

When people make the claim that a compromised health record is worth $50, they usually then say that it’s more valuable than a credit card which is only worth $5 (probably something else that’s debatable). When I hear this, I’ve always wondered how they got the $50 price tag. The reality is that the value of a health record is only what someone is willing to pay. You can say something has a certain value, but without a market to validate that people will consistently pay that price, then does it really have that value?

I’ve always wanted to dig into the black market of health records to try and validate the $50 price tag that everyone likes to claim for health records. However, there are some obvious reasons why I don’t want to dig around in the black market of health records. So, I’ve avoided touching that story.

The good news is that HIStalk discovered a great story by Krebs on Security that puts a value on the health record. Here’s an excerpt from the story:

How much are your medical records worth in the cybercrime underground? This week, KrebsOnSecurity discovered medical records being sold in bulk for as little as $6.40 apiece. The digital documents, several of which were obtained by sources working with this publication, were apparently stolen from a Texas-based life insurance company that now says it is working with federal authorities on an investigation into a possible data breach.

When you read the rest of the article, it’s amazing the sophisticated methods they’re using to sale, pay for and distribute these records. Reminds me of how many incredible things society could create if these smart people turned their efforts to good instead of bad, but I digress.

I love the last line of the article, “Incidentally, even at $8 per record, that’s cheaper than the price most stolen credit cards fetch on the underground markets.”

Like most markets, prices fluctuate based on supply and demand. So, I’m sure we could find various prices for health records. However, I hope we can do away with the blanket statement that health records are worth $50 and worth more than credit cards. Articles like this illustrate why I’m not sure that’s the case.

5 Elements of an Effective HIPAA Audit Program Infographic

Posted on September 18, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This week is National Health IT Week (#NHITWeek), but I think it might be better to call it National Health IT Infographic week. I’m not complaining. I love a good infographic. For example, I posted the Rise of the Digital Patient Infographic and the Healthcare IT Leadership Infographic – A 25 Year History already this week. I figured I might as well round out the week and post an infographic on EMR and HIPAA as well. Coalfire sent me the following infographic looking at HIPAA audits. I don’t think most people realize the HIPAA audits that are coming. HIPAA audits have had a slow start, but I think the momentum is growing. If you’re an organization that ever touches healthcare data, you better be ready. Enjoy the HIPAA audit infographic below.
5 Elements of an Effective HIPAA Audit Program

What If Meaningful Use Were Created by Doctors?

Posted on September 17, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It’s safe to say that meaningful use is growing through its challenges right now. My post yesterday about killing meaningful use and the new Flex-IT Act should be illustration enough. While it’s easy to play Monday Morning Quarterback on meaningful use, I think it’s also valuable to consider what meaningful use could have been and then use that to consider how we can still get there from where we are today.

Many of you might have read my post on The Purpose of the EHR Incentive Program Accordign to CMS. CMS clearly stats that the purpose of the EHR incentive money and meaningful use is to move providers towards advanced use of health IT to:

  • Support Reductions in Cost
  • Increase Access
  • Improve Outcomes for Patients

This has very clearly been CMS’ goal and it’s reflected in what we now know today as meaningful use. Let’s think about those from a physician perspective.

Support Reductions in Cost – So, you’re going to pay me less for doing the same work?

Increase Access – So, you’re going to send me patients who can’t pay their bill? Or does this mean I have to do more work making my records accessible?

Improve Outcomes for Patients – Every doctor can support this. However, many are skeptical (with good reason) that the various elements of meaningful use really do improve outcomes for patients.

If I were to step back and think what a doctor might consider meaningful use of an EHR system, this might be what they’d list (in no particular order):

  • More Efficient
  • Improved Care
  • Increased Revenue

More Efficient – Will the technology help me see patients more efficiently? Will it allow me to spend more time with the patient?

Improved Care – Will the technology help me be a better doctor? Will the technology help me make better use of my time with the patient?

Increased Revenue – Will the technology help me get paid more? Will the technology lower the cost of my malpractice insurance and reduce that risk? Will the technology create new revenue streams beyond just churning patient visits?

I’m sure there are other things that could be listed as well, but I think the list is directionally accurate. When you look at these two lists, there’s very clearly a major disconnect between what end users want and what meaningful use requires. With a lot of the EHR incentive money already paid out, this divide has become a major issue.

Killing Meaningful Use and Proposals to Change It

Posted on September 16, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 6000 articles with John having written over 3000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 13 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Isn’t it nice that National Health IT Week brings people together to complain about meaningful use? Ok, that’s only partially in jest. Marc Probst, CIO of Intermountain and a member of the original meaningful use/EHR Certification committee (I lost track of the formal name), is making a strong statement as quoted by Don Fluckinger above.

Marc Probst is right that the majority of healthcare would be really happy to put a knife in meaningful use and move on from it. That’s kind of what I proposed when I suggested blowing up meaningful use. Not to mention my comments that meaningful use is on shaky ground. Comments from people like Marc Probst are proof of this fact.

In a related move, CHIME, AMDIS and 15 other healthcare organizations sent a letter to the HHS Secretary calling for immediate action to amend the 2015 meaningful use reporting period. These organizations believed that the final rule on meaningful use flexibility would change the reporting period, but it did not. It seems like they’re coming out guns blazing.

In even bigger news (albeit probably related), Congresswoman Renee Ellmers (R-NC) and Congressman Jim Matheson (D-UT) just introduced the Flexibility in Health IT Reporting (Flex-IT) act. This act would “allow providers to report their Health IT upgrades in 2015 through a 90-day reporting period as opposed to a full year.” I have yet to see any prediction on whether this act has enough support in Congress to get passed, but we could once again see congress act when CMS chose a different course of action like they did with ICD-10.

This story is definitely evolving and the pressure to change the reporting period to 90 days is on. My own personal prediction is that CMS will have to make the change. I’d love to hear your thoughts.

Happy National Health IT Week!