Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

HL7 Backs Effort To Boost Patient Data Exchange

Posted on December 8, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Standards group Health Level Seven has kicked off a new project intended to increase the adoption of tech standards designed to improve electronic patient data exchange. The initiative, the Argonaut Project, includes just five EMR vendors and four provider organizations, but it seems to have some interesting and substantial goals.

Participating vendors include Athenahealth, Cerner, Epic, McKesson and MEDITECH, while providers include Beth Israel Deaconess Medical Center, Intermoutain  Healthcare, Mayo Clinic and Partners HealthCare. In an interesting twist, the group also includes SMART, Boston Children’s Hospital Informatics Program’s federally-funded mobile app development project. (How often does mobile get a seat at the table when interoperability is being discussed?) And consulting firm the Advisory Board Company is also involved.

Unlike the activity around the much-bruited CommonWell Alliance, which still feels like vaporware to industry watchers like myself, this project seems to have a solid technical footing. On the recommendation of a group of science advisors known as JASON, the group is working at creating a public API to advance EMR interoperability.

The springboard for its efforts is HL7’s Fast Healthcare Interoperability Resources. HL7’s FHir is a RESTful API, an approach which, the standards group notes, makes it easier to share data not only across traditional networks and EMR-sharing modular components, but also to mobile devices, web-based applications and cloud communications.

According to JASON’s David McCallie, Cerner’s president of medical informatics, the group has an intriguing goal. Members’ intent is to develop a health IT operating system such as those used by Apple and Android mobile devices. Once that was created, providers could then use both built-in apps resident in the OS and others created by independent developers. While the devices a “health IT OS” would have to embrace would be far more diverse than those run by Android or iOS, the concept is still a fascinating one.

It’s also neat to hear that the collective has committed itself to a fairly aggressive timeline, promising to accelerate current FHIT development to provide hands-on FHIR profiles and implementation guides to the healthcare world by spring of next year.

Lest I seem too critical of CommonWell, which has been soldiering along for quite some time now, it’s onlyt fair to note that its goals are, if anything, even more ambitious than the Argonauts’. CommonWell hopes to accomplish nothing less than managing a single identity for every person/patient, locating the person’s records in the network and managing consent. And CommonWell member Cerner recently announced that it would provide CommonWell services to its clients for free until Jan. 1, 2018.

But as things stand, I’d wager that the Argonauts (I love that name!) will get more done, more quickly. I’m truly eager to see what emerges from their efforts.

Confusing HIPAA Compliance With Security

Posted on October 2, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Most people  who read this publication know that while HIPAA compliance is necessary, it’s not sufficient to protect your data. Too many healthcare leaders, especially in hospitals, seem satisfied with the song and dance their cloud vendor gave them, or the business associate that promises on a stack of Bibles that it’s in compliance.

I was reminded of this just the other day when Reuters came out with some shocking statistics. One particularly discomforting stat it reported was the fact that medical data is now worth 10 times more than your credit card number on the black market (even if John has argued otherwise). Why? Well, among other things, because medical identity theft isn’t tracked well by providers and payers, which means that a stolen identity can last for months or years before it’s closed down.

Healthcare is not only lagging behind other industries in terms of its hardware and software infrastructure, but the extent to which its executives give a care as to how exposed they are to a breach. Security experts note that senior executives in hospitals see security as a tactical, not a strategic problem, and they don’t spend much time or money on it.

But this could be a deadly mistake. As Jeff Horne, vice president at cybersecurity firm Accuvant, noted to Reuters, “healthcare providers and hospitals are just some of the easiest networks to break into. When I’ve looked at hospitals, and when I’ve talked to other people inside of a breach, they are using very old legacy systems – Windows systems that are 10+ years old that have not seen a patch.”

As if that wasn’t enough, it’s been increasingly demonstrated that medical devices — from infusion pumps to MRIs — are also frighteningly vulnerable to cyber attacks. The vulnerabilities might not be found for months, and when they are, the hapless provider has to wait for the vendor to do the patching to stay in FDA compliance.

So far, even the biggest HIPAA breaches — notably the 4.5 million patient records stolen from hospital giant Community Health Systems — don’t seem to have generated much change. But the sad truth is that unless hospitals get their act together, focused senior executive attention on the issue, and spend enough money to fix the many vulnerabilities that exist, we’re likely to be at the forefront of a very ugly time indeed.

Telemedicine A Critical New Approach To Primary Care

Posted on August 15, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Telemedical treatment has been a tantalizing possibility for many years, for reasons including a failure of health plans to pay for it and too little bandwidth to support it, but those reasons are quickly being trumped by the need for quick, cheap, convenient care.

In fact, according to research by Deloitte, 75 million of 600 million appointments with general practitioners will be via telemedicine channels this year alone.

While one might assume that this influx is coming from traditional primary care practices which are finding their way online, that doesn’t seem to be the case.

Instead,a growing number of entrepreneurial startups are delivering primary care via smart phone and tablet, including Doctor on Demand and HealthTap, which offers videoconferences with PCPs, and options like Healthcare Magic and JustAnswer, which offer consumers the opportunity to get written responses to their healthcare queries from doctors.

Primary care doctors going into direct primary care are also joining the primary care telemedicine revolution; a key part of their business is based on making themselves available for consultation through all channels, including Skype/Facetime/Google Hangout meetings.

To date, most of the thinking about telemedicine have been that it’s an add-on service which is far to one side of the standard provision of primary care. However,with so many consumers paying out of pocket for primary care — and virtual visits typically priced far more cheaply than on-site visits — we may see a new paradigm emerge in which victims of  high-deductible plans and the uninsured rely completely on telemedical PCPs.

Rather than being merely a new technical development, I believe that the delivery of primary care via telemedical channels is a new form of ongoing primary care delivery.

It will take some work on the part of the telemedicine companies to sustain long-term relationships with patients, notably the use of an EMR to track ongoing care. And telemedicine PCPs will need to develop new approaches to working with other providers smoothly, as coordination of care will remain important. Health IT companies would be wise to consider robust, unified platforms that allow all of this to happen smoothly.

Regardless, the bottom line is that primary care telemedicine isn’t an intriguing sideline, it’s the birth of a new way to think about financing and delivery of care. Let’s see if traditional providers jump in, or if they let the agile new virtual PCP companies take over.

HIPAA Slip Leads To PHI Being Posted on Facebook

Posted on July 1, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

HHS has begun investigating a HIPAA breach at the University of Cincinnati Medical Center which ended with a patient’s STD status being posted on Facebook.

The disaster — for both the hospital and the patient — happened when a financial services employee shared detailed medical information with father of the patient’s then-unborn baby.  The father took the information, which included an STD diagnosis, and posted it publicly on Facebook, ridiculing the patient in the process.

The hospital fired the employee in question once it learned about the incident (and a related lawsuit) but there’s some question as to whether it reported the breach to HHS. The hospital says that it informed HHS about the breach in a timely manner, and has proof that it did so, but according to HealthcareITNews, the HHS Office of Civil Rights hadn’t heard about the breach when questioned by a reporter lastweek.

While the public posting of data and personal attacks on the patient weren’t done by the (ex) employee, that may or may not play a factor in how HHS sees the case. Given HHS’ increasingly low tolerance for breaches of any kind, I’d be surprised if the hospital didn’t end up facing a million-dollar OCR fine in addition to whatever liabilities it incurs from the privacy lawsuit.

HHS may be losing its patience because the pace of HIPAA violations doesn’t seem to be slowing.  Sometimes, breaches are taking place due to a lack of the most basic security protocols. (See this piece on last year’s wackiest HIPAA violations for a taste of what I’m talking about.)

Ultimately, some breaches will occur because a criminal outsmarted the hospital or medical practice. But sadly, far more seem to take place because providers have failed to give their staff an adequate education on why security measures matter. Experts note that staffers need to know not just what to do, but why they should do it, if you want them to act appropriately in unexpected situations.

While we’ll never know for sure, the financial staffer who gave the vengeful father his girlfriend’s PHI may not have known he was  up to no good. But the truth is, he should have.

Vendor Creates EMR For Google Glass

Posted on June 20, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Well, here’s an interesting development. An EMR company has created an app allowing doctors using Google Glass to store patient data on a cloud-based storage and collaboration site.

The vendor, California-based Drchrono, is claiming that the application is the first “wearable health record.”  Whether or not that’s the case, this is clearly a step forward in the development of Google Glass as a practical tool for doctors.

According to a Reuters report, Drchrono worked closely with cloud-based storage and collaboration service Box along with Google Glass to create the app.

The new Google Glass at allows doctors — with the patient’s permission — to use Google Glass to record a consultation or surgery. Once the work is done, physician can store the video, as well as photographs and notes, and the patient’s EMR or in Box. The app also allows the data to  be shared with the patient.

The app is still in its infancy — so far, just 300 of the 60,000 doctors using Drchrono’s EMR platform have opted to use the Google Glass app, which is currently available at no cost to users.

But Google Glass apps and options are clearly on the rise, and not just among providers. A recent study by Accenture found that consumers are are very interested in wearable technology; they’re particularly interested in wearable smart glasses like Google Glass as well as smart watches.

As things stand, devices like Google Glass are in the very early adoption stage, so it’s not surprising that few of Drchrono’s physician users have opted to try out the new app. But things are likely to change over the next year or two.

I believe Google Glass will follow the same trajectory the iPad did in medicine. First it was a toy for the well-financed, curious and tech savvy, then an option for early adopters in medicine, then eventually a tool that made sense for nearly every provider.

For the next year or two, most Google Glass announcements will be like this one, reports of experiments whose only uptake will come from leading-edge experimenters in medical technology. But within the next two years or so, Google Glass uses will proliferate, as will the apps that make them a worthwhile investment.

This level of success isn’t inevitable, but it is likely. I’d bet good money that two years from now, you may be reading this blog on a Google Glass app and managing your EMR through one as well.  It’s just a matter of time.

GAO Says Defense, VA Shouldn’t Have Separate EMRs

Posted on March 12, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

The GAO isn’t satisfied with plans the departments of Defense and Veterans Affairs has submitted claiming that separate EMRs will be more affordable and quicker than their original joint plans.

The two agencies had claimed that implementing separate, interoperable EMR systems would be a better choice than developing a joint EMR usable by both agencies.  But the GAO says the two have not substantiated their claims that the separate EMRs would save money and time.

The GAO report comes after years of wrangling over how to create a joint, integrated EHR. The two agencies have been discussing creating the joint project, the iEHR, since 2009. The idea behind the iEHR was to allow every service member to maintain a single EHR throughout their career and lifetime.

However, the iEHR project came to a screeching halt in February 2013, when the two agencies announced plans to stop the project and focus instead on making their existing EHR systems more interoperable.

In follow-up, the House and Senate in December 2013 approved the funding bill that required to VA and DOD to create a plan for a single or interoperable electronic health record by January 31.

Since then the GAO has addressed the plans the two agencies made, and concluded that they have not:

  • Addressed management barriers to collaboration terms of enterprise architecture, IT investment management and other areas
  • Laid out what the interoperable EHR approach consists of, how much it will cost, or when and how it will be completed
  • Developed a joint healthcare architecture or investment management collaboration to guide the project
  • Updated their strategic plan to commit to an integrated approach

In the GAO’s view, the fact that the VA and DOD are taking separate approaches — the VA modernizing its system and the DOD acquiring a new commercially available system — is not going to work out well.

Cloud Technology Can Boost Healthcare IT Market Growth

Posted on March 3, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study suggests that an increase in healthcare provider use of cloud technology plus a decrease in the cost of IT implementation could lead to big changes in the US healthcare IT market.

According to market research consulting firm RCNOS, between now and 2018, the health IT market will grow at a compound annual growth rate of close to 10 percent. Innovation in the market and government support for health IT tools will help the market along as well, the researchers report.

Technologies likely to have this effect include EMRs, clinical decision support systems, medical imaging information systems and lab information systems. The researchers say personal health records, telemedicine and ICD-10 systems are also growth areas.

To realize this potential, however, it will take widespread cooperation across many sectors of the healthcare industry, including providers, payers, plan sponsors, the pharmas and more, writes health blogger Jane Sarasohn-Kahn.

That being said, health IT market growth is not an absolutely sure thing. According to investor and entrepreneur Anne DeGheest, who recently spoke with the Wall Street Journal, the intense activity around health IT resembles the technology bubble of the 1990s.

Whether you share Sarasohn-Kahn’s enthusiasm or DeGheest’s caution, it’s difficult to argue that this is a golden time for health IT innovation and entrepreneurship. What makes today’s health IT activity different than bubbles of previous generations is that it solves real problems, rather than creating apps in search of a problem. I’d argue that health IT’s explosive growth will run well beyond 2018.

HIMSS: Insider Threats Still Biggest Health IT Security Worry

Posted on February 27, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

You can do whatever you like to lock down your data, but  it if they do they do it did buy a block of members of the earth is the work doesn’t go for all it takes is one insider who knows how to unlock it to create a serious security breach.

Results from the 2013 HIMSS Security Survey suggest that despite progress towards hardening security and use of analytics, healthcare organizations must still do more to mitigate the risk of insider threat, such as the inappropriate access of data via employees.

The HIMSS survey, which was supported by The Medical Group Management Association and underwritten by Experian Data Breach Resolution, surveyed 283 information technology and security professionals employed in US hospitals and physician practices. What the researchers found was that the greatest “that motivator” was that of healthcare workers potentially snooping into EMRs to find friends, neighbors, spouses or coworkers.

Given that healthcare IT leaders are particularly concerned about inappropriate use of health data by insiders, you won’t be surprised to hear that there’s been an increase use of several technologies related to access to patient data, including user access control and audit logs in each access to patient records.

But you may be surprised to learn that of the 51 percent of respondents increase the security of the past year, 49 percent of these organizations are still spending just 3 percent  or less of their overall IT budget on securing patient data.

Other findings from the HIMSS survey include that healthcare organizations are using multiple means of controlling employee access to patient information;  67 percent use at least two mechanisms, such as user base and role-based controls, for controlling access the data.

Avoiding The EMR Alienation Effect

Posted on February 10, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Recently, I stumbled across a very interesting article talking about I call the “patient alienation effect” generated by EMRs.  The author, Charles Smith, who practices at the University of Arkansas, is an EMR old hand who has been using the Centricity ambulatory EMR for more than a decade.

The article, which appears in the Journal of Participatory Medicine, talks about the well-known offputting effect EMRs have on patients, and the frustration that they impose on doctors. And as readers know, we’re not talking about a minor impact here.

In the new EMR world, he notes, physicians have a list as long as your arm of EMR related tasks they must perform during the patient visit, including medication reconciliation, managing the problem list, e-prescribing, updating the patient’s history, review of systems, physical exam, entering the follow-up plan into the record, and printing “after the visit” summaries for the patient. And as he points out, this all has to happen for the patient is still sitting in the exam room.

The way he handles this problem is to treat the challenge is one for the patient and physician to solve things together:

*  At the outset, he and the patient have an open discussion of the EMR issue with new patients, discussing the advantages and challenges of the computer in the room.

*  Then, he asks the patient’s to allow him to move their chair beside him in the computer, noting that they will “all three” work together during the visit.

* He also tries to create a hybrid experience of completing some EMR tasks during the visit and others after (for example telling the patient, “hold on while I enter this order for you) before returning to face-to-face conversation.

* He finds that it works best to take notes here and there during the patient visit, then complete the past medical, surgical, family and social history and the review of systems together with the patient directly in the EMR.

Obviously, there’s no one right way to integrate patients into the process of documenting their visit in an EMR. But these ideas seem like good ones.

EMR Divide Remains Between Larger And Smaller Practices

Posted on January 31, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study finds that while physicians’ adoption of EMRs has grown substantially between 2009 and 2012, there’s still a big “digital divide” between large and small medical practices, according to a Commonwealth Fund study reported by iHealthBeat.  But it also concluded that there are ways to close the gap, largely through cash incentives and tech help.

According to the study, EMR adoption by primary care physicians increased from 46 percent in 2009 to 69 percent in 2000.  What’s more, Commonwealth Fund found that most doctors are using core health IT functions, including clinical decision support, e-prescribing and electronic ordering of lab tests.  This is clearly a sign that Meaningful Use Stage 1 has had a large impact. (We’re still waiting to see whether doctors continue to drop out and avoid Stage 2’s tougher criteria.)

The study also found that as of 2012, 33 percent of doctors could electronically exchange clinical summaries, and 35 percent could share lab or diagnostic tests with physicians outside their practices electronically.

But these results were not distributed evenly.  Specifically, researchers found that practice size substantially affected EMR adoption.

For example, the research found that 90 percent practices with 20 or more doctors had adopted EMRs, but that just 50 percent of solo physician practices were on board. That being said, the study found higher rates of EMR adoption among small practices that were sharing resources or that took advantage of Meaningful Use incentives.

All told, researchers concluded that technical assistance programs that incentives close the digital divide regarding EMRs between large and small practices.  This just makes sense. If such programs can make it easy and even lucrative to adopt EMRs, we could see the digital gap close soon.