Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Healthcare Providers and Patients Deserve Better Security

Posted on June 1, 2015 I Written By

The following is a guest blog post by Anna Drachenberg, Founder and CEO of HIPAA Risk Management.
Anna Drachenberg

Our firm has been helping dentists and other healthcare providers with their HIPAA security compliance for several years. Based on our customers’ experience, many dentists lack healthcare IT partners who are committed to data security and HIPAA compliance.  Unfortunately, this lack of commitment appears to be an epidemic across healthcare IT, and healthcare providers and patients need to demand a change.

In our recent alert, Dentrix Vulnerabilities and Mitigation for HIPAA Compliance, we described two major vulnerabilities we’ve had to assist our clients in mitigating in order to protect their patients’ data and comply with our clients’ HIPAA security policies. Our regulatory and data security experts were concerned, on behalf of our clients, with the way Henry Schein handled these two issues. More concerning, this seems to be a trend with many healthcare IT companies.

From the article, “In October 2012, it was reported to the Community Emergency Response Team (CERT) that all Dentrix G5 software was installed with hard-coded credentials to access the back-end database.” Pretty serious, right? The National Vulnerability Database gave this a severity score of 5.0 and an exploitability score of 10.0.  In the CERT notification you can see that the vulnerability was credited to Justin Shafer, not the vendor, Henry Schein, and there are several months between the time that the exploit was reported (11/22/2012) until Henry Schein released a fix for the issue (2/13/2013). Read the linked article for more details on the fix Henry Schein provided.

In a time when most industries are embracing security and offering “bug bounties,” many in the healthcare IT industry are trying to ignore the problem and hope that their customers are ignoring it, too. Take the recent panic over hackers controlling airplanes. What did United Airlines do? Offer a bug bounty that pays out in airlines miles that can be redeemed for free tickets. Most software and IT companies offer similar bug bounty programs and actively cooperate with independent security professionals. These companies know that every bug that is found before it is exploited can save millions of dollars and improve their product.

I’d like to challenge all of the blog readers today to find a healthcare IT vendor who has the same approach to security. For that matter, do a search on CERT vulnerability database or the National Vulnerability Database for any healthcare software or product you know or general terms like medical, hospital, healthcare. Surprised at the lack of issues reported and fixed? Are we really supposed to believe that the healthcare IT developers are superior to other industries?

Note: The only results in a search I did on 5/30/2015 of the National Vulnerability Database for “Epic” returns vulnerabilities in the Epic Games Unreal Tournament Engine. It is good to know that my video game company cares about my data security.

Everyone who purchases, administers, and uses healthcare IT systems and software deserves vendors who are committed to security. Consider for a moment – the customers of these products are the responsible parties for ensuring the security of the data they put in to these systems. Although the change to business associates under the HIPAA Omnibus Rule puts more liability on some of these vendors, the covered entity is still ultimately responsible and takes the hit to its reputation. Patients, the ones who experience harm when these systems are breached, have to rely on their doctors and other healthcare providers to ensure that the healthcare IT software and products are secure.  I don’t know about you, but I really hope that my physician spent more time in medical school learning about medicine than he did about encryption.

It’s time for all of us in the healthcare industry to demand that our vendors have the same level of commitment to security as the healthcare providers who are their customers. It’s time for all of us as patients to demand that these vendors improve the security of the products used by our healthcare providers.

One last note. In our alert, we link to Dentrix’s notice on the type of “encryption” they offer on one of their products. From Dentrix’s article:

“Henry Schein introduced cryptographic technology in Dentrix version G5 to supplement a practice’s employee policies, physical safeguards and data security. Available only in Dentrix G5, we previously referred to this feature as encryption. Based on further review, we believe that referring to it as a data masking technique using cryptographic technology would be more appropriate. Regardless of what you call it…”

To your clients, it matters what the federal government “calls” it, and they don’t call it encryption.

About Anna Drachenberg
Anna Drachenberg has more than 20 years in the software development and healthcare regulatory fields, having held management positions at Pacificare Secure Horizons, Apex Learning and the Food and Drug Administration. Anna co-founded HRM Services, Inc., (hipaarisk.com) a data security and compliance company for healthcare. HRM offers online risk management software for HIPAA compliance and provides consulting services for covered entities and business associates. HRM has clients nationwide and also partners with IT providers, medical associations and insurance companies.

My Overall Take on EHR in the Middle East

Posted on May 28, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

If you follow me on Twitter or on Facebook, then you’ve probably seen me posting pictures of my trip to Dubai. While I’ve been able to have a little fun and games on this trip, I spent most of my time teaching a 3 day EHR workshop to a group of amazing people from Saudia Arabia, Oman, and Pakistan. If you’ve never been out of the US and experience other countries, then I highly recommend it. It provides some amazing added perspective to your life.

Based on the surveys and feedback from attendees, I’d say the workshop was a success. I was surprised that I could talk about EHR for 3 days, but I didn’t have any problem. We’re going to shorten future EHR workshops I do to only 2 days, not because there isn’t enough content, but that after 2 days of talking about EHR you’re pretty well burnt out and can’t take in more information.

While I’m glad to hear that those who attended got value from the workshop, I must admit that I was grateful for the learning I took away from those in my class. It’s the truth of teaching. The students often teach the teacher as much as the teacher teaches the students. In fact, the last session of the workshop was an opportunity for the students to share their experiences and insights with EHR and to raise their challenges so we could collectively help each other. I love this type of community support. I’m hopeful it will continue well after the conference. Luckily with things like Twitter, LinkedIn, and WhatsApp, it’s easy for all of us from around the world to stay connected. Email’s not bad either.

While the middle east and each country in the middle east has some unique idiosyncrasies, I was most surprised by how similar it is in these countries when I compare it with my experience in the US. We like to think that it’s very different (and in a few cases it is), but there is more in common with implementing EHR than there is different when you look at EHR across the world.

For example, they still had doctors who didn’t want to train on the EHR and then complained that they didn’t know how to use it. The power of doctor peer pressure is just as strong internationally as it is in the US. EHR interfaces are as much a nightmare in the middle east as it is in the US. I could go on and on.

The thing I found most similar to the US was the people cared about the patients much like they do in the US. We generally have really amazing people working in healthcare and that appears to be true in the middle east as well. While we all understand the challenges we face in healthcare, the desire to provide great care to the patient is a universal desire.

I’m heading home tomorrow. I’ll be grateful to be home in my own bed and with my family. However, I’ve almost got a return trip planned for the end of August. Plus, my Saudi friends want me to come and share my insights in their country. Considering one of them has a jet ski on the ocean, that sounds pretty enticing. Not to mention my new friends in Oman offered to let me ride their camel if I visited them. I think we’ll stick to Dubai for now, but you never know where life will take me in the future. Maybe a future training I do will line up with HIMSS Middle East in December. Either way, I love that I’ve been able to learn about new EHR perspectives. It’s always enlightening.

Knotty Problems Surround Substance Abuse Data Sharing via EMRs

Posted on May 27, 2015 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As I see it, rules giving mental health and substance abuse data extra protection are critical. Maybe someday, there will be little enough stigma around these illnesses that special privacy precautions aren’t necessary, but that day is far in the future.

That’s why a new bill filed by Reps. Tim Murphy (R-PA.) and Paul Tonko (D-N.Y.), aimed at simplifying sharing of substance misuse data between EMRs, deserves a close look by those of us who track EMR data privacy. Tonko and Murphy propose to loosen federal rules on such data sharing  such that a single filled-out consent form from a patient would allow data sharing throughout a hospital or health system.

As things currently stand, federal law requires that in the majority of cases, federally-assisted substance abuse programs are barred from sharing personally-identifiable patient information with other entities if the programs don’t have a disclosure consent. What’s more, each other entity must itself obtain another consent from a patient before the data gets shared again.

At a recent hearing on the 21st Century Cures Act, Rep. Tonko argued that the federal requirements, which became law before EMRs were in wide use, were making it more difficult for individuals fighting a substance abuse problem to get the coordinated care that they needed.  While they might have been effective privacy protections at one point, today the need for patients to repeatedly approve data sharing merely interferes with the providers’ ability to offer value-based care, he suggested. (It’s hard to argue that it can’t be too great for ACOs to hit such walls.)

Clearly, Tonko’s goals can be met in some form.  In fact, other areas of the clinical world are making great progress in sharing mental health data while avoiding data privacy entanglements. For example, a couple of months ago the National Institute of Mental Health announced that its NIMH Limited Datasets project, including data from 23 large NIMH-supported clinical trials, just sent out its 300th dataset.

Rather than offer broader access to data and protect individual identifiers stringently, the datasets contain private human study participant information but are shared only with qualified researchers. Those researchers must win approval for a Data Use Certification agreement which specifies how the data may be used, including what data confidentiality and security measures must be taken.

Of course, practicing clinicians don’t have time to get special approval to see the data for every patient they treat, so this NIMH model doesn’t resolve the issues hospitals and providers face in providing coordinated substance abuse care on the fly.

But until a more flexible system is put in place, perhaps some middle ground exists in which clinicians outside of the originating institution can grant temporary, role-based “passes” offering limited use to patient-identifiable substance abuse data. That is something EMRs should be well equipped to support. And if they’re not, this would be a great time to ask why!

EHR Partner Programs

Posted on May 22, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Amazing Charts just announced a new EHR partner program. This isn’t something that’s particularly new for EHR vendors. They all have lots of partners. Some have formalized them into a program like athenahealth has done with their More Disruption Please (MDP) program. Others are much more quiet about the partners they work with and how they work with them.

What’s clear to me in the EHR industry is that an EHR vendor won’t be able to do everything. There are some that like to try (See Epic), but even the largest EHR vendor isn’t going to be able to provide all the services that are needed by a healthcare organization. This is true for ambulatory and hospitals.

Since an EHR vendor won’t be able to do everything, it makes a lot of sense for an EHR vendor to have some sort of partners program. The challenge for an EHR vendor is that a partner program comes with two major expectations. First, the partner has a high quality integration with the EHR software. Second, that the partner is something that the EHR vendor has vetted.

The first challenge is mostly a challenge because most EHR vendors aren’t great at integrating with outside companies. This is a major culture shift for many EHR vendors and it will take time for them to get up to speed on these types of integrations. Plus, these integrations do take some time and investment on the part of the EHR vendor. When there’s time and investment involved, the EHR vendor starts to be much more selective about which companies they want to be working with long term. They don’t want to spend their time and money integrating with a company which none of its users will actually use.

The second challenge is that EHR users assume that an EHR partner is one that’s been vetted by the EHR vendor. Even if the EHR vendor puts all sorts of disclaimers on their partner page, the EHR vendor is still associated with their partners. The written disclaimers might help you avoid legal issues, but working with shady partners can do a lot of damage to your reputation and credibility in the marketplace. I actually think this is probably the biggest reason that EHR vendors have been reluctant to implement partner programs.

I think over time we’ll see the first problem solved as EHR vendors work to standardize their APIs for partner companies. As those APIs become more mature, we’ll see much deeper EHR integrations and the costs to an EHR vendor will drop dramatically when it comes to new partner integrations.

The second problem is much harder to solve. My best suggestion for EHR vendors is to create a platform which allows your users to help you vet potential partners. Not only can they participate in the vetting process, but it can also help you know which partners would be useful to your users. Is there anything more valuable than user driven partnerships? It also puts you in a good position with potential partners if you already have users interested in the integration.

However, an EHR vendor shouldn’t just leave potential partnership requests to their users. Many of their users don’t know of all the potential partner companies. Users are so busy dealing with their day jobs that they often don’t know of all the potential companies that could benefit their practice or hospital. Certainly you should accept user input on potential partnerships, but an EHR vendor should also seed the potential partner feedback platform with a list of potential partners as well. The mix of an EHR vendor created list together with user generated partner lists is much more powerful than one or the other.

We’re just at the beginning of companies partnering and integrating with EHR vendors. I expect that over the next 5 years an EHR vendor will be defined as much by the organizations it chooses to partner with as the features and functions it chooses to develop itself.

What’s the Story on 21st Century Cures Legislation?

Posted on May 21, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I just saw that the 21st Century Cures legislation passed the house committee process. Word on the street is that Congress probably won’t take this up even if the house passes it this summer. The legislation looks pretty interesting for those of us in healthcare IT. Blair Childs, Premier’s senior vice president of public affairs, offered the following statement on the legislation:

Members of Premier wish to thank House Energy and Commerce Chairman Fred Upton (R-MI) and Representative Diana Degette (D-CO) for their leadership to advance interoperability standards as part of the landmark 21st Century Cures legislation. With today’s vote, the vision for a fully interoperable health information technology ecosystem is one step closer to becoming a reality.

We also wish to thank Committee members Joe Pitts (R-PA), Frank Pallone (D-NJ), Gene Green (D- TX), Michael Burgess (R-TX) and Doris Matsui (D-CA) for their support of interoperability standards in the legislation, and for their efforts to ensure that the technology systems of the future will be built using open source codes that enable applications to seamlessly exchange data/information across disparate systems in healthcare.

Today’s vote is an essential step to optimize HIT investments, improve the quality of care across settings and avoid the cost burdens associated with the work around solutions that are needed today for systems to “talk” to one another. We strongly urge the full House of Representatives to support these interoperability standards and to vote in favor of moving the legislation forward as it stands today.

Many of the comments he offers about ensuring interoperability is open source and support for standards of healthcare interoperability are great things. Although, as I think we learned with the meaningful use regulations, the devil is in the details and the 21st Centure Cures legislation is not simple. I’d love to hear from people who are following the legislation. Is this a good piece of legislation? Should it be passed? Are their hidden land mines? What are the unknowns or uncertain outcomes of the legislation?

When I saw this legislation hit my email inbox it has me asking how people keep up with legislation. Not to mention, what’s the process for creating this legislation? Just thinking of the process makes me tired and overwhelmed. Is it any wonder that lobbyists are so powerful? It really takes someone whose full time job it is to track and influence legislation to really get something done. The process and legislation is so complex that a casual follower just can’t keep up. I think that’s really unfortunate. I’m not sure the solution though either.

HIMSS15: Adoption Still a Problem for Organizations Swapping EHRs – Breakaway Thinking

Posted on May 20, 2015 I Written By

The following is a guest blog post by Todd Stansfield, Instructional Writer from The Breakaway Group (A Xerox Company). Check out all of the blog posts in the Breakaway Thinking series.
Todd Stansfield

Each year the Health Information and Management Systems Society’s (HIMSS) annual conference is the Super Bowl of health IT. No other conference boasts more attendees ranging from health IT innovators and collaborators to pioneers. This year 40,000 plus participants descended on Chicago, all eager to learn about the new direction, trends, and solutions of the industry.

As always, buzzwords were aplenty—interoperability, care coordination, patient experience, and value-based care, to mention a few. During her keynote address on April 16, Karen DeSalvo, National Coordinator for the ONC, called the current state of health IT the “tipping point.” In 2011 the ONC released its four-year strategic plan focused on implementing and adopting electronic health records (EHRs). Now, DeSalvo says the industry is changed and ready to move beyond EHRs to technologies that will create “true interoperability.”

Enlightening conversations were happening among the crowded booths, hallways, and meeting rooms between organizations looking to ‘rip and replace’ their current EHR for a new one. While some organizations are struggling to unlock data across disparate systems, others are looking to upgrade their current system for one compatible with ICD-10, Meaningful Use, analytics solutions, or a combination of these. Still others are looking to replace systems they dislike for lack of functionality, vendor relationships, etc. In many cases, replacing an EHR is needed to ensure interoperability is at the very least viable. This buzz at HIMSS is a strong indicator that EHRs are still an important and essential part of health IT, and perhaps some organizations have not reached the tipping point.

In addition to the many challenges these organizations are facing—from data portability, an issue John Lynn wrote about in August 2012, to the cost of replacing the system—leaders are agonizing over the resistance they are facing from clinician end users. How can these organizations force clinicians to give up systems they once resisted, then embraced and worked so hard to adopt? How can leadership inspire the same level of engagement needed for adoption? The challenge is similar to transitioning from paper to an EHR, only more significant. Whereas the reasons for switching from paper were straightforward—patient safety, efficiency, interoperability, etc.—they are not so clear when switching applications.

Clinicians are also making harsher comparisons between applications—from every drop-down list, to icon, to keyboard shortcut. These comparisons are occurring at drastically different phases in the adoption lifecycle. Consider the example of an end user needing to document a progress note. In the old EHR, this user knew how to copy forward previous documentation, but in the new system she doesn’t know if this functionality even exists. Already the end user is viewing the new system as cumbersome and inefficient compared to the old application. Multiply this comparison by each of the various tasks she completes throughout her day, and the end user is strongly questioning her organization’s decision to make the change.

This highlights an important point: Swapping one EHR for another will take more planning, effort, and strategy than a first-ever implementation. The methods for achieving adoption are the same, but the degree to which they are employed is not. Leadership will not only have to re-engage end users and facilitate buy-in, they will have to address the loss of efficiency and optimization by replacing the old application.

Leadership should start by clearly outlining the reasons for change, a long-term strategy, as well frustrations end users can expect. They should establish a strong governance and support structure to ensure end users adhere to policies, procedures, and best practices for using the application. The organizations that will succeed will provide end users with role-based education complete with hands-on experience completing best practice workflows in the application. Education should include competency tests that assess end users’ ability to complete key components of their workflow. Additionally, organizations must capture and track performance measurements to ensure optimized use of the system and identify areas of need. And because adoption recedes after application upgrades and workflow enhancements, all efforts should be sustained and modified as needed.

While HIMSS15 brought to the stage a wealth of new ideas, solutions, and visions for the future of health IT, the struggle to adopt an EHR has not completely gone away. Many organizations are grappling with their current EHR and choosing to replace it in hopes of meeting the triple aim of improving care, costs, and population health. For these organizations to be prepared for true interoperability, they must overcome challenges unseen in paper to electronic implementations. And if done successfully, only then will our industry uniformly reach the tipping point, a point where we can begin to put buzzwords into practice.

Xerox is a sponsor of the Breakaway Thinking series of blog posts.

How Will Patients Choose Healthcare?

Posted on May 19, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In a recent conversation with Medhost CEO, Bill Anderson, he asked the question that’s the title of this blog post: “How Will Patients Choose Healthcare?” He then proceeded to answer his question by saying, “Healthcare will buy on brand like they do in their other purchasing decisions.” It’s worth adding that Bill and Medhost are working to build their YourCare Everywhere brand in healthcare. You can decide if their business efforts are skewing his perspective or not.

For me, I find the question absolutely fascinating and an extremely important question for healthcare organizations. This question is becoming more and more important since the shift to high deductible plans is forcing patients to be more selective in how they choose their healthcare provider. Will brand be the way that people choose healthcare?

One challenge I have with this idea is that healthcare is a complex decision. I don’t know many people who make impulse healthcare provider decisions. I wonder if there are other complex decisions we could learn from. What is true is that healthcare decisions are often crisis decisions. In a crisis, where do people turn? I think the answer is the brands they know.

As I look at healthcare, which organizations have a true national healthcare brand? The first one that comes to mind is Mayo Clinic. Cleveland Clinic seems to be working down a similar path. Are their others? There are very few national healthcare brands that are trusted.

There are many local healthcare brands. Dignity Health has been pouring money into commercials in Vegas to build their brand. I assure you the commercials are all brand. Intermountain has a brand in Utah and Partners Healthcare has a brand in Boston. We could argue whether they have good or bad brands since they are both so dominant in their region. There are many other examples of local healthcare brands.

On the other side of healthcare brands is the CVS Minute Clinic, Walmart, and all the other retailers trying to make a space for themselves in healthcare. Also competing for brand recognition with a similar direct to consumer, retail healthcare play are the telemedicine providers like MD Live.

Long story short, we’re seeing patients having more power when it comes to selecting their healthcare provider and we see a ton of brand competition. Will a healthcare organization be able to survive without a major investment in their brand? What does this mean for small physician practices?

I’d love to hear your thoughts about what’s happening with healthcare brands. Do they matter? In what ways will they matter? What should a healthcare organization be doing to shore up its brand?

Emerging Health Apps Pose Major Security Risk

Posted on May 18, 2015 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As new technologies like fitness bands, telemedicine and smartphone apps have become more important to healthcare, the issue of how to protect the privacy of the data they generate has become more important, too.

After all, all of these devices use the public Internet to broadcast data, at least at some point in the transmission. Typically, telemedicine involves a direct connection via an unsecured Internet connection with a remote server (Although, they are offering doing some sort of encryption of the data that’s being sent on the unsecured connection).  If they’re being used clinically, monitoring technologies such as fitness bands use hop from the band across wireless spectrum to a smartphone, which also uses the public Internet to communicate data to clinicians. Plus, using the public internet is just the pathway that leads to a myriad of ways that hackers could get access to this health data.

My hunch is that this exposure of data to potential thieves hasn’t generated a lot of discussion because the technology isn’t mature. And what’s more, few doctors actually work with wearables data or offer telemedicine services as a routine part of their practice.

But it won’t be long before these emerging channels for tracking and caring for patients become a standard part of medical practice.  For example, the use of wearable fitness bands is exploding, and middleware like Apple’s HealthKit is increasingly making it possible to collect and mine the data that they produce. (And the fact that Apple is working with Epic on HealthKit has lured a hefty percentage of the nation’s leading hospitals to give it a try.)

Telemedicine is growing at a monster pace as well.  One study from last year by Deloitte concluded that the market for virtual consults in 2014 would hit 70 million, and that the market for overall telemedical visits could climb to 300 million over time.

Given that the data generated by these technologies is medical, private and presumably protected by HIPAA, where’s the hue and cry over protecting this form of patient data?

After all, though a patient’s HIV or mental health status won’t be revealed by a health band’s activity status, telemedicine consults certainly can betray those concerns. And while a telemedicine consult won’t provide data on a patient’s current cardiovascular health, wearables can, and that data that might be of interest to payers or even life insurers.

I admit that when the data being broadcast isn’t clear text summaries of a patient’s condition, possibly with their personal identity, credit card and health plan information, it doesn’t seem as likely that patients’ well-being can be compromised by medical data theft.

But all you have to do is look at human nature to see the flaw in this logic. I’d argue that if medical information can be intercepted and stolen, someone can find a way to make money at it. It’d be a good idea to prepare for this eventuality before a patient’s privacy is betrayed.

Video Demonstration of End-to-End ICD-10 Testing

Posted on May 14, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve heard a lot of people suggest that an organization needed to do end-to-end ICD-10 testing in order to prepare for the switchover to ICD-10 on October 1, 2015 (we think). I came across this video demonstration of Qualitest doing an end-to-end test of ICD-10:

What do you think of the demo? Is this a valuable thing to do? Should this be done with every EHR and PM vendor and with every vendor that connects to that software?

Deep Thoughts from Einstein Applied to Health IT

Posted on May 13, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.


Ok, to be honest, I don’t really want to fact check if Einstein really said this or not. You might know how quotes from famous people were often not said by said famous person. However, that doesn’t really matter to me since the above quote was too interesting not to share.

I really like the idea that the key to solving really challenging problems is to stay with the problems longer. The biggest challenge I think we face in healthcare IT is that far too many people are running around like chickens with their head cut off. I understand completely why it’s happening. The regulations and stimulus have created this maniacal set of requirements that require a bit of running around like crazy people.

I don’t think the major problems of healthcare can be solved through a maniacal chasing of incentives and regulations that we see in healthcare today.

If we want to really go after and solve major problems, then we have to stay with the problems a little longer and not head off to the next problem too quickly or even ignore a problem that seems challenging or even impossible. I realize that this is much easier said than done. We easily let the fires of today prevent us from preventing the fires that will come tomorrow, next month, and next year. It’s natural to do.

The thing that gives me most hope is the amazing people working in healthcare. The majority are great people trying to make a difference for good. Now we just need those good people working in healthcare IT can take a bit more time and stay with the problems of healthcare a little longer before they move on to put out the next fire.