Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

One Platform to Connect to All EHR Software

Written by:

I’ve talked for years with people who want to solve the problem of connecting their non-EHR software to all the EHR vendors out there. Entrepreneur after entrepeneur has asked me how they can connect their product to ALL the EHR vendors. It usually ends up being a question like, “Isn’t there just one company we could connect to that will connect us to all the EHR vendors out there?”

I’ve dreamed about this as well. In fact, I recently wrote a post on Hospital EMR and EHR titled “Meaningful Use Drove the Data Gathering” where I suggest things like “EHR data is a treasure trove of opportunity.” and “In the future, EHR vendors will be differentiated more on the marketplace of third party applications they support than on their own in house developed apps.”

The problem is that even if every EHR vendor were to open up their application to third party applications, a startup company doesn’t want to have to integrate with all 300+ EHR vendors out there. Instead, they’d much rather integrate with one company who can connect them to all the other EHR vendors.

While a simple solution to connect to every EHR isn’t available yet, In a recent chat with Thanh Tran, Founder of Zoeticx, he showed me the closest thing to this vision that I’ve seen.

This slide shows what Zoeticx has built so far and a little bit of their vision for the future. When I saw this slide, it looked very much like what I described above.
Zoeticx Data Platform

As the slide shows, it only connects to 4 EHR vendors (5 EHR software) right now. So, they still have a lot of work to do to make this model work across all 300+ EHR vendors. However, it displays a vision of what’s possible if a company like Zoeticx builds the right middleware to connect EHR software to third party software.

After talking with Thanh Tran, you could tell that he lived, breathed, and loved the middleware space. He understood what it took to build a great middleware. For example, Zoeticx has a number of applications that leverage the middleware that they’re building. Some might argue that this makes Zoeticx a product company and not a middleware company. However, those that say this don’t understand what it takes to make great middleware.

By Zoeticx having some applications which leverage their middleware, they accomplish a couple very important things. First, they are essentially “eating their own dog food” and get to see first hand the challenges of building an application that uses their middleware. This will improve the middleware product better than any other technique. Second, Zoeticx applications will serve as essentially a set of demo applications which can be used to demonstrate what’s possible. Without these essentially demo applications, it’s often hard for people to understand how an API like Zoeticx can be used.

Certainly it’s possible that the Zoeticx application business is so good that they don’t go after the middleware opportunity. However, knowing Thanh’s background makes me think that this is an unlikely possibility. He wants Zoeticx to be a middleware company.

Thanh Tran also said something really intriguing about the latest EHR that they connected to their universal patient clinical data model (Zoeticx Patient Clarity). He said that when they added the new EHR, they didn’t have to change the Zoeticx Patient Clarity side of the equation at all. I’ll be interested to see how this plays out as they connect to more and more EHR vendors.

In fact, I believe that’s the next key step for Zoeticx. They need to connect with the other EHR vendors. Although, my guess is that once they get enough momentum behind what they’re doing, then they can provide an API for EHR vendors and other software vendors to create a gateway to Zoeticx. Then, they’ll have something really powerful.

It’s still early for Zoeticx. We’ll see how they do at attracting third party applications to their platform. We’ll see how their gateways to EHR vendors go and how they’re able to scale up the number of EHR vendors they work with. However, their vision gave me some hope that we could have a simple model for entrepreneurs that want to connect their health IT software with multiple EHR software with one integration.

February 6, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus. Healthcare Scene can be found on Google+ as well.

Connecting Smart Mobile Devices to the EHR

Written by:

My colleague, John Lynn, posted a hilarious CES marketing video advertising a new product it calls the iOximeter.  The iOximeter, which operates on both the iOS and Android platforms, is an independent device which attaches to smart phones, turning the phone into a pulse oximeter.

I strongly suspect that an i-glucose meter, i-scale and i-blood pressure cuff designed for the mass consumer market are starting to make major headway.

Not to be Scrooge at the Christmas party — I think such devices are a very positive development — but I’m left wondering what the purpose of getting the data onto the phone really is.  After all, unless the data gets to a physician conveniently, and ideally comes to live in their EMR, just how much good does it do?

On the consumer side, it does little but add bells and whistles to products consumers are increasingly used to using anyway, given that the price point for these devices is low enough that they’re sold in consumer pharmacies.

On the provider side meanwhile, you’re left with data that, while it might be arranged in pretty charts, doesn’t integrate itself easily into clinicians’ work flow.  And with EMRs already dumping huge volumes of data into their laps, some physicians are actively resisting integrating such data into the records.

No, the existing arrangement simply doesn’t do anything for clinicians, it seems.  Yes, consumers who are into the whole Quantified Self movement might find collecting such data to be satisfying, but the truth is that at this point many doctors just don’t want a ton of consumer-driven data added to the mix.

To make such phone-based devices useful to clinicians, someone will probably have to create a form of middleware, more or less, which accepts, parses, and organizes the data coming in from mobile health app/device combos like these.  When such a middleware layer goes into wide use, then you’ll see hospitals and doctors actively promote the use of these apps and devices.  Until then, devices like the iOximeter aren’t exactly toys, but they’re not going to change healthcare either.

January 9, 2014 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

CIO Reveals Secrets to HIE

Written by:

Inspira Health Network is a community health system comprising three hospitals in southern New Jersey, with more than 5,000 employees and 800 affiliated physicians. It is an early adopter of health information exchange technology. In this Q&A-style paper their CIO and Director of Ambulatory Informatics share secrets to their successful Health Information Exchange implementation.

One of the most impressive numbers from their HIE implementation is that they were able to get 600 providers using the portal and 36 EMRs connected. Plus, they were able to get their HIE up and running in 4 months while many of the public HIEs were still working on their implementations. As I’ve written about previously, I see a lot of potential in the Private HIE. So, it’s great to see a first hand account from a CIO about their private HIE implementation.

Here are some of the other benefits the CIO identifies in the paper:

  • Ties the Physician Community to the Organization
  • Helps Meet the Meaningful Use Patient Engagement Requirements
  • Helps Address Care Coordination Requirements
  • Paper, Postage, and Staff Resource Savings
  • Improve Patient Length of Stay

Check out the full Q&A for a lot of other insights including rolling out the HIE to doctors who have an EMR and those who don’t. I also love that the CIO confirmed that the biggest technical challenge is that every EHR vendor has interpreted the HL7 standard differently based on the technical limitations of the application. This is why I’m so impressed that they were able to get 36 EMRs connected.

I hope more CIOs will share their stories of success. We’ve heard enough bad news in healthcare IT. I want to cover more health IT success stories.

July 3, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus. Healthcare Scene can be found on Google+ as well.

HIEs and Patient Engagement – Why and Why Now?

Written by:

The following is a guest post by Jeff Donnell, President of NoMoreClipboard.
Jeff Donnell - NoMoreClipboard PHR
Health information exchanges have become quite adept at moving medical data from provider to provider on behalf of patients, but making that data available to those same patients has rarely been attempted – until recently.

Not including patients at the HIE exchange table is understandable, but ironic. Understandable for reasons ranging from policy challenges to a lack of standards to technical limitations. Ironic because HIEs are ideally positioned to aggregate data from multiple providers – leveraging the interfaces already in place with provider applications – and deliver that data to consumers, overcoming several of the major barriers to patient adoption and use of tools like PHRs and patient portals.

HIEs have recently grown interested in supporting electronic patient engagement, in large part based on provider inquiries regarding meaningful use stage two requirements. Many providers are looking for affordable alternatives to the tethered patient portals being offered by their EHR vendors, and they want to provide their patients with a solution that can be used across the care continuum. Increasingly, providers recognize that a patient who visits five different clinicians is not about to create five different patient portal accounts. Savvy providers realize that the HIE is well equipped to provide portable, interoperable solutions.

For HIEs interested in long-term sustainability, patient engagement makes perfect sense. The HIE can leverage its existing interfaces and aggregated data – making existing medical information available to patients from a single pipe, in a standardized format. The HIE can act as a conduit between consumers and clinicians – adding value for all parties. Providers can transmit data to patients, and recent CMS guidance indicates that all providers who contribute data to a shared portal (like that provided by an HIE) can count patients who use that portal toward their 5% patient participation requirement. Patients avoid having to collect data from every provider they see, and can populate a PHR or HIE portal account with existing electronic data. Everybody wins.

The value is evident, but what about those challenges? In the state of Indiana, we received an ONC Challenge Grant to figure out how to get HIE data in the hands of consumers with a PHR. We are fortunate to reside in a state with five well-established HIEs and a provider community eager to innovate, and we have spent the last two years working on those challenges (giving us a real appreciation for why the ONC affixed the challenge label to this grant program). We have addressed issues ranging from patient ID/Auth/Match to minor consent to provider skepticism to amended data use agreements. We have overcome any number of obstacles to get data flowing, and we are seeing increased levels of engagement and enhanced clinical outcomes.

We have learned any number of lessons to help other HIEs, state agencies and healthcare providers avoid pitfalls and make accelerated progress. We are eager to share what we have learned. Perhaps the most important lesson is to get started now – as crafting and implementing a patient engagement strategy takes time. As nobody appears to be manufacturing more time these days, HIEs and other organizations that envision sharing data with patients even a year or two down the road would be well advised to begin working in earnest, with an eye on making incremental progress.

Jeff Donnell is president of NoMoreClipboard, a web-based, Personal Health Record (PHR) management system designed to consolidate medical information in one convenient and secure location for easy retrieval and updates. NMC enables consumers to share personal or family member medical information with medical professionals electronically, reducing the need for repetitive medical paperwork.  Jeff and the company are committed to developing PHR applications that are consumer-friendly, interactive, secure, mobile and interoperable.  For more information, follow us on Twitter @NoMoreClipboard or visit www.NoMoreClipboard.com.

June 20, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus. Healthcare Scene can be found on Google+ as well.

The Golden Age of EHR Adoption is Over

Written by:

I’m ready to call the Golden Age of EHR Adoption Over. We’re not getting ready to enter the nasty, ugly, dirty, swamp filled waters of EHR adoption. If you’re an EHR vendor you likely already know this to be the case. That’s not to say that there’s not still real opportunity in the EHR space, but it will take on a very different form.

I think this image of the adoption lifecycle describes the EHR adoption cycle really well. I’m sure it will be familiar to many of you:
EHR Adoption Lifecycle

It’s very clear to me that we’re somewhere in the middle of the Late Majority cycle of EHR adoption. This plays out well since we’re somewhere between 50-84% EHR adoption. While the chart shows a downhill slope, the ride to get the Late Majority and Laggards on EHR is going to be anything but a downhill ride. I’d say it’s going to be more like climbing Mount Everest. It’s possible, but it’s going to take a lot of work.

The reality is that those who wanted to adopt EHR already have adopted EHR. That means we have left a group of practices and hospitals that for the most part aren’t EHR convinced. However, there is one advantage for those wanting full EHR adoption. Almost all of those who haven’t adopted EHR see the writing on the wall. They’re just going to take their time and make a deliberate choice based on the experiences of those around them.

EHR vendors will now start to focus on creating what I call Smart EHRs. Doing so will be how they battle each other in the next wave of EHR switching. Plus, this will usher in the next EHR Golden Age: Use.

Future Golden Age of EHR Use
While the golden age of EHR adoption is over, we’re entering a new EHR Golden Age. It’s the golden age of amazing EHR use. It’s still very early in this new cycle, but the innovators are going to really surprise us with the innovation that’s going to be possible on the back of an EHR.

Many of the changes will be subtle and we’ll take them for granted almost instantly, but they will be amazing in aggregate. Take for example, Jennifer’s recent post on EMR and EHR about her child’s well visit. How beautiful is it that her child’s record was available at a new clinic with no effort on her part. We’re not there yet, but we’re going to get there. Although, we wouldn’t get there if we were still at 25% EHR adoption.

Jennifer’s example is a simple, but powerful one. No doubt there are going to be much more complex and much more powerful examples to come. Many of which will actually save people’s lives.

The Golden Age of EHR Use is going to bring about dramatic benefits that would have never been possible without massive EHR adoption. The Golden Age of EHR Use will be so good that even the EHR adoption laggards will finally want to change.

June 6, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus. Healthcare Scene can be found on Google+ as well.

The Marvelous Land of Oz: The HIMSS Interoperability Showcase

Written by:

As I walked the floor of the HIMSS Interoperability Showcase, listening to the tour guide’s carnie-esque pitch on the wonders awaiting me with each successive use case encounter, I ALMOST wished I hadn’t worked with so many of the organizations hawking their wares. It’s a bit sad to know the man behind the curtain, to realize that The Great and Powerful Oz is simply a man with a highly mechanized presentation. But that knowledge gives me insight that others attending the Showcase may not have had – and validation that, in the end, Oz IS Great and Powerful, even though he’s just a man.

There were 20 specific interoperability use cases represented at HIMSS this year, collectively, by 101 vendors. In order to qualify to participate, each of the organizations had to successfully demonstrate proficiency with their chosen use case at the Connectathon event in Chicago. In January. In a basement the size of a football field. Packed shoulder-to-shoulder with your closest competitors at high school-cafeteria tables. Talk about a frigid atmosphere!

Perhaps to stay warm, perhaps to pass the time, perhaps in the pursuit of the patient-centric design principles the healthcare industry espouses publicly yet so seldom seems to put into practice, cross-company collaboration occurs. Competitors converge on each others’ laptops, debugging code, refining business rules and algorithms. Functional use cases emerge, success stories are shared, everyone goes home happy with a list of enhancements to incorporate before the main event at HIMSS. The frantic rush to prep for Connectathon is amplified by the urgency and importance of HIMSS. The ONC is watching! Your competitors are watching! The 40K HIMSS attendees will be watching!

Invariably, the use cases are perfected in the weeks leading up to HIMSS, each click carefully orchestrated, each transition scripted, all parties putting forth their best effort to insure success for the spectators – many of whom are clients, prospects, regulatory officials, or journalists seeking The Next Big Healthcare Thing to go viral in the blogosphere. The yellow brick road is constructed, and as one walks its length, the carefully choreographed demonstrations come to life with compelling tales: “Keeping a Newborn Safe,” “Improving Pediatric Care,” “Optimizing Cancer Care,” “Beneficiary Enrollment.” The show goes on, and it’s a good one – albeit with the occasional glimpse of the man behind the curtain.

The perfectly nice gentleman manning the Federal Health Architecture booth seemed eager to demonstrate the capability to request and retrieve a patient’s medical record from multiple HIEs and disparate EMRs. He walked me through the provider portal view, showed me how he could see that there were multiple medical records available for this patient across providers, and talked me through each click up until the print button. Print?

“Aren’t you importing the records into the requesting EMR?” I asked.

“No. Right now, they have to print each set of records.”

“So, each time this scenario presents itself, the provider has to click on each available external record, print multiple pages, compare notes across screen and paper, and later choose whether to manually update his own EMR with the other information?”

The perfectly nice gentleman suddenly seemed uncomfortable. The Great and Powerful Oz, exposed as mere mortal, Oscar Zoroaster Diggs. You’d think I’d know when to quit.

“The standards and technology exist to do CCD discrete data import, and a couple of the large EMR vendors are implementing that capability for high Medicare population IDNs. How does it make the provider more efficient, and give the patient more face-time with his doctor, if we’re still printing and no data consolidation or reconciliation is happening prior to point-of-care? Why didn’t you extend the use case to show end state?”

He assured me that they’re working on it, and we made a deal that NEXT year, I’ll come back and he’ll walk me through their progress towards discrete data import. No printing, he promised. I’m going to hold him to it.

Aside from this specific use case, across the Marvelous Land of Oz, what I’d REALLY love to see next year: the basement Connectathon advancements made to support the use cases for HIMSS actually incorporated into the products. As part of the qualifying criteria for repeat showcase exhibitors, have them demonstrate the capabilities developed in prior years actually functioning in the marketplace under general release. That would be a substantial improvement on this year’s long jump attempt for the Interoperability Showcase.

I want to fall in love with the hard-working man behind the curtain, not the showy pyrotechnics.

March 11, 2013 I Written By

Mandi Bishop is a healthcare IT consultant and a hardcore data geek with a Master's in English and a passion for big data analytics, who fell in love with her PCjr at 9 when she learned to program in BASIC. Individual accountability zealot, patient engagement advocate, innovation lover and ceaseless dreamer. Relentless in pursuit of answers to the question: "How do we GET there from here?" More byte-sized commentary on Twitter: @MandiBPro.

What Would ONC’s Dr. Doug Fridsma Do? (THIS Geek Girl’s Guide to HIMSS)

Written by:

I know you’ve all been wondering how I’m planning to spend my mad crazy week at HIMSS in New Orleans. Well, maybe not ALL of you, but perhaps at least one – who is most likely my blog boss, the master John Lynn. Given the array of exciting developments in healthcare IT across the spectrum, from mobile and telehealth to wearable vital sign monitoring devices, EMR consolidation to cloud-based analytics platforms, it’s been extraordinarily difficult to keep myself from acting like Dori in “Finding Nemo”: “Oooooh! Shiny!” I’ve had to remind myself daily that I will have an opportunity to play with everything that catches my eye, but that I am only qualified to write and speak intelligently on my particular areas of expertise. And so, I’m proud to say I’ve finally solidified my agenda for the entire week, and I cannot WAIT to go ubergeek fan girl on so many industry luminaries and fascinating up-and-comers making great strides towards interoperability, deriving the “meaning” in “Meaningful Use” from clinical data, and leveraging the power of big data analytics to improve quality of patient experience and outcomes.

On Sunday, I’m setting the stage for the rest of the week with a sit-down with ONC’s Director of Standards and Interoperability and Acting Chief Scientist, Dr. Doug Fridsma. His groundbreaking work in interoperability spans multiple initiatives, including: the Nationwide Health Information Network (NwHIN) and the CONNECT project, as well as the Federal Health Architecture. For insight into his passion for transforming the healthcare system through health IT, check out his blog: From The Desk of the Chief Science Officer.

Through the rest of the week, I aspire to see the world through Dr. Fridsma’s eyes, focusing on how each of the organizations and individuals contribute to the standards-based processes and policies that form the foundation for actionable analytics – and improved health. I’ve selected interviews with key visionaries from companies large and small, who I feel are representative of positive forward movement:

Health Care DataWorks piques my interest as an up-and-comer to watch, empowering healthcare systems to improve outcomes and reduce medical costs by providing accelerated EDW design and implementation, whether on-premise or via SaaS solution. Embedded industry analytics models supporting alternative network models, population-based payment models, and value-based purchasing allow for rapid realization of positive ROI.

Emdeon, is the single largest clinical, financial, and administrative network, connecting over 400,000 providers and executing more than seven billion health exchanges annually. And if that’s not enough to attract keen attention, they recently announced a partnership with Atigeo to provide intelligent analytics solutions with Emdeon’s PETABYTES of data.

Serving an area near and dear to my heart, Clinovations provides healthcare management consulting services to stakeholders at each link in the chain, from providers to payers and supporting trading partners – in areas from EMR implementation (and requisite clinical data standards) to market and vendor assessments, and data management activities throughout. With the dearth in qualified SME resources in the clinical data field, I look forward to learning about how Clinovations plans to manage their growth and retain key talent.

Who doesn’t love a great legacy decommissioning story? Mediquant proports adopting their DataArk product can result in an 80% reduction in legacy system costs through increased interoperability across disparate source systems and consolidated access. The “active archiving” solution allows for a centralized repository and consolidated accounting functions out of legacy data without continuing to operate (and support) the legacy system. Longitudinal clinical records? Yes, please!

Those are just a few on my must-see list, and I think Dr. Doug Fridsma would be proud of their vision, and find alignment to his ONC program goals. But will he be proud of their execution?

Can’t wait to find out, on the exhibit hall floor – and in the hallway conversations, and the client case study sessions, and the general scuttlebutt – at HIMSS!

March 2, 2013 I Written By

Mandi Bishop is a healthcare IT consultant and a hardcore data geek with a Master's in English and a passion for big data analytics, who fell in love with her PCjr at 9 when she learned to program in BASIC. Individual accountability zealot, patient engagement advocate, innovation lover and ceaseless dreamer. Relentless in pursuit of answers to the question: "How do we GET there from here?" More byte-sized commentary on Twitter: @MandiBPro.

$5k Per EHR Lab Interface

Written by:

A provider organization recently reached out to me to discuss the issues they were having trying to get their EHR vendor to do a lab interface with their lab. It was a pretty standard large EHR vendor document where they nickle and dime you for little things like a lab interface. Looking at it always reminds me of when I’ve seen the $5 aspirin charge in the hospital.

The problem with the lab interface charge is that it’s usually $5000 instead of $5. When an organization is choosing to implement an EHR, they often forget about many of the future hidden costs associated with an EHR vendor like the EHR lab interface. Plus, they also forget that the EHR vendor will often charge them $5k for the interface and then the lab will charge them another $5k for that interface. This is often true even when an EHR vendor has created many interfaces with a particular lab vendor before.

In fact, the organization that I mentioned above brought a new light to the cost of lab interface. It turns out that this organization was on its third lab and thus its third lab interface with their EHR. I don’t expect clinics change labs this often, but it is very common for a medical organization to switch from one lab to another. Plus, let’s not even get started on the challenge of getting a hospital lab to integrate with your EHR.

Not all EHR vendors are like those I mention above. In fact, a number of EHR vendors have seen this as a great way to differentiate their EHR from other competing EHR vendors. I know of at least one EHR vendor that’s done a few hundred lab interfaces (all at no cost to the doctor). The large number of labs partially illustrates the challenge associated with lab interfaces. There are just so many of them that need to be done. It’s not like there’s 1 or 2 labs that dominate the market. However, many EHR vendors are offering a free lab interface as part of the EHR purchase. Be sure to ask before you buy.

The sad part of the lab interface story is that because of the items mentioned above, many doctors just end up scrapping a lab interface. They can’t justify a $10k expense to integrate their EHR with the lab. This is unfortunate, because it’s amazing how much benefit can come from a well integrated EHR Lab interface.

February 1, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus. Healthcare Scene can be found on Google+ as well.

Healthcare Faces Massive Cybersecurity Risks

Written by:

When a consumer publication like The Washington Post – hardly an insider journal of computing — picks out your industry and slams it for having poor cybersecurity, you know something’s amiss.

The newspaper has just published a report, following a year-long cybersecurity investigation, arguing that healthcare is one of the most vulnerable industries in the U.S., making it a tasty target for terrorists, black-hat hackers and criminals.

It’s rather embarrassing, but it’s hard to argue with the Post’s conclusion that healthcare data security isn’t what it could be. A few data points:

* Researchers are finding that healthcare institutions routinely fail to fix known bugs in aging software, something other industries have largely overcome.

* Providers are making careless use of such public cybertools;  the paper cites the example of the University of Chicago medical center, which at one point operated an unsecured Dropbox site for new residents managing care through their iPads (with a single user name and password published online, yet!)

* According to Post research, open source system OpenEMR “has scores of security flaws that make it easy prey for hackers”

* In perhaps the scariest example, the paper notes that clinicians routinely work around cybersecurity measures to get their job done.

Another factor contributing to cybersecurity holes is confusion about the FDA’s position on security. While the agency actually wants vendors to update FDA-approved device interfaces and systems, vendors often believe that the FDA bars them from updating device software, the Post found.

That leaves devices, especially defibrillators and insulin pumps, open to attacks. Researchers have been able to find these devices, linked to the web in the clear, simply by using a specialized search engine.

As wireless medical devices and smartphones, iPads and Android devices creep into the mix, cybersecurity vulnerabilities are likely to get worse, not better.  I wonder whether we’ll need to see a cybersecurity disaster take place before the industry catches up to, say, financial services?

December 27, 2012 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Verizon Hopes To Be Secure Healthcare Network For All

Written by:

If you’re like me, you might be wondering how carriers are  looking at their role in the healthcare business — and whether some of their talk about mHealth is just noise.  (I’ve always seen mHealth as a space ripe to be be dominated by applications developers and device manufacturers, not carriers.)

To get my head straight, I recently had a conversation with Dr. Peter Tippett, chief medical officer and vice president of Verizon Connected Health Care. In it, he changed my view of what Verizon is doing in mHealth, and moreover,  what ground Verizon specifically hopes to own in healthcare over the next several years.

When I think Verizon I think switches and routers and cables, not consumer-facing applications and medical devices. And before I talked to Dr. Tippett, I assumed that Verizon’s main healthcare efforts likely involved going head to head with other wireless/wireline connectivity players for connectivity business in some form.

Well, think again.  Verizon’s Connected Health Division, says Tippett, is aiming to set the bar much higher.

“The question is, ‘what happens after wireless data?’,” Dr. Tippett said. “This isn’t a two month plan, this is a strategic extension of Verizon to transform the healthcare industry using our huge capability around the world.”

On the more immediate front, Verizon has mHealth technology under development which, to my mind, would solve a difficult problem.  For five years, he says, Verizon has been developing a new mHealtlh platform which will tie together data from testing devices like blood pressure cuffs, weight scales and EKGs into an analytics engine that makes sense of it all.

“No doctor wants four glucoses a day from 1,000 patients,” Dr. Tippett says. “Just mobilizing the data isn’t enough. You’ve got to create a cloud service that can do big data analytics on it and normalize the data, then trigger the alerts to the right people — including patients.”

I’m going to keep my eye on the mHealth platform, which definitely intrigues me.

But the really big play for Verizon in this space seems to be in HIPAA-secure data hosting and exchange.  Verizon already has a massive presence around hosting, app management, security, identity management and the cloud, having added Cybertrust and Terramark (enterprise hosting) to build up its lineup.

Verizon now offers secure data sharing on multiple levels:

*  A “medical data exchange” — not unlike the exchange banks use to pass transactions back and forth — allowing any member to share information using Verizon’s security services.

* An exchange “identity layer” which is secure enough to allow Schedule 2 drugs to be prescribed. According to Dr. Tippett, 40 percent of doctors in the U.S. are already using it.

* A global network of highly-secured data centers.

Members of the medical ecosystem who use secure Verizon services can consider their HIPAA compliance and security matters handled, then focus on their core business, Dr. Tippett says. And that can scale to hundreds of millions of users on the network, he notes.

Clearly, this doesn’t sound like the broadband carrier talking — these folks are out to take business from players as diverse as Verisign, IBM and the database giants.  It makes sense to me, on the surface, but in any grand vision there are holes to be picked.

You tell me:  Does Verizon sound like it’s positioned right to become the default secure healthcare backbone?

September 11, 2012 I Written By

Katherine Rourke is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.