Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Wearable Health Trackers Could Pose Security Risks

Posted on February 1, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Last October, security researchers made waves when they unveiled what they described as a 10-second hack of a Fitbeat wearable health tracker. At the Hack.Lu 2015 conference, Fortinet security researcher Axelle Apvrille laid out a method for hacking the wearable through its Bluetooth radio. Apparently, Aprville was able to infect the Fitbit Flex from as much as 15 feet away, manipulate data on the tracker, and use the Flex to distribute his code to a computer.

Fitbit, for its part, denied that its devices can serve as vehicles for infecting users with malware. And Aprville himself admitted publicly that his demonstration was more theoretical than practical. In a tweet following the conference, he noted that he had not demonstrated a way to execute malicious code on the victim’s host.

But the incident does bring attention to a very serious issue. While consumers are picking up health trackers at a breathless pace, relatively little attention has been paid to whether the data on these devices is secure. Perhaps even more importantly, too few experts are seeking ways to prevent these devices can be turned into a jumping-off point for malware. After all, like any other lightly-guarded Internet of Things device, a wearable tracker could ultimately allow an attacker to access enterprise healthcare networks, and possibly even sensitive PHI or financial data.

It’s not as though we aren’t aware that connected healthcare devices are rich hunting grounds. For example, security groups are beginning to focus on securing networked medical devices such as blood gas analyzers and wireless infusion pumps, as it’s becoming clear that they might be accessible to data thieves or other malicious intruders. But perhaps because wearable trackers are effectively “healthcare lite,” used almost exclusively by consumers, the threat they could pose to healthcare organizations over time hasn’t generated a lot of heat.

But health tracker security strategies deserve a closer look. Here’s some sample suggestions on how to secure health and fitness devices from Milan Patel, IoT Security Program Director at IBM:

  • Device design: Health tracker manufacturers should establish a secure hardware and software development process, including source code analysis to pinpoint code vulnerabilities and security testing to find runtime vulnerabilities. Use trusted manufacturers who secure components, and a trusted supply chain. Also, deliver secure firmware/software updates and audit them.
  • Device deployment:  Be sure to use strong encryption to protect privacy and integrity of data on the device, during transmission from device to the cloud and on the cloud. To further control device data, give consumers the ability to set up user and usage privileges for their data, and an option to anonymize the data.Secure all communication channels to protect against data change, corruption or observation.
  • Manage security:  Include trackers in the set of technology being monitored, and set alerts for intrusion. Audit logging is desirable for the devices, as well as the network connections and the cloud. The tracker should ideally be engineered to include a fail-safe operation — dropping the system down to incapability, safely — to protect against attacks.

This may sound like a great deal of effort to expend on these relatively unsophisticated devices. And at present, it just may be overkill. But it’s worth preparing for a world in which health trackers are increasingly capable and connected, and increasingly attractive to the attackers who want your data.

Security Concerns Threaten Mobile Health App Deployment

Posted on January 26, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Healthcare organizations won’t get much out of deploying mobile apps if consumers won’t use them. And if consumers are afraid that their personal data will be stolen, they’ve got a reason not to use your apps. So the fact that both consumers and HIT execs are having what I’d deem a crisis of confidence over mHealth app security isn’t a good sign for the current crop of mobile health initiatives.

According to a new study by security vendor Arxan, which polled 815 consumers and 268 IT decision-makers, more than half of consumer respondents who use mobile health apps expect their health apps to be hacked in the next six months.

These concerns could have serious implications for healthcare organizations, as 76% of health app users surveyed said they would change providers if they became aware that the provider’s apps weren’t secure. And perhaps even more significantly, 80% of consumer health app users told Arxan that they’d switch to other providers if they found out that the apps that alternate provider offered were better secured. In other words, consumer perceptions of a provider’s health app security aren’t just abstract fears — they’re actually starting to impact patients’ health decision making.

Perhaps you’re telling yourself that your own apps aren’t terribly exposed. But don’t be so sure. When Arxan tested a batch of 71 popular mobile health apps for security vulnerabilities, 86% were shown to have a minimum of two OWASP Mobile Top 10 Risks. The researchers found that vulnerable apps could be tampered with and reverse-engineered, as well as compromised to provide sensitive health information. Easily-done hacks could also force critical health apps to malfunction, Arxan researchers concluded.

The following data also concerned me. Of the apps tested, 19 had been approved by the FDA and 15 by the UK National Health Service. And at least where the FDA is concerned, my assumption would be that FDA-tested apps were more secure than non-approved ones. But Arxan’s research team found that both FDA and National Health Service-blessed apps were among the most vulnerable of all the apps studied.

In truth, I’m not incredibly surprised that health IT leaders have some work to do in securing mobile health apps. After all, mobile health app security is evolving, as the form and function of mHealth apps evolve. In particular, as I’ve noted elsewhere, mobile health apps are becoming more tightly integrated with enterprise infrastructure, which takes the need for thoughtful security precautions to a new level.

But guidelines for mobile health security are emerging. For example, in the summer of last year, the National Institute of Standards and Technology released a draft of its mobile health cybersecurity guidance, “Securing Electronic Records on Mobile Devices” — complete with detailed architecture. Also, I’d wager that more mHealth standards should emerge this year too.

In the mean time, it’s worth remembering that patients are paying close attention to health apps security, and that they’re unlikely to give your organization a pass if they’re hacked. While security has always been a high-stakes issue, the stakes have gotten even higher.

Mobile Health Security Issues To Ponder In 2016

Posted on January 11, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

In some ways, mobile health security safeguards haven’t changed much for quite some time. Making sure that tablets and phones are protected against becoming easy network intrusion points is a given. Also seeing to it that such devices use strong passwords and encrypted data exchange whenever possible is a must.

But increasingly, as mobile apps become more tightly knit with enterprise infrastructure, there’s more security issues to consider. After all, we’re increasingly talking about mission-critical apps which rely on ongoing access to sensitive enterprise networks. Now more than ever, enterprises must come up with strategies which control how data flows into the enterprise network. In other words, we’re not just talking about locking down the end points, but also seeing to it that powerful edge devices are treated like the vulnerable hackable gateways they are.

To date, however, there’s still not a lot of well-accepted guidance out there spelling out what steps health organizations should take to ramp up their mobile security. For example, NIST has issued its “Securing Electronic Health Records On Mobile Devices” guideline, but it’s only a few months old and remains in draft form to date.

The truth is, the healthcare industry isn’t as aware of, or prepared for, the need for mobile healthcare data security as it should be. While healthcare organizations are gradually deploying, testing and rolling out new mobile platforms, securing them isn’t being given enough attention. What’s more, clinicians aren’t being given enough training to protect their mobile devices from hacks, which leaves some extremely valuable data open to the world.

Nonetheless, there are a few core approaches which can be torqued up help protect mobile health data this year:

  • Encryption: Encrypting data in transit wasn’t invented yesterday, but it’s still worth a check in to make sure your organization is doing so. Gregory Cave notes that data should be encrypted when communicated between the (mobile) application and the server. And he recommends that Web traffic be transmitted through a secure connection using only strong security protocols like Secure Sockets Layer or Transport Layer Security. This also should include encrypting data at rest.
  • Application hardening:  Before your organization rolls out mobile applications, it’s best to see to it that security defects are detected before and addressed before deployment. Application hardening tools — which protect code from hackers — can help protect mobile deployments, an especially important step for software placed on machines and locations your organization doesn’t control. They employ techniques such as obfuscation, which hides code structure and flow within an application, making it hard for intruders to reverse engineer or tamper with the source code.
  • Training staff: Regardless of how sophisticated your security systems are, they’re not going to do much good if your staff leaves the proverbial barn door open. As one security expert points out,  healthcare organizations need to make staffers responsible for understanding what activities lead to breaches, or security hackers will still find a toehold.”It’s like installing the most sophisticated security system in the world for your house, but not teaching the family how to use it,” said Grant Elliott, founder and CEO of risk management and compliance firm Ostendio.

In addition to these efforts, I’d argue that staffers need to really get it as to what happens when security goes awry. Knowing that mistakes will upset some IT guy they’ve never met is one thing; understanding that a breach could cost millions and expose the whole organization to disrepute is a bit more memorable. Don’t just teach the security protocols, teach the costs of violating them. A little drama — such as the little old lady who lost her home due to PHI theft — speaks far more powerfully than facts and figures, don’t you agree?

Talking Digital Health at CES on MedHeads

Posted on January 8, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I was invited by the good people at MedCity News to join their weekly MedHeads video chat to talk about Digital Health at CES. It was a great chat about some of the things myself and Stephanie Baum found at CES. Plus, Chris Seper and Neil Versel talked about what they saw watching from home. Check it out in the video embedded below.

Of course, the challenge was we only had 30 minutes to talk about the 2.5 million square feet of of exhibit space and ~20,000 new products that were unveiled at the show. Chew on those numbers a little bit.

Plus, while what’s happening on the show floor is great, there’s also hundreds of thousands of meetings that happen over dinners and drinks and that’s where the most exciting stuff happens. For example, Philips put on an incredible dinner Wednesday night of CES that had a whose who in the Digital Health space. I had a similar experience at the Digital Health Summit Speaker dinner last night. The bringing together of these like minded businesses is a really powerful thing.

You’ll never guess the theme of both dinner events: Collaboration! There was a real sense by those in attendance that we can’t accomplish what we need to alone. We need each other to be successful. The first step to making that happen is meeting each other and learn about what each of us is doing. CES presented an amazing opportunity for doing just that.

Amazingly, there are still 2 more days left of CES. Today and tomorrow I’m looking to hit more of the startup area (Eureka Park) and the main show floor at the Las Vegas convention center. Much more to come!

Are We In a Digital Health Bubble?

Posted on January 7, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As I walked through the exhibit hall at CES, I must admit that I was extremely overwhelmed by the number of digital health options that were on display. Certainly the size and grandeur of the booths was off the charts. Take a quick look at part of the iFit booth:
Digital Health at CES
Yes, that is 4 girls walking on treadmills on a vaulted stage. Of course, this was maybe 1/3 of their booth. Behind me they had a massive closed room and another girl walking on a different treadmill. Plus, upon closer inspection you might also notice that they have a bed on the vaulted stage and cloth coming down from the ceiling. I think they officially call that cloth “silks.” While I didn’t see it, you can tell that they’re going to have a Cirque du Soleil performer working the silks to attract attention to their booth. For those keeping track at home, there is a great sleep sensor from EarlySense on the bed.

While many might consider much of this absurd. The show and staging doesn’t really bother me too much. Since I organize the Healthcare IT Marketing and PR Conference, I understand how hard it is to stand out at a conference. No doubt this booth left an impression. iFit even got exposure in this blog post because of it. We could argue if it was a good investment or not, but that’s a different story.

All I could think about as I walked through the incredible number of digital health solutions at CES was “Not all of these can survive.

Of course, many in the startup world would say that 90% of startups fail and so it shouldn’t be a surprise that so many of the companies exhibiting at CES will disappear. That’s true, but I never felt like this in past years. In past years at CES it felt like a number of players with some overlap and some competitive pressures, but that there was plenty of pie for everyone. This year has me wondering if that’s still the case.

As I mentioned, I’m hoping to publish a list of all the various health tracking devices. I realized that this going to take a lot of work. I’m still planning to work on it, but it’s going to take some time to do it right. One person I talked to said that there are about 700 health tracking devices out there. Of course, the real challenge is that 500 of them still don’t actually deliver (ie. they haven’t gone to market with a product or they can’t deliver the results they say they can deliver). Even 200 legitimate companies makes for a really competitive environment where people still talk about Fitbit and the Apple Watch and don’t know many of the others.

Let me be clear though. I think there’s a ton of tremendous innovation happening in the digital health space. From a consumer perspective all of this competition (bubble if you will) is great! Competition will push vendors to take what they’re doing to a new level. We’ll have a ton of amazing discoveries that will ripple through all of these companies. This is all great and will work out well for consumers and healthcare.

Plus, on the fringes you find some people doing unique things. The problem is that many of those companies have a hard time being heard with all of the other companies making so much noise. Sometimes I’m talking literal noise. I think it was the Under Armour booth that felt like they were a Las Vegas night club. It made it a lot of fun to visit and certainly attracted attention. I just wouldn’t want to be exhibiting at the booth next to them.

Measuring Patient Discomfort Using Brainwave Activity

Posted on December 30, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Digital health opportunities are popping up everywhere and in every part of the nation. The IoT Journal (Internet of Things) recently profiled a hospital down the street from me who is exploring IoT’s potential to bring drug free relief to patients. Here’s a short excerpt from the article:

Until recently, when health-care providers wanted to gauge the level of discomfort a patient was enduring, they typically had to ask that individual to rate his or her pain—for example, on a scale of 1 to 10—and then use that information to plan treatment accordingly. If they wanted to ease the patient’s pain, they needed to administer medication.

Several months ago AccendoWave released an alternative solution that does not require medication and is personalized to each patient. The system was released in June 2015, says Martha Lawrence, AccendoWave’s founder and CEO, and has since been tested at several facilities. The company has spent seven years researching its solution for assessing patient discomfort levels, and is now using a headband that measures electroencephalography (EEG) activity and prompts a tablet PC to provide content aimed at reducing that discomfort.

The AccendoWave headband, which has seven EEG sensor leads built into it, transmits its brain-wave measurements to the tablet via a Bluetooth connection. The tablet, a Samsung Tab 4, uses its built-in AccendoWave software to process patient brain-wave data and then display diversionary content, including games, music, video clips and full-length movies. If, as a patient views a specific piece of content, the brain waves change to indicate increasing comfort, that content remains on the screen. If the content does not appear to have a positive effect on the brain waves, the software continues to select other content until it displays something appealing to the patient.

Pretty interesting approach. The article does note that they don’t use the brainwave data to determine how much medication to administer. They just use it as a way to assess the system’s effectiveness. They also do patient surveys to assess the impact of the device on a patient’s comfort. The article says that since the hospital implemented the system in the hospital, “1,600 patients have used the device to date, and more than 450 have completed surveys…More than 90 percent of responders reported viewing the system in a positive light.”

I’ve seen these EEG sensors for a while and they’re pretty neat. However, I always wondered how they’d actually be implemented and how they could be used to benefit patient care. No doubt it’s still early in their efforts to use and assess brainwaves, but it’s a pretty interesting solution to tie brain wave activity to soothing images. I’ll be watching to see how this evolves.

HIMSS15: Adoption Still a Problem for Organizations Swapping EHRs – Breakaway Thinking

Posted on May 20, 2015 I Written By

The following is a guest blog post by Todd Stansfield, Instructional Writer from The Breakaway Group (A Xerox Company). Check out all of the blog posts in the Breakaway Thinking series.
Todd Stansfield

Each year the Health Information and Management Systems Society’s (HIMSS) annual conference is the Super Bowl of health IT. No other conference boasts more attendees ranging from health IT innovators and collaborators to pioneers. This year 40,000 plus participants descended on Chicago, all eager to learn about the new direction, trends, and solutions of the industry.

As always, buzzwords were aplenty—interoperability, care coordination, patient experience, and value-based care, to mention a few. During her keynote address on April 16, Karen DeSalvo, National Coordinator for the ONC, called the current state of health IT the “tipping point.” In 2011 the ONC released its four-year strategic plan focused on implementing and adopting electronic health records (EHRs). Now, DeSalvo says the industry is changed and ready to move beyond EHRs to technologies that will create “true interoperability.”

Enlightening conversations were happening among the crowded booths, hallways, and meeting rooms between organizations looking to ‘rip and replace’ their current EHR for a new one. While some organizations are struggling to unlock data across disparate systems, others are looking to upgrade their current system for one compatible with ICD-10, Meaningful Use, analytics solutions, or a combination of these. Still others are looking to replace systems they dislike for lack of functionality, vendor relationships, etc. In many cases, replacing an EHR is needed to ensure interoperability is at the very least viable. This buzz at HIMSS is a strong indicator that EHRs are still an important and essential part of health IT, and perhaps some organizations have not reached the tipping point.

In addition to the many challenges these organizations are facing—from data portability, an issue John Lynn wrote about in August 2012, to the cost of replacing the system—leaders are agonizing over the resistance they are facing from clinician end users. How can these organizations force clinicians to give up systems they once resisted, then embraced and worked so hard to adopt? How can leadership inspire the same level of engagement needed for adoption? The challenge is similar to transitioning from paper to an EHR, only more significant. Whereas the reasons for switching from paper were straightforward—patient safety, efficiency, interoperability, etc.—they are not so clear when switching applications.

Clinicians are also making harsher comparisons between applications—from every drop-down list, to icon, to keyboard shortcut. These comparisons are occurring at drastically different phases in the adoption lifecycle. Consider the example of an end user needing to document a progress note. In the old EHR, this user knew how to copy forward previous documentation, but in the new system she doesn’t know if this functionality even exists. Already the end user is viewing the new system as cumbersome and inefficient compared to the old application. Multiply this comparison by each of the various tasks she completes throughout her day, and the end user is strongly questioning her organization’s decision to make the change.

This highlights an important point: Swapping one EHR for another will take more planning, effort, and strategy than a first-ever implementation. The methods for achieving adoption are the same, but the degree to which they are employed is not. Leadership will not only have to re-engage end users and facilitate buy-in, they will have to address the loss of efficiency and optimization by replacing the old application.

Leadership should start by clearly outlining the reasons for change, a long-term strategy, as well frustrations end users can expect. They should establish a strong governance and support structure to ensure end users adhere to policies, procedures, and best practices for using the application. The organizations that will succeed will provide end users with role-based education complete with hands-on experience completing best practice workflows in the application. Education should include competency tests that assess end users’ ability to complete key components of their workflow. Additionally, organizations must capture and track performance measurements to ensure optimized use of the system and identify areas of need. And because adoption recedes after application upgrades and workflow enhancements, all efforts should be sustained and modified as needed.

While HIMSS15 brought to the stage a wealth of new ideas, solutions, and visions for the future of health IT, the struggle to adopt an EHR has not completely gone away. Many organizations are grappling with their current EHR and choosing to replace it in hopes of meeting the triple aim of improving care, costs, and population health. For these organizations to be prepared for true interoperability, they must overcome challenges unseen in paper to electronic implementations. And if done successfully, only then will our industry uniformly reach the tipping point, a point where we can begin to put buzzwords into practice.

Xerox is a sponsor of the Breakaway Thinking series of blog posts.

Emerging Health Apps Pose Major Security Risk

Posted on May 18, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As new technologies like fitness bands, telemedicine and smartphone apps have become more important to healthcare, the issue of how to protect the privacy of the data they generate has become more important, too.

After all, all of these devices use the public Internet to broadcast data, at least at some point in the transmission. Typically, telemedicine involves a direct connection via an unsecured Internet connection with a remote server (Although, they are offering doing some sort of encryption of the data that’s being sent on the unsecured connection).  If they’re being used clinically, monitoring technologies such as fitness bands use hop from the band across wireless spectrum to a smartphone, which also uses the public Internet to communicate data to clinicians. Plus, using the public internet is just the pathway that leads to a myriad of ways that hackers could get access to this health data.

My hunch is that this exposure of data to potential thieves hasn’t generated a lot of discussion because the technology isn’t mature. And what’s more, few doctors actually work with wearables data or offer telemedicine services as a routine part of their practice.

But it won’t be long before these emerging channels for tracking and caring for patients become a standard part of medical practice.  For example, the use of wearable fitness bands is exploding, and middleware like Apple’s HealthKit is increasingly making it possible to collect and mine the data that they produce. (And the fact that Apple is working with Epic on HealthKit has lured a hefty percentage of the nation’s leading hospitals to give it a try.)

Telemedicine is growing at a monster pace as well.  One study from last year by Deloitte concluded that the market for virtual consults in 2014 would hit 70 million, and that the market for overall telemedical visits could climb to 300 million over time.

Given that the data generated by these technologies is medical, private and presumably protected by HIPAA, where’s the hue and cry over protecting this form of patient data?

After all, though a patient’s HIV or mental health status won’t be revealed by a health band’s activity status, telemedicine consults certainly can betray those concerns. And while a telemedicine consult won’t provide data on a patient’s current cardiovascular health, wearables can, and that data that might be of interest to payers or even life insurers.

I admit that when the data being broadcast isn’t clear text summaries of a patient’s condition, possibly with their personal identity, credit card and health plan information, it doesn’t seem as likely that patients’ well-being can be compromised by medical data theft.

But all you have to do is look at human nature to see the flaw in this logic. I’d argue that if medical information can be intercepted and stolen, someone can find a way to make money at it. It’d be a good idea to prepare for this eventuality before a patient’s privacy is betrayed.

Mark Cuban’s Suggestion to Do Regular Blood Tests

Posted on April 24, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been really intrigued by the tweets from Mark Cuban and the response from many to his tweets from those in the healthcare IT community. Here’s a summary of the 3 tweets which ignited the discussion:

  1. If you can afford to have your blood tested for everything available, do it quarterly so you have a baseline of your own personal health
  2. create your own personal health profile and history. It will help you and create a base of knowledge for your children, their children, etc
  3. a big failing of medicine = we wait till we are sick to have our blood tested and compare the results to “comparable demographics”

My friends Dan Munro and Gregg Masters have both been writing a lot about the subject, but there are many others as well. They’ve been hammering Mark Cuban for “giving medical advice” to people when he’s not a doctor. I find these responses really ironic since many of the people who are railing against Mark Cuban are the same people who are calling for us to take part in the quantified self movement.

What I think these people who rail against Mark Cuban want to say is: Don’t misunderstand what Mark’s saying. More testing doesn’t always improve healthcare. In fact, more testing can often lead to a lot of unneeded healthcare.

This is a noble message that’s worthy of sharing. However, I think Mark Cuban understands this. That’s why one of his next tweets told people to get the tests, but don’t show the results to their doctors until they’re sick. In fact, Mark even suggests in his tweets that the history of all these tests could be beneficial to his children and their children. He also calls it a baseline. Mark’s not suggesting that people get these blood tests as a screening for something, but as a data store of health data that could be beneficial sometime in the future.

How is Mark Cuban storing the results of a bunch of blood tests any different than him storing the results from his fitbit or other health sensor?

One problem some people have pointed out is that if you’re doing these blood tests as a baseline, then what if the blood tests weren’t accurate? Then, you’d be making future medical decisions based on a bunch of incorrect data. This is an important point worth considering, but it’s true of any health history. Plus, how are we suppose to make these blood tests more accurate? If the Mark Cuban’s of the world want to be our guinea pigs and do all these blood tests, that’s fine with me. Having them interested in the data could lead to some breakthroughs in blood testing that we wouldn’t have discovered otherwise.

Along with improving the quality of the data the tests produce, it’s possible that having all of this data could help people discover something they wouldn’t have otherwise seen. Certainly any of these possible discoveries should go through the standard clinical trial process before being applied to patients broadly. However, researchers only have so much time and so many resources to commit to clinical trials. Could all the data from a wide swatch of blood tests better help a research identify which research or clinical trials are worth pursuing first? I think so.

For me it all goes back to the wide variety of health sensors that are hitting the market. A blood test is just a much more powerful test than many of the health sensors we see on the market today. So, the warning to be careful about what you read into all these blood tests is an incredibly important message. However, with that fair warning, I don’t see any problem with Mark’s suggestion. In fact, I think all of the extra data could lead to important discoveries that improve the quality of the tests and what measurements really matter.

Telemedicine Startup Offers Providers A Shot At Equity

Posted on April 22, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Over the last couple of years, the number of telemedicine vendors out there fighting for business has exploded.  These include DoctoronDemand, GoTelecare, HealthTap, MDLIVE, American Well and many, many more.

Health plans are jumping on the bandwagon too. For example, United Healthcare  has been running a popular national television campaign advertising its “virtual clinic” services. UHC is my plan, so I can attest that this service — shown as embedded in its member site — hasn’t been rolled out yet, but that only makes its desire to get out in front of the trend more noteworthy.

Telemedicine models in play include companies that recruit providers and sell them to consumers, vendors who enable telemedicine via proprietary platforms and firms that lead with community building. At present the direct-to-consumer players seem to be somewhat ahead, simply because they’ve already begun developing a national brand, but the story doesn’t end there.

Though consumer-facing telemedicine companies probably have a viable business model, they’ll have to build a memorable consumer brand to make it, something that takes a great deal of  time and money.  On the other hand, vendors that offer white-label telemedicine technology to hospitals and health plans have at least as much to gain, without having to win the loyalty of fickle consumers.

One telemedicine player doing just that is Nashville-based PointNurse, which has developed a distributed collaboration and communications platform providers can use to deliver telemedicine services. I just spoke to CEO Cyrus Maaghul, who gave me a company overview, and was interested to hear that his venture is taking things in some new directions.

PointNurse is different than most companies in the telemedicine space for a few reasons.

For one thing, the platform includes block chain capabilities, which allow providers to accumulate credits for both community participation and actual care delivery. (In case you aren’t familiar with block chain technology, which powers crypto currency Bitcoin, you may want to click here.)

These credits aren’t just for fun. Eventually, when providers accumulate enough credits, they get a pro-rata share of a dedicated pool of equity.

Consumers, for their part, are given a multi-signature wallet which stores both their personal and clinical information, resulting more or less in a PHR with added capabilities. PointNurse hasn’t yet devised a way to share the data with provider EMRs, but that’s a short-term goal.

A wide range of providers can participate in PointNurse, including not only MDs but also nurse practitioners, pharmacists, RNs, LPNs and elder advocates.

A sister venture, HealthCombix, will license the technology underlying PointNurse to hospitals and payers. HealthCombix will provide APIs and tools to build their own distributed applications.

As Maaghul sees it, it’s critical for providers to realize more than a short-term benefit from participating in telemedicine. “I wanted to make providers feel highly motivated — that they can gain from this [arrangement],” Maaghul said. “This creates value for the patient.”

Of course, there’s no proof yet that this or any particular telemedicine business model is going to capture its market niche.  In fact, it’s not even clear what niches will emerge in this space; after all, though it’s moving fast it’s far from mature.

That being said, this approach has some intriguing aspects. I’ll be interested to see whether its business model and and unusual underlying technology work out.