Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

What Do You Think Of Data Lakes?

Posted on October 4, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Being that I am not a high-end technologist, I’m not always up on the latest trends in database management – so the following may not be news to everyone who reads this. As for me, though, the notion of a “data lake” is a new one, and I think it a valuable idea which could hold a lot of promise for managing unruly healthcare data.

The following is a definition of the term appearing on a site called KDnuggets which focuses on data mining, analytics, big data and data science:

A data lake is a storage repository that holds a vast amount of raw data in its native format, including structured, semi-structured and unstructured data. The data structure and requirements are not defined until the data is needed.

According to article author Tamara Dull, while a data warehouse contains data which is structured and processed, expensive to store, relies on a fixed configuration and used by business professionals, a data link contains everything from raw to structured data, is designed for low-cost storage (made possible largely because it relies on open source software Hadoop which can be installed on cheaper commodity hardware), can be configured and reconfigured as needed and is typically used by data scientists. It’s no secret where she comes down as to which model is more exciting.

Perhaps the only downside she identifies as an issue with data lakes is that security may still be a concern, at least when compared to data warehouses. “Data warehouse technologies have been around for decades,” Dull notes. “Thus, the ability to secure data in a data warehouse is much more mature than securing data in a data lake.” But this issue is likely to receive in the near future, as the big data industry is focused tightly on security of late, and to her it’s not a question of if security will mature but when.

It doesn’t take much to envision how the data lake model might benefit healthcare organizations. After all, it may make sense to collect data for which we don’t yet have a well-developed idea of its use. Wearables data comes to mind, as does video from telemedicine consults, but there are probably many other examples you could supply.

On the other hand, one could always counter that there’s not much value in storing data for which you don’t have an immediate use, and which isn’t structured for handy analysis by business analysts on the fly. So even if data lake technology is less costly than data warehousing, it may or may not be worth the investment.

For what it’s worth, I’d come down on the side of the data-lake boosters. Given the growing volume of heterogenous data being generated by healthcare organizations, it’s worth asking whether deploying a healthcare data lake makes sense. With a data lake in place, healthcare leaders can at least catalog and store large volumes of un-normalized data, and that’s probably a good thing. After all, it seems inevitable that we will have to wring value out of such data at some point.

One Example Of Improving Telehealth Documentation 

Posted on August 16, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Over the past year or two, the pressure has risen for providers to better document telehealth encounters, a pressure which has only mounted as the volume of such consults has grown. But until recently, telemedicine notes have been of little value, as they’ve met few of the key criteria that standard notes must meet.

The fact that such consults aren’t integrated with EMRs has made such an evolution even trickier. I guess doctors might be able to squeeze the patient’s video screen into one corner, allowing the clinician to work within the existing EMR display, but that would make both the consult and the note-taking rather inefficient, wouldn’t it?  The bottom line is that if telemedicine is to take its place alongside of other modes of care, this state of affairs is unsustainable.

For one thing, health plans that reimburse for telehealth services won’t be satisfied with vague assurances that such care made a difference – they’ll want some basis for analyzing its impact, which can’t be done without at least some basic diagnostic and care-related information. Also, providers will need similar records, for reasons which include the need to integrate the information into the patient’s larger record and to track the progress of this approach.

All of which is to note that I was happy to stumble across an example of a telemedicine provider that’s making efforts to improve its consult notes. While the provider, Doctor on Demand, hasn’t exactly reinvented the telehealth record, it’s improving those records, and to my way of thinking that deserves a shout-out.

As some readers may know, Doctor on Demand is a consumer-facing telemedicine provider which offers video visits with primary care doctors, counselors and psychiatrists. Its competitors include HealthTap and American Well. Because the company works with my health plan, United Healthcare, I’ve used its services to deal with off-hours issues as they arise.

Just today I had a video visit with a Doctor on Demand doctor to address a mild asthma care issue, after which I reviewed the physician’s notes. When I did so, I was happy to see that those notes included a ICD-10 diagnosis code. The notes also incorporated a consumer-level summary of what the diagnosed condition was, what to do about it, what its prognosis was and how to follow up. Essentially, Doctor on Demand’s notes have evolved from a sentence of two of informal suggestions to a more-structured document not unlike a set of hospital discharge instructions.

Don’t get me wrong, I’m certainly well aware that these are just baby steps. Doctor on Demand will have to move a lot further in this direction before consult documentation offers much to other providers. That being said, adding a formal diagnosis code gives the company a better means for analyzing key patterns of utilization internally by presenting condition, which can help its leaders look at whom they serve. Doctor on Demand can also use this information to pitch deals with potential partners, by sharing data on its population and underscoring its capabilities. In other words, these changes should make an impact.

Ultimately, telehealth documentation will have to meet the same expectations that other healthcare documentation does. And it’s not clear to me how freestanding telemedicine firms like Doctor on Demand will bridge that gap. After all, generating complete documentation takes far more than a few useful gestures. Even if the company threw a high-end EMR at the problem, merging it with the existing workflow is likely to be a huge undertaking. But still, making a bit of progress is worthwhile. I hope Doctor on Demand’s competitors are taking similar steps.

E-Patient Update: Using Digital Health For Collaborative Medication Management

Posted on June 1, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Recently, I had a medical visit which brought home the gap between how doctors and patients approach to medications. While the physician and his staff seemed focused on updating a checklist of meds, I wanted med education and a chance to ask in-depth self-management questions. And though digital health tools and services could help me achieve these goals, they didn’t seem to be on the medical group’s radar.

At this visit, as I waited to see the doctor, a nurse entered with a laptop on a cart. Consulting her screen, she read off my medication list and item by item, asked me to confirm whether I took the given medication. Then, she asked me to supply the name and dosage of any drugs that weren’t included on the list. Given that I have a few chronic conditions, and take as many as a dozen meds a day, this was an awkward exercise. But I complied as best I could. When a physician saw me later, we discussed only the medication he planned to add to the mix.

While I felt quite comfortable with both the nurse and doctor, I wasn’t satisfied with the way the medication list update was handled. At best, the process was clumsy, and at worst, it might have passed over important information on drug history, interactions and compliance. Also, at least for me, discussing medications was difficult without being able to see the list.

But at least in theory, digital health technology could go a long way toward addressing these issues. For example:

  • If one is available, the practice could use a medication management app which syncs with the EMR it uses. That way, clinicians could see my updates and ask questions as appropriate.
  • Alternatively, the patient should have the opportunity to review their medication list while waiting to be seen, perhaps by using a specialized patient login for an EMR portal. This could be done using a laptop or tablet on a cart similar to what clinicians use.
  • When reviewing their medication list, patients could select medications about which they have questions, delete medications they no longer take and enter meds they’ve started since their last visit.
  • At least for complex cases, patients should have an opportunity to do a telehealth consult with a pharmacist if requested. This would be especially helpful prior to adding new drugs to a patient’s regimen. (I don’t know if such services exist but my interest in them stands.)

To me, using digital health options to help patients manage their meds makes tremendous sense. Now that such tools are available, physicians can loop patients into the med management discussion without having to spend a lot of extra time or money. What’s more, collaboration helps patients manage their own care more effectively over the long term, which will be critical under value-based care. But it may not be easy to convince them that this is a good idea.

Unfortunately, many physicians see sharing any form of patient data as a loss of control. After all, in the past a chart was for doctors, not patients, and in my experience, that dynamic has carried over into the digital world. I have struggled against this — in part by simply asking to look at the EMR screen — but my sense is that many clinicians are afraid I’ll see something untoward, misinterpret a data point or engage in some other form of mischief.

Still, I have vowed to take better control of my medications, and I’m going to ask every physician that treats me to consider digital med management tools. I need them to know that this is what I need. Let’s see if I get anywhere!

Telemedicine Parody of Daughtry’s “Home” #LetERsBeERs

Posted on May 30, 2016 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It’s a Holiday and so we thought we’d do something a little fun. It comes from Frank Fortner, President of Iatric Systems, in this great parody song. However, there’s little doubt that this was something that Frank created on the side as opposed to some marketing campaign for Iatric Systems. It’s great to have someone that’s so passionate about healthcare that they’re willing to use their creativity in their off time to create these healthcare parody songs.

Here’s Frank’s description of the video:

An acoustical, telehealthical parody of Daughtry’s hit song “Home” inspired by true stories, most recently, a great experience with an online telehealth provider. ERs are incredible places that save lives every day, but for primary or less urgent care, there are now a lot of great options out there. #LetERsBeERs!

Now enjoy his parody of “Home” that he calls “Staying Home”

Galaxy Will See You Now

Posted on May 27, 2016 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This post is sponsored by Samsung Business. All thoughts and opinions are my own.

We all know how dramatic our lives have changed thanks to technology. Many of us remember the impact a computer in every home had on our lives. Now we’re seeing that same transformation happening as we all start carrying a smartphone in our pocket. Each of these technologies has opened up new worlds of possibilities in our personal lives and also for healthcare. I think we’ll see a similar transformation with the introduction of voice recognition and AI (Artificial Intelligence).

When we start talking about AI, most of us probably think about the movies they’ve seen where AI was on display. Hollywood’s use of AI in movies often makes it so it doesn’t feel very real. However, if you have a smartphone, then you’ve probably used AI. I know my first real experience with AI was on my Samsung Galaxy S3. I remember my wife and I going on a date and we spent the majority of our date asking “Galaxy” various questions. We got surprisingly good answers including easy access to the show times for the movie we ended up seeing.

Most of us have had this type of experience with AI on our smartphone. It’s pretty magical, but I must admit that I didn’t use it that often when it was just on my phone. There were a few cases it was really useful like when I was driving and needed directions to a gas station. The hands-free access to information was extremely powerful, but it wasn’t part of my daily experience. However, that changed for me when I introduced an always on AI solution in my home. Now it’s become a daily part of me and my family’s life.

How does this apply to healthcare? It’s becoming very clear that the home is the healthcare hub of the future. Think about having always on tablets, smart TVs, and other devices positioned throughout your home where you can easily access your health information, medical knowledge, and healthcare providers. That’s powerful. Plus, those devices and attached sensors are starting to easily monitor you, your environment, and your health. This two way connection creates an extremely powerful combination that will change the way we view healthcare.

Certainly there are practical examples of home health services that exist today including monitoring recently discharged patients, monitoring seniors, connecting patients with doctors, and much more. We’re seeing all of these connected home health services happen more and more every day. Just what we’ve already begun to implement will improve the healthcare we provide dramatically. However, we’re just starting to explore what AI and new technologies can do for healthcare. The best is still to come.

How long will it be before we can sit at home and we can ask our tablet or smart TV “Galaxy, how’s my blood pressure doing today?” Or “Galaxy, can you schedule me a telemedicine visit with my doctor to discuss my prescription refill?” Not to mention Galaxy proactively reaching out to you to motivate healthy decision making.

What’s so incredible is that executing these ideas and many more aren’t that farfetched given the powerful technology that exists today. We still need to connect a few dots, but it’s all extremely doable from a technical perspective.

What’s going to be harder is the cultural shift and change of mindset. However, that’s happening already and it will accelerate over time. I’m sure my kids wouldn’t think twice about asking our TV or tablet for a doctor’s appointment and then having the doctor streamed right to the TV or their tablet. They probably wonder why it’s not already possible.

Even while we wait for this more automated AI future, there are still big home health things happening on smartphones and tablets. Each of those things is a building block to this exalted future. I’m ready for Galaxy to see me now. In fact, in some ways he already does. Are you ready?

For more content like this, follow Samsung on Insights, Twitter, LinkedIn , YouTube and SlideShare.

The Perfect EHR Workflow – Video EHR

Posted on May 12, 2016 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been floating this idea out there for years (2006 to be exact), but I’d never put it together in one consolidated post that I could point to when talking about the concept. I call it the Video EHR and I think it could be the solution to many of our current EHR woes. I know that many of you will think it’s a bit far fetched and in some ways it is. However, I think we’re culturally and technically almost to the point where the video EHR is a feasible opportunity.

The concept is very simple. Put video cameras in each exam room and have those videos replace your EHR.

Technical Feasibility
Of course there are some massive technical challenges to make this a reality. However, the cost of everything related to this idea has come down in price significantly. The cost of HD video cameras negligible. The cost of video storage, extremely cheap and getting cheaper every day. The cost of bandwidth, cheaper and higher quality and so much potential to grow as more cities get fiber connectivity. If this was built on the internal network instead of the cloud, bandwidth is an easily solved issue.

When talking costs, it’s important to note that there would be increased costs over the current documentation solutions. No one is putting in high quality video cameras and audio equipment to record their visits today. Not to mention wiring the exam room so that it all works. So, this would be an added cost.

Otherwise, the technology is all available today. We can easily record, capture and process HD video and even synchronize it across multiple cameras, etc. None of this is technically a challenge. Voice recognition and NLP have progressed significantly so you could process the audio file and convert it into granular data elements that would be needed for billing, clinical decision support, advanced care, population health, etc. These would be compiled into a high quality presentation layer that would be useful for providers to consume data from past visits.

Facial recognition technology has also progressed to the point that we could use these videos to help address the patient identification and patient matching problems that plague healthcare today. We’d have to find the right balance between trusting the technology and human verification, but it would be much better and likely more convenient than what we have today.

Imagine the doctor walking into the exam room where the video cameras in the exam room have already identified the patient and it would identify the doctor as she walked in. Then, the patient’s medical record could be automatically pulled up on the doctor’s tablet and available to them as they’re ready to see the patient.

Plus, does the doctor even need a tablet at all? Could they instead use big digital signs on the walls which are voice controlled by a Siri or Alexa like AI solution. I can already hear, “Alexa, pull up John Lynn’s cholesterol lab results for the past year.” Next thing you know, a nice chart of my cholesterol appears on the big screen for both doctor and patient to see.

Feels pretty far fetched, but all of the technology I describe is already here. It just hasn’t been packaged in a way that makes sense for this application.

Ideal Workflow for Providers – I can think of no better workflow for a doctor or nurse. Assuming the tech works properly (and that’s a big assumption will discuss in the cons), the provider walks into the exam room and engages with the patient. Everything is documented automatically. Since it’s video, I mean literally everything would be documented automatically. The providers would just focus on engaging with the patient, learning about their health challenges, and addressing their issues.

Patient Experience – I’m pretty sure patients wouldn’t know what to do if their doctor or nurse was solely focused on them and wasn’t stuck with their head in a chart or in their screen. It would totally change patients’ relationship with their doctors.

Reduced Liability – Since you literally would have a multi angle video and audio recording of the visit, you’d have the proof you’d need to show that you had offered specific instructions or that you’d warned of certain side effects or any number of medical malpractice issues could be resolved by a quick look at the video from the visit. The truth will set you free, and you’d literally have the truth about what happened during the visit on video.

No Click Visit – This really is part of the “Ideal Workflow” section, but it’s worth pointing out all the things that providers do today to document in their EHR. The biggest complaint is the number of clicks a doctor has to do. In the video EHR world where everything is recorded and processed to document the visit you wouldn’t have any clicks.

Ergonomics – I’ve been meaning to write a series of posts on the health consequences doctors are experiencing thanks to EHR software. I know many who have reported major back trouble due to time spent hunched over their computer documenting in the EHR. You can imagine the risk of carpal tunnel and other hand and wrist issues that are bound to come up. All of this gets resolved if the doctor literally walks into the exam room and just sees the patient. Depending on how the Video EHR is implemented, the doctor might have to still spend time verifying the documentation or viewing past documentation. However, that could most likely be done on a simple tablet or even using a “Siri”-like voice implementation which is much better ergonomically.

Learning – In mental health this happens all the time. Practicum students are recording giving therapy and then a seasoned counselor advises them on how they did. No doubt we could see some of the same learning benefits in a medical practice. Sometimes that would be through peer review, but also just the mere fact of a doctor watching themselves on camera.

Privacy – The biggest fear with this idea is that most people think this is or could be a major privacy issue. They usually ask the question, “Will patients feel comfortable doing this?” On the privacy front, I agree that video is more personal than granular data elements. So, the video EHR would have to take extreme precautions to ensure the privacy and security of these videos. However, from an impact standpoint, it wouldn’t be that much different than granular health information being breached. Plus, it’s much harder to breach a massive video file being sent across the wire than a few granular text data elements. No doubt, privacy and security would be a challenge, but it’s a challenge today as well. I don’t think video would be that much more significant.

As to the point of whether patients would be comfortable with a video in the exam room, no doubt there would need to be a massive culture shift. Some may never reach the point that they’re comfortable with it. However, think about telemedicine. What are patients doing in telemedicine? They’re essentially having their patient visit on video, streamed across the internet and a lot of society is very comfortable with it. In fact, many (myself included) wish that telemedicine were more widely available. No doubt telemedicine would break down the barriers when it comes to the concept of a video EHR. I do acknowledge that a video EHR takes it to another level and they’re not equal. However, they are related and illustrate that people’s comfort in having their medical visits on video might not be as far fetched as it might seem on the surface.

Turns out that doctors will face the same culture shift challenge as patients and they might even be more reluctant than patients.

Trust – I believe this is currently the biggest challenge with the concept of a video EHR. Can providers trust that the video and audio will be captured? What happens if it fails to capture? What happens if the quality of the video or audio isn’t very good? What is the voice recognition or NLP isn’t accurate and something bad happens? How do we ensure that everything that happens in the visit is captured accurately?

Obviously there are a lot of challenges associated with ensuring the video EHR’s ability to capture and document the visit properly. If it doesn’t it will lose providers and patients’ trust and it will fail. However, it’s worth remembering that we don’t necessarily need it to be perfect. We just need it to be better than our current imperfect status quo. We also just need to design the video EHR to avoid making mistakes and warn about possible missing information so that it can be addressed properly. No doubt this would be a monumental challenge.

Requires New Techniques – A video EHR would definitely require modifications in how a provider sees a patient. For example, there may be times where a patient or the doctor need to be positioned a certain way to ensure the visit gets documented properly. You can already see one of the cameras being a portable camera that can be used for close up shots of rashes or other medical issues so that they’re documented properly.

No doubt providers would have to learn new techniques on what they say in the exam room to make sure that things are documented properly. Instead of just thinking something, they’ll have to ensure that they speak clinical orders, findings, diagnosis, etc. We could have a long discussion on the impact for good and bad of this type of transparency.

Double Edged Sword of Liability – While reduced liability is a pro, liability could also be a con for a video EHR. Having the video of a medical visit can set you free, but it can also be damning as well. If you practice improper medicine, you won’t have anywhere to hide. Plus, given our current legal environment, even well intentioned doctors could get caught in challenging situations if the technology doesn’t work quite right or the video is taken out of context.

Reality Check
I realize this is a massive vision with a lot of technical and cultural challenges that would need to be overcome. Although, when I first came up with the idea of a video EHR ~10 years ago, it was even more far fetched. Since then, so many things have come into place that make this idea seem much more reasonable.

That said, I’m realistic that a solution like this would likely start with some sort of half and half solution. The video would be captured, but the provider would need to verify and complete the documentation to ensure its accuracy. We couldn’t just trust the AI engine to capture everything and be 100% accurate.

I’m also interested in watching the evolution of remote scribes. In many ways, a remote scribe is a human doing the work of the video EHR AI engine. It’s an interesting middle ground which could illustrate the possibilities and also be a small way to make patients and providers more comfortable with cameras in the exam room.

I do think our current billing system and things like meaningful use (or now MACRA) are still a challenge for a video EHR. The documentation requirements for these programs are brutal and could make the video EHR workflow lose its luster. Could it be done to accommodate the current documentation requirements? Certainly, but it might take some of the polish off the solution.

There you have it. My concept for a video EHR. What do you think of the idea? I hope you tear it up in the comments.

Virtual Reality in Healthcare

Posted on January 18, 2016 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

David Chou has an interesting post up over at the Healthcare Standards blog that talks about virtual reality (VR) and where we’ll see it in healthcare. He posits the following 3 areas of healthcare where the healthcare industry can benefit:

  1. Training
  2. Diagnosis
  3. Treatment

I can’t argue with David’s assessment of how virtual reality solutions will be used in healthcare. I think the most promising of these is likely in the medical training area. However, there are no doubt going to be some great treatment options that use VR as well.

The problem with virtual reality in healthcare is that none of the virtual reality companies are going to focus any of their effort on healthcare. Everyone that I talked to at CES (see all our coverage of Digital Health at CES) made it very clear that VR technology was going to start with gaming and video. That opportunity is so large that they don’t have any time or need to go after other markets.

This isn’t to say that virtual reality won’t be used in healthcare. What I’m saying is that virtual reality vendors aren’t going to be doing things to make it easy for healthcare to adopt their technologies. Innovators that want to use virtual reality in healthcare are going to have to take and adapt what’s built for other industries and apply it to healthcare.

Here’s a simple example. I saw an amazing number of 360 degree camera options that are paired with virtual reality. You literally can turn around and see what’s happening all around you as if you were standing in a room. It’s quite amazing technology (although there was some digital stiching that still needs to be improved) and you could see some application of the technology in healthcare. The problem is that it’s unlikely that this video technology is going to be HIPAA compliant by default. Let’s not even talk about these vendors signing a HIPAA business associate agreement.

This example is why I think the medical training aspect of virtual reality is so promising. It’s not governed by HIPAA and so the technology doesn’t have to worry about those requirements and regulations. The same is true for treatment. The problem there is that for it to truly be classified as a treatment, it’s going to have to go through FDA testing and/or clinical trials. The pace of change is moving so fast with virtual reality technology that by the time you finished a clinical trial or became FDA cleared the old virtual reality technology you used will be considered legacy software and hardware.

With all of this said, I had a chance to try out the next generation Oculus Riftat the Dell venue and it was an extraordinary experience. I got lost in the virtual world (I was playing a simple video game) and completely forgot that I was in a noisy bar. I’m excited to see all of the places virtual reality will pop up. That includes in healthcare.

6 Questions To Consider When Providing Virtual Visits Using Video Technology

Posted on January 13, 2016 I Written By

The following is a guest blog post by Dr. Sherry Benton, Creator and Chief Science Officer at TAO Connect.
Sherry Benton
Kaiser Permanente Venture, the corporate venture capital arm of Kaiser Permanente, announced in December 2015 that it would strategically invest $10 million Vidyo, Inc., a leader in high-quality visual communications, to increase patient convenience and the improve the overall quality of care. This endorsement of telemedicine technology by one of the nation’s largest health networks is a strong indication that telemedicine has begun to emerge as a go-to strategy for hospitals and health systems.

In addition, a breadth of clinical research consistently shows that virtual visits either by phone or videoconferencing are just as effective as face-to-face encounters. This is particularly true for synchronous “real-time” communications using technology. Such communications not only increase patient engagement, but they also increase accountability, resulting in more positive outcomes.

Kaiser Permanent’s venture into telemedicine is one of many examples we’ll likely see over the next few years as patient engagement continues to take priority. According to research firm Parks Associates, the use of video conferencing to facilitate an encounter between a provider and patient is projected to reach 130 million visits in 2018.

However, as providers embrace telemedicine technology, they must also keep HIPAA privacy and security at the forefront. Kaiser Permanente, for example, has stated its telemedicine solution offers HIPAA-compliant encryption—a necessity for any provider offering virtual visits. Far too often, providers resort to Skype, FaceTime, or a host of other video service providers without thinking about the potential for breaches of PHI.

Ask your potential video service provider whether it meets federal government standards for HIPAA compliance as a covered entity. The TeleMental Health Institute provides additional guidance on selecting a specific video service provider.

Also consider these six important privacy-and security- questions as you explore video telemedicine options:

  1. Will your video service provider sign a business associate agreement as required by the HIPAA Omnibus Act?
  2. Do you and your patient both have a secure/encrypted Internet connection to prevent interception?
  3. Can your video service provider encrypt data” in motion” and “at rest” as per HIPAA requirements? Data “at rest” refers to data stored on the video service provider’s server and can potentially include non-video elements (e.g., exercises, assessments, and logs) as well. Data must be secure and encrypted for the entirety of the time that it’s retained as dictated by state and federal regulations. Data “in motion” refers to data moving from the patient to the server or from the patient to the provider via the server. This requires security and encryption as information flows through routers, load balancers, firewalls, and Ethernet networks. Ask your video service provider how it incorporates HIPAA-compliant security protocols during every step in the process and for its various delivery platforms and applications, including mobile, web-based, and desktop.
  4. How will you define your legal health record? Will it include the actual video recording itself? If so, how will you handle patient requests for copies of this information? Some specialties, such as mental health, rarely store video unless it’s used for supervision/educational purposes.
  5. Have you implemented role-based access to the virtual visit software at the point of logon?
  6. Have you provided sufficient patient education? For example, patients should be in a private place during the actual virtual visit so no one else can observe the conversation. When patients use a mobile device to participate in a virtual visit, we advise passwords requiring re-entry after a brief period of inactivity. Patient education goes a long way toward risk mitigation in telemedicine.

Looking ahead
Many of the HIPAA challenges related to telemedicine are the same ones we face in a non-virtual world. However, telemedicine certainly requires a heightened awareness of the potential for hacking and virtual interceptions. Give careful consideration of privacy and security at all points in the delivery care process. Take your time in searching for the right video service provider and ensure they are willing to meet all HIPAA requirements in writing…and in practice.

About Sherry Benton, PhD
Dr. Benton is the creator of TAO Connect and director of the University of Florida Counseling Center. She is also a fellow in the American Psychological Association and the President Emeritus of the Academy of Counseling Psychology. Dr. Benton has been a psychologist and mental health care administrator for 22 years.

Are These Types of Breaches Really Necessary?

Posted on December 28, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Over the past couple of days, I took the time to look over Verizon’s 2015 Protected Health Information Data Breach Report.  (You can get it here, though you’ll have to register.)

While it contained many interesting data points and observation — including that 90% percent of the industries researchers studied had seen a personal health information breach this year — the stat that stood out for me was the following. Apparently, almost half (45.5%) of PHI breaches were due to the lost or theft of assets. Meanwhile, issue of privileges and miscellaneous errors came in at distant second and third, at just over 20% of breaches each.

In case you’re the type who likes all the boxes checked, the rest of the PHI breach-causing list, dubbed the “Nefarious Nine,” include “everything else” at 6.7%, point of sale (3.8%), web applications (1.9%), crimeware, (1.4%), cyber-espionage (0.3%), payment card skimmers (0.1%) and denial of service at a big fat zero percent.

According to the report’s authors, lost and stolen assets have been among the most common vectors for PHI exposure for several years. This is particularly troubling given that one of the common categories of breach — theft of a laptop — involves data which was not encrypted.

If stolen or lost assets continue to be a problem year after year, why haven’t companies done more to address this problem?

In the case of firms outside of the healthcare business, it’s less of a surprise, as there are fewer regulations mandating that they protect PHI. While they may have, say, employee worker’s compensation data on a laptop, that isn’t the core of what they do, so their security strategy probably doesn’t focus on safeguarding such data.

But when it comes to healthcare organizations — especially providers — the lack of data encryption is far more puzzling.

As the report’s authors point out, it’s true that encrypting data can be risky in some situations; after all, no one wants to be fumbling with passwords, codes or biometrics if a patient’s health is at risk.

That being said, my best guess is that if a patient is in serious trouble, clinicians will be attending to patients within a hospital. And in that setting, they’re likely to use a connected hospital computer, not a pesky, easily-stealable laptop, tablet or phone. And even if life-saving data is stored on a portable device, why not encrypt at least some of it?

If HIPAA fears and good old common sense aren’t good enough reasons to encrypt that portable PHI, what about the cost of breaches?  According to one estimate, data breaches cost the healthcare industry $6 billion per year, and breaches cost the average healthcare organization $3.5 million per year.

Then there’s the hard-to-measure cost to a healthcare organization’s brand. Patients are becoming increasingly aware that their data might be vulnerable, and a publicly-announced breach might give them a good reason to seek care elsewhere.

Bottom line, it would be nice to see out industry take a disciplined approach to securing easily-stolen portable PHI. After years of being reminded that this is a serious issue, it’s about time to institute a crackdown.

Telemedicine Cartoon

Posted on October 9, 2015 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As I often do, here’s a Fun Friday cartoon to start your weekend off right. There are a lot of ways to look at Telemedicine. I think Bill’s right that telemedicine will quickly just become medicine.