Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Why Small Medical Practices Are at Great Risk for a Cyber Attack

Posted on June 14, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The good people at ClinicSpectrum recently shared a look at why small practices are at risk for a cyber attack. They label it as why your EHR is at risk for a cyber attack, but I think their list is more specific to small practices as opposed to EHR. Take a look at their list:

Each of these issues should be considered by a small medical when it comes to why they are at risk for a cyber attack. However, the first one is one that I see often. Many small practices wonder, “Why would anyone want to hack my office?”

When it comes to that issue, medical practices need to understand how most hackers work. Most hackers aren’t trying to hack someone in particular. Instead, they’re just scouring the internet for easy opportunities. Sure, there are examples where a hacker goes after a specific target. However, the majority are just exploiting whatever vulnerabilities they can find.

This is why it’s a real problem when medical practices think they’re too small or not worth hacking. When you have this attitude, then you leave yourself vulnerable to opportunistic hackers that are just taking advantage of your laziness.

The best thing a medical practice can do to secure their systems is to care enough about having secure systems. You’ll never be 100% secure, but those organizations who act as if they don’t really care about security are almost guaranteed to be hacked. You can imagine how HHS will look at you if you take this approach and then get hacked.

Virtual Reality (VR) and Augmented Reality (AR) – #HITsm Chat Topic

Posted on June 13, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 6/16 at Noon ET (9 AM PT). This week’s chat will be hosted by Danielle Siarri (@innonurse) on the topic of “Virtual Reality (VR) and Augmented Reality (AR).”

As technology continues to evolve, the clinicians’ skill set will need to continue to keep up with the health tech evolution. Virtual reality actually stimulates our senses together in order to create the illusion of reality. Augmented reality (AR) is a blend of virtual reality (VR) and real life. AR users are able to interact with virtual contents in the real world and to distinguish between the two. A new term Mixed Reality is a hybrid reality that merges real and virtual worlds to produce new environments /visualizations where physical/digital objects co-exist then interact in real time. Currently VR and AR are being used to simulate and support medical and nursing training as well therapy for patients for anxiety and pain control.

Clinical practitioners are using VR prior to surgery instead of sedation. In Sweden, pharmacist are using VR for pain control. At a California hospital VR is being used for children with terminal cancer to “transport” them during long hospital and facilitate end of life care. Physiologist are using VR for agoraphobia and treating Post-Traumatic Stress Disorder (PTSD) to expose patients mentally without physically putting them in challenging environment.

Join us for the #HITsm chat for the topics of VR/AR in healthcare technology.

This Week’s Topics
T1: What are some ways you have seen VR/AR used to improve the patient’s experience? #HITsm

T2: What are some uses of Mix Reality that could be applied to clinical education? #HITsm

T3: What are implications of using 360 videos and VR with patients with limited mobility? #HITsm

T4: What are some of the future implication of AR, VR, MR in healthcare technology and why? #HITsm

T5: What are the barriers to implementing and widespread adoption of VR/AR into practice? #HITsm

Bonus: What efforts are in place to improve the divide in education and digital health literacy with VR/AR? #HITsm

Upcoming #HITsm Chat Schedule
6/23 – Clinical Intelligence
Hosted by Megan Janas (@TextraHealth)

6/30 – EHR Optimization
Hosted by Max Stroud (@MMaxwellStroud), Justin Campbell (@tjustincampbell), and Julie Champagne (@JulieEChampagne)

We look forward to learning from the #HITsm community! As always let us know if you’d like to host a future #HITsm chat or if you know someone you think we should invite to host.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

E-Patient Update:  I Was A Care Coordination Victim

Posted on June 12, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Over the past few weeks, I’ve been recovering from a shoulder fracture. (For the record, I wasn’t injured engaging in some cool athletic activity like climbing a mountain; I simply lost my footing on the tile floor of a beauty salon and frightened a gaggle of hair stylists. At least I got a free haircut!)

During the course of my treatment for the injury, I’ve had a chance to sample both the strengths and weaknesses of coordinated treatment based around a single EMR. And unfortunately, the weaknesses have shown up more often than the strengths.

What I’ve learned, first hand, is that templates and shared information may streamline treatment, but also pose a risk of creating a “groupthink” environment that inhibits a doctor’s ability to make independent decisions about patient care.

At the same time, I’ve concluded that centralizing treatment across a single EMR may provide too little context to help providers frame care issues appropriately. My sense is that my treatment team had enough information to be confident they were doing the right thing, but not enough to really understand my issues.

Industrial-style processes

My insurance carrier is Kaiser Permanente, which both provides insurance and delivers all of my care. Kaiser, which reportedly spent $4 billion on the effort, rolled out Epic roughly a decade ago, and has made it the backbone of its clinical operations. As you can imagine, every clinician who touches a Kaiser patient has access to that patient’s full treatment history with Kaiser providers.

During the first few weeks with Kaiser, I found that physicians there made good use of the patient information they were accumulating, and used it to handle routine matters quite effectively. For example, my primary care physician had no difficulty getting an opinion on a questionable blood test from a hematologist colleague, probably because the hematologist had access not only to the test result but also my medical history.

However, the system didn’t serve me so well when I was being treated for the fracture, an injury which, given my other issues, may have responded better to a less standardized approach.  In this case, I believe that the industrial-style process of care facilitated by the EMR worked to my disadvantage.

Too much information, yet not enough

After the fracture, as I worked my way through my recovery process, I began to see that the EMR-based process used to make Kaiser efficient may have discouraged providers from inquiring more deeply into my particulalr circumstances.

And yes, this could have happened in a paper world, but I believe the EMR intensified the tendency to treat as “the fracture in room eight” rather than an individual with unique needs.

For example, at each step of the way I informed physicians that the sling they had provided was painful to use, and that I needed some alternative form of arm support. As far as I can tell, each physician who saw me looked at other providers’ notes, assumed that the predecessor had a good reason for insisting on the sling, and simply followed suit. Worse, none seemed to hear me when I insisted that it would not work.

While this may sound like a trivial concern, the lack of a sling alternative seemed to raise my level of pain significantly. (And let me tell you, a shoulder fracture is a very painful event already.)

At the same time, otherwise very competent physicians seemed to assume that I’d gotten information that I hadn’t, particularly education on my prognosis. At each stage, I asked questions about the process of recovery, and for whatever reason didn’t get the information I needed. Unfortunately, in my pain-addled state I didn’t have the fortitude to insist they tell me more.

My sense is that my care would’ve benefited from both a more flexible process and more information on my general situation, including the fact that I was missing work and really needed reassurance that I would get better soon. Instead, it was care by data point.

Dealing with exceptions

All that being said, I know that the EMR alone isn’t itself to blame for the problems I encountered. Kaiser physicians are no doubt constrained by treatment protocols which exist whether or not they’re relying on EMR-based information.

I also know that there are good reasons that organizations like Kaiser standardize care, such as improving outcomes and reducing care costs. And on the whole, my guess is that these protocols probably do improve outcomes in many cases.

But in situations like mine, I believe they fall short. If nothing else, Kaiser perhaps should have a protocol for dealing with exceptions to the protocols. I’m not talking about informal, seat-of-the-pants judgment call, but an actual process for dealing with exceptions to the usual care flow.

Three weeks into healing, my shoulder is doing much better, thank you very much. But though I can’t prove it, I strongly suspect that I might have hurt less if physicians were allowed to make exceptions and address my emerging needs. And while I can’t blame the EMR for this experience entirely, I believe it played a critical role in consolidating opinion and effectively limiting my options.

While I have as much optimism about the role of EMRs as anyone, I hope they don’t serve as a tool to stifle dissension and oversimplify care in the future. I, for one, don’t want to suffer because someone feels compelled to color inside of the lines.

Healthcare Password Cartoon – Fun Friday

Posted on June 9, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve become a fan of @drmaypole on Twitter. He’s a cartoonist pediatrician and regularly tweets out cartoons like the following one:

I don’t know about you, but I’ve become really efficient at the password reset process on a number of websites that I only use once or twice a month. They set such restrictive policies on their passwords that I can never remember them since I use them so rarely. It’s just easier to reset it and create a new one. This cartoon captured the password issue really well.

Value-sizing The Patient Experience

Posted on June 8, 2017 I Written By

The following is a guest blog post by Sarah Bennight, Marketing Strategist for Stericycle Communication Solutions, as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter: @StericycleComms

In health IT, we talk about the patient experience all the time. Many of us have dedicated our entire careers to improving the patient experience. It has become so central to improving healthcare that patient-reported experience results determine a significant portion of reimbursement.

But today’s patient experiences do beg the question: are they a pie in the sky dream or something tangible that can be addressed in our organizations?

To tackle the patient experience, we have to audit all contact points to determine areas of weakness. A great way to start is by creating a healthcare consumer journey map. Identifying each point a patient could potentially interact with your organization is key to ensuring their experience will be great. Once you have identified each potential encounter, mystery shop that experience as if you were the patient to test your brand’s current performance. When determining whether or not your organization provides a great brand experience, you may find yourself comparing your performance to the top brands you work with on a daily basis.

For example, I recall a time when I studied abroad in the United Kingdom. Upon arriving in a foreign country after 22 hours of travel with little sleep, I needed to eat. I vaguely recalled passing a familiar restaurant sign on the way to my flat: McDonalds. And though I didn’t really love the golden arches at the time, I chose to eat there. Why? Because I knew what to expect. I knew how to order, what menu items would be available, and what it would taste like.

By focusing on consistent interactions and expectations for their customers, McDonalds has created a strong brand. In fact, when asked about introducing new products during a 2010 CNBC interview, former CEO James Skinner said “[McDonald’s doesn’t] put something on the menu until it can be produced at the speed of McDonalds.”

Can your healthcare consumers count on a consistent experience when contacting your organization? Your brand experience should encompass the entire health system to build confidence and loyalty in your brand. Creating consistency across each encounter begins with simple questions. Was their initial call met with a timely, sincere, and welcoming voice? Was parking convenient? Are average waiting times reasonable? Do Center A and Center B provide the same quality support? Is their bill easy to understand? If your answers are all yes, it’s more likely that patients will continue to choose your organization.

When patients feel confidence about provided services and perceive value in the care you provide, brand loyalty is achieved. What’s more, many studies show that patients who have great healthcare experiences and are confident in the level of care they receive will have better clinical outcomes. Value-based care demands consistent, evidence-based clinical interactions. But we can’t leave out the important patient experience outside the walls of the exam room.

After my exhaustive travels, I certainly had a better outcome by relying on my trust in McDonalds’ brand. I chose to value-size my meals frequently throughout my England journey – not because it was the best tasting food, but because I could always rely on consistently convenient and quality experiences. The healthcare industry can certainly learn a lot more from cutting edge commercial companies when it comes to creating loyalty. To learn more about the patient journey and loyalty, download our e-book.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality call center & telephone answering servicespatient access services and automated communication technology. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media: @StericycleComms

Health System & Health Plan Innovation, Change & Growth During Uncertain Times – #HITsm Chat Topic

Posted on June 7, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 6/9 at Noon ET (9 AM PT). This week’s chat will be hosted by @HCExecGroup, @_GWConnect and @_GuideWell as part of #AHIPInstitute on the topic of “Health System & Health Plan Innovation, Change & Growth During Uncertain Times.”

Major forces of change – including consumerism, value-based care, risk-sharing between health systems, providers and payers, the need to address health equity, and new market entrants – have ‘invaded’ healthcare in the United States over the past decade. Moreover, the Affordable Care Act, ongoing regulatory pressures and uncertainty resulting from healthcare reform efforts have further amplified the need for health systems, health plans, hospitals and healthcare providers to evaluate new business models and diversify their business; all while devising innovative ways to stay relevant and competitive in their markets as they improve health outcomes, lower costs & improve equity for all.

This chat will explore topics related to innovation and factors impacting how healthcare organizations change and grow during this uncertain time. Join us Friday, 6/9 at Noon ET (9 AM PT) for a lively discussion.

This Week’s Topics
T1: What specific ‘areas of opportunity’ must health plans/systems address to improve health outcomes, lower costs & improve equity? #HITsm

T2: What must health systems & health plans focus on over next 8 to 18 months regardless of health reform outcome? #HITsm

T3: Who’s most likely to disrupt healthcare: insiders or outsiders? And what barriers do each face – right now or in near future? #HITsm

T4: What technologies will do the most to move healthcare supply-side toward improving outcomes, lowering costs & enhancing equity? #HITsm

T5: Incentives drive innovation. How can they be aligned to meaningfully support innovation that improves outcomes & lowers costs? #HITsm

Bonus: What are examples of innovative healthcare programs, processes, people and organizations – U.S.-based or elsewhere? #HITsm

Upcoming #HITsm Chat Schedule
6/16 – Virtual Reality (VR) and Augmented Reality (AR)
Hosted by Danielle Siarri (@innonurse)

6/23 – Clinical Intelligence
Hosted by Megan Janas (@TextraHealth)

6/30 – EHR Optimization
Hosted by Max Stroud (@MMaxwellStroud), Justin Campbell (@tjustincampbell), and Julie Champagne (@JulieEChampagne)

We look forward to learning from the #HITsm community! As always let us know if you’d like to host a future #HITsm chat or if you know someone you think we should invite to host.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

Legal Ramifications of EHRs Selling Data

Posted on June 6, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Prompted by an engagement with prominent healthcare lawyer, Matt Fisher (@Matt_R_Fisher), on Twitter, Healthcare Scene decided to sit down with Matt to talk about the challenging topic of EHR vendors selling patient data. As a basis for the discussion, I suggested to Matt that EHR vendors were selling the EHR data and so we should dive into the details of when they are legally allowed to sell EHR data and when they are not.

That’s exactly what we did in my video interview with Matt Fisher below. Turns out there are a lot of little nuances to when and how an EHR vendor can sell patient data and HIPAA is only one of them. Plus, Matt and I also talk a bit about how a doctor and a patient can try and find out when and where their patient data is being sold. Learn about all the details in this video:

Is there anything you would add to the discussion? Were there any details or questions you think we missed? Let us know in the comments and we’ll do our best to get the answers.

HIPAA and Facebook Are Diametrically Opposed

Posted on June 5, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I tweeted this from the CHIME Fall Forum last year, but the idea is still on my mind. First, are HIPAA and Facebook diametrically opposed? Second, if they are or they aren’t, what does that mean for healthcare?

I’m not sure the intent of the person who said that Facebook and HIPAA were diametrically opposed, but I think it’s a reasonable observation. Facebook cares about getting and sharing as much information about you as possible. HIPAA cares about trying to protect your information.

While I think this is fundamentally how these companies think, the reality of what they do is much closer than people would think at first glance. While Facebook certainly wants to collect all of your personal data, it also has become quite sophisticated in its efforts to allow you to control how your data is shared. This wasn’t something that came naturally to them, but was forced upon them by years of crazy indiscretions which forced their hand.

HIPAA has come from the other end. While HIPAA is the portability act and not the privacy act (common mistake), that’s not how it was viewed when it was implemented. Everyone in healthcare saw HIPAA as a way to inhibit data sharing as opposed to a way to provide a framework for secure data sharing. In many cases, that’s still how people use HIPAA today. However, we’re starting to see that change as healthcare organizations have realized that their organizations need to share data. While not as progressive as Facebook in their data sharing controls, healthcare has become much more specific about how, when, what, and where they share patient data.

While we can find plenty of privacy and security issues with Facebook and HIPAA, I’d argue that both of them have become much more sophisticated in their approach to privacy and security. I believe this trend will only continue to get better.

What does all of this mean for healthcare?

Healthcare can learn a lot from Facebook when it comes to creating sophisticated privacy options that put the patient in control of their health data and allow the patient to control if and when that data is shared. However, we shouldn’t be surprised when we implement these controls and patients start sharing in ways that might feel risky to us. We may want to consider even more training on these sophisticated sharing options than what Facebook did for their users.

No doubt there’s a power in health data and much of that power is unleashed when it’s shared with the right people. The best thing we can do to unleash this power isn’t to create a free for all data sharing approach, but instead to take a more sophisticated data sharing approach that puts the patient at the center of the decision making process.

Healthcare Management Cartoon – Fun Friday

Posted on June 2, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Not sure if this has been a long week for anyone else, but it’s been a challenging week here for me. So, this Fun Friday cartoon is exactly what I needed to start the weekend.

I should pair this cartoon with the growth in the number of management in healthcare vs doctors over time, but I expect that most of you have seen the chart I’m talking about. Healthcare management positions have exploded in proportion to doctors, nurses, etc. I guess that’s what makes this cartoon even more ironic.

Have a great weekend!

We Don’t Use the Context We Have in Healthcare

Posted on June 1, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I was recently looking at all the ways consumer technology has been using the context of our lives to make things better. Some obvious examples are things like Netflix which knows what shows we watch and recommends other shows that we might enjoy. Amazon knows what we’ve bought before and what we’re searching for and can use those contexts to recommend other things that we might want to consider. I know I’ve used that feature a lot to evaluate which item was the best for me to purchase on Amazon.

Everywhere we turn in our consumer lives, our context is being used to provide a better experience. Sometimes this shows up in creepy ways like the time a certain cleaning product was mentioned in my kitchen and then I saw an ad for it on a website I was visiting. Was it just coincidence or did Alexa hear me talking about it and then make the recommendation to buy based on that data? Yes, some of this stuff can bit a little creepy and even concerning. However, I personally love the era of personalization which generally makes our lives better.

While this is happening everywhere in our personal lives, healthcare has been slow to adopt similar technologies. Far too often we’re treated in healthcare without taking into account the context of our needs. Sometimes this is as simple as a healthcare provider not taking time to look at the chart. Other times we deny patients request that we add their medical record to our own record or we store it in a place where no one will ever actually access it.

Those are just the basic ways we don’t use context to help us better serve patients. More advanced ways are when we deny patients the opportunity to share their patient generated health data or we don’t use the health data they’re providing. Many people are working on pushing out social data which can provide a lot of context into why a patient is experience health issues or how we could better treat them. This is only going to grow larger, but we’re doing a poor job finding ways to seamlessly incorporate this data into the care that’s being provided.

One of the big challenges of AI is that it has a hard time understanding context. However, humans have a unique ability to include context in the decisions they make. Our interfaces should take this into account so that humans have the information they need to be able to make the proper contextual decisions. At least until the robots get smart enough to do it themselves.

Have you seen other places where healthcare didn’t use the context of the situation and should have used it? How about examples where we use context very effectively?