Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Healthcare Ransomware

Posted on May 8, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Health Data Management has a nice article up with insights on healthcare ransomware from GreyCastle Security’s CEO, Reg Harnish. Reg made a great case for why healthcare is seeing so much ransomware:

He contends that healthcare isn’t any more vulnerable to ransomware than other industries. But Harnish observes that—given the value of patient data and medical records—providers are the focus of cyber criminals who are targeting them with file-encrypting malware.

“You take their data away, and it literally threatens lives, patient safety and patient care, so they are much more likely to pay a ransom,” he adds.

I think healthcare organizations do respond differently to ransomware than other organizations and that makes them more vulnerable to an attack since many healthcare organizations feel it’s their obligation to maintain patient safety and that the ransom is worth the money so they can do no harm to patients.

Reg also addressed whether paying the ransom in a ransomware incident was a good idea (it’s not):

On the question of whether or not organizations should give in to the demands of cyber criminals using ransomware, Harnish says that GreyCastle never recommends paying a ransom. “There’s no guarantee that the ransom will work,” he warns. “If you pay the ransom, you may not get decryption keys. And even if you do get decryption keys, they may not be the right ones.”

Further, Harnish cautions that those organizations that pay a ransom then get put on a list of victims who have complied with ransomware demands. As a result, he says they are much more likely to be targeted again as a “paying” customer. “None of our clients have ever paid a ransom,” he adds.

I agree that in 98% of cases, paying the ransomware is a bad idea. Plus, every healthcare organization that pays the ransomware makes it worse for other healthcare organizations. Instead, the key is to have a great backup and disaster recovery strategy if and when ransomware occurs in your organization.

As Reg also points out, ransomware most often comes into your organization through your users. So, it’s worth the investment to educate your end users on possible hacking/ransomware attempts. Education isn’t perfect, but it can help decrease your chances of a ransomware incident.

Employer Health Biosensor Cartoon – Fun Friday

Posted on May 5, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re back again with our Fun Friday series of posts A little humor to start off your weekend. Although, we always try to include a simple lesson, insight or perspective with the cartoon as well. This week we tapped into another Dilbert cartoon which highlights the health sensor craze.

The irony of this cartoon is that the reality is the opposite. Most employees think that their employer wants all this data to screw them over (or some other negative thing) and most employers do very little with the data. The most advanced companies are trying to leverage it for lower insurance rates. Not much more from my experience.

I wouldn’t be so generous to employers to say that they do it because they care so much about their employees health either. They do care about their employees health because absent employees hurt business. Plus, unhealthy employees cost employers a lot of money. Too cynical for a Fun Friday? Maybe, but the cartoon is still pretty funny.

Long story short, we have a lot of work to do to make health data tracking something that everyone wants to do.

Software Choice Is Not the Key Success Factor

Posted on May 4, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As I look across the EHR market and think about the hundreds of healthcare organizations I’ve talked to, it’s become abundantly clear to me that the software you choose has very little to do with whether you’ll have a successful EHR implementation.

One way to illustrate this is to look at the EHR marketplace. Every single EHR out there has healthcare organizations successfully using their product. Sure, we could get into the nitty gritty of how hard it was to implement. We could dive into how one EHR may have an advantage in one area over another, but then the opposite is likely to occur in another area. The reality is that there are pros and cons to every EHR system out there. The real question isn’t can you successfully implement that EHR, but what are the problems you’re likely to have with the EHR you select.

Yes, all EHRs have problems.

I love the whitepaper that my sponsor, The Breakway Group put together on “Leadership Insights: Gaining Value from Technology Investments.” It’s worth reading the whole whitepaper, but one of the key insights from their research is that the biggest determining factor in a successful EHR implementation is leadership. Leadership matters more than anything else…even the software you choose.

I’m sure that many of you are looking at your EHR implementation and wondering if you agree with this insight or not. It’s easy to think about how the EHR selection process influences a successful implementation or not. If you get buy-in to the EHR selection process, then the EHR implementation goes much smoother. Others of you might be thinking about the process you used to implement the EHR and how that was extremely important to your successful (or not successful if you had a bad process) EHR implementation. I’m sure there are many more.

While these two items and many more influence a successful EHR implementation, what so many people miss is that each of these things mentioned is dramatically influenced by having an effective leader at the helm.

A great leader ensures that there’s buy-in by the staff during the EHR selection process. A great leader makes sure that the EHR is implemented in a way that is effective and takes into account the needs of the organization. We could go on and on. Great leadership will inspire everyone that’s involved in the EHR implementation. Nothing is more important.

Many of you reading this will probably look back and know all the issues you had in your EHR implementation that led to what you might considered a failed EHR implementation. You may even wish that you’d had the right leaders to avoid these problems. If that’s the case, the solution is still the same. A great leader can inspire an organization to overcome past failures and lead an organization down a path to make their EHR useful.

I think that organizations are finally realizing that EHR implementations aren’t a one time event. The EHR go-live is an important event, but it’s really just the start of the ongoing optimization that’s required to make the software as useful as possible for an organization. This takes thoughtful planning and you got it…inspired leadership.

Cybersecurity, MACRA, MIPS, HIPAA, and PCMH Training Workshops

Posted on May 3, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been partnered with 4MedApproved for a long time offering healthcare IT training courses to my users. If you subscribe to a Healthcare Scene email list, then you’ve probably seen some emails offering a great discount on their training courses. 4Med really tries hard to listen to the community and create courses that are valuable to the healthcare IT professional.

They just sent me their list of upcoming courses and I was really impressed with the wide variety of courses that they’re offering between now and the end of July. Here’s a look a the courses they’re offering:

The good news is that by using any of the links above you’ll get a discount off of each of the courses for being a Healthcare Scene reader. Each of the above sessions is available as a live online training where you can ask the trainer questions. Also, if you miss one of the live sessions, then the recording will be made available to you after the event.

Also, for many of the courses, CEU are available to those who need them.

You can see on the list above that some of the most popular courses are around MACRA and healthcare security. Both are hugely important topics and there’s a lot of information to cover for both topics. If you’re dealing with either of them (which is most of you), these courses are a great resource for you to get up to speed on the latest.

Precision Health 101: Understanding the Keys to Value – #HITsm Chat Topic

Posted on May 2, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 5/5 at Noon ET (9 AM PT). This week’s chat will be hosted by Bob Rogers (@ScientistBob) from @IntelHealth on the topic of “Precision Health 101: Understanding the Keys to Value”.

Precision health starts with personalized diagnosis and precision treatment planning. That’s why leading edge health systems are making health more precise at the individual patient level. This approach is a dramatic shift from the “one-size-fits-all” model of treatment and has shifted the conversation to the uniqueness of each person, down to “DNA fingerprint” that is fueling an individual’s disease.

In this Twitter chat, join the discussion with Bob Rogers, chief data scientist at Intel Corporation, about the definition of precision health, where it’s being utilized today, and what healthcare CIOs should be thinking about now to make personalized care a reality.

Join us on Friday May 5th at 12:00pm ET as we discuss the following questions on #HITsm:

The Questions
T1: What is your definition of precision health? #HITsm

T2: Where are you seeing precision health thriving? #HITsm

T3: What’s holding back our efforts in precision health? What changes need to be made? #HITsm

T4: What should an organization be doing to prepare for and participate in precision health?  #HITsm

T5: What benefits would a patient see from precision health? #HITsm

Bonus: How will data and analytics impact precision health? #HITsm

Upcoming #HITsm Chat Schedule
5/12 – Accelerating Decision-Making in Healthcare: How Health Systems Choose Innovative Decisions
Hosted by Bruce Brandes from Lucro Solutions

5/19 – Patient Education Using Healthcare Social Media
Hosted by Anne Zieger (@annezieger)

5/26 – TBD
Hosted by Chad Johnson (@OchoTex)

We look forward to learning from the #HITsm community! As always let us know if you have ideas for how to make #HITsm better.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

The Government EHR Mess – Coast Guard Publishes EHR RFI – VA Looking to Replace Vista

Posted on May 1, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

If you’re like me and enjoy a little inside baseball in the EHR world, then you have to watch what’s going on with EHR use in the government. In many ways, it’s like passing that car wreck on the freeway. There’s no way you can pass by without taking a look and seeing what’s gone on and what’s still going on. You want to know what’s happening.

A car wreck might be an apt comparison since we’re talking about the various government EHR situations. For those who haven’t followed this as closely, here’s a quick recap.

The DoD had the awful AHLTA EHR system. The VA had (and still has) their own homegrown VistA EHR system which most users seem to like. After a bunch of political jousting back and forth, the DoD did a $9+ billion RFP and finally selected Cerner EHR (although, Leidos was really the lead company and much of the $9 billion was going to them and not Cerner).

Meanwhile, the Coast Guard had selected Epic as their EHR. Long story short, things didn’t work out and the Coast Guard stopped implementing Epic and went back to paper. Yes, I said that right. They had to go back to paper.

Near the start of 2017, word came out that the VA was likely to replace their current VistA EHR with a commercial EHR replacement. That process is ongoing.

In the last week, the Coast Guard published their RFI to purchase an EHR. I guess that’s the final nail in the coffin for Epic at the Coast Guard.

I’m sure I’m leaving out some other government organizations that have EHR or are looking for an EHR. However, these are some of the high profile ones. As we sit here today, the question remains, which EHR will the VA and Coast Guard choose?

The obvious choice to everyone watching this is that the VA and Coast Guard and every other government organization that needs an EHR should go with Cerner. Interoperability between the DoD and VA has been awful and you’d think that having one EHR would help that situation. Plus, shouldn’t the VA be able to benefit from the experience the DoD has had implementing Cerner already? Not to mention, shouldn’t the VA and Coast Guard be able to get a discount from Cerner for bundling the purchase or does that not happen with $8 billion purchases.

The problem is that most of us (including me) don’t know all the politics at play. What seems completely obvious to us outside observers misses many of the political and cultural nuances at play in this situation. I’m not saying those nuances are right or accurate, but you can be sure that the EHR selection decision is going to have a lot of people chiming in with their own personal biases.

One simple example that’s easy to understand is you could see the VA making the case for why they should go with a commercial version of the VistA EHR that they’re already familiar within their organization. It’s hard for me to see them making this decision, but you can see why one could make a pretty solid argument for why choosing a commercial version of VistA would be a good idea.

When it comes to the interoperability potential I mentioned above, it’s sad to ask, but is having all of these organizations on the same EHR really that much better? We’re not talking about the government implementing a single instance EHR that’s shared across all organization. That would never happen, so even if the DoD and VA both buy from Cerner, they’re still going to need an interface between the systems. This should be presumably easier, but you can be sure it’s not going to be as turnkey as one might imagine it to be.

No doubt we’ll be watching to see what the Coast Guard and VA decide. Which EHR do you think they’ll choose? Which EHR should they choose and why? I look forward to hearing your thoughts in the comments.

Advance Directive Comic – Fun Friday

Posted on April 28, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

A reader recently emailed us that they were missing our Fun Friday comics. We try to do them as much as we can, but sometimes don’t have a great one to share. However, we aim to please, so we made an extra effort to make sure we had a Fun Friday post for you this week. Thanks for the inspiration and we hope others enjoy this humorous start to the weekend.

Dilbert is always a great place for us to go for great comics. Scott Adams is incredible at what he does. So, here’s one of his comics about advanced directives.

I thought this comic was poignant because I recently had a call with my mom where we started talking about some of these things. I suggested next time I was visiting them that we should get my other siblings together and have the not so fun, but extremely important talk. We’re not getting any younger and I’ve seen how awful it can be when you don’t know someone’s wishes.

To tie the topic back into the blog, I’d love to see advanced directives easily integrated with every EHR software out there. It’s a shame that this isn’t a feature of every EHR and there’s not a great way to share your advanced directives with every EHR. There’s no competitive reason not to share this info between organizations. Not that I’m complaining…

More Vendors, Providers Integrating Telemedicine Data With EHRs

Posted on April 27, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

One of the biggest problems providers face in rolling out telemedicine is how to integrate the data it generates. Must doctors make some kind of alternate set of notes appropriate to the medium, or do they belong in the EHR? Should healthcare organizations import the video and notate the general contents? And how should they connect the data with their EHR?

While we may not have definitive answers to such questions yet, it appears that the telehealth industry is moving in the right direction. According to a new survey by the American Telemedicine Association, respondents said that they’re seeing growth in interoperability with EHRs, progress which has increased their confidence in telemedicine’s future.

Before going any further, I should note that the surveyed population is a bit odd. The ATA reached out not only to leaders in hospital systems and medical practices, but also “telehealth service providers,” which sounds like merely an opportunity for self-promotion. But leaving aside this issue, it’s still worth thinking a bit about the data, such as it is.

First, not surprisingly, the results are a ringing endorsement of telemedicine technology. The group reports that 83 percent of respondents said they’ll probably invest in telehealth this year, and 88 percent will invest in telehealth-related technology.

When asked why they’re interested in delivering these services, 98 percent said that they believe telehealth services offer a competitive advantage over those that don’t offer it. And 84 percent of respondents expect that offering telehealth services will have a big impact on their organization’s coverage and reach.

(According to another survey, by Avizia and Modern Healthcare, other reasons providers are engaging with telehealth is because they believe it can improve clinical outcomes and support their transition to value-based care.)

When it comes to documenting its key thesis – that the integration of EHR and telehealth data is proceeding apace – the ATA research doesn’t go the distance. But I know from other studies that telemedicine vendors are indeed working on this issue – and why wouldn’t they? Any sophisticated telemedicine vendor has to know this is a big deal.

For example, telemedicine vendor American Well has been working with a long list of health plans and health systems for a while, in an effort to integrate the telehealth process with provider workflows. To support these efforts, American Well has created an enterprise telehealth platform designed to connect with providers’ clinical information systems. I’ve also observed that DoctorOnDemand has made some steps in that direction.

Ultimately, everyone in telehealth will have to get on board. Regardless of where they’re at now, those engaging in telehealth will need to push the interoperability puck forward.

In fact, integrating telehealth documentation with EMRs has to be a priority for everyone in the business. Even if integrating clinical data from virtual consults wasn’t important for analytics purposes, it is important to collecting insurance reimbursement. Now that private health plans (and Medicare) are reimbursing for telemedical care, you can rest assured that they’ll demand documentation if they don’t like your claim. And when it comes to Medicare, arguing that you haven’t figured out how to document these details won’t cut it.

In other words, while there’s some overarching reasons why integrating this data is a good long-term strategy, we need to keep immediate concerns in mind too. Telemedicine data has to be seen as documentation first, before we add any other bells and whistles. Otherwise, providers will get off on the wrong foot with insurers, and they’ll have trouble getting back on track.

Patients Message Providers More When Providers Reach Out

Posted on April 26, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study has concluded that patients use secure electronic messaging more when their primary care providers initiate and respond to secure messages.

To conduct the study, the research team worked a large database stocked with information on health care transactions and secure messaging records on 81,645 US Army soldiers. The data also included information from almost 3,000 clinicians with access to a patient portal system. The dataset encompassed the 4-year period between January 2011 and November 2014.

The data, which appears in a paper published in the Journal of Medical Internet Research, suggests that current provider-patient exchanges via secure messaging aren’t that common. For example, during the study period just 7 percent of patients initiated a secure message during a given month. Meanwhile, Providers initiated an average of 0.007 messages per patient each month, while responding to 0.09 messages per patient during a month.

That being said, when physicians got more engaged with the messaging process, patients responded dramatically.

Patients who knew their providers were responsive initiated a whopping 334 percent more secure messages than their baseline. Even among patients whose providers responded infrequently to their messages, the level at which they initiated messages to their clinicians was 254 percent higher than with PCPs who weren’t responding. (Oddly, when PCP response rates were at the “medium” level, patients increased messaging by 167 percent.)

In fact, when clinicians communicated more, there seemed to be spillover effects. Specifically, the researchers found that patients messaged PCPs more if that provider was very responsive to other patients, suggesting that there’s a network effect in play here.

Meanwhile, when PCPs were the ones prone to initiating messages, patients were 60 percent more likely to send a secure message. In other words, patients were more energized by PCP responses than clinician-initiated messages.

Of course, for secure messaging to have any real impact on care quality and outcomes, a critical mass of patients need to use messaging tools. Historically, though, providers have struggled to get patients to use their portal, with usage levels hovering between 10 percent and 32 percent.

Usage rates for portals have stayed stubbornly low even when doctors work hard to get their patients interested. Even patients who have signed up to use the portal often don’t follow through, research suggests. And of course, patients who don’t touch the portal aren’t exchanging care-enhancing messages with their provider.

If we’re going to get patients to participate in messaging with their doctor, we’re going to have to admit that the features offered by basic portals simply aren’t that valuable. While most offer patients access to some details of their medical records and test results, and sometimes allow them to schedule appointments, many don’t provide much more.

Meanwhile, a surprising number of providers haven’t even enabled a secure messaging function on their portal, which confines it to being a sterile data receptacle. I’d argue that without offering this feature, portals do almost nothing to engage their typical patient.

Of course, physicians fear being overwhelmed by patient messages, and reasonably fear that they won’t have time to respond adequately. Even though many organizations including the research of Dr. CT Lin has shown this just isn’t the case. That being said, if they want to increase patient engagement – and improve their overall health – secure messaging is one of the simplest tools for making that happen. So even if it means redesigning their workflow or tasking advanced practice nurse with responding to routine queries, it’s worth doing.

Where Did You Start and How Did You Get Here? The Story of Your Healthcare Career Path – #HITsm Chat Topic

Posted on April 25, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 4/28 at Noon ET (9 AM PT). This week’s chat will be hosted by Lizzie Barrett (@eliztbarrett) on the topic of “Where Did You Start and How Did You Get Here? The Story of Your Healthcare Career Path”.

I’ve found that there is no ‘one answer’ when the question ‘What led you to a career in health IT?’ is asked. The paths that got each of us here are singular, and I think that point is best proven in hearing your stories.

Passions and pursuits are often times changed, molded, and shaped by experiences. We may all be in a similar place now, but the journeys that brought each of us here are our unique stories. The variety of these stories is what gives our industry its depth. The common interests and motivators are what create community. So let’s hear your story!

Join us on Friday April 28th at 12:00pm ET as we discuss the following questions on #HITsm:

The Questions
T1: Did you start your career in the healthcare IT space? If so, where? If not, where else? #HITsm

T2: What was the initial goal you set out to achieve once you found yourself in the healthcare industry? #HITsm

T3: Share a catalyzing moment/person that influenced the trajectory of your career. #HITsm

T4: What about your career has been (is) the biggest source of energy/inspiration for you? #HITsm

T5: Which curiosities continue to motivate you and drive your work? #HITsm

Bonus: If you weren’t working in healthcare, where would you be working? #HITsm

Upcoming #HITsm Chat Schedule
5/5 – Precision Health 101: Understanding the Keys to Value
Hosted by Bob Rogers (@ScientistBob) from @IntelHealth

5/12 – Accelerating Decision-Making in Healthcare: How Health Systems Choose Innovative Decisions
Hosted by Bruce Brandes from Lucro Solutions

5/19 – Patient Education Using Healthcare Social Media
Hosted by Anne Zieger (@annezieger)

5/26 – TBD
Hosted by Chad Johnson (@OchoTex)

We look forward to learning from the #HITsm community! As always let us know if you have ideas for how to make #HITsm better.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.