Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Machine Learning, Data Science, AI, Deep Learning, and Statistics – It’s All So Confusing

Posted on November 30, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

It seems like these days every healthcare IT company out there is saying they’re doing machine learning, AI, deep learning, etc. So many companies are using these terms that they’ve started to lose meaning. The problem is that people are using these labels regardless of whether they really apply. Plus, we all have different definitions for these terms.

As I search to understand the differences myself, I found this great tweet from Ronald van Loon that looks at this world and tries to better define it:

In that tweet, Ronald also links to an article that looks at some of the differences. I liked this part he took from Quora:

  • AI (Artificial intelligence) is a subfield of computer science, that was created in the 1960s, and it was (is) concerned with solving tasks that are easy for humans, but hard for computers. In particular, a so-called Strong AI would be a system that can do anything a human can (perhaps without purely physical things). This is fairly generic, and includes all kinds of tasks, such as planning, moving around in the world, recognizing objects and sounds, speaking, translating, performing social or business transactions, creative work (making art or poetry), etc.
  • Machine learning is concerned with one aspect of this: given some AI problem that can be described in discrete terms (e.g. out of a particular set of actions, which one is the right one), and given a lot of information about the world, figure out what is the “correct” action, without having the programmer program it in. Typically some outside process is needed to judge whether the action was correct or not. In mathematical terms, it’s a function: you feed in some input, and you want it to to produce the right output, so the whole problem is simply to build a model of this mathematical function in some automatic way. To draw a distinction with AI, if I can write a very clever program that has human-like behavior, it can be AI, but unless its parameters are automatically learned from data, it’s not machine learning.
  • Deep learning is one kind of machine learning that’s very popular now. It involves a particular kind of mathematical model that can be thought of as a composition of simple blocks (function composition) of a certain type, and where some of these blocks can be adjusted to better predict the final outcome.

Is that clear for you now? Would you suggest different definitions? Where do you see people using these terms correctly and where do you see them using them incorrectly?

The Present Bias Problem with Medication Adherence

Posted on November 29, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I recently met Matthew Loper, the founder of a startup company called Wellth. The company is using behavioral economics to improve healthcare outcomes. They’re literally paying patients cold hard cash to take their medications. Plus, they have some pretty cool technology that uses just the smart phone to track medication adherence.

I must admit that I’ve seen hundreds of medication compliance companies over the years. While the approach each took was intriguing, all of them seemed to have some major obstacle to adoption. Some were too expensive. Some would never be adopted by patients. Some would never be adopted by healthcare providers, etc.

With this in mind, I was intrigued by a few slides that Matthew Loper from Wellth showed me about the medication adherence market and why the startups in that space have had limited success to date. First, he started off with this slide which illustrated the problem:

I’m not sure I agree totally with the concept of chronic patients not doing what’s rational. Instead, I think this slide illustrates that many chronic patients make short term versus long term decisions when it comes to their care. No doubt these short term decisions are very rational decisions in their minds. However, this data illustrates the Present Bias problem we have with medication adherence.

Matthew’s next slide illustrated really well how most current medication adherence solutions don’t solve the present bias problem:

I thought this slide categorized the medication adherence companies I’ve seen really well. It also explains why most of them aren’t very effective. Then, Matthew went on to suggest that paying patients to adhere to their care plan does overcome the Present Bias challenge:

You can talk with Wellth if you want to get more details on their work and the results of their pilots. It’s still early in their journey, but the concept seems to be producing some quality results. Plus, I love their efforts to use the cash incentive long enough to create a habit which then is sustained well after the payments stop. Pretty fascinating approach.

No doubt there are a lot more complexities associated with medication adherence. For example, this approach doesn’t take into account people who are motivated by money. However, it’s surprising how even rich people want to get a good deal. It will also take some time to see how much money is required to truly motivate someone to be compliant and if that cost is less that the amount of money saved. Not to mention, how do you even quantify how much money was saved when someone is more adherent to their care plan.

These challenges aren’t unique to Wellth, but to every healthcare IT solution working on this problem. It’s also why many of them have a hard time making the case for their solution. Turns out that purchasers of these solutions have a present bias problem as well. However, as more studies are done and as we get better at tracking a patient’s health, we’ll better be able to understand the long term benefits of things like medication adherence.

What do you think of Wellth’s approach to medication adherence? Should we be paying patients when they adhere to their care plan?

Using Technology to Fight EHR Burnout – #HITsm Chat Topic

Posted on November 28, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re excited to share the topic and questions for this week’s #HITsm chat happening Friday, 12/1 at Noon ET (9 AM PT). This week’s chat will be hosted by Gabe Charbonneau, MD (@gabrieldane) on the topic of “Using Technology to Fight EHR Burnout.”

We live in confusing times. The marriage of technology and medicine is on the cusp of game changing breakthroughs. There is so much promise with deep learning/AI, big data, and the exponential growth in processing speed and storage, just to name a few. So, how is it that we are yet to get out of the dark ages when it comes to the EHR?

Physician burnout is a real problem. It seems like there is a new article put out weekly on the topic. Study after study points fingers of blame at the EHR. The pain from data entry and systems that don’t flow for clinicians is at an all time high. “Too many clicks”, and too many docs spending “pajama time” charting at home.

It has to get better.

While tech has been identified as a top contributor to the problem, it also has the potential to be a huge part of the solution.

Join us as we dive into this topic during this week’s #HITsm chat using the following questions.

Topics for This Week’s #HITsm Chat:

T1: Why is the EHR such a major driver of burnout in medicine? We’ve heard the common answers of “too many clicks” and increased clerical burden, but what else? Let’s dig deeper. #hitsm

T2: Who is happiest with their EHR and why? What can we learn from them? #hitsm

T3: What current technologies are the best for reducing EHR burnout? #hitsm

T4: What is the most exciting emerging technology for decreasing EHR burnout? #hitsm

T5: When should we expect to see the first wave of major improvements in EHR user experience for clinicians? What will it look like? #hitsm

Bonus: How can we take steps today to start moving the burnout needle in the right direction? #HITsm

Upcoming #HITsm Chat Schedule
12/8 – EHR, Patient Portals and OpenNotes: Making OpenNotes Work Well
Hosted by Homer Chin (@chinhom) and Amy Fellows (@afellowsamy) from @MyOpenNotes)

12/15 – What’s holding HealthIT from soaring to the Cloud?
Hosted by David Fuller (@genkidave)

12/22 – Holiday Break

12/29 – Holiday Break

We look forward to learning from the #HITsm community! As always, let us know if you’d like to host a future #HITsm chat or if you know someone you think we should invite to host.

If you’re searching for the latest #HITsm chat, you can always find the latest #HITsm chat and schedule of chats here.

Vanderbilt Disputes Suggestion That Larger Hospitals’ Data Is Less Secure

Posted on November 27, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Ordinarily, disputes over whose data security is better are a bit of a snoozer for me. After all, if you’re not a security expert, much of it will fly right over your head, and that “non-expert” group definitely includes me. But in this case, I think the story is worth a closer look, as the study in question seems to include some questionable assumptions.

In this case, the flap began in June, when a group of researchers published a study in JAMA Internal Medicine which laid out analysis of HHS statistics on data breaches reported between late 2009 to 2016. In short, the analysis concluded that teaching hospitals and facilities with high bed counts were most at risk for breaches.

Not surprisingly, the study’s conclusions didn’t please everyone, particularly the teaching-and high-bed-count hospitals falling into its most risky category. In fact, one teaching hospitals’ researchers decided to strike back with a letter questioning the study’s methods.

In a letter to the journal editor, a group from Nashville-based Vanderbilt University suggested that the study methods might hold “inherent biases” against larger institutions. Since HHS only requires healthcare facilities to notify the agency after detecting a PHI breach affecting 500 or more patients, smaller, targeted attacks might fall under its radar, they argued.

In response, the authors behind the original study admitted that the with the reporting level for PHI intrusions starting at 500 patients, larger hospitals were likely to show up in the analysis more often. That being said, the researchers suggested, large hospitals could easily be a more appealing target for cybercriminals because they possess “a significant amount of protected health information.”

Now, I want to repeat that I’m an analyst, not a cybersecurity expert. Still, even given my limited knowledge of data security research, the JAMA study raises some questions for me, and the researchers’ response to Vanderbilt’s challenge even more so.

Okay, sure, the researchers behind the original JAMA piece admitted that the HHS 500-patient threshold for reporting PHI intrusions skewed the data. Fair enough. But then they started to, in my view at least, wander off the reservation.

Simply saying that teaching hospitals and hospitals with more beds were more susceptible to data breaches simply because they offer big targets strikes me as irresponsible. You can’t always predict who is going get robbed by how valuable the property is, and that includes when data is the property. (On a related note, did you know that older Toyotas are far more likely to get stolen than BMWs because it’s easier to resell the parts?  When I read about that trend in Consumer Reports it blew my mind.)

Actually, the anecdotes I’ve heard suggests that the car analogy holds true for data assets — that your average, everyday cyber thief would rather steal data from a smaller, poorly-guarded healthcare organization then go up against the big guns that might be part of large hospitals’ security armament.

If nothing else, this little dispute strongly suggests that HHS should collect more detailed data breach information. (Yes, smaller health organizations aren’t going to like this, but let’s deal with those concerns in a different article.) Bottom line, if we’re going to look for data breach trends, we need to know a lot more than we do right now.

Happy Thanksgiving!

Posted on November 23, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’re taking the day off here at Healthcare Scene, but we wanted to wish all of our readers a Happy Thanksgiving. My day is filled with football, family, food, and fun which makes me very happy. I hope each of you get to celebrate Thanksgiving in a way that’s special to you.

At Healthcare Scene we feel extremely grateful to work in an industry where what we do really matters. We’re thankful for the thousands of readers who support the work we do and are working hard every day to improve the lives of patients. That’s a beautiful and powerful thing.

Happy Thanksgiving to all of you and thank you for all you do for patients!

AMA Connects Doctors With Health IT Ventures

Posted on November 22, 2017 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Maybe I’m wrong, but the following strikes me as coming straight from the Redundancy Department of Redundancy…but let’s see. Maybe I’m just being mean. Or maybe it’s because I just couldn’t taste The Rainbow in my last package of Skittles.

Anyway, recently AMA announced the launch of an online platform, the Physician Innovation Network (PIN), designed to connect physicians together with health tech firms.

The PIN will give HIT companies will have a straightforward channel for collecting physician input on the products and services they’re developing. The health IT ventures will also be able to search for physicians who have the expertise they need and are willing to exchange information with them. Meanwhile, the platform will help physicians to find paid and volunteer opportunities to work with health tech companies to work with the health take ventures that suit them.

In recent years, the AMA has taken several steps to bring the world of health IT and physicians closer together. Most recently, the trade group announced that it had created a data standardization organization known as the Integrated Health Model Initiative. The physician group and its partners say the new data model will include clinically-validated data elements designed to speed up the development of improved data organization, management, and analytics.

Its other HIT initiatives include:

  • Co-founding Health2047, a company designed (like PIN) to bring together physicians with established healthcare companies and help them launch useful services and products
  • Serving as one of four founding organizations behind Xcertia, an organization intended to foster knowledge about clinical content, usability, privacy, security and evidence of efficacy for mHealth apps
  • Managing a student-run biotechnology incubator in collaboration with Sling Health,

But what is there to say about PIN that distinguishes it from all of these efforts? It resembles Health2047, mais non? And what benefit does it add over LinkedIn? Specialty interest groups within the MGMA and HIMSS? AngelList? A giant digital corkboard and some virtual Post-It notes?

Don’t get me wrong, I know I’ve come down hard on the AMA’s product launch announcements rather often, perhaps too often. Depending on how it actually works, PIN may actually offer some incremental value over all of these other options. And hey, if the trade group wants to throw its money around, whom am I to say that they shouldn’t have at it.

The thing is, though, the AMA doesn’t work in a vacuum.

Look, as we all know, we’re absolutely drowning in initiatives and proposals and great new ideas for interoperability and the collection of consumer-generated health data. And don’t forget scoping out the best architecture for deploying two tin cans with a piece of string between them, getting budget approval from a Magic 8 Ball (signs point to no), and repurposing some BASIC code from a  Commodore 64 to develop your next mobile health app. (Yes, it tired me out to write that sentence but it was worth it.)

Silliness aside, when you have the kind of resources the AMA does, you want to the profession to say something meaningful when you open your mouth, professionally speaking. Other than that, you’re just sucking air out of the room that could be used for people with a differentiated idea in real value to deliver.  Hey, but other than that, the PIN announcement is just fine.

HIPAA May be the Least of Your Compliance Worries

Posted on November 21, 2017 I Written By

The following is a guest blog post by Mike Semel from Semel Consulting.  Check out all of Mike Semel’s EMR and HIPAA blog posts.

What requirements have you hidden away?

I visited a new healthcare client last week, and asked if anything in particular made them call us for help with their HIPAA compliance. They surprised me by saying that their insurance company had refused to sell them a cyber-liability/data breach insurance policy, after they saw the answers on our client’s application.

When was the last time you heard about an insurance company not selling a policy? That’s like McDonalds looking you over, and then refusing to sell you a Big Mac.

Our client was scared that they would have to risk the full financial burden of a data breach, which, based on the number of medical records they have, could exceed $10 million.

Everyone knows that HIPAA is a compliance requirement. But it isn’t the only one you should focus on. Use my definition of Compliance, which is, simply, having to do things required by OTHERS.

We personally deal with compliance requirements all the time. We stop at traffic lights. We have our car inspected. We fasten our seat belts. We empty our pockets at airport security. We pay our bills on time. At work, we wear an ID badge, show up on time, and park in an approved space. At home, we take our dirty shoes off before walking on the carpet. There are risks associated with NOT doing each of these things.

It can be a big mistake to focus so much on HIPAA that you forget other compliance requirements, including:

  • Other Federal and State Laws
  • Industry Requirements
  • License Requirements
  • Contractual Obligations
  • Insurance Requirements
  • Lawsuits

You should not take the narrow HIPAA approach, like buying a policy manual, using an online ‘We Make HIPAA Easy’ service, or think hiring out a Security Risk Analysis is going to make you compliant.

When we work with our clients, before we get started we help you identify all your compliance requirements.

OTHER FEDERAL REGULATIONS

Depending on the services you offer, you may be required to comply with other federal regulations, like Title 42, governing substance abuse treatment.

The Federal Trade Commission has come down hard on data breaches, including the controversial closure of a small medical lab. The FTC looks at patients as consumers, and considers a data breach to be an Unfair Business Practice because the organization losing the data failed to protect its consumers, and is in violation of its Notice of Privacy Practices.

STATE LAWS

Forty-eight states, plus DC and Puerto Rico, have data breach laws. Most states protect Personally Identifiable Information (PII), including driver’s license and Social Security numbers. Some states cover medical records, no matter who has them, while HIPAA only covers medical records held by certain types of organizations. Some of the state laws change the reporting requirements after a breach of patient records. For example, California requires patient notification within 15 days, instead of the 60-day maximum permitted by HIPAA.

Most states have separate laws requiring confidentiality of mental health, HIV, substance abuse, or STD treatment records. State attorneys general are willing to cross their state lines to protect the confidentiality of their voters.

We work with our clients to identify the states where your patients come from, not only where you are located. We build an Incident Management program that includes each applicable notification and reporting requirement.

INDUSTRY REQUIREMENTS

Industry requirements include PCI-DSS, the data security standards protecting credit card information. PCI stands for the Payment Card Industry. While not a law, if you don’t comply with PCI you can be prevented from accepting credit cards. What would that do to your bottom line and patient satisfaction?

LICENSING

Licensing requirements protecting patient confidentiality go back long before HIPAA, which became law in 1996. In 1977, 19 years before HIPAA, I became an Emergency Medical Technician (EMT). The first class I took was about maintaining confidentiality. After that, I knew that violating a patient’s confidentiality could cost me my license.

Think about your license, your certifications, even the Code of Ethics in your professional association. If I really wanted to get back at someone for violating my confidentiality, my first complaint would be to their licensing board, even before I submitted a complaint to their employer or the federal government. Losing your license may kill your career, and being investigated by your licensing board will certainly get your attention.

When you are justifying the costs related to Security and Compliance, be sure to quantify the effect on your income, lifestyle, and retirement, if you were to lose your license.

CONTRACTS

Many of our clients have signed contracts with other organizations, that include cyber security requirements as a contractual obligation to do business together. These contracts are often reviewed by attorneys, signed by executives, and then filed away. The requirements are not always communicated to the people on the front lines.

In 2012, Omnicell, a drug cart manufacturer, breached the records of 68,000 patients when an employee’s unencrypted laptop was stolen. The health systems – clients of Omnicell –  announced that Omnicell’s contract with them included a requirement that patient data would only be stored on encrypted devices. The loss of the laptop became a breach of contract discussion, not just a simple data breach.

My guess is that the contract was signed, and then just filed away. I don’t think Omnicell’s purchasing department was told it was supposed to order encrypted laptops for its field technicians. I don’t think its IT department knew it had a contractual obligation to install encryption on all laptops, and I doubt the field tech knew he was violating a contract when he transferred patient data to his unencrypted computer. Worse, no one who was aware of the contract requirements was auditing the company’s compliance.

During a recent client visit, I asked if our client had signed any contracts with their clients. She went through a list that included one of the top health systems in the country. I’m not a lawyer, but I asked to see the contract, because I knew the health system had included cyber security requirements as a contractual obligation with our other clients.

After a few minutes, she returned with the file folder containing the contract. I found the cyber security section, and read it to her. I asked if her company was meeting the requirements in the contract. She said no. I asked her what the future of her business would look like if they lost the business of one of the country’s leading health systems, because they breached their contract. She replied that her business probably would not survive.

We focused our project around meeting the specific requirements of their contract, not the vague and flexible requirements in HIPAA.

INSURANCE

Cyber Liability (also known as Data Breach) Insurance is a popular line of revenue for insurance companies. Unlike malpractice insurance, which assumes you will make a mistake, cyber insurance may only protect you if you are doing all the things you included on your insurance application. It may pay a claim only if you are doing everything correctly, and still suffer a breach. What you answer on the application may come back to haunt you.

In 2013, Cottage Health’s IT vendor accidently published a file server to the Internet, exposing patient information. Patients Googling themselves got back their medical records. The patients filed a class action suit, so Cottage Health brought in Columbia Casualty, their cyber liability insurance provider, to provide legal representation, and settle the claim.

The lawsuit was settled for $4.1 million, which was paid by Columbia Casualty. Columbia told Cottage Health that, even though it was making the payment, it still reserved its rights and would continue investigating the case.

Columbia Casualty then sued its own client, Cottage Health, to get the $ 4.1 million back. It said it determined that Cottage Health had made misstatements when it answered questions on the original policy application, including that it regularly maintained security patches on its devices. Columbia also said it should be excluded from losses because Cottage Health failed to continuously maintain the level of security stated on its application.

The lawsuit said that it did not matter if Cottage Health was mistaken, or had intentionally lied on the application.

As part of our assessments, we review insurance applications. When we work with our clients, we help you implement consistent programs to maintain the level of security you claim on your application.

LAWSUITS

While you don’t comply with a lawsuit, watching court cases can help you understand your risks and how to protect your organization.

Many people think that a HIPAA Notice of Privacy Practices is just a basic brochure you have to include with new patient paperwork. A patient is suing her doctor for negligence after her information was shared without her authorization. She claimed that the practice did not follow its Notice of Privacy Practices, and the Connecticut Supreme Court upheld that HIPAA can be used as a Standard of Care in a negligence suit.

Walgreen’s lost $1.44 million in a lawsuit after a pharmacist breached a customer’s confidentiality. Walgreens proved its pharmacist had received HIPAA training and had signed a confidentiality agreement. The company said it had done everything possible to prevent the breach. The jury disagreed.

By looking at law suits you can see that attorneys are using compliance requirements as the basis for claims. That can be scarier compared to the likelihood is that the federal government will make the effort to go after you.

LESSONS LEARNED

It’s really easy to focus just on HIPAA and think you are compliant. It’s also a mistake.

HIPAA is vague. It is flexible, giving you a lot of freedom to choose how to comply with the regulation. The ‘HIPAA-in-a-Box’ solutions can give you a false sense of Security and Compliance, because they are so narrowly focused.

The Federal Trade Commission can assess stronger penalties than the OCR, the federal agency that enforces HIPAA. The FTC has put businesses on 20-year monitored compliance programs. When we work with our clients, we help you create written evidence that your security policies and procedures are working.

State laws can change your patient reporting requirements. They also protect confidential information you have for your workforce members. Your Incident Management program can’t just focus on HIPAA.

Industry requirements can be very serious. Can you risk not accepting credit cards? Contact the merchant service that processes your cards to make sure you are complying with PCI-DSS.

Verify the reporting requirements of the entities that license your staff. You may have an obligation to report a breach to them, instead of waiting for someone to file a complaint.

Review the contracts you have in your files for cyber security requirements, and note any in new contracts you are about to sign. Make sure everyone in your organization who must comply with the contract requirements know about them.

You can’t buy insurance instead of doing the right things to protect data. However, if you do things right insurance may save you millions of dollars. You should review your policy application every quarter, and demand evidence from your IT department or vendor that you are in compliance with the policy requirements. Too much work? Would you rather have your insurance company fail to pay a multi-million-dollar claim?

Keep repeating to yourself, “Compliance isn’t just about HIPAA” and uncover the rest of your compliance requirements.

About Mike Semel

Mike Semel is a noted thought leader, speaker, blogger, and best-selling author of HOW TO AVOID HIPAA HEADACHES . He is the President and Chief Security Officer of Semel Consulting, focused on HIPAA and other compliance requirements; cyber security; and Business Continuity planning. Mike is a Certified Business Continuity Professional through the Disaster Recovery Institute, a Certified HIPAA Professional, Certified Security Compliance Specialist, and Certified Health IT Specialist. He has owned or managed technology companies for over 30 years; served as Chief Information Officer (CIO) for a hospital and a K-12 school district; and managed operations at an online backup company.

LTPAC – A Vibrant Hidden World

Posted on November 20, 2017 I Written By

Colin Hung is the co-founder of the #hcldr (healthcare leadership) tweetchat one of the most popular and active healthcare social media communities on Twitter. Colin speaks, tweets and blogs regularly about healthcare, technology, marketing and leadership. He is currently an independent marketing consultant working with leading healthIT companies. Colin is a member of #TheWalkingGallery. His Twitter handle is: @Colin_Hung.

PointClickCare, makers of a cloud-based suite of applications designed for long-term post acute care (LTPAC), recently held its annual user conference (PointClickCare SUMMIT) in sunny Orlando, Florida. The conference quite literally shone a light on the LTPAC world – a world that is often overlooked by those of us that focus on the acute care side of healthcare. It was an eye-opening experience.

This year’s SUMMIT was the largest in the company’s history, attracting over 1,800 attendees from skilled nursing providers, senior living facilities, home health agencies and Continuing Care Retirement Communities. Over the three days of SUMMIT I managed to speak to about 100 attendees and every one of them had nothing but praise for PointClickCare.

“I couldn’t imagine doing my work without PointClickCare. I wouldn’t even know where to start if I had to use paper.”

“I don’t want to go back to the days before we had PointClickCare. We had so much paperwork back then and I used to spend an hour or two after my shift just documenting. Now I don’t have to. I track everything in the system as I go.”

“PointClickCare lets us focus more on the people in our care. We have the ability to do things that would have been impossible if we weren’t on an electronic system. We’re even starting to share data with some of our community partners.”

Contrary to what many believe, not every skilled nursing provider and senior living facility operates with clipboards and fax machines. “That’s one of the biggest misconceptions that people have of the LTPAC market,” says Dave Wessinger, Co-Founder and CTO at PointClickCare. “Almost everyone assumes that LTPAC organizations use nothing but paper or a terrible self-built electronic solution. The reality is that many have digitized their operations and are every bit as modern as their acute care peers.”

According to a recent Black Book survey, 19 percent of LTPAC providers have now adopted some form of an Electronic Health Record (EHR) system. In 2016, Black Book found the adoption rate was 15 percent. The Office of the National Coordinator recently published a data brief that showed adoption of EHRs by Skilled Nursing Facilities (SNFs) had reached 64% in 2016.

Although these numbers are low compared to the +90% EHR adoption rate by US hospitals, it does indicate that there are many pioneering LTPAC providers that have jumped into the digital world.

“It’s fun to be asked by our clients to work with their acute care partners,” explains BJ Boyle, Director of Product Management at PointClickCare. “First of all, they are surprised that a company like PointClickCare even exists. They are even more surprised when we work with them to exchange health information via CCD.”

Boyle’s statement was one of many during SUMMIT that opened my eyes to the innovative technology ecosystem that exists in LTPAC. Further proof came from the SUMMIT exhibit hall where no less than 72 partners had booths set up.

Among the exhibitors were several that focus exclusively on the LTPAC market:

  • Playmaker. A CRM/Sales solution for post-acute care.
  • Hymark. A technical consultancy that helps LTPAC organizations implement and optimize PointClickCare.
  • Careserv. A LTPAC cloud-hosting and managed services provider.

And some with specialized LTPAC offerings:

  • Care.ly. An app that helps families coordinate the care of their elderly loved ones with senior care facilities.
  • McBee Associates. Financial and revenue cycle consultants that help LTPAC organizations.

I came away from SUMMIT with a newfound respect for the people that work in LTPAC. I also have a new appreciation for the innovative solutions being developed for LTPAC by companies like PointClickCare, Care.ly and Playmaker. This is a vibrant hidden world that is worth paying attention to.

Note: PointClickCare did cover travel expenses for Healthcare Scene to be able to attend the conference.

Measuring the Vital Signs of Health Care Progress at the Connected Health Conference (Part 3 of 3)

Posted on November 17, 2017 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous segment of this article covered one of the crucial themes in health care today: simplifying technology’s interactions with individuals over health care. This segment finishes my coverage of this year’s Connected Health Conference with two more themes: improved data sharing and blockchains.

Keynote at Connected Health Conference

Keynote at Connected Health Conference

Improved data sharing
The third trend I’m pursuing is interoperability. If data collection is the oxygen that fuels connected health, data sharing is the trachea that brings it where it’s needed. Without interoperability, clinicians cannot aid patients in their homes, analysts cannot derive insights that inform treatments, and transitions to assisted living facilities or other environments will lead to poor care.

But the health care field is notoriously bad at data sharing. The usual explanation is that doctors want to make it hard for competitors to win away their patients. If that’s true, fee-for-value reimbursements will make them even more possessive. After all, under fee-for-value, clinicians are held accountable for patient outcomes over a long period of time. They won’t want to lose control of the patient. I first heard of this danger at a 2012 conference (described in the section titled “Low-hanging fruit signals a new path for cost savings”).

So the trade press routinely and ponderously reports that once again, years have gone by without much progress in data sharing. The US government recognizes that support for interoperability is unsatisfactory, and has recently changed the ONC certification program to focus on it.

Carla Kriwet, CEO of Connected Care and Health Informatics at Philips, was asked in her keynote Fireside Chat to rate the interoperability of health data on a scale from 0 to 10, and chose a measly 3. She declared that “we don’t believe in closed systems at all” and told me in an interview that Philips is committed to creating integrated solutions that work with any and all products. Although Philips devices are legendary in many domains, Kriwet wants customers to pay for outcomes, not devices.

For instance, Philips recently acquired the Wellcentive platform that allows better care in hospitals by adopting population health approaches that look at whole patient populations to find what works. The platform works with a wide range of input sources and is meant to understand patient populations, navigate care and activate patients. Philips also creates dashboards with output driven by artificial intelligence–the Philips IntelliVue Guardian solution with Early Warning Scoring (EWS)–that leverages predictive analytics to present critical information about patient deterioration to nurses and physicians. This lets them intervene quickly before an adverse event occurs, without the need for logging in repeatedly. (This is an example of another trend I cover in this article, the search for simpler interfaces.)

Kriwet also told me that Philips has incorporated the principles of agile programming throughout the company. Sprints of a few weeks develop their products, and “the boundary comes down” between R&D and the sales team.

I also met with Jon Michaeli, EVP of Strategic Partnerships with Medisafe, a company that I covered two years ago. Medisafe is one of a slew of companies that encourage medication adherence. Always intensely based on taking in data and engaging patients in a personalized way, Medisafe has upped the sophistication of their solution, partly by integrating with other technologies. One recent example is its Safety Net, provided by artificial intelligence platform Neura. For instance, if you normally cart your cell phone around with you, but it’s lying quiet from 10:00 PM until 6:00 AM, Safety Net may determine your reason for missing your bedtime dose at 11:00 PM was that you had already fallen asleep. If Safety Net sees recurring patterns of behavior, it will adjust reminder time automatically.

Medisafe also gives users the option of recording the medication adherence through sensors rather than responding to reminders. They can communicate over Bluetooth to a pill bottle cap (“iCap”) that replaces the standard medicine cap and lets the service know when you have opened the bottle. The iCap fits the vast majority of medicine bottles dispensed by U.S. pharmacies and costs only $20 ($40 for a pack of 2), so you can buy several and use them for as long as you’re taking your medicine.

On another level, Mivatek provides some of the low-level scaffolding to connected health by furnishing data from devices to systems developed by the company’s clients. Suppose, for instance, that a company is developing a system that responds to patients who fall. Mivatek can help them take input from a button on the patient’s phone, from a camera, from a fall detector, or anything else to which Mivatek can connect. The user can add a device to his system simply by taking a picture of the bar code with his phone.

Jorge Perdomo, Senior Vice President Corporate Strategy & Development at Mivatek, told me that these devices work with virtually all of the available protocols on the market that have been developed to promote interoperability. In supporting WiFi, Mivatek loads an agent into its system to provide an additional level of security. This prevents device hacking and creates an easy-to-install experience with no setup requirements.

Blockchains
Most famous as a key technological innovation supporting BitCoin, blockchains have a broad application as data stores that record transactions securely. They can be used in health care for granting permissions to data and other contractual matters. The enticement offered by this technology is that no central institution controls or stores the blockchain. One can distribute the responsibility for storage and avoid ceding control to one institution.

Blockchains do, however, suffer from inherent scaling problems by design: they grow linearly as people add transactions, the additions must be done synchronously, and the whole chain must be stored in its entirety. But for a limited set of participants and relatively rate updates (for instance, recording just the granting of permissions to data and not each chunk of data exchanged), the technology holds great promise.

Although I see a limited role for blockchains, the conference gave considerable bandwidth to the concept. In a keynote that was devoted to blockchains, Dr. Samir Damani described how one of his companies, MintHealth, planned to use them to give individuals control over health data that is currently held by clinicians or researchers–and withheld from the individuals themselves.

I have previously covered the importance patient health records, and the open source project spotlighted by that article, HIE of One, now intends to use blockchain in a manner similar to MintHealth. In both projects, the patient owns his own data. MintHealth adds the innovation of offering rewards for patients who share their data with researchers, all delivered through the blockchain. The reward system is quite intriguing, because it would create for the first time a real market for highly valuable patient data, and thus lead to more research use along with fair compensation for the patients. MintHealth’s reward system also fits the connected health vision of promoting healthy behavior on a daily basis, to reduce chronic illness and health care costs.

Conclusion
Although progress toward connected health comes in fits and starts, the Connected Health Conference is still a bright spot in health care each year. For the first time this year, Partners’ Center for Connected Health partnered with another organization, the Personal Connected Health Alliance, and the combination seems to be a positive one. Certain changes were noticeable: for instance, all the breakout sessions were panels, and the keynotes were punctuated by annoying ads. An interesting focus this year was wellness in aging, the topic of the final panel. One surprising difference was the absence of the patient advocates from the Society for Participatory Medicine whom I’m used to meeting each year at this conference, perhaps because they held their own conference the day before.

The Center for Connected Health’s Joseph Kvedar still ran the program team, and the themes were familiar from previous years. This conference has become my touchstone for understanding health IT, and it will continue to be the place to go to track the progress of health care reform from a technological standpoint.

The Power of Combining Clinical & Claims Data

Posted on November 16, 2017 I Written By

The following is a guest blog by Monica Stout from MedicaSoft

Whether the goal is to improve outcomes or increase efficiency, the healthcare industry finds itself searching for more and better data to support its efforts. Clinical data provides substantial details on patient encounters, but it is often difficult to assemble and integrate data from more than one healthcare provider. Claims data is better at following a patient across multiple care providers, but lacks information on patient health status and outcomes. Individually, both sets of data tell helpful stories, from chronicling the cost of care to reflecting how medicine is practiced. Together, clinical and claims data provide a fuller picture of a patient’s interactions with health care systems, the costs involved, and the results achieved. This larger picture provides the information that healthcare providers and insurers can use to guide their actions.

Assembling this data and making it available in a useful framework remains challenging. Data is not always available from providers and payers. When data is available, it is often not standardized (a particular issue with clinical data), making analysis difficult. So, how do organizations avoid investing time and money in efforts that fail to produce meaningful results? How do you make the data useful and improve patient satisfaction, care quality, and drive down system costs?

  1. Better data sharing agreements. Both providers and payers need more stringent data sharing agreements in place as well as insistence that they receive good data from plans.
  2. Address data quality issues head-on. Use real experts armed with specific tools to address any data quality issues within an organization.
  3. Use technology to help. Clinical data platforms can aggregate and integrate data into clinically relevant patient records, and claims data platforms extract relevant information from the complexity of the underlying claims data. Further, new advanced platforms help integrate clinical and claims data to support meaningful analytics.

Bringing together clinical data and claims data in a form that supports a variety of tools and analytics is key to the efforts of both healthcare providers and payers to improve outcomes, quality, and cost. This integrated data approach will yield better results than can be achieved with clinical or claims data alone. Stakeholders can and should leverage both policy and technology to develop solutions that produce meaningful results.

Are you combining clinical and claims data in your organization? What value have you gotten out of doing so? Why aren’t you doing it if you’re not?

About Monica Stout
Monica is a HIT teleworker in Grand Rapids, Michigan by way of Washington, D.C., who has consulted at several government agencies, including the National Aeronautics Space Administration (NASA) and the U.S. Department of Veterans Affairs (VA). She’s currently the Marketing Director at MedicaSoft. Monica can be found on Twitter @MI_turnaround or LinkedIn.

About MedicaSoft
MedicaSoft designs, develops, delivers, and maintains EHR, PHR, and UHR software solutions and HISP services for healthcare providers and patients around the world. MedicaSoft is a proud sponsor of Healthcare Scene. For more information, visit www.medicasoft.us or connect with us on Twitter @MedicaSoftLLC, Facebook, or LinkedIn.