Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Being Honest About Your Reasons For Cybersecurity Decisions

Posted on August 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

This week, a team of McAfee researchers released a paper outlining a terrifying exploit. The paper describes, in great technical detail, how a malicious attacker could flip a cardiac rhythm display from 80 beats per minute to zero within less than five seconds.

This might not lead to severe harm or death, but it’s possible that other very negative outcomes could occur, notes Shaun Nordeck, MD, who’s quoted in the report. “Fictitious cardiac rhythms, even intermittent, could lead to extended hospitalization, additional testing, and side effects from medications prescribed to control heart rhythm and/or prevent clots,” he notes.

The paper does point out that if the bedside monitor is working normally, nurses have access to other accurate data, which could diminish the impact of such disruptions to some extent. However, the potential for adverse events is clearly higher than normal if someone scrambles a patient’s vitals.

Unfortunately, this is far from the only attack which wasn’t possible before connected devices became the norm. At various points, we’ve seen that pacemakers, insulin pumps and even MRIs can be hacked externally, particularly if their operating systems aren’t patched as required or haven’t put even basic security protections in place. (Think using “password” as a password.)

But while these vulnerabilities are largely known at this point, some healthcare organizations haven’t begun to tackle them. Solving these problems takes work, and costs money, The best-intentioned CIO might not get the budget to fix these problems if their CEO doesn’t see them as urgent.

Or let’s say the budget is available to begin the counterattack. Even if everyone agrees to tackle connected device vulnerabilities, where do we begin the counterattack? Which of these new connected health vulnerabilities are the most critical?  On the one hand, hacking individual pacemakers doesn’t seem profitable enough to attract many cybercriminals. On the other, if I were a crook I might see the threat of meddling with a hospitals’ worth of patient monitors to be a great source of ransom money.

And this brings us to some tough ethical questions. Should we evaluate these threats by how many patients would be affected, or how many of the sickest patients?  How do we calculate the clinical impact of vital signs hacking vs. generating inaccurate MRI results? To what extent should the administrative impact of these attacks be a factor in deciding how to defeat these challenges, if at all?

I know you’re going to tell me that this isn’t an all or nothing proposition, and that to some extent standard network intrusion detection techniques and tools will work. I’m not disputing this. However, I think we need to admit out loud that these kinds of attacks threaten individual lives in a way that traditional cyberattacks do not. For that reason, we need to get honest about who we need to protect — and why.

Healthcare Leaders See AI Tech In Their Future

Posted on July 30, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

You’ve probably noticed that the movement of healthcare AI from visionary to commonplace has already begun. There are endless examples I could cite to demonstrate this, but here’s a taste:

  • A UK hospital is delegating some tasks usually performed by doctors and nurses to AI technology
  • The AMA is working to set standards for physician use of AI
  • Competition between AI-based disease management players is increasing
  • New AI software can detect signs of diabetic retinopathy without involving a physician

Of course, anytime a technology seems poised to take over the world, there’s a voice in our head saying “Are you sure?” And we all know there are many flashes in the technology pan.

When it comes to AI, however, we may be on the brink of such widespread adoption that no one could argue that it hasn’t arrived. According to a recent Intel survey of U.S. healthcare leaders, AI will be in use across the healthcare spectrum by 2023.

The research, which was conducted in partnership with Convergys Analytics, surveyed 200 US healthcare decision-makers in April 2018 on their attitudes about AI. The survey also asked subjects what barriers still existed to industry-wide AI adoption.

First, a significant number of respondents (54%) said that they expected AI to be in wide use in the industry within the next five years. Also, a substantial minority (37%) said they already used AI, though most reported that such use was limited.

Among those organizations that use AI, clinical use accounted for 77%, followed by operational use (41%) and financial use (26%). Meanwhile, respondents whose organizations hadn’t adopted AI still seem very enthusiastic about its possibilities, with 91% expecting that it will offer predictive analytics tools for early intervention, 88% saying it will improve care and 83% saying it will improve the accuracy of medical diagnoses.

Despite their enthusiasm, however, many of those surveyed were sure they could trust AI just yet. More than one-third of respondents said that patients wouldn’t trust AI enough to play an active role in their care (and they are probably right, at least for now). Meanwhile, 30% assume that clinicians wouldn’t trust AI either, predicting that concerns over fatal errors would kill their interest. Again, that’s probably a good guess.

In addition, there’s the issue of the AI “black box” to bear in mind. Though Intel didn’t go into detail on this, both clinicians and healthcare executives are concerned about the way AI gets its job done. My informal research suggests that until doctors and nurses understand how AI tools have made their decisions — and what data influenced these decisions — it will be hard to get them comfortable with it.

2018 Practical Innovation Award Winner: ENGINUITY

Posted on July 25, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As the vision for the Health IT Expo came into view, we realized how valuable it was for the Health IT Expo community to learn about and share practical innovations that were happening in healthcare IT. As part of that effort, we announced the 2018 Practical Innovation Awards. Being the first year, we only had a short time to promote it and get the word out about it. With that said, we’re extremely pleased with the practical innovations that the 2018 Practical Innovation Award Winner has brought to the healthcare IT community and we’re excited to share those with you.

So, without further ado, we’re excited to announce the 2018 Practical Innovation Award Winner is ENGINUITY run by Kelly Del Gaudio, Principal Consultant, Galen Healthcare Solutions and was implemented at Freeman Health System, Valley Health System, and Canton – Potsdam Hospital System. This is a well-deserved honor for Kelly Del Gaudio and the team that worked on this project. Congratulations!

While awards and recognition are great, they don’t mean much if we don’t share the details of the practical innovations that won the award. In order to share more details about ENGINUITY (originally named Project Claire[IT]), we thought an interview with Kelly Del Gaudio would be a great way to share what they accomplished and hopefully help to spread their experiences, insights, and innovations.

Tell us about Project Claire[IT].  How was it started and who was involved?

Project Claire[IT] was what we originally called ENGINUITY. It was a project in honor and memory of my friend and Rule writing mentor at MEDITECH, Claire Riemer. Claire was the original pioneer of the MEDITECH rules engine and led the Clinical Content group there for many years.

The idea for this project started about a few months after I came on as the Principal Consultant for MEDITECH at Galen Healthcare Solutions. Since I had a lot of experience with the MEDITECH Rules engine from people like Claire, and working on a Clinical Optimization Performance Team during my 10 years at the “Tech”, I decided to host a free “Rule Writing 101” webinar that would give users a basic understanding of the MEDITECH Rules engine and offer tips and tricks on how to write some basic rules. We were surprised when we saw the signup list the day of the webinar (which ended up being our highest attended to date), and soon after, the flood gates opened with questions from MEDITECH users asking for help with Rules they’ve been stuck on for weeks, months and sometimes years!

Many of the questions we received were similar (people needing help with calculations, VTE compliance, Problem List Management etc) so we thought maybe we could streamline the process and write the complex rules that everyone seems to need for them; or as we call it: Doing their NerdyWork. Galen was no stranger to this as we have been successful in creating and delivering a similar solution to our Allscripts clients called eCalcs.

I knew I had the unique skill set to write the Rules that these customers needed, but not being a nurse or clinician by trade (although I can occasionally fake it til’ I make it) I knew I needed their help to understand exactly what their frustrations were from both a clinical and IT perspective. The only logical conclusion was to host a focus group, and so our first Galen Focus Group: Operation NerdyWork was born.

Operation NerdyWork was a group of nine MEDITECH hospitals all running MEDITECH’s 6.x/6.1 or higher platform. They represented various areas of the country, from cities to rural/remote, from large Health Systems to small Critical Access satellites. It seems that no matter how big (or small) your IT staff was, the Rules Engine was a bit of a black box for everyone.

Here is our elite nine:

  • Catholic Health Initiatives
  • Salinas Valley Medical Center
  • Randolph Hospital
  • Uvalde Memorial Medical Center
  • Freeman Health System
  • Canton-Potsdam Hospital
  • Peterson Reginal Medical Center
  • Calvert Memorial Hospital
  • Parkview Medical Center

These groups offered their time on Thursdays during the winter of 2016 and provided us with valuable insights into the world of a MEDITECH doctor, nurse, care provider, or pharmacist. From their list of frustrations, we got to work building better, rule driven workflows that will save time, reduce clicks, increase compliance and patient safely and present users with much needed clinical decision support.

We decided to call our platform ENGINUITY because we use the MEDITECH Rules Engine to code a lot of our custom content. It’s also a derivative of the word ingenuity which is the quality of being inventive, clever, resourceful; thinking outside of the box. We pride ourselves on coming up with really clever ways to achieve something that may otherwise be “Working as Designed”. ENGINUITY continues to be crowdsourced and we receive suggestions every day from users of our content. MEDITECH customers drive the future direction of this product because hey, they’re the one that have to use it right?

What have been the practical benefits of this project?

Practical Innovation is all about solutions that can be implemented now that bring value to an organization. We think we are doing just that.

By streamlining the lengthy design process that many of these rules take to write and creating a plug and play solution that has been tested, validated, and thoroughly researched, we can confidently help hospitals achieve optimal compliance, increased patient and provider satisfaction, EMR confidence, realize revenue gains and so much more. If you wanted to implement some of these complex tools outside of ENGINUITY, not only would you need at least one full time dedicated FTE on these projects, but that person would need to have an advanced Rule writing skill set which is not easy to find. You would also need to keep those people on staff to troubleshoot Rules that are subject to change during much needed updates or future workflow changes.

I actually spoke with a client at last year’s MUSE conference who told me that their resident “Rules” person was about to retire so they stopped optimizing their system because she was the only one who could support it. I used this anecdote the next day at our official launch presentation and realized that this was more common than I thought. Rules are complex and there are a lot of unknowns but they are far and away the most efficient way to optimize the your MEDITECH system which is why everyone should have them!

ENGINUITY makes these options an affordable reality for many organizations that simply don’t have the time, capital or resources. The Galen team supports all of our content post-implementation, so our clients can worry about daily system support and education.  ENGINUITY customers also determine “what’s next” in our dev cycle and are always receiving the fruit of our development efforts keeping their system optimized, refreshed and functional for years to come.

What were the keys to success with this project? 

I attribute the success of this project to 5 main things.

  1. First, having a deep understanding of the technical underpinnings of the MEDITECH Rules Engine is crucial to the success of ENGINUITY. I have always been fascinated with trying to figure out this puzzle and I continue to learn more about it daily. For me, it’s fun; for most, its frustrating. Thank you Claire Riemer, Ginny Jacques and Nancy McGowan for teaching me this craft.
  2. Second, having the support of the Galen Healthcare Solutions team. They let me run with this idea to design, develop and mass deliver content to clients who need it and they’ve fully supported it through its infancy to now. We are KLAS ranked and on Modern HealthCare’s Best Places to Work for a reason and I know working at Galen was one of the best decisions I have ever made. I firmly believe that autonomy, support and confidence is really what helps innovation to thrive.
  3. Third, our focus group. They are the ones who brought the ideas to the table and got the ball rolling. Thank you Operation NerdyWork!
  4. Fourth, our ENGINUITY clients who push us and challenge us with new puzzles every day. Their challenges (though sometimes daunting) make us better in the long run.
  5. Finally, getting the word out in major healthcare IT publications! Having published articles that recognize our unique approach to customer collaboration and feature our MU3: Measure 3 content really help to spread the word about what we’re doing.

How does this project impact patients?

We put a lot of effort in the design process of a workflow to make it easy for the doctor/user to use. Many of our tools are “single-click” meaning that as soon as I “click” on something (a query or order) then the algorithm will “fetch” necessary data and bring that to the providers attention immediately. We can suggest, require, suppress or automate responses based on preexisting information which makes ENGINUITY very patient centric. This added clinical decision support is embedded directly into the MEDITECH system (not 3rd party) which significantly increases the confidence that users have in the messages they are receiving. We can then use a combination of hard stops, soft stops, alerts and audit trails to increase patient safety across the board.

We’re currently working on a case study of before and after Implementation of our VTE Compliance protocol, which was designed using the AHRQ’s Best Practice recommendations for VTE Prophylaxis compliance. It is estimated at increasing organizational compliance to over 90% which will significantly impact the lives of many surgical inpatients.

I also worked with some of our product development folks from our VitalCenter Online Archival team to create a way to have Rules evaluate patient Problems and drive care off the Problem List. From my research, this is not just a MEDITECH problem, (pun intended) but it spans across all EMRs leaving most Problem Lists “static”. We are changing that for our MEDITECH clients by driving and automating care off the Problem List making it a truly “dynamic” list.

You call the effort “Operation NerdyWork”.  What’s been your experience getting “nerds” together to collaborate on a solution like this?

Operation NerdyWork was all about bringing a diverse group of people together with some commonalities (trades, users of MEDITECH) and working together toward a common goal. Listening to each other’s pain points and sometimes even solving each other’s problems without my help at all (which was really fun to see). Everyone brought a unique voice to the table. As innovators, the best we can do is shut up and listen, hear what people want and develop what they need.

What practical advice would you give health IT professionals that will help them be more successful in their work?

Find something you’re good at, something you’re passionate about, something that keeps you up at night but also helps you rest easy knowing you could be a part of the solution. When you’ve found it then surround yourself with supportive people and get busy on the Nerdywork.

A big Congratulations to the 2018 Practical Innovation Award Winner: ENGINUITY

Company Supports Patient Data Sharing Via Blockchain

Posted on July 23, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

After a year in development, a tech startup has released a platform using blockchain to help patients share personal health records. The company, which was founded by former IMS Health exec Robert Chu, plans to sell their information to pharmaceutical companies without involving a third-party data broker.

Embleema, which built its software on the Ethereum smart-contract platform, is focused on delivering what it calls “real world evidence” to drug researchers.

Its blockchain-based app, which is known as PatientTruth, allows patients to pull provider CCDs and Fitbit data together in a single location. The idea here is that blockchain will permit patients to manage data sharing permissions far more securely and effectively than with other approaches.

When patients agree to share their data, they get crypto-tokens. Embleema, for its part, generates income by selling an anonymized version of that data to clinical researchers.

The company contends that its data offers significant advantages over traditional data sources include that it offers in individual rather than aggregate data. Having access to individual data allows drugmakers to monitor a given patient over time, which helps to improve research and drug development, it says.

On the whole, Embleema seems to have a smart business model and seems to address some well-defined needs. Bringing together health data users and sellers directly probably offers some advantages. And it will probably be very profitable to give drugmakers access to real-time patient data structured as individual records.

That being said, I’m not sure how the company will get, much less maintain, patients’ interest. Other than people in this industry, few of my acquaintances or family members have the slightest idea of how to upload their health records. In fact, some of them would be quite intimidated by the prospect.

Also, it’s is a little weird that patients who share their data with Embleema are paid in tokens rather than actual publicly-negotiable money. I know I’d find cash incentives to be a lot more motivating than tokens. My guess is that either way, patients aren’t going to get much of the income generated by their data, and I have little doubt that competitors will point this out.

Of course, clinical researchers always face some form of obstacle in getting the data they need. No matter what approach they take, the data they choose seems to have some significant limitations.

I can’t tell whether Embleema has solved this problem completely, and if so, whether its solution is scalable and if it’s really any better than companies like IMS Health, but it does seem to be focused on a sector with deep pockets and a bottomless need for patient data. In fact, I’m sure its competitors will show up soon.

EMR Integration Paying Dividends For All Types of Healthcare Practitioners

Posted on July 17, 2018 I Written By

The following is a guest blog post from the team at Fullscript, a proud sponsor of Healthcare Scene. Follow and engage with them on Twitter: @FullscriptHQ

It would not be a stretch to say that EMRs have been both a blessing and curse for healthcare practitioners. There is no doubt that EMRs have improved the safety of care and the mountain of data that has been collected is now powering the renaissance of Artificial Intelligence in healthcare. However, EMRs have also increased the workload on clinicians which in turn has negatively impacted the overall patient experience and has contributed to burnout. It would not be a stretch to say that EMRs have been both a blessing and curse for healthcare practitioners. There is no doubt that EMRs have improved the safety of care and the mountain of data that has been collected is now powering the renaissance of Artificial Intelligence in healthcare. However, EMRs have also increased the workload on clinicians which in turn has negatively impacted the overall patient experience and has contributed to burnout.

To help practitioners, HealthIT vendors need to ensure their products can be:

  • Tightly integrated with EMRs so that data can be shared easily
  • Seamlessly incorporated into existing workflows
  • Tuned to fit the specific needs of the practice

Fullscript, an online e-prescribing platform helps integrative medical practitioners dispense supplements without the need for physical inventory. This saves valuable office space and improves the overall safety of practices. The company offers over 20,000 professional-grade supplements. Key to the company’s success has been the integration of their platform with existing EMRs coupled with their user-friendly workflow features.

Dr. J. E. Williams, a highly respected integrative medicine clinician who treats and revitalizes patients across a spectrum of illness, implemented Fullscript in order to provide his patients with a streamlined experience and to improve the performance of his practice.

Prior to Fullscript, Dr. Williams, used a non-integrated e-prescribing system. That system was difficult to use and his patients frequently complained at how confusing it was. The result was that patients were not filling their scripts and were not following the prescribed regimen. After switching to Fullscript, Dr. Williams could seamlessly e-prescribe what his patients need, directly from within his EMR. In addition, the easy-to-use nature of the system has made it less confusing for patients. The net result is that Dr. Williams has experienced 100% patient compliance by using Fullscript through his EMR.

“I can write a recommendation when a patient is in front of me, or immediately afterwards. ​Patients want to see their recommendation in their inbox right away, and that’s what Fullscript provides. My patients love it.” – Dr. J.E. Williams

Dr Williams is on a mission to bridge complementary as well as alternative therapies with evidence-based clinical science. Although some would see this as controversial, Dr. Williams firmly believes that there is growing evidence of improved patient outcomes when melding ancient wisdom with modern science. The ultimate goal is to use the most efficient therapies with the least side effects for patients.

The success of Dr Williams demonstrates the power of tight integration with EMRs for all types of clinicians. Gone are the days when clinicians had to tolerate clunky stand-alone systems. Today, they can and should expect their HealthIT partners to provide systems that seamlessly integrate with their existing applications.

Fullscript embraces this vision and has worked with over a thousand practitioners just like Dr Williams to provide the ability to e-prescribe nutraceuticals in as little as 4 weeks.

To learn more about Fullscript’s EMR integration or to read more about Dr. Williams, click here.

How e-Prescribing Features Improve Your Practice Life

Posted on July 9, 2018 I Written By

The following is a guest blog post by Dr. Tom Giannulli, CMIO at Kareo.

e-Prescribing, the process of electronically fulfilling a medication prescription directly from your practice, is far from new. In fact, this service has been around long enough that the majority of patients have come to expect the convenience that accompanies it.

Most private practices are using some type of medical software that aids in the e-Prescribing process. Some may have incorporated said software because they felt obligated, but others have realized that an integrated software solution can do more than help meet the requirements for the meaningful use electronic health record (EHR) initiative.

They recognize that it may also help to improve their practice.

As the clinical leader for an electronic health record (EHR) vendor serving independent practices, I can attest that Kareo’s cloud-based software is designed with the intent to improve the unique needs of the private practice. The changes in regulations and requirements might mean you should change the way you practice, but it doesn’t have to reduce the personal connection between patients and their providers.

Improve Upon Value-Based Care

Value-based care is driven by data and has required practices to become more efficient and effective in order to reduce overall healthcare costs.

Without the automated support that accompanies e-prescribing, compiling the number of required reports could become overwhelming and significantly reduce your efficiency. Our software can make compiling this data with accurate reports both simple and manageable, which saves you valuable time. It makes tracking the quality metrics related to drug compliance much easier, but it’s also tracking quality by:

  • Helping to reduce your liability with legible prescriptions
  • Improving upon prescription accuracy
  • Reducing medication errors
  • Improving upon patient compliance
  • Monitoring fraud and abuse from duplicate prescriptions

Having an automated perspective on drug interactions and prescription history at your fingertips allows you to focus on measures that improve preventative care. This global perspective on each patient’s individual treatment can potentially reduce abuse and readmissions.

Leverage a “Heads Up” Philosophy

You won’t hear many, if any, physicians state that they chose medicine for the abundance of paperwork.

The time EHR can save on administrative tasks provides the physician with more time to do what they enjoy—care for their patients. Patients often choose a practice because they want that personal connection with their physician. Someone who knows their story, and is aware of their health history. Most patients don’t enjoy waiting while the physician is writing notes, asking them to repeat their medical history, or trying to find the correct button on the computer. This won’t help to increase patient satisfaction, and gain patient loyalty. With the information right in front of you, you have more time to devote to quality communication, which gains your patient’s trust.

There are several secondary key benefits to practicing “Heads Up” Medicine with e-prescribing that help improve the patient experience by devoting your attention to your patient, not your computer. You’re still getting the essential information with an easy method of information collection by pointing and clicking.

  • Reviewing key points and a simple question and answer interview can help you build your narrative.
  • Your EHR is accessible on a mobile device, such an IPad, and not just on a website
  • You don’t have to spend the extra time typing the narrative in each time and starting from scratch.

Save Significant Time

Time is valuable to you, and your patients. The time saved with automated support does more than make your patients happy by getting them in and out of their visit quicker, it also shows that you respect their time.

Less time waiting and more time with their providers often results in better patient satisfaction. Word of mouth is often the most effective form of marketing and satisfied patients refer new patients to help you continue to grow your business.

Our software takes care of the bulk of your work with chart, bill and fill to reduce administrative tasks and improve your workflow. It helps you write the note, ensures that you get the billing codes correct and fills the prescription and orders lab work. This allows you to improve your workflow by:

  • Getting the billing done quickly and accurately to expedite payment
  • Allowing you to see more patients in the same amount of time
  • Helping you gain a better balance between your work and personal life to reduce the risk of burnout
  • Making sure your patients don’t leave because of extended wait times

Maintain a Personal Connection

Engaging more with your clients can foster patient satisfaction and loyalty to your practice. Your patients want compassionate care provided and human interaction, and you can leverage this “heads up” philosophy with the simple solutions offered in EHR software to manage the bulk of your administrative work.

Seek out technology and service solutions to improve your practice, increase patient satisfaction and provide you with more time to focus on priorities to aid in the growth of your practice, rather than being burdened with administrative tasks. Because you chose to work in private practice for the patients, not the paperwork.

About Tom Giannulli, MD, MS
Tom Giannulli, MD, MS, is the chief medical information officer at Kareo, a proud sponsor of Healthcare Scene. He is a respected innovator in the medical technology arena with more than 15 years of deep experience in mobile technology and medical software development. 

A Missed Opportunity For Telemedicine Vendors

Posted on June 29, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Today, most direct-to-consumer telemedicine companies operate on a very simple model.

You pay for a visit up front. You talk to the doctor via video, the doctor issues as a prescription if needed and you sign off. Thanks to the availability of e-prescribing options, it’s likely your medication will be waiting for you when you get to the pharmacy.

In my experience, the whole process often takes 45 minutes or less. This beats the heck out of having to wait in line at an urgent care center or worse, the emergency department.

But what about caring for chronic illnesses that can’t be managed by a drive-by virtual visit? Can telemedicine vendors play a role here? Maybe so.

We already know that combining telemedicine with remote monitoring devices can be very effective. In fact, some health systems have gone all-in on virtual chronic care management.

One fascinating example is the $54 million Mercy Virtual Care Center, which describes itself as a “hospital without beds.” The Center, which has a few hundred employees, monitors more than 3,800 remote patients; sponsors a telehealth stroke program offering neurology services to EDs nationwide; manages a team of virtual hospitalists caring for patient around-the-clock using virtual visit tools; and runs Mercy SafeWatch, which the Center says is the largest single-hub electronic intensive care unit in the U.S.

Another example of such hospital-based programs is Intermountain Healthcare’s ConnectCare Pro, which brings together 35 telehealth programs and more than 500 clinicians. Its purpose is to supplement existing staffers and offer specialized services in rural communities where some of the services aren’t available.

Given the success of programs that maintain complex patients remotely, I think a private telemedicine company managing chronic care services might work as well. While hospitals have financial reasons to keep such care in-house, I believe an outside vendor could profit in other ways. That’s especially the case given the emergence of wearable trackers and smartwatches, which are far cheaper than the specialized tools needed in the past.

One likely buyer for this service would be health plans.

I’ve heard some complain publicly that in essence, telemedicine coverage just encourages patients to access care more often, which defeats the purpose of using it to lower healthcare costs. However, if an outside vendor offered to manage patients with chronic illnesses, it might be a more attractive proposition.

After all, health plans are understandably wringing their hands over the staggering cost of maintaining the health of millions of diabetics. In 2017, for example, the average medical expense for people diagnosed with diabetes was about $16,750 per year, with $9,600 due to diabetes. If health plans could lay the cost off to a specialized telemedicine vendor, some real savings might be possible.

Of course, being a telemedicine-based chronic care management company would be far different than offering direct-to-consumer telemedicine services on an occasional basis. The vendor would have to have comprehensive health data management tools, an army of case managers, tight relationships with clinicians and a boatload of remote monitoring devices on hand. None of this would come cheaply.

Still, while I haven’t fully run the numbers, my guess is that this could be a sustainable business model. It’s worth a try.

Investors Competing For Health IT Opportunities

Posted on June 28, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study has concluded that investors are hungry for health IT investment opportunities, in some cases battling competitors for particularly attractive companies. The report concluded that investment firms see health IT as a lower-risk way to get a cut of the healthcare market than other possible targets.

The analysis by Bain & Company, which looks at 2017 numbers, said that the number of health IT investment deals completed last year rose to 32 from 23 in 2016.

The value of disclosed deals fell from $15.5 billion in 2016 to $1.9 billion in 2017. This is not a sign of weakness in the sector, however. The 2016 deals volume was pumped up by two megadeals (acquisitions of MultiPlan and Press Ganey), which were valued collectively at $9.9 billion. Meanwhile, in 2017 only one deal exceeded $800 million.

Deal counts and volume aside, there’s no question that investors are still very interested in acquiring or taking a stake in health IT companies, Bain reports. According to its study, there are many good reasons for their excitement.

“Investors find HCIT target attractive not only because HCIT companies play a vital role in promoting technology adoption in healthcare but also because they bear less of the direct reimbursement and regulatory risk that affect other healthcare sectors,” the report says. “With a limited set of scale assets on the market and corporate buyers willing to pay premiums for those that do become available, valuations remain high and competition intense.”

The report notes that most of the health IT buyouts in 2017 involved biopharma investments, particularly among companies using IT solutions and advanced analytics to streamline development a testing of drugs. Such deals include the buyout of Certara, which offers decision support technology for optimizing drug development, and Bracket, which sells technology for managing clinical trials.

However, investors were also interested in EMR and practice management vendors. Given that just a handful of big vendors block of the market for hospital IT, they looked elsewhere.

In particular, investment firms were interested in consolidating some of the many vendors selling ambulatory care EMRs platforms supporting specialties like gastroenterology. For example, investors picked up a $230 million stake in Modernizing Medicine, which offers EMR and practice management systems for specialties such as dermatology and ophthalmology, Bain said.

In the future, investors will gain interest in revenue cycle management software. In addition to investing in or acquiring RCM tools for providers, investors may target RCM software helping patients pay their bills. For example, private equity firm Frontier Capital bought a majority stake in medical card company AccessOne last year.

Bain also predicts that Investors will pay growing attention to clinical decision support platforms, driven in part by legislation requiring doctors to use clinical decision support tools before ordering complex diagnostic imaging of Medicare patients.

In addition, investment firms are keeping their eye on population health management software vendors. It’s not clear yet which companies will dominate the sector, and how these platforms will evolve, so dealmakers are hanging back. Still, within a few years they may well begin to throw money at PHM companies.

MD Anderson Fined $4.3 Million For HIPAA Violations

Posted on June 21, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

An administrative law judge has ruled that MD Anderson Cancer Center must pay $4.3 million to the HHS Office of Civil Rights due to multiple HIPAA violations. This is the fourth largest penalty ever awarded to OCR.

OCR kicked off an investigation of MD Anderson in the wake of three separate data breach reports in 2012 and 2013. One of the breaches sprung from the theft of an unencrypted laptop from the home of an MD Anderson employee. The other two involved the loss of unencrypted USB thumb drives which held protected health information on over 33,500 patients.

Maybe — just maybe — MD Anderson could’ve gotten away with this or paid a much smaller fine. But given the circumstances, it was not going to get away that easily.

OCR found that while the organization had written encryption policies going back to 2006, it wasn’t following them that closely. What’s more, MD Anderson’s own risk analyses had found that a lack of device-level encryption could threaten the security of ePHI.

Adding insult to injury, MD Anderson didn’t begin to adopt enterprise-wide security technology until 2011. Also, it didn’t take action to encrypt data on its devices containing ePHI during the period between March 2011 and January 2013.

In defending itself, the organization argued that it was not obligated to encrypt data on its devices. It also claimed that the ePHI which was breached was for research, which meant that it was not subject to HIPAA penalties. In addition, its attorneys argued that the penalties accrued to OCR were unreasonable.

The administrative law judge wasn’t buying it. In fact, the judge took an axe to its arguments, saying that MD Anderson’s “dilatory conduct is shocking given the high risk to its patients resulting from the unauthorized disclosure of ePHI,” noting that its leaders “not only recognized, but [also] restated many times.” That’s strong language, the like of which I’ve never seen in HIPAA cases before.

You won’t be surprised to learn that the administrative law judge agreed to OCR’s sanctions, which included penalties for each day of MD Anderson’s lack of HIPAA compliance and for each record of individuals breached.

All I can say is wow. Could the Cancer Center’s leaders possibly have more chutzpah? It’s bad enough to have patient data breached three times. Defending yourself by essentially saying it was no big deal is even worse. If I were the judge I would’ve thrown the book at them too.

Exec Tells Congress That New Health Data Threats Are Emerging

Posted on June 20, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A senior security executive with a major academic health system has told Congress that in addition to attacks by random attackers, healthcare organizations are facing new threats which are changing the health security landscape.

Erik Decker, chief security and privacy officer with the University of Chicago Medicine, testified on behalf of the Association for Executives in Healthcare Information Security in mid-June. He made his comments in support of the reauthorization of the Pandemic and All-Hazards Preparedness Act, whose purpose is to improve the U.S. public health and medical preparedness for emergencies.

In his testimony, Decker laid out how the nature of provider and public health preparedness has changed as digital health technology has become the backbone of the industry.

He described how healthcare information use has evolved, explaining to legislators how the digitization of healthcare has created a “hyper-connected” environment in which systems such as EHRs, revenue cycle platforms, imaging and ERP software are linked to specialty applications, the cloud and connected medical devices.

He also told them about the increasing need for healthcare organizations to share data smoothly, and the impact this has had on the healthcare data infrastructure. “There is increasing reliance on these data being available, and confidential, to support these nuanced clinical workflows,” he said. “With the adoption of this technology, the technical ecosystem has exploded in complexity.”

While the emergence of these complex digital health offers many advantages, it has led to a growth in the number and type of cybersecurity problems providers face, Decker noted. New threats he identified include:

* The development of underground markets and exchanges of sensitive information and services such as Hacking-as-a Service
* The emergence of sophisticated hacking groups deploying ransomware
* New cyberattacks by terrorist organizations
* Efforts by nation states to steal intellectual property to create national economic advantages

This led to the key point of his testimony: “We can no longer think of preparedness relative only to natural disasters or pandemics,” Decker said. “It’s imperative that we acknowledge the criticality of cybersecurity threats levied against the nation’s healthcare system.”

To address such problems, Decker suggests, healthcare organizations will need help from the federal government. For example, he pointed out, HHS efforts made a big difference when it jumped in quickly and worked closely with healthcare leaders responding to WannaCry attacks in mid-2017.

Meanwhile, to encourage the healthcare industry to adopt strong cybersecurity practices, it’s important to offer providers some incentives, including a financial subsidy or safe harbors from enforcement actions, he argued.