Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Being Honest About Your Reasons For Cybersecurity Decisions

Posted on August 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

This week, a team of McAfee researchers released a paper outlining a terrifying exploit. The paper describes, in great technical detail, how a malicious attacker could flip a cardiac rhythm display from 80 beats per minute to zero within less than five seconds.

This might not lead to severe harm or death, but it’s possible that other very negative outcomes could occur, notes Shaun Nordeck, MD, who’s quoted in the report. “Fictitious cardiac rhythms, even intermittent, could lead to extended hospitalization, additional testing, and side effects from medications prescribed to control heart rhythm and/or prevent clots,” he notes.

The paper does point out that if the bedside monitor is working normally, nurses have access to other accurate data, which could diminish the impact of such disruptions to some extent. However, the potential for adverse events is clearly higher than normal if someone scrambles a patient’s vitals.

Unfortunately, this is far from the only attack which wasn’t possible before connected devices became the norm. At various points, we’ve seen that pacemakers, insulin pumps and even MRIs can be hacked externally, particularly if their operating systems aren’t patched as required or haven’t put even basic security protections in place. (Think using “password” as a password.)

But while these vulnerabilities are largely known at this point, some healthcare organizations haven’t begun to tackle them. Solving these problems takes work, and costs money, The best-intentioned CIO might not get the budget to fix these problems if their CEO doesn’t see them as urgent.

Or let’s say the budget is available to begin the counterattack. Even if everyone agrees to tackle connected device vulnerabilities, where do we begin the counterattack? Which of these new connected health vulnerabilities are the most critical?  On the one hand, hacking individual pacemakers doesn’t seem profitable enough to attract many cybercriminals. On the other, if I were a crook I might see the threat of meddling with a hospitals’ worth of patient monitors to be a great source of ransom money.

And this brings us to some tough ethical questions. Should we evaluate these threats by how many patients would be affected, or how many of the sickest patients?  How do we calculate the clinical impact of vital signs hacking vs. generating inaccurate MRI results? To what extent should the administrative impact of these attacks be a factor in deciding how to defeat these challenges, if at all?

I know you’re going to tell me that this isn’t an all or nothing proposition, and that to some extent standard network intrusion detection techniques and tools will work. I’m not disputing this. However, I think we need to admit out loud that these kinds of attacks threaten individual lives in a way that traditional cyberattacks do not. For that reason, we need to get honest about who we need to protect — and why.

More Than 3 Million Patient Records Breached During Q2 2018

Posted on August 15, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study by data security vendor Protenus has concluded that more than 3 million patient records were breached during the second quarter of 2018, in a sharp swing upward from the previous quarter with no obvious explanation.

The Protenus Breach Barometer study, which drew on both reports to HHS and media disclosures, found that there were 143 data breach incidents between April and June 2018, affecting 3,143,642 million patient records. The number of affected records has almost tripled from Q1 of this year, when 1.13 million records were breached.

During this quarter, roughly 30% of privacy violations were by healthcare organizations that had previously reported a data breach. The report suggests that it is because they might not have identified existing threats or improved security training for employees either. (It could also be because cyberattackers smell blood in the water.)

Protenus concluded that among hospital teams, an investigator monitors around 4,000 EHR users, and that each was responsible for an average of 2.5 hospitals and 25 cases each. The average case took about 11 days to resolve, which sounds reasonable until you consider how much can happen while systems remain exposed.

With investigators being stretched so thin, not only external attackers but also internal threats become harder to manage. The research found that on average, 9.21 per 1,000 healthcare employees breached patient privacy during the second quarter of this year. This is up from 5.08 employee threats found during Q1 of this year, which the study attributes to better detection methods rather than an increase in events.

All told, Protenus said, insiders were responsible for 31% of the total number of reported breaches for this period. Among incidents where details were disclosed, 422,180 records were breached, or 13.4% of total breached patient records during Q2 2018. The top cause of data breaches was hacking, which accounted for 36.62% of disclosed incidents. A total of 16.2% of incidents involved loss or theft of data, with another 16.2% due to unknown causes.

In tackling insider events, the study sorted such incidents into two groups, “insider error” or “insider wrongdoing.” Its definition for insider error included incidents which had no malicious intent or could otherwise be qualified as human error, while it described the theft of information, snooping in patient files and other cases where employees knowingly violated the law as insider wrongdoing.

Protenus found 25 publicly-disclosed incidents of insider error between April and June 2018. The 14 of which for which details were disclosed affected 343,036 patient records.

Meanwhile, the researchers found 18 incidents involving insider wrongdoing, with 13 events for which data was disclosed. The number of patient records breached as a result of insider wrongdoing climbed substantially over the past two quarters, from 4,597 during Q1 to 70,562 during Q2 of 2018.

As in the first quarter, the largest category of insider-related breaches (71.4%) between April and June 2018 was healthcare employees taking a look at family members’ health records. Other insider wrongdoing incidents including phishing attacks, insider credential sharing, downloading records for sale and identity theft.

Healthcare CIOs Focused On Patient Experience And Innovation

Posted on August 2, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Not long ago, 22 healthcare CIOs had a sit-down to discuss their CEOs’ top IT-related priorities. At the meeting, which took place during the 2018 Scottsdale Institute Annual Conference, the participants found that they were largely on the same page, according to researchers that followed the conversation.

Impact Advisors, which co-sponsored the research, found that improving patient experiences was priority number one. More than 80% of CIOs said patient engagement and better patient experiences were critical, and that deploying digital health strategies could get the job done.

The technologies they cited included patient-facing options like wearables, mobile apps and self-service tools. They also said they were looking at a number of provider-facing solutions which could streamline transitions of care and improve patient flow, including care coordination apps and tools and next-generation decision support technologies such as predictive analytics.

Another issue near the top of the list was controlling IT costs and/or increasing IT value, which was cited by more than 60% of CIOs at the meeting. They noted that in the past, their organizations had invested large amounts of money to purchase, implement and upgrade enterprise EHRs, in an effort to capture Meaningful Use incentive payments, but that things were different now.

Specifically, as their organizations are still recovering from such investments, CIOs said they now need to stretch their IT budgets, They also said that they were being asked to prove that their organization’s existing infrastructure investments, especially their enterprise EHR, continue to demonstrate value. Many said that they are under pressure to prove that IT spending keeps offering a defined return on investment.

Yet another important item on their to-do list was to foster innovation, which was cited by almost 60% of CIOs present. To address this need, some CIOs are launching pilots focused on machine learning and AI, while others are forming partnerships with large employers and influential tech firms. Others are looking into establishing dedicated innovation centers within their organization. Regardless of their approach, the CIOs said, innovation efforts will only work if innovation efforts are structured and governed in a way that helps them meet their organization’s broad strategic goals.

In addition, almost 60% said that they were expected to support their organization’s growth. The CIOs noted that given the constant changes in the industry, they needed to support initiatives such as expansion of service lines or building out new ones, as well as strategic partnerships and acquisitions.

Last, but by no means least, more than half of the CIOs said cybersecurity was important. On the one hand, the participants at the roundtable said, it’s important to be proactive in defending their organization. At the same time, they emphasized that defending their organization involves having the right policies, processes, governance structure and culture.

Healthcare Leaders See AI Tech In Their Future

Posted on July 30, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

You’ve probably noticed that the movement of healthcare AI from visionary to commonplace has already begun. There are endless examples I could cite to demonstrate this, but here’s a taste:

  • A UK hospital is delegating some tasks usually performed by doctors and nurses to AI technology
  • The AMA is working to set standards for physician use of AI
  • Competition between AI-based disease management players is increasing
  • New AI software can detect signs of diabetic retinopathy without involving a physician

Of course, anytime a technology seems poised to take over the world, there’s a voice in our head saying “Are you sure?” And we all know there are many flashes in the technology pan.

When it comes to AI, however, we may be on the brink of such widespread adoption that no one could argue that it hasn’t arrived. According to a recent Intel survey of U.S. healthcare leaders, AI will be in use across the healthcare spectrum by 2023.

The research, which was conducted in partnership with Convergys Analytics, surveyed 200 US healthcare decision-makers in April 2018 on their attitudes about AI. The survey also asked subjects what barriers still existed to industry-wide AI adoption.

First, a significant number of respondents (54%) said that they expected AI to be in wide use in the industry within the next five years. Also, a substantial minority (37%) said they already used AI, though most reported that such use was limited.

Among those organizations that use AI, clinical use accounted for 77%, followed by operational use (41%) and financial use (26%). Meanwhile, respondents whose organizations hadn’t adopted AI still seem very enthusiastic about its possibilities, with 91% expecting that it will offer predictive analytics tools for early intervention, 88% saying it will improve care and 83% saying it will improve the accuracy of medical diagnoses.

Despite their enthusiasm, however, many of those surveyed were sure they could trust AI just yet. More than one-third of respondents said that patients wouldn’t trust AI enough to play an active role in their care (and they are probably right, at least for now). Meanwhile, 30% assume that clinicians wouldn’t trust AI either, predicting that concerns over fatal errors would kill their interest. Again, that’s probably a good guess.

In addition, there’s the issue of the AI “black box” to bear in mind. Though Intel didn’t go into detail on this, both clinicians and healthcare executives are concerned about the way AI gets its job done. My informal research suggests that until doctors and nurses understand how AI tools have made their decisions — and what data influenced these decisions — it will be hard to get them comfortable with it.

2018 Practical Innovation Award Winner: ENGINUITY

Posted on July 25, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As the vision for the Health IT Expo came into view, we realized how valuable it was for the Health IT Expo community to learn about and share practical innovations that were happening in healthcare IT. As part of that effort, we announced the 2018 Practical Innovation Awards. Being the first year, we only had a short time to promote it and get the word out about it. With that said, we’re extremely pleased with the practical innovations that the 2018 Practical Innovation Award Winner has brought to the healthcare IT community and we’re excited to share those with you.

So, without further ado, we’re excited to announce the 2018 Practical Innovation Award Winner is ENGINUITY run by Kelly Del Gaudio, Principal Consultant, Galen Healthcare Solutions and was implemented at Freeman Health System, Valley Health System, and Canton – Potsdam Hospital System. This is a well-deserved honor for Kelly Del Gaudio and the team that worked on this project. Congratulations!

While awards and recognition are great, they don’t mean much if we don’t share the details of the practical innovations that won the award. In order to share more details about ENGINUITY (originally named Project Claire[IT]), we thought an interview with Kelly Del Gaudio would be a great way to share what they accomplished and hopefully help to spread their experiences, insights, and innovations.

Tell us about Project Claire[IT].  How was it started and who was involved?

Project Claire[IT] was what we originally called ENGINUITY. It was a project in honor and memory of my friend and Rule writing mentor at MEDITECH, Claire Riemer. Claire was the original pioneer of the MEDITECH rules engine and led the Clinical Content group there for many years.

The idea for this project started about a few months after I came on as the Principal Consultant for MEDITECH at Galen Healthcare Solutions. Since I had a lot of experience with the MEDITECH Rules engine from people like Claire, and working on a Clinical Optimization Performance Team during my 10 years at the “Tech”, I decided to host a free “Rule Writing 101” webinar that would give users a basic understanding of the MEDITECH Rules engine and offer tips and tricks on how to write some basic rules. We were surprised when we saw the signup list the day of the webinar (which ended up being our highest attended to date), and soon after, the flood gates opened with questions from MEDITECH users asking for help with Rules they’ve been stuck on for weeks, months and sometimes years!

Many of the questions we received were similar (people needing help with calculations, VTE compliance, Problem List Management etc) so we thought maybe we could streamline the process and write the complex rules that everyone seems to need for them; or as we call it: Doing their NerdyWork. Galen was no stranger to this as we have been successful in creating and delivering a similar solution to our Allscripts clients called eCalcs.

I knew I had the unique skill set to write the Rules that these customers needed, but not being a nurse or clinician by trade (although I can occasionally fake it til’ I make it) I knew I needed their help to understand exactly what their frustrations were from both a clinical and IT perspective. The only logical conclusion was to host a focus group, and so our first Galen Focus Group: Operation NerdyWork was born.

Operation NerdyWork was a group of nine MEDITECH hospitals all running MEDITECH’s 6.x/6.1 or higher platform. They represented various areas of the country, from cities to rural/remote, from large Health Systems to small Critical Access satellites. It seems that no matter how big (or small) your IT staff was, the Rules Engine was a bit of a black box for everyone.

Here is our elite nine:

  • Catholic Health Initiatives
  • Salinas Valley Medical Center
  • Randolph Hospital
  • Uvalde Memorial Medical Center
  • Freeman Health System
  • Canton-Potsdam Hospital
  • Peterson Reginal Medical Center
  • Calvert Memorial Hospital
  • Parkview Medical Center

These groups offered their time on Thursdays during the winter of 2016 and provided us with valuable insights into the world of a MEDITECH doctor, nurse, care provider, or pharmacist. From their list of frustrations, we got to work building better, rule driven workflows that will save time, reduce clicks, increase compliance and patient safely and present users with much needed clinical decision support.

We decided to call our platform ENGINUITY because we use the MEDITECH Rules Engine to code a lot of our custom content. It’s also a derivative of the word ingenuity which is the quality of being inventive, clever, resourceful; thinking outside of the box. We pride ourselves on coming up with really clever ways to achieve something that may otherwise be “Working as Designed”. ENGINUITY continues to be crowdsourced and we receive suggestions every day from users of our content. MEDITECH customers drive the future direction of this product because hey, they’re the one that have to use it right?

What have been the practical benefits of this project?

Practical Innovation is all about solutions that can be implemented now that bring value to an organization. We think we are doing just that.

By streamlining the lengthy design process that many of these rules take to write and creating a plug and play solution that has been tested, validated, and thoroughly researched, we can confidently help hospitals achieve optimal compliance, increased patient and provider satisfaction, EMR confidence, realize revenue gains and so much more. If you wanted to implement some of these complex tools outside of ENGINUITY, not only would you need at least one full time dedicated FTE on these projects, but that person would need to have an advanced Rule writing skill set which is not easy to find. You would also need to keep those people on staff to troubleshoot Rules that are subject to change during much needed updates or future workflow changes.

I actually spoke with a client at last year’s MUSE conference who told me that their resident “Rules” person was about to retire so they stopped optimizing their system because she was the only one who could support it. I used this anecdote the next day at our official launch presentation and realized that this was more common than I thought. Rules are complex and there are a lot of unknowns but they are far and away the most efficient way to optimize the your MEDITECH system which is why everyone should have them!

ENGINUITY makes these options an affordable reality for many organizations that simply don’t have the time, capital or resources. The Galen team supports all of our content post-implementation, so our clients can worry about daily system support and education.  ENGINUITY customers also determine “what’s next” in our dev cycle and are always receiving the fruit of our development efforts keeping their system optimized, refreshed and functional for years to come.

What were the keys to success with this project? 

I attribute the success of this project to 5 main things.

  1. First, having a deep understanding of the technical underpinnings of the MEDITECH Rules Engine is crucial to the success of ENGINUITY. I have always been fascinated with trying to figure out this puzzle and I continue to learn more about it daily. For me, it’s fun; for most, its frustrating. Thank you Claire Riemer, Ginny Jacques and Nancy McGowan for teaching me this craft.
  2. Second, having the support of the Galen Healthcare Solutions team. They let me run with this idea to design, develop and mass deliver content to clients who need it and they’ve fully supported it through its infancy to now. We are KLAS ranked and on Modern HealthCare’s Best Places to Work for a reason and I know working at Galen was one of the best decisions I have ever made. I firmly believe that autonomy, support and confidence is really what helps innovation to thrive.
  3. Third, our focus group. They are the ones who brought the ideas to the table and got the ball rolling. Thank you Operation NerdyWork!
  4. Fourth, our ENGINUITY clients who push us and challenge us with new puzzles every day. Their challenges (though sometimes daunting) make us better in the long run.
  5. Finally, getting the word out in major healthcare IT publications! Having published articles that recognize our unique approach to customer collaboration and feature our MU3: Measure 3 content really help to spread the word about what we’re doing.

How does this project impact patients?

We put a lot of effort in the design process of a workflow to make it easy for the doctor/user to use. Many of our tools are “single-click” meaning that as soon as I “click” on something (a query or order) then the algorithm will “fetch” necessary data and bring that to the providers attention immediately. We can suggest, require, suppress or automate responses based on preexisting information which makes ENGINUITY very patient centric. This added clinical decision support is embedded directly into the MEDITECH system (not 3rd party) which significantly increases the confidence that users have in the messages they are receiving. We can then use a combination of hard stops, soft stops, alerts and audit trails to increase patient safety across the board.

We’re currently working on a case study of before and after Implementation of our VTE Compliance protocol, which was designed using the AHRQ’s Best Practice recommendations for VTE Prophylaxis compliance. It is estimated at increasing organizational compliance to over 90% which will significantly impact the lives of many surgical inpatients.

I also worked with some of our product development folks from our VitalCenter Online Archival team to create a way to have Rules evaluate patient Problems and drive care off the Problem List. From my research, this is not just a MEDITECH problem, (pun intended) but it spans across all EMRs leaving most Problem Lists “static”. We are changing that for our MEDITECH clients by driving and automating care off the Problem List making it a truly “dynamic” list.

You call the effort “Operation NerdyWork”.  What’s been your experience getting “nerds” together to collaborate on a solution like this?

Operation NerdyWork was all about bringing a diverse group of people together with some commonalities (trades, users of MEDITECH) and working together toward a common goal. Listening to each other’s pain points and sometimes even solving each other’s problems without my help at all (which was really fun to see). Everyone brought a unique voice to the table. As innovators, the best we can do is shut up and listen, hear what people want and develop what they need.

What practical advice would you give health IT professionals that will help them be more successful in their work?

Find something you’re good at, something you’re passionate about, something that keeps you up at night but also helps you rest easy knowing you could be a part of the solution. When you’ve found it then surround yourself with supportive people and get busy on the Nerdywork.

A big Congratulations to the 2018 Practical Innovation Award Winner: ENGINUITY

Company Supports Patient Data Sharing Via Blockchain

Posted on July 23, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

After a year in development, a tech startup has released a platform using blockchain to help patients share personal health records. The company, which was founded by former IMS Health exec Robert Chu, plans to sell their information to pharmaceutical companies without involving a third-party data broker.

Embleema, which built its software on the Ethereum smart-contract platform, is focused on delivering what it calls “real world evidence” to drug researchers.

Its blockchain-based app, which is known as PatientTruth, allows patients to pull provider CCDs and Fitbit data together in a single location. The idea here is that blockchain will permit patients to manage data sharing permissions far more securely and effectively than with other approaches.

When patients agree to share their data, they get crypto-tokens. Embleema, for its part, generates income by selling an anonymized version of that data to clinical researchers.

The company contends that its data offers significant advantages over traditional data sources include that it offers in individual rather than aggregate data. Having access to individual data allows drugmakers to monitor a given patient over time, which helps to improve research and drug development, it says.

On the whole, Embleema seems to have a smart business model and seems to address some well-defined needs. Bringing together health data users and sellers directly probably offers some advantages. And it will probably be very profitable to give drugmakers access to real-time patient data structured as individual records.

That being said, I’m not sure how the company will get, much less maintain, patients’ interest. Other than people in this industry, few of my acquaintances or family members have the slightest idea of how to upload their health records. In fact, some of them would be quite intimidated by the prospect.

Also, it’s is a little weird that patients who share their data with Embleema are paid in tokens rather than actual publicly-negotiable money. I know I’d find cash incentives to be a lot more motivating than tokens. My guess is that either way, patients aren’t going to get much of the income generated by their data, and I have little doubt that competitors will point this out.

Of course, clinical researchers always face some form of obstacle in getting the data they need. No matter what approach they take, the data they choose seems to have some significant limitations.

I can’t tell whether Embleema has solved this problem completely, and if so, whether its solution is scalable and if it’s really any better than companies like IMS Health, but it does seem to be focused on a sector with deep pockets and a bottomless need for patient data. In fact, I’m sure its competitors will show up soon.

Healthcare Execs Investing In Intelligent Technologies Face Roadbumps

Posted on July 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A recent report from Accenture concludes that healthcare executives are enthusiastic about “intelligence technologies” such as AI and IoT. It also suggests, however, that health organizations will need to add new capabilities to be sure they can manage these technologies responsibly.

The report, based on a survey of 100 health executives, found that 77% of respondents expect to invest in IoT and smart sensors and that 53% expect to invest in AI systems.  Presumably, they expect these technologies to offer benefits more quickly.

Why the gap in adoption? The truth is that healthcare leaders haven’t yet gotten their arms around AI just yet. While IoT and smart sensor technology can boost the flexibility and “judgment” of enterprise systems, AI arguably has the potential to be far more flexible and wide-reaching — and ultimately less than predictable.

This unpredictability makes AI investment a bit trickier to implement than other emerging technologies. Just over four-fifths of health leaders said they were not prepared to explain AI-based conclusions to their internal stakeholders nor outsiders.

To address this deficit, 73% said they plan to develop internal ethical standards for AI to make sure these systems can act responsibly. Before that, they’ll need to determine what “acting responsibly” actually means — and as far as I know there are no accepted guidelines for developing such standards. (They might want to start off by reviewing Google’s ethical principles for AI use here.)

Adding AI to the enterprise IT mix could also wreak havoc. I for one was surprised to read that almost one-fourth of respondents said that they had been the target of adversarial AI behaviors, including falsified location data or bot fraud. (This stat blew my mind. Why haven’t we heard more about these “adversarial behaviors” and what are they?)

This certainly adds another element of uncertainty for CIOs interested in AI investments. While AI technologies can’t “think” in the traditional sense, they can create a range of problems previous-gen technology couldn’t.

This is part of a larger picture in which health organizations aren’t sure if their data has been corrupted. In fact, 86% of health execs said they hadn’t yet invested in technologies which could verify their data sources. Adding AI to the mix could potentially compound these problems, as it might create a cascade in which the AI then draws false inferences and takes inappropriate actions.

Meanwhile, respondents were excited about blockchain and smart contracts technology, with 91% reporting that they believed it would be a critical tool for supporting frictionless businesses over the next three years. All told, expect to see IoT and blockchain investments right away, with AI lagging until health IT leaders can teach it to play nicely.

How e-Prescribing Features Improve Your Practice Life

Posted on July 9, 2018 I Written By

The following is a guest blog post by Dr. Tom Giannulli, CMIO at Kareo.

e-Prescribing, the process of electronically fulfilling a medication prescription directly from your practice, is far from new. In fact, this service has been around long enough that the majority of patients have come to expect the convenience that accompanies it.

Most private practices are using some type of medical software that aids in the e-Prescribing process. Some may have incorporated said software because they felt obligated, but others have realized that an integrated software solution can do more than help meet the requirements for the meaningful use electronic health record (EHR) initiative.

They recognize that it may also help to improve their practice.

As the clinical leader for an electronic health record (EHR) vendor serving independent practices, I can attest that Kareo’s cloud-based software is designed with the intent to improve the unique needs of the private practice. The changes in regulations and requirements might mean you should change the way you practice, but it doesn’t have to reduce the personal connection between patients and their providers.

Improve Upon Value-Based Care

Value-based care is driven by data and has required practices to become more efficient and effective in order to reduce overall healthcare costs.

Without the automated support that accompanies e-prescribing, compiling the number of required reports could become overwhelming and significantly reduce your efficiency. Our software can make compiling this data with accurate reports both simple and manageable, which saves you valuable time. It makes tracking the quality metrics related to drug compliance much easier, but it’s also tracking quality by:

  • Helping to reduce your liability with legible prescriptions
  • Improving upon prescription accuracy
  • Reducing medication errors
  • Improving upon patient compliance
  • Monitoring fraud and abuse from duplicate prescriptions

Having an automated perspective on drug interactions and prescription history at your fingertips allows you to focus on measures that improve preventative care. This global perspective on each patient’s individual treatment can potentially reduce abuse and readmissions.

Leverage a “Heads Up” Philosophy

You won’t hear many, if any, physicians state that they chose medicine for the abundance of paperwork.

The time EHR can save on administrative tasks provides the physician with more time to do what they enjoy—care for their patients. Patients often choose a practice because they want that personal connection with their physician. Someone who knows their story, and is aware of their health history. Most patients don’t enjoy waiting while the physician is writing notes, asking them to repeat their medical history, or trying to find the correct button on the computer. This won’t help to increase patient satisfaction, and gain patient loyalty. With the information right in front of you, you have more time to devote to quality communication, which gains your patient’s trust.

There are several secondary key benefits to practicing “Heads Up” Medicine with e-prescribing that help improve the patient experience by devoting your attention to your patient, not your computer. You’re still getting the essential information with an easy method of information collection by pointing and clicking.

  • Reviewing key points and a simple question and answer interview can help you build your narrative.
  • Your EHR is accessible on a mobile device, such an IPad, and not just on a website
  • You don’t have to spend the extra time typing the narrative in each time and starting from scratch.

Save Significant Time

Time is valuable to you, and your patients. The time saved with automated support does more than make your patients happy by getting them in and out of their visit quicker, it also shows that you respect their time.

Less time waiting and more time with their providers often results in better patient satisfaction. Word of mouth is often the most effective form of marketing and satisfied patients refer new patients to help you continue to grow your business.

Our software takes care of the bulk of your work with chart, bill and fill to reduce administrative tasks and improve your workflow. It helps you write the note, ensures that you get the billing codes correct and fills the prescription and orders lab work. This allows you to improve your workflow by:

  • Getting the billing done quickly and accurately to expedite payment
  • Allowing you to see more patients in the same amount of time
  • Helping you gain a better balance between your work and personal life to reduce the risk of burnout
  • Making sure your patients don’t leave because of extended wait times

Maintain a Personal Connection

Engaging more with your clients can foster patient satisfaction and loyalty to your practice. Your patients want compassionate care provided and human interaction, and you can leverage this “heads up” philosophy with the simple solutions offered in EHR software to manage the bulk of your administrative work.

Seek out technology and service solutions to improve your practice, increase patient satisfaction and provide you with more time to focus on priorities to aid in the growth of your practice, rather than being burdened with administrative tasks. Because you chose to work in private practice for the patients, not the paperwork.

About Tom Giannulli, MD, MS
Tom Giannulli, MD, MS, is the chief medical information officer at Kareo, a proud sponsor of Healthcare Scene. He is a respected innovator in the medical technology arena with more than 15 years of deep experience in mobile technology and medical software development. 

Is Amazon Ready To Protect Patient Data?

Posted on July 6, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Late last month, a Connecticut woman found out that a third-party Amazon vendor she had done business with had exposed her personal medical data to the world, including her medical conditions, along with her name, birthdate and emergency contact information.

The story suggests that Amazon engaged in a bit of bureaucratic foot shuffling when called on the privacy lapse. According to the woman, an Amazon call center rep told her it would investigate the issue, but a further email told her they would not be able to release the outcome of this investigation. It’s little wonder she wasn’t satisfied.

Ultimately, it appears that she was only able to get immediate action once she contacted the third-party seller, which took the photos containing the information down promptly upon her request.

Though no small matter for the woman involved, the episode means little for the future of Amazon, in and of itself. However, it does suggest that the marriage of Amazon technology and healthcare data may pose unexpected problems.

For those who have been sleeping under a rock, in late June Amazon announced that it had acquired online pharmacy PillPack for what reports say was just under $1 billion. PillPack, which competes with services delivered by giants like CVS, lets users buy their meds in pre-made doses. News stories suggest that Amazon beat out fellow retail giant Walmart in making the buy, which should close the second half of this year.

Without a doubt, this was a banner day in the history of Amazon, which has officially stamped into healthcare in 10-ton boots. The deal could not only mark the beginning of new era for the retailer, but also the healthcare industry, which hasn’t yet seen a tech company take a lead in any consumer-facing healthcare business.

That being said, perhaps a more important question for readers of this publication is how it will manage data generated by PillPack, a store likely to grow exponentially as Amazon integrates the online pharmacy into its ecosystem.

While there are obviously many good things its staggering fulfillment and logistics capabilities can bring to PillPack, Amazon’s otherwise amazing systems weren’t built to protect patient health information.

When it comes to most any other company, I’d imagine these problems could be addressed by layering HIPAA-compliant technologies and policies over its existing infrastructure. However, given the widely distributed nature of its retail network, it’s not just a matter of rethinking some architecture. Sealing off health data could require completely transforming its approach to doing business. Just about every retail transaction could prove a chink in its armor.

Since it wasn’t itself required to meet HIPAA standards in this instance, Amazon won’t get any flack from regulators over the recent PHI exposure. Still, issues like this could undercut the trust it needs to integrate PillPack into its core business successfully.

If nothing else, Amazon had better put a strong PHI protection policy in place on its retail side. Otherwise, it could undermine the business it just spent almost $1 billion to buy.

A Missed Opportunity For Telemedicine Vendors

Posted on June 29, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Today, most direct-to-consumer telemedicine companies operate on a very simple model.

You pay for a visit up front. You talk to the doctor via video, the doctor issues as a prescription if needed and you sign off. Thanks to the availability of e-prescribing options, it’s likely your medication will be waiting for you when you get to the pharmacy.

In my experience, the whole process often takes 45 minutes or less. This beats the heck out of having to wait in line at an urgent care center or worse, the emergency department.

But what about caring for chronic illnesses that can’t be managed by a drive-by virtual visit? Can telemedicine vendors play a role here? Maybe so.

We already know that combining telemedicine with remote monitoring devices can be very effective. In fact, some health systems have gone all-in on virtual chronic care management.

One fascinating example is the $54 million Mercy Virtual Care Center, which describes itself as a “hospital without beds.” The Center, which has a few hundred employees, monitors more than 3,800 remote patients; sponsors a telehealth stroke program offering neurology services to EDs nationwide; manages a team of virtual hospitalists caring for patient around-the-clock using virtual visit tools; and runs Mercy SafeWatch, which the Center says is the largest single-hub electronic intensive care unit in the U.S.

Another example of such hospital-based programs is Intermountain Healthcare’s ConnectCare Pro, which brings together 35 telehealth programs and more than 500 clinicians. Its purpose is to supplement existing staffers and offer specialized services in rural communities where some of the services aren’t available.

Given the success of programs that maintain complex patients remotely, I think a private telemedicine company managing chronic care services might work as well. While hospitals have financial reasons to keep such care in-house, I believe an outside vendor could profit in other ways. That’s especially the case given the emergence of wearable trackers and smartwatches, which are far cheaper than the specialized tools needed in the past.

One likely buyer for this service would be health plans.

I’ve heard some complain publicly that in essence, telemedicine coverage just encourages patients to access care more often, which defeats the purpose of using it to lower healthcare costs. However, if an outside vendor offered to manage patients with chronic illnesses, it might be a more attractive proposition.

After all, health plans are understandably wringing their hands over the staggering cost of maintaining the health of millions of diabetics. In 2017, for example, the average medical expense for people diagnosed with diabetes was about $16,750 per year, with $9,600 due to diabetes. If health plans could lay the cost off to a specialized telemedicine vendor, some real savings might be possible.

Of course, being a telemedicine-based chronic care management company would be far different than offering direct-to-consumer telemedicine services on an occasional basis. The vendor would have to have comprehensive health data management tools, an army of case managers, tight relationships with clinicians and a boatload of remote monitoring devices on hand. None of this would come cheaply.

Still, while I haven’t fully run the numbers, my guess is that this could be a sustainable business model. It’s worth a try.