Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Being Honest About Your Reasons For Cybersecurity Decisions

Posted on August 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

This week, a team of McAfee researchers released a paper outlining a terrifying exploit. The paper describes, in great technical detail, how a malicious attacker could flip a cardiac rhythm display from 80 beats per minute to zero within less than five seconds.

This might not lead to severe harm or death, but it’s possible that other very negative outcomes could occur, notes Shaun Nordeck, MD, who’s quoted in the report. “Fictitious cardiac rhythms, even intermittent, could lead to extended hospitalization, additional testing, and side effects from medications prescribed to control heart rhythm and/or prevent clots,” he notes.

The paper does point out that if the bedside monitor is working normally, nurses have access to other accurate data, which could diminish the impact of such disruptions to some extent. However, the potential for adverse events is clearly higher than normal if someone scrambles a patient’s vitals.

Unfortunately, this is far from the only attack which wasn’t possible before connected devices became the norm. At various points, we’ve seen that pacemakers, insulin pumps and even MRIs can be hacked externally, particularly if their operating systems aren’t patched as required or haven’t put even basic security protections in place. (Think using “password” as a password.)

But while these vulnerabilities are largely known at this point, some healthcare organizations haven’t begun to tackle them. Solving these problems takes work, and costs money, The best-intentioned CIO might not get the budget to fix these problems if their CEO doesn’t see them as urgent.

Or let’s say the budget is available to begin the counterattack. Even if everyone agrees to tackle connected device vulnerabilities, where do we begin the counterattack? Which of these new connected health vulnerabilities are the most critical?  On the one hand, hacking individual pacemakers doesn’t seem profitable enough to attract many cybercriminals. On the other, if I were a crook I might see the threat of meddling with a hospitals’ worth of patient monitors to be a great source of ransom money.

And this brings us to some tough ethical questions. Should we evaluate these threats by how many patients would be affected, or how many of the sickest patients?  How do we calculate the clinical impact of vital signs hacking vs. generating inaccurate MRI results? To what extent should the administrative impact of these attacks be a factor in deciding how to defeat these challenges, if at all?

I know you’re going to tell me that this isn’t an all or nothing proposition, and that to some extent standard network intrusion detection techniques and tools will work. I’m not disputing this. However, I think we need to admit out loud that these kinds of attacks threaten individual lives in a way that traditional cyberattacks do not. For that reason, we need to get honest about who we need to protect — and why.

5 Practical Use Cases Anchoring Blockchain in Healthcare

Posted on August 1, 2018 I Written By


The following is a guest blog post by David Houlding MSc CISSP CIPP, Principal Healthcare Industry Lead at Microsoft Health working specifically on the Azure Team.

The hardest thing about blockchain is not the technology. To be clear, there are many technical challenges that must be addressed to be successful with blockchain, and these are not trivial. However, even harder is building the network of healthcare organizations and trust to a point where they are willing to participate, connect, and transact.

Existing B2B Healthcare Networks

It is faster to apply blockchain to an existing B2B network of healthcare organizations than to build a new network around a new use case from scratch. This is why blockchain is first taking hold in healthcare in existing B2B networks where healthcare organizations already transact around a use case, albeit with a conventional “hub-and-spoke”, centralized architecture with a trusted intermediary. In some cases, these existing B2B networks are looser, with healthcare organizations collaborating ad-hoc as needed, even via antiquated technologies such as faxes, rather than fully automated and integrated systems.

Cost Reduction Value Prop

These business value propositions are driving blockchain forward in healthcare:

  1. Improving patient outcomes
  2. Reducing healthcare costs
  3. Improving patient experience, and engagement
  4. Improving healthcare worker experience

Amongst these, those that have a strong cost reduction value proposition have the most interest from healthcare organizations—most want to see a strong near-term ROI justification for participation.

Leading Use Cases for Blockchain in Healthcare

In this article I highlight 5 practical use cases—plus one emerging use case—where blockchain is taking hold. Here are the ways that blockchain is adding value in these networks:

  • Decentralization, avoiding the need for a central hub (and associated costs, delays, and single point of failure).
  • Improving trust through a shared immutable ledger.
  • Mitigating fraud through transparency of transactions.
  • Improving performance and efficiency.
  • Paving the way for new levels of automation and collaboration around smart contracts and DAOs (Decentralized Autonomous Organization).

1. Health Information Exchange

Currently, the healthcare industry experiences major inefficiencies due to diverse, uncoordinated and unconnected data sources and systems. Effective care collaboration is vital to improve healthcare outcomes. With digitized health data, the exchange of healthcare information across healthcare organizations is required.

Grapevine World is one of the leaders in the application of blockchain technology. They make use of the IHE methodology for interoperability, and multiple blockchains for tracking data provenance and providing a crypto token as means of exchange within their ecosystem.

2. Provider Directory

Healthcare organizations, including payers, must maintain directories of healthcare providers, or doctors. Today this is done redundantly across multiple organizations. Further, if these directories get out of sync, it can lead to issues such as claims bouncing. Through blockchains, provider directories can be maintained by various healthcare organizations in a shared, decentralized ledger. This reduces redundancies and inconsistencies, and thereby improves operational efficiencies (including around claims adjudication).

Optum is one of the leaders in applying blockchain technology to the directory use case.

3. Provider Credentialing

Doctors, nurses, and other healthcare workers must have credentials to provide healthcare. These credentials must be validated by every healthcare organization they practice at, and periodically thereafter, usually every two years. This creates a huge amount of redundant effort and cost, and often delays a doctor’s ability to practice at a new facility. Blockchain provides a way for healthcare organizations in a consortium to update doctors’ credentials. That includes the validations of those credentials, helping to eliminate redundant effort. Doctors will be able to practice at new facilities with minimal delay.

ProCredEx and Hashed Health are leaders in the application of blockchain technology to the provider credentialing use case.

4. Drug Supply Chain

Medications must be tracked from manufacturers (such as the big pharmaceuticals), through distributors, to dispensaries (such as pharmacies). This enables the pharmacist, patient, or family caregiver to verify the authenticity, provenance, and safety of the product. It helps reduce drug counterfeiting and enables improved operational efficiencies, with associated cost reductions. Blockchain is particularly well suited to applications that require tracking of items across organizations. Regulations such as DSCSA also require tracking of drugs through the supply chain. And compliance with these regulations provides an additional incentive, or forcing function for the adoption of blockchain.

Adents and the C4SCS (Center for Supply Chain Studies) are leaders in the application of blockchain technology to the drug supply chain use case.

5. Medical Device Track and Trace

This is another example of a supply chain use case; except medical devices are being tracked, rather than drugs. Devices can range from implantables to MRI machines. The idea is to track these across the supply chain and throughout their life cycles, or even multiple life cycles as they are resold and reused. Such tracking enables fast response to recalls, thereby improving patient safety and operational efficiency. It enables one to monitor the maintenance of these devices over their lifetime—which can also help improve quality, and patient  outcomes.

Spiritus Partners is a leader in the application of blockchain technology to the medical device track and trace use case in healthcare.

Emerging: Anti-Fraud

Anti-fraud is another use case that is starting to take hold in healthcare. It is interesting both as a stand-alone use case (of particular interest to healthcare payers), and as a more general business value enabled by blockchain. Fraud prevention is attractive across most other use cases for blockchain in healthcare. For example, blockchain can help mitigate counterfeiting fraud in the drug supply chain use case. Blockchain has major potential to block fraud through:

  • Immutability (transactions cannot be altered)
  • Improving detection through transparency
  • Advancing artificial intelligence used for anti-fraud

For more on this use case and fundamental value of blockchain see Blockchain as a Tool for Anti-Fraud.

What other use cases do you see blockchain being applied to in healthcare? Welcome any comments, questions, or feedback you may have below. Blockchain in healthcare is fast evolving. I post updates extensively for blockchain in healthcare. Reach out to me on LinkedIn or Twitter.

About David Houlding
David Houlding is the Worldwide Healthcare Industry Leader on the Microsoft Azure Industry Experiences Team. David has more than 24 years of experience in healthcare spanning provider, payer, pharmaceutical, and life sciences segments worldwide, and has deep experience and expertise in blockchain, privacy, security, compliance, and AI / ML, and cloud computing. David also currently serves as Chair of the HIMSS Blockchain in Healthcare Task Force, a group of 50+ leaders from across healthcare worldwide, collaborating to advance blockchain in healthcare.

Company Supports Patient Data Sharing Via Blockchain

Posted on July 23, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

After a year in development, a tech startup has released a platform using blockchain to help patients share personal health records. The company, which was founded by former IMS Health exec Robert Chu, plans to sell their information to pharmaceutical companies without involving a third-party data broker.

Embleema, which built its software on the Ethereum smart-contract platform, is focused on delivering what it calls “real world evidence” to drug researchers.

Its blockchain-based app, which is known as PatientTruth, allows patients to pull provider CCDs and Fitbit data together in a single location. The idea here is that blockchain will permit patients to manage data sharing permissions far more securely and effectively than with other approaches.

When patients agree to share their data, they get crypto-tokens. Embleema, for its part, generates income by selling an anonymized version of that data to clinical researchers.

The company contends that its data offers significant advantages over traditional data sources include that it offers in individual rather than aggregate data. Having access to individual data allows drugmakers to monitor a given patient over time, which helps to improve research and drug development, it says.

On the whole, Embleema seems to have a smart business model and seems to address some well-defined needs. Bringing together health data users and sellers directly probably offers some advantages. And it will probably be very profitable to give drugmakers access to real-time patient data structured as individual records.

That being said, I’m not sure how the company will get, much less maintain, patients’ interest. Other than people in this industry, few of my acquaintances or family members have the slightest idea of how to upload their health records. In fact, some of them would be quite intimidated by the prospect.

Also, it’s is a little weird that patients who share their data with Embleema are paid in tokens rather than actual publicly-negotiable money. I know I’d find cash incentives to be a lot more motivating than tokens. My guess is that either way, patients aren’t going to get much of the income generated by their data, and I have little doubt that competitors will point this out.

Of course, clinical researchers always face some form of obstacle in getting the data they need. No matter what approach they take, the data they choose seems to have some significant limitations.

I can’t tell whether Embleema has solved this problem completely, and if so, whether its solution is scalable and if it’s really any better than companies like IMS Health, but it does seem to be focused on a sector with deep pockets and a bottomless need for patient data. In fact, I’m sure its competitors will show up soon.

Somatix: Bringing Gesture Recognition to Healthcare

Posted on July 19, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The number and variety of sensors and tracking devices coming to healthcare is astounding. All of these devices are going to provide a platform for hundreds of innovative companies to build amazing software on top of all of this hardware that will really impact healthcare. It’s exciting to see.

I saw this in action first hand when I talked with Eran Ofir, CEO and Co-Founder of Somatix. What makes Somatix interesting is that they do their hand gesture tracking on any hardware. There are dozens of off the shelf wearable technologies from tech giants, high-end brands, sports leaders, and fashion brands which can be used together with Somatix.

Using these off the shelf technologies, Somatix does a pretty wide range of gesture detection including: smoking, eating, drinking (cold and hot), teeth brushing, walking, sleeping, shaving, medication intaking, and more. When you think about the sensors that are available in these commercial wearables, it’s not hard to see how this type of gesture detection is possible. Plus, these charts illustrate how different gestures register on wearables:

It’s not hard to imagine how this gesture recognition technology can be used in healthcare. It can detect sudden falls, medication adherence, immobility, sleeping habits, missed meals, low liquid consumption, smoking, and even neurological malfunctioning.

The question is what do you do once a certain action is detected? Somatix is doing some work in this area as well. Detecting the gesture is just the first step, but can work as a trigger to enable care providers to intervene with personalized messages and incentives to the patient. One of the areas where Somatix has seen success is in their SmokeBeat product which helps with smoking cessation.

As I look at the bigger picture, I could see hundreds of applications of this gesture technology in healthcare. So, I asked Eran if Somatix offered an API that would allow startup companies, health systems, payers, and other healthcare organizations to be able to incorporate this gesture recognition technology into their own applications. Unfortunately, they haven’t gone this route yet since they’re a relatively young company, but he saw that as a potential future opportunity. I hope they take that route since gesture recognition across all of these devices is a hard thing to build, but is a powerful thing that could benefit a wide variety of healthcare applications.

All in all, I was impressed by what Somatix has built. Plus, it was easy to see as they get more hand gesture data how they’ll be able to improve the accuracy of the gesture detection even more. Eran described how they’d seen this first hand with detecting smoking which they can now detect almost perfectly. While all of the gesture detection doesn’t have perfect accuracy it will get pretty close over time.

Healthcare still has a ways to go in figuring out how to turn gesture recognition into improved care, but it’s great to see companies like Somatix perfecting the recognition which will enable care providers to use that data to improve a patient’s health. Gesture recognition technology from Somatix is a great example of a building block of change that will transform healthcare as we know it.

Healthcare Execs Investing In Intelligent Technologies Face Roadbumps

Posted on July 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A recent report from Accenture concludes that healthcare executives are enthusiastic about “intelligence technologies” such as AI and IoT. It also suggests, however, that health organizations will need to add new capabilities to be sure they can manage these technologies responsibly.

The report, based on a survey of 100 health executives, found that 77% of respondents expect to invest in IoT and smart sensors and that 53% expect to invest in AI systems.  Presumably, they expect these technologies to offer benefits more quickly.

Why the gap in adoption? The truth is that healthcare leaders haven’t yet gotten their arms around AI just yet. While IoT and smart sensor technology can boost the flexibility and “judgment” of enterprise systems, AI arguably has the potential to be far more flexible and wide-reaching — and ultimately less than predictable.

This unpredictability makes AI investment a bit trickier to implement than other emerging technologies. Just over four-fifths of health leaders said they were not prepared to explain AI-based conclusions to their internal stakeholders nor outsiders.

To address this deficit, 73% said they plan to develop internal ethical standards for AI to make sure these systems can act responsibly. Before that, they’ll need to determine what “acting responsibly” actually means — and as far as I know there are no accepted guidelines for developing such standards. (They might want to start off by reviewing Google’s ethical principles for AI use here.)

Adding AI to the enterprise IT mix could also wreak havoc. I for one was surprised to read that almost one-fourth of respondents said that they had been the target of adversarial AI behaviors, including falsified location data or bot fraud. (This stat blew my mind. Why haven’t we heard more about these “adversarial behaviors” and what are they?)

This certainly adds another element of uncertainty for CIOs interested in AI investments. While AI technologies can’t “think” in the traditional sense, they can create a range of problems previous-gen technology couldn’t.

This is part of a larger picture in which health organizations aren’t sure if their data has been corrupted. In fact, 86% of health execs said they hadn’t yet invested in technologies which could verify their data sources. Adding AI to the mix could potentially compound these problems, as it might create a cascade in which the AI then draws false inferences and takes inappropriate actions.

Meanwhile, respondents were excited about blockchain and smart contracts technology, with 91% reporting that they believed it would be a critical tool for supporting frictionless businesses over the next three years. All told, expect to see IoT and blockchain investments right away, with AI lagging until health IT leaders can teach it to play nicely.

CareSync Shutdown and CareSync Alternatives

Posted on July 13, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been watching the shutdown of CareSync a little closer than I do most healthcare IT startup companies. Partially because it happened so quickly and partially because I’m an advisor to CareCognitics which has a CCM (Chronic Care Management – 99490) offering as part of their suite of healthcare loyalty products. So, I’m totally biased in this situation.

With that said, I thought that CareCognitics captured my feelings about CareSync shutting down really well. Here’s an excerpt from their post:

For companies like ours that work in the Chronic Care Management (CCM) space, it was big news this week that CareSync was shutting down their offices and laying off employees. The details of why this happened aren’t clear, but it’s unfortunate that such a well-respected company is shutting down. Our hearts go out to all the employees that lost their jobs and we hope that many of their skills and expertise can find a home at CareCognitics. The work we are doing is too important to let that talent go to waste.

The most heartbreaking part of CareSync shutting down is all of the patients that will miss out on the special care they receive from the CCM program. We see such tremendous opportunity and success with chronic care management and so we hope that CareSync’s customers will continue their chronic care management efforts and possibly even find new opportunities to take them to an even greater level.

Read the full post for more details. Obviously, I think CareCognitics is a good home for CareSync users who are looking to continue their CCM efforts but want to do so in the EHR which they control and will always have access to in the event of issues.

It really is unfortunate that one of the biggest names in the CCM space shutdown. I hope that those that are part of the company will share their learnings with the rest of healthcare since managing chronic conditions is such an important thing for healthcare to become what it needs to become. I know a number of them are going around trying to share what they can with others and I’ve talked to a few myself.

While painful, the good news for CareSync users is that there are plenty of alternative CCM companies out there. It won’t be fun to switch companies, but there are CareSync alternatives. It also seems that the Tampa Bay tech community has rallied to help many of the CareSync employees. That’s a good thing even though I’m sure some will still have challenges ahead as they search for a new job.

Does all of this mean that healthcare organizations should stop working with startup companies?

Of course not. If you’ve ever bought a product from a big company, you know that big companies can shut products down just as easily (and in some cases more easily) than a startup company. However, you should be thoughtful about which startup companies you work with and keep in mind the risks associated with working with startups.

Here are some questions and thoughts you should consider as you buy a product from a startup company. What’s the track record of the founding team? Worry less about how much money they’ve raised and how efficiently they’re using that money. People are expensive and that impacts what those of us in the startup world call burn rate. How much money you’ve raised doesn’t matter if you have too high of a burn rate. The best startup companies learn how to balance this effectively. This is sometimes hard to understand from the outside, but is possible if you dig enough. It’s also one reason why 2nd time entrepreneurs are often more successful. They’ve learned how to manage their burn rate effectively.

Other questions you should consider is “What happens if this company shuts down?” It’s never a bad idea to have a backup plan if things go awry like they did at CareSync. This question is also best asked before selecting a vendor. As CareSync users evaluate new CCM companies, this is a great question to ask. The answer to the question may determine which company you get in bed with for your chronic care management efforts.

Outside partners are essential to a healthcare organizations success. It’s just impossible for a healthcare organization to do 100% of what they need to accomplish in house. This is especially true for larger healthcare organizations. So, finding the right partners needs to be a key part of your strategy. Make sure your strategy includes what will happen if you choose the wrong partner. However, the great thing is that if you choose the right partner, you’ll benefit as that partner grows and enhances what you’re doing over time.

As was mentioned in today’s #HITsm chat, “We’re not buying from a vendor; we’re marrying them.”

Do We Sometimes Make Things Too Complicated?

Posted on July 11, 2018 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I know it’s not Friday yet (when I usually share fun cartoons), but I saw this cartoon shared by Pete Friesen and I couldn’t help but share it.

This parallels really well with this tweet I saw from ePatientDave as well:

Drugs have done amazing things. Look no further than all the lives saved by penicillin. However, sometimes we need to slow things down and consider all of our options (including drugs).

The problem right now is that there’s nothing really slowing things down for doctors and are care providers. Everything seems to just be speeding up.

I had a doctor today proudly share “I’m an internist can see 40 patients with rapid work on EMR side and also complete my MIPs clicks.”

He was trying to compliment his EHR software for working so effectively. However, you have to wonder what kind of care those 40 patients received and what kind of care they could have received if he only had to see 20. I’m not suggesting he gave them bad care, but I’m suggesting that the care would have been better if he only had to see 20 and not 40 patients. The problem is that doing so will cut his pay in half (literally).

This isn’t doctors fault specifically. They want to get paid for the work they do like anyone else. It’s why so many are excited by things like DPC (Direct Primary Care) and value based care. However, in terms of the later many are still skeptical and for good reason. Value based care could mean creating more of a relationship with a patient, but it could also mean more hoop jumping.

Maybe many of our stressed-out care providers could use some canine stress therapy as well.

Is Amazon Ready To Protect Patient Data?

Posted on July 6, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Late last month, a Connecticut woman found out that a third-party Amazon vendor she had done business with had exposed her personal medical data to the world, including her medical conditions, along with her name, birthdate and emergency contact information.

The story suggests that Amazon engaged in a bit of bureaucratic foot shuffling when called on the privacy lapse. According to the woman, an Amazon call center rep told her it would investigate the issue, but a further email told her they would not be able to release the outcome of this investigation. It’s little wonder she wasn’t satisfied.

Ultimately, it appears that she was only able to get immediate action once she contacted the third-party seller, which took the photos containing the information down promptly upon her request.

Though no small matter for the woman involved, the episode means little for the future of Amazon, in and of itself. However, it does suggest that the marriage of Amazon technology and healthcare data may pose unexpected problems.

For those who have been sleeping under a rock, in late June Amazon announced that it had acquired online pharmacy PillPack for what reports say was just under $1 billion. PillPack, which competes with services delivered by giants like CVS, lets users buy their meds in pre-made doses. News stories suggest that Amazon beat out fellow retail giant Walmart in making the buy, which should close the second half of this year.

Without a doubt, this was a banner day in the history of Amazon, which has officially stamped into healthcare in 10-ton boots. The deal could not only mark the beginning of new era for the retailer, but also the healthcare industry, which hasn’t yet seen a tech company take a lead in any consumer-facing healthcare business.

That being said, perhaps a more important question for readers of this publication is how it will manage data generated by PillPack, a store likely to grow exponentially as Amazon integrates the online pharmacy into its ecosystem.

While there are obviously many good things its staggering fulfillment and logistics capabilities can bring to PillPack, Amazon’s otherwise amazing systems weren’t built to protect patient health information.

When it comes to most any other company, I’d imagine these problems could be addressed by layering HIPAA-compliant technologies and policies over its existing infrastructure. However, given the widely distributed nature of its retail network, it’s not just a matter of rethinking some architecture. Sealing off health data could require completely transforming its approach to doing business. Just about every retail transaction could prove a chink in its armor.

Since it wasn’t itself required to meet HIPAA standards in this instance, Amazon won’t get any flack from regulators over the recent PHI exposure. Still, issues like this could undercut the trust it needs to integrate PillPack into its core business successfully.

If nothing else, Amazon had better put a strong PHI protection policy in place on its retail side. Otherwise, it could undermine the business it just spent almost $1 billion to buy.

How Hospitals Can Drive Revenue in Value-Based Care Using 7 Key Cycles of Their Data

Posted on July 5, 2018 I Written By

The following is a guest blog post by Richard A. Royer, Chief Executive Officer of Primaris.

Back in the day – the late 1960s, when social norms and the face of America was rapidly changing – a familiar public service announcement began preceding the nightly news cast. “It’s 10 p.m. Do you know where your children are?”

Today, as the healthcare landscape changes rapidly with a seismic shift from the fee-for-service payment model to value-based care models, there’s a similar but new clarion call for quality healthcare: “It’s 2018. Do you know where your data is?”

Compliance with the increasingly complex alphabet soup of quality reporting and reimbursement rules – indeed, the fuel for the engine driving value-based car – is strongly dependent on data. The promising benefits of the age of digital health, from electronic health records (EHRs) to wearable technology and other bells and whistles, will occur only as the result of accurate, reliable, actionable data. Providers and healthcare systems that master the data and then use it to improve quality of care for better population health and at less cost will benefit from financial incentives. Those who do not connect their data to quality improvement will suffer the consequences.

As for the alphabet soup? For starters, we’re as familiar now with these acronyms as we are with our own birth dates: MACRA (the Medicare Access and CHIP Reauthorization Act of 2015), which created the QPP (Quality Payment Program), which birthed MIPS (Merit-based Incentive Payment System).

The colorful acronyms are deeply rooted in data. As a result, understanding the data life cycle of quality reporting for MACRA and MIPS, along with myriad registries, core measures, and others, is crucial for both compliance and optimal reimbursement. There is a lot at stake. For example, the Hospital Readmissions Reduction Program (HRRP) is an example of a program that has changed how hospitals manage their patients. For the 2017 fiscal year, around half of the hospitals in the United States were dinged with readmission penalties. Those penalties resulted in hospitals losing an estimated $528 million for fiscal year 2017.

The key to achieving new financial incentives (with red-ink consequences increasingly in play) is data that is reliable, accurate and actionable. Now, more than ever, it is crucial to understand the data life cycle and how it affects healthcare organizations. The list below varies slightly in order and emphasis compared with other data life cycle charts.

  • Find the data.
  • Capture the data.
  • Normalize the data.
  • Aggregate the data.
  • Report the data.
  • Understand the data.
  • Act upon the data.


One additional stage, which is a combination of several, is secure, manage, and maintain the data.

  • Find the data. Where is it located? Paper charts? Electronic health records (EHRs)? Claims Systems? Revenue Cycle Systems? And how many different EHRs are used by providers – from radiology to labs to primary care or specialists’ offices to others providing care? This step is even more crucial now as providers locate the sources of data required for quality and other reporting.
  • Capture the data. Some data will be available electronically, some can be acquired electronically, but some will require manual abstraction. If a provider, health system or Accountable Care Organization (ACO) outsources that important work, it is imperative that the abstraction partner understand how to get into each EHR or paper-recording system.
     
    And there is structured and unstructured data. A structured item in the EHR like a check box or treatment/diagnosis code can be captured electronically, but a qualitative clinician note must be abstracted manually. A patient presenting with frequent headaches will have details noted on a chart that might be digitally extracted, but the clinician’s note, “Patient was tense due to job situation,” requires manual retrieval.
  • Normalize the data. Normalization ensures the data can be more than a number or a note but meaningful data that can form the basis for action. One simple example of normalizing data is reconciling formats of the data. For example, a reconciling a form that lists patients’ last names first with a chart that lists the patients’ first name first. Are we abstracting data for “Doe, John O.” or “John O. Doe?” Different EHR and other systems will have different ways of recording that information.
     
    Normalization ensures that information is used in the same way. The accuracy and reliability that results from normalization is of paramount importance. Normalization makes the information unambiguous.
  • Aggregate the data. This step is crucial for value-based care because it consolidates the data from individual patients to groups or pools of patients. For example, if there is a pool of 100,000 lives, we can list ages, diagnosis, tests, clinical protocols and outcomes for each patient. Aggregating the data is necessary before healthcare providers can analyze the overall impact and performance of the whole pool.
     
    If a healthcare organization has quality and cost responsibilities for a pool of patients, they must be able to closely identify the patients that will affect the patient pool’s risks. Aggregation and analyzing provides that opportunity.
  • Report the data. Reporting of healthcare data to registries and the Centers for Medicare and Medicaid Services (CMS) is not new, but it is a growing need. Required reporting will become even more integral to health care quality improvement as private payers follow the CMS lead towards value-base care.
  • Understand the data. What was effective? What is the clinical point of view versus a dollars/cost point of view? How are these two points of view reconciled to get the “right” results?
     
    When Drug B is half the price but equally as effective as Drug A, that is an example of evidence-based medicine, which was the result of the data life cycle. When healthcare organizations and providers have data they can understand, a root cause analysis is an ideal way to achieve sometimes conflicting goals of quality and cost– and move forward – on solving deficiencies or other problems flagged by the data.
  • Use the data. There are other crucial facets of the data life cycle that must be dealt with, including data maintenance and management and purging or destroying data in a way that is compliant with HIPAA. But the most important function of data is using it to improve clinical processes and outcomes, the patient experience, and the financial bottom line.
     
    Data that is accurate and reliable is not all that useful until it is actionable. How is the data being used to manage quality of care and cost of care? The final stage in the data life cycle is certainly the most important. The technology and human capital needed to accomplish the other aspects of the life cycle are extensive, and expensive. But data gathering is a lost cause and, really, an exercise in futility unless the flurry of data and reporting activity leads to action. In the age of value-based healthcare, data is the key that will allow providers to be financially successful in the future as payments become more heavily based on value, and patients seek providers that meet their growing expectations.

About Primaris
Richard A. Royer, Chief Executive Officer of Primaris, a healthcare consulting and services firm that works with hospitals, physicians and nursing homes to drive better health outcomes, improve patient experiences and reduce costs.

Investors Competing For Health IT Opportunities

Posted on June 28, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study has concluded that investors are hungry for health IT investment opportunities, in some cases battling competitors for particularly attractive companies. The report concluded that investment firms see health IT as a lower-risk way to get a cut of the healthcare market than other possible targets.

The analysis by Bain & Company, which looks at 2017 numbers, said that the number of health IT investment deals completed last year rose to 32 from 23 in 2016.

The value of disclosed deals fell from $15.5 billion in 2016 to $1.9 billion in 2017. This is not a sign of weakness in the sector, however. The 2016 deals volume was pumped up by two megadeals (acquisitions of MultiPlan and Press Ganey), which were valued collectively at $9.9 billion. Meanwhile, in 2017 only one deal exceeded $800 million.

Deal counts and volume aside, there’s no question that investors are still very interested in acquiring or taking a stake in health IT companies, Bain reports. According to its study, there are many good reasons for their excitement.

“Investors find HCIT target attractive not only because HCIT companies play a vital role in promoting technology adoption in healthcare but also because they bear less of the direct reimbursement and regulatory risk that affect other healthcare sectors,” the report says. “With a limited set of scale assets on the market and corporate buyers willing to pay premiums for those that do become available, valuations remain high and competition intense.”

The report notes that most of the health IT buyouts in 2017 involved biopharma investments, particularly among companies using IT solutions and advanced analytics to streamline development a testing of drugs. Such deals include the buyout of Certara, which offers decision support technology for optimizing drug development, and Bracket, which sells technology for managing clinical trials.

However, investors were also interested in EMR and practice management vendors. Given that just a handful of big vendors block of the market for hospital IT, they looked elsewhere.

In particular, investment firms were interested in consolidating some of the many vendors selling ambulatory care EMRs platforms supporting specialties like gastroenterology. For example, investors picked up a $230 million stake in Modernizing Medicine, which offers EMR and practice management systems for specialties such as dermatology and ophthalmology, Bain said.

In the future, investors will gain interest in revenue cycle management software. In addition to investing in or acquiring RCM tools for providers, investors may target RCM software helping patients pay their bills. For example, private equity firm Frontier Capital bought a majority stake in medical card company AccessOne last year.

Bain also predicts that Investors will pay growing attention to clinical decision support platforms, driven in part by legislation requiring doctors to use clinical decision support tools before ordering complex diagnostic imaging of Medicare patients.

In addition, investment firms are keeping their eye on population health management software vendors. It’s not clear yet which companies will dominate the sector, and how these platforms will evolve, so dealmakers are hanging back. Still, within a few years they may well begin to throw money at PHM companies.