Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Being Honest About Your Reasons For Cybersecurity Decisions

Posted on August 16, 2018 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

This week, a team of McAfee researchers released a paper outlining a terrifying exploit. The paper describes, in great technical detail, how a malicious attacker could flip a cardiac rhythm display from 80 beats per minute to zero within less than five seconds.

This might not lead to severe harm or death, but it’s possible that other very negative outcomes could occur, notes Shaun Nordeck, MD, who’s quoted in the report. “Fictitious cardiac rhythms, even intermittent, could lead to extended hospitalization, additional testing, and side effects from medications prescribed to control heart rhythm and/or prevent clots,” he notes.

The paper does point out that if the bedside monitor is working normally, nurses have access to other accurate data, which could diminish the impact of such disruptions to some extent. However, the potential for adverse events is clearly higher than normal if someone scrambles a patient’s vitals.

Unfortunately, this is far from the only attack which wasn’t possible before connected devices became the norm. At various points, we’ve seen that pacemakers, insulin pumps and even MRIs can be hacked externally, particularly if their operating systems aren’t patched as required or haven’t put even basic security protections in place. (Think using “password” as a password.)

But while these vulnerabilities are largely known at this point, some healthcare organizations haven’t begun to tackle them. Solving these problems takes work, and costs money, The best-intentioned CIO might not get the budget to fix these problems if their CEO doesn’t see them as urgent.

Or let’s say the budget is available to begin the counterattack. Even if everyone agrees to tackle connected device vulnerabilities, where do we begin the counterattack? Which of these new connected health vulnerabilities are the most critical?  On the one hand, hacking individual pacemakers doesn’t seem profitable enough to attract many cybercriminals. On the other, if I were a crook I might see the threat of meddling with a hospitals’ worth of patient monitors to be a great source of ransom money.

And this brings us to some tough ethical questions. Should we evaluate these threats by how many patients would be affected, or how many of the sickest patients?  How do we calculate the clinical impact of vital signs hacking vs. generating inaccurate MRI results? To what extent should the administrative impact of these attacks be a factor in deciding how to defeat these challenges, if at all?

I know you’re going to tell me that this isn’t an all or nothing proposition, and that to some extent standard network intrusion detection techniques and tools will work. I’m not disputing this. However, I think we need to admit out loud that these kinds of attacks threaten individual lives in a way that traditional cyberattacks do not. For that reason, we need to get honest about who we need to protect — and why.

Lumeon Offers a Step Toward Usable Device Data in Health Care

Posted on August 8, 2018 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The health care field floats on oceans of patient data, but like the real oceans on our planet, patient data is polluted. Trying to ground evidence-based medicine on billing data is an exercise in frustration. Clinical data is hard to get access to, and has its own limitations. For instance, it is collected only when a patient visits the clinic or hospital. The FDA recently put 100 million dollars in its budget to get patient data from electronic health records (which the commissioner called “real-world experience”).

One of the paths toward better data for research and treatment lies in the data from medical devices: it’s plentiful, detailed, and accurate. But device data has mountains to climb before researchers and clinicians can use it: getting this data in the first place, normalizing and standardizing it, and integrating it with the systems used for analysis and treatment. That’s what excites me about a recent new direction taken by Lumeon, a platform for workflow management and treatment coordination in health care.

I covered Lumeon’s platform a few months ago. The company already lays out an enticing display of tools for clinicians, along with EHR integration. What’s new is the addition of medical devices, an enhancement that required nine months of working with medical device manufacturers. Recently I had another chance to talk to Rick Halton, Vice President of Marketing and Product for Lumeon.

Along with the measurements provided by devices, Lumeon has tools for patient engagement and the measurement of outcomes. These outcomes go beyond simple quantitative scores such as limb rotation. Lumeon creates for each patient a patient-specific functional score (PSFS). For one patient, it may be whether he can play outside with his kids. For another, it’s whether she can they go back to work, and for another, how far she can walk.

Lumeon asks, how can a device be used in a patient journey? It uses the routine information to help provide consistent care throughout this journey pathway, and measures outcomes throughout to generate feedback that promotes better long-term outcomes.

Device data is currently stored in a Lumeon platform that may be on the clinician’s site or in the cloud. Using an API, Lumeon’s output can be embedded within an EHR (they currently do this with Epic) so that the output can be displayed as part of the EHR display, and the clinician doesn’t even have to know that the results are being generated outside the EHR. In the future, the data may be integrated directly into the EHR. However, Lumeon’s direct customers are the providers, not the EHR vendors.

Data from devices was popular among providers at first for discharge planning and other narrow applications. Lumeon’s device integration is now getting more attention from providers who are experiencing a squeeze on reimbursements, a growing alertness among payers for outcomes, and a slow move in the industry toward fee-for-value. One leading device manufacturer is already using Lumeon for better treatment of cardiovascular care, bariatric surgery, and diabetes. Other applications include chronic disease, perioperative care (readiness for the OR and enhanced recovery), the digital patient experience on the web or in an app, and the patient centered medical home.

If Lumeon can turn device data into better treatment, other clinical institutions and health care platforms should be able to do so as well. It’s time for health care to enter the 21st century and use the Internet of Things (or Internet of Healthy Things, as termed by Dr. Joseph Kvedar) for the benefit of patients.

Future of Mobile Devices Infographic

Posted on November 18, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The explosion of mobile devices and other connected devices is really quite astounding. It’s the start of what people call the IoT and it’s going to change everything including health care. You can see that in this Mobile Future infographic below. The thing that stood out to me was that 44ZB of data will be exchanged between connected devices by 2020. For those not familiar with ZB, that’s 1 trillion Gigabytes! Wow! Now that’s big data.

A Look at the Mobile Health Future Infographic

The Digitally Connected World – Opportunity for Healthcare

Posted on February 11, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I saw this pair of tweets (sometimes Twitter really works out like that) that made a big impression on me. I think many of us that are US centric forget about the mHealth opportunity world wide when it comes to healthcare. Maybe these tweets and images will help to bring that home to you like it did for me.