Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Small Grounds for Celebration and Many Lurking Risks in HIMSS Survey

Posted on March 12, 2018 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

When trying to bypass the breathless enthusiasm of press releases and determine where health IT is really headed, we can benefit from a recent HIMMS survey, released around the time of their main annual conference. They managed to get responses from 224 managers of health care facilities–which range from hospitals and clinics to nursing homes–and 145 high-tech developers that fall into the large categories of “vendors” and “consultants.” What we learn is that vendors are preparing for major advances in health IT, but that clinicians are less ready for them.

On the positive side, both the clinicians and the vendors assign fairly high priority to data analytics and to human factors and design (page 7). In fact, data analytics have come to be much more appreciated by clinicians in the past year (page 9). This may reflect the astonishing successes of deep learning artificial intelligence reported recently in the general press, and herald a willingness to invest in these technologies to improve health care. As for human factors and design, the importance of these disciplines has been repeatedly shown in HxRefactored conferences.

Genomics ranks fairly low for both sides, which I think is reasonable given that there are still relatively few insights we can gain from genetics to change our treatments. Numerous studies have turned up disappointing results: genetic testing doesn’t work very well yet, and tends to lead only to temporary improvements. In fact, both clinicians and vendors show a big drop in interest in precision medicine and genetics (pages 9 and 10). The drop in precision medicine, in particular, may be related to the strong association the term has with Vice President Joe Biden in the previous administration, although NIH seems to still be committed to it. Everybody knows that these research efforts will sprout big payoffs someday–but probably not soon enough for the business models of most companies.

But much more of the HIMSS report is given over to disturbing perception gaps between the clinicians and vendors. For instance, clinicians hold patient safety in higher regard than vendors (page 7). I view this concern cynically. Privacy and safety have often been invoked to hold back data exchange. I cannot believe that vendors in the health care space treat patient safety or privacy carelessly. I think it more likely that clinicians are using it as a shield to hide their refusal to try valuable new technologies.

In turn, vendors are much more interested in data exchange and integration than clinicians (page 7). This may just reflect a different level of appreciation for the effects of technology on outcomes. That is, data exchange and integration may be complex and abstract concepts, so perhaps the vendors are in a better position to understand that it ultimately determines whether a patient gets the treatment her condition demands. But really, how difficult can it be to be to understand data exchange? It seems like the clinicians are undermining the path to better care through coordination.

I have trouble explaining the big drops in interest in care coordination and public health (pages 9 and 10), which is worrisome because these things will probably do more than anything to produce healthier populations. The problem, I think, is probably that there’s no reimbursement for taking on these big, hairy problems. HIMMS explains the drop as a shift of attention to data analytics, which should ultimately help achieve the broader goals (page 11).

HIMSS found that clinicians expect to decrease their investments in health IT over the upcoming year, or at least to keep the amount steady (page 14). I suspect this is because they realize they’ve been soaked by suppliers and vendors. Since Meaningful Use was instituted in 2009, clinicians have poured billions of dollars and countless staff time into new EHRs, reaping mostly revenue-threatening costs and physician burn-out. However, as HIMSS points out, vendors expect clinicians to increase their investments in health IT–and may be sorely disappointed, especially as they enter a robust hiring phase (page 15).

Reading the report, I come away feeling that the future of health care may be bright–but that the glow you see comes from far over the horizon.

HIMSS: Insider Threats Still Biggest Health IT Security Worry

Posted on February 27, 2014 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

You can do whatever you like to lock down your data, but  it if they do they do it did buy a block of members of the earth is the work doesn’t go for all it takes is one insider who knows how to unlock it to create a serious security breach.

Results from the 2013 HIMSS Security Survey suggest that despite progress towards hardening security and use of analytics, healthcare organizations must still do more to mitigate the risk of insider threat, such as the inappropriate access of data via employees.

The HIMSS survey, which was supported by The Medical Group Management Association and underwritten by Experian Data Breach Resolution, surveyed 283 information technology and security professionals employed in US hospitals and physician practices. What the researchers found was that the greatest “that motivator” was that of healthcare workers potentially snooping into EMRs to find friends, neighbors, spouses or coworkers.

Given that healthcare IT leaders are particularly concerned about inappropriate use of health data by insiders, you won’t be surprised to hear that there’s been an increase use of several technologies related to access to patient data, including user access control and audit logs in each access to patient records.

But you may be surprised to learn that of the 51 percent of respondents increase the security of the past year, 49 percent of these organizations are still spending just 3 percent  or less of their overall IT budget on securing patient data.

Other findings from the HIMSS survey include that healthcare organizations are using multiple means of controlling employee access to patient information;  67 percent use at least two mechanisms, such as user base and role-based controls, for controlling access the data.