Bipartisan thinktank offers FDA fixes

July 28, 2015 in Medical Technology

The Bipartisan Policy Center has issued a set of recommendations to Congress that it says will speed up medical cures and innovation. Central to the recommendations in the report, “Advancing Medical Innovation for a Healthier America,” is the use of healthcare information technology for post-approval studies, new uses for medical devices and an improved approach to clinical studies.

“It’s time to take action to significantly advance medical innovation in the United States,” said former Senate Majority Leader Bill Frist, MD, in a BPC release announcing the report. “Americans cannot afford to rely on 20th century methodologies for treatments when the world is on the cutting edge of new medical technologies. Federal agencies must be equipped to keep the U.S. at the forefront of medical innovation.”

Among the BPC’s health IT-related recommendations: Congress should adopt standards including those “required for accurate identification and matching of patient data, provider identification, transport, terminologies, clinical models, clinical data query language, security, and application interfaces.”

Those standards would then be required for certified electronic health records, providers receiving incentives under meaningful use and any system receiving federal funding for health IT.

However, much of the report focuses on improving the Food and Drug Administration’s ability to work more quickly to evaluate and approve new devices and therapies. Doing so – with more data from health IT applications and patient reported data – would not only improve the health of Americans, the BPC claims, but also reduce costs and make American device manufacturers and drug developers more competitive in the global marketplace.

The BPC set its sights on the FDA in March, when it called on Congress to enable the Food and Drug Administration to use hospital electronic health records and crowd-sourced patient experience data to revolutionize drug and medical device approval.

At that time, Frist noted that the FDA did not have either the resources or the Congressional authority to take full advantage of the data generated by contemporary healthcare IT applications to speed up the approval processes for drugs and devices.

It also expressed concern that the FDA might claim oversight and approval for healthcare IT applications themselves.

The FDA disputes many of the claims the BPC has made about its ability to respond quickly. In a letter to Healthcare IT News last March, Karen Riley, MPH., the FDA’s Deputy Director for Strategy, wrote that the “facts simply don’t support” such assertions.

“Last year FDA approved the most new drugs in almost 20 years,” Riley wrote. “We approved more orphan drugs than ever before. We used the accelerated approval process for more drugs than ever before. FDA is approving drugs faster than all other advanced nations — 40 days faster than Japan, 70 days faster than Canada and 174 days faster than Europe. And our medical device center is on track to meet all performance goals related to device review and approval.”

In the report released Monday, the BPC transformed those concerns into policy recommendations for FDA. Among those specifically related to clinical and patient-generated data:

Improving the medical product development process:

  • Accelerate the generation and use of more relevant evidence—including data from both clinical and patient experience–to support post-approval study requirements, approval of new indications for existing medical products, and ultimately improved clinical trials for regulatory review.
  • Assure greater harmonization of international standards and requirements.
  • Improve the interoperability of health information technology (IT).
  • Improve and expand the qualification and use of new drug development tools, including biomarkers and patient-reported outcomes, and assure that patient perspectives are included in the benefit-risk assessment associated with regulatory decision-making.

Increasing regulatory clarity:

  • Assess the rapidly evolving field of precision medicine and develop a regulatory framework that promotes innovation, protects patient safety, and is flexible enough to accommodate rapid changes in science.
  • Clarify that health IT should not be regulated as a medical device. Recognize independent bodies that can develop and assure compliance with consensus standards and facilitate patient safety reporting to continually improve the development, implementation and use of health IT.

Much of the report’s recommendations dovetail with the 21st Century Cures bill, which passed the House of Representatives earlier this month and next goes before the Senate.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/bipartisan-thinktank-offers-fda-fixes

Bookmark and Share

Report Recommends Health IT Changes for 21st Century Cures

July 28, 2015 in News

On Monday, the Bipartisan Policy Center released a report with recommendations to improve the 21st Century Cures Act (HR 6) and accelerate medical innovation, Modern Healthcare reports (Ross Johnson, Modern Healthcare, 7/27).

Background

Earlier this month, the House voted 344-77 to advance the 21st Century Cures Act, which includes several health IT and interoperability provisions.

The Senate is writing its own version of the bill, and it is not yet clear what a compromise measure would include. Bill supporters in the House hope to bring the compromise measure to a vote in the fall (iHealthBeat, 7/10).

Recommendations

The report highlights four policy issues that seek to reduce the time and cost associated with developing new drugs and medical devices (Modern Healthcare, 7/27).

Under the policy issues are several health-IT related actions. For example, BPC recommended that Congress improve interoperability among health IT systems as a way to improve the medical product development process (BPC release, 7/27).

The report, among other things, recommended that Congress require:

  • The federal government to adopt standards for health IT, including those for electronic health records and accurate patient data matching;
  • Federal agencies to annually report on their compliance with such standards; and
  • Testing and validation of standards adoption and systems interoperability.

According to the report, the Office of Management and Budget and the Office of the National Coordinator for Health IT should be responsible for identifying the standards, and the standards should be published every 12 months (BPC report, July 2015).

Meanwhile, the report recommended that Congress clarify regulatory authority, including that related to health IT (BPC release, 7/27). Specifically, the report stated Congress should:

  • Make it clear that health IT should not be regulated as a medical device by FDA, except for cases when the HHS secretary determines a product poses a significant risk to patient safety;
  • Require HHS to allow independent entities to develop voluntary standards, measure compliance and facilitate voluntary patient safety data reporting as a way to improve the use of health IT; and
  • Require HHS to extend privacy protections to health IT developers in order to help them report and receive patient safety data (BPC report, July 2015).

Former Senate Majority Leader and BPC Senior Fellow Bill Frist (R-Tenn.) said, “It’s clearly time to take action to significantly advance medical innovation in the [U.S.]” (Modern Healthcare, 7/27).

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/TLqWWKt6vuA/report-recommends-health-it-changes-for-21st-century-cures

Bookmark and Share

Pending MU rules making hospitals, EHR vendors sweat

July 27, 2015 in Medical Technology

The process has been repeated time and again: Regulators issue proposed rulemaking, stakeholders comment, a final version manifests. So what, this time, has the industry concerned in the case of two pieces of meaningful use?

Timing. And there’s precious little of it left before hospitals and vendors find themselves in a real bind.

Both healthcare providers and electronic health record vendors, in fact, are anxiously waiting for the Centers for Medicare Medicaid Services to release final rule changes to meaningful use regulations for 2015 through 2016, expected before Labor Day – in addition to final rules for meaningful use Stage 3 for 2017 and beyond, widely anticipated to drop before year’s end.?

Indeed, this time crunch is as big of a deal as it looks. Here’s why: In the 2015/2016 proposed rule, all hospitals and eligible providers would be able to attest to 90 consecutive days of meaningful use for 2015 only, instead of an entire year.

If CMS makes the 90-day attestation period available in the final rule, the latest date that providers could begin recording meaningful use data would be Oct. 1.

That means until CMS delivers the rules EHR vendors cannot update their systems accordingly and, in turn, hospitals are left waiting on those upgrades before they can start the next phase of meaningful use.

What’s more, an exact date when the rules will come out is anyone’s guess, said Jason Fortin, senior advisor at consultancy Impact Advisors. So he’s playing it safe by checking the Federal Register three times a day.

GE Healthcare vice president Mark Segal – he’s also chair and vice chair emeritus of the HIMSS EHR Association – said changes to the measures themselves from what was proposed in April will likely be minimal.

Even still, two sticking points both Segal and Fortin would like to see clarification on include measures for population health management and patient electronic access.

Leslie Krigstein, interim vice president of public policy at the College of Healthcare Information Management Executives said CHIME is pleased that CMS listened to the industry’s concerns and included changes in the proposed rule for 2015/16 that would allow the 90-day reporting period and some other flexibility – but noted that if the final rule isn’t released soon, these added proposals won’t have the intended effect.

“We are urging and pleading with CMS to get the modification rules out there,” she said.

Krigstein added that if all else fails, CIOs could still make things work if  CMS would release just the 2015 portion of the rule by August and followed with the 2016 portion later.?

“In reality, 2016 is going to come with more changes and with a year-long reporting period,” she added, understanding that these might take more time before they can be released.

As a backdrop to all the waiting, some members of Congress are using the time to propose ways of blocking meaningful use into the future.  The American Medical Association added heat to that fire with a late July town hall meeting to voice complaints about electronic health records and meaningful use, attended and endorsed by House Budget Committee Chair Tom Price, MD (R-Ga).  

GE’s Segal said the added scrutiny from Congress is probably not making things any easier for CMS when it comes to getting these two critical rules released.

Diana Manos is a Washington, D.C.-based freelance writer with specialties in healthcare, technology, politics and policy.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/pending-mu-rules-making-hospitals-ehr-vendors-sweat

Bookmark and Share

Recently Reported Data Breaches Could Affect Thousands of Patients

July 27, 2015 in News

Several U.S. health care organizations recently have disclosed data breaches, potentially affecting thousands of individuals.

Meritus Health Data Breach

Meritus Health in Maryland has notified 1,029 individuals that their information could have been compromised after an employee at one of the medical center’s vendors might have accessed their data outside of normal job functions, Health IT Security reports.

The hospital uncovered the breach on May 4 during “routine compliance and self-audit efforts.” The inappropriate data access likely occurred between July 2014 and April 2015.

Potentially compromised data included:

  • Ages;
  • Birthdates;
  • Health insurance information;
  • Medical record numbers;
  • Names;
  • Social Security numbers; and
  • Treatment and/or diagnostic information.

Financial information was not affected by the breach.

The medical center said there is no evidence that the information has been misused.

Meritus Health has suspended the employee’s access to its system and launched an investigation. In addition, the medical center is “working to further strengthen controls related to vendor access to patient information” and “enhancing its existing system monitoring capabilities with regard to vendor access” (Snell, Health IT Security, 6/30).

OhioHealth Riverside Methodist Hospital Data Breach

OhioHealth Riverside Methodist Hospital is notifying nearly 1,000 individuals about a potential data breach after an unencrypted thumb drive with patient information went missing, the Columbus Dispatch reports.

The thumb drive was last used on an OhioHealth computer on April 14 and was labeled missing on May 29.

The thumb drive holds data on patients who were valve-replacement candidates or had taken part in research projects on the procedure between July 2010 and December 2014. Information on the device included:

  • Birthdates;
  • Insurance companies;
  • Medical record numbers;
  • Names;
  • Physicians;
  • Referral and treatment dates; and
  • Types of procedures.

The thumb drive also has clinical information and Social Security numbers for some patients.

OhioHealth said it does not believe that the thumb drive was stolen or that its data have been used inappropriately.

However, the health system said it has suspended use of thumb drives in the department where the thumb drive was lost. In addition, OhioHealth plans to implement encrypted thumb drives systemwide (Sutherly, Columbus Dispatch, 7/27).

Orlando Health Data Breach

Orlando Health has notified about 3,200 individuals of a data breach after a nursing assistant accessed patient records outside of normal job responsibilities, Becker’s Health IT CIO Review reports.

The breach was discovered on May 27 during a routine patient record access audit (Jayanthi, Becker’s Health IT CIO Review, 7/6).

It is unclear what data were viewed, but the patient records included:

  • Addresses;
  • Birthdates;
  • Medications;
  • Medical tests and results;
  • Names; and
  • The last four digits of Social Security numbers (Snell, Health IT Security, 7/6).

The employee, who has since been fired, also may have accessed insurance information on a “limited number” of patients.

The health system said there is no evidence that the data have been used or removed from the hospital.

Orlando Health said, “We are … re-educating our workforce members and increasing our already vigilant program of auditing and monitoring of patient record access” (Becker’s Health IT CIO Review, 7/6).

University of Pittsburgh Medical Center Data Breach

The University of Pittsburgh Medical Center has reported a data breach affecting 722 patients after a file containing health data was emailed to the wrong address, Health IT Security reports.

The incident was discovered on June 4 and reported to HHS on July 2.

Information in the file included:

  • Birthdates;
  • Insurance plan types;
  • Member identification numbers;
  • Phone numbers; and
  • Primary care physician office names.

The file did not contain Social Security numbers or medical histories.

William Gedman, chief compliance officer at UPMC’s insurance services division, said, “Based on our ongoing investigation, we will make all changes necessary to further enhance our already stringent privacy protections” (Snell, Health IT Security, 7/16).

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/c2NEvsJCBPg/recently-reported-data-breaches-could-affect-thousands-of-patients

Bookmark and Share

4 questions to consider when working with a payer on an ACO

July 27, 2015 in Medical Technology

The shift to value-based health care models is gaining speed, and providers can prepare for the transition by assessing their own readiness and unique needs. The Department of Health and Human Services set a goal to have 50 percent of traditional Medicare’s $362 billion in annual payments go to providers in value-based models by 2018.

The Health Care Transformation Task Force, which brings together patients, payers, providers and purchasers, has pledged that its members will put 75 percent of their business into these models by 2020. As a member of the task force, Aetna shares this goal.

Creating a sustainable business model in the era of value-based payments and care models depends not only on transforming, but also on growth. To enable growth, providers can align the value-based care contract model with their clinical model and state of readiness. There are four questions each organization should consider to determine the best path forward.

Four key questions to inform the accountable care journey:

1. Is your organization ready to invest in the necessary technology and tools?? To begin, calculate the financial investment needed for population health. This involves assessing your organization’s alignment of people, processes and technologies across key functions. These functions include informatics, care management and patient engagement.

You can then identify major gaps in the shift away from volume-based care. This will help you develop a financial analysis and a transformational roadmap with priorities and timing to close gaps.?

2. Are you prepared to design and implement an incentive structure that rewards doctors who meet quality, efficiency and patient-satisfaction measures? ?Assisting doctors in the transition to value-based care involves:

  • Engaging them in the development of new care processes that integrate the entire care team
  • Involving them in accountable care organization leadership to promote transparent practice patterns, quality and efficiency
  • Aligning payment and incentives with performance goals
  • As part of this effort, it is essential to deliver quality and cost metrics that help doctors accurately gauge their progress toward meeting targets.

3. How will you redesign your care delivery system to focus on keeping people well instead of a focus on sick care?? Population health represents a new approach to care, and clinical and financial integration will help smooth the transition. Claims analytics can reveal where care protocols are widely inconsistent. You can then identify opportunities for improving efficiency and quality improvements through care coordination.

Care managers play an important role. Whether they are based remotely or embedded in the practice, these care managers can supply more consistency and coordination. This helps make the care delivery system more proactive and patient-centered. Simple care-access measures, such as longer hours for primary care appointments, can help to reduce emergency room visits.

4. What steps will you take to support and encourage growth? ?To succeed in adding new revenue streams, take measures to:

  • Expand your network strategically
  • Grow your patient base
  • Maximize in-network care delivery

It’s important to help affiliated providers in adopting your system. Analytics can reveal where patients are going out of the network for care. You can then take actions to reduce unnecessary out-of-network care. Payers can help drive patients to the ACO with referral management and strategies that build loyalty and attract new patients.   

Getting started in collaboration
As you begin your accountable care journey, look to payers for industry knowledge and assistance in assuming risk, expanding distribution channels and improving care coordination. By joining forces, you can also benefit from a payer’s:

  • Expertise in financial risk management
  • Population health management tools, technology and expertise
  • Broad distribution channels to attract members
  • Insurance operations and administrative platform

Preparing for a value-based future
Early results show that value-based models improve clinical and financial outcomes. In September 2014, Centers for Medicare Medicaid Services reported Pioneer ACO performance year-two results. ACOs generated estimated total savings of more than $96 million. They qualified for shared savings payments of $68 million and saved Medicare Trust Funds approximately $41 million. They also improved in 28 of 33 quality measures, with a general increase of 14.8 percent.

Collaborations between payers and provider organizations are evolving to generate real savings in this changing landscape. This can happen more quickly with full commitment on both sides of the collaboration. By taking the time today to assess readiness, deploy the right technologies and align new payment models with cost, quality and patient-satisfaction goals, your organization can take on more risk and prepare for a sustainable, value-based future in the coming years and beyond.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/4-questions-consider-when-working-payer-aco

Bookmark and Share

NIST Releases Draft Guidance To Bolster Security of Mobile Devices

July 27, 2015 in News

On Thursday, the National Institute of Standards and Technology released draft guidance to help health IT professionals bolster the security of smartphones and tablets used by health care providers, IDG News Service/Computer World reports.

Background

Providers are increasingly using tablets and smartphones to complete tasks, such as:

  • Accessing patient data;
  • Transferring electronic health records; and
  • Submitting electronic prescriptions.

However, the devices might not have security features stringent enough to protect patients’ private health data. NIST wrote in the guidance, “Mobile devices are being used by many providers for health care delivery before they have implemented safeguards for privacy and security” (O’Connor, IDG News Service/Computer World, 7/24).

Details of Guidance

NIST developed the guidance along with private-sector cybersecurity experts from academia and the private sector (Ravindranath, Nextgov, 7/24).

The guide includes detailed explanations of how health IT professionals can implement security procedures throughout an organization’s whole IT system. For example, the guide provides instructions on how to:

Connect Android and Apple mobile devices to commercial mobile device management cloud platforms;

  • Create mobile device certificates;
  • Set up Linux-based firewalls; and
  • Set up other security technologies.

The guide does not provide specific product recommendations, but it does mention commonly used products that can be easily integrated into organizations’ current IT infrastructure.

In addition, the guide discusses which security risks pose the most significant threats to protecting patient data, including:

  • Hackers exploiting weak system passwords; and
  • Stolen devices.

Further, the guide includes an analysis of a mock IT system that was subjected to numerous security attacks and offers advice on how organizations can respond, such as by:

  • Implementing access controls to prevent hackers from viewing patient information after they have breached the system; and
  • Remotely wiping stolen mobile devices that have access to patient records.

According to IDG/Computer World, NIST will accept public comments on the guide until Sept. 25 (IDG News Service/Computer World, 7/24).

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/Ft_zbQq0PZ4/nist-releases-draft-guidance-to-bolster-security-of-mobile-devices

Bookmark and Share

Why the EHR market continues to grow

July 27, 2015 in Medical Technology

Paper-based records are being phased out at a rapid pace in healthcare, and digitization and virtualization are creating a whole market within the global healthcare industry, according to Transparency Market Research, or TMR, whose researchers say the trend will continue until 2020.

The ball has been set rolling with more than 54 percent physicians in the U.S. adopting electronic health record systems, as of 2011, researchers point out the estimates reported by the U.S. Centers for Disease Control. In the same year, 50 percent of physicians who were not already using an EHR system said they planned to invest in one within the next 12 months.

[See also: EMR market to grow even without carrot.]

A similar change is taking place in the U.K., where the National Health Service is slated to go entirely paperless by 2018.

The global electronic health records market is projected to show a CAGR of 6.4 percent between 2014 and 2020. This marks an imminent phase of moderate growth that will largely be seen in traditional markets, according to TMR.

The global EHR market can be segmented based on the way the EHR systems are installed as Web-based or client server-based. Client server-based accounted for the better part of the market share in 2013, when considered from the revenue perspective. But, the CAGR of web-based EHR systems is expected to be higher through 2020 largely because the systems have only a nominal upfront cost, and do not call for the installation of hardware systems and components.

The market for EHRs can also be classified based on the end-users who purchase such systems. Hospitals were the dominant segment by revenue in 2013, as 90 percent of all hospitals in the United States had a certified EHR system in 2013, according to the Annual Health IT Survey conducted by the American Hospital Association.

[See also: EMR market surpasses $23 billion and EHR vendor marketshare and MU attestations by vendor.]

Most of the hospitals opted for a client server-based EHR because it facilitates faster data transmission between multiple facilities when compared with cloud-based electronic health record systems, according to TMR findings. However, the future growth prospects of the ambulatory centers end-user type are expected to be most promising for cloud-based vendors. With minimal or no upfront costs to ambulatory centers, cloud-based EHR systems offer an appealing solution, say researchers.

About 42 percent of the total global EHR market was held by North America in 2013. The second largest market was Europe, followed by Asia Pacific. Until 2020, these rankings are unlikely to change, as North America will continue to hold a lead over other regional markets supported by solid government funding, according to TMR.

The EHR market is gathering steam in Australia and New Zealand as well as Asian countries such as China, Japan and India. The three Asian economies will exhibit the fastest growth, and will grow consistently to contribute to a major chunk of the market revenues by 2020, according to the report. 

The leaders in the electronic health records market have a grip on more than 50 percent of all revenues. The leading players include: Cerner, Epic, Allscripts, GE Healthcare and Epic Systems, according to TMR.

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/why-ehr-market-grow-2020

Bookmark and Share

CMS Updates Star Ratings on Hospital Compare Website

July 27, 2015 in News

Last week, CMS updated the star ratings on its Hospital Compare website, showing an increase in the number of five-star hospitals, Healthcare Finance, reports (Powderly, Healthcare Finance, 7/23).

Background

In April, the agency released its first five-star ratings for hospitals as part of a broader effort to offer star ratings on all of CMS’s consumer-facing Compare websites. Medicare first began using star ratings in 2008, when it applied them to nursing homes. It has recently implemented similar programs for home health providers, dialysis facilities and large group practices.

The hospital rating system offers a star rating based on the 11 publicly reported measures in the Hospital Consumer Assessment of Healthcare Providers and Systems survey, which assesses patient experiences (iHealthBeat, 4/16).

Details of Data Update

The updated ratings are based on HCAHPS survey results for the reporting period from October 2013 to September 2014. CMS plans to update the rankings every quarter (Healthcare Finance, 7/23).

In total, CMS awarded five-star ratings to 336 — or about 9.5% — of the 3,548 eligible hospitals, up from 251 of the 3,553 eligible hospitals in April. In addition:

  • 1,296 hospitals– or about 36.5% — received four stars;
  • 1,320 hospitals — or about 37% — received three stars;
  • 475 hospitals — or about 13.5% — received two stars; and
  • 121 hospitals — or about 3.5% — received one star.

CMS did not rate 1,108 hospitals because the agency did not have adequate patient experience data for the facilities during the survey period (HCAHPS survey data, July 2015).

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/olMrAW_boU8/cms-updates-star-ratings-on-hospital-compare-website

Bookmark and Share

Hackers hit business associate, swipe PHI and Social Security numbers

July 27, 2015 in Medical Technology

2015 thus far has been the year of hackers targeting the healthcare industry. And they don’t appear to be slowing down. Just last week, another business associate notified individuals that their protected health information was stolen following yet another “sophisticated cyberattack.”

Medical Informatics Engineering, the Fort Wayne, Ind.-based electronic health record provider and parent company of NoMoreClipboard, is updating an earlier breach notification with additional details.

[See also: Hackers swipe data of 4.5M at UCLA Health System in massive cyberattack.]

In a notice last week, MIE officials notified affected individuals that their Social Security numbers, lab results, medical conditions, demographic data, children’s names, health insurance policies and sign-on security details were compromised in a cyberattack that transpired May 7. The unauthorized access by hackers continued until three weeks later, when MIE officials detected “suspicious activity” on one of its servers.

MIE officials did not respond to Healthcare IT News‘ inquiry as to how many individuals were impacted by the breach.

Patients who received radiology services at 44 locations across Indiana, Michigan and Ohio were affected by the breach. Affected providers include Concentra; Fort Wayne Radiology Association; Parkview Hospital in Indiana; and Community Memorial Hospital in Hicksville, Ohio, among others.

According to the EHR provider, the company has instituted a “universal password reset,” improving password rules and storage mechanisms and boosting active system monitoring.

[See also: Hospital system fails mock cyberattack.]

Medical Informatics Engineering accounts for only a paltry 0.1 percent of the EHR market for providers, according to the most recent data from the Centers for Medicare Medicaid Services. As of spring 2015, only 261 eligible providers had reported using the company’s EHR. No hospitals reported being on the system.

MIE’s cyberattack follows a series of cyberattacks targeting the healthcare industry this year and last. Earlier this month, UCLA Health system notified 4.5 million patients that their protected health information was compromised in a hack that occurred back in September 2014.

In the largest HIPAA breach ever reported, Anthem in February notified nearly 80 million of its members and employees that their Social Security numbers and personal data were swiped in a cyberattack.

Premera Blue Cross followed closely behind after announcing in March it too was the target of a similar attack compromising the data of 11 million of its members.

[See also: Anthem hack: 'Healthcare is a target'.]

Since 2009, some 139 million people have had their protected health information compromised in a large HIPAA privacy or security breach, according to data from the Office for Civil Rights, the HHS division responsible for HIPAA compliance. In this count, only breaches involving 500 or more individuals are included.

What’s more is that hacking and/or IT events account for the lion’s share of that total number. Nearly 76 percent of those individuals had PHI compromised due to hacking-related events, including cyberattacks. 

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://www.healthcareitnews.com/news/hackers-hit-business-associate-swipe-phi-social-security-numbers

Bookmark and Share

Report: Incentives, Development Process Hinder EHR Interoperability

July 27, 2015 in News

Electronic health record vendors are lagging in interoperability and will continue to do so until incentives and development processes change, according to a report by Chilmark Research, MedCity News reports (Versel, MedCity News, 7/24).

Report Findings

According to the report, perceptions of EHR technology differ among vendors and consumers.

The researchers wrote, “Most of the major vendors regard their core clinical systems as comprehensive and inviolable — few readily admit that provider demands are broader than existing EHR feature sets.” The report added, “This stance glosses over the functional gaps, disorganized clutter and general lack of usability in EHRs.”

According to EHR Intelligence, the issue has become more noticeable amid the shift to value-based payment models under which data sharing is necessary.

One obstacle to data sharing is the limited adoption of application programing interfaces, and vendors should reconsider their value, according to the report.

However, some EHR vendors have raised concerns about opening up their systems via increased use of APIs. According to the report, “A prevailing view in health IT has been that opening applications to developers increases the risk that customers could more readily migrate to a competitor.”

The report noted that the leading candidate for API use in health care is the Fast Healthcare Interoperability Resource because of its “relative programming simplicity and better support for discrete data access” (Murphy, EHR Intelligence, 7/24).

However, FHIR is still being developed, and the report cautions against relying too heavily on it (MedCity News, 7/24).

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Article source: http://feedproxy.google.com/~r/Ihealthbeat/~3/GCgoDQm15JI/report-incentives-development-process-hinder-ehr-interoperability

Bookmark and Share