I like much of what you wrote, with one exception: AI. I'd make AI a marketing highlight of the new…
Morning Headlines 4/28/14
Cover Oregon: $248 million state exchange to be jettisoned in favor of federal system
Oregon’s health insurance exchange program will be dissolved and replaced by the now functional Healthcare.gov site. Oregon spent $248 million trying to bring its exchange live, but failed to enroll a single person.
It’s Insanely Easy to Hack Hospital Equipment
Fargo, ND-based health system Essentia Health asks its head if IT security to thoroughly evaluate its network for security vulnerabilities. Two years later, the team reports that they were able to hack into the hospital’s EHR system and its imaging system. In addition, they were able to hack into and change the settings on drug infusion pumps, wireless defibrillators, and refrigerators that store blood products.
2015 Edition EHR Standards and Certification Criteria Proposed Rule
The HIMSS EHR association publishes its comments to ONC’s proposed 2015 EHR certification criteria. EHRA’s primary concern is that there is not enough time left after final rules are published for vendors to properly code and test enhancements. The association is requesting an 18-month window be built into the timeline for coding and testing to take place before customers are expected to be live with the new features.
Hacker group Anonymous targets Children’s Hospital
Hacker group Anonymous is suspected of recent hacking attempts on Boston Children’s Hospital’s networks. Anonymous threatened to initiate attacks after a doctor from the hospital brought medical child-abuse charges against the parents of a patient, leading to the child being removed from the parent’s custody.
Did the Essentia person actually hack into the EHR or did they say that they could affect the data in the EHR because they could hack into the feeder systems that transmit their data to the EHR?
Here’s what the person (Everen said):
A lot of the web services allow unauthenticated or unencrypted communication between the devices, so we’re able to alter the info that gets fed into the medical record … so you would get misdiagnosis or get prescriptions wrong,” he says. “The physician is taught to rely on the information in the medical records … [but] we could alter the data that was feeding from these systems, due to the vulnerabilities we found.”
In the interest of accuracy, was this a breach of an Electronic Health Information system, or a breach of a feeder system?