The European Union Agency for Network and Information Security makes security recommendations for “smart hospitals” that rely on interconnected IT assets, especially those that are based on the Internet of Things, recommending that they:
- Establish effective enterprise governance for cybsersecurity, including performing a cost-benefit analysis for IoT components, developing a BYOD and mobile device policy, and identifying how each component connects to other components or to the Internet.
- Implement state-of-the-art security such as smart firewalls, network monitoring, intrusion detection, encryption, and authentication and authorization.
- Publish IT security requirements for IoT components.
- Create a community for hospitals to share security information.
- Have an independent firm to conduct penetration testing and auditing.
- Support the adoption of information security standards by hospitals and have hospitals certified by independent experts as meeting those standards.
HIStalk Announcements and Requests
LinkedIn dwarfs other social media sites for professional use by poll respondents, with Twitter coming in a far-distant second. New poll to your right or here: how interested are you in health IT news from outside the US?
Thanks to the following sponsors, new and renewing, that recently supported HIStalk, HIStalk Practice, and HIStalk Connect. Click a logo for more information.
It must be end-of-year housecleaning – I know of at least three companies that have quietly replaced their CEOs in the past couple of weeks. Announcements will be forthcoming, I assume.
Listening: new from New Zealand-based No Wyld, which crafts darned good haunting, catchy hip-hop rock. I’m also desk-drumming to the new release from Finland’s legendary rockers Remu and the Hurriganes, which has played no-nonsense, American-sounding, pre-Beatles bluesy rock and roll since 1971.
HIStalk reader Mike left health IT eight years ago, but still reads regularly to stay in touch. He sent a $500 donation to my DonorsChoose fund, which was magically magnified by matching money to fund these teacher grant requests:
- An iPad videography kit for documenting the engineering design process in Mr. C’s middle school class in San Jose, CA.
- Two tablets for Mrs. M’s second grade class in Newport News, VA.
- A programmable robot for the library of Mrs. E’s elementary school in Greenwood, SC.
- Science books and kits for Ms. M’s elementary school class in Kansas City, MO.
- Replacement bulbs for the Smart Board projectors of Ms. L’s seventh grade class in Brooklyn, NY.
- A listening center and dry erase boards for Ms. M’s elementary school class in Houston, TX.
- A BreakoutEDU pre-calculus problem solving kit for Mrs. S’s high school class in Independence, MO.
- A document camera for Mrs. W’s elementary school class in Phoenix, AZ.
- Computer speakers and a tablet for Mrs. D’s elementary school class in McKees Rocks, PA.
- Supplies to run a writing master class taught by an award-winning author at the library of Ms. H’s high school in Long Island City, NY.
Several of the teachers above emailed after receiving notice Sunday that I had placed the donation, with Ms. L describing how important something as simple as replacement projector bulbs can be:
Thank you so very much for your generous donation to my science classes. I would have been forced to change my entire curriculum if it was not for your help. Due to the struggling economy, it is difficult to supply the classroom with all of the necessary materials. The Smart Board projector is such a valuable education tool that you have returned life to once again. You truly did a wonderful thing. Your assistance means so much to me but even more to my students. Thank you from all of us.
Last Week’s Most Interesting News
- UMass pays $650,000 to settle HIPAA charges over a 2013 malware infection in one of its component organizations that was not properly defined as part of UMass’s hybrid organization status.
- HIMSS and CHIME form HIMSS-CHIME International to manage their programs outside of North America.
- The Gates Foundation funds a project in which Factom will create a secure, transportable, patient-managed medical record powered by blockchain technology.
- President Obama expresses concern about maintaining a cohesive society and democracy as technology empowers its developers but marginalizes the value of other types of work, citing radiologists potentially losing their jobs to artificial intelligence.
- A study finds that conveniently located retail clinics don’t reduce unnecessary ED visits for minor “treat and release” conditions.
December 6 (Tuesday) 1:00 ET. “Get Ready for Blockchain’s Disruption.” Sponsored by PokitDok. Presenter: Theodore Tanner, Jr., co-founder and CTO, PokitDok. EHR-to-EHR data exchange alone can’t support healthcare’s move to value-based care and its increased consumer focus. Blockchain will disrupt the interoperability status quo with its capability to support a seamless healthcare experience by centralizing, securing, and orchestrating disparate information. Attendees of this webinar will be able to confidently describe how blockchain works technically, how it’s being used, and the healthcare opportunities it creates. They will also get a preview of DokChain, the first-ever running implementation of blockchain in healthcare.
December 7 (Wednesday) 1:00 ET. “Charting a Course to Digital Transformation – Start Your Journey with a Map and Compass.” Sponsored by Sutherland Healthcare Solutions. Presenters: Jack Phillips, CEO, International Institute for Analytics; Graham Hughes, MD, CEO, Sutherland Healthcare Solutions. The digital era is disrupting every industry and healthcare is no exception. Emerging technologies will introduce challenges and opportunities to transform operations and raise the bar of consumer experience. Success in this new era requires a new way of thinking, new skills, and new technologies to help your organization embrace digital health. In this webinar, we’ll demonstrate how to measure your organization’s analytics maturity and design a strategy to digital transformation.
ProMedica (OH) chooses Sectra’s cardiology imaging module.
AMIA selects incoming Regenstrief Institute President Peter Embi, MD, MS as chair-elect.
Announcements and Implementations
Massachusetts Governor Charlie Baker forms the Massachusetts Digital Healthcare Council to advise him on accelerating digital health innovation in the state.
Physical therapy telehealth platform vendor In Hand Health releases a new version of its patient engagement app that includes the ability for therapists to create video exercises on their smartphones, send them to individual patients, and track their exercise activity between visits. A 400-patient license for up to six physical therapists costs $800 per year.
Israel-based imaging analytics vendor Zebra Medical Vision announces a service in which patients can upload their medical images to receive an automated analysis for conditions such as osteoporosis, compression fractures, and emphysema, although the company notes that “our analysis does not replace a physician or a proper medical examination” and the service is not available in the US.
GE Healthcare announces several products at RSNA that include patient-controlled mammography pressure, an imaging collaboration suite, and enhancements to Centricity Solutions for Enterprise Imaging.
Privacy and Security
- The Fancy Bears hacking group that previously published the medical information of US Olympic athletes publishes internal emails from doping organizations that it obtained by phishing, with some of those emails suggesting that certain athletes were blood doping or using cocaine to lose weight.
- CHI Franciscan Health warns an unspecified number of patients that a laptop stolen from an employee contains their medical information. The employee’s stolen backpack also contained a day planner in which the employee had recorded his or her user ID and password.
- A security magazine warns that hackers might not only steal data, but intentionally change information to either make the data owner look bad or to benefit from the effects the altered data will cause, such as in stock market manipulation. DataBreaches.net ponders whether the next generation of hackers might go beyond ransomware attacks and instead change some patient records and offer sell the provider a list of the “before” and “after” values so they can correct them.
- Thieves place skimming devices on ATMS in four New York City hospitals, using tiny cameras to collect credit card information that they used to steal $46,000 from at least 75 people.
- A Georgia surgical practice notifies patients that its server was breached repeatedly over a six-month period by a hacker using a compromised EHR vendor’s password.
- In Canada, Nova Scotia’s Information and Privacy Commissioner recommends implementing electronic referrals after investigating several incidents in which mental health referrals were faxed by practices to a private business instead of a mental health clinic due to misdialing. The commissioner also recommended that physician practices identify one person to send faxes, pre-set the clinic’s number in their fax machines, set a reminder to check regularly that the clinic’s fax number hasn’t changed, and use cover sheets.
A security expert’s test finds that his new Wi-Fi $55 security camera was infected with malware just 98 seconds after it was installed, attacked by a worm that used the hidden, hard-coded default login and password.
A man sues CNN for airing photos of him taken in a hospital as he recovered from a gunshot wound that he says was inflicted by his friend, former pro football player Aaron Hernandez.
The Burlington, VT newspaper reviews the difficulty providers have had in attempting to launch services that compete with University of Vermont Medical Center, which uses its legal clout and political and business connections to protect its business interests. A group of eye doctors trying to open the state’s second ambulatory surgery center had their project killed by an antiquated certificate-of-need process and a developer’s lease that required them to ask another client of the developer — UVM Medical Center — for permission to build their surgery center, which the hospital opposed. Another doctor who attempted to build a similar center was opposed by the Vermont Association of Hospitals and Health Systems, which complained that its members would be hurt financially and that a market-driven ASC would undermine payment reform. UVM Medical Center complained that the ASC wasn’t needed because hospitals already have adequate capacity, warned that the ASC would create its own demand, and questioned how the hospital would get the ASC’s medical records if its patients showed up in the hospital’s ED with complications after hours.
A Wall Street Journal report notes that drug companies are increasing prices for specific drugs in lockstep with those of competing products, with examples being Viagra and Cialis (now at around $50 per tablet vs. $20 in 2013) and insulin that now retails for over $400 per month. The practice isn’t illegal as long as the drug companies haven’t agreed in advance to pursue such a strategy.
The cash crunch caused by India’s demonetization has driven a big uptick in telehealth visit volume as consumers seek services for which they can pay electronically.
Actor Chuck Norris, who I note with surprise is now 76 years old, describes improvements being made in the VA, specifically noting some of its technology projects:
In a 2015 briefing by VA Chief Information Officer Stephen Warren, it was pointed out that more than half of the VA’s proposed 2016 technology budget was earmarked toward delivering better outcomes for vets; to build out a tech infrastructure that supports customized health care tools for veterans. These tools were to include mobile and telehealth technologies, advanced electronic health records, and a new scheduling system. Also included was the beginning of a pilot program for a major 10-year investment in updating the VA’s aging telephone system. Warren described the programs as an enhanced part of “mission delivery” and a move to “veteran-focused outcomes versus an organizational-focused” outcomes. Progress on these efforts need to be reviewed and the public must be kept apprised.
Alabama internist Richard Snellgrove, MD is indicted for prescribing the opioids that killed 3 Doors Down lead guitarist Matthew Roberts in August 2016. Roberts was found dead in a Hampton Inn hallway with fentanyl patches applied to his body and filled Lortab and Xanax prescriptions in his backpack. The federal complaint cites a close friend who said Roberts was addicted to prescription painkillers and who told police, “If you want to arrest the drug dealer who killed [him], arrest his doctor.” The doctor, who had been described as a celebrity junkie who Roberts called “Snelly,” wrote a prescription for 240 methadone tablets for Roberts that cause other doctors to question his prescribing habits when they looked Roberts up in the state’s doctor-shopper database. The PDMP database also showed that the doctor wrote at least 31 controlled substance prescriptions for Roberts without a corresponding office visit, as evidenced by the lack of claims filed by the practice to his BCBS insurance.
- Qpid Health and Visage Imaging will exhibit at RSNA November 27-December 2 in Chicago.
- Data Center Knowledge profiles TierPoint CEO Jerry Kent.
- AdvancedMD donates 600 necessity bags to Ronald McDonald House Charities.
- Agfa Healthcare and Elsevier Clinical Solutions will exhibit and present at RSNA November 27-December 2 in Chicago.
- Besler Consulting releases a new podcast, “Three Ways to Succeed Under Emerging Payment Models.”
- HIMSS features Caradigm’s Michelle Vislosky’s thoughts on population health management capabilities.
- EClinicalWorks releases a recap video from its annual conference.
- Medicare’s New Payment Models and Technology’s Challenge to Keep Up (PMD)
- 5 Ways the Trump Presidency May Impact ONC (Point-of-Care Partners)
- Meaningful Use, Security Risk Assessments and HIPAA: How Do They Intersect? (Protenus)
- What won’t change with the election (and the next wave of health IT focus) (Nordic)
- Interoperability from Coast to Coast (Summit Healthcare)
- Taking the Pain Out of Prior Authorization (Surescripts)
- The Evolution of DxCG: Part Two (Verscend)
- Introducing the Versus Consulting Team (Versus Technology)
- Tapping into the EHR data flow to improve patient care (Infor)
- Customer Advocacy in Action (Vital Images)
- Why These VitalWare Employees are Thankful This Year (VitalWare)
- CMS OPPS 2017 Final Rule Shows Changes to Provider Based Status (ZirMed)
- 5 Mobile Apps I’m Thankful for This Year (AirWatch)
- How Do I Choose a Population Health Partner? (Arcadia Healthcare Solutions)
- CLE Team Participates in Gaming for a Cause (CoverMyMeds)
- 10 Reasons Why Value-Based Care Will Prevail in the Trump Administration (ECG Management Consultants)
- CMS Finalizes 2017 Physician Fee Schedule (E-MDs)
- Looking Beyond the EHR for True Patient Engagement (Evariant)
- Cancer Moonshot: Mini Blog Series (Galen Healthcare Solutions)
- Defining Your Terms: Do You Have the “Analytics” Solution You Really Need? (Hayes Management Consulting)
- Epic Community Connect: What Makes it so Beneficial for Healthcare Organizations? (HCI Group)