Home » Readers Write » Recent Articles:

Readers Write: Would We Do It All Again? Insights from a Designated QHIN Regarding the Application Process

February 5, 2024 Readers Write No Comments

Would We Do It All Again? Insights from a Designated QHIN Regarding the Application Process
By Jay Nakashima

Jay Nakashima, MBA is executive director of EHealth Exchange of Vienna, VA.


I was asked recently, “Would we do it all again?” Knowing what we know now, would we still have been among the first organizations to apply to become a Qualified Health Information Network (QHIN) under the Office of the National Coordinator for Health IT’s (ONC) Trusted Exchange Framework and Common Agreement (TEFCA)?

Honestly, the answer is yes. But I’m glad it’s behind us.

There’s no doubt the QHIN process was a necessary step toward achieving nationwide healthcare interoperability. As the nation’s first federally endorsed health information exchange that already exchanges 21 billion transactions annually and in all 50 states, there was never a question whether EHealth Exchange would participate in the process.

But it was not always an easy and straightforward process to becoming one of the first Designated QHINs. As anyone who has developed a new system or process knows, what makes perfect sense in planning doesn’t always work out as intended. Unforeseen challenges pop up, and things need to be tweaked and adapted. We expected that.

Now that we’ve had a chance to take a breath and regroup after achieving QHIN designation, it seemed like a good time to share some thoughts and perspective to help others going through the application process.

The healthcare industry is slow to adopt new technology. After all, we’ve been talking about nationwide interoperability for more than 15 years, and while we have made great strides, it is not ubiquitous. The QHIN application process, by comparison, is incredibly fast. The timeline to accomplish various tasks can be remarkably short, sometimes only a few days or weeks in between deadlines. To keep up, an applicant must be prepared to move quickly because once an application has been accepted for testing, Candidate QHINs have 12 months to achieve designation status.

One thing that helped EHealth Exchange was that our team got started well before we entered the official application process. We looked at the proposed language in the QHIN Technical Framework (QTF), which was published in 2022, and spent more than six months ensuring that we closed any gaps between EHealth Exchange’s technology platform and our policies to ensure compliance with TEFCA requirements, standard operating procedures, and protocols. By the time the application was released, we were ready.

This process — and more importantly, the responsibility of becoming a QHIN — is not for the faint of heart. It was a two-year process for EHealth Exchange, and the work doesn’t stop after designation. For those entering the application process now, it’s worthwhile to review the requirements and begin tackling initial tasks before the clock starts.

Although the applicant QHINs were market competitors, we also were all working to achieve the same thing, which gave us a compelling reason to collaborate. Many applicants turned to each other for assistance, and we even began early testing together, unprompted by the government. Candidly, I thought that competition might hinder our abilities to work effectively together, and I am happy to say that that never surfaced. We were all a team working together toward a collective goal.  As others go through the QHIN application process, we would encourage a similar level of appropriate and compliant cooperation with your fellow applicants and Designated QHINs. After all, we all win with national interoperability. 

It’s always easier to drive on a freshly paved road, and I like to think that, along with our future QHIN exchange partners, EHealth Exchange helped pave the way for the next applicants.  As I said before, any new process – particularly one with the level of technical complexity that health data exchange demands – is going to run into unforeseen problems. And boy, did we encounter a lot of them. Steps have been refined. Some requirements have been clarified or adjusted, and new ones have been added. 

For example, each Candidate QHIN had to create its own terms and conditions. In Common Agreement Version 2.0, the Recognized Coordinating Entity (RCE) is proposing a standard set of terms and conditions that each QHIN, and its participants and sub-participants, must adopt to participate in TEFCA, which is a simpler and more consistent approach. The process is now better documented and defined, and I am optimistic that those changes will make it easier for other applicants. 

While I wouldn’t volunteer to repeat the journey we took, for new applicants, you should have no qualms undertaking the application process. Not only because it has been tried and refined, but also because I believe deeply in its value. I’m excited to see TEFCA come to life and to bring our experience to bear in support of our future QHIN exchange partners, the RCE, and most importantly, the American health system and the patients whose care depends on nationwide exchange.

Readers Write: More Technology is Not Always Better in Specialty Medication Workflows

February 5, 2024 Readers Write No Comments

More Technology is Not Always Better in Specialty Medication Workflows
By Julia Regan

Julia Regan, MBA is founder and CEO of RxLightning of New Albany, IN.


Over the past decade, there has been a consistent promise made that technology would make provider and care team lives easier. However, the proliferation of EHRs, point solutions, manufacturer and vendor portals, and digital devices have made various processes not only more cumbersome, but more confusing and frustrating.

In specialty medication onboarding specifically, an HCP may need to visit upwards of 40 portals or websites throughout their day to check patient benefits, submit prior authorization, find and complete enrollment forms from various manufacturers, collect patient consent, and track enrollment statuses. It’s no wonder that healthcare is facing a burnout crisis.

As technology has become ubiquitous, it has created an additional challenge for biologic coordinators and medication access teams, especially those that work to support patients with complex treatment plans or work across therapeutic specialties. This, in turn, increases cognitive load, screen time, and clicks, slowing the completion of the necessary steps in a patient’s care journey and decreasing overall speed-to-therapy.

As an example of portal fatigue, a medication access team member at a large health system may need to support an oncology patient who is prescribed multiple brand name specialty medications, each of which requires portal access to obtain assistance. One of the drugs may have a manufacturer-sponsored co-pay assistance program, another may be eligible for foundation assistance, while another may need additional approvals via prior authorization. In order to effectively support this patient through their medication access journey, multiple portals and logins are required.

Instead of the common perspective that “more technology = better,” we must shift to a new perspective that says that “unified, purpose-built – even less – technology = better.” Instead of forcing teams to scour the web for up-to-date manufacturer forms, why not house all forms, and enable submission and delivery of those forms, in one solution? Instead of routing a form for patient and provider signatures via a distinct process, why not enable seamless signature collection at the point of care? Instead of manually researching affordability options — foundations, PAP, co-pay, etc. — on a variety of sites, why not integrate those options into the same portal where the forms and signatures live? Creating a uniform, digital entry point that leverages a repeatable process for any drug, any manufacturer, and any patient can significantly reduce cognitive load and burnout.

As I’ve had conversations with providers, care teams, and medication access specialists over the past few years, the more I’ve realized that “more technology ≠ better.” As patients enter and exit their offices, they wish for integrated, intuitive, secure technologies that minimize work and accelerate the speed at which they can deliver quality care. While the specialty medication onboarding process includes a variety of steps to help support patient access  — benefit verification, PA, consent, financial assistance, and fulfillment — there is no reason that these steps cannot be automated, integrated, and fast. An HCP should not have to worry about which manufacturers may or may not have sponsored a program, or if the technology will work for a specific patient. To reduce burnout and create consistency, technology should work the same way every time.

It is up to clinical leads, IT teams, and other leaders to sound the alarm and support the launch of solutions that reduce burden and burnout for their teams, instead of those that create more work. A single digital entry point for any patient and any medication is a reality that is within reach. We just need to drive provider adoption of these tools. The only way we can ensure better, faster, more affordable care for patients is to help providers with the work they do every day.

Readers Write: Reducing Medicaid’s Fraud & Waste: Program Integrity Systems

January 29, 2024 Readers Write No Comments

Reducing Medicaid’s Fraud & Waste: Program Integrity Systems
By Gerald Maccioli, MD

Gerald Maccioli, MD, MBA is chief medical officer of HHS Technology Group of Fort Lauderdale, FL.


Medicaid, a cornerstone of healthcare support for low-income individuals and families in the United States, is a vital safety net. With an annual expenditure of approximately $824 billion in 2022, Medicaid ensures access to necessary medical services for millions of vulnerable Americans.

Like any large-scale government program, Medicaid is not immune to the challenges that are posed by fraud and abuse. Estimating the exact extent of Medicaid fraud, though, is challenging due to its clandestine nature and constantly evolving tactics used by perpetrators. However, some reports and estimates provide insights into the scale of the issue. For example, in 2020, the US Department of Health and Human Services (HHS) reported recovering $1.8 billion from fraud and abuse cases in healthcare, including Medicaid.

State Medicaid programs are determined to combat fraud when it does occur, and, ideally, prevent it before it happens in the first place. To that end, many Medicaid programs are looking to invest in robust program integrity systems to comprehensively address fraud, waste, and abuse. In this context, program integrity describes any of various oversight activities to ensure that Medicaid dollars are spent appropriately and accurately.

Like the healthcare industry itself, Medicaid fraud can be complicated, byzantine, and varied. The following is a description of six of the most common types of fraud that is associated with Medicaid.

  1. Billing fraud. Healthcare providers, including physicians, clinics, and hospitals, may engage in billing fraud. This type of fraudulent activity involves submitting false claims or inflating bills for reimbursement. Common tactics include billing for services that were never provided, misrepresenting the cost of services, and engaging in other deceptive practices. Billing fraud not only diverts financial resources from the program but also reduces the availability of funds for legitimate healthcare services.
  2. Identity theft. Fraudsters may employ identity theft tactics, such as using stolen or fabricated identities, to access Medicaid benefits. Identity theft can be perpetrated by both providers and beneficiaries, resulting in unauthorized use of healthcare services, prescription drugs, and medical equipment. This practice places undue strain on program resources and can lead to significant financial losses.
  3. Phantom billing. Phantom billing occurs when providers bill for services that were never provided to beneficiaries. This fraudulent practice not only drains program resources but also can lead to suboptimal care for beneficiaries who do not receive the services they are billed for, putting their health and well-being at risk.
  4. Kickbacks and referral fraud. Unscrupulous providers may engage in kickbacks or referral fraud, offering incentives to beneficiaries or other providers in exchange for Medicaid referrals. This unethical practice not only compromises the integrity of patient care but also diverts program resources for personal gain, diminishing the overall quality and efficiency of the Medicaid system.
  5. Overutilization. Some beneficiaries may overuse Medicaid services, receiving unnecessary medical treatments or prescription drugs. This results in inflated healthcare costs and can deprive other, more deserving beneficiaries of necessary care.
  6. Prescription drug fraud. The abuse of prescription drugs within the Medicaid system is a growing concern. Beneficiaries or providers may engage in the overuse or diversion of prescription drugs, leading to escalating costs and potential health risks.

To effectively combat the extensive scope of fraud and abuse in Medicaid, robust program integrity systems are indispensable for several compelling reasons:

  1. Financial sustainability. Fraud and abuse divert scarce financial resources from Medicaid, reducing the program’s ability to provide essential healthcare services to those who genuinely need them. Effective program integrity systems are essential to protect the financial sustainability of Medicaid, ensuring that resources are available for legitimate healthcare needs and program expansion.
  2. Quality of care. Fraudulent activities can lead to suboptimal patient care. Phantom billing and overutilization practices, for instance, can result in beneficiaries either not receiving necessary services or receiving services they do not require, compromising their overall health and well-being. Robust program integrity systems are instrumental in maintaining the quality and appropriateness of healthcare services.
  3. Preventive measures. Program integrity systems include proactive measures that are aimed at preventing fraud and abuse. By identifying and addressing potential issues early, these systems act as deterrents to fraudulent activities and contribute to preserving the program’s integrity.
  4. Legal accountability. Program integrity systems play a crucial role in identifying and prosecuting those involved in fraudulent activities. They ensure legal accountability for individuals or entities attempting to exploit the program, thereby acting as a powerful deterrent to fraudulent practices.
  5. Public trust. A transparent and well-monitored Medicaid program is essential in building and maintaining public trust. When beneficiaries and taxpayers have confidence that their contributions are used judiciously and ethically, it enhances the program’s reputation and garners greater public support.
  6. Program longevity. Effective program management is essential for the long-term viability and effectiveness of Medicaid. Robust program integrity systems help extend the lifespan of Medicaid, ensuring that it continues to provide essential healthcare services to those in need for generations to come.

In conclusion, the scope of fraud and abuse in Medicaid is extensive and multifaceted, presenting complex challenges that require vigilant attention and comprehensive solutions. Robust program integrity systems are not merely desirable but necessary for safeguarding the financial sustainability of the program, maintaining the quality of patient care, preventing fraudulent activities, ensuring legal accountability, building public trust, and securing the longevity of this crucial lifeline for low-income Americans.

Program integrity systems are a cornerstone in the fight against fraud and abuse, playing an indispensable role in preserving the Medicaid program’s integrity and the health and well-being of its beneficiaries.

Readers Write: The Importance of Well-Managed Patient Identity Queues

January 8, 2024 Readers Write No Comments

The Importance of Well-Managed Patient Identity Queues
By Megan Pruente, RHIA, MPH

Megan Pruente, RHIA, MPH is director of professional services for Harris Data Integrity Solutions of Niagara Falls, NY.


Identity queue management is an important aspect of an effective value-based care strategy. It lays the foundation for establishing an effective person index, minimizing overlays, and facilitating streamlined care coordination. Left unresolved, backlogged work queues can have costly implications for patient care and safety, as well as revenue integrity.

However, many provider organizations are struggling to stay ahead of burgeoning identity error queues, with health system clients reporting that weekly error tasks have more than doubled. At one health system, the volume of potential overlays queue swelled from 2,000 per week to more than 5,000 per week over the course of just a few months, while another organization found itself dealing with a backlog of 100,000 identity interface errors. The health information management (HIM) director at a third health system shared that his team evaluated up to 400,000 potential overlay tasks in the last year to identify just 60 true overlays.

Many HIM departments lack the staff resources and experience that are necessary to address this volume of mismatched data, and the backlog continues to grow. What’s more, many hospitals and health systems may not be catching potential overlays or identity interface errors because their EHR systems lack the functionality or tools that alert end users to such errors.

Blame for this surge in errors can be traced back to several events, starting with the pandemic. The rapid uptick in adoption and use of patient portals, implementation of self-registration processes, and internal workflows to accommodate telemedicine and vaccination appointments led to a sharp increase in overlays, duplicates, and other identity-related errors. Exacerbating this were staffing shortages created by illnesses, caring for sick loved ones, and an exodus of healthcare professionals due to fears of COVID-19 and burnout, an ongoing challenge that has identity management teams stretched to the breaking point.  Another factor involves changes to fields that are used to capture patient identity data, such as expanded options for sexual orientation and gender identity (SO/GI).

Ironically, some of the blame also lies with the EHR workflow tools that were designed to address patient identity management challenges. For example, Epic’s EMR includes a Possible Overlay Queue, a useful workflow tool that identifies and segregates potential overlays until they can be analyzed and either verified or cleared from the queue if it is determined not to be a true overlay. However, its sensitivity to any change to the patient’s demographic information, whether significant (a name change or new Social Security number) or routine (adding a middle initial or completing SO/GI fields) can sometimes lead to an increased backlog volume as every alteration triggers an overlay task to be added to the queue.

Similarly, when data such as order results and documents cannot be filed automatically into a patient’s existing medical record due to a mismatch or fuzzy match on demographic data points, medical record number (MRN), or other patient-level data point, these messages error out and must be manually reviewed and resolved. When left unresolved, these errors can lead to repetitive orders, duplicate tests, and other issues that could result in denied claims.

The challenge for HIM is that some EHRs do not have interface error work queues that streamline resolving such errors. Even when EHRs do offer such functionality, staff often struggle to keep up with the high volume of errors requiring attention.

The reality is that managing identity error backlogs is a time-consuming and resource-intensive task that few HIM departments have the capacity to handle. The intricate nature of these processes requires meticulous attention to detail and often diverts focus from more critical tasks and strategic initiatives. Exacerbating the challenge, new tools and reports being released to HIM designed to help address duplicate, overlays, and interface errors are contributing to the increase in workload with the same or fewer resources to review the errors.

Healthcare organizations can take a number of actions to reduce the volume of identity errors and prevent backlogs from spiraling out of control. These include:

  • Invest in staff training. Provide comprehensive training to enhance HIM professionals’ identity management skills. Keep staff updated on changes in patient data capture fields and the use of EHR workflow tools to reduce errors caused by lack of awareness.
  • Prioritize staff resources. Allocate adequate staff resources to address identity queue backlogs and ensure that HIM departments have the capacity to handle the volume of tasks. Also, consider hiring additional staff or redistributing existing resources to focus on resolving identity errors and preventing the backlog from growing.
  • Collaborate across departments. Foster collaboration between IT, HIM, and other relevant departments to collectively address identity management challenges. Also, establish cross-functional teams to develop and implement solutions that consider the perspectives and requirements of different stakeholders.
  • Outsource MPI management. Evaluate the cost-effectiveness and efficiency of outsourcing MPI management to a vendor or partner with experienced staff overseen by credentialed professionals. Short-term MPI management support should also be considered during M&A activities to ensure integration of clean data and quick turnaround times.
  • Implement robust data governance. Establish a strong data governance framework to ensure the accuracy and integrity of patient data throughout its lifecycle, including ongoing quality checks to ensure the accuracy of any automation and other patient matching tools, including AHIMA’s Naming Policy Framework and the Project US@ AHIMA Companion Guide.
  • Enhance EHR workflow tools. Collaborate with EHR vendors to fine-tune sensitivity of algorithms to reduce false positives in the identification of potential duplicates and overlays and to customize workflow tools that better align with the organization’s specific needs and processes.
  • Use third-party data. Use third-party data like historical addresses and phone numbers that are obtained from outside vendors to help prevent and accelerate remediation of overlays.
  • Invest in enhanced patient matching tools. Biometrics and other patient matching technologies can prevent the creation of identity errors by improving accurate identification during front-end registration processes.
  • Automate data matching processes. Explore, implement, and closely monitor advanced technologies such as machine learning and AI to automate matching and reduce the reliance on manual reviews. Integrate systems that allow for automatic filing of order results and documents into patient records to minimize errors related to mismatched data.
  • Use analytics for insights. Use analytics tools to gain insights into patterns and trends that are related to identity errors and to identify root causes.
  • Regularly monitor and evaluate processes. Implement a continuous monitoring system to track the performance of identity management processes and identify areas for improvement. Regularly evaluate the effectiveness of implemented solutions and work closely with IT staff or vendors to optimize processes, as even seemingly minor AI errors can have significant and widespread impacts.
  • Don’t overlook the patient’s role in maintaining clean patient identity queues. Implement patient education programs to encourage accurate self-reporting of demographic and other relevant information. Also, promote to patients the importance of maintaining up-to-date and accurate information, including creation of talking points to help staff engage in these discussions.

Unresolved identity errors pose a significant threat to a hospital’s financial health. These errors can lead to reimbursement delays, costly repeat studies, and denied claims, creating unnecessary financial strain. A backlog can also impact patient care by creating gaps in medical histories, unnecessary delays in diagnosis and treatments, and risks to patient safety.

To avoid these impacts, patient identity error queues should be part of an overall MPI management strategy. Whether outsourcing to an outside MPI vendor or increasing internal resources to put in place workflow processes for eliminating the backlog and sustaining ongoing management, hospitals and health systems must prioritize patient identity queue management. Doing so empowers healthcare institutions to optimize operations that are being dragged down by unresolved patient identity errors, generating measurable cost savings, mitigating financial setbacks, and creating room for strategic investments in areas that truly matter.

Readers Write: My Crystal Ball for 2024: PR and Marketing Predictions

January 8, 2024 Readers Write 1 Comment

My Crystal Ball for 2024: PR and Marketing Predictions
By Jodi Amendola

Jodi Amendola is CEO and founder of Amendola Communications of Scottsdale, Ariz.


2023 will be remembered for a lot of things. Unfortunately, one of them was unpredictable decision-making about investments in HIT solutions and longer sales cycles.

Looking at the year ahead, we may see some continued challenges when it comes to market conditions, but here’s hoping my 2024 public relations (PR) and marketing cheat sheet can help you better navigate uncertain waters.

Bet on LinkedIn

In my predictions for 2023, I shared concerns about the uncertain future of what was then Twitter (now X) when it comes to B2B social media programs. Since then, things have gotten increasingly worse. Under Elon Musk, major advertisers have fled, countless users are deleting their profiles, and even the President of the United States felt compelled to condemn Musk for an anti-Semitic tweet and left X in favor of the emerging social media platform Threads. Companies that remain on X should ask themselves whether the shrinking benefits outweigh the mounting negatives. 

Meanwhile, LinkedIn continues to lead the charge as the business marketing platform to embrace. LinkedIn has strategically added business-friendly features such as product pages, post scheduling, and enhanced content analytics. Businesses that have not embraced LinkedIn for marketing and sales are missing a tremendous opportunity.

To maximize LinkedIn, be authentic and provide relevant information on a consistent basis. No more than 20% of your corporate posts should be about your company. The remainder should focus on third-party content that sparks interesting industry conversations. LinkedIn posts should leverage storytelling for engagement, how-to-guides for interest, and thought leadership for conversations.

Maximizing Conferences: Booths, Networking, and Online Events

In 2022, people flocked back to the big healthcare conferences, eager to gather again in person in the wake of COVID-driven isolation. We saw healthy crowds again in 2023, but many companies are re-thinking this strategy in favor of hosting targeted breakfasts or dinners or attending events for networking purposes only. We will likely see that trend continue in 2024, as many businesses may decide that the cost of sponsorship and exhibiting are too high in a tight economy.

The pandemic forced companies to become creative in marketing through virtual events. At the time, these tactics were driven by safety concerns, but now it’s budget priorities. HIT marketers are realizing that they don’t need an expensive 10×12 booth on a crowded convention floor to get their message across.

If webinars, podcasts, and virtual roundtables are carefully targeted and well marketed, you can even reach more qualified prospects than you can at a live event. Virtual events are not only less expensive, but they can be held more often than in-person happenings. Content from virtual events also can be repurposed for sharing through social media, blog posts, and bylined thought leadership articles that you can place in high-value media outlets.

AI is Here to Stay, But Regs Are Coming (Hopefully!)

After disrupting so many professions in 2023, OpenAI experienced its own chaos and upheaval at the end of the year.

However, that particular situation is resolved and artificial intelligence — whether it’s from OpenAI or a competitor — is too powerful to be stopped by C-suite struggles. AI will continue to disrupt not only health tech, but also marketing and PR.

In 2024, marketing departments and agencies will get a better handle on what they can and should do with this emerging technology. AI, when used correctly in a PR and marketing setting, can be a valuable tool, but it will never be a substitute for human writers and human intelligence. It can be useful for research, ideation, and facilitating the writing and thought process, but not for creating creative, thoughtful, highly targeted content.

I expect 2024 to see greater efforts, both public and private, to regulate the use of AI and require disclosure when it is employed.

Uptick in Rebranding is Here To Stay

The past year was a big one for companies that are rebranding (or doing a brand refresh) and updating messaging. We will likely see more of these efforts ahead.

Sometimes a rebrand is necessary because a company expands, changes its offerings, or decides to enter a new market. In other cases, it’s because the old look and old messaging have gone stale, which can happen without a business even realizing it. While a top-to-bottom rebrand is not something undertaken lightly, it’s a necessary part of most corporate evolutions and can help a company re-position or re-invent itself when appropriate.

Video, Video, and More Videos

Regardless of the platform, video is an increasingly popular choice to provide a welcome alternative to the written word. People often prefer to watch or listen to a video for entertainment, education, or just a needed break from reading. Video on LinkedIn increases linger times and engagement, so the algorithm pushes it to more users. The best part: video doesn’t have to be incredibly high production or sophisticated to be effective. Expect video to assume a larger share of marketing content in 2024.

Shorter, Digestible Content Is Preferred

The days of writing 30-page whitepapers and e-books and expecting your audience to download and actually read them are largely over.

In most cases, audiences don’t have the time or patience for content that long or complex. They want relevant information delivered in shorter format such as issue briefs, LinkedIn articles, blog posts, infographics, and videos.

Key In on Customer Champions

If 2024 proves to be as tumultuous for healthcare as most expect, companies will need PR and marketing more than ever. Staying on brand and on messaging through chaotic times means having a consistent and ongoing share-of-voice to rise above the noise and cut through the chatter. The key is to leverage your customer champions and unique industry data to be relevant and demonstrate your key differentiators over the competition.

Do you agree or disagree with my predictions? Come back in a year and we’ll see how many I got right.

Regardless of your technology, product or service, I hope the New Year provides endless possibilities for growth and success. Here’s to leveraging lessons learned, flawless execution, and advancing healthcare.

Readers Write: Empowering Nurses Through Interoperable Technology: Revolutionizing Patient Care in the Acute Environment

January 8, 2024 Readers Write 1 Comment

Empowering Nurses Through Interoperable Technology: Revolutionizing Patient Care in the Acute Environment
By Elizabeth Anderson, RN

Elizabeth Anderson, RN, MSN is director of clinical experience and solutions at Rauland of Mount Prospect, IL.


The acute care environment represents a dynamic hub of activity, with nurses positioned at its epicenter. Nurses spend long hours managing patient care, coordinating resources across interdisciplinary teams, and providing support to patients’ family members.

Although nurses strive to create positive experiences for their patients, a recent report from Leapfrog Group’s hospital ratings have illuminated a concerning decline in nurse communication, doctor communication, and staff responsiveness in hospitals nationwide. The disconcerting results accentuate the urgency for healthcare institutions to assess the resources provided to nurses and not the capabilities of the nurses. Increasing the number of checklists to complete and equipment to track creates barriers for nurses to work at the top of their licenses.

Hospitals should drive towards integrating solutions that allow nurses to spend more time providing direct patient care. Implementing technologies with true interoperability will assist in streamlining workflows and reduce the volume of decisions that need to be made by clinicians every hour. When nurses are equipped with the appropriate tools for their patient care space, the resultant improvements in outcomes can impact all areas of patient and staff satisfaction.

The pursuit of interoperability within healthcare remains an enduring aspiration, often obstructed by the prevalence of disjointed systems that foster isolated data silos. Consequently, nurses are compelled to navigate multiple platforms for a single clinical decision, leading to cognitive burden that can impede response times and patient satisfaction. The proliferation of technology in patient care has resulted in an average of 10-15 connected devices per patient room. However, not all these devices are optimized for clinical workflows or seamlessly integrated into crucial healthcare systems. Non-clinically vetted or non-interoperable technologies add unwarranted complexity and impose a cognitive burden on nurses.

Purpose-built solutions, such as converged platforms that are tailored to automatically access role-specific data and workflows, streamline tasks, and eliminate unnecessary steps are positive solutions that begin to address current state clinical needs. Equipped with a holistic view of the patient’s condition, nurses can administer personalized care, anticipate patient needs, and avoid medical errors.

Interoperability also curtails redundant communication and paperwork, affording nurses more time to operate at the pinnacle of their abilities and spend valuable time at the patient’s bedside. Outcomes of interoperable healthcare solutions establish harmonized data from various devices in patient rooms and offer a unified data repository that can provide the clinical teams with a global awareness of their patients’ needs that reduces decision fatigue and allows nurses to feel in control of their shift.

Interoperability serves as the linchpin in bolstering nurses and realizing the quadruple aim: enhancing patient experience, advancing health outcomes, reducing costs, and refining clinician experience. Empowering nurses with integrated data and analytic tools refocuses their roles from data-entry to proficient patient advocates. The realization of a connected care team through interoperability solutions is instrumental in manifesting the vision of coordinated, value-based care. Recognizing nurses as the lifeblood of healthcare mandates that they are equipped with the insights and technology requisite to fulfill their life-saving responsibilities.

Providing nurses with clinically tested resources and removing technology barriers that obstruct direct patient care can reverse the downward trajectory of reported satisfaction scores for hospitals. A patient-centric approach, characterized by patients feeling heard, cared for, and secure, leads to superior outcomes, fewer preventable events, and a more sustainable healthcare system overall. Patient experience must persist as the cornerstone of any high-caliber healthcare organization. By deploying the right solutions and technology for nurses to focus on bedside care, hospitals can attain commendable success in their endeavors.

Readers Write: The Evolving Role of a Security Control Assessor

December 27, 2023 Readers Write No Comments

The Evolving Role of a Security Control Assessor
By Angela Fitzpatrick

Angela Fitzpatrick, MSHI is VP of IT risk management for Meditology Services of Atlanta, GA.


As the cybersecurity and regulatory landscapes continue to change and escalate, healthcare organizations find themselves juggling a myriad of priorities within their security strategy. They must ensure they have adequate assurance options while dealing with the increased intertwining of cybersecurity with other functions such as procurement, compliance, and digital transformation.

In response, healthcare organizations are broadening their security operations, highlighting the need for security leaders who strategically understand the use cases for cybersecurity within the business. They are also redefining the role of security control assessors (SCAs), from merely applying standards to also understanding how standards fit into the organization’s larger cybersecurity framework.

The rising value of patient data, including protected health information (PHI) and personally identifiable information (PII), makes healthcare organizations prime targets for cyberattacks. This data is highly sought after, with black market values skyrocketing to 10 to 40 times more than credit card numbers.

According to the 2023 “Cost of a Data Breach Report” by Ponemon Institute and IBM Security, the average cost of a breach for a healthcare organization is close to $10 million, a 53% increase from 2020. This surpasses the average cost for breaches across all industries in 2023, which stands at $4.45 million.

The Health and Human Services (HHS) Office for Civil Rights (OCR) “Wall of Shame” reveals a distressing trend that aligns with these figures. From January to November 2023, nearly 500 breaches affecting 500 or more individuals were reported to the OCR, a sharp increase from the 278 reported breaches during the same period in 2022. The attacks, which affected more than 90 million individuals, were reported across 300 provider organizations, 120 business associates, and 73 health plans. The majority were hacking incidents (407), followed by unauthorized access or disclosure (80) and theft (7).

Although it’s alarming to see the escalating cost and frequency of cyberattacks, perhaps the most unsettling fact is that a mere one-third of these attacks were detected internally by security teams or tools. Even more startling is the revelation that the attackers themselves reported the majority of these breaches, accounting for 67% of the total.

The incessant cyber onslaught aimed at patient data has left healthcare organizations in a frantic search for solutions. Part of the answer lies in escalating investments in incident response (IR) planning and testing, staff training, and technologies for detecting and responding to threats. The Ponemon/IBM report identified these activities as the most efficient ways of reducing the cost impact of an attack, complemented by implementing a DevSecOps approach.

To maximize the efficiency of these investments, it’s crucial for healthcare organizations to scrutinize the pivotal role that SCAs have in pinpointing and alleviating potential vulnerabilities.

The Evolving Role of the SCA

Security control assessors meticulously examine security measures in place within an information system, employing a repertoire of assessment and testing methodologies to gauge the efficacy of administrative, operational, and technical safeguards. Their primary responsibilities include detecting vulnerabilities, proposing remedial measures, and safeguarding system integrity by pinpointing and mitigating potential paths of exploitation.

Additional SCA responsibilities encompass:

  • Creating strategies for tracking and evaluating risk, compliance, and assurance operations.
  • Constructing specifications to harmonize risk, compliance, and assurance endeavors with security prerequisites.
  • Organizing and executing reviews of security authorization.
  • Assessing interfaces for potential vulnerabilities.

In addition, SCAs are tasked with validating application software, network, and system security implementations. They meticulously document deviations from the prescribed security standards and, crucially, propose appropriate rectifying measures.

In the current era, the role of an SCA has evolved beyond traditional responsibilities into that of a guide who appreciates the unique complexities and limitations inherent to an organization, and charts an achievable path towards enhanced cybersecurity. This pragmatic approach strikes a balance between stringent security protocols and the practicality of implementation. Assessors deploy a tailored strategy for each organization, aligning with its specific hurdles, assets, and cybersecurity objectives. They assist in evaluating various attestation alternatives and guide organizations in pursuing attestations in an incremental manner, thus strengthening cybersecurity over time.

In the healthcare domain, the significance of the SCA’s role is heightened due to their ability to align assurances with regulatory stipulations such as HIPAA. As the landscape of regulatory requirements shifts, SCAs must stay at the forefront of changes. They must transcend the boundaries of occasional involvement and adopt the mantle of a persistent catalyst for progress, fostering an environment of perpetual learning and advancement.

Moreover, as the domain of cybersecurity expands its interdisciplinary reach, SCAs assume the mantle of navigating the humanistic and cultural facets of the certification and attestation process and its subsequent repercussions on the organization’s everyday operational realities. In the end, proficient SCAs conduct assessments and actively participate in remediation planning and implementation, steering clear of a mere evaluate-and-depart modus operandi.

Impact on Attestation

An SCA has the potential to significantly influence a healthcare organization’s success in attaining attestation by minimizing challenges and resistance. By comprehending the full context and nuances of an organization’s cybersecurity stance, the SCA is best equipped to navigate it along the attestation pathway. This reduces impediments and facilitates a more streamlined and achievable certification process.

In the current cybersecurity landscape, the SCA’s role is to boost the chances of attestation success by adopting a mentorship stance and investing time in gaining a deep understanding of their organization’s specific context. This focused approach equips assessors to offer actionable and customized guidance, thereby enhancing the organization’s prospects of achieving successful attestation.

The metamorphosed role of the SCA underscores the importance of cooperation and participation among all interested parties. Serving as a connecting link, SCAs promote improved dialogue and comprehension, ensuring that everyone is synchronized in their objectives and anticipations. This simplifies the procedure, cultivates confidence, and fortifies alliances, which are essential for enduring cybersecurity partnerships.

Ultimately, SCAs play a pivotal role in fostering sustainable progress and substantial expansion in the realm of cybersecurity.

By establishing an effective alliance, healthcare organizations can utilize the expertise of SCAs to critically evaluate and guide the maturation of in-house programs. With a strategic orientation, this collaboration can instigate enduring change and promote lasting advancements.

Readers Write: The Importance of Accurate Benefits Data in Healthcare

December 27, 2023 Readers Write No Comments

The Importance of Accurate Benefits Data in Healthcare
By Gary Davis

Gary Davis is national practice leader for Noyo of San Francisco, CA.


In the world of healthcare IT, there is so much to talk about. Digital transformation, automation, and new tech in the US health system is paramount, holding the promise of improved patient experiences, better health outcomes, and reduced costs, not to mention alleviating burden and burnout among healthcare workers. This crucial topic in healthcare today runs the gambit, covering everything from super advanced tech like artificial intelligence and blockchain to wearables, remote patient monitoring, telehealth, and interoperability among EHRs and other data sources like HIEs and more. 

I am here to address a less-sexy but important healthcare data topic – accurate insurance benefits data.

About 46% of Americans have employee-sponsored insurance benefits. The top benefit in the mix is healthcare insurance. Insurance benefits are focal to all our lives. It’s how we maintain health and wellness through healthcare, dental, and vision coverage.

Right now, many people are in the thick of the open enrollment season, making selections and completing enrollment paperwork, with teams of benefits administrators, HR, brokers, and insurance carriers fast at work getting everything complete and ready for the coming new year of coverage.

When I say “paperwork,” I mean it literally. The insurance industry is ripe for a technology upgrade. In 2023, carriers continue to rely on paper, web portal entry, email, phone, and electronic data interchange (EDI) for data exchange to support important functions of enrollment and member changes. The last major tech advancement in the insurance industry was EDI, and that was back in the 1970s.

Why the slow pace? The status quo is often the sector’s biggest hurdle. Paper-based systems and manual data entry dominate industry workflows. Many leaders think that it works, but not really. Manual data entry is fraught with inaccuracies and data sits in silos and is inaccessible. The lagging tech makes it challenging for benefits software, insurance carriers, brokers, and employers to keep key employee information in sync and drive innovation.

Our insurance benefits are confusing and hard to use, which that often means that services and money are left on the table by many. Just 9% of employees understand benefits terms like co-insurance. Meanwhile, choosing the wrong health plan can be a $2,000 mistake.

A 2023 Harris Poll consumer survey of 2,000 employed adults with employer-sponsored insurance benefits revealed that nearly half the respondents cited frustration when using their insurance benefits because they are hard to understand. Meanwhile, two in five indicated they have received inaccurate bills, have been unable to access care, or that their family has been negatively impacted due to delays because of errors in their insurance coverage.

Plus, because they don’t clearly understand what their benefits offer, many people wait to use their healthcare coverage until a health crisis hits, which isn’t good for the individual, population health, or payers.

In 2024, we predict that modern, frictionless benefits will take hold, enabled by API technology. These are benefits that are easy to use and to personalize to match the needs of individuals. Foundational to this new path forward, though, is accurate benefits enrollment data. There is a lot of inaccurate enrollment data out there, due in large part to decades-old technology in place in the insurance benefits ecosystem. The bad data is getting in the way of innovation and of people better who are understanding and using their benefits to their fullest.

API technology will pave the way forward. Payer organizations should have an API strategy and roadmap to guide them. You can build it yourself or team up with a trusted, visionary partner. Either way, 2024 should bring business imperatives to replace the technology status quo in the industry.

Readers Write: Trauma Thoughts

December 27, 2023 Readers Write No Comments

Trauma Thoughts
By Nicole Cook, APRN

Nicole Cook, APRN, MSN is a trauma clinical nurse specialist with WakeMed of Raleigh, NC and a clinical advisor for TraumaCare.AI.


The science and technology of healthcare is relentless in its pursuit of improvement and change. Techniques and practices that were once held as best practice have been improved upon or disproven, moved to the files of antiquity to be remembered fondly or with embarrassment as we realized that the sacred cow really wasn’t quite so golden. The evolution of care for traumatically injured patients is no exception.

Trauma nurses from 20 years ago would be flabbergasted to receive a trauma patient not on a long spine board. Mixing high-dose Solu-Medrol for an acutely injured spinal cord was cutting edge best practice. Peripheral IVs were flushed with heparin every eight hours, and we certainly preferred a good bolus of crystalloids before considering blood products. Yet now, every one of these interventions is no longer best practice. Our understanding of trauma pathology and care of trauma patients has evolved and will ceaselessly continue to do so.

Given the inevitability of change, trauma nurses must anticipate future shifts to our profession and the care and assessment of these critically injured patients. No new technology is poised to revolutionize healthcare more than the integration and incorporation of artificial intelligence and machine learning (AI/ML)-driven decision-making models into patient care and assessment. Never has technological and scientific change been so ripe with questions, apprehension, and seemingly limitless opportunity. 

We would be remiss to pretend that the last several years have not harshly affected healthcare and the field of nursing. Nurses have left the bedside, turnover in most healthcare organizations is at an all-time high, and uncertainty and change are our continual companions. As the future approaches, we look to lose more staff due to retirement as our patient population only continues to age and grow. Increasing the number of nursing educators and bolstering our nursing education pipeline cannot be ignored, but the impact of that would be felt years in the future. Staff need assistance now.

As healthcare moved into the digital age and EHRs became the norm, new challenges presented themselves. A deluge of digital data is filed into the record, often automatically. This is intended to improve decision-making, but the sheer volume often ends up overwhelming staff who may miss trends and changes among the pages and tabs of data. What was intended to make healthcare easier is resulting in information overload.

Imagine this not too unusual scenario. A busy emergency department, bursting at the seams. A nurse with a heavy assignment receives a multi-trauma patient after resuscitation who is now awaiting an ICU bed. Inpatient beds are at a premium, so the patient boards in the emergency department. This nurse has been well trained, but with a 1:5 nurse to patient ratio, it’s all they can do to keep up with basic tasks for their patients.

Minute changes in labs and assessment for the trauma patient indicate an impending worsening of clinical status, which is not readily apparent on the vital sign monitor. As the nurse treads water trying to keep up with their patient assignment, the very real risk exists that the nurse and care team will miss these subtle clues, leading to adverse patient outcomes.

Now consider one small change to this scenario. As the nurse logs into the EHR, they receive a notification of the impending clinical deterioration that was calculated by a decision-making model that is integrated into the record. The nurse notifies the admitting physician, who responds to the bedside. The clinical team reviews the notification and the pertinent data, adjusts the care plan accordingly, and the patient stabilizes. The nurse is also able to use this information to advocate that the patient be moved up in the queue to receive the next available ICU bed.

One of the concerns with any integration of technology into healthcare assessment is the potential for loss of clinical expertise and critical thinking that is secondary to overreliance. This concern is not unwarranted. The more our reliance on technology grows, the more it has the potential to pull staff from the direct bedside, facing away from the patient and toward a computer screen.

Nursing is an art and a science, twisted and entangled into one inseparable form. The anticipation of impending clinical deterioration is often described as a gut feeling, or simply “I am worried about this patient.” Artificial intelligence cannot replace nurse intuition and excellent assessment skills at the bedside. But this added layer of safety could be a constant background presence that is assessing and reassessing minute changes and alterations, as bedside nurses juggle ever-increasing documentation and regulatory requirements and a thousand little tasks that keep them from having the time to comb the data and see all the details.

Patient safety is created in layers. The Swiss Cheese Model is a well-known illustration of risk management and prevention. Layers upon layers of preventative measures and mitigation strategies result in improved safety. The integration of AI/ML can be seen as a robust addition to the Swiss Cheese Model due to its potential for adaption and development. Trauma nurses have a responsibility to investigate its potential in the evolution of our specialty to anticipate potential gaps in safety, equity, and education, and to take an active role in shaping this technology to assist us in caring for some of the most complex patients in all of healthcare.

Readers Write: 2024 Regulatory Changes and their Impact

December 20, 2023 Readers Write No Comments

2024 Regulatory Changes and their Impact
By Vatsala Kapur

Vatsala Kapur, MA, MPAff is VP of external affairs for Bamboo Health of Louisville, KY.


Change is on the horizon. This adage has always been true for the ever-evolving healthcare landscape, especially with the introduction of new federal and state policy and regulations.

As we step into the 2024 election cycle, we expect to see additional changes across the behavioral health realm in particular. Policymakers are implementing various financial penalties and incentives to increase accountability in expanding behavioral health access. These changes open a window of opportunity for organizations that are ready and willing to rise to the challenge of addressing our country’s behavioral health crisis.

Let’s delve into just a few of the dozens of changes that are aimed at improving healthcare delivery for our most vulnerable populations that may impact your organization in the new year.

  • DHHS establishes disincentives for healthcare providers that engage in information blocking. The Department of Health and Human Services (DHHS) established disincentives for healthcare providers that are involved in information blocking. These disincentives include penalties of up to $394,000 for hospitals and $686 for individual clinicians who fail to share patient data upon request, underscoring the importance of data transparency. For organizations that are hindered by outdated systems, adopting real-time data systems integrated into daily workflows becomes a regulatory necessity and a pathway to improved patient outcomes.
  • Introduction of the Rehabilitation and Recovery During Incarceration Act. If enacted, the Rehabilitation and Recovery During Incarceration Act represents a pivotal shift, allowing Medicaid to finance behavioral health treatment for eligible individuals in criminal justice settings. Effectively addressing the needs of justice-involved populations is crucial for hospitals and clinicians aiming to provide comprehensive treatment at all points of care.
  • SAMSHA releases $74.4 million in funding opportunities. The Substance Abuse and Mental Health Services Administration (SAMSHA) plans to inject $74.4 million into the healthcare ecosystem through grants that target behavioral health challenges. These diverse grants aim to prevent substance use initiation, reduce the progression of substance use, and address other concerns along the health continuum. Notably, partnerships that focus on reducing substance use disorder prevalence through collaboration, each valued at $15.5 million, hold the potential to not only address behavioral health issues, but also expand access in rural areas.
  • CMS shares notice of funding opportunity with the All-Payer Health Equity Approaches and Development (AHEAD) model. The Centers for Medicare & Medicaid Services (CMS) is set to collaborate with states through the AHEAD model, which is designed to curb healthcare cost growth, improve population health, and advance health equity. Increased investment in primary care is a critical element of this initiative, aiming to reduce emergency department burdens and better integrate behavioral and physical health. With a focus on value-based care, the CMS model plans to bolster primary care physicians as the first point of contact for behavioral health issues, thereby reducing the downstream effects of overburdened hospitals.

As federal and state governments focus on the significant behavioral health issues that are facing communities across the country, regulatory changes and evolving funding opportunities will continue to strengthen the ability of clinicians and health systems to address the needs of their patients and communities. By fostering a resilient and responsive healthcare ecosystem, we can collectively rise to the challenges ahead.

Readers Write: Breaking Down Natural Language Processing and Generative AI: How It Is Most Useful to Clinicians Today

December 18, 2023 Readers Write No Comments

Breaking Down Natural Language Processing and Generative AI: How It Is Most Useful to Clinicians Today
By Marty Elisco

Marty Elisco, MBA is co-founder and CEO of Augintel of Northbrook, IL.


Over the last year, the term generative AI has exploded on the healthcare scene, with health and social systems trying to determine if and how they can incorporate the newest tech trend into their day-to-day practice to streamline and improve operations and ultimately improve patient care.

But most organizations have decided to take a measured approach and see how the hype plays out. They have decided to proceed thoughtfully and with diligence before viewing generative AI as the panacea to all things healthcare.

I’ve been working in health tech for 15+ years, and I’ve yet to see any generative AI applications exit the proof-of-concept phase and enter the production phase. Along similar lines, I’ve noticed that almost all articles in healthcare talk about the promise of generative AI rather than its results.

After all, when you consider the true definition of generative AI – the ability to generate language – we must ask ourselves, is this really helpful? Do clinicians really want a tool that can generate language on its own, which treads close to replacing their own clinical judgment? Remember what it is that clinicians really need — to receive the information needed to understand patients and improve the quality of care. Generative AI isn’t needed to accomplish this.

Generative AI has two steps. The first is to identify the relevant historical data. The second is the generative part, to take that historical and reconstruct it as a summary. The first part is accomplished through natural language processing to gather the relevant data. This technology is well proven, and I believe is 90% of what clinicians need.

The second part, using generative AI to summarize this data, is the remaining 10%. This is what has created all the hype. But this part is clearly not yet proven.

The distinction above between “creating new content” and “gathering relevant content” is an important one to make. I believe the latter is significantly more useful to clinicians, because the more that they are informed with relevant content, the more context they have to make decisions with the patient.

In fact, the impact of a tool that can gather content has already been realized and has been proven in clinical settings across healthcare in the following ways:

  • Helping clinicians identify critical behavioral and social gaps in care, where this content is completely contained in the unstructured data.
  • Understanding relevant patient history so that the clinician can make the most informed decisions.
  • Identifying risks, early warning signs, and care quality issues across patient populations that may go unnoticed by the clinician.
  • Understanding community-level trends that enable a health system to offer the right balances of services to the populations they serve.

I believe that the value of the above proven use cases, especially with regards to quality of care receive, generally outweigh the value of the top prospective generative AI use cases:

  • Drafting patient notes for clinicians to finalize.
  • Automating chatbot correspondence with patients.
  • Suggesting clinical care plans.

I believe that as we head into 2024, the industry should begin to focus more heavily on the identification of actionable content instead of the creation of new content. As we close out 2023, generative AI has become part of the culture, but let’s avoid getting caught in the hype and focus on how to deliver value today.

Readers Write: How Hospitals Can Harness Identity Access Management to Mitigate Cyberattacks

December 18, 2023 Readers Write No Comments

How Hospitals Can Harness Identity Access Management to Mitigate Cyberattacks
By Ferdinand Hamada

Ferdinand Hamada is managing director of healthcare cybersecurity for MorganFranklin Consulting of McLean, VA.


On Thanksgiving Day, Ardent Health Services was hit by a ransomware attack that disrupted ambulance routes for hospitals in New Jersey, New Mexico, Oklahoma, and Texas and forced them into diversion mode, unable to accept new patients or perform some surgeries. This is just the latest alarming example of rising attacks on healthcare organizations, making it more critical than ever to maintain visibility over who and what is connected to hospital networks.

With these increased risks — coupled with an uptick in mergers and acquisitions (M&A) plus the ongoing issue of attrition in the industry with 60% of all healthcare support workers expected to leave their jobs within five years — ensuring that identities are managed appropriately is critical to mitigate these risks.

To improve security during these times of flux, hospitals should proactively develop a centralized identity access management (IAM) system to combat increased vulnerability to attacks. IAM systems help identify potential access and permissions risks, which makes them an essential part of hospital cybersecurity programs. By detecting access disruptions in advance and implementing solutions to manage them, hospitals can reduce their impact on patient safety, revenue, reputational loss, and operations.

To create a robust and sustainable IAM program, here are three areas that hospital IT and security teams should focus on:

Limit access to reduce risk

In many hospitals, staff have access to more systems than they need to perform their core duties. To keep information safe, access to data and other valuable assets should be limited and permissions requests should be accurately validated. There are several ways to reduce access across hospital systems, but no one approach stands alone. Determining the best combination of strategies will depend on how an organization currently accesses data and its larger security objectives.

  • Web single sign-on. Multiple parts of an organization’s internal and external web presence require user authentication and authorization to properly secure sensitive data. Web single sign-on frameworks simplify this process by maintaining a user’s authenticated state throughout their entire web session.
  • Adaptive access. Different information and resources carry different levels of risk. Adaptive access enables an organization to easily require more robust authentication for riskier assets while easing accessibility for low-risk resources.
  • Reverse proxy. A reverse proxy sits behind the company firewall and forwards web requests to a server for response. This simplifies the user experience and reduces the amount of information about an organization’s internal network structure that is shared with third parties.
  • Federation login. Contractors and partners require limited systems access, but creating accounts within an organization’s identity management system is time-consuming and adds complexity. Federation enables secure identity sharing across organizations by simplifying authentication and access management for partner organizations.

Implementing new or updated access procedures should also work with existing internal or external frameworks, policies, and technologies. This enables a seamless transition to a new IAM model, promoting appropriate access to data and resources across an entire organization.

Develop onboarding and offboarding checklists to manage employee permissions

While security programs are often focused on mitigating external threats, employees can pose the same or greater security risk to hospitals and patients, whether purposefully or accidentally.

Human security risks come in a variety of different forms:

  • Social engineering and phishing. Social engineering attacks aim to gain physical access to a secure area or system using human interaction. These attacks often occur using convincing messages for phishing. Phishing can happen via email, telephone (voice phishing or vishing), text message (SMS phishing or smishing), and even on social media.
  • Insider threats. Insider threats are caused by employees, contractors, and vendors who have access to the hospital’s systems, and they can occur unintentionally, intentionally, or collusively.
  • Negligent behavior. Employees can also inadvertently place data and security at risk by doing things like insecurely using applications and devices or sharing passwords.

These types of human-based threats can also increase during transitional periods, so it’s important to have IAM plans and processes in place to minimize their risks. Developing checklists to control access during onboarding and offboarding processes can help ensure smooth changeovers. Additionally, employee security training should include how to manage security risks within your specific organization in addition to traditional threats like phishing and reporting lost devices.

Implementing a centralized dashboard for IT teams that provides real-time monitoring, remote access and automated alerts

User rights and privileges, or simply who in an organization has access to what data and systems, need to be readily visible to an IT team. Using IAM platforms and tools provides a scalable and automated foundation for compliance controls, access requests, password management, and identity-enabled visibility.

Implementing a centralized IAM system enables an organization to achieve full visibility and control over its information. These solutions can also help reduce manual workload and save a security team’s time. For example, automating standard procedures and threat alerts can give IT teams more time to focus on real-time monitoring and intercepting potential remote access threats.

As the healthcare industry continues to face increased cybersecurity threats, hospitals will operate more safely by better-protecting data across their organization. Securing employee and device access and implementing a centralized management system to monitor sensitive information should be a key pillar of any hospital business plan. Ultimately, the robust protection of IAM programs mitigates risk and protects sensitive patient information, systems, reputations, and revenue.

Readers Write: AI: The Prescription for Healthcare Troubles

December 13, 2023 Readers Write No Comments

AI: The Prescription for Healthcare Troubles
By Andrew Lockhart

Andrew Lockhart, MBA is co-founder and CEO of Fathom of San Francisco, CA.


Healthcare in America is grappling with a severe workforce shortage, with the closure of physician staffing firm American Physician Partners (APP) earlier this year adding fuel to the fire. Healthcare leaders are searching for a solid solution to address the workforce shortage, and it looks like artificial intelligence (AI) is the answer.

APP’s shutdown follows Envision Healthcare’s footsteps. Both firms cited financial problems as the reason behind their closures. The shutdown of two staffing giants sent waves of panic throughout the already stressed and understaffed healthcare system, and the fallout has shone a light on the already glaring vulnerabilities within the industry.

The lack of workers is affecting emergency medicine, hospital medicine, and critical care management departments, among others, and the future looks even bleaker. An industry market report by Mercer predicts that by 2025, the US will have a shortage of a shocking 95,000 nursing assistants and 98,700 medical and lab technicians, among other worrying figures. This shortage is already negatively impacting the patient experience and safety, with the Joint Commission reporting a 19% rise in adverse events in 2022.

In response to these challenges, technology, particularly AI, is emerging as a crucial component in healthcare operations. Given the current state of healthcare, there is no way for organizations to provide the volume of level and care that patients expect and deserve without some form of automation. Here are three critical ways AI improves healthcare services.

Augmenting Workforce

As staffing shortages become increasingly prevalent, AI offers a scalable solution to address gaps in critical areas. AI provides a lifeline to stressed-out staff by reducing admin burdens and automating repetitive tasks. It frees up precious time for clinical and administrative staff to upskill and operate at the top of their license, maximizing the potential of the entire workforce.

For example, the American Medical Association (AMA) found that healthcare is facing a deficit of experienced medical coders, 30% to be exact. The average medical coder is aging out, and there are few coders ready to take their place. Autonomous coding helps health organizations improve accuracy, reduce denials, and make quicker reimbursements. Another bonus of AI coding is its ability to adapt to complicated new coding guidelines easily, ensuring compliance and accuracy.

Improving Operating Margins

McKinsey reports that healthcare organizations are feeling the strain of financial pressure because of rising inflation and a faltering economy. AI can support the careful balance of maintaining high-quality patient care and optimizing costs by streamlining revenue cycle management (RCM). AI optimizes RCM by automating processes and reducing paperwork, boosting patient satisfaction. More tangibly, it produces measurable cost savings, reduced denials, faster turnaround times, and improved revenue capture.

Attracting Top Talent

Incorporating AI tools into an organization’s workflow is a great way to entice top-tier candidates in an increasingly competitive labor market. Normalizing AI’s use throughout an organization signals to job seekers that innovation is a priority, which is incredibly appealing to the younger generation. Younger prospects also have higher expectations for AI to enhance their day-to-day operations and associate it with cutting-edge projects.

To proactively address workforce challenges, C-level professionals need to strategize for the future, and AI is a long-term solution to build a resilient healthcare workforce. When bringing on new technology, leaders must foster an environment that encourages using AI and be intentional about change management. Technology is only as good as the people who use it, and any solution requires a robust rollout plan with alignment from the entire company. To successfully deploy new AI, look for a vendor with a dedicated customer success team to walk you through any potential road bumps, or set up a steering committee or other governance to lead and finalize AI decisions.

Aside from the multitude of financial, administrative, and HR benefits, adopting AI will also make disruptive events like the closure of APP easier for organizations to bounce back from. With a sturdy AI strategy, organizations are well-positioned to weather any future storms.

AI is gathering speed and changing the face of healthcare. Leaders need to lean in and embrace it or risk getting left behind. Working with AI, healthcare organizations can help address workforce woes, attract a new generation of talent, and have long-term resilience. The time to act is now.

Readers Write: Embracing the Gig Economy: Why CIOs Should Leverage Digital Platforms for IT Talent

December 13, 2023 Readers Write 12 Comments

Embracing the Gig Economy: Why CIOs Should Leverage Digital Platforms for IT Talent
By Daniel Schubert

Daniel Schubert is co-founder and CEO of Revuud of Charlotte, NC.


The gig economy has rapidly emerged in the corporate realm, commonly referred to as digital platform work or the freelance economy. It represents more than just a passing trend. It is a revolution that is significantly transforming the traditional work landscape.

While the broader workforce is attracted to the appeal of flexibility and independence, there is a particular emphasis on CIOs. They are encouraged not only to adapt, but to excel in the digital revolution by using talent marketplaces, enabling them to find high-quality IT resources at a significantly reduced cost

According to a recent study, 42% of the total workforce comprises 1099 workers, independent contractors, or freelancers. Additionally, the report highlights a significant trend, with 90% of companies transitioning towards a hybrid model that incorporates both full-time and freelance employees.

This data underscores the evolving landscape of employment in the enterprise tech sector, reflecting a notable shift towards flexible and diverse workforce structures.

Conventional recruiting for CIOs may seem extravagant. Gig workers present a cost-effective alternative, providing specialized skills without the substantial overhead costs tied to full-time employees. By leveraging hiring platforms, CIOs can experience on average 30% savings per contractor within the first six months alone.

The gig economy thrives on technology, and digital platforms can function as matchmakers and entire wedding planning committees. These platforms streamline the hiring process, eliminating the need for extensive recruitment efforts and minimizing the time investment required from CIOs and their teams.

Gigs in the IT sector are akin to short-term relationships without the emotional baggage. They align seamlessly with project-based, task-focused approaches, making them ideal for CIOs who are seeking flexible and efficient solutions to their talent needs. By leveraging hiring platforms, CIOs can scale their IT talent up or down based on organizational needs.

Gone are the days of the traditional 9-to-5 grind. Gig workers seek the freedom to craft their professional endeavors on their terms. The gig economy’s appeal lies in the liberation from conventional work structures, making it imperative for tech leaders to consider alternative approaches to sourcing talent.

Gig opportunities emerge and vanish swiftly. The conventional snail-paced recruitment processes are inadequate in this scenario and are unnecessarily costly. CIOs need to channel their inner Flash with a laptop, adapting quickly to the demands of the gig economy. Lengthy recruitment cycles are relics of the past. The emphasis is now on agility and responsiveness.

In the gig economy, it’s not about impressive degrees or a wall adorned with certificates. It’s about skills. For CIOs who are seeking high-quality IT talent, leveraging hiring platforms becomes paramount. These platforms connect businesses with IT professionals based on demonstrated capabilities rather than relying solely on formal qualifications. It’s akin to ordering a customized solution – precise and efficient.

In conclusion, the gig economy is not merely a passing trend. It signifies a profound shift in the professional landscape. As individuals increasingly gravitate toward the flexibility and independence offered by gig work, CIOs should abandon old norms and capitalize on the transformative potential of the gig economy to position themselves not just as adaptors, but as thriving pioneers in the ever-evolving digital realm.

Readers Write: The Interoperability Revolution Continues

December 11, 2023 Readers Write 1 Comment

The Interoperability Revolution Continues
By Mark Gingrich

Mark Gingrich, MS is chief information officer of Surescripts of Arlington, VA.


Remember when you would leave your doctor’s office with a handwritten paper prescription, and then need to bring it to the local pharmacy to be filled? Hard to believe that was the norm just two decades ago.

The height of innovation was swapping out this piece of paper for an electronic transaction. It was a simple enough concept, but the impacts have turned out to be profound. Electronic prescribing helped revolutionize how care providers and patients shared information, making prescribing safer and faster and connecting prescribers and pharmacists like never before.

Now, 60,000 pharmacies are connected and 2 billion prescriptions were filled using this technology in 2022 alone. E-prescribing serves as the basis for what we now consider healthcare interoperability, but the scale of healthcare interoperability advances every day. Our company, through subsidiary Surescripts Health Information Network LLC, has submitted its application to become a Qualified Health Information Network (QHIN) under the Trusted Exchange Framework and Common Agreement.

But what does healthcare interoperability mean for patients and clinicians? The definition can be something different depending on the stakeholder, yet the definition is far less important than the impact that healthcare interoperability has had and will continue to have in transforming patient care.

The impact is seen when clinicians have the right patient information, such as medication history and clinical documents, at their fingertips, at the right time, and can provide safer, better informed, and less-costly care for their patients. This means stronger, trusted relationships between patients and care providers.

Our company’s master patient index makes it possible for health information for nearly every patient to be accessible by 2 million care providers. Interoperability means connecting 250,000 clinicians across all 50 states and Washington, DC to access 100 million clinical documents each month in 2022, delivering the information they need to care for their patients in the most meaningful way possible. Applying to become a QHIN is the next step towards amplifying our impact in ensuring that care providers can quickly and easily access the information that they need to provide safe, quality, and lower-cost care for their patients.

Readers Write: Five Takeaways from The Sequoia Project’s Annual Meeting

December 6, 2023 Readers Write No Comments

Five Takeaways from The Sequoia Project’s Annual Meeting
By John Blair, MD

John Blair, MD is CEO of MedAllies of Fishkill, NY.


I recently attended the annual meeting in San Diego of The Sequoia Project, a non-profit that advocates for health IT interoperability, and was impressed with the spirit of collaboration and optimism as stakeholders look forward to taking the next steps toward making interoperability a reality.

Without a doubt, interoperability has been a top-of-mind subject for many years for many of us in attendance, but the issue has gained renewed focus recently, as Qualified Health Information Networks (QHINs) are poised to launch.

QHINs are an essential component of The Trusted Exchange Framework and Common Agreement (TEFCA), a new regulation backed by the federal government and intended to improve interoperability. TEFCA’s goal is to establish a universal floor for interoperability across the country by developing the infrastructure model and governing approach for users in different networks to securely share basic clinical information with each other.

In addition to QHINs, other key issues discussed included: interoperability use cases, the benefits of Fast Healthcare Interoperability Resources (FHIR), the unique challenges to health information exchange for public health, and how today’s patient experience can be improved leveraging existing technology and investments.

My five biggest takeaways include:

  1. QHINs will be quickly migrating customers from their current networks to the new QHIN networks.
  2. Although QHINs will be competing for customers, they plan to cooperate with each other as the networks become operational. They understand that a network of networks is only as good as the weakest network, and it’s essential that they help and support one another in day-to-day operations. Without cooperation, customer support will suffer and the overall success of QHINs will be at risk.
  3. Interoperability stakeholders are anxious to get the current uses up and running. These use cases include treatment, individual access services, payment, health care operations, public health, and government benefits determination.
  4. Although the treatment use case has been active for many years, there is still work to be done around data quality, quantity, and end-user workflow.
  5. Data usability is set to take center stage. A plethora of health data is already being exchanged, but its value is often limited due to issues with normalization, fragmentation, and usability. QHINs will help solve these limitations by driving greater accuracy and completeness of patient health data.

Open questions remain regarding the ultimate effect that TEFCA and QHINs will have and their ability to generate nationwide interoperability improvements. However, the energy and enthusiasm that were palpable at the Sequioa Project’s annual meeting will likely fuel efforts to overcome inevitable roadblocks as stakeholders work to address current and future regulations and advance efforts to increase the volume and utility of health information exchange.

Readers Write: Navigating the Telehealth Regulatory Labyrinth

November 13, 2023 Readers Write No Comments

Navigating the Telehealth Regulatory Labyrinth
By Sheeza Hussain

Sheeza Hussain is chief growth officer of SteadyMD of St. Louis, MO.


Telehealth has the potential to amplify its impact on healthcare access while further reducing costs, but a web of state regulations is hindering that promise.

Telehealth became a household term for millions of Americans in 2020, emerging as a vital component of healthcare delivery. It helped bridge the gap caused by clinician shortages, tackled certain social determinants of health, and facilitated care for rural patients who otherwise struggle to access it.

However, the rapid expansion of telehealth has exposed a glaring issue – a labyrinth of regulatory and legal obstacles. State licensure variability, reimbursement policies, telehealth parity laws, cross-state regulations, and other hurdles continue to impede adoption.

Licensure is just one complicating factor in the telehealth regulatory maze. Many states have differing regulations on nurse practitioner scope of practice, with variance in whether NPs can operate independently, require physician oversight, or are restricted entirely. This patchwork hinders multi-state advanced practice clinician telehealth.

Additionally, certain modes of virtual care like asynchronous visits face ambiguity, as some states allow reimbursement while others prohibit or fail to address it. Like licensure, these state-by-state discrepancies in nurse practitioner and asynchronous visit policies make scaling telehealth availability and minimizing legal risk complex for providers. Overcoming the regulatory headaches requires close tracking of each state’s evolving rules.

Among the three primary challenges, the perplexing variations in state licensing rules are the most significant.

Healthcare providers are required to be licensed to practice in the state in which their patient resides. In some cases, patients are forced to cross state borders to receive telehealth services from their chosen physicians.

The disparities in telehealth policy between states are glaring. For instance, North and South Dakota, as well as Virginia and West Virginia, don’t see eye to eye on telehealth regulations. This patchwork of policies is emblematic of the broader problem – 50 states, each with its own set of laws, medical communities, and stakeholders, all contributing to the complexity of telehealth regulation.

The existing state-by-state licensure processes are antiquated, leaving telehealth companies that operate in multiple states grappling with a complex and ever-changing regulatory landscape. A common requirement is that telehealth providers must hold licenses in the state where their patients are located. However, this doesn’t simplify telehealth; it complicates it further. Most providers are licensed only in one or two states, limiting their usefulness to telehealth companies operating across several states.

Obtaining licenses in additional states is a costly and time-consuming endeavor for telehealth companies. They must build a roster of multi-state providers, carefully manage supply and demand, and ensure compliance with the laws of each state they serve.

Calls for modernizing licensure portability have gained momentum, with some advocating for a standardized federal system akin to driver’s licenses. However, this transformation won’t occur overnight. As telehealth becomes increasingly integrated into healthcare, state regulations may eventually become more uniform, but this change is unlikely to happen soon. The healthcare industry can advocate for greater licensure portability, such as the implementation of a standardized federal licensing system, but providers need relief now.

In the meantime, telehealth providers are seeking alternative solutions. Many are opting to partner with telehealth infrastructure providers that guarantee compliance with state laws, recruit and manage providers, and stay current with shifting regulations. By entrusting an external partner to navigate the intricate regulatory landscape, telehealth providers can focus on what truly matters – providing the best care to their patients.

Text Ads


  1. Agreed, The VA is using CCDAs today for outbound communication and they started with C32s back in 2012. Looked at…

  2. Part of my attitude relates to an experience I had. And this was within a single HIS. I wanted to…

  3. For what it's worth, the VA currently releases C-CDA (or HITSP C-32...my memory fails me) via eHealth Exchange and has…

  4. Unfortunately, I can't disagree with anything you wrote. It is important that they get this right for so many reasons,…

  5. Going out on a limb here. Wouldn't Oracle's (apparent) interoperability strategy, have a better chance of success, than the VA's?…

Founding Sponsors


Platinum Sponsors











































Gold Sponsors