Hackers breach DDS Safe, a cloud-based records retention and backup solution that is sold to dental practices, and use it to install ransomware on the computers of hundreds of dental practices.
The two companies that created the software elected to pay the ransom and then share the unlock codes with their affected customers.
Some practices complained on Facebook that the decryption either didn’t work or didn’t restore all their data.
DDS Safe, ironically, pitches its product as protecting clients from ransomware.
From Gaping Wound: “Re: AI snake oil. You’ve heard of his healthcare companies.” The founder, chairman, and CEO of Crown Sterling, which sells AI-powered encryption software, is ripped for his “sponsored presentation” at the Black Hat security conference that attendees quickly called out as incorrect, imitative, and lacking rigor. It was so bad that Black Hat pulled it from its website, admitting that its vetting process for sponsored sessions was basically nonexistent, after which Crown Sterling sued the conference for breach of its $115,000 sponsorship contract in claiming that the organizers colluded with attendees to interrupt him. The presenter was amateur mathematician Robert Grant, former president of Allergan Medical and Bausch and Lomb Surgical. He runs a growth equity firm that focuses on “the lifestyle sector of healthcare technology” such as its Alphaeon credit card for financing plastic surgery.
From Magma: “Re: new technology. When do we need to assemble a focus group?” Focus group type activity never ends, but its membership, method, and purpose should always be changing. When developing a product, figure out who would need to be your likely internal customer advocate to get a deal signed, then randomly choose 10 people who hold that position, get them to sign an NDA and pay them if necessary, and ask them after a brief overview if they would risk their jobs to recommend spending budget money on your offering. Liking a product (or being polite in falsely claiming to) is not the same as putting your employee reputation on the line to push its purchase, so ask the right question. Early in a product’s existence, listen to the users, but don’t assume that their worldview is representative enough to simply give you a list of design features – it’s your job as a vendor to create a broadly useful product instead of letting notoriously process-challenged users take you down a rabbit hole. The easiest focus group for a mature product is the market, which is either buying it or not, and those who look but take a pass will hopefully offer feedback. The bottom line here is listen to your users when considering minor product tweaking, but show some bold leadership in doing more than just coding their self-serving feature requests.
From Charlie Covin: “Re: Vince Ciotti interview. It brought a smile to my face since I was one of the installation directors who botched a couple of installs in the 1970s before getting it right. On the other hand, thanks to Vince and the many SMS alums for getting me started in a 40-year healthcare IT career.” Charlie’s work history includes SMS, HBO, IDX, HMA, Superior Consultant, and finally Eastern Connecticut Health Network, where he retired in 2013 after 11 years as VP/CIO. Vince has heard from quite a few industry long-timers and copies me on his replies to them. The lesson for relative industry noobs is that (a) quite a few people illogically find their way into health IT and then stick with it for life; (b) the career turns are circuitous as the industry evolves; and (c) those in the industry should create themselves a health IT network of folks and avoid being a jackass since it’s a small, close-knit community where reputations, both good and bad, travel quickly.
From Is Greed Really Good?: “Re: EHR vendors. They are finally getting called out for creating physician burnout.” EHR vendors created the product that the market demanded of them. You’ve missed the point that it’s that market that is greedy, not the software companies who operationalize its physician-unfriendly rules. In fact, I will posit that the most-responsible greed is that of physicians themselves, who happily signed up as the widget of production of insurers, lapped thirstily at the government’s Meaningful Use cash trough, and sold their practices to hospitals and private equity firms to become lackeys, all in their naive pursuit of the almighty dollar (there’s nothing wrong with that, but there’s also no reason to whine afterward). Their gates were stormed with no casualties other than the loss of a few invader dollars spent bribing their way in. Some doctors are incredibly naive despite being enrobed in professional arrogance, allowing themselves to be played like a fiddle by everyone from cute opioid drug company reps to online pharmacies that milk their obedient prescribing authority as a key business concept. They chose their bosses, their bosses chose their tools, and thus we have doctors who think EHRs missed their intended target when in fact they hit a bulls eye, just not the one they want. Hang out a shingle, stop taking insurance, use whatever EHR you want or paper charts if that makes you happy, don’t worry about federal carrots and sticks, get to know your patients even if your potential panel is only those who are willing to pay you out of their pockets, and watch the burnout dissipate.
David Meyers, MD Answers a Reader’s Question About Misdiagnosis
A reader asked a question of David Meyers, MD following his HIStalk interview, wondering how much misdiagnosis is caused by the provider not having adequate information vs. not following clinical guidelines. Also, whether how much of the needed information could come from the EHR vs. from further tests or surgery. David provides this response:
There are no simple answers to the questions, because there is no single diagnostic approach that describes the entirety of identifying the cause of a patient’s illness. Identifying a lesion on an X-ray or CT scan, or a rash on a patient’s skin or cancerous cells on a pathology slide are different from the process of collecting information from a patient about her symptoms and signs via the history of the illness, the physical exam and diagnostic tests, and synthesizing a diagnosis from that information. But all are forms of diagnosis subject to error.
The diagnostic process can be viewed as having two broad elements – individual / human factors and system factors – which interact to lead a clinician to a name for the patient’s illness. While data on the frequency of misdiagnosis is uncertain and dependent on the setting and source of the information (hospital, clinic, autopsy reports, self reports, malpractice data, etc.) the range of frequency of misdiagnosis is thought to be somewhere between 5 and 30%.
In an attempt to identify the causes of diagnostic errors and their frequency, Schiff and colleagues published an analysis of 583 diagnostic errors (mis-, missed, and delayed diagnosis) self-reported by physicians in response to a questionnaire (Diagnostic Errors in Medicine, ARCH INTERN MED, 169:1881-87 (2009). Using a tool to specify where in the diagnostic process an error occurred, they found that test-related factors (delay in testing, wrong tests and dealing with the results accounted for 44% of the diagnostic errors; ~30% were related to assessment and synthesis of the data obtained. The most common process failure was failure or delay in considering the diagnosis. These are largely on the individual / human factor side, although system factors such as lack of time to spend with the patient, distractions, fatigue, flawed results reporting processes, lack of access to old medical records, etc. also play significant roles.
Most EHRs currently in use are seen as inadequate to the needs of the doctors, nurses, and others who use them. Created primarily to be tools for billing, they are not yet clinician-friendly and usable enough to allow for easy navigation to find information, nor are they sophisticated enough to synthesize the data and help the doctor craft a list of important diagnostic possibilities. There are, however, several apps called differential diagnosis generators which can give a list of possible diagnoses when information on symptoms and physical findings is put in by the physician. There are also versions of these apps available to patients.
And in terms of powerful forces to reduce diagnostic errors, an engaged and informed patient is thought to be one of the strongest. Asking “what else could this be?” and other questions can be a very useful way for patients to influence the doctor’s thinking. See the “Resources for – Patients” link on the web site of the Society to Improve Diagnosis in Medicine for a toolkit to use at the visit with the doctor.
HIStalk Announcements and Requests
An encouraging one-fourth of poll respondents credit their mobile device with life-changing health improvements. Folks called out MyFitnessPal and Fitbit for tracking nutrition and heart rate, smart watch integration with continuous glucose monitoring, drug management, patient portal communication, Kardia for monitoring atrial fibrillation, the 7-minute workout, and Pokemon Go and 5K training apps.
New poll to your right or here: Has your employer conducted a layoff in which older or sicker employees seemed disproportionately represented?
I’m amused at hospitals that brag that they chose their new executive after a “nationwide” search, like they sent teams out to scour every backwater town for candidates. Are the locals impressed that they didn’t just run a Craigslist ad or hang a flyer on the town lamppost?
Virtual show of hands – who knew that GroupWise email is still being sold and maybe even being used by some hospitals?
September 19 (Thursday) 2:00 ET. “ICD-10-CM 2020 Code Updates.” Sponsor: Intelligent Medical Objects. Presenters: June Bronnert, MSHI, RHIA, director of terminology mapping, IMO; Theresa Rihanek, MHA, RHIA, classification and intervention mapping lead, IMO; and Julie Glasgow, MD, senior clinical terminologist, IMO. The 2020 regulatory release is right around the corner. Join IMO’s top coding professionals and thought leaders as they discuss new, revised, and deleted codes; highlight revisions to ICD-10-CM index and tabular; discuss changes within Official Coding Guidelines; share potential impacts of the code set update; and review ICD-10-CM modifier changes.
September 26 (Thursday) 2 ET. “Patient Education Data: A Key Ingredient for Improving Quality and Patient Experience.” Sponsor: Healthwise. Presenters: Victoria L. Maisonneuve, MSN, RN, director of the Nursing Center for Excellence and Magnet program, Parkview Health; Marta Sylvia, MPH, senior manager of quality improvement and outcomes research, Healthwise. Healthcare data is everywhere! It’s scattered across various systems and in countless formats, making it difficult to collect and glean actionable information. Knowing where to start depends on what your organization wants to accomplish. Vicki Maisonneuve will share how her team analyzes data around the use of patient education. By combining different data sets, she can easily identify trends, gaps, and opportunities to improve quality and patient experience across Parkview Health.
Previous webinars are on our YouTube channel. Contact Lorre to present your own.
- United Health Services (NY) will go live with Epic in 2020.
- Big Sandy Medical Center (MT) will go live with Evident in October 2019.
- Crozer-Keystone Health System (PA) will switch from Cerner Invision to Cerner Millennium in 2020.
- Missouri River Medical Center will replace MedWorxs with Evident EHR in October 2019.
- Logansport Memorial Hospital will implement Cerner on May 1, 2020, replacing Meditech.
These provider-reported updates are supplied by Definitive Healthcare, which offers a free trial of its powerful intelligence on hospitals, physicians, and healthcare providers.
Curt Thornton (Quantros) joins Healthx as chief revenue officer.
Announcements and Implementations
Sioux Lookout Meno Ya Win Health Centre goes live on the new Vocera Smartbadge.
Privacy and Security
AMA describes its ideal privacy framework that places the patient first in supporting their fundamental right to obtain their complete medical record, but they believe those same patients aren’t smart enough to “understand what they are consenting to when they grant permission to an app to access their information.” AMA also wants the federal government to require EHR vendors to vet API data access requests and to give requestors only the information they need, such as insurers that request the entire medical record for unrelated data mining and threatening to file a data blocking complaint if they don’t get it. I’m finding myself sort of agreeing with AMA, although they don’t do a good job convincing patients that their motivation is anything but self-serving.
A reader alerted me to a new HFMA podcast (#2 in the newly launched series) in which Epic CEO Judy Faulkner is the interviewed guest. I enjoyed it despite the podcast’s imitative “we’re just chatting over coffee” format that puns the host’s name (HFMA CEO Joe Fifer). Fun items from the fairly short and breezy conversation:
- Judy says it was hard for her husband to see her change from wearing jeans and tee shirts with no makeup to dressing professionally when she started Epic.
- She had to figure out how to write contracts, policy manuals, and budgets (“we don’t have any”), and whether to accept outside investment or go public (“nope”).
- She says a visiting HR VP asked her how to maintain the culture, and she said “nothing,” with Judy claiming to be unaware that Epic’s culture is different from that of other companies. Judy teaches a six-hour course on company culture and each person’s role in it.
- Skipping a monthly staff meeting requires the employee to get a signoff from their team lead, President Carl Dvorak, and Judy herself.
- She asks employees to choose the top reason they are there, and while new hires usually chose “money” because they haven’t seen the big picture yet, they need to eventually understand that everybody’s #1 answer should be the same as Judy’s as “the customer.”
- It’s always a challenge to stay focused on strategic items despite fires that need to be fought. She says it’s the Yellow Brick Road and you just have to keep walking on it. When she has to make a good decision, she looks ahead 25-50 years, decides “what would be good for those folks,” and then works back.
- She doesn’t think about employees as young – they are hired from tests in which they prove that they are articulate and competent, and once hired and trained, they are treated like everybody else.
- Epic does not have budgets, instead advocating, “If you need it, buy it. If you don’t need it, don’t buy it.“ She developed that practice when someone told her they needed to spend $2 million of leftover budget and couldn’t return it because they would then get $2 million less the next year. Or they needed to buy something immediately, but didn’t have the budget. “Let’s not go that path,” she said. If someone makes a mistake in spending judgment, she likes to catch it early so the person can learn from it.
- Judy laughed when asked how she avoids thinking she’s done everything she can do with Epic, asking, “Is this a joke?” She says there are always new areas and new projects, so now Epic is working harder on claims and adjudication, specialty labs, retail clinics, research via the Cosmos program, and new types of customers.
- “The thing that bugs me is that I haven’t found a test for [curiosity],” since results come from curiosity paired with aptitude.
Alex Scarlat, MD – who wrote the HIStalk “Machine Learning Primer for Clinicians” series – suggested that I take a look at UMLS.me, a free website that extracts 5.7 million Unified Medical Language System concepts from free text, all from within a browser window (which then also supports voice input). Above is my result from pasting in a medical school’s sample HPI.
@Farzad_MD and @EricTopol question a study run by JAMA Dermatology that claims an AI model can predict non-melanoma skin cancer by looking at EHR data such as diagnoses and ordered medications, noting that only 1,829 patients were analyzed, the risk prediction covered only one year even though most cancers grow slowly, the control group was chosen in a scandalously unsound manner, and the model was heavily dependent on the medication list even considering that most meds are not relevant to skin cancer. Note to journal editors and investors – hire an expert in statistical analysis and AI to vet claims instead of assuming that the author or founder knows what they’re talking about and is being honest about it, or at least get peer reviewers who can sort it all out.
A study published in Lancet Digital Heath finds that clinicians with no experience in medical coding or deep learning can create clinical classification algorithms that perform well at diagnosis.
England’s Daily Mail cooks up a clickbait headline to describe for a rather benign development – EDs will give patients a four-minute, tablet-based questionnaire to answer questions about their complaint to save nurse time. The paper dragged up a professor to make a generic, mostly irrelevant statement decrying computers replacing clinicians. Here’s where newspapers and news websites are guilty of the “fake news” claim – the headline screams that the practice is “controversial” because it goaded one guy into saying so, then later claiming that “NHS bosses were condemned” for recommending the use of Alexa for obtaining health information without saying exactly who condemned them and to what extent. I’m wary of any publication that makes ridiculously unquantified statements in claiming response from “the XXX community” or claiming some broad support or criticism in trying to push their own conscious or subconscious agenda (whether it’s political or simply to force readers to click by misleading them). My guess in this case is that it’s the same questions a nurse would ask but who would add little value in simply writing down the answers.
A nursing instructor and author declares in her New York Times opinion piece that the American medical system is “one giant workaround,” as executives mandate policies and procedures that don’t work or take too much precious time. She calls out the use of scribes to work around EHR design flaws, mentions medication barcode scanning problems that force nurses to cheat, and claims that the Affordable Care Act is a kludge that works around our reluctance to provide healthcare to all citizens.
- LiveProcess and Mobile Heartbeat will exhibit at Disaster Planning for California Hospitals 2019 September 10-11 in Pasadena.
- SailPoint names Matt Mills (Oracle) as chief revenue officer.
- Meditech will host the 2019 Physician and CIO Forum September 18-19 in Foxborough, MA.
- Waystar will exhibit at the Universal Software Solutions Users Conference 2019 September 10-11 in Grand Rapids, MI.
- Netsmart will exhibit at the ACMHCK Annual Conference September 11-13 in Wichita, KS.
- Clinical Computer Systems, developer of the Obix Perinatal Data System, will exhibit at the AWHONN Ohio 2019 Section Conference September 12 in Cleveland.
- PatientKeeper will exhibit at AHIMA19 September 14-18 in Chicago.
- T-System will exhibit at the2019 TORCH Fall Conference & Trade Show September 10-12 in Cedar Creek, TX.
- Prepared Health will exhibit at Health Catalyst’s HAS19 Digital Innovation Showcase September 10-11 in Salt Lake City.
- FDB adds Redox’s API to its Meducation app, giving users the ability to transfer patient data from the app into Epic.
- Surescripts will exhibit at the 2019 Health Care Executive Group Annual Forum September 9-11 in Boston.
- National Decision Support Corporation Product Manager Ben Gold will co- present “Buy vs. Build in Establishing a PBM Program” September 19 at the Society for the Advancement of Blood Management conference in Baltimore.
Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates. Send news or rumors.