Recent Articles:

Readers Write: Communicating Across the Continuum

October 8, 2014 Readers Write Comments Off on Readers Write: Communicating Across the Continuum

Communicating Across the Continuum
By Steve Whitehurst

image

As consumerism continues to permeate the healthcare industry, hospitals must place more emphasis on how they treat their patients across the entire care continuum, inside and outside the four walls of their facility. To do this, patients must be addressed at every touch point in order to fully meet their needs and sustain their satisfaction.

Though increasingly important, many hospitals struggle with supporting patients’ 24/7 communication needs due to limited staff, reduced budgets, and unclear communication expectations. Yet without a communication plan in place, interacting with and keeping patients engaged and satisfied can be very difficult, thereby limiting a hospital’s ability to sustain an enhanced patient experience, increase patient satisfaction, keep patients compliant with their care plans, and build brand loyalty—not to mention it can potentially increasing the risk for readmission.

By creating a comprehensive communication strategy leveraging a mixture of communication services leveraging live operators and clinicians as well as automated technology platforms across the continuum, hospitals can effectively manage their interactions with patients inside and outside the facility’s walls to increase both care quality and patient experience.

With Meaningful Use incentives and other regulations driving the implementation of patient portals, many healthcare organizations are pouring resources into electronic communication platforms that use email or direct messaging to communicate with patients. Although these methods certainly improve engagement, they are not always effective at reaching all patients or providing personalized attention.

For instance, most patient portals are capable of delivering educational material to patients. However, there’s no way of knowing whether the patient actually reads and understands the information unless someone directly asks and engages the patient in conversation. Whether face-to-face or over the phone, once personal interactions are lost, the organization loses its ability to make sure patients are adhering to their medications and complying with their care plans.

Conversely, hospitals that employ high-touch communication strategies, such as the following, can engage patients across the continuum to promote more favorable outcomes, in addition to realizing measurable improvements in patient satisfaction and HCAHPS scores.

  • Live voice follow-up after discharge. One of the most effective methods for reaching patients, this communication tactic enables organizations to know when they’ve reached patients and provide personalized communication to their patients by asking and answering questions, ensuring patients are adhering to their medication and care plans, and providing additional education. Statistics show that patient satisfaction improves when communication services like live voice are leveraged at specific touch points in a patient’s care continuum.
  • Communication to support care coordination. For patients with complex conditions, multiple comorbidities, or who are high-risk for readmission, communication services can improve care coordination by going beyond discharge follow-up to help patients navigate their care plans. These services, for instance, can help patients with medication management (including medication reconciliation and adherence), disease management, and health coaching. As an example, when patients are prescribed new medications or receive changes to previous prescriptions, it can be difficult to figure out which medications should be taken, when they should be taken, and specific side effects to look for. Care coordination follow-up support can help patients navigate these questions, ensuring they take medications in the most appropriate way. Likewise, these services can also identify barriers patients may have in obtaining or taking their medications and offer solutions to help with adherence.
  • Answering services. Inbound services that receive calls from patients provide opportunities for healthcare organizations to address questions or concerns immediately rather than waiting for providers to return phone calls. When these services are managed by highly trained teams qualified to listen to and answer patient concerns, it allows organizations to meet patients’ needs more efficiently in a timely manner, thus increasing patient satisfaction levels.
  • Automated services. Although live voice interactions are most effective for facilitating conversations between patients and providers, automated services can be useful for routine patient outreach, such as reminding patients to schedule and attend upcoming appointments or refill prescriptions. By leveraging automated services in appropriate situations, organizations can concentrate their human resources on more meaningful interactions with patients.

Whether managed in-house or outsourced, a comprehensive communications plan will enable hospitals to continue the patient-provider conversation long after patients leave the facility, enhancing their experience throughout the entire care continuum.

Steve Whitehurst is the vice president and general manager of Stericycle Communication Solutions.

Comments Off on Readers Write: Communicating Across the Continuum

Morning Headlines 10/8/14

October 7, 2014 Headlines 1 Comment

Payment Adjustments & Hardship Exceptions

CMS announces that it will reopen the submission period for hardship exception applications for both eligible professionals and eligible hospitals, with a new application deadline set for November 30.

John Flannery to Lead GE Healthcare

GE Healthcare CEO John Dineen  announces his resignation, effective immediately.  He is reportedly leaving the company to pursue leadership opportunities outside GE. Dineen will re replaced by John Flannery, GE’s current head of business development.

Ochsner Health System First Epic Client to Fully Integrate with Apple HealthKit

Ochsner Health System (LA) announces that it has connected its Epic EHR with Apple’s HealthKit to capture daily weight readings from wireless scales that are issued to heart failure patients enrolled in the health system’s remote patient monitoring program.

Health Care Website Fix Cost Mass. Additional $26M, Patrick Says

Massachusetts Governor Deval Patrick announces that the state’s health insurance exchange is fixed, costing $26 million to repair and bringing the total cost of the exchange to $254 million.

News 10/8/14

October 7, 2014 News 14 Comments

Top News

image

CMS will reopen the submission period for EHR hardship exceptions through November 30, 2014. Valid circumstances are vendor delays in providing 2014 Edition CEHRT and the inability to attest via the 2014 CEHRT Flexibility Rule. They didn’t give a reason, but it’s probably because their attestation system wasn’t working and providers were going to be penalized for another CMS technology screw-up.


Reader Comments

From Zephyr: “Re: Ebola. Epic is hosting a conference call Wednesday to allow users to share strategies for screening, notification, and management of communicable diseases.” Unverified, but I think all ED system vendors should consider doing this. Epic has a vested interest since it was called out (correctly or not, depending on which hospital press release you believe) by Texas Health Resources, which owns the hospital that discharged an Ebola patient from its ED due to poor communication of his stated recent visit to Liberia.

From Doppelganger: “Re: MU. We are an EH trying to attest since July for Stage 1 Year 2 for the period April-June 2014. We first attested under Medicaid for 2012, then Medicaid and Medicare in 2013. There’s a bug in the CMS website – they think we’re in our third year of attestation, so we must be on Stage 2. I’ve heard this is happening to everyone who attested under Medicaid for 2012 only. CMS said the bug would be fixed on October 1. It still isn’t and my CFO wants his ‘free’ money!” CMS seems to be struggling with its websites these days, so I’m sure others are having the same problem.


Webinars

October 21 (Tuesday) 1:00 p.m. ET. Electronic Prescribing Of Controlled Substance Is Here, What Should You Do? Sponsored by Imprivata. Presenters: William T. “Bill” Winsley, MS, RPh, former executive director, Ohio State Board of Pharmacy; Sean Kelly, MD, physician, Beth Israel Deaconess Medical Center;  David Ting, founder and CEO, Imprivata. Providers are challenged to use EPCS to raise e-prescribing rates for MU, improve physician productivity, reduce fraud and errors, and meet New York’s March 2015 e-prescribing mandate. Hydrocodone painkillers such as Vicodin have moved to Schedule II, with the higher CS prescribing volume adding another reason to implement e-prescribing. This webinar will describe why organizations should roll out EPCS, presented from the perspectives of pharmacy, compliance, physicians, and technology.


Acquisitions, Funding, Business, and Stock

image

Cognizant, which bought TriZetto two weeks ago for $2.7 billion, acquires healthcare digital marketing company Cadient Group.  

Rock Health runs an interesting interview with a Goldman Sachs healthcare IT guy on doing IPOs. A good quote: “Being public—not just going public—can put you in a very powerful position as you continue to build your toolset and maximize its importance in the world. But the process is time intensive and distracting, so always be objective and sober about it. Maintain control and don’t let the euphoria and momentum of the IPO process carry you away such that you later wish you had spent time continuing to innovate and build the business rather than focusing on the IPO.”

image

Hewlett-Packard will split into separate companies, one (Hewlett-Packard Enterprise) focusing on enterprise hardware and services and the other (HP) on PCs and printers. 

image

Medical supply manufacturer Becton Dickinson will acquire CareFusion for $12 billion in cash and stock. CareFusion’s health IT-related product lines include Alaris (smart IV pumps), MedMined (infection surveillance), and Pyxis (medication and supply dispensing). The company was a 2009 Cardinal Health spinoff. The Department of Justice fined CareFusion $40 million earlier this year for paying high-profile patient safety advocate Charles Denham, MD nearly $12 million to recommend the company’s skin prep cleanser via the National Quality Forum.

image

Alteryx, which offers software that allows minimally technical users to create workflow-driven applications from data sources, raises $60 million in a Series B round. The company, which partners with Tableau and QlikView, offers a 14-day free trial download.


Sales

United Physicians (MI) will roll out Wellcentive’s population health and risk management solutions to cover all its patients.

Community Health Centers of Arkansas will implement eClinicalWorks Care Coordination Medical Records across 10 practices and 58 locations.


People

image image

GE Healthcare President and CEO John Dineen resigns effective immediately to “look at new leadership opportunities outside GE.” He will be replaced by SVP of business development John Flannery.

image

Sheryl Bushman, MD (NYU Langone Medical Center) joins Optimum Healthcare IT as CMIO.

image

Sean McDonald, who founded the Pittsburgh-based hospital pharmacy robotics vendor Automated Healthcare and sold it to McKesson in 1996, leaves his CEO job at Precision Therapeutics.

image

Jim Cato, EdD, RN, MSN, CRNA (Christus Spohn Health System) joins GetWellNetwork as SVP of clinical integration and operations.


Announcements and Implementations

image

XIFIN will use SyTrue’s terminology as a service to improve pathology services billing and to ease the conversion to ICD-10.

image

A local newspaper article by Lee Memorial Health System (FL) CIO Mike Smith describes its go-live with Epic MyChart.

image

Caradigm releases a population health applications bundle that includes its Intelligence Platform plus modules for patient knowledge aggregation, risk management, quality improvement, and care management. 

image

Surescripts integrates its CompleteEPA medication prior authorization system with Epic.

T-System releases system-agnostic Ebola patient screening tools that are free to all providers.

image

Premier adds real-time predictive analytics from Predixion Software to its PremierConnect data management and decision-making platform.

Merge Healthcare adds electronic referral and order management to its iConnect image sharing network.


Government and Politics

Medicare will change its five-star rating system for nursing homes after news organizations questioned the validity of self-reported data. Among the changes will be mandatory quarterly electronic submission of payroll data to verify staffing levels and an auditing program to validate quality measures ratings.

The VA, following up on its investigation of long wait times, fires three health system directors and its chief procurement officer. One of the fired directors announced his retirement four days before his termination was made public, which the chairman of the House Veterans’ Affairs Committee called, “semantic sleights of hand.” The procurement officer was fired for inappropriately influencing a contract award and then trying to block the resulting investigation.

image

Massachusetts Governor Deval Patrick says the state’s health insurance exchange has been fixed for $26 million and a total cost of $254 million, far les than the $600 million total that a think tank had estimated last month.  

image

A Texas Senate committee is holding hearings into how Ebola patient Thomas Duncan ended up at Texas Health Presbyterian Hospital and why the hospital’s ED discharged him even though he was feverish and told the nurse just came back from liberia.  


Innovation and Research

image

Orlando Portale, president of Health Innovation Partners, mocks up an Ebola early warning app for hospital EDs that would connect to the system in which the US Department of Customs & Border Protection records the itineraries of travelers entering the US. if the government authorized access its system, doctors could review the patient’s travel history by entering the patient’s last name, gender, and date of birth. Sounds like a great idea other than the inevitable privacy objections that would arise from having the visit plans of foreign travelers available outside of the government.

A Brigham and Women’s Hospital EHR review finds that doctors experience “experience fatigue” later in the day and are 25 percent more likely to inappropriately prescribe antibiotics late in their shifts. As if that’s not bad enough, the study found that doctors often ordered antibiotics questionably even when they weren’t tired, about 30 percent of the time.


Technology

image

Ochsner Health System (LA) announces that it is the first site to integrate Apple HealthKit with Epic, bringing in weight from wireless scales to monitor home patients for congestive heart failure. I cringed when I typed “weight” since I recall my physics professor adamantly declaring that the correct term is “mass.”

An Exconomy review says there’s not much evidence proving that digital health improves outcomes, but it’s not reasonable to withhold clearly beneficial technologies while waiting for the perfect study to be performed. The best quote is from Joe Kvedar, MD of Partners Healthcare’s Center for Connected Health, who says its tough to get insurance companies to pay for apps for conditions such as smoking cessation where the medical cost benefit won’t be realized for years, possibly after the patient has moved on to another insurer. “That’s why so many companies say they’d rather make a cute thing to put on your wrist, make some money, sell it, and move on to the next thing.”


Other

University of Michigan gets a $1.6 million AHRQ grant to study how clinicians use EHRs, email, and pagers and how those systems can be set up to reduce communications failures.

Several high-end restaurants in Los Angeles are tacking on a 3 percent dinner tab surcharge line item to cover the cost of providing health insurance to their employees. Some patrons are complaining that, like other costs of running a business, the extra fee should be built into menu prices, but the restaurants argue that their leases and insurance are priced based on gross revenue and 3 percent wouldn’t cover it by that method. Some of the restaurants agree that it doesn’t make sense to pay servers nearly nothing and force them to live on tips, so they’re considering adding an all-inclusive service fee. 

image

Masimo Corporation, which flashily launched a patient safety foundation last year with an on-stage appearance by President Bill Clinton, is found in a ProPublica investigative report to have been reprimanded by the FDA for failing to respond adequately about complaints about the safety of its own medical devices. An expert who reviewed the agency’s findings found it troublesome that the company challenged a complaint about a device’s alarm system involving a patient death, adding, “When a company refuses to respond in any way to the FDA other than to say that the FDA is wrong on every issue, that’s not very credible.”  

Health Catalyst puts out a good video called, “If Restaurants Were Run Like Hospitals.”

Researchers looking at Beth Israel Deaconess Medical Center’s patient portal usage through 2010 found that patients sent an average of about one email every other month per patient, with about a fourth of all patients signing up for the portal and a third of those (8 percent of all patients overall) sending at least one message to their doctor. Physicians received about one email per day. The authors conclude that physicians should be required by their job descriptions to respond to patient emails. That’s interesting, but the information is awfully old and the conclusions are questionable as a result.

Walmart will allow in-store shoppers to compare and select health insurance plans, adding that the company’s goal is “to be the number one healthcare provider in the industry” and that the foot traffic will allow it to sell customers prescriptions, non-prescription medications, optical services, and retail clinic services. The company also announces that it will stop offering health insurance to the 30,000 of its employees who work fewer than 30 hours per week, meaning those employees will lose their 75 percent Walmart premium subsidy.

image

Weird News Andy is amused by PitPat, a Bluetooth-enabled exercise tracker for dogs. WNA adds that the cat version would be locked on 99 percent sleep.


Sponsor Updates

  • Sanford Health (ND) VP of clinical operations Jeff Hoss describes the use of an RTLS from Intelligent InSites and Sonitor to improve ambulatory patient processes in a video presentation.
  • Medicity earns HISP certification from DirectTrust and EHNAC.
  • Streamline Health will begin work on a $7.5 million, five-year deal for its abstracting solution with a new channel partner.
  • Georgia West Imaging and Outpatient Imaging (GA/AL) select McKesson Business Performance Services for its RCM.
  • Netsmart announces that over 1,000 attendees are participating in its CONNECTIONS2014 client conference through October 9.
  • GetWellNetwork CEO Michael O’Neil, Jr. is speaking at the US News Hospital of Tomorrow summit October 6-8 in Washington, DC.
  • CTG Health Solutions’ Joseph Eberle will share his experience identifying improvement opportunities for chronic kidney disease patients at the National Association of Health Data Organizations Annual Conference October 8.

Contacts

Mr. H, Lorre, Jennifer, Dr. Jayne, Dr. Gregg, Lt. Dan, Dr. Travis.

More news: HIStalk Practice, HIStalk Connect.

Get HIStalk updates.
Contact us online.

 

125x125_2nd_Circle

HIStalk Interviews Paul Roscoe, CEO, VisionWare

October 6, 2014 Interviews 1 Comment

Paul Roscoe is CEO of VisionWare of Newton, MA.

image

Tell me about yourself and the company.

I’m the CEO of VisionWare. Before VisionWare, I was the CEO of Crimson. I’ve been involved in healthcare technology for the past 25 years in both Europe and the US.

VisionWare was a company I’d known for many, many years, founded by Gordon Cooper, a friend of mine. While I was tracking the company, I also got a chance to see VisionWare from a customer’s perspective because while I was at Crimson, the technology team decided to deploy VisionWare’s master data management solutions to help the Crimson platform.

 

What’s the definition of master data management?

Master data management is a well-understood genre of technology tracked on a horizontal basis. Gartner has a magic quadrant for master data management, for example. From a healthcare perspective, people may have looked to master data management in terms of technology like EMPIs, or enterprise master data indexes.

Master data management as we define it is the ability for VisionWare particularly to provide an effective and a single perspective on integrating the various different disparate data sets that exist from a healthcare organization — matching, verifying, governing, visualizing that data across these different data silos to provide a 360-degree view of the healthcare data.

The most obvious one of that is patient data, but it could be a 360-degree view of a provider, a facility, or an entity of any description. Patient is the most obvious one.

 

If you look at the competitive landscape of analytics, where would you position VisionWare?

VisionWare’s technology enables a lot of the analytics solutions that are out there in the healthcare domain at the moment. I know that coming from Crimson that one of the challenges for a lot of the analytics, population health, and care management solutions that are out there is accurately identifying the patient and accurately identifying that patient across the various different care venues in which those types of solutions are being deployed. They are very sophisticated. They have great insight. But only as far as the lowest common denominator, which is accurate patient information or accurate physician information.

We don’t see ourselves as competitors to analytic solutions per se. We have a lot of those analytics and population health vendors that approached VisonWare recently and are looking to integrate our master data management technology to enable a more effective view of the patient information within their solutions.

The obvious example is to look at situations where there are multiple systems. If you look into any health system — never mind an accountable care organization — you will find lots of disparate clinical and financial systems. Organizations are increasingly looking to link those two domains together, so the recipe for mismatched or inaccurate patient data is there.

Now you expand that as you look at the complexity of a health system, not just an inpatient setting, but also inpatient ambulatory. Then you expand that even further to affiliates, employed practices, long-term care, and skilled nursing facilities. You’ve got a very complex picture where the patient’s information is being held. At every one of those venues, there’s opportunity for that patient information to be inaccurate. When I want to lift up and look holistically and longitudinally at that patient, it’s very difficult unless I’ve got accurate patient information.

Clearly disparate systems and the disparate nature of healthcare delivery is promoting this challenge. But even in situations where you’ve got a single EMR system … there was some research done not that long ago relative to the Epic deployment at Kaiser, where it talked about a single deployment of an EMR, but different instances of Epic across different regions. It reported that just within the Epic domain that the rate of patient identity matching fell to somewhere around 50 or 60 percent when they were sharing information across different regions, even within the Epic world. Clearly a single system doesn’t always mean that you’ve also got a handle on effective patient matching.

 

What’s the cause of mismatched patients within a single system?

You’ve got a number of challenges. The data that’s being collected at these various different registration points is not necessarily conforming to a standard of data governance. How information is collected at Point A on a patient may be very different than the way it’s collected at Point B. How we might use a simple thing as a surname field may be very different from system to system.

There’s really for many of our clients not a lot of data governance standards in place. That’s promoting the challenges of dirty data coming in. You can have the most sophisticated matching algorithms, but if you haven’t sourced the issue at the point at which the data’s being entered, then you’ll always have challenges.

We believe that master data management can be solved to a degree with technology, but it should be part of an overall information governance strategy that health systems are starting to embrace. We are realizing that in this post-EMR era, they’ve got amazing digital assets, amazing data that is locked up in these systems. But without being able to accurately identify that data and to be able to normalize and harmonize it, it starts to lose its value.

When people think about interoperability being the Holy Grail, sharing an IHE profile, HL7 document, or CCDA in itself will not solve this problem because there are still challenges where technology can help probabilistically and deterministically matching these patients together. That’s what we do at VisionWare.

 

What customer base do you have or seek?

The company was based historically out of the UK. Over the last couple years from the UK, we have been focused on selling to two primary constituents, the HIE landscape and also with technology companies who are looking to provide a master data solution within their own product portfolios. We’ve been successful in both of those areas. We have a large number of HIEs and a number of different technology companies.

Increasingly over the last year since I joined, we’ve now started to focus our efforts on the provider marketplace, ACO marketplace, and the payers. What we’re finding is that a lot of those organizations have the first-generation EMPI technologies. They’re finding that those are somewhat monolithic. They were developed in an era where you only needed to look at inpatient data. That was the key driver.

In today’s world of healthcare and care coordination across this continuum, those first-generation technologies aren’t really fit for purpose. That’s why we started to see quite a lot of traction in the last six to nine months with a solution that was more designed to operate in this more collaborative environment.

Not to keep going on about this, but one of the things that’s quite unique about VisionWare and was appealing to me when I looked at the company is this notion of what we call a collaborative data model. The ability for us to not say, “This is the definition of a patient or a provider, take it or leave it” as some companies in this space do. It’s more, “You give us the data as you see fit and it’s our responsibility to make sure that we can take that data in whatever format, match it, merge it, and send it back to you in the format that you want.” It’s much more collaborative as opposed to predefined.

 

Analytics companies that are new to healthcare might have missed the concept of patients coming from different venues and different systems without a single identifier. Do you think they are just starting to see the nightmare of what seems simple in identifying a patient?

I think there’s definitely some aha moments for a lot of those vendors, where they realize that they’re taking the data in from those various customers and that they’re responsible for making sure that they can create meaningful value from it. One of those challenges is being able to accurately identify that patient. Yes, we’ve seen quite a lot of traction there.

What we’ve also seen is organizations that have gone through acquisitions. One of our clients is a very large electronic medical record vendor who went through an acquisition of another vendor in their space and wanted to provide a way of quickly having a single view of the patient across these two assets now instead of a single asset. We see that in a hospital setting, as organizations are increasingly looking to either employ practices or merge with other hospitals. That in itself presents large challenges in being able to identify accurate patient data or provide the data across those various assets. So M&A activities tend to be a big driver for us as well.

 

People may also miss the need for a master provider index and what that means in terms of credentialing or doing any kind of quality work. Is that something that’s also not very state of the art from other vendors?

The first stage of the work that we did with our friends at Crimson was around providing a single provider registry. For any level of quality reporting or performance analytics on a physician, you need to make sure that you’ve got an accurate representation of all of your physician’s activity. Without having a provider directory, that’s challenging. That’s a big area.

 

What’s the interest in your geospatial capabilities and how that might be used in a public health context?

When you think about data on a patient, we understand data that’s been captured in a hospital or an ambulatory setting. Particularly around patient engagement, there’s a lot of information that is presenting itself on patients – and it will continue to get larger and larger — that might be interesting for a care manager.

The problem you’ve got is that data may be patient supplied or it might be sourced from non-hospital-based systems. Therein lies the challenge. How do you take some of the information from these other areas that a patient’s interacting with that historically hospitals don’t really care too much about? But now as we’re trying to engage the patient or trying to understand how the patient is managing their healthcare, we may take more notice of. There is a challenge there of how you link that information that’s being provided to the hospital information systems.

We have a solution specifically aimed at allowing us to enrich hospital data with third-party data that we’re obtaining or is being obtained by the health system from a variety of different sources. A simple example would be how do you look at an increasing number of self-pay patients? The ability to do effective credit scoring might be important for our health system. How do you link that patient with data that might be in Experian or other credit-scoring system? That’s a challenge. It might seem very simple, but it’s actually quite a big challenge for a lot of healthcare organizations to match that Paul Roscoe with that Paul Roscoe in the credit scoring system without a solution that allows that to happen.

 

Hospitals have to become more interested in what happens to patients who aren’t having an encounter using more of a CRM-type system instead of just waiting for them to show up. Are organizations interested in using your tools to do outreach for at least targeted groups of patients?

Yes. Not only those cases we talked about, but we’ve also created within the VisionWare portfolio a visualization layer that allows us to visually represent a patient in ways that might be interesting to look at, but you couldn’t get from a flat analytics view that you might get through the dashboard, etc.

If you think about it, we’ve mastered all of the data that’s flowed through the health system. We know the patient. We know the relationship with that potential patient’s family. We know the relationship with the physician. We’re in a great position to be able to then provide a visualization layer that allows you to explore the data in meaningful ways.

You might put this in the hands of a care manager who’s looking at a particular small panel of patients and wants to understand as much as they can about their interactions with the health system regardless of where they are. That’s particularly relevant in an HIE way. You might have access to data now across this broader network. This visualization layer allows you to visually explore the data, potentially on a patient-by-patient basis, and see correlations and data that might not have been obvious to you before.

 

With ACOs or acquisitions, hospitals are suddenly getting access to data from other systems. Do they have to figure out how a given patient fits into the new grand scheme?

Absolutely. You’ve got situations where you might have a small fragment of the patient record, but the patient is being seen in another facility. Without knowing the connection between that sliver of Paul Roscoe and the broader Paul Roscoe that might be in a medical record that’s being held somewhere else, you may be missing an opportunity from an engagement perspective.

It may be more fundamental than that, maybe patient safety issues. I’m treating this Paul and I don’t really have the longitudinal view of Paul because I don’t have that complete medical record because it’s been duplicated or mismatched. There’s significant impacts to that.

I believe it was the CHIME survey not that long ago in which a fifth of respondents said that there were adverse events happening from mismatched patient information. This is fundamental, not nice to have. There are patient safety concerns that can be addressed by having a more effective handle on your patient and integrity of your patient data.

 

Where do you think the company’s future lies?

What we are focused on at the moment is building out a larger install base in the US. We think there is a lot of difference between what we do and what the incumbent vendors are doing.

Our job at the moment is to get our name out there. Doing the work that we’re doing with your organization helps. And help health systems understand how our approach is different than the incumbents that are in the marketplace — speed to deploy, the price point that we can offer to our customers in the US, and also just the sophistication of the solution.

Our goal at the moment is to build a strong base in the US. We have a strong UK organization already behind us. That platform allows us to build out our US organization and continue to deliver value for our US healthcare customers.

One of the other areas that we can do is innovate. You’ll see us shortly coming out with a solution which allows us to look at, for example, biometric data on a patient and link back to a patient’s identity. This is a potential Holy Grail of patient identity, which is the linkage of a patient’s biometric signature with the information that’s being stored in the health system. We think we’ve got a really effective way of doing that.

Health IT from the CIO’s Chair 10/6/14

October 6, 2014 Darren Dworkin 8 Comments
Fine print: The views and opinions expressed in this article are mine personally and are not necessarily representative of current or former employers.

Hospital technology is not having a good week. First an EMR flaw was identified in the handling of an Ebola patient, and now this.

Hospital says spreadsheet flaw led to overspending
Administrators did not see the analyst’s note in the spreadsheet, officials say

10:00AM – October 5, 2014

Officials at UASP Hospital (Unique and Sick Patients Hospital) allege that a flaw in the hospital’s spreadsheet application prevented administrators from seeing negative budget variances, leading the hospital to spend too much money.

Background on the case

On Sunday evening, officials confirmed the case of overspending after an analyst submitted an invoice for payment in a cost center already over budget, setting in motion actions that would have UASP hospital over spend.

The trouble with spreadsheets

According to the hospital, the administrator who approved spending the money followed hospital protocol. Although the analyst had included the information about the negative budget variance in the correct cost spreadsheet tab, the administrator never saw the notation.

"Protocols were followed by both the analyst and administrator. However, we have identified a flaw in the way the administrator and analyst portions of our spreadsheet software interact in this specific case. In our spreadsheets, there are separate administrator and analyst workbook tabs," according to a hospital statement.

"The documentation of spending variances was located in the analyst workflow portion of the spreadsheet, and was designed to provide high reliability analyst process to allow for the spending and approval under administrative pre-approval limits," the statement explains. As a result, "the documentation of spending variances would not automatically appear in the administrator’s standard workflow."

Could your hospital handle financial variances?

The hospital says it has since moved the budget variance into the workflow for both administrators and analysts. It has also modified the spreadsheet to highlight any large expenses when a cost center is close to its budget.

According to the hospital, "We have made this change to increase the visibility and documentation of budget variances in order to alert everyone… We feel this change will improve the early identification of variances in the budget, and bring to our attention any over spending"

While not named, it is well known that Microsoft is a leading vendor in the spreadsheet space and the current vendor of UASP Hospital. Reached for comment, Satya Nadella, CEO of Microsoft. added, "Even more important, we must have courage in the face of opportunity."

Marc Benioff, CEO of Salesforce.com noted on CNBC, "The era of the traditional software ‘load, update and upgrade’ business and technology model is over … It is time for The Business Web"

Note: while I am poking fun at how we can blame technology, the severity of the Ebola disease is no laughing matter. My thought and prayers are with all Ebola patients around the world as well as the courageous caregivers putting their lives at risk every day. There are many ways to help. I have chosen to donate to the Red Cross.

1-29-2014 12-54-46 PM

Darren Dworkin is chief information officer at Cedars-Sinai Health System in Los Angeles, CA. You can reach Darren on LinkedIn or follow him on Twitter.

Curbside Consult with Dr. Jayne 10/6/14

October 6, 2014 Dr. Jayne Comments Off on Curbside Consult with Dr. Jayne 10/6/14

clip_image002

Given the recent events at Texas Health Presbyterian Hospital Dallas, the Ebola virus is all our hospital can talk about. We’ve been combing through our infectious disease protocols and scheduling education sessions to ensure people have access to all the resources available.

It’s daunting to think of what might happen should the disease get a toehold in the US. Many of our hospitals are already taxed with the usual communicable diseases. During flu season last year, one of the local pediatric hospitals had to put a M*A*S*H style tent in the parking lot to handle all the cases coming in.

Although Ebola is statistically less infectious than other diseases (including HIV, SARS, mumps, and measles), the lack of available treatments and high mortality rate frighten the average person. NPR had a great graphic that we’re using to help educate staff and patients about the need to ensure we have appropriate precautions in place to treat all communicable diseases, not just the most worrisome ones.

We have measles outbreaks in our community every couple of years due to some concentrated populations who do not vaccinate. Measles has a fatality rate of around 25 percent in underdeveloped nations, compared with an average fatality rate of 50 percent with Ebola (although specific outbreaks have ranged from 25 percent to 90 percent). For readers who don’t have a clinical background, the World Health Organization fact sheet provides good information about what your clinical co-workers are contemplating.

According to WHO, single travelers have spread the disease to countries including Nigeria and Senegal, which adds to the worry around a traveler bringing it to the US. Unfortunately, the early phases look a lot like other viral illnesses – fever, fatigue, muscle aches, and headache.

I probably saw 10 patients with those symptoms in the emergency department during my last shift. If we had treated each one like a potential carrier, it would have brought our patient flow to a screeching halt. From an epidemiology standpoint, IT resources are going to be critical for surveillance and identification of potential cases in the US.

I’m glad Texas Health Resources released a clarification on their earlier statement that cited a “flaw” in the EHR as contributing to the release of the patient at his initial presentation. Ultimately, it’s up to the physician to take a detailed history and physical. We all know that even with the best nursing protocols, patients will occasionally add details when a second (or third) interviewer talks with them.

It used to drive me crazy as a student when a patient would tell the resident (or worse, the attending) a detail that they had omitted even when I asked specifically about it. It may be the time between evaluations that makes the patient think about other details, or maybe one feels more empowered and able to formulate thoughts after telling the story previously.

My initial response to their statement about a flawed EHR was to take offense on behalf of their physicians. It was almost like saying their physicians aren’t responsible for thinking about elements not prompted by the EHR, or that they’ve totally given themselves over to cookbook medicine. I reached out to a friend on staff there who shared my opinion. Whether there was pressure from Epic to update the press release or whether it was from the medical staff, it was the right thing to do.

Now I’d like to see their root cause analysis on why the history was not taken fully into account and whether the presence of scribes was contributory. I’d also like to know what kind of providers saw the patient and whether there were other circumstances at play, such as shift change, a full patient board, staff who called out sick, etc. Those factors have led to mistakes at my institution and they’re much harder to place solutions around than making sure the EHR fires alerts and that personal protective equipment and isolation rooms are readily available.

I’m curious as to what other institutions are doing to prepare themselves for a potential outbreak. Are you modifying your EHR workflows? Email me.

Email Dr. Jayne.

Comments Off on Curbside Consult with Dr. Jayne 10/6/14

Morning Headlines 10/7/14

October 6, 2014 Headlines 1 Comment

BD to Acquire CareFusion for $12.2 Billion

Becton Dickinson will acquire smartpump manufacturer CareFusion for $12.2 billion in cash and stock. The deal comes out to $58 per share, a 28 percent premium on Friday’s closing price.

NantHealth Completes $320M Series B Equity Investment and Expands Leadership Team with Healthcare Industry Veterans

NantHealth, the health IT startup of healthcare billionaire Patrick Soon-Shiong, raises a $320 million Series B round to accelerate development of its EHR, which it claims will deliver “integrated, evidence-based, genomically-informed, personalized care.”

Can Telemonitoring Reduce Hospitalization and Cost of Care? A Health Plan’s Experience in Managing Patients with Heart Failure

A Geisinger report set to be published in the December issue of Population Health Magazine finds that telemonitoring programs targeting heart failure patients reduced overall hospitalization rates and led to a savings of $3.30 for each dollar spent.

Progress report: Open Test Method Development Pilot Program

The ONC publishes an update on its Open Test Method Development program, in which EHR certification testing standards for ePrescribing and clinical decision support features are being created through a community-led development process.

Morning Headlines 10/6/14

October 5, 2014 Headlines 3 Comments

Facebook plots first steps into healthcare

Reuters reports that Facebook is exploring health care solutions, including disease-specific online support groups, and Facebook connected digital health apps.

Hewlett-Packard Plans to Break in Two

The Wall Street Journal reports that HP will split into two separate companies, with an announcement expected Monday. The company will split its personal-computer and printer business away as one entity, and establish the other with its corporate hardware and services operations. 

Clarification from Texas Health Resources

Texas Health Resources retracts an earlier statement it made blaming its EHR (Epic) for allowing an Ebola patient to be discharged after an ED physician failed to notice that nurses had documented recent West African travel in the system.

Ebola dropped-ball diagnosis linked to hospitals’ IT culture

Athenahealth CEO Jonathan Bush jumps at the opportunity to mention that if the country ran its health IT platform on the cloud then time sensitive alerts, like warning of recent West African travel in patients with flu-like symptoms, could be built into physician workflows at a national level very quickly, rather than at each individual hospital. He says, “I hope soon that nobody will be on enterprise software and these things will be managed by people across thousands of hospitals."

Monday Morning Update 10/6/14

October 3, 2014 News 42 Comments

Top News

image

A Reuters report says Facebook is working on healthcare tools that include chronic disease support communities and health apps. It adds that the company has been meeting with healthcare experts and entrepreneurs and is setting up a health app R&D unit. Mark Zuckerberg’s wife is a doctor, so maybe it will do more than just the usual privacy invading and ad serving. Meanwhile, the company apologizes that it performed mood manipulation experiments on unwitting users by tweaking their news feeds to show extra-cheery or extra-depressing items to see how they reacted.


Reader Comments

image

From David: “Re: CMS Open Payments. ProPublica has downloaded the database and made it searchable as Dollars for Docs. They’ve also done a great job with Treatment Tracker, which breaks out Medicare payments to doctors.” It’s pretty funny (or sad if you’re a taxpayer) that the non-profit newsroom quickly whipped up a perfectly fine consumer-friendly version of the mess that CMS and its army of highly paid contractors created.

From WhoopsInVA: “Re: Anthem BCBS in Virginia. Forgot that ICD-10 wasn’t actually going live this month and are rejecting all incoming claims because of diagnosis. Our athena rep just emailed us about this.”

From The PACS Designer: “Re: new iPad Air and Mini. Apple will be holding its next event on October 16 for the new versions of its iPad Air and Mini devices. It will interesting to see the changes they are making with the its iOS 8 system installed.” Maybe it’s just me, but I’m losing interest in Apple’s overly dramatic announcements of incremental product tweaks. The fanboys still achieve mandatory technical arousal and obediently line up outside the Apple Store as they’ve always done (ironically resembling the Big Brother-obeying monochromatic drones from Apple’s famous “1984” commercial), but Apple is a lot less interesting without Steve Jobs. I’m pretty sure I’ll do the same in eventually replacing my phone as I did with my iPad: buy a more innovative product for a less money even though it won’t come with the self-congratulatory hipster delusions in hanging around the Apple store pretending to be artsy and cool.  


HIStalk Announcements and Requests

image

Most readers say it’s not OK for an EHR vendor to deny a hospital or practice access to its patient information in a billing dispute. New poll to your right or here: What’s your reaction to HIMSS announcing President George W. Bush as a keynote speaker for HIMSS15?

image

Here’s my opinion on Bush as a HIMSS keynote: he wasn’t interesting as President, so I don’t really care what he has to say now that he’s cashing in on his pitiful legacy (unless he’s announcing that he finally turned up those pesky WMDs.) The HIMSS strategery is probably to scratch his back in return for his industry-enriching 2004 declaration that every US citizen would have an electronic medical record by 2014, so perhaps he will strut out in a flight suit and yet again prematurely declare “Mission Accomplished.”

image

We’re putting together our MGMA guide featuring sponsors of HIStalk, HIStalk Practice, and HIStalk Connect that will he exhibiting or will be available to meet with interested attendees. Contact Jenn by Monday evening if your company sponsors and hasn’t already provided information.  

Thanks to the following sponsors, new and renewing, that recently supported HIStalk, HIStalk Practice, and HIStalk Connect. Click a logo for more information.

image
image
image
image
image
image
image
image
image
image
image
image
image
image
image 


Last Week’s Most Interesting News

  • The CMS Open Payments database goes live with inaccurate physician payments information and usability criticism.
  • CMS announces that it will miss its date to move Healthcare.gov’s hosting to HP, with its only option to leave it running on the previously problematic Verizon infrastructure through the open enrollment period.
  • UnitedHealth Group’s Optum division acquires MedSynergies, which offers physician practice billing and quality services.
  • Informatics pioneer Morris Collen, MD of Kaiser Permanente dies at 100 years old.
  • Experts warn health systems to test for the newly discovered Shellshock Unix vulnerability.
  • Epic CEO Judy Faulkner says in a rare interview that the company developed its own interoperability tools only when it became clear that the federal government wasn’t going to set clear standards.
  • Apple restores its HealthKit health data aggregation system and third-party apps that use it in an iOS 8 update.

People

image

Spok names Hemant Goel (Siemens Health Services) as COO.

image

Jim Dwyer (Santa Rosa Consulting) joins RCG Global Services as SVP and healthcare practice leader.


Government and Politics

image image image  image
image image image image
image image

ONC loses another of its leadership team as Chief Nursing Officer Judy Murphy will resign to take the same position with IBM Healthcare Global Business Services. To quantify the turnover, I looked back at the ONC leaders who presented at HIMSS13: Farzad Mostashari (gone), Judy Murphy (gone), Doug Fridsma (gone), David Muntz (gone), Jacob Reider (still there), Jodi Daniel (still there), Lygeia Ricciardi (gone), Mat Kendall (gone), Joy Pritts (gone), and Kelly Cronin (still there).


Technology

image

The FCC fines Marriott for blocking personal hot spots in its conference center to force attendees to buy its overpriced Wi-Fi services. Marriott issued a lame statement of protest, claiming that its actions were intended to protect guests from “rogue wireless hot spots” (at a larcenous price, of course) and blaming the FCC for “ongoing confusion.” The FCC took action after a Gaylord Opryland attendee claimed the hotel was “jamming mobile hot spots so that you can’t use them in the convention space.” Let’s see how this plays out at the HIMSS conference. Since my ATT wireless plan includes free tethering and 10GB of data transfer, I don’t even bother with airport Wi-Fi any more and I will quickly switch to my hotspot in a hotel if their Internet service is poor or expensive (or, as is often the case, both). Rumors abound that convention centers play games with cellular and Wi-Fi coverage in the exhibit hall to force exhibitors to buy their expensive network access.


Other

image

This is bizarre. Texas Health Presbyterian Hospital (part of Texas Health Resources) initially said it discharged Ebola patient Thomas Duncan from its ED because of an EHR setup problem, explaining in considerable detail that the patient’s travel history was located only in the nursing workflow part of Epic where the physician didn’t see it. News media were all over that statement, leading THR to issue a a hurried retraction at 9 p.m. local time Friday evening saying it was correcting the previous day’s release and the EHR was fine after all. My speculation is that Epic complained vigorously about being thrown under the bus (but not by name) and threatened legal action, forcing THR to claim that its detailed, carefully explained statement was incorrect. My biggest concern – could the doctor have been so robotized by the EHR that he or she slipped on critical thinking? EHR or not, the patient sitting right there in front of you is telling you a story that you’d better listen to. What about the nurse, who had just been told by a patient with fever that he’d just come from Liberia? That information would seem to suggest a higher level of response than just dutifully entering the information in Epic and moving on. Computers sometimes fail, but not nearly as often as people. At least THR’s problem raised an industry red flag that had clinicians and programmers all over the country working this weekend to evaluate their processes and systems to make sure it doesn’t happen to them.

Update: a reader’s comment about the use of scribes sent me Googling and it turns out that Texas Health Presbyterian Hospital Dallas uses scribes in its ED. It would be interesting to know whether scribes were involved in this instance.

image

Meanwhile, a poorly and smugly written piece in The Atlantic declares that, “The Ebola Patient Was Sent Home Because of Bad Software.” The author collected all of her inexpert healthcare IT opinions into one unfocused article, proclaiming the “atrociousness” of many EHRs and their “gaping loopholes,” complaining that the hospital was blaming “the robots,” opining that “a flawed EHR might have lead to the spread of an incurable virus,” and then veering off into a rant about interoperability, which has zero to do with anything. Author credentials are fair game if you’re going to editorialize, so let’s check hers: an intern until 2010, moved down from global editor to staff writer after 10 months in the higher position, wrote about home design and architecture, and listed her most recent accomplishment on LinkedIn as, “Talk about beards on the radio.” Nothing makes me angrier than people who’ve never spent a day working in either IT or healthcare blasting out their entirely unqualified opinions in passing themselves off as authoritative. The Atlantic should be ashamed for letting this dreck hit the airwaves just to get something reactionary up quickly. HIStalk Reader Tom called her piece “more than ridiculous,” observing that “highly configurable EMR software was used to ensure a medical mistake in clinician workflow never happens again.”

image

Athenahealth’s Jonathan Bush, using his limelight-seeking power to ride the Ebola story in touting his company at Epic’s expense (while claiming he’s not) from his second home on the set of CNBC, trots out his stump speech to easily charmed reporters about “pre-Internet software” with no “network effect,” wrapping up with his company commercial in saying, “I hope soon that nobody will be on enterprise software and these things will be managed by people across thousands of hospitals.” He omitted the obvious rest of the sentence, “ … and instead will be running the sort-of cloud system and offshore-powered mailroom I sell that allows ATHN shares to trade at 1,220 times earnings.”

The government of India announces plans to make e-prescribing mandatory for all doctors to reduce corruption and inefficiency.

image

Attorneys consider a plea deal for a third-year medical student who is accused of stealing a breast cancer patient’s iPad during a Code Blue in which the patient died at UCLA Medical Center. The patient’s family is most upset by the fact that the student allegedly wiped off the patient’s information before re-registering it to herself, depriving them of the chance to see the thoughts the patient had left for them.

image

A 38-year-old Russian billionaire bank founder releases plans for “the world’s most pleasant hospital” that he will erect in the Dubai-inspired, purpose-built Tunisian Economic City. The hospital will sit on a man-made lake, look like a cruise ship, and require employees to dress (but not swear) like sailors.


Contacts

Mr. H, Lorre, Jennifer, Dr. Jayne, Dr. Gregg, Lt. Dan, Dr. Travis.

More news: HIStalk Practice, HIStalk Connect.

Get HIStalk updates.
Contact us online.

 

125x125_2nd_Circle

Morning Headlines 10/3/14

October 2, 2014 Headlines 9 Comments

HealthCare.gov Delays Web Host Switch

CMS misses its opportunity to switch web hosts for Healthcare.gov, and will now have to stay with Verizon through the remainder of the 2014/2015 enrollment period. Verizon’s hosting platform was cited as one of the problems that caused outages during last years failed launch.

Update on VA’s scheduling software system

VA CIO Stephen Warren clarifies that a new scheduling system will be installed across the organization’s 163 facilities by 2017, contradicting reports earlier this week that the system may not be live until 2020.

How Much? A Glaxo Goof Remains in the Sunshine Database

CMS’s new Open Payments may be live, but much of the data populating it is reportedly either missing important details, or outright erroneous.

ONC Chief Medical Officer

The ONC posts a job opening for a new Chief Medical Officer to replace Jacob Reider, MD who vacated the position to take over as the deputy national coordinator.

News 10/3/14

October 2, 2014 News 4 Comments

Top News

image

CMS will miss its planned dates to move Healthcare.gov’s hosting to HP and instead will leave the site on Verizon’s infrastructure through the November to February enrollment season. CMS signed a contract last year to move off Verizon after a series of outages. Verizon has upgraded its servers and will offload some of the processing to Amazon Web Services, but testing suggests that users will still be forced into “waiting rooms” during peak use times.


Reader Comments

image

From Disruptured: “Re: athenahealth’s More Disruption Please annual conference. This is my first time attending the conference. I’m here as a newly established partner in athena’s MDP program. Didn’t know what to expect when I signed up. The meeting has turned out to be a great blend of athena folks, customers, investors, and CEOs from young companies. Helpful sessions and a great opportunity to connect with investors, customers, and possible partners in a small, intimate environment. Athena has been a pleasure to work with, especially compared to other big PM/EMR companies.” 

From LND Generis: “Re: Allscripts. This is being emailed to clients. ‘Yesterday we communicated that there was a potential for affected data between FollowMyHealth and Allscripts EHRs. This would affect the Stage 2 View / Download / Transmit measure by indicating that some patients had viewed their chart, when in fact they had not.’” The purported support email says the information has been fixed but an urgent report update needs to be applied for those who are applying for MU Stage 2 for the first time.


HIStalk Announcements and Requests

This week on HIStalk Practice: WRS Health introduces new products for pediatric practices. Philips gains FDA clearance for new digital health applications. Quillen ETSU Physicians goes live on Allscripts. The Hutchinson Clinic implements a new telemedicine program. Code for America makes open-source health data a priority. Thanks for reading.

This week on HIStalk Connect: Rock Health reports that the digital health sector has raised $3 billion in VC funding so far in 2014. Basis unveils its next-generation activity tracker, called the Basis Peak. WiserTogether, a consumer health startup focused on pricing transparency, raises a $9 million Series B.


Acquisitions, Funding, Business, and Stock

image

Cohealo raises $9 million in financing. The Boston-based company allows hospitals to share medical technology among multiple locations with online resource booking and equipment transportation.   

image 

Specialty EHR vendor Nextech acquires ophthalmology EHR vendor MDIntelleSys.

image

Silicion Valley-based precision medicine data platform vendor Synapse will open a Philadelphia office.

image

Israel-based MedAware, which offers machine learning-powered CPOE drug warnings, raises $1 million in Series A financing. Its self-learning product (“a spell-checker for medical prescriptions”) analyzes prescription databases to identify deviations from normal treatments prescribed for similar patients, although it’s not clear to me how it connects to the prescribing system.

image

Athenahealth unveils its 60,000-square-foot Atlanta office that will house 200 employees initially and hundreds more later.

image

A poorly sourced rumor, resurrected from a few months ago, suggests that Samsung may be talking to Nuance about acquiring the company, which would give Samsung control of the speech recognition technology used by Apple’s Siri.


Sales

image

Scottsdale Lincoln Health Network (AZ) chooses Premier’s solutions for supply chain, performance, and technology solutions.

Greater Baltimore Medical Center (MD) selects Access web-based forms and patient signature capture.


People

image

Nick Bonvino (CTG) is named CEO of Greater Houston Healthconnect.

image

Peter Witonsky, formerly president of iSirona, is now president of the Ionic Division of St. Louis-based Asynchrony. The company seeks 100 engineers who know Ruby, Scala, C#.NET, Java, and mobile programming.

image

Huffington Post profiles Laurie McGraw, president and CEO of Shareable Ink, in its “Women in Business” Q&A series.

image

Consulting firm ICF Internation names John Guda (CSC) as SVP/GM of its commercial healthcare business.

image

I missed this from the new Forbes 400 list of richest Americans: Terry Ragon, founder of InterSystems, is #390 on the list with an estimated net worth of $1.58 billion.


Announcements and Implementations

image

The Memphis business paper profiles S2 Interactive, which sells software that optimizes tray setup and instrument sterilization in the OR. The company was founded by Larry Foster, RN.

image

NextGen will offer its customers the Plexus IS Anesthesia Touch anesthesia documentation system.

image

Two Philips chronic care management telehealth applications developed with Salesforce.com (care coordination and a patient portal) receive FDA 510(k) marketing approval.


Government and Politics

The VA says it will go live on a new commercial patient scheduling system by 2017 – originally announced as 2020 — and will choose a vendor that can meet its aggressive deadlines.

image

CMS’s Open Payments database is live, but doctors are finding errors in the information submitted by drug companies. Glaxo admits that incorrectly assigned huge payments made to the National Cancer Institute to a single physician who says he is “shocked by the enormity of this mistake.” Glaxo says it fixed its error in September 2013, but CMS chose to bring Open Payments live with data (including corrections) covering only the first five months of the year. Critics also observe that the system is slow, doesn’t provide total payments, has no search function, doesn’t group corporate entities within a single drug or device manufacturer, and requires a lot of scrolling since the on-screen spreadsheets aren’t sized correctly for a browser. Commenting about the traditional tendency for CMS to make a mess of just about any technology project it undertakes, a former aide to Sen. Chuck Grassley whose bill created the database said, “It’s so complicated that it’s almost useless. It looks like data bombing and I don’t think the average American will find it useful. It’s disappointing.” I’ll go out on a fairly sturdy limb in stating that CMS might be the least competent of many incompetent federal agencies in putting in-house career bureaucrats in charge of opportunistic contractors (Healthcare.gov comes to mind).

image

FDA releases a cybersecurity guidance document for medical device manufacturers.

Walgreens announces a partnership with the VA in which it it will immunize veterans and share its Greenway EHR information with the VA.

Defense Secretary Chuck Hagel gives the military’s underperforming hospitals six weeks to submit improvement plans, adding that military hospitals offer care comparable to the civilian health system but that’s not good enough. Hopkins patient safety expert Peter Pronovost, MD, PhD said hospitals in general are better at managing their bottom lines than patient care: “This is not unique to them. If you miss your budget, within a week you are in someone’s office. We have not applied that kind of rigorous discipline to quality and safety.”

image

ONC posts a chief medical officer position. Jacob Reider, MD says in an internal memo that he will remain deputy national coordinator and that hiring a full-time CMO (Reider’s job before he became acting national coordinator and then deputy) is a commitment clinician relevance. People forget that it’s a sacrifice to work for ONC – the job pays a maximum of $157K per year (although there’s a potential unstated extra allowance for physicians), unreimbursed relocation to DC is required, and the application and selection process is tougher than in the private sector. I was thinking last week that I am too critical of government employees and politicians – if they stick with the job I call them career trough-lappers, but if they leave for the private sector I label them as opportunistic sellouts trading their influence for cash. 

ONC also lists the open position of director of the office of consumer ehealth, vacated in July by Lygeia Ricciardi.


Technology

This is bizarre, assuming it’s not a hoax. A company called Pavlok (a nod to the dog-testing Pavlov) will produce the ultimate fitness wearable, a $129 fitness band that delivers an electrical shock when the wearer misses fitness goals. The pain-loving founder’s experience includes hiring a woman off Craigslist to slap his face every time he launched Facebook, admitting that, “I have a weird slapping thing.”

image

This is brilliant: a startup is developing an affordable sensor to warn people that food contains items to which they are allergic. It must be terrifying  for people who are highly sensitive to peanuts or other foods to have trust a restaurant waitperson’s assurance that a given menu item is OK for them to eat.


Other

Rock Health tweeted an exuberant message Wednesday that Kleiner Perkins was visiting, proudly observing that “none of these digital health entrepreneurs have a healthcare background.” I can’t decide if it’s sad or just insulting when the techno-weenies brag on their ignorance of the industry into whose face they brashly thrust their VC money and technologies fully confident that they’ve figured it all out from the cheap seats. My consolation is that their contempt will likely turn into humility (or more precisely, a quick redirect to some other seemingly lucrative bright shiny object) when, like their predecessors, they find that healthcare is a lot more complicated than a bunch of arrogant child-entrepreneurs can even begin to understand. I suspect that any of the rumpled CEOs or besuited VC schmoozers would run for the hills when faced with an actual patient or consumer whose medical needs can’t be identified or ameliorated by cute, imitative phone apps that lust to be the Uber or Facebook of healthcare in exploiting some minor niche while dodging the big problems that matter. The healthcare IT burial pit is full of companies both large and small that smugly concluded, “How hard could it be?” and later found out as they ran into one business-killing obstacle after another: insurance companies, the government as both the dominant payer and regulator, privacy, misaligned incentives, and even the most basic question: who is the healthcare customer? Most of us long-timers welcome humble newcomers with fresh ideas that focus on patients, but instead we seem to draw obnoxious brats and their rich uncles who have big iPhone-powered hats but no cattle.

Cedars-Sinai Medical Center (CA) revises its estimate of the number of patients whose medical records were stored on an unencrypted laptop that was stolen in June from 500 to 33,000.

JPMorgan says that a cyberhacking attack this summer exposed the data of 76 million households and 7million small businesses, although the stolen information was mostly benign, such as email addresses. The company had said previously that its increased security efforts would require 1,000 employees and $250 million per year.

Here’s a great Ebola-inspired EHR idea from Linda Pourmassina, MD: when a patient presents with fever, trigger a reminder to ask about travel history. At least Ebola gives otherwise health-indifferent consumers something to obsess over as the latest TV-touted epidemic du jour gains their engagement far more than the daily habits that will likely kill them (see: avian flu, swine flu, H1N1, and Legionnaire’s).

image

The CEO of Clark Memorial Hospital (IN) announces that the hospital has no choice but to merge with Norton Healthcare because of huge losses causes by bad debt patients and the cost of unnamed software that I assume is its Allscripts Sunrise system.


Sponsor Updates
  • Voalte will integrate its Voalte One mobile communications solution with Spectralink’s Android-based handset and will sell and support the offering.
  • Impact Advisors is ranked as the top Enterprise Implementation Leadership Epic Partner by KLAS.
  • Verisk Health creates an infographic about the cost of claims errors.
  • Health Catalyst is offering a free PDF copy of its eBook, “Healthcare: A Better Way.”
  • Castro County Healthcare-Plains Memorial Hospital (TX) is implementing Holon’s CollaborNet HIE.
  • Forbes discusses how UnitedHealth’s acquisition of MedSynergies will strengthen its Optum division.
  • Nuance will participate in the Health Connect Partners Hospital & Healthcare IT convention in Chicago October 13-15.
  • Royal Solutions Group announces the integration of its kiosk platform with Merge RIS and OrthoEMR.
  • NoteSwift joins Allscripts developer program with a bridge between Allscripts Pro EHR and Dragon Medical.
  • ICSA Labs certifies HIStalk sponsors Healthtronics, Iatric Systems, Medseek, PatientSafe Solutions. Quest Diagnostics, Shareable Ink, and Wellsoft in September.

EPtalk by Dr. Jayne

October 1 has come and gone, forcing many organizations to make hard decisions about their participation in the Meaningful Use program. Several of our recent acquisitions are planning to attest for Stage 1 and this quarter is their last chance. It’s been quite a battle to even get them live on EHR in the most rudimentary fashion. Saying that we ran out of time to deliver the kind of workflow redesign needed for true clinical transformation is an understatement.

Our organization was a fairly early adopter of EHR. Our original employed practices went through an intense program of workflow analysis, development of policies and procedures to support new workflows and technologies, and continuous process improvement. We were “doing EHR” for all the right reasons and were seeing good outcomes. Practices that weren’t ready for the transition progressed through more slowly or chose to leave the group. Along came Meaningful Use, however, and we were forced to push everyone through the same funnel.

At this point we’re dealing with a subset of physicians who don’t care and aren’t ready, yet our administration has made it clear that we must make them succeed at any cost. Our operations team has responded by “reporting” them to death. They’re delivering a full spread of Meaningful Use reports to each physician, office manager, and practice lead every Friday in the effort to ensure compliance.

Unfortunately, what they’re not delivering is support for operational and practice policies and workflows to actually lead to a successful outcome. It’s the hospital administrator equivalent of yelling at your teenager for having a loud party, but refusing to stay home on Saturday night to ensure it doesn’t happen again.

My favorite nonsensical example of the week is a practice that is documenting in two EHRs as of Wednesday. Their old system isn’t certified and our employer refuses to pay for a data conversion, so they’re continuing to see patients in the old system while documenting the barebones data needed for Meaningful Use in the certified system. Penny wise and pound foolish – discovery alone on a single lawsuit from this patient safety nightmare would easily cost triple the amount we’d have spent on the conversion. Instead, we’re relying on the practice to abstract patient data on its own and transition “when the practice is ready.”

In other CMS-related news, the first round of Open Payments data has been released to the public. By the time I made it to the website, there were over 21,000 hits on the General Payment Data for 2013. I wanted to dig more deeply in the data, but the website was painfully slow and I didn’t have time to download the dataset before I had to run off to meetings. Some weekend entertainment, perhaps?

clip_image002

As many of you know, my second language is Administralian. I have to admit this reader submission is a puzzler, and not the fun kind heard on Car Talk:

Our recently announced operating model reflects our transformation to an integrated technology company dedicated to building a software-defined network with an engaged, agile workforce whose well-being is a top priority.

I asked the reader what that might mean and received this response: “I wish I knew, because I’m being transformed into it, whatever it is.”

That, dear readers, is what happens when you allow buzzword-happy consultants to write communications snippets. I even tried to use my old-school English class skills to diagram the sentence but couldn’t make a go of it. Is the company using their engaged, agile workforce to build the network, or are they building a network that has the engaged, agile workforce as its members? Whose top priority is the well-being of said workforce and how will it be supported?

I feel bad for the employees at this company. If leadership is willing to economize the use of words to the point where they no longer make sense, leadership is also likely to over-economize in other areas.

Do you have a favorite example of Administralian? Email me.


Lorre’s Healthcare Analytics Summit 14 Report

Being a bit of a data and analytics geek, I looked forward to attending Healthcare Analytics Summit 14. I have attended enough conferences over the years to keep my expectations realistic since I have almost always been disappointed. Admittedly, I have a short attention span and often end up thinking about better uses of my time, but that wasn’t the case at HAS14.

Opening keynote presenter Billy Beane is an excellent speaker and the type of storyteller that I can connect with. He injected humor and anecdotes while taking the audience through formulating his hypothesis about using data and analytics to win baseball games to the outcomes and validation of his theory. He was a brilliant choice by Health Catalyst in creating optimism, a longing for similar outcomes in healthcare IT, and a vision that it is possible.

The next two speakers — Glenn Steele, Jr. MD, PhD, president and CEO of Geisinger Health System, and James Merlino, MD, chief experience officer, Cleveland Clinic — described how their organizations use analytics to transform healthcare and transform the patient experience, respectively. Their case study-like narratives reinforced that not only is it possible to improve outcomes with analytics in healthcare, it is already happening.

Google’s Ray Kurzweil rounded out the day with an enthusiastic discussion about the acceleration of technology is the 21st century and how we can expect that to impact healthcare and medicine.

Day Two brought fresh speakers with more case studies to reinforce the overarching message — data and analytics can transform care and improve outcomes. Breakout sessions were mostly interesting, but I didn’t leave any of them feeling like I learned anything I could use.

Before Health Catalyst CEO Dan Burton delivered the closing keynote, we viewed a 30-minute documentary, From the Heart: Healthcare Transformation from India to The Cayman Islands. It was impressive to see what health systems in other countries have been able to accomplish. It tugged at my heartstrings when one of the Indian cardiologists said, “The first question a mother asks is how much it (open-heart surgery to save her child’s life) is going to cost. The doctors are putting a price on human life.” After learning about how they were able to cut the cost of the surgery in half and maintain it, another physician drove the message home when he said, “The object of technology should be to bring cost down … In healthcare, technology takes the cost up. That can change only by a data-driven, facts-driven medicine where the decision making process itself is driven by technology.”

The logistics of the summit were unlike any I have ever experienced. There were genius bars staffed with technical people to help with everything from installing the custom application to providing directions. My HAS14 app froze and I raised my hand and had a technical person at my side within seconds. Pre-charged chargers the size of playing cards were placed at every seat to keep mobile devices running through the day

Analyst teams were present in every in every session to present real-time data gathered from participants. Attendees voted ahead of time on their seating preference at Wednesday night’s dinner – sitting with similar attendees, sitting with dissimilar attendees, or open seating. Table assignments were pushed out via the app before dinner. It seems like a small thing, but it demonstrated how gathering data could allow for real-time decision making and the ability to create a more desirable outcome based on it.

When Dan Burton took the stage during the opening keynote, he told us we would have the opportunity to learn from innovators in and out of healthcare and he promised there would be no long-winded CEO speeches. That was what Health Catalyst delivered. It was a fun, engaging, and informative summit. I left with a copy of their book, “Healthcare: A Better Way,” a few new connections, and excitement about the future of data and analytics in healthcare.

(Presentations and recordings from the conference are available to all online.)

image


 Contacts

Mr. H, Lorre, Jennifer, Dr. Jayne, Dr. Gregg, Lt. Dan, Dr. Travis.

More news: HIStalk Practice, HIStalk Connect.

Get HIStalk updates.
Contact us online.

 

125x125_2nd_Circle

Morning Headlines 10/2/14

October 1, 2014 News 1 Comment

‘Data dump’ reveals billions in pharma payments to docs, hospitals

CMS’s Open Payments website goes live, publishing transactional data on $3.5 billion worth of payments made by pharmaceutical and medical device companies to doctors and hospitals over the last five months of 2013.

Information Governance: Principles for Healthcare (IGPHC)

At its annual conference, AHIMA publishes an information governance framework to help health systems establish “an organization-wide framework for managing information throughout its lifecycle and for supporting the organization’s strategy, operations, regulatory, legal, risk, and environmental requirements.”

About 44,000 apply for MU hardship exception

CMS reports that it received 44,000 hardship exception applications from providers prior to the July 1 deadline.

PQRS GPRO Registration Extended Until October 3rd

The Physician Quality Reporting System enrollment window for the Group Practice Enrollment Option will remain open until October 3 due to a software glitch that prevented some provider groups from enrolling by the September 30 deadline.

Health IT from the CIO’s Chair 10/1/14

October 1, 2014 Darren Dworkin 2 Comments

Fine print: The views and opinions expressed in this article are mine personally and are not necessarily representative of current or former employers.

Security Might Be the One Thing

I often get questions like, “What keeps you up at night?” or “What are your top priorities?” Invariably I cite items from our IT strategy, and almost always I remember to add security.

But I think it is time for me to admit I have it wrong. Security should be at the top of my list, not just on the list. It should have an etched place in the number one spot. If I was going to be kept up at night, there is no better topic to evoke fear than security.

Let’s face it: the healthcare industry has been terrible at managing security. Since 2009, more than 900 reports of breach have occurred, covering a staggering 30 million patients. Half of the data loss is a result of us losing things, which essentially translates to the realization that we are not very good at keeping our patients’ data safe when practically no one is trying to take it.

But that is changing. Statistics are a little shaky, but let’s say that roughly 3 percent of reported data loss is a result of people intentionally trying to take it. This Pandora’s box has been opened and we should expect it to stay open and become a growing threat. The incidents with Boston Children’s, Community Health, and the “playful” attack on Healthcare.gov are all windows into our future.

Bad people will try to get data from an industry that has minimally demonstrated its ability to hold onto it. If there ever was a time to get our ducks in a row, it is now.

We have moved from the ‘70s, ‘80s, and ‘90s — when healthcare’s IT data was made up of registration, scheduling, lab, radiology, and maybe some pharmacy — to the 2000s with robust EMR data. But the stakes are rising as we are duplicating the EMR data outside of our transaction systems into massive stores for mining. We are setting the data free by making it available any time from any place and from practically any device – hello, BYOD. The risks are greater and stakes are high. We will need to climb the learning curve rapidly and without a net as each breach is a CEO, board, and/or public event.

Luxury goods manufacturers long ago realized they don’t just sell products, but rather an experience. Similarly, healthcare organizations might say that they don’t just provide care, but trust. With so much talk about healthcare’s move into patient engagement, let’s start with the most basic way to engage our patients – keeping their data safe and maintaining their trust.

We all have work to do.

Vendors

  1. Innovate. We need new products. We don’t need more companies built around missing bells or whistles for our EMRs. We need new product in a category underserved – security and privacy.
  2. Build your products with security baked into the DNA of the product to promote doing the right thing. Make it impossible to download an unencrypted file or develop ways to track and remote erase lost data.
  3. Accelerate your plans to host our data. We clearly need your help. But once you get our data, do a better job protecting it than us.
  4. Almost 20 percent of reported breaches came from issues with a business associate. Don’t be one of those — we are depending on you. You can build the scale and make the investments in security that are not always practical for individual healthcare organizations.
  5. If you are not in the healthcare space, come on in. We need your help.

Providers

  1. Partner with vendors to innovate. They need our help to understand the nuances and complexity of healthcare.
  2. Make security not just a priority, but the priority.
  3. Allocate spending like it matters.
  4. Differentiate between security and privacy and focus on each separately.
  5. Providers contributed to a greater than 130 percent increase in patient records lost in 2013. We all know we can do better. Let’s bend the curve.
  6. Treat patient data security with a similar focus to how we treat patient safety.

Government (yes, it has a role, too)

  1. Modify the breach notification rules to be more specific to the types of breaches. We have desensitized a nation to data loss warnings. I would bet that most readers or someone they know has received a letter regarding a loss or breach of their data and offering a credit monitoring service. These notifications are essentially based on the theory that we can’t prove something did not happen, so we must notify. Let’s focus our attention on when we know something has happened. This is the important place that needs our collective attention.
  2. Create a safe harbor for healthcare organizations to use advanced tools to proactively determine if risks or breaches have occurred. Here are a couple of examples. Tools exist to retrospectively scan if PHI was shared from our email systems. If we run these tools to educate and teach ourselves how to do better, we are open to reporting. Security experts say there are two types of organizations, ones that have had their networks penetrated and those that don’t know it yet. If we deploy advanced tools to study our networks in partnership with the best companies, we would be open to massive reporting requirements.

I had the pleasure recently to speak to an audience hosted by NIST, OCR, and HHS. I asked the audience how many have received a text, email, or call relating to possible fraud on a credit card. Most raised their hands. I asked how many had ever received the same notification related to their own electronic health data. No one had.

Like barcodes from manufacturing and real-time alerting from the financial sector, let’s adapt tools and products that work in other sectors to help healthcare become excellent.

Let’s engage our patients by building and keeping their trust!

1-29-2014 12-54-46 PM

Darren Dworkin is chief information officer at Cedars-Sinai Health System in Los Angeles, CA. You can reach Darren on LinkedIn or follow him on Twitter.

HIStalk Interviews Mike “The PACSman” Cannavo

October 1, 2014 Interviews 4 Comments

Mike Cannavo, aka “The PACSMan,” is founder and president of Image Management Consultants.

image

You recently spent time working for a major vendor after years of solo consulting, but now you’re back on your own again. What was it like on the dark side?

I was always curious on what it would be like to work for a vendor again, but I didn’t want a job that required me to be away from my kids while they were growing up. My father worked three jobs during my own youth and I really didn’t get to know him until after my mom passed away in my mid-30s. As tempting as some of the offers I had from major companies were, I swore there would not be another “Cat’s in the Cradle” scenario in my own life, so I chose instead to balance my own work life with fatherhood. My youngest son graduated high school in May 2011 and I accepted a position with a major vendor in July 2011.

The market had changed a lot since I last had a real job with a steady paycheck. Some things, like corporate politics, remained the same. I stuck it out almost 2.5 years until I looked in the mirror, didn’t like what I saw, and then played Roberto Duran and finally said “No Mas.” Besides, I had at least 50 bets out there that I wouldn’t last more than two days in a big company setting.

On the positive side, I learned the value of service, how important having a good project manager really is, why managing expectations is key, why you need to get everything in writing, and the importance of a strong IT department. On the minus side, I learned that simply doing your job often isn’t enough. The blame game is alive and well and people often rise to the level of their incompetence.

 

How has PACS changed in the last four years since we last spoke in an interview?

PACs is no longer an independent system, but is instead looked at as a crucial part of the EHR. Vendor neutral archives, once considered a central data repository for radiology images only, have been expanded out to included cardiology, medical records, and numerous other ‘ologies. Large healthcare systems are either planning or implementing the sharing of images and images locally as well, both on a regional and even national basis with establishment of HIEs. Interestingly, private HIEs are growing at the rate of three to one over public ones, with over one-third of all hospitals and about 10 percent of all private practices sharing data.

We still have a very long way to go, but as we both know, all progress in healthcare is slow.

 

You mentioned in an article I read that the PACS sales process has changed as well.

For all intents and purposes, large-scale capital doesn’t exist. What little does exist is being used to replace things that should have been replaced years ago. The name of the game is finding ways to implement new technologies by either offsetting costs from operating budget or showing a return on investment out of the box by obtaining either increased reimbursement or decreased costs.

As controversial and possibly upsetting as this statement might be, improving patient care, while important, can’t be done at increased cost. You have to somehow show an ROI for the facility or it’s usually a no-go.

Healthcare profits are getting eaten alive by the need to implement federally mandated programs, from MU to shoring up internal security. Nearly all of these involve IT departments that have their own staffing and budget cuts to deal with.

What’s funny in a not so funny way is that MU encourages hospitals to share data with a laundry list of people, yet it also needs to be secure enough that no unauthorized access happens lest you incur a $10,000 per event HIPAA penalty. Look at the Community Health Systems breach. This will cost them a fortune if the feds don’t take into account they did all they could from a security standpoint, assuming they really did do all they could to prevent the breach. This will take years to sort out, all the while with the organization having the sword of Damocles dangling over their heads.

 

What would you do differently as a health system?

Implement solutions that make sense, recognizing that many solutions don’t have to involve technology at all, but instead require workflow or process changes. I can’t begin to tell you how much trouble employing a common sense approach to problem solving has gotten me into over the years working for companies that sell technology-based solutions. Sometimes you just need to step back though and examine the problem before throwing hardware and software at it in the hope that solves the problem.

Companies typically sell products instead of solutions. End users buy products they hope provide solutions. Never the twain shall meet. End users need to be more educated before they make decisions because those decisions will last a lot longer than expected. For the most part, companies sell products and services and do not necessarily ensure that what you are buying or have already bought is what you need or is being properly used.

 

What’s the status of the PACS marketplace?

There is lots of interest in VNAs, especially those that can be used as an enterprise solution that takes images from all the ‘ologies as well as the EMR. Medical image sharing, where images are securely transferred between sites and patients as a cost-effective alternative to CDs, is also hot, especially after Nuance’s purchase of Accelarad.

Software add-ons such as radiation dose management, peer review, critical results reporting, and ED discrepancy are also hot. So are PACS dashboards, although most sites want the dashboards for free stating it’s like a speedometer in the car. For that matter. most sites want everything nearly for free, but it’s simply not going to happen. Data analysis is smoking hot right now, but finding time to review the analysis remains to be seen.

What’s not hot are upgrades for the sake of upgrading without a distinct advantage or improved feature/functionality. All the big companies want you to do this. Solutions that have anything proprietary in nature. Solutions that doesn’t interface easily with the other clinical systems in use. Anything that doesn’t show a value or ROI out of the box.

 

What about the cloud?

Depending on whose survey you believe, up to 80 percent of all hospitals have at least a few cloud-based applications running. Adoption is much slower than expected, but that is because there are so many unknowns, including security.

As was pointed out in a recent HIStalk article, running a data center isn’t the strength most providers have. Cloud providers can offer higher reliability and redundancy at a better price point than a facility maintaining its own hardware. Cost-effective high-bandwidth networks have also eliminated most of the barriers to using the cloud as well.

Once we are comfortable with the security aspect of having images and information stored in the cloud, usage should take off. Sadly, HIPAA penalties and the limits of business associate agreements in protecting the end user have made providers gun shy.

 

Has radiology embraced Meaningful Use?

With few exceptions, not at all. The vast majority of clients I am dealing with are taking a wait-and-see approach to MU before investing money due to the never-ending changes in the rules. This reflects the general population as well, where only 4 percent or so of all eligible providers have attested to Stage 2 so far.

The cost to implement MU has, in many cases, exceeded any return on investment that a group or imaging center will see. When you add the aggravation factor, you are definitely in the red.

 

What will we see in the future?

No one really knows what is going to happen with Meaningful Use, ACA, HIEs, and a whole lot more. Vendors are pulling their hair out trying to get any decisions from end users — positive or negative — while end users take the Holiday Inn approach — where the best surprise is no surprise — and choose to remain in limbo doing nothing. In the mean time, IT stands at attention waiting for something to happen so it knows what resources need to be dedicated when and where.

What is frustrating is that even if something shows a ROI right out of the box, a lot of end users are still afraid to pull the trigger. If we can’t overcome the paralysis by analysis, you are going to see a lot of companies go belly up, and soon. Add to this the market consolidation that is going to happen in the next few years with at best a few dozen companies left to provide PACS solutions and it’s a scary time, especially since all of those will need to be integrated into the EHR as well.

Readers Write: Will You be Shocked by Shellshock?

October 1, 2014 Readers Write Comments Off on Readers Write: Will You be Shocked by Shellshock?

Will You be Shocked by Shellshock?
By John Gomez

Here is a riddle for you. What is old yet new, and at the same time scary yet contained, while being known yet potentially a big surprise?

If you answered Shellshock, you collect $200 and go to the front of the class. Shellshock is a new computer exploit that was discovered in the past few weeks, but “new” isn’t exactly right. The actual vulnerability, which may compromise Linux- and Unix-based systems, has actually been around for 25 years. While newly discovered, it is actually rather old.

Shellshock is scary because it allows someone to take over a Linux- or Unix-based computer (such as your Mac, iPhone, iPad, BSD, Red Hat, Ubuntu system) and bypass all security. This is accomplished by accessing the old-school command line shell known as Bash and executing commands that to most of us make no sense at all in this day of graphical interfaces.

Want to see if your Mac, Linux, or Unix system is vulnerable? Open a terminal or command shell and type in the following (no, it won’t give me super secret ninja access to your system):

env x='() { :;}; echo vulnerable’ bash -c ‘echo this is a test’

If you see the word “vulnerable” after you hit enter, your system is at risk.

Before you get worried, keep in mind that in most cases, if you have a firewall up and running, you are more than likely safe (assuming your firewall isn’t at risk of Shellshock, but that is beyond our focus in this article). 

Shellshock exists because a programmer 25 years ago made a coding error in a fundamental part of the operating system. Shellshock isn’t some trick or hack — it’s just exploiting a bug. Unlike a worm or virus that is purpose built, Shellshock is really just a how-to for hackers to embrace.

Most vendors of Unix/Linux-based systems such as Apple, Red Hat, and others have already released patches to fix the bug. The challenge you face is making sure that you deploy these patches quickly. A smart hacker could take control of your system and prevent the patch from being effective, so time isn’t on your side. You need to move fast.

You can ask your security team to check their IDS and other logs to see if someone has attempted to gain access to your system using the Shellshock vulnerability. If your team sees active Shellshock scans, you should really do a triple check of your systems and determine if you were penetrated. It isn’t easy to figure out, and more than likely you should get professional support if you suspect you were scanned and successfully attacked.

We have covered why Shellshock is old yet new and scary yet contained. What about known and yet a surprise? It is known simply because we know the targets. Most hackers are going to attack web, database, and other IP-based servers on your network that run on Linux/Unix. Where is the surprise?

The surprise is that what may be most vulnerable are those things we think of the least. Most connected devices we find in a healthcare environment (from a lab to a clinic to a retail pharmacy to a doctor’s office and everything in between) are based on some form of Linux/Unix. This not only includes your medical devices and diagnostic equipment, but also things like your security system, CCTV cameras, and smart door locks.  

Being we live in the age of the Internet of Things (IOTS), chances are that if your device or system has an IP address or a call-home feature, it is running some form or Linux/Unix. That means that you could be in a for a big surprise if a hacker gains control of your MRI, CT scanner, or something less critical like your CCTV cameras.

The good news in all this (if there is good news) is that most devices run a form of Linux/Unix known as BusyBox, which is not vulnerable to Shellshock. Also, most devices in healthcare environments do not make use of Bash, which is the component that is vulnerable.  

That said, you really shouldn’t just hope that your devices are running BusyBox or that Bash isn’t present. It would be wise and prudent (and some may say legally responsible) to evaluate your risk by contacting your vendors to see what devices are vulnerable. Ask the vendor directly what they intend to do and how quickly if they have an at-risk system. Don’t be surprised if many of your device vendors don’t know if they are at risk or not — many deploy Linux/Unix systems and cannot clearly detail if Bash is enabled or not.

If the device you are concerned about involves patient care, you have a critical decision to make and need to clearly understand if there was an attack. For the most part, patient care devices such as an MRI are behind (or should be behind) several layers of network protection or only have a one-way connection using a trusted tunnel. While hoping that is true, check, double-check, and triple-check because lives are at stake.

You should also make sure your physical security organizations understands the impact of Shellshock on their systems. In this IOTS world, many of the devices that could be vulnerable may have nothing to do with traditional IT. For instance webcams allowing security teams to monitor infrastructure are IP based and many are now accessible to security officers from smartphones. Most webcams have built-in web servers based on Linux/Unix and live on your network in some form or fashion.  It is important that those who are responsible for non-IT/HIT electronic devices also make sure that their devices are secure and not vulnerable to Shellshock.

Lastly, you should be checking with your HIPAA business associates to understand their response to Shellshock. You have an ongoing requirement to ascertain your BA’s ability to protect patient health information. Like Heartbleed, Shellshock is considered a significant threat and could easily be used to compromise PHI. Failure to assure that your BA is taking steps to secure your PHI on their networks from Shellshock could be an issue for your organization.

So there you have it. Shellshock is all at once old and new, scary and contained, and known. Because of this brave new world of connected everything, it could very well provide you with the surprise of your life.

John Gomez is CEO of Sensato of Asbury Park, NJ.

Comments Off on Readers Write: Will You be Shocked by Shellshock?

Morning Headlines 10/1/14

September 30, 2014 Headlines 2 Comments

Optum To Acquire MedSynergies To Help Physician Groups Enhance Patient Care, Improve Practice Performance

Optum will acquire MedSynergies, a physician practice management, revenue cycle management, and referral management software platform with 9,300 customers across the US.

Doctors Find Barriers to Sharing Digital Medical Records

The New York Times interviews Epic CEO Judy Faulkner in a piece addressing problems with interoperability between EHRs, and the accusations that have been leveled at Epic specifically.

An Interview With George Halvorson: The Kaiser Permanente Renaissance, And Health Reform’s Unfinished Business

Health Affairs interviews Kaiser Permanente ex-CEO George Halvorson, who discusses a variety of topics, including the rise and fall of HMOs, the implementation of its $6 billion health IT infrastructure, and the state of health reform in the US.

Effect of a Postdischarge Virtual Ward on Readmission or Death for High-Risk Patients

A study published in JAMA finds that discharging patients directly home, versus transferring them into a post-discharge “virtual ward,” where elements of acute care are carried out in the community setting, has no effect on readmissions or death rates.

News 10/1/14

September 30, 2014 News 5 Comments

Top News

image

UnitedHealth Group’s Optum division acquires MedSynergies, which offers physician practice billing and quality services. MedSynergies was founded in 1996 by a group of Texas ophthalmologists. Its board chair is Joe Boyd, whose history includes being GM of the healthcare practice of Perot Systems, board chair of Healthlink until it was sold to IBM in 2005, and board chair of Encore Health Resources until it was sold to Quintiles earlier this year. I interviewed him in 2012.


Reader Comments

image

From CloudedCare: “Re: CareCloud. Recently laid off a number of their implementation team and the senior leader running that department. The venture debt must be creating pain or their onboarding process needs a revamp.” The company provided this response to my inquiry: “CareCloud is increasingly gaining traction among larger medical group clients, and optimizing our organization to best support their needs. This includes an expansion of professional services offerings and realignment of the team to deliver them.”

From Bloomington Onion: “Re: health system bond downgrades following EHR implementation. They always blame billing issues and reduced productivity due to revenue loss. I wonder how many of them expect it going in?” I would imagine most health systems expect a short-term jump in AR days, but not to the extent that would cause bond raters to question their financial outlook. Hospitals can’t seem to survive without constantly borrowing money and downgrades mean they pay higher interest rates.


HIStalk Announcements and Requests

image

Welcome to new HIStalk Platinum Sponsor Zynx Health, healthcare’s pioneer and leader in evidence-based clinical solutions. Solutions include ZynxAnalytics (pinpoints opportunities to reduce care variation), ZynxOrder (evidence-based order sets), ZynxCare (patient-focused plans of care), ZynxAmbulatory (evidence-based order sets for primary care), and ZynxEvidence (online library of clinical evidence guidelines, and quality measures). A brand new product is ZynxCarebook, a mobile platform that connects care team members and guides them to best practices with clinical evidence while making communications more efficient (the “virtual huddle” capability is a cool idea) and eliminating HIPAA concerns related to text messaging. ZynxCarebook stratifies discharge risks and suggests interventions as it supports care transition plan collaboration – clients have experienced a 22 percent reduction in 30-day readmissions, an 18 percent improvement in HCAHPS scores, a LOS decrease of 0.5 days, and a 40 percent increase in referrals of high-risk patients to post-discharge care management. Zynx is part of Hearst Health, which also includes First Databank, MCG, and Homecare Homebase. Learn more by signing up for a demo. Thanks to Zynx Health for supporting HIStalk.

I found this new Zynx Health video on YouTube, which features customer testimonials.

Listening: new from Sloan, an underrated Canada-based power pop band that’s been around for almost 25 years with no lineup changes and with all four members writing hook-heavy songs that sometimes sound like the Beatles (and still sound good even when they don’t).


Acquisitions, Funding, Business, and Stock

image

Hospital financial management software vendor Healthcare Insights will merge with NOMISe Systems, which offers hospital cost accounting and analytics software. Business will continue under the Healthcare Insights name.

image

Forbes names its 400 richest Americans, with Microsoft’s Bill Gates leading the list at $81 billion of net worth. Facebook’s Mark Zuckerberg jumps to #11 as the company’s share price increase boosts his wealth to $34 billion, while the founder of the GoPro wearable video camera clocks in with $3.9 billion. New to the list is Elizabeth Holmes, the 30-year-old Stanford dropout who founded lab testing company Theranos and owns half of the company, which is valued at $9 billion. Patrick Soon-Shiong of NantHealth is #39 with $12 billion, while Epic’s Judy Faulkner is listed at #261 with an estimated worth of $2.4 billion. Cerner’s Neal Patterson comes in at #395 with $1.55 billion.

image

Google Glass healthcare telepresence vendor Pristine raises $5.4 million in Series A financing.

image

The state of Ohio offers CoverMyMeds $482,000 in incentives to execute its plans to add 116 jobs, move to a larger Columbus office, and create a $2 million training program for software engineers.


Sales

Christopher Rural Health Planning Corporation (IL) selects eClinicalWorks EHR for its 13 locations.

In England, Wrightington, Wigan and Leigh NHS Foundation Trust chooses Allscripts Sunrise.


People

image

Connie D’Argenio, RN, MSN (Philips Healthcare) joins Huron Consulting Group as managing director of its healthcare practice.

image

PerfectServe names Travis Hiscutt (CRI) as sales director for the southeast.

image

Bimal Shah, MD, MBA (Duke University Health System) joins Premier Research Services as VP.

image

Katherine Schneider, MD (Medecision) is named president and CEO of the Delaware Valley ACO (PA).

image

The Cal Index HIE announces two new board members: Mark Savage (National Partnership for Women & Families) and Beth Ginzinger, RN, MBA (Anthem Blue Cross – above).

Morris Collen, MD died last week at 100 years old. He was the last of the seven original partners who created Permanente Medical Group, founded its Division of Research more than 40 years ago, and later embraced a second career as an a medical informatics expert after developing a health assessment tool in the 1950s that was automated as a patient screening tool. He said on his 100th birthday that his proudest accomplishment was his involvement with Kaiser’s EHR. AMIA’s annual excellence award is named after him.


Announcements and Implementations

image

Cerner announces that its HealthyNow app with newly added Apple HealthKit integration is available to Sharp Health Plan members. It allows users to set health goals, earn rewards, share information with providers, and manage medication schedules.

MModal announces availability of computer-assisted physician documentation for its Fluency Direct speech recognition system. The cloud-based solution gives physicians feedback about possible documentation deficiencies as they type or dictate. 

Beaumont Medical Group (MI) goes live on Wellcentive’s PQRS Enterprise Solution, aggregating information from its Epic EMR.

Nuance expands its consulting services to include coding and abstracting compliance monitoring.

image

HCA International will distribute physical therapy and pathology images using Picsara from Sweden-based Mawell. A pilot project found savings of up to an hour per day per clinician when physical therapy sessions were recorded and reviewed using video instead of writing and reading notes.

image

Two North Carolina-based HIEs, Carolinas HealthCare System CareConnect and Mission Health Connect, will share their 3.5 million patient records. They will fill a need in the western part of the state since North Carolina’s first HIE, WNC Data Link, will shut down on September 30 after running out of money.

AirWatch debuts AirWatch Video, an enterprise application integrating content delivery network operators to secure companywide video initiatives.


Technology

image

Dartmouth College will use a telehealth robot from Dartmouth-Hitchcock’s Center for Telehealth on the sidelines of home football games as part of a remote concussion assessment program.

HITRUST warns that the newly discovered Shellshock Unix shell vulnerability could be even more dangerous than Heartbleed since it gives hackers complete control of a server and thus the network on which it resides.

image

Intel introduces the Basis Peak smartwatch that includes step counting, an optical heart rate sensor, sleep tracking, and smart phone notifications. It has a Gorilla Glass touch screen, works with both iOS and Android, is waterproof, claims a four-day battery charge life, and costs $199.

image

Bizarre: Microsoft decides to name the new Windows release Windows 10, skipping a number. Every other Windows version is problematic, so maybe it’s hoping to dodge the bullet even though Win 8 was the disappointing follow-up to Win 7. The new version downplays the much-reviled Metro tile interface, brings back the start menu, and finally shows evidence that Microsoft understands that few users have or want touch screen laptops and desktops no matter how convenient it might be for Microsoft to design one OS for all platforms.


Other

image

Alabama’s medical association registers its displeasure with ICD-10 with its “Top 10 Craziest ICD-10 Codes” social media campaign.

image

The local TV station covers the rollout of the MedaVet app by Washington State University’s veterinary hospital, which allows pet owners to have around-the-clock access and review their care plans. The company’s site says the cloud-based service includes a customized site for the veterinary practice, creation of templates and health plans, incorporation of promotional and wellness information, a calendar of daily tasks with learning material and appointments, a shared health journal that shows task status with an optional photo, and a social support network. It costs $239 for up to three vets. What’s interesting is that the same company – MedaNext – offers care plans for humans, too.

image

The local paper highlights the implementation by Floyd Memorial Hospital (IN) of CrossChx, a fingerprint-based biometric solution for spotting patient identity theft. Founder and CEO Sean Lane was an Air Force captain and NSA Fellow, serving five tours of duty in Afghanistan and Iraq before founding Battlefield Telecommunications Systems. CrossChx, which is based in Columbus, OH, says its solution is live in 28 health systems (of 61 signed) and that it has verified 6 million identities. 

The New York Times interviews Epic CEO Judy Faulkner in covering the challenge of EHR interoperability. She says the government should “do some of the things that would be required for everybody to march together,” adding that Epic created Care Everywhere only when it became clear that the government wasn’t going to go far enough.

A Toronto study finds that assigning patients to a post-discharge “virtual ward” (at-home care coordination, visits, care plans, home care, and follow-up) failed to improve the rate of readmission or death compared to just sending the patients home as usual. The authors suggest these issues caused the surprising failure of all that clinical attention to make any difference: (a) it was hard to get in touch with the patient’s PCP and their in-home support workers; (b) the variety of EMRs used made it hard to figure out who was doing what; and (c) the intervention was started after discharge instead of before.
image

Amazing Charts apologizes for long customer support wait times, blaming a Meaningful Use services rush. Users unhappy after the company’s 2012 acquisition by Pri-Med are venting their frustration on the company’s discussion boards, with one summarizing, “AC has created these logjams by being unable to prioritize what is important, continuing to partner with NewCrop, releasing buggy new versions, and offering unlimited support for a flat price which may create abuse.” Users are also upset that the company is charging them to watch Meaningful Use webinars.

Beth Israel Deaconess Medical Center CIO John Halamka tells a local business group that, “The academic medical center is a dying beast,” urging those systems to reinvent themselves in the face of competition from retail clinics and community-based hospitals and practices.

image

Walgreens CIO Tim Theriault, speaking at Oracle OpenWorld this week, says the company has distinct IT strategies for the retail and healthcare sides of its business. The retail initiatives are focused on a customer loyalty program, determining what items each store stocks, and using analytics and personalization to connect more closely with customers. For its healthcare business, the company plans to perform in-store lab tests and to exchange information with doctors and hospitals collected through its health cloud.

image

Former Kaiser Permanente CEO George Halvorson says in a Health Affairs interview by healthcare expert Jeff Goldsmith that the organization spent $6 billion implementing Epic:

Halvorson: When I got to Kaiser Permanente, one of the things that I told the board was that we were going to do what I did when I helped build health plans in Uganda. We were going to have every single element of the care system connected electronically, so there would be no paper record.

Goldsmith: So you told them you wanted to catch up to Uganda?

Halvorson: I’m not kidding.  I actually learned in Uganda that to strip the whole process down to its most elegant essence was to have no paper anywhere. In Uganda, we couldn’t afford to pay a claim or for patients to show an ID card.

A New York Times article highlights hospitals that use out-of-network ED physicians who stick patients with huge bills even when the patient is careful to use an in-network hospital’s ED in a crisis. Texas lawmakers found that the state’s three largest insurance companies had no in-network ED doctors at all. The article points out that 1980s emergency medicine board certification pushed hospitals to contract out their ED coverage and bill the physician services separately. One patient observes, “It never occurred to me that the first line of defense, the person you have to see in an in-network emergency room, could be out of the network. In-network means we just get the building? I thought the doctor came with the ER.”

Weird News Andy says he plays golf like this, too. A previously profanity-hating grandmother recovering from a stroke finds herself swearing involuntarily when things upset her, including poor performance on the golf course. WNA also notes this story, in which coroners are determining whether high chlorine levels in the water supply of England’s second-largest hospital caused the deaths of two dialysis patients. Meanwhile, an anonymous WNA-wannabe contributes this story, in which surgeons saved a teen whose hair-eating psychological disorder caused her digestive system to be blocked by a world record nine-pound hairball.


Sponsor Updates

  • DataMotion announces that 37 EHR vendors have used its Direct secure messaging service to achieve 2014 ONC-ACB certification.
  • PatientSafe delivers three areas of consideration for bringing contextual communication to clinicians in a follow-up blog regarding clinicians struggling to find the context.
  • PMD announces that its mobile patient status verification is accelerating hospital reimbursements.
  • GetWellNetwork’s O’Neil Center publishes an e-book entitled“Patient Engagement: Beyond the Buzz” including ten interview and articles with provider perspectives and insider insights.
  • HealthEdge partners with NTT DATA to offer a migration program from TriZetto Facets technology due to Cognizant’s acquisition of TriZetto.
  • Judy Starkey (Chamberlin Edmonds & Associates) joins Streamline Health’s board of directors.

Contacts

Mr. H, Lorre, Jennifer, Dr. Jayne, Dr. Gregg, Lt. Dan, Dr. Travis.

More news: HIStalk Practice, HIStalk Connect.

Get HIStalk updates.
Contact us online.

 

125x125_2nd_Circle

Founding Sponsors


 

Platinum Sponsors


 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Gold Sponsors


 

 

 

 

 

 

 

 

Text Ads


HIStalk Text Ads
Big audience, low price.
Seven lines on the
most talked about site
in the industry. Easy -
your ad starts in hours
and is seen by thousands
of visitors each day.

more ...

Advertise here
Which initiative is burning the most time and money while delivering little improvement to patients?

RECENT COMMENTS

  1. Cant you sue the F&B company for fraud if they said they paid you money but never did?

  2. From the Unite Us press release: "“Unite Us is essentially the only company in this emerging space, which means there’s…