State by State Telemedicine Licensure

The Federation of State Medical Boards has produced an overview of telemedicine licensure across the US.  Highlights include:

• Ten (10) state boards issue a special purpose license, telemedicine license or certificate, or license to practice medicine across state lines to allow for the practice of telemedicine.
• Fifty-seven (57) state boards plus the DC Board of Medicine require that physicians engaging in telemedicine are licensed in the state in which the patient is located.
• Minnesota allows physicians to practice telemedicine if they are registered to practice telemedicine or are registered to practice across state lines.
• Fifteen (15) states currently require private insurance companies to cover telemedicine services to the same extent as face-to-face consultations.
• Massachusetts permits coverage for services provided through telemedicine as long as the deductible, copayment or coinsurance doesn’t exceed the deductible, copayment or coinsurance applicable to an in-person consultation. 

I had created a document outlining licensure across the northwest, but it is even better to have something covering the variations across all states.  Licensure that extends across state lines and private insurance coverage are huge issues, especially as we look forward to a new health delivery system, so I'm really happy to see increasing attention by state medical boards.

Status of Mobile Policies

iHealthBeat's Data Points latest shows how far along healthcare organizations are in instituting policies on mobile echnology.

Given the high risks and threats to privacy, I'd like to see a higher number.  However, this is a much quicker uptake than healthcare organizations getting those social media policies into place.

Under the Drapes: More Mystique of Surgery

After finishing my second book by Dr. David Gelber, my first thought was "I want to sit next to this guy at the next Medical Staff dinner".  I thoroughly enjoyed his first book, Behind the Mask , and Under the Drapes  was no certainly no dissappointment.  What did I learn?

• The value of a proper patient interview instead of just a quick trip to CT
• All bleeding stops... eventually?  (Humm, this is also relevant on the non-clinical side of healthcare.)
• There is something to be said about wearing clean underwear... and realizing that your body adornments are likely to be noticed when you are being examined for signs of trauma
• Yep!  Throwing instruments, belittling and berating staff, and ignoring patients and their families questions and concerns, are definitely uncool!
• Some cases are disasters... and mistakes only make them worse.
• A surgeon's dream: the "Surgery Pole"!  Think Marcus Welby and Batman... prepped for surgery in a second!
• Attention inventors:  
  • Razo-vac needed - a mini dust buster with built-in shaver!
  • What about a thought-directed lightspeed operative field illuminator instead of those silly forehead flashlights that never seem to be aimed in the right place.
• Health reform means physician incomes will go down, so consider new sources... like the medical office gift shop, lab coat advertising or internal tattoos!  The possibilities are endless when you use a little creativity!

Hopefully, you now realize why I want to sit next to Dr. Gelber at the next Medical Staff dinner.  He is thoughtful, compassionate, real ... and wildly funny!

Knowledge Capital in the Digital Society: Information-Based Value Creation

I finished reading Peter Waegemann's book on knowledge capital in the digital society not long ago and wanted to share a few key take-aways.  

• the need to learn by memorizing is now replaced by the need to thrive in the digital world... to be creative, to research to connect the dots and to manage information and knowledge.

•  
  • Digital intelligence will mean the ability to smartly navigate the immense world of knowledge and information, not trying to memorize it.

• today... the smartest child is the one who can navigate information resources and connect the dots -- that is the one who understands the meaning and context of information.

•  
  • the new challenge concerns how one 
    • acquires knowledge, 
    • manages information, 
    • distinguishes useful from trivial, 
    • separates truth from spin, 
    • navigates information resources and 
    • identifies belief systems according to established values 
    • while remaining open to alternatives and 
    • how one continues to improve knowledge over a lifetime.

• Advertising is moving from printed media to digital product targeting

• Information fields such as medicine, law, engineering, and even language translation may ultimately be mapped like geography, using software to guide people accordingly

• predictive text, indexing and semantic software, that within seconds, can extract relevant subject matter out of millions of pages will help us manage the wealth of information

This is a book that makes you think and reflect back to look at the future! It is especially relevant to healthcare leaders, human resource professionals ... and parents!

3rd Annual Benchmark Study on Patient Privacy & Healthcare Data Security

The Third Annual Benchmark Study on Patient Privacy & Data Security by Ponemon Institute and ID Experts, has been released and reports that healthcare organizations face a huge challenge in stopping data breaches. 

• 94% of healthcare organizations surveyed suffered at least one data breach
• 45% of organizations experienced more than five data breaches during the past two years
• Astonishingly,  69% off organizations still have not secure medical devices—such as mammogram imaging and insulin pumps (IT and Biomed have to talk!)
• The cost to the industry could average $7 billion annually. 
  

Most organizations surveyed say they have insufficient resources to prevent and detect data breaches, but consider the alternatives.  Patients are at increased risk for medical identity theft and their PHI and privacy could be violated as mobile and cloud technology becomes pervasive.

Change is needed and recommendations include:

1. Operationalize pre-breach and post-breach processes, including incident assessment and incident response processes
2. Restructure the information security function to report directly to the board to symbolize commitment to data privacy and security
3. Conduct combined privacy and security compliance assessments annually
4. Update policies and procedures to include mobile devices and cloud
5. Ensure the Incident Response Plan (IRP) covers business associates, partners, cyber insurance

If you like visuals, check out the infographic.  If you are into details, read the entire report and consider:

• Information breached is largely medical files and billing and insurance records. According to the research, 54% of organizations have little or no confidence that they can detect all patient data loss or theft. Based on the experience of the 80 healthcare organizations participating in this research, the resulting cost to the U.S. healthcare industry could be $6.87 billion, up from 2011. The average impact of a data breach is $1.2 million per organization.

• The causes of data breach cited were loss of equipment (46%), employee errors (42%), third-party snafu (42%), criminal attack (33 %), and technology glitches (31%). Cases of medical identity theft occurred at 52% of the organizations, and it lead to inaccuracies in the patient’s medical record (39%) and/or affected the patient’s medical treatment (26%).

• Mobile devices in the workplace pose threats to patients’ PHI.  Employees are permitted to use their own mobile devices—commonly called Bring Your Own Device (BYOD)—often to access organization data (81%), yet organizations are not confident that these personally owned mobile devices are secure (54%). Hospitals surveyed are using cloud-based services (91%) to store patient records, patient billing information, and financial information, but 47% percent lack confidence in the data security of the cloud.

• This past year, 36% of healthcare organizations made improvements in their privacy and security programs, in response to the threat of audits conducted by the U.S. Department of Health and Human Services Office for Civil Rights. While 48% of organizations are now conducing security risk assessments, only 16% are conducting privacy risk assessments. Organizations still have insufficient resources to prevent and detect data breaches (73%) and/or don’t have controls to prevent and/or quickly detect medical identity theft (67%).

Now that I have an headache, I think I'll stop here.