Congress on Healthcare Leadership 2013

The American College of Healthcare Executives is holding its annual Congress on Healthcare Leadership in just over two weeks (March 11 - 14, 2013).  I'm attending and will sharing my thoughts on the good, bad and ugly of social media.  

There are two session times available (Monday at 4:15 pm and Tuesday at 8:45)  In addition, there will be a brief 20 minute "highlight segment" available for those who had planned to attend, but are no longer able.  During the session we will explore legitimate and innovative uses of social media and mobile technologies that contribute to improved patient outcomes and enhanced experiences. We will also discuss the threats and strategies to manage risks and miminimize loss.  

Yes, tweeting during my sessions will be permitted! Just include @ACHECongress in your tweets so those following highlights of the conference can find them!

If you are attending Congress this year, you may also be interested in coming to visit me at the book signing for the newly released second edition of Social Media in Healthcare:  Connect Communicate Collaborate at 3:45 on Tuesday in the Bookstore.  It is a big year for social media and healthcare leaders!

In case you are wondering, this is my second time speaking at Congress.  The first was in 2006 on the subject of establishing a RHIO with the legendary Holt Anderson of NCHICA.

Hospitals: Take down those walls!

A new article in HealthcareITNews highlights the hospitals of the future and their need to become more virtual.  I love the five key design elements for hospitals of the future -- without walls:

1. The ability to design a digital profile of each individual  -  i.e. healthcare CRM
2. The ability to see and engage virtually via high-definition video, anytime, anywhere and on any device
3. The ability to create centers of collaboration excellence both inside and outside of our communities
4. The ability to access massive amounts of data without putting it in one container
5. The ability to leverage social media as a care coordination platform, not merely a collaboration platform 

I, like Ash Shehata, have envisioned this and am so happy to see I'm not alone.

Health Information Technology for Healthcare Leaders

For the last two years I've been presenting a six-week online seminar exploring health information technologies for the American College of Healthcare Executives. This followed an invitation from them to write a column on technology for the 2007 issues of Journal of Healthcare Management and their willingness to publish my book on social media in 2010.

My journey into health information technology began in 2004 and at one time a blogger buddy referred to me as the "RHIO queen."  Given my passion for hospital leadership and administration I still think it is funny that I developed expertise in this area and a title. However, back in 2004 I could see the importance of healthcare leaders understanding technology applications and was a bit frustrated that some of my peers weren't willing to learn.  

I worked hard to catch up and keep up with my own learning, knocked on a few doors and maintained some patience.  Today, I'm so pleased to see that healthcare leaders have taken a much more active role in developing their own understanding of the technologies and the importance of implementing the right tool for the right purpose and right auidence.  More and more, they also recognize the importance of having a clear strategy and clean workflows before any applying technology tools.

Healthcare leaders play a crucial role and their decisions can instantly impact the spark of innovation and success of an implementation.  That is why it is so important that they develop at least a baseline understanding of the technologies, risks and rewards.

Today we start the second six week seminar of 2012 and I look forward to working with a new group of healthcare leaders to envision innovative applications in their organizations for the benefit of our patients!

There is still time to register, so consider joining us!  For more information Click Here!

Meaningful Use Stage 2 Comparison: Infographic

This morning in my Tweetdeck inbox I received this infographic from the tweeps a healthPOINT at Dakota State University. I like to see my health IT friends using social media for more engaging education.

Meaningful Use: Transforming Patient Engagement

This morning sent out a press release for Tower and also want to also share it with my blogosphere readers.  As always, I'm interested in your thoughts and hope you will consider leaving a comment. (PDF Version of Press Release)

The Office of the National Coordinator for Health IT (ONC) and The Centers for Medicare & Medicaid Services (CMS) has released the long awaited final requirements for State 2 Electronic Health Records Incentive programs.  Included in the rules is an emphasis on patient engagement.

 New rules specific to patient engagement include:

•  The “provide patients with an electronic copy of their health information” objective is being replaced with an “electronic/online access” core objective.
•  A new core objective for eligible providers is “use secure electronic messaging to communicate with patients on relevant health information“
•  CMS proposed two new core objectives related to patient engagement with measures that require patients to take specific actions in order for a provider to achieve meaningful use and receive an EHR incentive payment.  For both, the threshold was lowered from the proposed 10% of patients to 5% in the final rule.  CMS also recognizes broadband availability limitations in some provider practice areas and introduced an exclusion.
•  Patient and Family Engagement is one of the six key health care policy domains of which all providers must selection at least three for clinical quality measures (CQM) and reporting.  These are the CQMs that reflect the potential to improve patient-centered care and the quality of care delivered to patients. They emphasize the importance of collecting patient-reported data and the ability to impact care at the individual patient level as well as the population level through greater involvement of patients and families in decision making, self care, activation, and understanding of their health condition and its effective management.
•  More than 50% of all unique patients seen by the eligible provider are provided timely (within 4 business days) online access to their health information.  More than 50% of all patients who are discharged from the inpatient or emergency department of an eligible hospital or Critical Access Hospital have their information available online within 36 hours of discharge.

The ONC final rule complements the newly released CMS final rule and reflects their commitment to promote patient engagement and safety.

 As hospitals and other providers prepare to comply, they must first acknowledge that this isn’t just an issue for their IT departments to address.  Instead, attaining meaningful use of one’s electronic health records/systems for patient engagement will require the collective involvement and collaboration of disciplines from across the organization… clinical, operations, information services and communications/marketing.

“Healthcare leaders will need to be strategic and put every decision in the context of the patient experience.  Having an effective patient strategy will lead to happy customers, staff and a healthcare organization exceeding their business objectives” said Dr. Sue Sutton, CEO at Tower, a patient experience consulting group based in Los Angeles, California.

The approach required is one of re-defining patient engagement across all touchpoints, both physical and virtual, to positively transform the patient’s experience – as perceived by the patient. “The research tells us where the patients are going, but institutions aren’t paying attention. If the approach taken doesn’t actually engage patients, the organization won’t meet the meaningful use criteria and they may actually lose some patients to healthcare providers who have implemented more patient-centered engagement strategies“, added Dr. Sutton.

Enterprise portals can facilitate electronic access by making information within existing systems available in a more patient-friendly manner.  The portal helps accomplish the goal of compliance with the MU criteria, but it does so at the same time it can accommodate additional features and personalization for enhanced engagement and a better patient experience.  Ultimately, this is what will lead to improved outcomes – the ultimate goal of meaningful use.  

CMS will audit healthcare providers who are participating in the meaningful use program and will focus in on those who show substantial noncompliance.  For detailed information, see

 CMS Final Rule Regulations                   ONC Final Rule Regulations

CMS Final Rule Fact Sheet                    ONC Standards and Certification Final Rule Fact Sheet

Best Practices in Healthcare Disaster Recovery Planning

The shift to more digital healthcare environments means that health IT disaster recovery planning is even more critical than it was in the past.  Not long ago, Health Management Technology had an article that does a nice job of taking readers through the planning process; including identifying critical systems applications and prioritizing those for order of restoration... in advance.  

A good resource focusing on the front end, from the National Cybersecurity and Communications Integration Center, covers issues of cybersecurity and continuity of operations planning for IT disaster events.  It does a nice job of reviewing risk assessments, identifying potential points of entry (including those implantable medical devices) and addressing mobile device risks. 

The Department of Homeland Security is offering to conduct onsite Cyber Resilience Reviews (CRRs) of hospitals and details are outlined in a fact_Sheet and list of FAQs.  If you are in California and want additional information, call the Cal EMA in the Office of Infrastructure Protection at 916 845-8893.

Just in case you are wondering my best practices for today are in green!

Health IT ROI - Value to the Enterprise and Patient

Building Out Your Health IT ROI - The Value to the Enterprise and the Patient This latest article for HIMSS Clinical Informatics Insights explores how enterprise portals can help hospitals tie disparate systems together, so that the data and information already being collected can be used (meaningfully).  Going beyond the typical departmental information systems, it also addresses the accommodation of non-traditional Health IT technologies, such as, remote monitoring, telemedicine and social networking technologies.

Liking, following, linking, tagging, stumbling: social media is changing the nature of health-related interactions

Earlier this year I was invited by the eHealth Initiative to participate in a focus group for PwC Health Research Institute's newly released report entitled, “Social media likes healthcare: From marketing to social business.”  It included both consumer and industry surveys.

The report finds that social media activity by hospitals, health insurers and pharmaceutical companies is miniscule compared to the activity on community sites. While eight in 10 healthcare companies (as tracked by HRI during a sample one-week period) had a presence on various social media sites, community sites had 24 times more social media activity than corporate sites.

Highlights from the consumer survey found:

• One-third of consumers now use social media sites such as Facebook, Twitter, YouTube and online forums for health-related matters, including seeking medical information, tracking and sharing symptoms, and broadcasting how they feel about doctors, drugs, treatments, medical devices and health plans.

• When asked how information found through social media would affect their health decisions, 45% of consumers said it would affect their decision to get a second opinion; 41% said it would affect their choice of a specific doctor, hospital or medical facility; 34 % said it would affect their decision about taking a certain medication; and 32 % said it would affect their choice of a health insurance plan.

• As is the case more broadly, young adults are leading the social media healthcare charge. More than 80 % of individuals between the ages of 18 and 24 said they were likely to share health information through social media channels and nearly 90 % said they would trust information they found there. By comparison, less than half (45%) of individuals between the ages of 45 and 64 said they were likely to share health information via social media. But, keep in mind that 45% is a really big group of aging Boomers.

• Sixty-one percent of consumer respondents are likely to trust information posted by providers, and 41% are likely to share with providers via social media, compared to 37% trusting information posted by a drug company, and 28% likely to share information with a drug company.

Findings from the surveyed eHealth Initiative members include:

• Eighty-two percent said their organization’s social media efforts are managed by marketing/communications. Few organizations said their IT departments and digital teams owned social media strategies.

• One-half said they are concerned about how to integrate social media data into business strategy and processes. 

As I often advise, it is important to include a social media strategy in your hospital's plans for engaging patients and consumers.  The plan should include a balance of engagement on community and corporate sites, as well as, promote innovation for applying the technologies as solutions to clinical challenges.

Southern California HIMSS Annual Healthcare IT Conference

The Annual Healthcare IT Conference of the SoCal Chapter of HIMSS is coming up quickly on April 4th in Los Angeles.  It is a great networking and learning event for healthcare professionals, but it is also a wonderful opportunity to meet some of those who are new to the health IT workforce.

So check out the program agenda  and register today!  Highlights include:

• Jack Lewin, MD, CEO of the American College of Cardiology speaking on the State of the EHR Union: Where Are We?  Where Are We Going? When Will We Get There?
• How EHR Will Empower Patients and Family with Linda Macomber, Assistant Professor, School of Health and Human Services, National University and Clinical Reviewer/Juror, Certification Commission for Health Information Technology (CCHIT)
• Janet Marchibroda, MBA, Chair, Bipartisan Policy Center Health IT Initiative on Affordable Care Act’s Impact on Health IT: A Bipartisan Perspective
• A Health Information Exchange Update with California RHIO and HIE experts 
• Workshops:
  • Ambulatory EHR: Pros and Cons
  • Accountable Care Organizations/Patient Centered Medical Home
  • Career and Job Search Strategies

 

Financial Impact of Breached Protected Health Information

I believe we all realize that as the industry moves to electronic health records, patients' PHI is more susceptible to exposure. Last year, in an article on the cost of data breaches, I referenced the a project of the American National Standards Institute (ANSI) and 100 industry leaders who were tackling the big question what can healthcare organizations do to better protect patients' information?

They first needed to understand the value of patient protected health information and then could develop a method for healthcare organizations to estimate breach costs, so they can make appropriate investments to better protect PHI security.  The result is their report:  The Financial Impact of Breached Protected Health Information: A Business Case for Enhanced PHI Security.

It includes tools to estimate the overall potential costs of a data breach to an organization, and provides a methodology for determining an appropriate level of investment needed to strengthen privacy and security programs and reduce the probability of a breach.  A detailed example of costing a PHI breach using the PHIve method is also provided.

BYOD or BYOT

Just before HIMSS12, I learned about BYOD/BYOT (Bring Your Own Device/Technology).  Evidently, businesses and some healthcare organizations are encouraging, or allowing their employees, to use their latest and greatest (personal) mobile gadgets (smartphones, tablets, etc) to connect into their information systems. 

Now, it may seem that this policy will help reduce equipment costs and allow employees to use the latest technology, but it makes my Mobile Governance and Tablets in Healthcare posts even more important reads for healthcare leaders.  Why, because the organizations may find themselves paying out much more for costs associated with data breach assessments, reporting, fines, liability, etc.

For those of you who like data, consider iHealthBeat's report on a healthcare mobility survey that found:

• 85% of respondents said their organization has a BYOD policy, but the organizations vary in the amount of data they allowed personal mobile devices to access.
• 53% of respondents said their organization only allows personal mobile devices to access the Internet;
• 24% said their organization provides personal mobile devices with limited access to hospital applications; and
• 8% said their organization provides personal mobile devices with full access to the hospital network (Dolan, MobiHealthNews, 2/23).

Additional findings include:

• EHR applications are the most widely supported application on mobile devices, with 60% of respondents saying their organization supports the use of mobile EHR apps. The next most widely supported mobile apps include picture archiving and communication systems, secure messaging and voice-over IP (Computerworld, 2/24).
• More than 75% of respondents said their organization provides Internet access to patients and hospital visitors, but 58% said they use open networks without password protection to do so (Jackson, FierceMobileHealthcare, 2/23).

My hope is that these organizations (especially the 8% allowing full access to their network and the 15% without a policy) have already implemented the necessary safeguards to protect their systems and personal health information from accidently beaches, malicious attacks and HIPAA violations.

What I saw/learned at HIMSS12 - Highlights

It has taken me a while to catch up and recover from being at HIMSS12 last week, but I've finally had a chance to sit down and reflect on what I saw and learned during that busy week.  So below are my higlights:

• Thoughts from Biz Stone: 
  • Opportunity can be manufactured! You can create it!
  • Creativity is a renewable resource. It is infinite! Challenges are fun puzzles; not problems!

• Thoughts about the Future from the Smith and Hobbs presentation on Clinical Mobile Applications: 
  • 500 million people are expected to manage health concerns with smartphone apps by 2015 according to Research 2 Guidance 2010.
    
  • "Drive discovery about behavior, adapting to person and optimizing behavior"
  • The convergence of biology and machine
  • We need to establish risk model taxonomies for consumers, providers and manufacturers for safe & secure apps.
  • We need sensors to pick up signs that an intervention is needed in healthcare, just like our cars are doing today.

• CMS' ICD 10 and Version 5010 Implementation Timeline widget

• Guam HIE Project that demonstrate its Secure Messaging capabilities using the Nationwide Health Information Network Direct Project for coordinated care and disaster communications.

• Kaiser Permanente launched its new Mobile Optimized kp.org app giving members access to their medical records, refill prescriptiosn, appointments and messaging via mobile devices.

• Learned about iTriage's ER CheckIn smartphone app service that hospital staff of incoming patients. iTriage is the same one that made it to my list of top apps for the flu season late last year.

• The There's an App for That presentation demonstrating apps for vision, hearing, sleep, sobriety test, contractions/labor, smoking cessation, heart rate, spirometry, Airstrip, AED, allergy alert, EKG, podiatry, and more.

• The Patient Safety Company promoted their cloud environment and apps for safety and risk.  Also, help you develop your own apps. 

• Seeing MicroBloggingMD a microblogging platform used for secure hospital communications.

• Learning about Happitique which classifies apps for professionals which helps with the sorting process of the thousands of available apps and provides an enterprise mHealth solution. 

• Talking to several people about the move toward BYOD (bring-your-own-device) and the associated risks (including data security) in healthcare environments. (Stay tuned for an BYOD post to come.)

• Experiencing my first "hat interview" as tweeted by @EHRworkflow

• Learning about HealthInfo Island, Health Support Coalition, Cancer Co-Op, AIDS and HIV Support, etc  -- communities on the virtual world 2nd Life.

• And, getting an update from Zac on Louisiana's HIT/HIE activities.

But, the absolute best part of the week was finally meeting several of my blogger friends in person! Talking with them in person gave us a chance to bring our relationship full circle.  Some I just met this past year, but I've known two since first starting to blog in 2005 -- @hospitaltony and @techguy.

Convergence of HIE and Social Media

The San Diego Beacon eHealth Community is one example of how we are starting to see the convergence of health information exchange (HIE) and social media technologies.  They recently shared the details of their pilot study, which is designed to use SMS technology to improve childhood immunization rates. Highlights include:

• Purpose:  determine the impact and cost effectiveness of text messaging to improve child vaccination rates (all, on-time by age 19 months)
• Parents of childrent 9 - 13 months who speak either English or Spanish will be recruited.
• Participants receiving the intervention will receive monthly text message reminders to schedule or keep an existing appointment for their child's 15- and 18-month well-baby visits, as well as, educational messages.
• The control participants will only receive general milestone and health information during the study period.
• Some messages for both the intervention and control groups require a response (making the communications bi-directional.)

In addition, the involvement of a cell phone (mHealth) also makes this another great example of the convergence of telehealth and HIE.

Reach Out To Consumers, Measure & Control Your Domain

Not long ago, I read an article reporting that 1 in 5 Americans are using social media for healthcare information.  It made me wonder if hospitals are calculating their market share -that is, the portion of those info seekers in your service area(s) who are accessing online information sponsored by your organization, rather than that of a competitor or sites that may have questionable trustworthyness.

Then, over the weekend I picked up on a tweet about efforts to smack down ROI.  Basically, some in social media, not necessarily in healthcare, are promoting an anti-measurement agenda.  My feeling is that we in healthcare must measure our performance.  If it is important that we measure for evidence-based medicine, outcomes, patient satisfaction, compliance with regulations, improving quality and performance, managing risks, reporting, effective and efficient use of resources and more; then it is important that we measure the performance of our social media applications.

So this takes me to actually leveraging the technologies and learning to use social media in our healthcare environments and a couple of new resources that can help us all keep up with the rapidly evolving world of social media.

While at HIMSS last week, I came across two new social media white papers.  The first is the Health IT Social Media Primer from HL7 Standards.  It answers questions like "what do I need to know?" and "what should I tweet?", presents some important "how to" details and also reviews newer social media channels like Google+ and Quora (a question & answer forum). 

The second is a new white paper from the HIMSS Social Networking Work Group, Healthcare "Friending" Social Media:  What Is It, How Is It Used, and What Should I Do?  It also reviews recent social media developments, but I found the reference to there being 787 hospitals on Foursquare, but less that 10% having claimed their listing to be most interesting.  It reminds me of the teen patient who started a Facebook page in his childrens hospital's name, so he and the other patients could connect and support each other anytime.  

I was also happy to see that the HIMSS workgroup included the example an HIO delivering virtual education for electronic health information exchange (HIE).  And, I can't be more pleased that they also referenced my work. The topical review is publically available.

So, hospitals, do me a favor and:

• do reach out to the growing number of healthcare consumers searching for healthcare information from a trusted-source.
• do measure the performance and impact of your social media activities.
• don't let others control your domain name and brand.

Stage 2 Meaningful Use Has Arrived

The Notice of Proposed Rulemaking (NPRM) for Stage 2 meaningful use has been posted and it outlines the next stage of meaningful use for the Electronic Health Record (EHR) Incentive Programs, which are administered by CMS. 

The Office of the National Coordinator for Health Information Technology's (ONC's) NPRM was delivered to the Federal Register on February 22 at the same time as the CMS NPRM, and the policy is finalized. Additional news about the ONC proposed rule will be released once it is posted and the rules will publish on the same day.

CMS has developed a fact sheet to give providers an overview of the rule and how Stage 2 expands upon Stage 1 of meaningful use. 

I'm co-chair a workgroup for HIMSS to prepare comments related to governance issues in the NPRM. I'll also contribute to an American Telemedicine Association group review.  So, feel free to share any issues that you see. 

To learn more about meaningful use visit the CMS EHR Meaningful Use Overview web page.

HIMSS So Cal Healthcare IT Conference

Just as I'm getting ready to experience the big HIMSS Conference, the Southern California Chapter has released its agenda for their upcoming Healthcare IT Conference in Los Angeles.  

The conference is a great opportunity to hear from National and California leaders on HIEs, EHRs and Meaningful Use, wireless health IT applications, development of the HIT workforce and job search strategies, and accountable care organizations. It is also a perfect networking event.

I'm excited for the opportunity to return to my roots in Health IT and participate on the HIE panel. Register here to join us at the Center for Healthy Communities at the California Endowment near downtown Los Angeles on April 4, 2012 from 8am to 4pm.  I hope to see you there!

HIE for Consumers

Will from Redwood MedNet sent me a powerful video from Health Information Partnership for Tennessee. The video will help consumers learn and understand more about why health information exchange is important.  In the video, I was pleased to see an old RHIO friend, Dr. Mark Frisse.

There is a surprising twist near the end, so please watch and learn! 

You can also check out their videos for administrators and providers.

HIE Guide for CIOs

CHIME and eHealth Initiative have joined forces to create a Health Information Exchange (HIE) Guide for CIOs. The guide looks to be fairly comprehensive, starting with the background of HIE and continuing to key contract elements with a Health Information Organization (HIO).

I'd also recommend that CIOs explore the toolkits, checklists and other resources being developed by the HIMSS HIE Committee and Workgroup. And this includes the book, Guide to Establishing a RHIO with its review of collaboration and the legal entity and governance models.

If you still have questions after exploring these resources, or need assistance with administrative and governance issues, you can always leave a comment or contact me directly.

Gartner Worldwide IT Spending Forecast

I participated in this morning's Gartner Worldwide IT Spending Forecast.  Gartner, the technology research giant, brought together some wonderful speakers who shared information that I feel is important to healthcare -- especially at this moment in time.  The issues will have major revenue implications for vendors (perhaps leading to service changes) and could delay current and planned IT initiatives (EHR adoption, HIE, etc) of healthcare organizations.

The floods in Thailand in October of 2011 severely impacted fabrication facilities and this has lead to a shortage of hard drives. It is predicted that it will take at least until the 3rd or 4th quarter of 2012 for the industry to get back to meeting demand.  There is some uncertainty about this timeline.

This means:

• There will be storage and server component shortages.  Storage will not be cheap and providers will need to be efficient.
• Virtualization (the cloud) may be a more affordable option.
• We can expect longer lead times for delivery, backlogs and double ordering of products.
• We can expect an increase in costs over the short term (re-assess those budget projections you made last year)

One lesson that comes from this situation is to have multiple geographic locations for the manufacturing of components to help prevent business disasters like this one.  In this case all of our (the world's) eggs (hard drives) are manufactured in one basket (Thailand).

PC and software spending is down due to the downturn in the economy.  But, there was one bit of good news that I pulled from the discussion on software.  Spending on software (tools) for collaboration is increasing.  Companies are investing in technologies that will help them stay competitive and this means tools that will help their employees collaborate will reduce the need to bring on additional people. 

Now, I've been seeing this in other industries and have started to see it trickle into healthcare.  With health reform upon us, I hope my friends in the hospital start thinking a little more out of the box and how they too can leverage collaborative tools (aka social media) to improve efficiency and effectiveness in the workplace.

Top 11 Trends for 2012 in Healthcare Data

A look ahead at healthcare data points to increased risks, regulatory expectations and reputational fallout.  So it was a pleasure that I could contribute to a list of the top 10 trends for 2012 in healthcare data.  And, I really do appreciate so may news organizations carrying the story.  

My hope is that by increasing awareness of the risk among both healthcare providers and consumers, the necessary safeguards will get implemented.  The top 2012 predictions in healthcare data are:

1. Healthcare organizations will not be immune to data breach risks caused by the spread of mobile devices in the workforce
2. Class-action litigation firestorms are imminent
3. Social media risks in healthcare will grow
4. Cloud computing is not a panacea; technology is outpacing security and creating unprecedented liability risks
5. Growing reliance on business associates will create new risks
6. Organizations risk reputation fallout
7. Mobile will explode in healthcare 
8. Increased emphasis on willful neglect leads to increased enforcement of HIPAA
9. Privacy and security training will be an annual requirement
10. Rise in  fraudsters will increase fraud risk education
11. Healthcare organizations will turn to cyber liability insurance

See PR Newswire for the complete release.

Telehealth, the Cloud and BI — oh my!

My guest blog post for Health IT Exchange made it onto their list of top 7 community blogs of 2011. Telehealth, the cloud and BI — oh my! includes my post on the importance of connecting health IT with disaster planning and others addressing some of my favorite topics - telehealth, meaningful use, health information exchange, the cloud and medical devices.  

Their list of top 2011 blogs also also includes something new for me - voice commands on mobile devices. I've been watching my teenage daughter, who has a form of dyslexia, speak into her new phone (Christmas present) to text her friends.  It has gotten me thinking... 

To all of my readers, I wish you a very happy and healthy new year!

Healthcare Data Breaches are Up 32%

Ponemon Institute has released their study findings on hospitals and patient privacy and the results seem to confirm my fears from a few months ago when I looked at the cost data breaches.  The wake-up call comes straight from the study intro:

Our study found that the number of data breaches among healthcare organizations participating in the 2010 and 2011 studies is still growing—eroding patient privacy and contributing to medical identity theft. On average, it is estimated that data breaches cost benchmarked organizations $2,243,700. This represents an increase of $183,526 from the 2010 study despite healthcare organizations’ increased compliance with federal regulations.

Other highlights include:

• data breaches are up by 32 percent
• costs to healthcare industry: $6.5 billion (enough to hire 81,250 registered nurses nationwide)
• causes: widespread use of unsecured mobile devices, employee mistakes, procedures not being followed
• patients' privacy coming in last; medical identity theft up
• data breaches likely to increase given lack of resources at hospitals

The good news is that healthcare organizations have improved by having more trained and knowledgeable staff and better policies and governance.  And, this has likely contributed to the decrease from 41% to 35% in respondents who say data breaches are discovered by patients.

It really is time for consumers, policy makers and providers to pay attention before we find ourselves having to give up ground on the progress we have made to date.  If you are interested in my thoughts about managing the risks of mobile devices you should read my recent post on Tablets in Healthcare.

 

How To: Set up Office 365 with Direct Project

Sean at the Family Health Guy has a great post on setting up Office 365 with ONC's Direct Project.  I believe this will take us far and it is a wonderful opportunity for small, independent and/or rural providers to particiapte in health information exchange activities in their community or region.  It also makes for a great starting point to get some HIE projects started down the path of working out those ever so important relationships.

HHS Updating Regulations to Recognize Changing Technology

HHS has released its plan for retrospective review of existing rules that may actually be interfering with the delivery of healthcare services.  This review is in response to Executive Order 13563, which is aimed at all federal agencies and the streamlined, effective, efficient regulatory framework to achieve economic growth, investment flows, job-creation, and competition.

While HHS’s systematic review of regulations will focus on the elimination of rules that are no longer justified or necessary, the review will also consider strengthening, complementing, or modernizing rules where necessary or appropriate—including, if relevant, undertaking new rulemaking.  Key sections include:

Updating Regulations to Recognize Changing Technology, including

• Use of Telemedicine to Increase Access
• Aligning the Electronic Health Record Incentive Program with Other Electronic Reporting Systems

Improving Pre-market Review for Medical Devices

Regulation of Medical Devices

And, changes to the existing Conditions of Participation for Hospitals will also be interesting to watch.

Health Information Technology Online Seminar

I've been quite impressed by the  American College of Healthcare Executives interest in health information technology over the last few years and their desire to spark the imagination of healthcare leaders.  It was especially exciting to see us evolve to talking about creating a 6-week online seminar on the subject of Health Information Technology. 

The best thing about this seminar on IT stuff is that the course instructor and participants are all healthcare leaders who share their varied perspectives and experiences during the weekly discussions. We explore the disruptors, strategy, risks, emerging issues and review the interconnected nature of the technologies.  The six weekly topics brokend down into:

Week 1:  Introduction, Stats, Disruptors

Week 2:  Electronic Health Records

Week 3:  Health Information Exchange

Week 4:  Telehealth, Telemedicine, Remote Monitoring, Education/Mentoring

Week 5:  Social Media and Mobile Health

Week 6:  What the Future Holds for Healthcare!

I've really enjoyed the process of pulling this course together and thinking through what participants wanted and needed to know.  We are just finishing up our trial run through the program and will start the next session on October 12.  If you think you might like to join us visit the ACHE site for registration information.