Health IT and Electronic Health Activate your FREE membership today |  Log-in

Health IT Pulse

August 27, 2015  9:38 AM

Survey results show concern among consumers about privacy with wearables and mobile apps

Posted by: klee34

In 2014, there were an estimated 21 million wearable tech devices sold worldwide, according to a survey by Healthline, a health IT publishing and marketing company. In 2019, that number could grow to 150 million.

Despite the popularity of wearables—especially among consumers– and the benefits they bring to personal healthcare, the survey also found that many wearable users feel their data is not being sufficiently secured by manufacturers. For example:

  • 25% of respondents said that they don’t believe their personal health data is secure on a Fitbit or a health tracking app.
  • 45% of respondents—who are also wearable and mobile health app users—said they are concerned that hackers may try to steal their personal health data from a wearable.

There has been a lot of confusion surrounding this topic: What exactly is personal health data? And what exactly does HIPAA protect?

In a recent SearchHealthIT article, experts explained that if a person simply goes out and purchases a Fitbit, for example, then the health data that device and company collects is not covered by HIPAA. However, if a person receives a wearable device through a hospital or doctor—including a Fitbit—then the health data that device collects is covered by privacy regulations because it was issued by a HIPAA-covered entity. Even then it is important to note that HIPAA—specifically the HIPAA Security Rule– defines protected health information (PHI) as information like a patient’s name, address, phone number, or Social Security number.

However, other information — heart rate data for example — is not considered PHI and therefore is not covered by HIPAA. Experts also added that should your Fitbit be hacked and your heart rate data stolen, it wouldn’t pose a major threat to the user.

Despite these concerns, the value of wearables when it comes to healthcare is undeniable and the survey report found that physicians are beginning to recognize this.

“Mobile app prescribing is still in its infancy, but we see it emerging today,” the report said, with 4% of respondents saying their doctor recommended a mobile app to them and 2% said an app was actually formally prescribed by their doctor.

“Healthline’s survey findings indicate a strong interest among consumers in the advancement of wearables, mobile apps and telehealth,” Dean Stephens, CEO of Healthline, said. “However, there is a lingering and noticeable concern around the protection of personal health information. This should be a warning bell for manufacturers to ensure that the security of this new technology is a top priority.”

August 26, 2015  9:45 AM

President’s precision medicine initiative looking for fresh tech ideas

Posted by: ShaunSutner
precision medicine

While opinions differ, to say the least, on President Obama’s healthcare policy, his precision medicine initiative (PMI) has drawn praise.

But up to now there have not yet been many concrete results to come out of the initiative other than private undertakings around genomics and precision medicine by companies such as NantHealth, IBM Watson Health and individual researchers whom the White House has celebrated as “champions of change.”

Now the president is soliciting new ideas for moving the initiative ahead.

“We’re looking to a broad range of stakeholders to learn about new or expanded initiatives and programs aimed at enabling new ways to improve health and treat disease — and ways to use this information to inform our precision medicine efforts going forward,” according to a recent post on the initiative’s blog.

The post was authored by D.J. Patil, deputy chief technology officer for data policy and chief data scientist in the president’s Office of Science and Technology Policy, and Stephanie Devanie, project manager for the PMI.

Among the ideas the initiative is looking for are:

  • New approaches for deploying precision medicine into patient care to improve health.
  • New ways to engage patients, participants, and partners in research, and get the word out about PMI, including through the use of novel technologies.
  • Finding innovative ways of including historically excluded and underserved populations in research.
  • Developing robust APIs in EHR systems that can support patients accessing their clinical data and donating it for research.
  • Creating ways to share information across organizations with privacy and security protections.
  • Technology to support the storage and analysis of large amounts of data, with strong security safeguards.
  • New analytics systems to help combine diverse data sets with privacy and security protections to answer precision medicine questions.
  • New approaches to handling security issues in building large research data sets.
  • Steps to increase the number of skilled data scientists and technologists working in healthcare.
  • Developing “grand challenges,” competitions, and prizes to foster innovation.

The deadline for sharing such new ideas and activities is Sept. 21. Use this form.

“With support from patients, research participants, researchers, providers, and private sector innovators, we can make precision medicine a reality,” the blog post said.


August 25, 2015  2:01 PM

Finances, not codes, worry Texas physicians as they jump from ICD-9 to ICD-10

Posted by: adelvecchio
ICD-10, ICD-10 conversion, ICD-10 implementation, ICD-10 readiness

The increase in the amount codes is an often-discussed topic when healthcare professionals weigh in on the move from ICD-9 to ICD-10, but a new survey found that 30% of Texas physicians said they would retire prematurely if ICD-10 presents them with financial problems. That statistic reinforces that practices have the bottom lines on their minds as they prepare to implement ICD-10.

The Texas Medical Association polled state physicians to see where they stood in their ICD-10 preparations and found 83% of respondents — a group that included group practice owners, practice employees, hospital employees and solo physicians — expect to encounter denied or delayed medical claims during the ICD-10 transition.

That answer makes it clear that healthcare professionals are aware the passage from ICD-9 to ICD-10 will affect their practices’ finances. So what are they doing to prepare? Not much, according to one of the questions, which found that less than a third of physicians have done financial planning to brace for possible delayed or rejected ICD-10 claims.

Faulty claims could contribute to revenue cycle problems during the early stages of ICD-10 implementation, a problem for which most respondents don’t expect to seek governmental or outside aid. More than a third said they would use personal funds to support their practice if faced with cash flow problems as a result of ICD-10. Only 29% said they will seek commercial loans for their practice in that scenario.

Nearly a third (32%) are prepared to fire employees, cut their hours or reduce their benefits to free up some currency to properly transition from ICD-9 to ICD-10, while 17% would sell their practice instead of wrestling with ICD-10 budget issues.

The survey report separated some answers by age groups and the results showed that older healthcare professionals are more likely to leave their practice than their younger peers. More than 70% of respondents who said they’d retire early because of ICD-10-related financial troubles were aged 51 years or older. On the other hand, nearly half of those aged 50 and younger said they plan to renegotiate or end their plan contracts in the same situation.

August 20, 2015  1:51 PM

Survey: Data integration challenges costing healthcare agencies billions

Posted by: klee34

Due to system and integration challenges, many IT executives and program managers working with healthcare and other social service benefits — 44% to be exact — are unable to use all available data, which costs health and human services agencies dearly and has resulted in an estimated $342 billion loss per year.

Those were the results of a survey of 155 IT executives and program managers done by MeriTalk, a public-private partnership focused on government IT, in conjunction with MarkLogic, a software company.

The survey found that when it comes to eligibility and verification of healthcare beneficiaries, managers said their number one challenge is data integration.

IT executives and program managers from health and human services agencies report a range of issues for which current systems do not allow them to do the following:

  • Cross-check data with information stored in other departments (35%)
  • Examine historical data (35%)
  • Send data from the current system to a separate system (41%)
  • Cross-check data with information stored at other agencies (44%)
  • Run analysis to identify trends or anomalies (48%)
  • Cross-check data with non-government information (63%)

Furthermore, just 22% of all managers said their current system is “analytical” and even fewer — 16% — said their current system is “intuitive.”

“There’s two things that jump out at me. First, as a former fraud prosecutor, this list of capabilities should be virtually required for any program moving billions of dollars,” Bill Fox, vice president of life sciences at MarkLogic, said. “Without it, there are cracks a mile wide for fraudsters to just walk through, siphoning off money that should be going to people that really do need it.  Second is how high the ‘no or unsure’ numbers are. We’re not talking about being ‘almost there.’ These numbers are pretty close to 50/50. The fact that almost half the respondents say their systems lack these basic capabilities is an indication of [how] far the technology has fallen behind.”

These challenges lead to lack of timeliness and accuracy when it comes to delivering healthcare benefits as well as eligibility and verification issues, which the survey report said not only fails citizens but costs billions.

August 19, 2015  11:48 AM

Survey: 57% of docs are open to patient consults via telehealth

Posted by: ShaunSutner
telehealth, telemedicine

Doctors are getting hip to telehealth.

Well, at least that’s what a recent survey by American Well, the big telehealth vendor, found by gauging doctors’ willingness to use video to see patients.

The nationwide survey of 2,016 primary care physicians conducted with QuantiaMD, a social media network for doctors, found that 57% of practitioners are willing to conduct video visits with patients.

Some 12% were unwilling to do so, and 31% remained uncertain, according to the poll.

Respondents cited work-life balance, increased earning potential and improved medical results as reasons to use video to meet  with patients.

The “Telehealth Index: 2015 Physician Survey,” the full version of which is available here, found that 69% of physicians saw video as better than phone or email  for making accurate diagnoses on first consults.

“There’s a sea change going on within the physician community,” said Roy Schoenberg, MD, CEO of American Well, in a release. “Doctors see value in for their patients and also in managing their own work-life balance. We’ve seen weekly physician inquiries about practicing online triple in less than six months.”

According to the survey, doctors saw a lot of uses for video in addition to urgent care. Among docs willing to see patients over video link, 86% said they think video visits are appropriate for medication management and prescription renewals, 80% said video is appropriate for managing chronic conditions, and 70% said video was fine for behavioral health issues.

And lest traditional bricks and mortar-based docs see telemedicine as a threat to their livelihoods (as many apparently still do), the survey results suggested that healthcare systems may be able to boost referral revenue by adding peer telehealth consults to programs.

Asked about the issue on the survey, 60% of the respondents said if a nearby hospital gave them a chance to consult with specialists over video, it would increase their willingness to refer patients to that hospital.

Physicians’ preferences for such peer video consults were for these specialties: dermatology, psychiatry, pain management, and neurology.

August 18, 2015  1:26 PM

Providers see employees as causes of healthcare data breaches

Posted by: adelvecchio
data breach, HIPAA, HIPAA compliance, HIPAA data breach, Interoperability, ONC

Healthcare providers fear unseen enemies will compromise the safety of patients’ protected health information, but their biggest worry is something they can’t operate without: their employees.

More than three-quarters of respondents to a Scrypt, Inc. survey of 769 providers count human error as the biggest cause of healthcare data breaches, with hacking or data theft the only other threat that topped 50%. Stolen hardware and vendor error were cited as major areas of concern for 21% and 20% of respondents, respectively.

Nearly 70% of providers remain confident in their organization’s ability to remain HIPAA-compliant, despite the recent run of well-publicized data breaches. Only 10% responded that their HIPAA policies “definitely” changed in the wake of those breaches.

More than 80% of surveyed providers stated they use HIPAA-compliant software to avoid healthcare data breaches and corresponding fines. Nearly as many (77%) said they train staff members to keep in compliance with HIPAA. Less than half (42%) perform audits on users. Meetings with other employees is the most common way healthcare professionals stay up to date with HIPAA regulations and 73% said those meetings are used in conjunction with other HIPAA education methods.

The survey also polled providers for their opinions about if they expect the ONC to achieve its 10-year plan for nationwide healthcare interoperability. The results weren’t favorable for ONC, unless they use the results as motivation. More providers said they are “not at all confident” ONC will realize its interoperability vision in the next decade, compared to 17% that are “very confident.” Nearly half (46%) of respondents fell somewhere in the middle and offered they are “somewhat confident.”

ONC detailed its interoperability goals in a strategy document released earlier this year. By 2024, ONC hopes interoperable systems and products will give providers, patients and researchers and greater access to health information and let them play parts in improving patient care and lowering costs. Individual patients would be able to view their electronic health information and discuss it with a provider before proceeding with treatment, under the ONC’s plan.

August 13, 2015  1:18 PM

Healthcare analytics market expected to more than double in five years

Posted by: klee34

The expansion of the healthcare analytics market reflects the variety of available technologies that can meet organizations’ needs. Healthcare organizations are beginning to realize the value powerful analytics tools can offer; such as improving patient care, saving the healthcare organization money, and helping to manage risk.

The healthcare analytics market is currently valued at $5.8 billion, according to recent research. That number is expected to more than double to $18.7 billion and reach a compound annual growth rate of 26.5% by 2020.

According to the report, this growth in the healthcare analytics market is due to” the rise in pressure to curb the healthcare costs and provide quality care, rising initiatives for the adoption of EHRs, availability of big data in healthcare, growing awareness on the benefits of using analytics in healthcare, and increase in venture capital investments.”

Market growth will also be driven by federal healthcare mandates encouraging the adoption of health IT products to help curb rising healthcare costs, the report said. Not to mention the rise in technological advances, the increased availability of big data in healthcare and the benefits of the use of analytics in healthcare of which there are quite a few examples.

One example is how data analytics helped the statewide HIE in Maine predict –and lower –readmissions and ER visits. Another is how Nationwide Children’s Hospital in Columbus, Ohio, is using a software as a service data analytics platform paired with a custom algorithm to do population-scale genomics. However, while there are some healthcare organizations moving full-speed ahead with data analytics, there are some that have not started the adoption process yet.

August 12, 2015  3:47 PM

Live hacking an infusion pump

Posted by: ShaunSutner
health IT, medical devices

As the Internet of Things (IoT) penetrates healthcare at a fast clip, concern is mounting across the health IT world about the security vulnerabilities of connected devices such as hospital infusion pumps.

“White hat” hackers have already completed relatively easy attacks on IoT-enabled medical devices. A particularly chilling real-time attack on a morphine-delivering hospital pump, seen in this video, was performed by white hat hacker Graham Murphy at the BlackBerry Security Summit in New York on July 23.

Murphy, a security researcher for BlackBerry Ltd., the famous onetime smartphone leader that has in recent years morphed into an enterprise security company, and BlackBerry Chief Security Officer David Kleidermacher, showed a live audience quite clearly how it was done.

Of course, the pump wasn’t loaded with real morphine, but rather a dark liquid meant to represent the powerful painkiller, which can be fatal in large doses.

Murphy, standing next to the pump and a technician, and armed with a laptop, simply connected the laptop to the Ethernet port on the pump and located the device’s IP address.

Once inside the unencrypted device, Murphy quickly found its wireless login information password, meaning he could have been controlling the pump from elsewhere in the hypothetical healthcare system network.

He then just as quickly installed his own malware, took over the pump and upped the “morphine” dose. A lot of the dark liquid started dripping out, when before Murphy attacked, the machine was only delivering a drop.

“You kill[ed] the patient,” Kleidermacher exclaimed. “Not only can Graham affect the health of the patient connected to the pump, he now user his powerful computer to explore the rest of the care network and possibly take over other parts of the network and possibly affect the health of all of the patients in the hospital.”

As for Murphy, he said the device is so unprotected without encryption, authentication or even a secure password that the hacker’s work is easy.

“You find a way in, you poke around,” he said.

His laptop, he said, “becomes the attack system.”

The two BlackBerry employees emphasized they did the hack to educate the public about the vulnerability of IoT devices in healthcare and the importance of taking strong security measures, not to encourage hackers.

Most likely, malicious, criminal or state-sponsored hackers already know how to do it anyway.

August 11, 2015  10:25 AM

Flex-IT 2: Another crack at changing meaningful use reporting requirements

Posted by: adelvecchio
EHR incentive program, Flex-IT 2, Interoperability, Meaningful use, meaningful use attestation, meaningul use hardship exceptions

U.S. Rep. Renee Ellmers (R-N.C.) influenced some change in her previous attempt to make things simpler for providers trying to keep up with meaningful use reporting requirements. So she’s trying again.

H.R. 3309, the Further Flexibility in HIT Reporting and Advancing Interoperability Act — or Flex-IT 2 — introduced by Ellmers on July 30, consists of five principles aimed at altering parts of the meaningful use program, including stage 3. The bill follows up the Flexibility in Health IT Reporting (Flex-IT) Act, which Ellmers proposed in Sept. 2014 and reintroduced this January. Later in January, CMS announced the EHR reporting period for 2015 would be shortened from the full year to 90 days, matching a major provision of the first Flex-IT bill.

The following five measures are the foundation of the Flex-IT 2 bill proposal:

  • Delay meaningful use stage until 2017, unless 75% of physicians and hospitals attest to stage 2 or until Merit-based Incentive Payment System rules are finalized
  • Unify reporting requirements and remove overlapping criteria required under programs such as meaningful use, the Physician Quality Reporting System and Inpatient Quality Reporting
  • A 90-day meaningful use reporting period for each stage and year of the program
  • Promote more interoperability between EHR systems
  • Broaden the definition of meaningful use hardship exceptions

Citing a National Center for Health Statistics data brief from Jan. 2014, Ellmers said 19% of providers and 48% of hospitals have attested to meaningful use stage 2. In a statement, she interpreted those figures as “a clear sign that physicians, hospitals and healthcare providers are challenged in meeting CMS’ onerous requirements.” Ellmers hopes the proposed adjustments help more providers succeed in attesting to meaningful use and helps them avoid financial penalties for failing meaningful use audits. Ellmers also believes the bill, if passed, will help healthcare providers share information and allow them to focus more on patient care.

In a statement announcing the American Medical Association’s support of the bill, President Steven J. Stack, M.D., said if it’s passed, “federal regulations would be revised to provide greater flexibility for physicians to meet the meaningful use requirements.” The American Academy of Family Physicians and College of Healthcare Information Management Executives are also in favor of Flex-IT 2.

August 6, 2015  3:59 PM

You can find every ICD-10 code on Twitter

Posted by: klee34

Twitter is good for many things. If you’re like me, it’s good for getting your content out there and for connecting with experts in health IT. If you’re like @EveryICD10, it’s good for publishing every single ICD-10 code. And there are a lot of them. There are 68,000 ICD 10 codes designated just for documenting diagnoses (compare that to the 14,000 ICD-9 diagnosis codes).

But this hasn’t seemed to deter @EveryICD10 from being well on the way to posting every single ICD-10 code and description. The Twitter account started posting the codes and their descriptions on July 9 and has been going strong ever since.

I asked them how long they thought it would take them to get through all the codes:

ICD 10 kristen

To which they cleverly replied:


The Twitter account was created and is managed by MedData, a provider of medical billing services. When you click on the website link on their Twitter page, you are immediately taken to a MedData webpage offering services to help healthcare organizations prepare for ICD-10.

Many in healthcare IT have felt overwhelmed by the number of codes — with some surveys showing that many doctors aren’t ready — while advocates of ICD-10 think the granularity and specificity the codes provide will be beneficial.

The World Health Organization has copyrighted and owns the ICD-10 codes. It’ll be interesting to see if the WHO has any reaction to this Twitter account.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: