November 20, 2011 9:52 PM
Posted by: RedaChouffani
, Data privacy and security
, HHS OCR
, HIPAA audits
, Office of Civil Rights
The Department of Health and Human Services and the Office for Civil Righs (OCR) announced that they will begin the process of auditing covered entities and their business associates to ensure their compliance with HIPAA Privacy and Security Rules and Breach Notification standards. The audits will initially begin as part of a pilot program starting with 150 covered entities from November 2011 through December 2012.
The current outline of the published audit details is as follows according to the HHS web site:
The privacy and security performance audit process will include generally familiar audit mechanisms. Entities selected for an audit will be informed by OCR of their selection and asked to provide documentation of their privacy and security compliance efforts. In this pilot phase, every audit will include a site visit and result in an audit report. During site visits, auditors will interview key personnel and observe processes and operations to help determine compliance. Following the site visit, auditors will develop and share with the entity a draft report; audit reports generally describe how the audit was conducted, what the findings were and what actions the covered entity is taking in response to those findings. Prior to finalizing the report, the covered entity will have the opportunity to discuss concerns and describe corrective actions implemented to address concerns identified. The final report submitted to OCR will incorporate the steps the entity has taken to resolve any compliance issues identified by the audit, as well as describe any best practices of the entity.
The group responsible for the audits is KPMG, who was awarded the contract for the amount of just under 9 million dollars.This group has previously been involved in audits for the IRS and other federal entities.While the audit outcomes will not be made public, the audited entities will receive a written report with the findings.
These audits seem to provide a hint in which HHS may be more serious about enforcing HIPAA processes than ever before.This is also yet another reminder that HIPAA compliance should continue to be a top priority for health care organizations and a topic that should definitely be included in enterprise level planning for 2012 and beyond.
November 20, 2011 9:33 PM
Posted by: RedaChouffani
, cloud computing
, Infrastructure as a service
, Virtualization and cloud computing
In the past year, it has been hard not to notice the significant growth of the healthcare industry. Technology adoption is on the rise, and providers are investing in new, updated facilities, ones that have innovative technological capabilities and advancements built right in. And as these groups continue to grow in scale and scope, so does their computing and storage needs.
The growth in infrastructure has also pushed for growth in IT staff as well. However, as we look ahead, we are seeing several trends pointing to a shift from local, in-house hardware and software to cloud-based, or even infrastructure as a service (IaaS).
IaaS is the model in which a health care organization can partner with a vendor that provides IT services virtually, via the cloud.These services offer the ability for a health care organization to host all of its applications for a reoccurring fee.In this model, organizations are somewhat are “leasing” the hardware.Prices for these services are continuing to drop due to the increasing competition and declining cost of hardware, and this provides a great opportunity for many to jump in and adopt health care technology, fully or partially, via the cloud services.
Some of the advantages of IaaS, which adds the support layer to the hardware piece, is cost efficiency, scalable as well as flexible.It is allowing the organization to implement a strategy for IT that will focus on the core business and ensuring compliance instead of the day-to-day hardware headaches.
CIOs have the ability through partnerships with IaaS vendors that will combines services (support) and cloud based computing capabilities (business application hosting, databases, emails, files, content management etc..).Several of the advantages can be summarized as:
·Scalability of the infrastructure
·Less upfront costs associated with equipment
·Reduction and control of operating costs
·CIO andIT executivescan focus on aligning technology with core objectives
·Shared risks with partner
There are many changes happening in technology that will affect CIOs and health organizations in general. CIO’s are tasks with ensuring that their tactical and strategic plans are providing values such as: improving patient, reducing costs and increasing efficiency.
November 13, 2011 11:57 PM
Posted by: RedaChouffani
, Data management and standards
, EHR adoption
, Electronic health records
, Health information exchange
During a recent discussion with a hospitalist, I was asked to explain why health care as an industry is still not at a place where providers can readily receive a patient’s health information electronically whenever they need it. While the value of EHRs is seemingly undeniable — for patients, providers and payers alike, as they will help to reduce costs and improve on care — we are still many years away from complete connectivity. And as we look around for clues from other industries who have been able to provide access to consumer data securely, anywhere and at anytime (example: financial services ), one begins to wonder: why aren’t we able to do the same in health care?
Over the past few years, there has been plenty of discussion around health information exchange (HIE), Regional Health Information Organizations (RHIOs), and other forms of exchanges for patient electronic information. But unfortunately, these organizations and networks have not been as widely implemented as they should. There are of course several different reasons for this, and the following is a list that outlines just some of those:
1. Lack of exchange standards: In order for different EHR systems to easily talk to one other, they must agree on a standard through which the data will be transmitted and mean the same thing to everyone, regardless of the application. This meant that for many physicians who are already using an EHR system, the format in which the data is exchanged must be standardized. So lacking a unified standard for many of the EHR packages has been one of the leading challenges for many to have the ability to exchange the information without significant conversion and interfacing costs.
2. Lack of statewide exchange networks: There are currently several HIE initiatives within different states, but unfortunately, only few states have implemented and adopted an exchange platform statewide. For these states, their physicians who are using an EHR package have the ability to connect to through their software and exchange patient medical information. Those who don’t are currently out of luck.
3. Slow EHR adoption rates: While some physicians may be using electronic medical records already or have been for years, others are still on paper charts and miles away. Even though paper based documents can be digitized through scanners and sent via faxes/secure email, they still cannot be exchanged or sent as structured data or be utilized for clinical data analytics.
4. Cost and capital investment: In order to establish connectivity and the exchange of information, an organization must ensure that they are using a system that supports the standard exchanges. But this requires setup, membership with HIEs and additional costs associated with interfaces and connectivity requirements. In some cases additional upgrade maybe required from the EHR vendor.
5. Active exchange of information is not a mandate: Currently exchanging information is notmandated for every patient record. However, there has been a push to adopt exchange of clinical information through the meaningful use stage 1 requirement. “Measure 15: Capability to exchange key clinical information among providers of care and patient authorized entities electronically”.
It is without a doubt the electronic exchange of health information will reduce health care costs by eliminating unnecessary labs and tests, and will also improve patient care by providing detailed and up to date information on active medications, allergies and medical history. But in order to increase the adoption rate and see physicians actively using their systems, many of the challenges listed above must be eliminated. Fortunately, as more and more physicians begin to consider membership in ACOs, the collaboration on patient care will most likely push the demand for HIEs and help advance EHR adoption in the industry.
November 13, 2011 11:55 PM
Posted by: RedaChouffani
Consumer Health IT Summit
, Data management and data standards
, Kathleen Sebelius
, Lab results
, Protected Health Information
On November 12, 2011, HHS Secretary Kathleen Sebelius announced the proposal of new rules that enable patients to gain access to their lab test results electronically and securely, providing a direct link to protected health information (PHI) for both patients and their personal representatives. The announcement was made during the HHS Consumer Health IT Summit. Sebelius noted:
“When it comes to health care, information is power. When patients have their lab results, they are more likely to ask the right questions, make better decisions and receive better care,” said Secretary Sebelius. This Summit offers a unique opportunity for the public and private sectors alike to share strategies to improve consumer access to their health information, while safeguarding the privacy and security of their data.
During the Summit, Secretary Sebelius also announced the push for a standardized PHR template for vendor disclosures, specifically in regards to their privacy and security policies and practices. This would help consumers compare the different vendors according to a standardized format.
According to HHS, the focus of the Summit was to identify all the positive aspects of using health care technology to enable higher quality care, improved outcomes and overall decreased system costs. The Summit also discussed the value of pushing for the use of technology to help improve care while still ensuring the safeguard and protection of patients’ health records and PHI.
November 6, 2011 10:02 PM
Posted by: RedaChouffani
, Technology investments
As many often wonder, how can we acurately determine the ROI of tools and technology in health care? Ultimately, the ROI is highest whenever the focus is not on the technology itself, but instead on how it is going to improve care, efficiencies and workflows throughout the system.
Technology must be looked at as an investment, and one must ensure that its impact can be measured. There are several steps that can be taken to ensure that technology is implemented properly so it can positively impact the health organization at all of its different branches. The following is a list of items that must been considered as part of selecting and implementing technologies:
·Involve the different departments when evaluating and discussing technology design and implementation strategies
·Collect data to measure the outcome of the implemented technology
·Select and design technology around the people who utilize and benefit from it, such as patients and staff to help streamline their workflows and processes
·Implement what is needed, and not all the bells and whistles that may not have a direct impact
·Innovate when no third party products are available through custom development, when/if possible
·Evaluate all the positives and negatives of implementing potential solutions
·Invest resources to review existing processes prior to evaluating any new technology or vendor
As technology continues to improve and new products continue to hit the shelves, selecting the appropriate solution becomes a bigger challenge. And with shrinking budgets and the constant threat of another recession, the need for the right technology becomes even more critical, and having tangible and measurable returns will continue to be the key component of evaluating the success of the selection and implementation decisions that are made.
November 6, 2011 10:00 PM
Posted by: RedaChouffani
Clinical decision support
, High tech hospital
, Hospital of the future
, mobile health
, Real-time health monitoring
, Remote patient monitoring
, Systems integration
In October of 2011, Microsoft released a video on YouTube outlining what it envisions technology and productivity will be like in the future. And the message was clear: for individuals on the go, at home or at work, getting things done will be streamlined and much more efficient as innovation continues to develop.
I admit that while I watched the video, I kept wondering when some of these products would be available, and how they would be utilized, in a health care setting. When we think about what technologies would or could significantly improve productivity and care delivery in the industry, there are several items that I envision as being a part of the high tech hospital of the future:
Kiosks armed with Artificial Intelligence (AI):
For most health organizations, capturing registration information, medical history and other patient data is a critical step to providing better their care and ensure accurate reimbursements. This is one of the reasons organizations have been looking at adopting Kiosks in order to help capture the information quickly. But in order for kiosks to receive wider adoption and provide significant value to its users and owners, they will have to provide more advanced functionality, such as:
Voice recognition to capture information and process it into discrete data and load it into the EHR system or registration.
Connectivity to HIE and PHRs to enable the patients to download all their health information including medication list, problem list, digital images and more.
Ability to assist the patients through out the registration process and questions they may have.
Facial recognition to detect if the patient is an existing patient, notify them of account balances, and allows them to automatically check-in.
Application real-time interactive feedback:
For many health organizations, there are numerous regulatory compliance requirements and rules to which all staff must adhere. There are also processes and workflows that are specific to each job role. For some, it is still resource intensive to monitor and assist everyone during all the aspects of their daily work.
But what if the applications that are being used, regardless of the department, had the ability to provide feedback and corrective actions on activities based on predetermined workflows and best practices? This would not only help managers and supervisors measuring their staff, but would also provide them with custom tailored training and coaching.
One of the key pieces to ensuring that the technology of the future will help maximize productivity in a health care environment will be clinical systems integration. While there are currently several great examples of system integration in hospitals, we will most likely see tighter integrations across larger hospital systems and IDNs. The ideal case for the future would be that every physician wouold have the ability to (with prior patient consent) view all health information for a patient regardless of the source, place of service, format and date of service for that patient.
For the most part, organizations are spending time looking at and analyzing a multitude of data sets to help them during their decision-making process. But until recent years, data has been spread across several legacy systems and required long periods of time to analyze and process. Fortunately, there have been an increasing number of business intelligence tools that not only provide improved platform to consolidate data but also these tools provide access to data quicker than ever. This gives everyone, from executives to department heads, with real-time feedback.
Another area that will increase productivity and be part of the future health organization is the elimination of paper-based workflows. Paperless departments, from clinical to administrative and billing, will become fully electronic and gain improved efficiency.
Evidence based feedback:
In the clinical settings, one significant aspect of tomorrow’s technology will be evidence based medicine and smart systems that provide feedback to physicians at point of care. While there are systems available today, the system of the future will be connected to research centers, HIEs, and registries throughout the globe. This would assist physicians gain access to information in regards to new treatments and research data.
Real-time health monitoring:
As more mobile medical devices are introduced to the marketplace and more patients use them to monitor their conditions, the future will likely bring us more advanced devices that capture more health information from our bodies, and are able to provide biofeedback. This information would be immediately available to care providers, analyzed in real-time. Devices will then be able to notify us of critical alerts as well as able to schedule an appointment with our primary care physicians.
I think this video really does make it obvious that technology is moving fast, and we must accept that what may seem to be too futuristic and out of this world, may just be what is coming down the pike. And while some of the items above may already be implemented to some extent, there are still several innovations that are coming our way in health care that are sure to change the way we interact with devices, patients and each other.
October 30, 2011 9:40 PM
Posted by: RedaChouffani
, iOS 5
, mHealth integration
With the release of the iPhone 4S and the deployment of the new Siri application as part of iOS 5, it is clear that the new voice assistant will ultimately find a place in the health care industry. The only question that remains is, “in what capacity?”
This scarily accurate functionality is currently being offered as part of the new iPhone and all future iPhone versions using Natural Language Processing (NLP) in the back end to process voice commands and identify what the user is really asking for. And based on the spoken commands or requests, the system then identifies the appropriate response or action to fulfill. In the past week or so, I have been experimenting with the new SIRI — or as I call her, “Melissa,” my new virtual assistant — and within a day or so of using this technology, it was very clear to me that it would be here to stay. The genius of the technology is not in the technical capabilities, though, as it has already been proven and implemented elsewhere previously. The innovation here is the how NLP is so well integrated with the different components of the device, and how well it can interact with all of them and act as a communication liaison.
Without a doubt, the majority of physicians will soon be utilizing a virtual assistant with vocal command functionality to help them with many of the tasks that currently require too many clicks — as in the kinds that one typically performs within an EHR or other like health care application.The differentiating benefit of the virtual medical assistant is that it is interactive, and in the future, this will allow physicians to request charts, view lab results, see prescription lists, schedule appointments, request best available treatments, identify the closest clinical trials clinics for a patient condition and even provide feedback on a given treatment plan.
Clearly there are many advantageous uses of the technology that can lead to tangible cost savings — not only by increasing efficiencies, but also by bringing system integration to a whole new level. Let’s take few of the use cases in which a computerized assistant with medical intelligence, or “CAMI”, can be used:
1.CAMI basic selects and lookups:
“CAMI, pull the patient John Doe’s medical chart and get me the last patient summary.”
In this use case, the system will be able to identify if there is an accurate match for the patient name John Doe, and if there are multiple matches returned, then CAMI will notify the physician to provide further identifiers in order to narrow down the selection. Fortunately, this querying capability has been available in different platforms such as C-Phrase and has become very advanced. This means that health care systems can perform very complex look-ups against databases using NLP.
2.CAMI basic actions:
“CAMI, please schedule this patient for a follow up appointment in two weeks for a check up.”
“Also CAMI, prescribe for John Doe Metoprolol 25 mg 1 tablet twice daily, and Plavix 75 mg 1 tablet daily”.
In this scenario, the system pulls the schedule, sets up a follow up appointment on the physician’s schedule and sends the patient the appointment details as well.
For the second step, CAMI will start the e-prescribing session. The system will first use a national medication database to lookup the drug names and ensure that what was requested is in fact available, and to ensure that the prescribed drug does not have any adverse affects due to drug/drug interactions with any existing medications that the patient might be on.
3.CAMI scheduling coordinator:
“CAMI, when is my next surgery, and how long would it take for me to get there from here?”
For a surgeon who is seeing patients in multiple locations (ASCs, hospitals, physicians offices), having access to the patient list and daily schedule is critical. But what makes the use of CAMI even more valuable is the fact it is interactive, and can be used to alert a physician when the next appointment is. Not only that, but if the physician is offsite or having lunch far away from where their next patient appointment is, then the system will notify them if the travel time so they won’t miss their appointment.
4. CAMI and communications:
“CAMI, please let nurse Kimberly know that we are ready for the patient to get x-rays right away”.
For this case the system will be simply be used to communicate quickly with coworkers via emails, SMS, or through the EHR system.
5. CAMI and correspondence:
CAMI, please dictate the following message and send along side with John Doe’s post Op notes to his referring physicians.”
In this example, the system will transcribe the physician’s intended letter, gather some of the patient’s health record information and send it via the preferred method (eFaxing, or secure email) to the referring physicians.
6. CAMI Integrations:
“CAMI, please get me the latest X-rays for John Doe.”
In this case, the system will need to interact with a digital imaging viewer and PACS server. It will be able to send DICOM file requests and display them appropriately for the physicians on their smart device.
As we explore the possibilities of using NLP and virtual assistants in health care, we must note that there have been steps moving toward using this powerful technology in the health care field for a while now. Recently we saw how WellPoint adopted Watson, the super computer, from IBM. The intent here is similar, in that the application combines data from patient electronic charts, hospital notes, WellPoint’s history of medicines and treatments and Watson’s incredible library of textbooks and medical journals to help recommend the appropriate treatment for the patient.
In reality, in order to get the capabilities needed to accomplish a successfully CAMI (who is SIRI’s cousin who went to medical school), the solution would need to be customized and configured specifically for each health system. It will have to allow the organization to implement their specific workflows and processes as part of the intelligence of this application.
October 30, 2011 9:38 PM
Posted by: RedaChouffani
, EHR liability
, Electronic health records
, HR 3239
In October 2011, US Rep.Thomas Marino introduced legislation that will offer limited legal protection to eligible physicians who use EHRs for Medicare and Medicaid beneficiaries.
HR 3239, the bill in question, would create a system in which physicians can report errors that were caused when using an EHR. This is also intended to provide new incentives for physicians who are dissatisfied with the current reimbursements of MCR/MCD.
“Many providers are reluctant to use electronic records because they believe the practice will make them more vulnerable to unnecessary legal action,” Marino said. “Every time a doctor or hospital chooses not to participate because of these fears, our seniors lose another provider. This protects access for seniors in the Medicare and Medicaid programs.”
Lawsuits and legal matters do pose a major concern physicians, and in the case of using an EHR’s there are far more positives than negatives. The bill proposed does not require financial commitment from the federal government or local states.
October 23, 2011 9:12 PM
Posted by: RedaChouffani
, mobile apps
In June of 2011, I wrote an article about how visualization will be right around the corner for mobile devices and will most likely change the way we view business mobile apps. In my article, I discussed the top 10 reasons why this would be an incredibly valuable technology to have in IT departments in health care and available to enterprise mobile users.
Fortunately, we did not have to wait too long. On Oct. 19, 2011, VMWare announced that it has partnered with Verizon Wireless to develop smartphones with dual personalities, basically developing a product suite with an Android platform that will enable a user to use their personal smartphone as their work phone. These devices will enable enterprises to efficiently manage the content of work phone “profiles” without mandate on user’s personal phone specific corporate requirements.
This simple yet powerful functionality will allow IT departments across enterprises, including health care, to securely provision and deactivate some of the application and configurations that are unique to the enterprise over the air.
This also provides a great security advantage for enterprises. The work profile or work phone is completely hosted in a central data repository, and therefore nothing is stored directly on the device itself. For health care providers and hospital CIOs, this is a significant improvement on securing and controlling access to health related apps and data. By centralizing the data and securing it, lost devices would not pose a data breach, as they do not contain actual data on them.
This is a very significant technology for the health care industry, recognizing that many physicians and HIT professionals are using iPhone or iOS based devices. We still need to see what are VMWare’s plans are for the iPhones and iPads, as Android based smartphones and tablets will be the first to receive a significant boost from this technology.
And as this is VMWare’s first product to have a major role in the mobile area, there is no doubt that there may be additional innovations coming down the road, ones which will allow for apps to run on devices across multiple platforms. Similar to the existing product called ThinApp, where you can run any application on any platform without its installation (the application runs on a central server or data center), this is another possibility that we may end up seeing in the mobile world from VMWare. Mobile ThinApp!