Electronic Health Records (EHR, EMR)
The prominent provider organization also has seen average physician response time dropping to 1 day for concurrent queries and 2 days for retrospective queries, which is key as the organization needs to turn these around quickly to ensure it doesn’t slow down final coding and ultimately cash.
With the new agreement, which names AWS as its preferred cloud provider, Cerner CEO Brent Shafer says the company will be able to develop more agile and scalable tools for its clients.
Codesain CEO Rachel De Sain says Australia's My Health Record provides more than 90% of the country's citizens with a national eHealth record that can help them improve their digital health journey.
The Blue Button API pilot, Data at the Point of Care, aims to connect clinicians with claims data, giving them deeper insights into their patients' care history.
A recent Ernst & Young (EY) report presents a framework for the efficient and ethical use of NHS data, which it describes as "a treasure trove of information detailing health, wellness, illness and the associated care pathways."
Companies have upped their games in recent years, bolstering their technical infrastructure and jumping through regulatory hoops to prove they have the wherewithal to handle PHI. Providers have taken notice, and are embracing the cloud in big ways.
Workforce Development
Finding the best care for a patient can be a constantly moving target. The number of stakeholders, the constant advance of new information and treatment options and the nuanced demands of different payers make for a maze of complexities to navigate.
In the field of oncology, for example, nobody but a specialist could be expected to keep up with the growing wealth of knowledge in the treatment of individual cancers.
Yet most patients are treated by general oncologists who may not be abreast of every best course of action for specific conditions. These practices might not know which treatments a patient could be pre-approved for, or which payers are most likely to compensate and for what.
As the practice of tailoring precision medicine plans for each patient takes hold, physicians are being asked to make more specific treatment decisions than ever before.
"You have labs, you have payers, you have providers and you have pharma – and they’re all interested in what the doctor is about to do with a patient," said Clynt Taylor, CEO of Intervention Insights, which makes a tool called Trapelo that helps streamline treatment and payment options.
Taylor says that giving an oncologist "an opportunity to see what they should be ordering based on the clinical scenario" empowers them to make the best decision for the patient.
Information is inspiration
"Most doctors have a good idea of what they want to do," said Taylor. "It’s information access that’s really holding up the process: ‘I didn’t know the lab could do that, I didn’t know these genes should be tested.’"
Effective deployment of an IT system that can gather all of this information and put it at an oncologist’s fingertips, integrated into their workflow, helps align the interests of everyone involved.
In precision medicine, every decision has to be tailored to the patient at hand. This requires significant knowledge about everything in a field where treatment options and knowledge about the disease are advancing rapidly. Doctors need to know their options in a way that relates to the patient and which a payer will approve.
"If I order a test, will I get a treatment option that is supported by clinical evidence?" said Taylor. "Or will I get treatment options I can’t use?"
Taylor notes that health plans "will pay if there’s evidence."
But that puts the onus on providers to have conversations with the payer at the beginning of the care process to build a case for a specific treatment regimen. Integrating payers into the treatment option plan helps form a more granular narrative of care.
"Payers not usually involved until the end of treatment selection process," said Taylor. "Docs go through the process, made treatment decisions, submitted to payer and the payer says ‘what’s going on?’ Involving them earlier in the process avoids the situation where payer prior authorization is a holdup."
Having a picture at the onset of care of how to proceed and the likely outcomes enables a much better relationship with the payer and delivers the most effective care possible for an individual.
Deep insights have been helping physicians predict the best treatment course in a number of fields; tying the process to the payer conversation makes for a more streamlined transition from treatment to payment.
Taylor notes that as more data is amassed about precision health, the more seamless the whole process will become.
"The more we can streamline communications through automation, the faster a decision can be made," he said.
Benjamin Harris is a Maine-based freelance writer and former new media producer for HIMSS Media.
Twitter: @BenzoHarris.
The NHS.UK platform empowers patients by providing, among various functions, an apps library that includes an app that allows users to access their own records, says James Hawkins, director of strategy at NHS Digital.
SPONSORED
According to the CBSi B2B Cybersecurity Study, Asia Pacific 2018, one of the biggest challenges faced by an organisation’s cybersecurity framework is aligning cybersecurity with business priorities. Jega Ponnudurai, Industry General Manager, Healthcare & Life Sciences, Asia, DXC Technology, recommended that healthcare organisations tackle this challenge by linking the costs and benefits of cybersecurity to the value of regulatory compliance.
This is especially critical for certain segments which are more linked to patient safety and patient data confidentiality and calls for more investment on security frameworks within application parameters. These segments include clinical documentation, pharmacy and medication management, tests and investigations and critical care support systems. Ponnudurai, who has more than 25 years of experience in the telecommunication and healthcare industries, shares his insights on the cybersecurity threat and risk landscape in Asia Pacific.
Most common cybersecurity threats/risks to healthcare organisations in APAC
Specific to healthcare organisations, issues like Electronic Medical Record (EMR) data leakage, especially sensitive operational (like billing disputes, patient dissatisfaction) and clinical (like sensitive diseases HIV/STD etc.) data with the purpose to malign private/public health settings or get hold of VIP patient data are some of the cybersecurity threats/risks these organisations face. However, Ponnudurai explained that they had not come across cases where a security threat on data leakage has ended in ransom demand but it could happen.
Network and workplace-related security threats are no different from those of other industries – these include ransomware, endpoint attacks, phishing and many others.
Key lessons from a series of healthcare-related data breaches/leaks in Singapore
Some of the key lessons learnt are the importance of having security, not only from the outside but also from within an organisation. There is also a need for independent cybersecurity auditors to be put in place and such audits to be carried out more frequently.
“Internet separation models and the design of data security zones is becoming more and more pertinent in terms of de-risking data in rest,” said Ponnudurai. There also needs to be a diligent scoping of cloud data assets and for cross-application landscapes, data security/accessibility should be governed/designed by information area at a corporate level, not at an individual application level.
From within an organisation, human (contractor or internal employee) inflicted local threats needs to be closely controlled and monitored.
Blind spots in the management of cybersecurity threats/risks
One of the areas/aspects that is usually overlooked by healthcare organisations in the management of cybersecurity threats/risks is application security in clinical applications. Most large healthcare organisations have a mesh of clinical and operational systems – Patient Administrative System (PAS), EMR, Finance, Billing, Ancillary systems for pharmacies/laboratories, Radiology Information System (RIS)/ Picture Archive and Communication System (PACS) etc. Often these systems need to exchange information – and security breaches are potent in a) data in motion, such as interfaces and message queues and more importantly b) context switching, such as accessing an application logic/data/screen from another application.
“A robust Development, Security and Operations (DevSecOps) Strategy should be imbibed early in the life-cycle for health application design,” Ponnudurai added.
Managing increased cybersecurity threats with reduced budgets and lack of trained experts
Chief Information Security Officers (CISOs) or Chief Information Officers (CIOs) are constrained by reduced budgets and lack of trained professionals to deal with the ever-increasing cybersecurity threats and incidents and Ponnudurai’s suggestion to tackle the issue is to study the impact of cybersecurity breaches, both from a financial and personal trauma (for the impacted parties) perspective. The concern of most healthcare providers about cybersecurity has resulted in their hesitation to venture into cloud-based services. This, in turn has a direct cost impact in the running of a healthcare service provider.
Increasingly, cloud adoption should be backed up by cyber defense and orchestration strategies including intelligent security operations and continuous threat monitoring using a leveraged Security Operations Centre (SOC) model which reduces upfront capital expenditure (CapEx). This provides best-of-class protection at a spread out cash-flow, he concluded.
For more information on DXC's security services and solutions, visit their website here.
