Skip to main content

Government & Policy

By HIMSS TV | 10:59 am | October 24, 2018
ONC’s Senior Innovation Strategist Stephen Konya discusses the Health and Human Services road show visiting American cities to give digital health upstarts and entrepreneurs better access to federal agencies. The next HHS Startup Day is slated for Nov. 8, 2018 in Cleveland.
Cybersecurity
By Jessica Davis | 07:16 pm | October 17, 2018
While the two federal agencies have worked together on vulnerability disclosures in the past, a new memorandum of agreement will improve coordination.
Electronic Health Records
By Mike Miliard | 12:34 pm | October 17, 2018
The cooperative aims to bring stakeholders together to find new and pragmatic approaches to data sharing, and come up with ways to combat information blocking.
Privacy & Security
By Jessica Davis | 05:56 pm | October 12, 2018
The Food and Drug Administration issued a cybersecurity alert on two Medtronic devices that could allow a hacker to hijack the software update process to change the device’s function. Medtronic disabled the online software update to eliminate the flaw. IMPACT Following a review of potential security vulnerabilities around the internet connection, the FDA found 34,000 CareLink cardiac implantable electronic devices are at risk. If exploited, a hacker could change the programmer’s functionality or the device itself during the implantation or follow-up visits. The flaw is found in the internet connection between the CareLink 2090 and Encore 29901 Programmers, used for downloading software from Medtronic’s Software Distribution Network. The programmers are used by providers to adjust the cardiac device settings and collect locally stored data. While software updates typically include new software for the programmer functionality and updates to the implanted device firmware through a virtual private network, the programmers don’t verify they’re still connect to the VPN before downloading the updates. As a result, attempting to update the program through the internet connection will result in an error message. Medtronic updated its network, which was approved by the FDA on Oct. 5. The fix will intentionally block the currently existing programmer from accessing the Medtronic SDN. The vendor is continuing to implement security updates to further address the flaw. The FDA recommends providers continue to use the programmers, as network connectivity isn’t required for normal CIEF programming. Further, providers should not attempt to update the programmer through the SDN, which is no longer available. Future updates are currently only available through Medtronic with a USB update. THE TREND Medical device vulnerabilities are well-known, and vulnerability reporting by vendors have increased 400 percent per quarter since the FDA released its cybersecurity guidance in 2016. However, the increase in FDA alerts is meant to further improve cybersecurity, rather than to shame the vendor. Medtronic has reported several vulnerabilities in recent years, as has Philips, Abbott and a host of others. .jumbotron{ background-image: url("http://www.healthcareitnews.com/sites/default/files/u2231/cybersecurity-jumbotron-712.jpg"); background-size: cover; color: white; } .jumbotron h2{ color: white; } Focus on Cybersecurity In October, we take a deep dive into security strategy and pressing threats. Twitter: @JF_Davis_ Email the writer: jessica.davis@himssmedia.com
Patient Engagement
By Tom Sullivan | 11:49 am | October 12, 2018
Technology was critical but so, too, were the personal and patient-centric stories shared on Twitter this week.
By Jessica Davis | 11:33 am | October 12, 2018
The two nonprofit health IT groups hope to strengthen public-private partnerships and advance policy, starting by collaborating on the next Health Datapalooza.
By Tom Sullivan | 10:20 am | October 12, 2018
The U.S. Department of Health and Human Services is working with Healthbox, a HIMSS innovation company, to reach out to investors and better understand the barriers to innovation. WHY IT MATTERS "This is going to be the first time we formally engage the investment community," HHS Deputy Secretary Eric Hargan told Healthcare IT News. "We work with providers, payers, pharma, medical device companies all the time – but we never talk to the people who are funding those to understand their challenges." HHS aims to change that with a series of events, dubbed Deputy Secretary's Innovation and Investment Summit, which was first announced in mid-September to bring together federal officials with investors and innovators. "What we're trying to do is open the doors at HHS regarding investment in innovation," Hargan said. "We see the investment community as important to innovation within the sector and that is going to be a major way we solve the bedrock mission of the department to promote the health and wellbeing of American people." Healthbox President Neil Patel said the summits will convene the perspectives across all of healthcare and Healthbox's role will be to bring its innovation expertise. "One of the challenges will be figuring out what we can feasibly tackle," Patel said. THE BIGGER TREND Considerable innovation is happening in healthcare, with an explosion of apps and data on the horizon. But even more is needed in areas such as HIE, interoperability, patient experience and telehealth, for instance – and by many accounts the industry must move faster, because things are something of a mess today. WHAT TO EXPECT FROM HHS DSIIS will consist of quarterly meetings designed to foster innovation in digital health, life sciences, medical devices, IT and payment systems. At those events, federal officials intend to listen to investors and innovators to ideally gain an understanding of which policies and regulations are getting in the way of funding for emerging technologies. The idea is to find places where HHS has put up barriers that are troublesome and unnecessary, as well as "to make our policies more rational, get rid of duplicative and contradictory policies and to help HHS develop policies and regulations that facilitate investment in the healthcare sector." HHS anticipates a yearlong process to get this from beginning to end, starting in December 2018, Hargan said. The department might be able to move on some ideas quickly, while for others, particularly those requiring legislative changes, it's harder to determine how long that could take. "Right now we're approaching this in an open way because the interaction has not happened so we have to look at it from a 30,000-foot level," Hargan said. "We've never engaged in a process like this, but I think there's probably fertile ground." HOW TO APPLY Investors interested in participating can apply until midnight Friday, October 12, 2018. They should send an email to DeputySecretary@HHS.gov with the subject line "DSIIS Recommendation." The department is also looking for subject matter experts, so send suggestions to the same email address with the subject line "Topic and Subject Matter Expert Recommendation." Twitter: SullyHIT Email the writer: tom.sullivan@himssmedia.com
Mobile Health IT
By HIMSS TV | 03:49 pm | October 10, 2018
Bettina Experton, MD, and CEO of Humetrix, talks about the history of CMS’s Blue Button project and how 53 million Americans covered by Medicare will now have access to their data through an API to ensure patient safety and interoperability.
IT Infrastructure
By Tom Sullivan | 10:59 am | October 09, 2018
For National Health IT Week 2018, HIMSS Analytics delivered new research exploring some key trends, looking closely at established software infrastructure and emerging technologies alike. "What we're seeing as far as a state of the market is acceleration beyond the EMR," said Blain Newton, executive vice president of HIMSS Analytics. "We're seeing it manifest in a few different ways." Those post-EHR technologies and trends include blockchain, cloud computing, security, precision medicine, supply chain, telehealth and, of course, network infrastructure. Electronic health records. EHRs are a key piece of the health IT infrastructure and the market segment is very mature with near universal adoption, according to HIMSS Analytics data – but only 2 percent of hospitals have a single vendor enterprise EHR. Instead, the average system has 15 vendors across its affiliates — making the next issue a complex mess. "We're seeing migration past the EMR as a foundation as well as retrofitting how we create scale and secure infrastructure," Newton said. Interoperability. With mega-mergers such as Dignity and CHI and CVS Health and Aetna – as well as Amazon's partnership with JPMorgan Chase and Berkshire Hathaway – significant challenges are arising amid the hodgepodge of EHR vendors. "Creating a secure environment where interoperability can happen is not a challenge of desire," said Newton. "It's very technical." Telehealth. Whereas the U.S. has surpassed a 50 percent adoption rate for telehealth capabilities, the average hospital has upwards of five different products installed, meaning it has yet to widely reach enterprise-level deployments. The surprise HIMSS Analytics found in its data is that the highest adoption levels for telemedicine tools are among non-profit hospitals with 100 beds or fewer. "For a technology that the ROI is not yet entirely clear, you're seeing nonprofits with a very significant lead in adoption, presumably to reach out to rural populations," said Newton. "Either way, it's an unexpected view, we thought it would be large hospitals." When asked whether they plan to invest in telehealth in the next two years, 27 percent said yes, 18 percent said no and 55 percent said they weren't sure. Precision medicine. In contrast to EHRs' near-ubiquity and telehealth on the rise, precision medicine adoption today is limited. The top three reasons are a lack of funds, technologies, and the clinical expertise necessary to undertake such programs. That said, 45 percent of respondents to HIMSS Analytics research said they plan to expand precision medicine work, while 23 percent do not and 32 percent are unsure. Security. This should come as no surprise, but Newton said that "healthcare is absolutely a target," for nefarious attacks as 29 percent of breaches last year hit healthcare, a higher rate than any other industry. "Twelve percent of hospitals do not have basic IT security systems," Newton said. "That's a bit frightening because whether you're the Mayo Clinic or a rural provider in South Dakota, you're a target." Protecting health data is one of the reasons more hospitals are looking to the cloud. But it's not the only one. Cloud computing. Sixty-five percent of hospitals currently use cloud services in some capacity, and Newton said that it's expected the majority of EMRs will be cloud-based by 2020. Among the reasons healthcare organizations move to the cloud: 37 percent said it's for disaster recovery, while 25 percent said the cloud lowers current IT maintenance costs, another 25 percent answered that it'd sue to a lack of on-site IT staff or expertise and 13 percent do so to meet the need for a scalable always-on app or service. "There's a significant component just looking at baseline IT costs, regardless of the motivator, the cloud is coming, on-premise is a thing of the past," he said. "It has really shifted wholesale here because of efficiencies and levels of service. I would expect this to continue increasing."  Blockchain. Blockchain is still in the hype stage, to be certain, though it also appears that some early days type of activities are happening with 50 percent of health org's either investigating or building a business case around Blockchain, and doing so with plans to run a proof of concept in the next 24 months. But payers, pharma and tech vendors are moving more quickly than healthcare providers, which may be hanging back to let the others figure it out first. Non-providers, in fact, are twice as likely as providers to conduct a proof of concept or pilot in the next two years. Patient-generated health data. This was another surprising finding. "Organization said they are at least moderately prepared for consumer-generated data," said Newton. While more than 80 percent of patients are already expecting to see data in their record, in fact, 67 percent of hospitals are looking to invest. Just don't expect it to happen quickly. "When we talk to CIOs, they flat out said this is an issue of data governance," he explained. "We don't believe we have adequate governance in place to manage consumer generated data." Supply chain. Acknowledging that a better name for supply chain in this context might be utilization management and resource stewardship, Newton described it as "one of the biggest things we see happening." Four of the top 10 predictive technologies are supply chain management related and hospitals should proactively invest in clinical infrastructure for tools that alert clinicians to risk or enable traceability that helps determine which products or people are safest and most cost-effective, as well as technology to enable learning systems. "I see this as becoming something significant over the next 18 months or so and becoming much more enterprise focused as folks look to drive down costs and improve care," he added. "We see this as a powerful new capability that organizations are looking to go after." What it all means Broadly speaking, the state of HIT today is a digitized system now in place and a renewed investment in infrastructure to harness that and drive emerging trends such as predictive analytics, patient engagement and population health on the road to value-based care.   Some of it is being done on the EHR foundation while other work is more about retrofitting older technologies to create secure infrastructure scale that accordingly.   "People are looking up and saying the infrastructure we put in place 10 years ago isn't robust enough today," Newton said. "It's a mix of true innovation and securing things built to support a tech stack from a few years ago." Twitter: @SullyHIT Email the writer: tom.sullivan@himssmedia.com