Quality and Safety
More than three-dozen HEDIS measures have been adjusted to reflect new telemedicine services in response to COVID-19 and better align with the realities of virtual care delivery.
Security
Big transitions can present an opportunity to enact security improvements, but they can also make a complicated process even more complex.
Over the past decade, workloads and data have moved increasingly into the cloud. For the healthcare industry, that means personal health information is stored in multiple environments – and so security should be able to respond to threats across those environments too.
"As the IT estate continued to evolve, the traditional 'gate in castle' approach to security became less and less relevant," said Ryan Smith, VP of product at Armor Cloud Security, in a HIMSS20 Digital presentation.
"It was no longer sufficient enough to have a firewall on the outside perimeter," he said. "Instead, you had to begin focusing on the workload. When you think about security, you have to be thinking about how you're protecting that workload."
During his talk, Maintaining Visibility and Security Across Hybrid Infrastructure Deployments in the Healthcare Industry, Smith explained that cloud-based security failures are nearly always the fault of the customer, rather than the security provider – and that in healthcare companies, orchestrating security teams is often "a very fragmented picture."
This means, Smith said, that security in the cloud is not a technology problem, but an operations problem – and a cultural problem – for businesses.
The defense of healthcare information, in particular, presents a number of unique challenges, including a murky understanding of cloud architecture and data landscapes, poor authentication, weak role-based controls, stubborn end-user adoption, and a lack of orchestration between point solutions.
Another hurdle, Smith said, involves furthering the understanding that regulatory constraints under HIPAA aren't always prescriptive.
"Compliance is built on a checklist of how we should maintain best practices," Smith said. "Compliance is more of a point-in-time snapshot. … Security never sleeps, while compliance is often a once-a-year activity."
"Threat actors don't care if you're compliant," he pointed out.
Plus, as Smith noted, compliance often results from security.
Security platforms should protect the data environment from both accidental and intentional threats, Smith said. He explained that tools focused on Cloud Security Posture Management, Cloud Workload Protection and Cloud Access Security Brokers can work together to address the all-around security needs of an organization.
This is important, Smith said, because "healthcare data is gold to bad actors."
The financial impact of data breaches is often significant due to government fines, loss of customers or theft of intellectual property.
"If you are subject to breach," Smith said, "there is tremendous impact to the business."
.jumbotron{ background-image: url("/sites/hitn/files/u2556/HIMSSDigitalJumbo.jpg"); background-size: cover; color: white; } .jumbotron h2{ color: white; }
HIMSS20 Digital
Experience the education, innovation and collaboration of the HIMSS Global Health Conference & Exhibition… virtually.
Kat Jercich is senior editor of Healthcare IT News.
Twitter: @kjercich
Healthcare IT News is a HIMSS Media publication.
A decade-long study just published in JAMA finds a wide variance in the safety performance of operational EHR systems, especially when it comes to reducing adverse drug events.
Security
The telemedicine vendor doesn't store patient data, explained founder Brandon Welch, and relies on peer-to-peer video-calling software working inside browsers to minimize potential vulnerabilities.
In this special report, three IT experts describe technologies and strategies to boost quality improvement efforts and put patient safety at the center of the equation.
What’s more, 72-practice Community Care Physicians has sent around 776,000 COVID-related newsletters to patients, also reminding them of their telehealth appointments during the pandemic.
CAREMINDr President and CEO Harry Soza discusses how remote monitoring is changing chronic care management.
Working Well, designed to support evolving clinical protocols, enables contact tracing and can be configured to organizations' own specific back-to-work needs.