TTA’s Week: Janus-faced telemedicine as seen in hospitals and in long-term care

 

Telemedicine Has Two Faces: the good in expanding mental health and preventing rehospitalizations in long-term care–and the very bad in delivering end-of-life news to an elderly patient.

And scroll below for news of The King’s Fund’s Digital Health and Care Congress, including Matt Hancock as keynote speaker on day 2. Plus 10% off registration for our Readers!

Suddenly hot, redux: mental health telemedicine in long term care, analytics to help predict rehospitalizations in skilled nursing facilities (A traditional provider adds telemedicine, three new SNF tech companies preventing rehospitalizations)
A telemedicine ‘robot’ delivers end of life news to patient: is there an ethical problem here, Kaiser Permanente? (An insensitive use of good technology gets bad press for both)

A government study on tech to enable aging independence that actually may be useful. Meanwhile, the FBI is warning that Hackermania is running wild over healthcare. AliveCor’s KardiaMobile succeeds in UK’s EDs. And that music you have on to concentrate may be doing exactly the opposite.

A useful White House study released: ‘Emerging Technologies to Support an Aging Population’ (Big topics and tech approaches without the fluff)
Hackermania ‘bigger than government itself’–and 25% of healthcare organizations report mobile breaches (We ought to be doing better by now)
Smartphone-based ECG urged for EDs to screen for heart rhythm problems: UK study (Give the patients mobile ECG monitors to take home)
Listening to music impairs verbal creativity: UK/Sweden university study (Those headphones are not helpful if you’re trying to think)

Chronic condition telehealth monitoring is suddenly hot–again. When will digital health ethics be more than talk-talk? No more faxes, no more pagers in the NHS. Surprise! Consumer behavior should drive health tech. Plus late spring events + Connected Health Summit speaking opportunities.

Suddenly hot: chronic condition management in telehealth initiatives at University of Virginia and Doctor on Demand (We’ve been here before)
Events, dear friends: MedTech London, Aging 2.0 Philadelphia, speakers wanted for Connected Health Summit (More for your calendar from late winter into late summer)
First they came for the fax machines….now NHS is coming for the pagers (Pretty soon it will be the stethoscopes, the furniture…)
The King’s Fund Digital Health and Care Conference announces Matt Hancock as Day 2 keynoter (He’s everywhere!)
About time: digital health grows a set of ethical guidelines (But how to put it into action beyond the nice meetings and draft principles?)
A short but canny look at consumer behavior as a driver of health technology (Design that fits into life–what a notion!)

Rounding up HIMSS and the millennial/Gen Z healthcare mindset. It’s wall-to-wall Theranos for the next few weeks. And we bid farewell to a fine (if over-parodied) actor with our video advert.

News roundup: of logos and HIMSS roundups, Rock Health’s Digital Health Consumer Adoption survey, and the millennial/Gen Z walkaway from primary care (Increasingly not trad, dad)
The Theranos Story, ch. 58: with HBO and ABC, let the mythmaking and psychiatric profiling begin! (updated) (A deluge of Theranos Analysis)
From our archives: a long buried advert (RIP Bruno Ganz) (Editors Steve and Donna salute a fine actor and fine movie–remembered, humorously)

The Topol Review’s relationship to reality explored by Roy Lilley. Robotics effects in therapy for children with autism and CP. The wind’s even more at the back of telehealth–but there are caveats. Plus Editor Charles is back with a UK digital health roundup.

Roy Lilley’s tart-to-the-max view of The Topol Review on the digital future of the NHS (This week’s Must Read)
Robots’ largely positive, somewhat equivocal role in therapy for children with autism and cerebral palsy (HIMSS)
The wind may be even stronger at the back of telehealth this year–but not without a bit of chill (VA, Virginia as indicators–and the hurdles when you get there )
A selection of short digital health items of potential interest (Editor Charles is back with views on AI and events)

The telehealth entrepreneur and the $5 million fraud = 15 years in prison. Scotland’s Current Health wins FDA clearance, Latin America telemedicine’s uncertain state, women in eHealth, and studies on digital health in health systems.

News roundup: Current Health’s Class II, Healthware Italy’s €10 million boost, the low state of Latin America telemedicine, weekend reading on digital health in health systems
Digital health versus eHealth: ‘here we go again’ with the confusion and the differences. Plus Women in eHealth (JISfTeH) (Reviving the terminology discussion)
The telehealth ‘entrepreneur’ whose $5 million funding bought stays at the Ritz and portfolios at Bottega Veneta (And 15 years in the Federal pen. Tell your mum or uncle to be wary of good stories)

Our lead this week is the sale of Tunstall’s US operation. Unicorns need to hype less and publish studies more. The King’s Fund’s two events in March and May, Bayer’s accelerator winners, and news from Apple to teledermatology for São’s spotted!

Short takes: Livongo buys myStrength, Apple Watch cozies with insurers, Lively hears telehealth and $16 million
Tunstall Americas sold to Connect America
(Tunstall conceding their business is outside the US)
Where’s the evidence? Healthcare unicorns lack the proof and credibility of peer-reviewed studies. (Unicorns need to add substance to the sparkle)
News roundup: Virginia includes RPM in telehealth, Chichester Careline changes, Sensyne AI allies with Oxford, Tunstall partners in Scotland, teledermatology in São Paolo
The King’s Fund ‘Digital Health and Care Explained’ 27 March
(Readers also get a 10% discount at the 22-23 May Congress)
Bayer’s G4A accelerator awards agreements with KinAptic, Agamon, Cyclica (DE) (A truly international accelerator program)


The King’s Fund’s annual Digital Health and Care Congress is back on 22-23 May. Just announced–Secretary Matt Hancock keynoting Day 2. Meet leading NHS and social care professionals and learn how data and technology can improve the health and well-being of patients plus the quality and effectiveness of the services that they use. Our Readers are eligible for a 10% discount using the link in the advert or here, plus the code Telehealth_10.


Have a job to fill? Seeking a position? Free listings available to match our Readers with the right opportunities. Email Editor Donna.


Read Telehealth and Telecare Aware: http://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our present and past advertisers and supporters: Tynetec, Eldercare, UK Telehealthcare, NYeC, PCHAlliance, ATA, The King’s Fund, HIMSS, Health 2.0 NYC, MedStartr, Parks Associates, and HealthIMPACT.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. See our advert information here. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

Hackermania ‘bigger than government itself’–and 25% of healthcare organizations report mobile breaches

To quote reporter Andy Rooney, ‘why is that?’ Everyone in healthcare (with our Readers well ahead of the curve) has known for years that our organizations are special targets, indeed–by hackers (activists or not), spammers, ransomwarers, criminals, bad guys in China, North Korea, and Eastern Europe, plus an assortment of malicious insiders and the simply klutzy. Why? Healthcare organizations, payers, and service companies have a treasure trove of PHI and PII with Big Value. 

So to read in Healthcare IT News that Christopher Wray, the new director of the FBI, is saying that today’s cyberthreats are bigger than any one agency, and in fact bigger than the government itself, it gives you the feeling that the steamroller has not only run over us, but is on the second pass.

According to one reporting company, Bitglass, breach incidents were year-over-year flat (290), but the number of records affected in 2018 nearly tripled from 4.7 million to 11.5 million. Hacking finally became the top cause (45.9 percent) versus unauthorized access and disclosure (35.9 percent). Loss and theft is down to about 15 percent.

And mobile feels like that second pass. Verizon’s Mobile Security Index 2019 reports that 25 percent of healthcare organizations have had a mobile-related compromise. Nearly all hospitals are investing in mobile. In the field, doctors and other clinicians are either using issued devices or BYOD, whether authorized or not. Whether or not their organizations are using app security systems like Blue Cedar [TTA 17 Feb 18] or work with companies like DataArt on securing proprietary systems is entirely another question. Apparently it’s not a priority. According to the Verizon study, nearly half of all organizations sacrificed mobile security in the past year to “get the job done.” Healthcare Dive.

Back to Director Wray, who is urging public-private cooperation especially with the FBI, which itself has not hesitated to break encryption (e.g. Apple’s) in going after criminals’ phones.

TTA’s Week: NHS loses the pagers, digital health ethical talk-talk, back to chronic condition monitoring, consumers driving health design–whatta notion!

 

 

Chronic condition telehealth monitoring is suddenly hot–again. When will digital health ethics be more than talk-talk? No more faxes, no more pagers in the NHS. Surprise! Consumer behavior should drive health tech. Plus late spring events + Connected Health Summit speaking opportunities.

And scroll below for news of The King’s Fund’s Digital Health and Care Congress, including Matt Hancock as keynote speaker on day 2. Plus 10% off registration for our Readers!

Suddenly hot: chronic condition management in telehealth initiatives at University of Virginia and Doctor on Demand (We’ve been here before)
Events, dear friends: MedTech London, Aging 2.0 Philadelphia, speakers wanted for Connected Health Summit (More for your calendar from late winter into late summer)
First they came for the fax machines….now NHS is coming for the pagers (Pretty soon it will be the stethoscopes, the furniture…)
The King’s Fund Digital Health and Care Conference announces Matt Hancock as Day 2 keynoter (He’s everywhere!)
About time: digital health grows a set of ethical guidelines (But how to put it into action beyond the nice meetings and draft principles?)
A short but canny look at consumer behavior as a driver of health technology (Design that fits into life–what a notion!)

Rounding up HIMSS and the millennial/Gen Z healthcare mindset. It’s wall-to-wall Theranos for the next few weeks. And we bid farewell to a fine (if over-parodied) actor with our video advert.

News roundup: of logos and HIMSS roundups, Rock Health’s Digital Health Consumer Adoption survey, and the millennial/Gen Z walkaway from primary care (Increasingly not trad, dad)
The Theranos Story, ch. 58: with HBO and ABC, let the mythmaking and psychiatric profiling begin! (updated) (A deluge of Theranos Analysis)
From our archives: a long buried advert (RIP Bruno Ganz) (Editors Steve and Donna salute a fine actor and fine movie–remembered, humorously)

The Topol Review’s relationship to reality explored by Roy Lilley. Robotics effects in therapy for children with autism and CP. The wind’s even more at the back of telehealth–but there are caveats. Plus Editor Charles is back with a UK digital health roundup.

Roy Lilley’s tart-to-the-max view of The Topol Review on the digital future of the NHS (This week’s Must Read)
Robots’ largely positive, somewhat equivocal role in therapy for children with autism and cerebral palsy (HIMSS)
The wind may be even stronger at the back of telehealth this year–but not without a bit of chill (VA, Virginia as indicators–and the hurdles when you get there )
A selection of short digital health items of potential interest (Editor Charles is back with views on AI and events)

The telehealth entrepreneur and the $5 million fraud = 15 years in prison. Scotland’s Current Health wins FDA clearance, Latin America telemedicine’s uncertain state, women in eHealth, and studies on digital health in health systems.

News roundup: Current Health’s Class II, Healthware Italy’s €10 million boost, the low state of Latin America telemedicine, weekend reading on digital health in health systems
Digital health versus eHealth: ‘here we go again’ with the confusion and the differences. Plus Women in eHealth (JISfTeH) (Reviving the terminology discussion)
The telehealth ‘entrepreneur’ whose $5 million funding bought stays at the Ritz and portfolios at Bottega Veneta (And 15 years in the Federal pen. Tell your mum or uncle to be wary of good stories)

Our lead this week is the sale of Tunstall’s US operation. Unicorns need to hype less and publish studies more. The King’s Fund’s two events in March and May, Bayer’s accelerator winners, and news from Apple to teledermatology for São’s spotted!

Short takes: Livongo buys myStrength, Apple Watch cozies with insurers, Lively hears telehealth and $16 million
Tunstall Americas sold to Connect America
(Tunstall conceding their business is outside the US)
Where’s the evidence? Healthcare unicorns lack the proof and credibility of peer-reviewed studies. (Unicorns need to add substance to the sparkle)
News roundup: Virginia includes RPM in telehealth, Chichester Careline changes, Sensyne AI allies with Oxford, Tunstall partners in Scotland, teledermatology in São Paolo
The King’s Fund ‘Digital Health and Care Explained’ 27 March
(Readers also get a 10% discount at the 22-23 May Congress)
Bayer’s G4A accelerator awards agreements with KinAptic, Agamon, Cyclica (DE) (A truly international accelerator program)

Latest through the revolving door is NHS’ chief digital officer, digital health may be more ‘bubbly’ than you would like, telemedicine and telehealth gain important consumer and Medicare facing ground, and fill your calendar some more!

NHS England digital head Bauer exits for Swedish medical app Kry, but not without controversy (The revolving door reveals a self-made cloud over her head)
Events, Dear Friends, Events: UK Telehealthcare, Mad*Pow HXD, dHealth Summit (Get out the calendars–and the checkbooks/app)
Telemedicine virtual visits preferred by majority in Massachusetts General Hospital survey (Over 94% loved the convenience alone)
Medicare Advantage model covering telehealth for certain in-person visits starting in 2020 (The needle moves–slowly)
It’s not a bubble, really! Or developing? Analysis of Rock Health’s verdict on 2018’s digital health funding. (‘Bubbly’ factors that may influence this year–not for the better)

We round up the Official Healthcare Circus of CES, Verily rolls along with $1 bn in investment, and Walgreens Boots finally makes an alliance splash with Microsoft

It’s Official: CES is now a health tech event (updated) (And still a circus! We round up the top coverage so you don’t have to)
News roundup: Walgreens Boots-Microsoft, TytoCare, CVS-Aetna moves along, Care Innovations exits Louisville
Verily, Google’s life sciences arm, gathers in another billion to go…where? (Updated for Study Watch clearance) (Still a mystery)


The King’s Fund’s annual Digital Health and Care Congress is back on 22-23 May. Just announced–Secretary Matt Hancock keynoting Day 2. Meet leading NHS and social care professionals and learn how data and technology can improve the health and well-being of patients plus the quality and effectiveness of the services that they use. Our Readers are eligible for a 10% discount using the link in the advert or here, plus the code Telehealth_10.


Have a job to fill? Seeking a position? Free listings available to match our Readers with the right opportunities. Email Editor Donna.


Read Telehealth and Telecare Aware: http://telecareaware.com/  @telecareaware

Follow our pages on LinkedIn and on Facebook

We thank our present and past advertisers and supporters: Tynetec, Eldercare, UK Telehealthcare, NYeC, PCHAlliance, ATA, The King’s Fund, HIMSS, Health 2.0 NYC, MedStartr, Parks Associates, and HealthIMPACT.

Reach international leaders in health tech by advertising your company or event/conference in TTA–contact Donna for more information on how we help and who we reach. See our advert information here. 


Telehealth & Telecare Aware: covering the news on latest developments in telecare, telehealth, telemedicine and health tech, worldwide–thoughtfully and from the view of fellow professionals

Thanks for asking for update emails. Please tell your colleagues about this news service and, if you have relevant information to share with the rest of the world, please let me know.

Donna Cusano, Editor In Chief
donna.cusano@telecareaware.com

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –

About time: digital health grows a set of ethical guidelines

Is there a sense of embarrassment in the background? Fortune reports that the Stanford University Libraries are taking the lead in organizing an academic/industry group to establish ethical guidelines to govern digital health. These grew out of two meetings in July and November last year with the participation of over 30 representatives from health care, pharmaceutical, and nonprofit organizations. Proteus Digital Health, the developer of a formerly creepy sensor pill system, is prominently mentioned, but attending were representatives of Aetna CVS, Otsuka Pharmaceuticals (which works with Proteus), Kaiser Permanente, Intermountain Health, Tencent, and HSBC Holdings.

Here are the 10 Guiding Principles, which concentrate on data governance and sharing, as well as the use of the products themselves. They are expanded upon in this summary PDF:

  1. The products of digital health companies should always work in patients’ interests.
  2. Sharing digital health information should always be to improve a patient’s outcomes and those of others.
  3. “Do no harm” should apply to the use and sharing of all digital health information.
  4. Patients should never be forced to use digital health products against their wishes.
  5. Patients should be able to decide whether their information is shared, and to know how a digital health company uses information to generate revenues.
  6. Digital health information should be accurate.
  7. Digital health information should be protected with strong security tools.
  8. Security violations should be reported promptly along with what is being done to fix them.
  9. Digital health products should allow patients to be more connected to their care givers.
  10. Patients should be actively engaged in the community that is shaping digital health products.

We’ve already observed that best practices in design are putting some of these principals into action. Your Editors have long advocated, to the point of tiresomeness, that data security is not notional from the smallest device to the largest health system. Our photo at left may be vintage, but if anything the threat has both grown and expanded. 2018’s ten largest breaches affected almost 7 million US patients and disrupted their organizations’ operations. Social media is also vulnerable. Parts of the US government–Congress and the FTC through a complaint filing–are also coming down hard on Facebook for sharing personal health information with advertisers. This is PHI belonging to members of closed Facebook groups meant to support those with health and mental health conditions. (HIPAA Journal).

But here is where Stanford and the conference participants get all mushy. From their press release:

“We want this first set of ten statements to spur conversations in board rooms, classrooms and community centers around the country and ultimately be refined and adopted widely.” –Michael A. Keller, Stanford’s university librarian and vice provost for teaching and learning

So everyone gets to feel good and take home a trophy? Nowhere are there next steps, corporate statements of adoption, and so on.

Let’s keep in mind that Stanford University was the nexus of the Fraud That Was Theranos, which is discreetly not mentioned. If not a shadow hovering in the background, it should be. Perhaps there is some mea culpa, mea maxima culpa here, but this Editor will wait for more concrete signs of Action.

Higi and Interpreta’s data mix partnership–questions on consent, data security

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2017/08/Interpreta-Higi.jpg” thumb_width=”150″ /]Higi (also higi), which has placed health monitoring kiosks in over 11,000 US retail locations and a 5.5 million signup base, and data cruncher Interpreta announced that they are partnering to blend Higi’s vital signs data with Interpreta’s claims, clinical and genomics data analytics. Based on Mobihealthnews’ article and the joint release, an individual’s health information taken at higi retail stations will be “prioritized within Interpreta in real time”. They also claim that for the first time, insurance payers and providers will be able to leverage biometrics data, clinical, claims and additional genomic information a person may obtain from genetic testing services into a ‘personalized care roadmap’ that closes gaps in care. This is positioned as a big advance in population health and it all sounds great.

Perhaps not so great are the details. What about consent and data security? Aside from absolutely no mention of patient consent and HIPAA compliance in the above news, this Editor suspects that past, current and future Higi users may not be made aware that their vital signs data recorded with Higi will be 1) sent into a non-Higi database and 2) integrated with other information that appears in Interpreta’s database. How is this being done? Is consent obtained? What then happens? Is it used on an identified or de-identified basis? Where is it going? Who is doing what with it? Can it be sold, as 23andme’s genomic information is (with consent, but still…)? “Interpreta works in the realm of precision medicine, continuously interpreting and synchronizing clinical and genomics data in real time to create a personalized roadmap to enable the orchestration of timely care.” but they do this for providers and health plans who are then responsible for privacy and data integrity. Consent for Higi to keep a record of your blood pressure when you drop into your local RiteAid or ShopRite is not consent for Interpreta to use or manipulate it. These questions should have been addressed in the release or an accompanying fact sheet. We welcome a response from either Higi or Interpreta.

And one last and exceedingly ‘gimlety’ observation by this Editor: kiosks get hacked, and here we have not a price to a McDonald’s meal but a portal to deep PHI. Here’s a two-part article in an industry publication, Kiosk Marketplace, if you are skeptical. Part 1, Part 2 

Is wearable IoT really necessary–and dangerous to your privacy?

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2015/08/is-your-journey-neccessary_.jpg” thumb_width=”150″ /]But does the average person even care? This Editor senses a groundswell of concern among HIT and health tech regarding the highly touted Internet of Things (IoT) and the dangers it might present. Our previous article reviewed the possibilities of hacking, system vulnerabilities in IoT networks and software bugs ‘bricking’ everyday objects such as refrigerators and cars. But what about wearables and the unimaginable amount of data they generate? Is it as unidentifiable as wearables makers claim? Columbia University computer science student Matthew Piccolella focuses in his article on healthcare ‘things’, primarily fitness trackers like Editor Charles’ favorite, Jawbone, but also clothing and even headsets that measure brain waves (Imec). Their volumes of data are changing the definition of healthcare privacy, which in the US has been synonymous with HIPAA. The problem is that health metadata are increasingly identifiable in a ‘big data’ world. (more…)

Extent, cost of health ID theft exposed in Wall Street Journal

Confirmation that your Editors (including Founder Steve) are no longer Voices Crying In The Wilderness on health data insecurity came this weekend on the front page (print) of The Wall Street Journal. It concentrated less on the profit of stolen PHI–$50 per record on average versus $7 for a credit card, according to Ponemon Institute–than on the horror of the 2.3 million individuals suddenly finding out that hospitalizations, procedures and prescriptions in their name were being used by others, leaving them with the bill and unable to clear both their financials and their health records.

EHRs are treasure troves of health and financial information. Unlike credit card theft, there’s no warning–and no limits. Providers and insurance companies put the onus on the person with the stolen data. There is no healthcare equivalent of the Fair Credit Billing Act (FCBA) and the Fair Credit Reporting Act (FCRA), which since 1974 and 1970 respectively have limited the individual impact of fraudulent credit card charges.

Consumer security programs like LifeLock are not particularly effective in proactive notification. In other words, you’re stuck. You may run through your benefits and then be responsible for the bills. Second, you may never get the bad information and diagnoses out of the supposedly accessible health record because of privacy laws, especially if you are a caregiver.

Victims sometimes only find out when they get a bill or a call from a debt collector. They can wind up with the thief’s health data folded into their own medical charts. A patient’s record may show she has diabetes when she doesn’t, say, or list a blood type that isn’t hers—errors that can lead to dangerous diagnoses or treatments.

Adding insult to injury, a victim often can’t fully examine his own records because the thief’s health data, now folded into his, are protected by medical-privacy laws. And hospitals sometimes continue to hound victims for payments they didn’t incur.

According to Ponemon, “65% of victims reported they spent an average of $13,500 to restore credit, pay health-care providers for fraudulent claims and correct inaccuracies in their health records.”

Very rarely does this Editor look for a Federal remedy to a problem, (more…)

UCLA Health data breach may affect 4.5 million patients

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2015/06/keep-calm-and-secure-your-data-4.png” thumb_width=”150″ /]Breaking news out of Los Angeles this afternoon is that the UCLA Health System’s computer network was compromised by an external cyberattack, compromising an estimated 4.5 million patient records. According to the LA Times, “the hospital saw unusual activity in one of its computer servers in October and began investigating with assistance from the FBI. The investigation confirmed May 5 that the hackers had gained access to parts of UCLA Health’s computer system where some patient information was stored. The hackers gained access to names, dates of birth, Social Security numbers, Medicare and health plan identification numbers as well as some medical information like patient diagnoses and procedures.” There also appears to have been a delay in the realization that the sensitive PHI had been accessed, and that the suspicious activity could have started as early as September 2014. Yet the UCLA Health statement equivocates: “At this time, there is no evidence that the attacker (more…)

The sheer screaming attractiveness of medical ID theft

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2014/10/screenshot-med-25.jpg” thumb_width=”170″ /]Harry Lime Lives!  It’s the 1949 Vienna of ‘The Third Man’ when it comes to the black market of medical identity theft. Data breaches are easier than heisting penicillin off an Army Medical Corps truck and far less noticeable–there’s always a lag time in discovery as more than one health system (Community Health System) found. And protected health information (PHI) has value down the line. According to a report cited by FierceHealthIT:

  • Simple data comes cheap: names, birth dates and health insurance contract with group numbers fetch a pedestrian $20.
  • Add Social Security (SSI) numbers, banking and credit card information, and these ‘kits’ fetch $1,500. These can be used for financial fraud of multiple types or alternate identities.
  • Add medical data, and direct marketing data brokers and pharmacy benefit companies are willing to pay. They use it for legitimate (but annoying) purposes, such as targeting those with specific diseases.
  • Add physical identification, and the value goes through the roof for fake passports, driver’s licenses and visas.

The ways PHI can be accessed are many: EHRs, paper records, stolen laptops, CDs, accounting systems, provider, insurer and supplier systems, and simple ‘friendly fraud’ (more…)

Data breaches may cost healthcare organizations $5.6 bn annually: Ponemon (US)

[grow_thumb image=”http://telecareaware.com/wp-content/uploads/2013/10/keep-calm-and-enter-at-own-risk-3.png” thumb_width=”150″ /]The PHI threat is within for HIT staff and CIOs, with no end in sight: Ponemon Institute and IS Decisions

The Ponemon Institute’s fourth annual benchmark report on patient privacy and data security was released last week and with a few exceptions, the news is worse than last year. Eight highlights in the study of 91 responding organizations (Ponemon admits results are skewed to larger sized respondents) for 2013 are:

  1. The average cost of data breaches in the study group was approximately $2 million over a two-year period. Extrapolated to the over 5,700 hospitals in the US, the annual cost is $5.6 billion, down from $7 billion in 2012.
  2. The number of data breaches decreased slightly. 38 percent report more than five in the 2013 report compared to 45 percent in 2012. The number of organizations reporting at least one data breach in the past two years was 90 percent versus 94 percent in 2012.
  3. Healthcare organizations improve ability to control data breach costs. The economic impact of data breaches for the healthcare organizations represented in this study over the past two years is $2.0 million–but it is 17 percent (nearly $400,000) less than 2012.
  4. ACA increases risk to patient privacy and information security. No surprises here for readers with insecure exchange of information between healthcare providers and government (75 percent ), patient data on insecure databases (65 percent) and patient registration on insecure websites (63 percent) leading the way. (more…)