Spending on security of health data breaches to hit $70B by 2015 - FierceHealthIT

Spending on security of health data breaches to hit $70B by 2015 - FierceHealthIT:
March 29, 2012 — 3:24pm ET | By Dan Bowman 

With the cost of healthcare data breaches continuing to rise year after year, it shouldn't come as a surprise that spending on the security of that information is estimated to hit $40 billion this year, and balloon to $70 billion three years from now, according to a recently published report from Princeton, N.J.-based consulting firm The Boyd Company.

Specifically, investments in electronic health records and mobile technology to meet government compliance standards are cited as key to the expected spending splurge. Because of the inevitable increase in medical records sharing, new and improved efforts will be mandatory to keeping health data safe.

The report breaks down current data security costs in the U.S. by city, with New York ($32.6 million), San Francisco ($27.8 million) and Los Angeles ($25.7 million) spending the most annually on such protection.

"In an industry whose cost structures are under constant scrutiny by patients, insurance companies and government agencies, comparative economics are ruling investment and location decisions for new facilities," the authors wrote. "In today's difficult economy, improving the bottom line on the cost side of the ledger is often easier than on the revenue side for many healthcare services companies."

Read more: Spending on security of health data breaches to hit $70B by 2015 - FierceHealthIT http://www.fiercehealthit.com/story/healthcare-data-breaches-hit-70b-2015/2012-03-29?utm_medium=rss&utm_source=rss#ixzz1qtWl0H8w

101 Tips to Make Your EMR and EHR More Useful – EHR Tips 1-5

101 Tips to Make Your EMR and EHR More Useful – EHR Tips 1-5

Written by: John (from http://www.emrandehr.com/)

Time for the next entry covering Shawn Riley’s list of 101 Tips to Make your EMR and EHR More Useful. I can’t believe that this is the last post in the series. I think it’s been a good series chalk full of good tips for those looking at implementing an EHR in their office. I’d love to hear what people thought and if they’d like me to do more series like this one. Now for the final 5 EMR tips.

5. Automatic trending helps all over the place – A picture is worth a thousand words and this is never more true than when we’re talking about trending. Make sure your EHR software can quickly take a set of results and/or data points and graph them over time.

4. Keep training over and over – Are you ever done learning software? The answer for those using an EMR is no. Part of this has to do with the vast volume of options that are available in EMR software. However, the training doesn’t necessarily have to come from formal training sessions. Much of the training can also come by facilitating interaction and discussion about how your users use the software. By talking to each other, they can often learn from their peers better ways to use the software.

3. Infrastructure is key to performance – I love when people say “My EMR is Slow” cause it’s such a general statement that could have so many possible meanings. Regardless of the cause of slowness, the EMR is going to get the blame. For those wanting to dig in to the EMR slowness issue, you can read my pretty comprehensive post about causes of EMR slowness. I think you’ll also enjoy some of the responses to that EMR slowness post.

Infrastructure really matters when someone is using an EMR all day every day. There’s no better way to kill someone’s desire to use an EMR than to have it be slow (regardless of who’s responsible).

2. Quit pulling charts as soon as possible – I think this tip should be done with some caution. In certain specialties the past chart history matters much more than in others. Although, it’s worth carefully considering how often you really look through the past paper chart in a visit. You might be surprised how rare it is that you really need the past paper chart. If that’s the case, consider only pulling the chart when it’s needed. If you only find yourself looking through the past paper chart for 2 or 3 key items, then just have someone get those 2 or 3 items put into the EMR ahead of time. Then, it will save you having to switch back and forth. Plus, then it’s there for the next time the patient visits.

1. Crap process + Technology = Fast Crap – Perfect way to end 101 EMR and EHR Tips! I like to describe technology as the great magnifier. The challenge is that it will magnify both the good and bad elements of your processes. Fix the process before you apply the technology.

If you want to see my analysis of the other 101 EMR and EHR tips, you can find them all at the following link: 101 EMR and EHR tips analysis.

Riding the HIPAA Wave

Posted on ACROSEAS.com by Dr.Charu A Chitalia

Every act or a statute conveys an objective to be achieved. The objective of HIPAA, which stands for Health Insurance Portability and Accountability Act, is to protect patient security and privacy. An act introduced by the U.S Congress in 1996, and augmented April of 2003, HIPAA was predominantly focused on easy portability of patient health information (PHI) for easy health insurance coverage in spite of shifting jobs and locations.

The concept of “portability” brings an increasing thrust on “accountability.” The portability of health information is beneficial to the patient, the physicians who record and refer back to the patient’s history and the insurance companies  which settle the medical claims of the patient. Because HIPAA is used as a resource by three different parties, the risk of information breach is very high. It is a practice-driven policy where extra care needs to be taken during the transfer and storage of information. It is to be noted that for any kind of transfer, the form of the record is vital. The implementation of HIPAA paved the way for electronic versions of the patient health records (PHRs), which required an urgent enforcement of technology based regulations.

Come 2009, the heat was felt and the Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the America Recovery and Reinvestment Act (ARRA), was signed in the month of February by President Obama and was to come into affect by 2010. This emphasized the need and importance of going paperless when it came to PHRs. This brought in a practical way of implementation of HIPAA and gave it more importance to take affect.

All the three acts — HIPAA, HITECH and ARRA — collaboratively focus on tightening the healthcare screws when it comes to patient information, use of technology and its benefits, and the penalties in cases of non-compliance. It is to be noted that prior to the enactment of HITECH, HIPAA was looked at as a mere set of rules and regulations on paper. The proposed requirements under the HIPAA were so stringent that it wasn’t practical enough to implement. For example, HIPAA requires the exchange of information through a secured encrypted email carrier. However, in reality, the healthcare professionals typically preferred the convenience of the act, rather than the security it provided. The professionals were known to use cell phones and personal laptops, which would not only overlook a secured network, but also force other issues like loss of data, attacks and malicious activities by the hackers and other third-party intruders. Previously, saying that one’s record-keeping method was “HIPAA compliant” may not have been strictly true, even though it’s clear that being so is only good option.

As we are into another decade and the legions of law are looming over the healthcare industry, it is only advisable to stay put to non-fraudulent practices and monitor every move. Because the eyes of the healthcare police are on us and they wouldn’t blink in today’s age.

Certified Health IT Product List

From the Office of the National Coordinator for Health Information Technology

The Certified HIT Product List (CHPL) provides the authoritative, comprehensive listing of Complete EHRs and EHR Modules that have been tested and certified under the Temporary Certification Program maintained by the Office of the National Coordinator for Health IT (ONC). Each Complete EHR and EHR Module listed below has been certified by an ONC-Authorized Testing and Certification Body (ONC-ATCB) and reported to ONC. Only the product versions that are included on the CHPL are certified under the ONC Temporary Certification Program. Please note that the CHPL is a “snapshot” of the current list of certified products. The CHPL is updated frequently as newly certified products are reported to ONC.

And now....THE LIST!!

Quality reporting top concern for healthcare's top execs

Article from HealthcareITNews.com

November 22, 2010 | Bernie Monegain, Editor 

WEYMOUTH, MA – Top of mind for healthcare organizations aiming to achieve meaningful use is quality reporting, according to a new survey from healthcare consulting firm Beacon Partners.

Beacon Partners announced the results of its ARRA Preparedness and Sustainability study as the first deadline of July 2011 approaches for healthcare organizations to achieve meaningful use in order to obtain maximum ARRA incentive money.

"Right now there is a lot of emphasis on getting as much ARRA incentive money as possible," said Ralph P. Fargnoli, Jr., president and CEO of Beacon Partners. "Healthcare organizations are under a lot of pressure as such, but what about down the road when that money is no longer a factor? The results of this study provide a good glimpse as to how well healthcare organizations are preparing for the long-term sustainability of their investments after the ARRA incentive dollars are gone."

Key findings of the study include:
 

BV2842 Workstation

• Forty-five percent of respondents have not applied for any federal or local grants, which is a viable way in which to ignite the process of initiating Health Information Exchanges (HIEs) to attain meaningful use.
• In a step towards sustaining their overall IT investment, the majority of healthcare organizations have built IT expenditures into their financial plans for the coming years to help support patient care, clinical quality and safety as part of their annual spending, tactical planning and strategic multi-year plans.
• Most healthcare organizations (more than 80 percent) will either maintain or increase their IT investments if they are awarded the meaningful use incentive payments.
• Fifteen percent of respondents have operational HIEs. Nearly 60 percent of the respondents have HIE plans in development and more than 20 percent are in the pre-planning stages.
• More than 40 percent of respondents have plans to enhance their physician and patient portals, which are crucial to the development of a sound and secure infrastructure at any healthcare organization.
• In their efforts to achieve meaningful use, quality reporting is the biggest concern among 73 percent of respondents.

"In those efforts to achieve meaningful use, quality reporting is a major concern," notes the Beacon report. "Lack of quality reporting is largely due to the fact that the efforts required to transform current workflow into an EHR will require significant technology and human resources."

Workgroup begins work on Stage 2 of meaningful use rules

By Jean DerGurahian, News Writer

27 Sep 2010 | SearchHealthIT.com

The first stage of meaningful use rules haven't taken effect yet, but policymakers already are turning their attention to the second and third stages of the program designed to encourage the greater adoption of information technology among health care providers.

More on the meaningful use rules

Criteria for meaningful use of EHR

How EHR standards align with meaningful use

On Sept. 22, the Meaningful Use Workgroup of the federal Health IT Policy Committee held the first of two day-long brainstorming sessions that signal the beginning of work to draft the criteria doctors and hospitals will follow after 2012, when Stage 2 is set to begin.

Expect a lot more discourse on such issues as computerized physician order entry (CPOE), drug interactions indicators, advance directives, and quality measures and clinical decision support. While the workgroup is delving into ways to extend current meaningful use rules and develop new ones, those areas in particular were questioned deeply.

Under the federal Electronic Health Record Incentive Program (EHRIP), Medicare and Medicaid providers demonstrate they are meeting meaningful use rules and are eligible for incentive payments. The five-year program is voluntary, but providers that don't demonstrate they have adopted and are using health IT after 2015 will see cuts in their reimbursement from the Centers for Medicare & Medicaid Services (CMS), which oversees EHRIP. The policy committee is run by the Office of the National Coordinator for Health Information Technology, or ONC, which works in conjunction with CMS on meaningful use and technology standards.

[Continue Reading on SearchHealthIT.com]