HIPAA Compliance Basics

HIPAA IT Compliance

HIPAA Compliance Basics – IT HIPAA Compliance

If you are an organization subject to HIPAA, you need to understand and comply with all relevant requirements. Learn more about how this law applies to your company.  

HIPAA IT Compliance

The Health Insurance Portability and Accountability Act of 1996 set standards for all organizations that handle protected health information. In the past, HIPAA standards for privacy and security mainly applied to the management of paper health records and verbal exchanges of patient health information. In today’s modern world, however, the majority of protected health information is in a digital format, and these standards must be applied differently.

HIPAA Basics

HIPAA sets guidelines organizations must follow when they collect and store private health information. The law provides patients with certain rights to access their own health information, as well as confidentiality protections. HIPAA also outlines the steps an organization must follow when private health information has been compromised.

The Health Information Technology for Economic and Clinical Health Act

To ensure that all organizations subject to HIPAA are in compliance in the digital age, the government passed an additional law: the Health Information Technology for Economic and Clinical Health Act. Essentially, this new law raises the penalties that apply when a health organization violates any of HIPAA’s standards for privacy and security of protected health information.

How to Protect Your Data

In light of the many restrictive standards that apply to protected health information, it is essential for every organization that handles this information to take the matter seriously. Below are some tips to help you protect your data from vulnerability.

1. Invest in security software.

The right security software can help to maintain the safety of your data from hackers. Invest in advanced security software and update it as needed.

2. Train personnel.

Every employee who handles protected health information needs to understand the importance of complying with HIPAA laws. Take the time to train employees on the best practices for handling sensitive data, as well as the consequences for HIPAA violations.

3. Partner with the right professionals.

One of the best ways to keep your data safe is to partner with a reputable IT company that can design security measures to keep your network secure. The right company will also be able to help you take action quickly when a breach occurs.

4. Stay in the know.

Regulations are subject to change, and threats to your data are always evolving. Stay informed about all recent changes so you can keep your organization protected.
Keeping protected health information secure is not only ethical, but it is required by law. If you are an organization subject to HIPAA, compliance needs to be a priority at all times.

NIST Releases Guidance Solutions for PACS Ecosystem

Healthcare Tech Security

Given how medical providers struggle with ensuring their data is safe, something had to be done to offer guidance. Read this blog about a new cybersecurity plan.  

Healthcare Tech Security

The picture archiving and communication system (PACS) is an ecosystem that stores images that are gathered from medical imaging technology. This ecosystem offers a convenient platform where medical providers can store and access these vital images. However, this ecosystem is vulnerable to cyberattacks.

In order to provide protection for this confidential data, the NIST National Cybersecurity Center of Excellence recently released proposed guidance to assist healthcare delivery organizations with securing their picture archiving and communication systems. In addition, they also released a project aimed at providing an example solution for building stronger security controls.

The guidance material called, Securing Picture Archiving and Communication System, includes aspects that help health organizations design an approach, architecture, and security elements for the PACS ecosystem, including easy-to-follow how-to guidance.

The Evolution of Digital Capabilities

As image-making technologies have taken a gigantic leap over the last decade, now confidential data and vital imaging are uploaded in a digital format by providers across the globe. This adds a huge level of convenience and gives providers the ability to easily store and share this content. The systems that house these images and data are typically stored in image-intensive areas like the radiology department and are also uploaded to each patient’s electronic health record (EHR).

But as this process adds easier accessibility and organization in a digital format, including limiting the time to takes for doctors to make a diagnosis, the technology has also opened the door to more cyber threats. And many medical providers struggle with auditing user accounts and monitoring them properly to suspect any abnormal behavior. Medical providers also struggle with ensuring that data moves safely across the network and also with monitoring access by its users, which can lead to a drop in system performance.

Goals of the Project

With the project set forth by the NIST National Cybersecurity Center of Excellence, their goals include the following:

  • Identify who uses the PACS systems
  • Determine the process between the user and system
  • Perform a risk assessment
  • Identify appropriate mitigating security tools
  • Design an example solution

The ultimate goal here is to assist provider organizations with reducing the chance of a cyber breach or substantial data loss, while also minimizing any disruptions with their systems. This also puts emphasis on enabling quick access to imaging and important data without this confidential data becoming vulnerable to an attack, which also offers peace of mind for patient privacy.

Broad Capabilities Equals Broad Threat Landscape

So what makes these systems so vulnerable? This occurs from the broad capabilities of this technology. The PACS connectivity of the ecosystem works with a variety of different technologies that include medical imaging devices and other systems that help to manage and maintain archives of medical images. The role of PACS is to interact with medical imaging devices, connect with other clinical systems, and allow users from multiple locations to review images that lead to faster and higher quality patient care.

With such a broad spectrum of capabilities involved with the PACS ecosystem, the means a broad landscape for threat.

6 Ways To Help You Become HIPAA Compliant

HIPAA Compliance

Tips for HIPAA Compliance (Questions/Answers)

Need a little insight into strengthening up your HIPAA compliance efforts? Check out these 6 simple steps you can take to become more compliant and secure.

No one said HIPAA compliance was easy. It’s a higher level of security and data governance that healthcare organizations have to follow – if you’re looking for help with your compliance, check out the 6 tips below.

Working in the healthcare industry means more than treating patients. In addition to patient care, your practice’s staff also has to maintain compliance with complicated, regularly updated HIPAA regulations.

However, that’s easier said than done…

What’s the state of HIPAA Compliance and healthcare security?

To be honest – it doesn’t look good.

  • 17,000 patient records are breached every day on average (HHS.gov)
  • The healthcare sector accounts for 31% of all reported data breaches (EMC/RSA whitepaper, 2013)
  • While 91% of healthcare organizations use the cloud, 47% of those are not confident in their ability to keep that data secure (Ponemon survey, 2012).

So what can you do?

If you’re even a little unsure about your HIPAA compliance, or the level of security you offer your patients and their data, what steps can you take to do better?

Try these tips…

6 tips to help with HIPAA Compliance

  1. Check for vulnerabilities in your IT network. You may need to replace aging technology and update your hardware and software. If you don’t, you may be weakening the effectivity your IT security and endangering your ePHI. We can conduct regular vulnerability assessments to detect weaknesses in your defense.
  2. Make use of the right IT security solutions. In addition to implementing a Remote Management and Monitoring and Data Intrusion Solution to detect unauthorized attempts and block them. Our healthcare IT professionals can deploy a range of vital security solutions, including:
    • Data encryption so your ePHI and EHRs are secure both in transit and storage.
    • Multi-factor authentication where your users must use two or more forms of electronic identification to access data.
    • Routine patches and updates for your software programs to mitigate any security gaps.
  3. Maintain necessary visibility into storage of ePHI and EHRs. Monitor all access and record all login attempts to respond immediately to unauthorized attempts. Our healthcare IT team set this up for you and enhance your visibility over and control of sensitive medical information.
  4. Keep records on access to your ePHI and EHRs. It’s important to keep track of any data access in order to make sure it is in line with users’ duties and responsibilities. You should only allow access to those who need the information and no one else. Your HR department will have a role to play in this respect to advise and notify you when new employees are brought onboard, changes are made in personnel descriptions, and when employees leave your organization.
  5. Develop and implement a HIPAA policy organization-wide.  This should include all aspects of the “HIPAA Security Rule” and your policies and procedures around it. For the record, the Security Rule sets standards for the handling of ePHI, which is the specific type of data the HIPAA Privacy Rule covers. This rule establishes national standards for properly securing patient data that is stored or transmitted electronically. Also, include an Incident Response Plan that designates a person or team to respond, their roles, and the steps they should take if a data breach occurs – i.e. who should be notified, including individuals and government agencies as required.
  6. Undergo a HIPAA Assessment. {company} will assess your business’ practices to determine that the following crucial guidelines are being followed:
  • if your business is compliant with HIPAA Omnibus laws
  • if your business will meet the upcoming HITECH Stage 3 proposals
  • if your business is prepared for an audit by the Office of Civil Rights
  • how your business deals with ePHI to maintain a compliance posture
  • if your business is secure against cyber risks such as hackers, viruses and other digital attacks
  • if your business meets Meaningful Use guidelines laid out by HITECH stages 1-3, as to any technical, administrative and physical risks and vulnerabilities concerning ePHI that is maintained by certified HER
  • if your staff is properly trained to communicate, proceed and act in accordance with compliance guidelines

The healthcare industry deals with the issue of privacy by continually working to guarantee all information is kept within the intended barriers.

As new technology comes into play and makes practicing medicine easier, it has the side effect of making protecting patient information that much harder. Hence the seemingly endless rules and standards meant to reassure patients that they are protected by their provider and that their personal information is kept confidential.

Neglect and carelessness lead to these standards being created, which makes implementing the best practices like these listed above a critical part of achieving and maintaining compliance.

Security Issues That May Leave Medical Practices Vulnerable

Security Healthcare

Security Healthcare

Healthcare providers have a legal obligation to keep patient data security, whether it’s at rest on a server or in transit to the cloud or a third party. To maintain regulatory compliance and the confidence of your patients, your practice needs to be vigilant in the technologies that it deploys to make sure that all personal and medical information is protected.

Unfortunately, hackers are using sophisticated means to steal this data, sell it or hold your medical practice hostage until you pay massive ransoms. The cost to your practice can be significant, both in dollars spent, patients who leave and reputation lost.

Your practice and patients need an IT solution that provides reliable services to protect data and monitor your IT systems. Otherwise, you leave the data far more vulnerable.

A managed service provider (MSP) that knows the complex issues facing medical businesses today is your best defense. Here’s a look at some of the most common IT issues facing practices and how you and your (MSP) can guard against them.

How Do I Manage All the Users Who Have Access to Patient Data?

Not all cyberattacks are perpetrated by outside parties. Employees — current and former — may have access to sensitive information, which is why processes and procedures need to be in place to manage access. Two common issues are:

  • Controlling Privileged Access. Your practice needs to routinely review which employees have administrative access or privileged accounts in your system. Assess access needs for employees who change roles within the practice and practice “need to know” procedures when determining who sees what.
  • Removing Accounts. Whenever an employee leaves a practice, especially if they are terminated, it’s important to remove their access immediately and inactivate their accounts. Many practices create generic accounts for vendors, contractors and consultants and forget to review and delete them. In addition to deletion in the moment, there should be a regular review of active accounts to make sure they are still necessary.

What Security Issues Are Due to Our Products?

Servers and software are major access points for disruption. There are a couple of common vulnerabilities that practices should look at:

  • Changing Default Credentials. Desktop computers, laptops, firewalls, wireless access points and routers come equipped with default usernames and passwords. These defaults are widely known. If you keep those credentials on the devices, you’re making it that much easier for hackers to gain access.
  • Changing Default Configurations. Just as with your devices, your operating system will come preconfigured with settings that should be changed immediately after installation.

What Do I Need To Do When Transmitting Data?

Many servers include services such as file transfer protocol (FTP), Telnet and terminal services. You should not transfer any information using these tools as they are easily “sniffed” by hackers using freely available methods. For example, FTP and Telnet need to regularly reauthenticate access credentials. Usernames and passwords are sent as text that can be easily accessed by third parties.

Data transfer should be done using sophisticated encryption protocols when transmitting and backing up data.

What Can I Do To Help Employees?

Your employees are your first line of defense against a cyberattack. Automation and education are the keys to prevention.

You need to make sure they are aware of methods used by bad actors and can detect suspicious emails and attachments that pose a major risk to the practice.

It also means making sure you have automated security tools in place to prevent attacks. You need to provide anti-spam, anti-malware and anti-phishing tools that run automatically on every connected device on your network. These software apps should be updated automatically to address the ever-emerging new viruses, worms and trojans that do damage.

You also need to make sure that patches to software and operating systems are applied automatically and immediately.

With some careful planning and the right technology partner, your health care business and its data will remain safe.

How AI Is Saving Orthopedic and Sports Medicine Practices An Hour Each Day

AI in Orthopedics

AI in Orthopedics

The red tape that normally surrounds the administration of patients in the healthcare industry is a leading cause of physician burnout, as many data experts have noted. Healthcare providers are responsible for a growing volume of paperwork and other off-patient work, and the trend towards greater bureaucracy seems to be inevitable. By some estimates, one hour of bedside patient care results in two hours of paperwork post-visit for the average physician.

Fortunately, AI-driven resources are finding new avenues for physicians to spend less time in front of mounds of paper. With new technology in tow, there are now new ways to administrate patient encounters. Physicians are able to stay in compliance with watchdogs, take smarter notes on patients and provide better overall care.

AI in the Medical Marketplace

One such technology, Suki, is a voice-enabled digital assistant that is made specifically for professionals in the medical industry. Suki is designed to help doctors with patient documentation, giving them more time to focus on the bedside. The technology has the ability to respond to complex voice commands, using those commands to create notes that are clinically accurate. The program also has the ability to enter those notes directly into an electronic health record (EHR) system.

No voice technology is able to completely replace direct input, but it does reduce the need for it immensely. AI also reduces the instance of human error in the data input stage during medical transcription and dictation. The result is a significant time savings when creating and organizing medical documents.

Where the technology succeeds most is in leveraging AI to “teach” the program the idiosyncrasies of the physician that is using it. Eventually, the Suki that is used by an individual physician will become a digital scribe that is unique to that person, fully capable of note taking with very low input from the physician himself. Suki is based on successful commercial digital assistants like Alexa, but the nod to the medical industry is an essential one. Currently, commercial digital assistants do not have the ability to learn from esoteric medical terms or organize records in a way that is specific to medical watchdog standards.

Other speech recognition systems that are focused on medicine include Sopris Health, Deepgram, Saykara, Dragon Medical Practice Edition and Nuance.

The Link Between AI and EHR

Digital assistants for the medical industry must be specific to the industry for another reason – the mandatory use of the EHR in the industry. HIPAA standards now require EHRs to form a significant part of each provider’s data infrastructure. Any note-taking or administration program that claims to help the medical industry must follow the protocols set forth in HIPAA standards.

The fact that Suki and other AI driven technologies kept these standards in mind allowed them to more easily implement new features that are relevant to physicians. These features include customer-facing options such as imaging and X-ray integration and supply-side improvements like improved end-user response times.

EHR technology gives the physician room to dictate data on a patient while in the room seamlessly, but only with the right process in place. Having a digital assistant that is geared to dictate medical records saves huge amounts of time. Many doctors in the orthopedic and sports medicine industries report that they are saving up to an hour of administration time per patient.

With AI and EHR in tow, doctors have the choice to document the patient during the visit or after. This saves a huge amount of time during the initial visit, a time that is usually spent gathering the entire patient history. Experts believe that doctors will save even more time when patients begin to become aware of these technologies. As patients become more open to their use, more doctors will implement them with greater levels of comfort.

Patients can also take command of the notetaking process when AI and EHR are used correctly. As notes are being taken, some doctors actually encourage patients to chime in if there is a point of clarification or some information that has not been considered.

Patient and Clinician Satisfaction

It is well known that doctors are judged by their bedside manner just as much as their technical skill or knowledge of medicine. One of the major benefits of AI is the ability to reduce physician burnout, a phenomenon that reduces the ability of physicians to present a warm, empathetic bedside manner.

Initial studies on Suki show an average note completion time of 1.5 minutes, down from 4.8 minutes per note without Suki or any other voice assistant tech. This adds up to approximately one hour of time saved per day. More importantly, it increases the time that doctors can spend truly connecting with patients during the encounter.

Future Success

Although the advantages of AI are well documented, its success depends on a number of factors. Experts have stated that vendor support is essential for more widespread adaptation of the technology. There must also be more attention paid to the unique needs of the physician practice.

What Role Do Robots Play In Healthcare?

Robots Healthcare

Robots Healthcare

Artificial intelligence and robotics are poised to change the entire economic landscape over the coming decades, with an estimated 30% of existing jobs poised to be taken over by robots by 2030. Nowhere is this more evident than in healthcare. Many healthcare tasks are routine and prone to human error, making them prime targets for automation. At the same time, patients and ethics experts remain skeptical as to how robots may replace the expertise and compassionate presence of human medical providers.

Current Role of Robots in Health Care

Many people assume that robots in medicine remain years away, but the technologies currently deployed in medicine may come as a surprise. The first robotic device for surgical procedures, the da Vinci Surgical System, was initially approved by the Food and Drug Administration in 2000. It has performed more than 20,000 since, offering safe and reliable surgical interventions overseen by a human surgeon.

Surgery is not the only area of medicine where robots have made an impact. Powerful UV light-emitting robots disinfect surfaces and entire rooms, reducing risk of hospital-based infections such as MRSA or C. diff. Prosthetic robotic limbs interface with the nervous system to restore movement and the sense of touch to amputees. Automated dispensing robots limit medication dispensing errors in pharmacy settings. And clinical training robots offer lifelike simulations of medical conditions to help doctors during their training.

Future Applications of Artificial Intelligence and Automation

With each year, the role of automated systems in health care continues to expand. Industry experts predict a major shift in how health care is delivered over the next few decades. For example, robots are perfectly poised to increase access to medical services in rural or underserved areas. In a telehealth model, robots may collect routine clinical information such as a patient’s blood pressure, heart rate, breathing, and presenting symptoms. A remote specialist can then use the clinical information to make a diagnosis and offer a treatment plan.

Robots may also be deployed in rehabilitation settings to assist with physical therapy for patients with spinal cord injuries or neurologic diseases. Integrating robotics with virtual reality can help patients improve mobility, balance, strength, and coordination.

Human-sized robotics systems are not the only ways that robots may revolutionize medicine. Microbots or nanobots are tiny mechanical devices being developed to deliver drugs to specific sites. Currently, chemotherapy and other medical interventions cannot be specifically targeted to one area of the body. Researchers are developing microbots and nanobots made from biodegradable materials that can deliver medications without being attacked by the human immune system.

Limits of Robotics in Health Care

Despite the advantages of artificial intelligence and automation, there are significant drawbacks when considering how to provide high-quality clinical care. Take, for example, the experience of Catherine Quintana, whose 78-year-old father was taken to Kaiser Permanente Medical Center in Fremont, CA, due to chronic lung disease. Quintana was shocked when a robot rolled into the room to deliver some medical news — that her father was dying and that the only remaining treatment was palliative care.

Though extreme, this example points to one of the fundamental limitations of automation in health care. Even with cutting edge automation technology, robots are incapable of passing as humans. In particular, they cannot convey human emotions and struggle to handle complex questions. This limits the role of robots in health care. Though they may be used for some types of automation, when it comes to discussing complicated chemotherapy regimens with an oncologist or delivering the news that a loved one has Alzheimer’s disease, we continue to crave human touch.

Despite these limitations, robots have a clearly defined role in our medical landscape. Routine tasks with a high potential for human errors are perfectly poised to be taken over by automation. The ultimate question is how we, as patients, will react and adapt to this new era of robotic medicine.

Is Healthcare Ready For Digital Communications?

healthcare digital communications

healthcare digital communications

The healthcare industry is currently facing a crisis. Hounded by criticism of insufficient access to providers and poor bedside manner, skepticism abounds on the part of patients and their families. But with administrative tasks and paperwork at an all-time high, how can healthcare teams find the time to give their patients the attention and information they need?

Fortunately, digital communications have evolved in parallel, with new means for patient contact—from email through texts, apps through social media—developing with built-in security standards and measures. This wave of digital communications is smart to the potential risks of protected health information (PHI), and strives to be HIPAA-compliant wherever possible.

Ensure patients have all the content they need.

Today’s digital messaging lends itself to customization. Choose from emails, SMS text messages, designing your own app, using existing messaging apps (WhatsApp and its peers), social media, browser pages, and more.

From all of these potential avenues, the choice as to which is most appropriate will be clear based on the demographics of the patient population being served. While elderly patients might not be all over Snapchat, this group might tend towards a specific operating system and platform—e.g. the Apple iPhone—which could shed some light on the ideal communication platform to employ with them.

Formatting the materials to fit the platform being used while maintaining universal accessibility is another key consideration. But as the adoption of digital communication continues to grow and the number of solutions expands, these problems will be incurred less frequently.

Leverage AI for one-on-one attention—while saving clinical time.

The knowledge of which specific channels are preferred by patient populations being served can be used to build solutions that enhance the patient experience. For example, if 90% of patients access the provider’s website, a desktop-friendly chatbot could be a worthwhile investment.

Via advances in natural language processing (NLP), chatbots have been evolving to respond more appropriately to input than ever before. For patients, they reinforce an environment where it is not only safe, but even advisable for individuals to ask questions. These patients and their loved ones can get the answers they need without costing themselves or providers any additional clinical time.

Chatbot responses can be programmed to answer frequently-asked questions, as well as escalate potentially troubling scenarios. They can help handle feedback surveys and check-ins for patients who are post-op or who have chronic conditions. In fact, Gartner estimates that by 2020, 85% of consumer interactions will be managed using automated platforms like chatbots.

The form these AI interactions takes is not strictly limited to the written word. This flexibility in format allows accommodations to be made for any disability. People who have trouble seeing can use voice-activated platforms akin to Amazon’s Alexa device, so they can then hear the answers to their questions and use their voices to navigate through their options.

Sustain easy, consistent process automation.

Being able to program chatbots or other response-generating platforms to automatically provide content based on contextual cues ensures that information is delivered where it’s needed, and to resolve the questions patients, caregivers, and family members might have. Automation allows this to happen anywhere; patients are not bound to the clinic in order to resolve their queries, but rather can access the information they need anywhere—including in the privacy of their own homes.

Why not use these advances in the healthcare space to drive patient accountability, allow consistent communication, but also free up providers for situations where one-on-one attention is critical and does not lend itself to automation? Freeing up providers to intervene during emergencies or counsel patients emerging issues could drastically increase the rate of positive outcomes. Routine follow-ups and visits could be expedited, reducing their burden on clinical staff.

In fact, the use of digital platforms allows for the seamless integration of all of these solutions into patient administrations systems. This is how to render those systems the de facto central hub for patient communication and record-keeping. Using surveys to interact with patients also allows information and feedback to be gathered and automatically recorded to patient charts; everything from ‘bad days’ through missed appointments can be easily accounted for without any additional time spent by office staff.

This is a snapshot of where digital communications are currently, but it will only continue to evolve as the general public continues to incorporate these channels further into their lives. The most critical fact to keep in mind is that digital communication is what the public wants. For example, a recent Healthcare Communications survey in the UK found that 68% of patients surveyed wanted to be able to manage everything about their appointments online.

This might seem like a no-brainer as the number of digital consumes continues to grow with increased adoption. However, the fact that individuals are not becoming “burned out” on tech and digital communications but instead are seeking further avenues to implement it in their lives is significant. This bodes well for future implementations.

Staying ahead of the trends and making sure practices leverage the latest technology and communication will not only make sure patients’ needs are met, but will boost their morale and increase the likelihood that they will comply with provider recommendations.

Is Virtual Reality For Real In Healthcare?

Virtual Reality Healthcare

Virtual Reality Healthcare

Over the last couple of years, both the concept and the real world application of Virtual Reality (VR) has moved from the fringes of our imagination, into everyday use.

What was once a technology that was considered as only beneficial in computer games and futuristic projects designed never to come to fruition, is now infiltrating many areas of our lives. The military, education, entertainment, fashion, and even engineering are all being touched by the power of VR, but it is the healthcare sector where it is really making waves.

Notably, during the previous 18 months, something of a virtual reality revolution has taken place in terms of health-related applications. We may well still be in the early days of releasing its full potential for patients and medical practitioners, but so far it seems that VR is becoming something of a tangible reality in healthcare.

Here are just some of the pioneering ways that VR has been integrated into the healthcare industry to improve the lives or both patients, and doctors.

Autism Therapy

Around 1% of the global population sits somewhere on the autism spectrum. With no preventative methods, no cure, and little understanding of why it occurs, therapeutic treatments are the only way to help those afflicted. Language and speech therapy can offer significant improvements in an autistic individuals quality of life, but previously this therapy had to be done face-to-face. This posed a number of limitations depending on the location and level of mobility of the individual, and it also means doctors are restricted to practicing in certain geographical areas.

But with VR this doesn’t have to be the case. Some startups have begun to utilize technology to simplify the delivery of therapy to autistic individuals, without the need for travel. Products use VR to create social interactions by creating virtual characters in a digital scene. For example, instead of sitting in a doctors office and looking at toys on a table, the individual will see a panda in a virtual safari park that they can interact with accordingly. Each environment can be specially tailored to include the appropriate sensory environment for each patient- something that is hard to do in ‘real life’.

Virtual surgery

The concept of virtual surgery is being used in both to educate trainee medical professionals, but also to give surgeons a chance to rehearse complex operations before the real thing.

By allowing trainee doctors to conduct medical procedures in a VR situation, their confidence and experience can be built on significantly. Being able to perform a surgical procedure on a virtual patient means they can practice new techniques and skills in a ‘real’ setting, without ‘real’ consequences.

For more experienced surgeons, the ability to walk through a complex or lengthy surgery before having the live patient on the operating table can allow them to deal with a variety of outcomes, as well as to troubleshoot or practice tricky maneuvers.

Chronic Pain

Over 25 million people in the US alone, suffer with chronic pain. These people resort to the long-term use of painkillers and opioids which carry their own risks and contraindications, including addiction and death. As a result, doctors have been searching for a way to provide safer, more effective, and less problematic alternatives as quickly as possible. Virtual reality has been suggested as one way of doing just this and so far studies have show that it can help to reduce pain by around 25%.

Virtual reality therapy has been shown to not only reduce pain in patients, but to stop the brain from processing pain the same way. This can lead to reductions of in-patient time as well as decreased dependency on powerful prescription drugs. By helping to distract the minds of patients in pain, the world of VR can release stress which in turn contributes towards the alleviation of pain. Allowing patients to escape the four walls of hospital or their homes and to swim with dolphins, take a helicopter ride, or play a game of tennis, has a significant impact on their mental and subsequently, physical wellbeing.

Providing visual and motion-based experiences has been found to work in positive ways on several parts of the brain, leading to increased rehabilitation rates and enabling them to live a more normal and less painful life.

Restoring Vision

Vision impairment affects around 150 million people around the world, in varying levels. Whether it is age related or caused by a medical issue or injury, it severely impacts the patient’s ability to live normally.

Low vision is not easily treated with glasses, medicine, or surgery, and until recently, those afflicted had little choice but to learn to adapt. Now, with the use of VR, levels of vision can be increased by allowing the patient to magnify certain objects in a visual scene without losing sight of the rest of the environment. Certain software applications allow users to literally zoom in on certain things without impacting the rest of the ‘scene’. Users are then able to adjust the contrast, text, or ambient level, allowing them to carry out normal activities with more ease.

Care of the Elderly

When dealing with elderly patients, it can be difficult for younger medical professionals to understand the situation and limitations that age imposes on patients. For example, an age difference of 50 years between patient and doctor can create a significant disconnection between the two, resulting in frustration and breakdowns in communication.

VR, however, is helping to change this. By harnessing virtual reality technology, doctors and nurses are able to experience what growing old feels like or what recovering from a stroke is really like. Applications have been created where the user is able to experience life as an elderly person, see the world through their eyes, and experience as realistically as possible, how everything from movement to sight can be severely limited. It is hoped that this kind of experience will bridge the gap between elderly patients (especially those that are non-verbal) and caregivers to increase the level of care offered.

Brain Trauma Recovery

Strokes are one of the leading causes of brain trauma and to stand a good chance of recovery, patients need to start therapy and rehabilitation as soon as possible. In some communities and circumstances however, this is not always possible.

By using virtual reality, patients are able to practice regaining the functions they have lost such as moving their fingers or lifting their arms. Whilst the patients are not actually carrying out the actual movement, the motivation, engagement, and activity of the brain is improved through the use of audio-visual feedback. It is understood that this can lead to significantly improved recovery time for those who have suffered significant neurological trauma and injury.

Are Healthcare Providers Slow To Embrace Digital Technologies?

Healthcare Patient Communications

Healthcare Patient Communications

Medical appointments and doctors’ visits are not enough. Patients want more contact with their healthcare providers, without necessarily needing to schedule more appointments and spend more time in the waiting room. 74% of patients polled in a recent West survey expressed a desire for more communication beyond the medical office visit.

This hunger for more communication parallels the growing role of digital communication in daily life. These same patients note that they are 21% less likely to call their medical providers than they were merely seven years ago. Rather than pick up the phone, patients want to use digital channels—the same ones that they’re already using for other communication—to maintain communication with their healthcare team.

How communications preferences have recently shifted

A recent study by Duke University addresses digital communication in the clinical setting beyond just personal preferences. Their studies found that over 95% of the American population has a cell phone, making it a tool for healthcare providers to leverage. But the standout piece of data, in a world that wonders about deliverability and whether messaging is actually getting through to intended audiences, is that over 90% of text messages are read—and within three minutes of transmittal. This data carries over across all age groups and socioeconomic demographics.

University of Toronto researchers supported this data with their research on the different impacts that text and email have on conveying a particular message. They found that text messaging conferred a higher level of urgency, and therefore function better around task-oriented reminders. Emails are better received than phone calls—19% of millennials don’t even listen to their voicemails—but are better for lengthier context-setting or other more detailed information transmittals.

What provider communications patients currently want between appointments

Patients want contact that aligns with the digital channels that they are using. Social media engagement can be useful for general knowledge-sharing around trends, treatments, and even regulation, but social media is not where the public is hungry for provider engagement. They want personal contact along the two channels they engage with the most each day: texting and email.

Texting

Minimal-to-no onboarding is needed for patients via texting since they are already using this to communicate with everyone from loved ones through coworkers. Consistently greater than five out of every ten patients polled preferred text communication about all logistical aspects of their medical visits, including setting-up and confirming appointments, post-operative instructions, payment issues, and even the transmission of lab results.

The good news is that from 2017 to 2018, the number of patients texting with their providers increased from 5% to 17%. This indicates increased adoption of digital communication channels on the part of healthcare providers. However, this 17% figure is still low, particularly compared to the 69% of patients who explicitly noted the desire to communicate more with their providers.

While HIPAA compliance has been a big obstacle to personalized text message transmission—which might accidentally bleed PHI if providers are not careful—there are simple ways to structure this message to avoid sending over PHI, while still delivering what patients need.

Email

Email can help resolve some longer-term or more complicated issues faced by patients. For starters, email can help add transparency to billing and insurance coverage. Even in advance of visits—and surely after—estimates of treatment costs can be sent, broken down into highly itemized detail. This allows patients to make informed treatment decisions based on what they can afford, or even contest charges with ther insurance companies. Cost visibility and transparency is another way to build trust and rapport with patients, which will reinforce a positive clinical relationship.

Email correspondence is less urgent than text messaging, but still timely and pressing. Because of this, it can be a powerful tool for reminders as well as education. Some patients have chronic diseases, but ongoing education and community-building can be helpful in managing their conditions; this can be achieved through regular emails. Healthy and ill individuals alike can benefit from education regarding disease prevention and wellness, which is easily transmitted via emails.

There’s an additional layer of education inherent to this information sharing, relevant to expectation management. By owning the sharing of reliable medication, a provider helps guide their patients to quality information and thus reduces the likelihood of misinformation. Pointing patients in the direction of useful resources has further benefits by structuring their vocabulary, and conveying the sorts of topics and conditions around which the provider is an expert to be consulted. Rather than bombarding patients with this information during the time of an office visit, this allows patients to absorb information at their own time and pace; office visits, in turn, become more focused around acute conditions as well as examinations and other activities that require face-to-face interaction.

Surveys

This one might come as a surprise, but 53% of patients are open to completing surveys for their healthcare. Surveys help standardize responses and reliably collect answers. While this can also provide statistics that could be useful for research and professional discussions, this can directly and positively impact patients by ensuring they get the appropriate medical response—and quickly, because specific replies can automatically trigger particular pathways and flag providers to take action.

Some health situations work better than others for survey follow-ups. Chronic conditions, new medication, recent procedures, and hospitalizations are some of the common patient experiences where surveys could help track outcomes and make sure providers intervene when necessary.

How healthcare can use automation on these channels to strengthen connections with patients

Patients don’t need to see the details behind the digital solutions put into place; they need to feel the effects of these solutions through the perception that they can reach their providers when needed. And if providers—with schedules already jampacked—are effectively increasing their availability to patients by opening up new lines of communication, something’s gotta give. This is where automation comes into play.

Implementing digital solutions in the health space comes with some upfront set-up and ongoing maintenance, but it also opens the door for the use of tools to automate parts of patient correspondence. These changes create a more positive patient experience, and drive patients to experience partnership with their providers in ways that could encourage their compliance and hence generate better outcomes.

What does this look like? Automate reminders and follow-up surveys to keep patients on track, and use chatbots strategically to help field the easiest and most common questions that pop up. Automation allows for easier, consistent follow-ups with patients after procedures and hospitalization, allowing for earlier interception of any issues. Treatment adherence can be reinforced with automated reminders, without utilizing support team and administrative time.

Using automation frees up provider time for cases that require one-on-one attention, or even generally allows more time for patient consults. Without compromising bedside manner—if anything, enhancing it—providers can increase the amount of support they give to their patients, while freeing up more time of their own.

The healthcare industry has been slow to adopt these new digital communications channels. As a result, providers are missing out on opportunities to connect with their patients and give them the modernized healthcare experience that they seek. Above, we have broken down the key trends in digital communication. We’ve addressed the key directions in which healthcare providers can move in order to stay up-to-date and well-connected with their patients. Even if a comprehensive overhaul of digital communications is not possible, just implementing one of the strategies listed above could go a long way in reinforcing positivity in the provider-patient relationship. Progress is being made constantly to improve security in ways that help ensure HIPAA compliance, and so there really is no reason to abstain from pursuing these trends and giving patients the digital communications experience they’re seeking.

Michigan Still Feeling The Pain Of Recent Ransomware Attack

Michigan Healthcare Ransomware

Michigan Healthcare Ransomware

With nearly a million patients affected, the recent ransomware attack on a Michigan healthcare billing services provider continues to cause waves in the industry.  

Close to a million Michiganders are finding that their healthcare information may not be as secure as they thought it was, according to Michigan’s Attorney General Dana Nessel. Unfortunately, the personal health and financial information of these individuals were part of a massive ransomware attack on a third-party subcontractor who prints and mails bills for healthcare organizations in the area. While the attack happened back in September 2018, the far-reaching repercussions are still being identified over six months after the breach occurred. These unlucky individuals are discovering that a vast array of information was impacted, including social security numbers, dates of birth, personal addresses, names, medical information, phone numbers and even information about their insurance contracts. It took nearly three weeks for the contractor, Wolverine Solutions Group, to regain access to their data after the ransomware attack.

Healthcare Organizations Are Often Targeted by Hackers

Due to the high volume of personal, financial and health information available, healthcare practices and associated organizations such as Wolverine Solutions Group are often the target of cyberterrorists. The information that is stored within the vaults of these companies is extremely attractive, both for the data points and the perception that healthcare organizations will pay handsomely to regain access to their crucial healthcare data in the event of a ransomware attack. Ransomware costs American small businesses more than $75 billion per year according to Datto, a staggering sum when you consider that this downtime can result in costs upwards of $8,500 per hour. Ransomware is increasingly becoming a part of the technology landscape, as cybercriminals perceive it to be a relatively easy and untraceable payday due to the rise of anonymous digital currency such as bitcoin.

Was the Record Encryption Strong Enough?

One of the questions that cybersecurity professionals are attempting to answer is whether or not the encryption that was applied to the records was enough to protect the records from the cybercriminals. In the case of ransomware, the Wolverine Solutions lost access to their data for a period of approximately three weeks. During that period, it’s still unclear whether the cybercriminals attempted to break the data encryption — and if they were ultimately successful, where that data might have been shared with others or sold on the dark web. While a security firm brought into investigate initially felt that the attack was strictly focused on gaining ransom money, that has yet to be independently corroborated.

Patient Notification and Next Steps

Patients who were potentially affected are being notified by Wolverine Solutions Group, an expensive and time-consuming process as it requires multiple contact methods and a great deal of support. The organization is also providing complimentary credit monitoring and identity protection services for the affected patients, an additional cost that must be considered a part of the loss. These services will all be provided for the period of a year, while patients worry and wait — wondering if their personal health and financial information is in the hands of cybercriminals somewhere in the world. While Wolverine Solutions Group technology leaders note that they are taking steps to ensure that this type of attack doesn’t happen again, this negative publicity has likely affected their business in ways that will continue to be seen for years to come.

While it’s nearly impossible to create a system that cannot be breached, this instance illustrates the importance of having proactive, advanced backup and data protection processes in place. Cybercrime is rampant throughout the world, and there are no businesses that are truly immune from the effects of a major attack. Wolverine Solutions Group is merely the latest in a string of healthcare organizations that suffered from this type of aggressive ransomware attack and join Hollywood Presbyterian Medical Center and other large healthcare organizations in the growing list of targets.