Google is already one of the largest tech companies in the world. So. it is noteworthy that it has recently been angling to expand the reach of its influence. Through aggressive acquisitions, Google has been able to enter into the worlds of consumer electronics, artificial intelligence, and home automation. Now, Google is trying to change the world of public health as well.
They are doing this through the use of new and existing technologies. And, by leveraging the massive amounts of data it has at its disposal. Data, by the way, that the company generates daily.
Google absolutely dominates the world of search engines. It holds over 92% of the market. Further, it receives an astonishing 70,000+ searches per second. This translates into nearly 6 billion daily searches on average.
Though these numbers are already enormous, Google shows no signs of slowing its growth. In fact, as more and more people across the world gain access to the internet, they turn to the search engine for answers to their most burning questions. Many of these questions relate to their personal and family health.
Google is able to use these trillions of yearly searches to learn what people are searching for in regards to health. And, they are using this information to track and monitor illnesses and ailments around the world.
One interesting way that Google is using its ability to monitor public health is through tracking search terms that are generally associated with common sexually transmitted infections like gonorrhea and chlamydia.
In 2015, the Centers for Disease Control gained access to Google’s search term data. The ultimate goal was to anticipate the spread of preventable STDs as well as initiate outreach for treatment. Access to data of this type invaluable to public health advocates because the searches can be tracked city by city. This, therefore, provides highly accurate, location-specific data that can be used to predict the potential spread of STDs before they become a public health crisis.
Google search terms have been used to estimate the effectiveness of flu vaccinations. They have also been used to determine whether or not certain drugs have potential long-term negative effects that patients aren’t reporting to their physicians.
While many of the outcomes from using Google’s search data are generally positive, the ethics of its use have been called into question with many wondering if HIPAA violations are occurring through this spreading of data. Though Google assures that the data it provides is anonymous, it could still be possible to identify individual users through cross-referencing, potentially putting their privacy at risk.
Big Data is big business across virtually every industry. And, of course, data doesn’t get much bigger than Google.
While many companies face a challenge when trying to implement data analysis into their business models, Google does not face issues of budgetary restrictions, lack of qualified staff, or bad data in the form of outdated information.
Google’s bread and butter revolves around gathering useable data. So when it comes to collecting data pertinent to public health, there really isn’t a company more suited for the job.
In the world of healthcare, big data helps hospitals learn who is at higher risk for readmission and enables hospitals to engage in large-scale community testing to develop drugs more quickly. Additionally, patient-generated data gathered from various devices and sensors give doctors vital insights into their patient’s overall wellness and health in their daily rounds.
Patient-generated data also assists in biomedical research and helps to monitor dehydration risk in cancer patients by tracking heart rate, blood pressure, and weight in patients. The goal here is preventing falls and injuries associated with dehydration, ultimately reducing hospital and emergency department visits.
Google is utilizing its massive data sets in an ingenious way. By using it to power AI that might be able to detect the early signs of lung cancer that oncologists might miss initially. In order for AI to work properly, it needs to have the largest data sets possible that are also readily available to them.
Fortunately, Google is more than capable of providing that data for its AI to function. Early detection is vital in lung cancer cases to increase survivability. This is because early signs are often subtle and hard to detect. Google’s AI can review initial CT scans to potentially find anything that an oncologist might have missed. This technology could possibly lead to an increased survival rate of 40%.
Rapidly developing technology isn’t always the best in a healthcare setting. No one wants their doctor distracted by a device in their pocket while they are supposed to be providing quality care. However, these technological advances are great for the world of healthcare.
Google’s cancer-detecting AI isn’t the only emerging tech being used to improve public health. In fact, Google is helping to open the doors to many technological advancements that may one day revolutionize the field of public health.
Alphabet’s Sidewalk Labs (Alphabet is Google’s parent company) is rolling out a program called Cityblock Health. It’s the goal is to meld technology with new care models to better serve underserved populations.
The idea behind Cityblock Health is to shift the care balance toward prevention and community support. They are doing this by attempting to change multiple aspects of the healthcare system such as insurance offerings to provide interoperability to patient education.
In order to achieve this, the company will use a custom-built platform called Commons. It is an integrated platform for smartphones, tablets, and computers that will be easy to use and access.
Technological innovations like Cityblock Health and Google’s cancer detection AI are just a taste of how the world of public health is going to change in the coming years.
Some of the other promising ways that tech is angling to change the world of healthcare include,
Additionally, in the near future, virtual reality and augmented reality (perhaps with the help of Google Glass) will revolutionize surgical simulations, diagnostic imaging, and overall health management.
Google isn’t the only tech company with skin in the game when it comes to improving public health. But it is one of the most visible companies making concerted efforts to enter the field.
Google is poised to become a major player in the world of public health through:
It will be fascinating to watch how this all plays out.
Love our content? Want more information on AI, Data & Analytics, and New Technologies? SIGN UP FOR OUR WEEKLY NEWSLETTER HERE**
Enormous amounts of patient information and financial data make the healthcare industry a prime target for cybersecurity threats. Hackers and other malicious organizations seek out everything from individual medical records, billing details, and log-in credentials to clinical trial and research information through systems, servers, or apps.
Today, patient portals, internet of things (IoT) devices, electronic health records, and other connected systems are in greater use than ever. They provide lucrative, often easy-to-access new channels through which to launch threats. Healthcare providers are the main victims.
The 2019 Breach Barometer noted that healthcare providers accounted for 70% of all entities reporting cyberattacks. Health plans followed at 12% and other healthcare-related entities were next at 8%.
But it doesn’t stop there. Even business associates of HIPAA-covered groups were targeted, potentially as a means of back-door access to healthcare organizations’ data.
Exacerbating the problem is the cost of cleaning up after a cyberattack. Healthcare data breaches cost an average of $408 per record to resolve. This is nearly double the cost in the financial services sector that came in second at $206 per record. The lowest costs were in the public sector, which totaled just $75 per record.
Below are the top cybersecurity trends to be aware of in 2019.
From 2017 to 2018, there was only a small annual increase in the number of healthcare data breaches. This is according to combined information from databreaches.net, the U.S. Department of Health and Human Services (HHS), and state attorneys general.
This is good news, right? The answer is “wrong.” The number of healthcare records exposed in those data breaches tripled year over year, going from more than 5.6 million in 2017 to nearly 15.1 million last year.
Increasing steadily over the past three years, hacking accounted for more than 44% of all tracked healthcare data breaches in 2018. There’s no doubt that this momentum will continue to grow as hackers become more sophisticated and attempt to stay several steps ahead of health IT professionals.
More than 28 years after the first ransomware attack, the healthcare sector continues to be a top target for this malicious software. In 2018, healthcare accounted for more than one-third of all ransomware attacks, followed by financial institutions and professional services firms, at 12% each.
Many of the targeted victims are large hospitals and healthcare organizations. However, the majority are small and medium-sized enterprises (SMEs). These victims are particularly vulnerable since they’re often ill-prepared for such an attack. In fact, 71% of ransomware attacks last year victimized these types of enterprises in healthcare.
Threats take the form of email attachments, messages, pop-ups, and other malicious software that can give access to files or systems, block users’ access, and hold organizations hostage until they pay a ransom — sometimes in the millions of dollars — for a decryption key. The success of these attacks and the financial opportunity associated with them will result in ransomware becoming more frequent and aggressive.
As healthcare providers continue to leverage IoT to monitor individuals’ health and provide needed care, the number of IoT-based attacks, particularly on hospitals, are expected to rise. Published reports predict that IoT attacks will account for 30% of cybersecurity incidents in 2019. They are expected to increase 500% in just two years — from 50,000 in 2017 to an estimated 300,000 this year.
The vulnerabilities come as greater numbers of unprotected IoT devices connect to healthcare providers’ IT networks. Until the industry focuses on securing IoT communications, cyberattacks driven by IoT botnets are expected to be more pronounced and larger in scale.
While the predictions for growing cybersecurity threats should continue to raise alarms within the healthcare sector, there are some clear, proactive steps that organizations should take now to defend against potential attacks.
Healthcare organizations must raise awareness about the severity and growing threat of cyberattacks. They must also take steps to secure the enterprise and access to data.
By doing so, they can more effectively mitigate their risks and reduce their financial and regulatory exposure to threats. It will also protect data and systems that are crucial to their day-to-day operations and patient health.
Cyber attacks continue to pose a problem for every industry, but especially healthcare. To date, over 89% of healthcare corporations have experienced a data breach in which patient records were compromised or stolen. With so much critical information at stake, the need to protect sensitive data is at an all-time high.
Mobile devices are infused widely into the infrastructure of all types of healthcare facilities and organizations. This provides staff access to online resources whether they are on the premises or working remotely. Additionally, individuals who visit these facilities are also allowed some form of online access to use their devices.
To avoid putting the privacy of sensitive medical data at risk, encryption methods must be implemented within the devices healthcare professionals use. If not, they could easily be compromised if left unattended or lost. This reinforces safety protocols and prevents unauthorized users from accessing the data. Firewalls must also be configured to allow online access for visitors without providing gateways to breach the system.
There can never be enough training for individuals who help run the day-to-day operations of a facility or practice. From top management to front desk employees, everyone must be on the same page when determining what data comes in and out.
It is also helpful to do the following:
Many organizations conduct drills to determine who understands the protocols and who needs additional training. Employees should be able to recognize a malicious email that is attempting to come through the system.
Password breaches are another big problem in healthcare facilities. Employees must be trained to keep their password confidential at all times. Further, the system should automatically prompt a password change every 30 to 45 days.
There is nothing worse than having an archaic system in place to protect sensitive data. When housing data such as medical files, be sure to follow rules and regulations that are available on a national level.
One of the best ways to maintain regulatory standards is by consistently updating the technology used within the facility and by the employees on and off campus. Antivirus software, digital signatures, and a strong firewall can help.
Implementing a HIPAA-approved system where patients can submit their paperwork online before reaching the facility can also deter cybercriminals from accessing the data.
The system should have authentication protocols, identity verification, and an audit trail that shows every action the patient takes, and the actions taken by the facility.
In every instance, when handling sensitive medical data, there should be a documented trail on who accessed the system, when, where and what actions they performed. If a change needs to be made, there should be an authentication method to ensure the right person is able to make those changes.
Healthcare organizations that handle sensitive medical data must be careful with the vendors they select to conduct third-party protection. When searching for software vendors, making sure they have HIPAA-certified protected systems is key.
Additionally, they should be given a copy of the security manual to ensure everyone is on the same page. It is important to ensure they have stringent security standards. They must meet or exceed those of the organization, with privacy, shutdown and authentication features that accommodate those needs.
Every healthcare facility should have a plan in place in the event of an emergency or disaster. Provisions for their files to be accessed from a remote storage location should be included in the plan.
In some cases, this storage may be in the cloud. In other cases, confidential documents are maintained in another building.
Organizations must implement procedures that limit their data footprint while protecting the patient and adhering to the law.
Utilizing digital signatures allows the healthcare organization to maintain the signatures while the vendor deletes its copy. This ensures the files are kept confidential with no additional risk of being compromised by a third party.
Acquiring the best HIPAA compliant software for the organization is the first step in protecting sensitive medical data.
There are a few options on the market that have been highly rated and compliant:
Surfshark provides private access to the open internet, allowing users to safely access content for those who need privacy with no digital footprint. All traffic sent to and from devices is secure, with malware and phishing attempts immediately blocked. Unlimited devices or certain devices can be connected at different levels.
Google G Suite is HIPAA compliant and ISO-27017, which provides the highest levels of security with cloud-specific information security controls.
Microsoft uses independent third-party testers to ensure protected health information (PHI) is not at risk. This can also be integrated with certain medical systems for continuity within the infrastructure.
Specifically built for small medical practices, this software has several certifications, including one from the Electronic Healthcare Network Accreditation Commission (EHNAC).
This software helps to create and managed HIPAA compliance data and forms. It can be integrated into G Suite and Dropbox.
A real-time cloud storage solution and disaster recovery service, this HIPAA compliant software offers features such as remote desktop device wipes, file locks, team collaboration tools and more.
This software offers a disaster prevention backup service that keeps the organization prepared for potential data failure caused by a disaster or technical issue while protecting the organization from ransomware.
Having custom solutions available to protect sensitive data and prevent security breaches is more crucial than ever. These tips and software recommendations can be used to help organizations protect their infrastructure, employees, and clients against breaches that could severely impact privacy standards now and in the future.
Healthcare facilities are continually battling conflicting priorities. Customers demand that hospitals deliver high-quality patient care while ensuring patient safety, meeting regulatory demands, and maintaining facility security.
And they expect them to do it – with stretched resources. Treating patients is far from the only concern that hospitals are facing today.
Medical facilities are also dealing with ever-growing threats to patients (physical and otherwise) as well as their information. With data and technology now an integral part of healthcare, cyber attacks occur more often than threats of physical violence to patients and staff. But hospitals must be prepared to deal with both.
Patients are more concerned than ever about their personal data security. A report from TRUSTe and the National Cybersecurity Alliance showed that while 74% of consumers trust their information with healthcare providers, up to 90% of them worry about their privacy online and the risks that come with disclosing personal information.
Let’s have a look at some of the threats that hospitals face and how they are moving to protect patients, staff and their valuable data
Hospitals are vulnerable to violence and crime from and directed towards visitors, patients, and occasionally their own staff members. Some of the top physical security issues that hospitals face today include:
Considering that healthcare facilities are often open 24/7, ensuring hospital security must be a priority. The answer to these physical threats lies in understanding the internal and external threats that they could potentially face. This plays a critical step in helping them improve security measures and systems across the facility to ensure everyone’s safety and smooth operations.
Related Content: How to Survive a Hospital Shooting
Hospitals must, at a minimum, do the following:
The healthcare industry has quickly embraced electronic records and data tracking innovations to make it easier and faster for consultants, vendors, and third-parties to access patient information efficiently. Unfortunately, this has created new patient privacy and data loss concerns.
Data breaches and network disruptions are the top concern for healthcare facilities today, as they can easily jeopardize security, operations, financial stability, and reputation.
A look at some of the biggest healthcare data breaches of 2018 will show you how serious this issue has become. For instance, UnityPoint Health had 1.4 million patient records breached through a phishing attack. It was the largest biggest healthcare data breach in the U.S. in 2018.
Cybercriminals are becoming more sophisticated.
Related Content: The Preventable Danger of Patient Identity Errors
To protect patients and their information against the ever-growing threat of data breaches, hospitals must be ready to embrace the latest data privacy regulations and be aware of the threats that data storage and access to healthcare systems pose.
Here’s what hospitals should do to ensure better data security and improve overall IT security:
With growing threats like ransomware and malware, cloud threats, misleading websites, phishing attacks, insider threats from employees, encryption blind spots, and vulnerabilities in IoT medical devices, it’s easy to see why cybersecurity matters for healthcare facilities.
Data breaches can cause huge financial losses, cost hospitals their reputation and lead to heavy penalties for non-compliance.
The frequency of cyber attacks is increasing every day – it’s no longer a matter of “if” but “when” they’ll happen to your facility. To protect patients and their information, hospitals need to embrace cybersecurity best practices.
These practices include:
Healthcare facilities continually face both physical and cyber threats even as they gather and store more patient data than ever before. Hospitals must be prepared to protect both patients and their information.
The truth is, most healthcare facilities are not keeping up with the latest security standards and infrastructure. Despite the industry promising a lot in terms of innovative technology, medical advances, telemedicine, healthcare apps, and AI-driven diagnosis, we still have a long way to go to boost patient confidence in health facilities and the way they handle both safety and privacy.
By ensuring more transparency when handling patient data, communicating security measures to patients, establishing strict behavioral policies for all personnel, emphasizing on employee education, and developing data security and breach response policies, hospitals can be better equipped to deal with any threats, and ultimately protect patients and their information.
It’s a lot to do, but it must be done.
Most of us don’t think twice about getting on a commercial airline. The odds of dying on even the worst 39 airlines is 1 in 1.5 million or a .0000006% chance of death. This is more than five times better than Six Sigma quality (defect levels below 3.4 per million).
In a 2012 study published by The Lancet, mortality rates for surgery, up to two months post care, are 3.6%. Obviously, this is far from Six Sigma quality. Meanwhile, surgery volumes and outcome data are not publicly available to study.
Remember the Malaysian Air Flight 370 that disappeared March 2014 killing 239 people? The global airline industry responded by augmenting global tracking procedures improved to mitigate similar future tragedies.
This is an example of an industry learning from failure and applying new standards to improve outcomes. We can learn something here.
A friend mine called to offer a sunset test ride in a Learjet 45. He’s the Captain for Caterpillar Aviation with over 14,000 hours flying all types of aircraft – even acrobatics. This is a hot rod of an airplane. It can do zero to rotate in only a few seconds and is capable of 535 MPH or 81% the speed of sound.
Earlier that week, a pre-flight check identified a warning indicator. The landing gear and back-up aileron hydraulics showed a pending failure in 20 operational hours.
The Learjet has an information system so thorough, connected, and well programmed that it tracks the time to failure for all critical flight systems based on historical failure. The flight crew is alerted when components are due for replacement before they actually fail – which could be in flight.
Bombardier, the manufacturers of the Learjet, collected data and programmed what it learned about critical failures in systems. They have also created a live indicator. Their goal was to have a great outcome: flight safety.
In this case, the parts were inexpensive brushes in a motor that drives a hydraulic pump. Sometimes the smallest things, combined with experience, have the potential for a large impact on quality.
Standard FAA quality procedures mandate that following maintenance on critical systems, a non-commercial test flight must be made. The fuel for the test flight costs more than the brushes. But the ride at sunset was a beautiful thing – lucky me!
Just like the flight system algorithms and indicators removed the impractical work of checking brushes before each flight, well-programmed healthcare algorithms, starting with structured historical data can do the same. An oncology project proved it. I’ll get to that in a bit, but first, more about data.
Have you ever heard of dirty data? In a paper published by Datamark, analysts from Merrill Lynch, Gartner and IBM agreed that between 60% and 80% of health data is unstructured.
It is referred to as “dirty data” meaning it’s not in a defined field like name, address, city, state or zip. Unlike defined fields, unstructured data cannot be easily sorted and mined. It includes physician notes and impressions, a paragraph in the EMR from the nurse, or even an image.
In addition, data in healthcare are not interoperable or translatable between systems. Unfortunately, not much interfaces with much else. Instead, there are disparate, unconnected systems and uncommon languages.
Natural language processing (or NLP) technology interprets spoken or written language. The limitation lies in its inability to semantically distinguish true meaning or lexicon.
For example, words might say “this is the third time I ordered this meal.” Does that mean you were so pleased in the past you came back and ordered the same thing two more times? Or, does it mean you’ve placed your order three times and still don’t have it?
Advancing to natural language understanding or NLU is the next step to contextual, semantic understanding of unstructured data. Development is underway in companies like Digital Reasoning and Cicayda who analyze e-documentation in legal reviews and discovery.
Working with a very large oncology group, my company studied drug utilization appropriateness against patient outcomes. We looked at about 300,000 encounters over 2 years.
The lead oncologist, who is both brilliant and humble, wanted to know what was going to happen to patients before they treated them. Looking at the impact of oncology drugs was a great place to start.
Using defined non-Personal Health (Patient) Information (PHI), prescription orders from four different EMR systems and lab results, we programmed the EMR detail data against drug manufacturer’s guidelines.
Forty-one percent of the time, drug utilization fell outside guidelines, including
The impact on patients, measured through outcomes (e.g. blood work) revealed the result. The financial impact of inappropriate use was easier to score at $16 million.
The algorithm for the oncology equation worked. It consolidated the collective training and experience of physicians and scientists encapsulated in one place making for easy reference and guidance against real data from disparate systems.
This is the first step toward an automated indicator of future quality, using historical outcomes to guide treatment decisions.
In a directionally similar step, Medicare has mandated medical imaging begin using Clinical Decision Support tools January 1, 2021.
This mechanism uses past treatment efficacy to advise clinicians to the most appropriate procedure. While it uses static unconnected data, it’s a good start. It provides guidance to help those busy ER docs order the right exam.
We must transform practice (try this) into science (know).
Health data challenges are complex but can be overcome with planning, communication, and strategy.
“Processes and standards should be driven by evidence and outcomes”
This is the direction in which we need to be pointed.
Let’s start by using consolidated historical data from clinical information (not just claims data) combined with the collective experience of clinicians to inform better clinical decisions and not just create post-encounter reports.
Capable technology that can accept disparate defined data is proven. More complex, but also proven is capturing the subject matter expertise of clinicians in algorithms.
Combining data and automating functions can produce active, stratified, evidence-driven guidance. No artificial intelligence here.
Augmented Intelligence, rather than artificial intelligence, is a more accurate representation. It distills the details of every encounter, treatment, and outcome to guide future treatment. It does this by consolidating the experiences of many and sharing it as universal guidance easily stratified by user preference. This approach will drive quality outcomes and value.
A bee swarm is a force to be reckoned with. Working in the yard the day after my ride in the hot rod Learjet ride, I enjoyed the full wrath of one.
After the fired-up little bees got under my clothes, they succeeded in stinging me in all sorts of unimaginable locations. It was a display of amazing coordination.
I’m lucky I don’t have an allergy to bee stings and am thankful for 100mg of Benadryl. The point is that the smallest things, when coordinated with great communication, can have a fierce impact on change.
These small creatures are a great illustration of the power of aligned goals with common communications and a strategy, producing an effective force that drives away perceived danger.
The current trajectory of healthcare indicates that we will miss our flight safety targets if we don’t get to work…starting with the small things. While public transparency and automated clinical risk indicators from common data remain elusive, the good news is, progress is taking place, albeit often in silos.
Please comment below or drop me a line at [email protected] I’d love to hear your ideas and progress.
Let’s face it—healthcare is increasingly going digital with electronic record-keeping and cloud storage, telemedicine and artificial intelligence, among other applications for technology in the sector.
However, with this continued growth and the incorporation of technology within the health systems, the importance of healthcare data security is now looming more than ever before. Even with technology significantly benefitting the healthcare sector, it is also not short of some drawbacks, and one of the most prominent downsides is the difficulty in safeguarding personal patient data.
Currently, healthcare data is undoubtedly among the most sensitive types of personal information in existence. As such, it is no surprise that it ranks high among the most sought after, not to mention frequently breached, type of data. Healthcare records are gradually becoming a more attractive target for hackers, making patient data security an increasingly challenging task.
With this in mind, to adequately safeguard patient data from cybercriminals and data breaches, healthcare organizations and relevant stakeholders need to implement comprehensive security measures to protect patient data from these looming security risks.
So how can they improve on patient data security? By adopting a complex and multi-faceted approach to security.
Below are five useful tips to assist health systems and hospitals in reinforcing and better enhancing the safety of their healthcare data. These security practices and measures aim to help these organizations address imminent risks to data privacy, keep pace with continually evolving threats and also effectively protect patients’ personal information.
The “human element” remains among the biggest security threats across multiple industries, healthcare included. According to recent statistics, most security breaches are a consequence of human factors. Negligence or simple “human” error can wreak havoc and produce expensive repercussions for healthcare organizations. Additionally, although only a select few practice staff would directly steal PHI (Protected Health Information), they could however unsuspectingly introduce malware into their network by succumbing to phishing email attacks among other social engineering hacking tactics.
Nonetheless, in many instances, security training can help prevent such types of breaches. Security awareness training not only equips healthcare staff with the essential knowledge necessary for making wise decisions, but it also ensures that they use appropriate precautionary measures when handling patient data.
Healthcare organizations can either purchase HIPAA online security training or subsequently get training from other medical organizations and hospitals for free.
Experts recommend that healthcare organizations perform risk assessment sessions on a regular basis to determine the vulnerabilities of their systems. By identifying weak links within their data security systems, healthcare organizations can effectively fix any issues before they arise. HIPAA compliance rules mandate for healthcare organizations to conduct a security risk assessment annually or as changes to electronic systems occur.
Similarly, healthcare organizations should also initiate such practices to adhere to the criteria of MIPS (Merit-Based Incentive Payment System).
It is a good idea for healthcare providers to even consider conducting these assessments more than once yearly-perhaps monthly or quarterly for maximum safety.
Related Content: How To Properly Protect Patient Data
Controlling access to private health records is also another crucial way of enhancing the overall security of patient data. How can organizations do this? By ensuring that only the certified and essential personnel are granted access to sensitive data. This reduces the risks of data breaches and theft.
When you implement access control, you can effectively reinforce healthcare data security. This is by restricting access to specific applications and sensitive patient information only to the individual needing access to carry out their duties. Access restrictions require user authentication, and this ensures that authorized users only gain access to protected healthcare data.
Multi-factor authentication, which mandates for users to verify their identities through two or more methods of validation, is among the most-recommended approaches you can use.
Furthermore, whenever possible, healthcare organizations can engage this essential personnel in their two-factor authentication. You can incorporate thumb scanning and retina scanning technology or subsequently adopt a mobile authentication system for all the staff with access to sensitive records and then log them into the security system.
Some security systems can even allow you to create distinct passwords and logins for every staff member you would like to allow access to confidential data. By diversifying access keys in such a manner, these organizations make it more difficult for any hackers or outside individuals to crack and breach their code.
Encryption is undoubtedly among the most effective methods of data protection across all industries, not just in healthcare. Data, either in-transit or stored, needs to be encrypted on every device within the system. This includes computers, cell phones, USB drives, tablets, and laptops.
Encrypting data allows healthcare organizations and stakeholders to minimize their susceptibility to data breaches and cyber attacks effectively. Encryption ideally makes it harder (virtually impossible) for a hacker to decipher personal patient data even if they manage to breach and subsequently gain access to the information.
While HIPAA offers recommendations, it does not precisely mandate health organizations to adopt data encryption approaches in their rules. It instead leaves room for healthcare organizations and related stakeholders to decide on the appropriate type of encryption methods along with other necessary measures based on the workflow of the organization as well as other needs.
Extraction of data from unencrypted stolen devices can amount to millions of dollars in losses.
Finally, establish role-based access to patient data. Numerous systems will usually allow healthcare organizations to uniquely configure their software subsequently limiting different system levels to different personnel. Each staff member has a login or key which restricts their access to only the section of the program they need as well as its limited related data.
For instance, in a health provider system that includes a practice management system, the organization’s receptionist might only need to utilize the scheduling application. In such a case, role-based access cannot allow the individuals to gain access to any financial or clinical data of the organization.
With this approach, the health provider can effectively boost privacy and subsequently prevent usage of PHI in committing fraud, for instance. What’s more, where a user misplaces their password or it is stolen, since he or she only has limited access to the system, it limits the total damage an intruder can cause.
While taking a sophisticated, multi-faceted security approach and measures may appear exhausting, where valuable and sensitive patient healthcare information is at risk, these additional security measures can guarantee protection.
To effectively keep up with the continually emerging security risks, it is crucial for healthcare providers to improve their data security and protection with these few approaches. This is in addition to the HIPAA rules as well as other regulatory-compliance initiatives which are also a solid starting point for establishing an effective data protection system and avoiding costly consequences.
Nonetheless, their efforts should go past just compliance to guarantee that sensitive and confidential patient data is well safeguarded against imminent threats today.
Ever increasing computational power, advances in artificial intelligence and lower computing cost (because of cloud computing services such as Azure and Amazon Web Services) has enabled healthcare systems – often laggards in quality improvement and technology adoption – to rapidly implement analytics systems. Such systems enable enterprises to analyze and model their processes, engage in meaningful quality and process improvement activities, and prepare to succeed in value and risk-based payment models.
Hewlett Packard Enterprises recently published a piece that delineated some of the benefits that enterprises can gain from analytics (specifically the predictive form) –
Even enterprises with existing, legacy analytics systems – for example, those that mainly work with claims-based data or lack predicative or real-time capabilities can obtain the above efficiencies with enhanced analytic capability.
A modern data warehouse must be flexible, SQL-enabled, cloud-based, and highly secure. Snowflake Computing’s cloud-based infrastructure is an example of one such system which can be easily scaled as it is offered to clients with usage-based pricing. A data warehouse alone, however, is not sufficient for an enterprise. Tools must be provided to prep, transform, and perform analysis on the data.
Alteryx Designer, one such tool, allows analysts to prep and blend data from heterogeneous sources – e.g., CSVs, databases, Excel files – in an efficient and reproducible manner, and, more importantly, it includes spatial and predictive analytics. This enables organizations to move from retrospective and barely actionable data to immediately actionable real-time predictive analytics.
The implementation of an analytics system (or the migration of a legacy system) is not a project to be undertaken without serious thought how change is managed within an organization. Many facets of an organization will be impacted by such projects. Matthew Morris, Lead Data Enabler at an international wholesaling club based in Washington State who has overseen both the maintenance of legacy analytics system and the migration to a modern one using a team from Decisive Data and Alteryx’s tools noted some key behaviors or strategies that should be taken to ensure a successful project:
The project plan exists for the organization, not the organization for the project plan.
Using these tools and methodologies will help healthcare organizations successfully implement or migrate analytics systems. As their users become more confident, integrating the advanced analytics tools into their daily work, they can expect that more process and quality improvement initiatives will be undertaken.
As a result, the organization will become more welcoming and less apprehensive about making changes whose success is dependent on sophisticated analytics, such as alternative payment arrangement (e.g., bundled or capitated payments). Decision makers and analysts will know that they can rely on the use of real-time predictive tools to achieve needed cost and quality goals.
Medical practices and facilities are depending more and more on cloud storage because it gives users the ability to access data across a variety of electronic devices while eliminating the costs and difficulties associated with maintaining a physical storage system.
Cloud storage is a network of remote servers that allow for centralized data storage and online access to these resources. Your files are stored on a server connected to the Internet instead of being stored on your own computer’s hard drive. This eliminates the need to purchase hardware equipment to store files or to upgrade your hardware to get extra storage space—or the need to delete old files to make room for new ones. The cloud is convenient and cost-effective, providing a way to automatically back up your files and folders.
Despite these benefits, recent publicity around hacks of public cloud storage websites has raised concerns about whether it is appropriate for medical practices and facilities to store health records and information in the cloud. Cybercriminals target healthcare organizations more than any other form of business because criminals find personal patient information particularly valuable to exploit.
Providers must ensure they are compliant with the Health Insurance Portability and Accountability Act (HIPAA) in how they secure patient protected health information (PHI). The repercussions of a breach can be daunting under HIPAA. A business that suffers a breach of unencrypted PHI must report the breach to the U.S. Department of Health and Human Services’ Office for Civil Rights. If found negligent, the business can face fines and damage to its reputation.
Is cloud storage a safe way to store PHI? The answer is a qualified “yes”. The cloud can be an appropriate method of data storage, but only under the right circumstances.
As with many new technologies, the safety level of the cloud, and whether it’s appropriate for use, depends on the vendor. To be sure your data is safe and secure when you hand it over to a cloud service provider, you need to research each vendor you consider and do appropriate due diligence. There are several important questions you need to answer and issues you have to keep in mind:
Cloud storage can be a valuable asset to medical practices and facilities, but the decision to use the cloud to store HIPAA-protected records should not be made until substantial due diligence has been performed on the cloud service provider. Make sure you have absolute confidence in the service provider’s ability to keep the data safe and secure.
This post was sponsored by The Doctors Company
We live in a time where technology is ever growing and innovating. What is new today, is old tomorrow. On one hand, change is driven by customer wants and needs. On the other hand, eye-opening innovation has lead to the creation of some things that have never existed before.
Fitness trackers and other wearable technologies are examples of those types of technological change. The fitness industry, as well as their customers, have embraced a wide variety of fitness tracking technologies because these gadgets are designed to encourage people to become and stay fit. Sensor technologies that measure important physiologic parameters, such as oxygen in the bloodstream, blood pressure, and EKG tracings, are providing healthcare professionals with valuable information.
As time goes by, the technology used in these wearables is growing ever more sophisticated. These devices are now able to track a wider range of different data elements and link them to estimates of your well-being and help with the management of chronic disease.
These devices are of great interest to the healthcare industry, including research organizations, because they collect huge amounts of data from millions of active users that reflect their daily activities and various physiologic parameters. But is that all for the good?
In this article, we’ll talk about what companies do with this data, how this data can be used in the healthcare industry, and both the positive and negative impact.
Not too long ago, fitness trackers like Fitbit were only able to count the steps you take on a daily basis, measure the distance you travel, and perhaps measure heart rate. Nowadays, wearable technologies have grown substantially more advanced and powerful. They can track your sleep quality, sleep patterns, time spent asleep/awake, blood pressure, oxygen levels, estimates of calories burned in a day, body weight, and BMI.
Although experts still have questions about how reliable certain types of tracking data are, particularly sleep tracking and calories burned, companies like Fitbit and others, are starting to combine data of different types—such as heart rate, motion, and oxygen levels—and apply proprietary algorithms in order to make better estimates of sleep quality.
Because the average calories burned while resting is different for every person, calculations of calories burned, such as those that appear on a treadmill, are still only estimates that are not particularly accurate. However, as the devices improve and data and algorithms become more reliable, it is highly likely that wearables will assist in the design of new approaches for health promotion and chronic disease management.
Furthermore, the data will contribute to an increasingly higher individual approach to patient treatment. For example, technologies are available that are relevant for people with diabetes because they can monitor blood glucose, track daily activities and diet plans, and even administer insulin—functions that are highly valuable for both individual patients and their doctors. Data from these technologies can be used to improve disease self-management for a variety of conditions and provide healthcare professionals with useful information based on remote monitoring of patients.
The biggest risk and concern many experts have from all these companies gathering personal data is privacy protection. It’s no secret that various research reports have indicated that companies are selling off personal data to third parties. A report released by the Federal Trade Commission, which analyzed 12 different health and fitness apps, concluded that a staggering number of third parties received personal data, including full names, contact details, fitness schedules, diets, location, age, and gender.
The data is typically sold and used by advertising companies because the data helps them target a certain audience much more accurately. Advertising companies can use the data to create “clouds” of similar groups of people that they can then offer tailored products or packages to buy.
If health and life insurance companies are able to access data at an individual level, they can use it to increase or decrease the price of insurance packages because they know whether or not someone is appropriately dealing with a disease or illness.
There are also security issues related to hacking. Because data tracking can gather the most intricate details of an individual’s life, a hacker can use that information to harm the individual (e.g., identity theft) or use it as ammunition to threaten another party (e.g., using the information as ransom to obtain a significant amount of money). One safeguard against this is to use fake detail to sign up with tracking programs thus making cross-referencing the data to you personally impossible.
Just remember, if you’re not paying for an app or service, you are their source of income because you generate something valuable.
That being said, it’s important for both the consumer and governments to establish a healthy collaboration between the tech and healthcare industry in order to ensure that innovative technology products, such as fitness trackers and physiologic sensors that are used in our daily lives, provide not only useful and reliable information but also protect our privacy.
No one knows what the future holds for certain. Big data tracking of millions of people holds the promise of inspiring new ways to approach prevention. It could also end up making significant contributions to the health outcomes of people with chronic illnesses. But we must be careful to safeguard the data as it also has the potential of wreaking havoc on the lives of the very people it was designed to help.
Now that we’ve reached the year 2018, more information is stored online than ever. Not surprisingly, healthcare data is no exception. Patients must feel confident in the knowledge that their personal data is secure and private, accessible only to them and their immediate healthcare providers.
How can clinics, hospitals, and administrators ensure their information is kept out of the wrong hands? What, specifically, can be done? Although the obstacles may seem daunting, increased security is within our reach. Here are a few concrete steps we can take to make sure we can confidently assure our patients they have nothing to fear.
According to Forbes, our electronic health records (EHRs) are worth more on the black market than our Social Security or credit card numbers. This fact seems problematic in light of the fact EHRs have been adopted by over 96% of critical care hospitals and over 83% of regular hospitals. Perhaps even more infuriating is the source of most of these breaches, which tend to come from the inside—for example, via nurses, doctors, or billing specialists who have access to our information for legitimate purposes, but may also have ulterior motives for profit, revenge, or basic curiosity, according to Robert Lord of Protenus.
Since the introduction of the Health Information Technology of Economic and Clinical Health Act (HITECH) in 2009, over 40 million patients have reported being affected by data breaches in some way. According to Norwich University, however, there are certain best practices healthcare organizations can adopt in order to more effectively manage their patient data, including conducting quarterly assessments of IT systems, hiring well-educated IT specialists, and providing additional training or professional development to existing IT staff. Making sure that users are only granted access to the information immediately pertinent to their positions, as well as encrypting patient information and educating employees on HIPAA rules and regulations, are other safeguards that can help prevent unnecessary security breaches.
Other ways health informatics professionals can prevent data breaches are via common-sense security protocols like using a firewall, installing and maintaining anti-virus software, and always using strong passwords. Moreover, a security culture should be established in which employees are encouraged to be more aware of when and where they choose to access sensitive information, preferring limited network access that allows for stronger security.
These kinds of watertight security policies are ideally able to thwart hackers like TheDarkOverlord, who decided to hack into Indiana-based Cancer Services Center, demanding $43,000 in ransom from the company’s executive management team via text message. The center reported the incident to the FBI, consequentially averting the payment of any ransom fees. Still, most healthcare organizations would likely opt to avoid dealing with an incident of this kind in the first place.
In turn, organizations will need to rise to the challenge by taking a more holistic view of network infrastructure. This will allow them to better understand the data being monitored, which will encourage them to conduct risk assessments, refine policies and procedures, refresh staff training, and reduce security vulnerabilities.
In an ideal world, IT departments would increase their data security budgets—as, ordinarily, they tend to be too small. Increasing security budgets might allow healthcare organizations to make progress on addressing the most pressing security concerns among hospital and physician practices—which are currently phishing attacks and viruses or malware. Interestingly, these security threats are entirely preventable; they simply require more informed employee “cyber-behavior” like security training, awareness of disgruntled employees, and stronger security priorities among organizational leadership.
D’Arcy Gue stresses five steps to increased cybersecurity precaution:
Regarding this last point, third-party vendors and business partners may inadvertently leave a cyber-door open, exposing sensitive patient data without even realizing it. It’s each organization’s job to make sure all business partners sign a protected health information (PHI) agreement; this will ensure partners are at least up-to-date on current HIPAA security policy.
Lastly, Michael Daniel argues that hospitals should create a “cyber toolbox” to help protect against rising security trends that he deems troubling:
As noted above by Gue, the problem is not only internal but relational.
To effectively combat these impending data breaches, Daniel first recommends changing the organizational mindset so that it considers information security a risk in need of management—as opposed to a technical problem with occasional glitches. Second, it’s crucial to get the attention of senior management, since organizations that do this tend to get positive results. Lastly, Daniel argues, hospitals are in need of a holistic risk management framework that allows the security team to better understand their network topology.
With a strong system of protocols in place, healthcare organizations will be more fully equipped to deal with the new nature of 21st-century data security threats. Hackers and malicious underground organizations are more aware of possible weak points and back entryways than they were in the past—in part because we’re working with so much more data than ever before.
As Robert Lord argues, we must apply technology like big data and machine learning to our privacy and security concerns, making sure systems are up-to-date and continuously monitored for outside attacks.
Ironically, our weakness—dependence on data—is also our biggest strength. We must make sure big data is working for us by fending off hackers before they can attack, utilizing automation and AI to create programs that do the work for us.
As phishing schemes and ransomware attacks become more common, we must formulate comprehensive plans of attack that start at the top levels of management and apply to every department and employee in the chain of command. If cybersecurity is seen as an integral part of an organization’s vision, security is more likely to be prioritized throughout that organization.
The power of data is undeniable. It can shape policy, inform public discourse, and disprove or confirm long-held beliefs about the world around us.
But data alone won’t save a single life.
Even in 2018, as the Internet of Things (IoT) and connected devices continue to produce and collect more data about everything around us, making useful sense of this information can be challenging. Smart thermostats learn what temperatures we prefer and turn the AC to suit our preferences and schedules, and online retailers can predict when we run out of dish soap and order more—all because they were created to take data and turn it into an action that impacts our lives.
While this is undoubtedly progress, no one will argue that the prevalent use of data today is merely making things more convenient for us. At LiveStories, we believe real progress with data comes when it informs us about the conditions of our lives, shapes the way we think, and affects broader public policies. And that’s exactly what our platform is doing.
Founded in 2013, LiveStories’ mission is to empower civic organizations of all kinds—government, schools, local health departments, and public safety officials—to take data available to them and easily present it in a visual, interactive, and easily accessible way.
How? LiveStories essentially provides users a power tool—or rather, a large set of power tools—to turn rows and rows of sometimes confusing data into interactive charts, graphs, and maps, as well as easily benchmark, rank, and correlate data. What’s more, users can then share what they have discovered and created, allowing for social analysis and review that serves as a marketplace of ideas shaped by data. We like to think we’re doing for public data what Bloomberg did for the financial data, or what Zillow did for real estate.
To say the platform has the ability to shine a light on public health issues is one thing, but as good statisticians and mathematicians say, you should always show your work.
Those who work in public health know data from the Center for Disease Control (CDC) can be a monumental task to analyze. When the CDC recently released new mortality statistics, LiveStories took the opportunity to examine the data on diabetes, one of the deadliest chronic illnesses for Americans.
Using LiveStories tools that allow for easy benchmarking and analysis, we were able to produce a comprehensive report that brought to light some fresh insight and surprising statistics about the disease and its effect on both the economy and our society.
The analysis was eye-opening and provided some hopeful statistics along with some more concerning results. As can be seen above, diabetes as a contributing cause of death has, for the most part, declined over the past 20 years in nearly every age category, particularly for older Americans.
The chart above shows that the number of people living with the disease continues to climb, even though diagnosis rates are declining.
As the chart above shows, the average lifetime cost of care for those 75 and over can exceed $200,000 and rises exponentially. For those who live beyond 95 years, the lifetime cost of care can approach $600,000. It is clear that, due to longer lifespans (thanks to improved care), the cost of treating diabetics has skyrocketed because of the elevated costs of treating people at an advanced age.
While any statistician will rightly caution against drawing overly broad conclusions, this analysis raises the question of if it’s time for public health officials and government representatives to have a conversation about whether our healthcare system is prepared to cover the costs of care for a population that is living longer with a disease that is increasingly costly to treat.
Conversations are exactly what LiveStories hopes its platform can provide. In the case of our diabetes study, Dr. Jeroen van Meijgaard, Ph.D, Researcher at the UCLA Fielding School of Public Health, talked to us about what the data showed, and how it might affect programs like Medicaid.
“Expenditure growth per enrollee has been lower for Medicare recipients than for those with private insurance,” he told us after having a chance to interact with the LiveStory. “However, with baby boomers becoming eligible for Medicare, total expenditures for Medicare recipients will continue to grow rapidly. Increasing outlays for diabetes care will further drive up total Medicare expenditures. In the absence of containing costs, these increases may lead to changes in funding and cost-sharing arrangements.”
In 2017, Medicare spent approximately $100 billion on diabetes-attributable medical costs for covered individuals over 65 years old. By 2030, based on demographics alone, that figure will rise to roughly $142 billion (in 2017 dollars).
Dr. Meijgaard’s voice is just one in a conversation that has begun. At LiveStories, we hope the ability to share and collaborate on projects such as these, give hundreds more like him and his peers a chance to start more conversations.
Related Content: Enabling the Internet of Things with 5G Technology
Data alone will not save lives, but the ability to analyze and share that data in ways that are meaningful can influence those with the influence and knowledge who can.
Healthcare is an ever-growing, ever-changing industry, and the driving factor of healthcare’s expansive growth has always been technology. With the development of a new technology, there is almost certainly a medical application in which it can be applied. Most recently, with the emergence of big data, healthcare has taken off (again) and will continue to do so in ways that are helping every aspect. Below are the ways in which—within the next 5-10 years—data analytics and technology will combine to establish better working healthcare systems for virtually every region of the world.
The technological advances of the medical services field of healthcare have regularly been changing the workforce and how doctors and nurses interact with patients. Consistently improving methods to efficiently provide patient care. One standout innovation is the development of telemedicine—a highly convenient way to monitor and provide patient care remotely, yet efficiently.
Throughout a series of teleconferencing, video conferencing, and data-sharing software, a doctor is able to see a patient, listen to concerns and problems, and diagnose or suggest recommendations from anywhere that can hold an internet signal. This will change the way doctors operate from anything to monitoring rehabilitation at home to diagnosing strokes in a shorter amount of time—minimizing the damage that a stroke can inflict on your body.
3D printing has many applications, but its place in the medical field will prove to be invaluable. 3D printing is already making waves in various aspects of medical services for the ability to make implants and prostheses, but it is starting to branch out and be thought of for other services as well. Besides printing specialty surgical tools, 3D printing in now printing customizable prescription pills to create less of an organizational hassle for patients by (safely) combining several different pills into just one. Radiologists can now print a model of an otherwise 2D, printed image to better explain what’s wrong with patients and how to treat ailments.
Wearable technology has been all the rage over the past couple years. But instead of just checking your text messages on your watch, you can actually transform it into a medical device with apps to monitor things such as your heart rate, blood sugar levels, and how many steps you’ve taken for the day. This allows for the constant monitoring of major health threats such as diabetes, obesity, and heart disease. You and your doctor are able to track your health daily, in which preventative measures can be taken—preventing an emergency.
Physicians have taken it a step further so that you can send them this data for their review to make recommendations and come up with a better treatment plan for you. Wearable medical technology is facilitating the transformation from managing disease treatment to monitoring activities and health patterns leading to disease—possibly preventing the disease in the first place.
Many times, these recommendations for minor difficulties will save numerous trips to the hospital. In the grand scheme of things, less visits to the office or ER will result in reduced healthcare costs overall. Wearable technology is making its way to be applicable not just as a watch, but on your phone, a necklace, glasses, or your shirt. A recent article by Frank McGillin predicts that the wearable device market will be worth $32.27 billion by 2020 based off of figures from Markets and Markets.
All of the technology described above is changing the pharmaceutical industry. 3D printing is creating the opportunity to combine a specific dosage of a variety of pills into one. It also allows for the texture of a pill to be made more easily dissolvable, layering and shaping a pill to have specific release rates. It completely alters the way pharmaceutical drugs are manufactured and provided.
Wearable devices and telemedicine are in the unique position to control dosage in which pharmaceutical drugs are prescribed and administered to you. A doctor can more comprehensively control your prescriptions through a diagnosis from data from your smartphone or a video conference. A more precise control of prescriptions may mean less dosage, costing you less at the pharmacy. This saves you both time and money by not having to check in with a doctor physically—which can also result in more frequent check-ups due to the ease of both technologies.
Technology creates an obvious marriage with data analytics, and when applied to the medical field, is a great way to pinpoint risks, diagnoses, and treatment plans. All of which do not necessarily require immediate, expensive medical treatment. More and more people will save themselves a trip to the office or hospital—and with the help of things like wearable technology will be living healthier lives.
Health insurance costs will drop not only from the fact that the general public will need less healthcare services, but also from the fact that if we apply our medical data from devices, it creates an opportunity for an individualized health insurance based upon our personal data instead of subscribing to group rates. With an individualized insurance plan, the risk pool is significantly larger than that of a group plan. Larger risk pools equal lower premiums for the individual.
Technology has advanced the medical field, and therefore, healthcare in nearly every aspect—taking the much-needed steps forward in patient care, accessibility of services, and the way we are looking at insurance and the costs of healthcare. Big data allows for the easy, almost instant, transfer of information and interactions between doctor and patient. And it will only continue to make strides in healthcare.
Many of these technologies applied to healthcare are in their infancy stage and are already making a major impact. As these technologies become more developed, and more ideas of how they can be applied arise, they will continuously help improve already existing measures as well as transform things—such as patient care and provider guidelines, accessibility, and insurance—in ways unimaginable to standard healthcare practices. And if healthcare is looking optimal now, it can only get better over the next decade with the implementation of technology and all the innovative applications it will make possible.