Jessica Davis

Leading health IT vendors get in precision medicine game at White House Summit, including Allscripts, athenahealth, McKesson.

Too many healthcare organizations are focused on securing the wrong assets, leaving them vulnerable to cyberattacks and putting patients at risk, a new report from Independent Survey Evaluators claims. When healthcare leaders focus primarily on protecting patient data, they often fail to address actual cybersecurity threats that directly affect patient health, the report said. So if an active medical device or electronic work order were infiltrated by cybercriminals, the patient could be directly affected. On the other hand, an electronic health record is secondary – it requires a provider to alter the data before it could potentially harm a patient. ISE studied 12 healthcare organizations, two healthcare data facilities, two active medical devices, two Web applications and other devices found on healthcare networks over the course of two years to determine the possibility of remote attacks and the readiness of these institutions to keep data secure. "We found hospitals were antiquated in their network designs and unsure about the technologies that could effectively help them," the study's authors said. [Also: Hollywood Presbyterian gives in to hackers] "In many cases, vendor products purchased for a security purpose were inappropriate for the organization, and those systems that were appropriate were deployed incorrectly, all resulting in heavy waste while not achieving an improvement in security posture," they added. Researchers separated threat vectors into primary, secondary and tertiary "attack surfaces" that expose patient health, more than their health data. Many systems that are the focus of prevention efforts "have little value with regard to personally identifiable information or personal health information – the assets hospitals strive to protect most – yet they have direct consequences with regard to patient health," according to the report. "These attack surfaces are largely left unprotected by hospitals and are precisely the attack surfaces to be targeted by an adversary seeking to harm a patient." Among the primary surfaces: clinicians, medicine, active medical devices and surgery. Secondary (EHRs, passive medical devices, test results, work orders) and tertiary surfaces (climate controls, physical storage, barcode scanners, connected power) often get outsized attention. Actions taken by health leaders often only handled unsophisticated threats, according to study, which left plenty of openings for attackers to get into information systems. Often, protection strategies assumed the attacks weren't aimed toward garnering targeted information, and therefore ignored the specific strategies and motivations of cyberattackers. All of the hospitals in the study were failing on a range of levels to address modern security issues, largely in part, due to a lack of funding. [Like Healthcare IT News on Facebook] "Security vulnerabilities in healthcare are a result of systemic business failures," said Ted Harrington, executive partner at ISE and one of the study's leaders, in a statement. "We found egregious business shortcomings in every hospital, including insufficient funding, insufficient staffing, insufficient training, lack of policy, lack of network awareness and many more." According to the study, one of the greatest vulnerabilities is that patients and visitors often have physical access to networks and equipment – an issue unique to healthcare. Time, accuracy and the environment also played into sometimes adverse security circumstances. Along with the study, ISE published a blueprint to aid healthcare organizations in shifting the security focus. It outlines specific threats and the consequences of a breach, in addition to methods for healthcare institutions to better secure its systems. Twitter: @JessiefDavis

Advanced data analytics may hold the power to help predict likely prescription drug abuse in patients, a needed breakthrough as an opioid epidemic sweeps the country.  The problem is "no longer just heroin and cocaine; it's prescription drugs,” said Jaya Tripathi, principal investigator at the MITRE Corp. “If you look at the trends, despite the overwhelming focus and funds, more needs to be done." [Poll: What topics will define HIMSS16?] Her team at MITRE researched public and private stakeholders and interviewed board members and law enforcement officials and others over the course of 18 months. The interviews revealed ways to carry out implementation with a broad approach. In a Wednesday morning session at HIMSS16, “Data Analytics Takes the Pain out of Pain Pill Management,” Tripathi plans to discuss advanced analytics and the ways it can predict drug abusers. She'll also talk about some Big Data challenges and how to overcome them. MITRE operates multiple, federally funded research and development centers and a robust research program. Tripathi's prescription drug project began three years ago, while she's been in the analytics field for a decade. [Also: 21 awesome photos from past HIMSS conferences] Tripathi said the study demonstrated provider challenges, especially in the emergency room, to differentiate the symptoms of similar patients, when prescribing medications. "They do a lot of subjective interpretation," Tripathi said. "There are vital disagreements on how to handle it." "I wanted to solve this problem and look at all current solutions, identify gaps and what we need," Tripathi added, saying a better predictive approach would provide the necessary empirical data. "Data is everything, but you can do better if you know the right techniques," Tripathi said. "If your data is poor, your models will only go so far." Tripathi noted that each pharmacy must report every controlled-drug prescription to the state, as much as once every 24 hours. Her project has found access to analytics data of this resource at the point-of-sale can make sure the drugs are making it into the right hands and in the right amount. [Like Healthcare IT News on Facebook] "We had a lot of information, like drug interaction — so when you outline that you get a much bigger picture," Tripathi said.  "People have done a lot of work out there and sometimes one technique will inform the other. But it also needs to be usable." Tripathi’s session, “Data Analytics Takes the Pain out of Pain Management,” is scheduled for March 2, 2016 from 8:30 to 9:30 a.m. at the Sands Expo Convention Center Palazzo D. Twitter: @JessiefDavis This story is part of our ongoing coverage of the HIMSS16 conference. Follow our live blog for real-time updates, and visit Destination HIMSS16 for a full rundown of our reporting from the show. For a selection of some of the best social media posts of the show, visit our Trending at #HIMSS16 hub.

The Healthcare Leadership Council has identified six healthcare reforms that should be implemented by the White House, Congress and the healthcare industry to reform healthcare; it was announced last week at a Capitol Hill briefing and in a report highlighting the changes. For starters, nationwide health information interoperability in the private sector should be achieved by December 31, 2018, the group said. The group also targeted the Food and Drug Administration, saying reforms that focus on reducing administrative burdens placed on the organization should be enacted so the FDA can better bring innovative treatments and technology to patients. [Also: Hollywood Presbyterian gives in to hackers] “These steps aren’t revolutionary, but they're transformative,” said HLC President Mary R. Grealy, in a statement. “Innovation is too often put on the backburner when we discuss healthcare policy, but it’s critical to elevating health system value and to address quality and cost challenges." The Centers for Medicare and Medicaid Services also needs to improve the Enhanced Medication Therapy Management Model to reach its goal of improving patient health and should implement best practices for Medicare, insurers and healthcare providers to improve care for the chronically ill, the group said. The federal government should reform outdated physician self-referral and anti-kickback statutes and expand Medicare payment waiver policies to protect against fraud and abuse, while improving care coordination. Cybersecurity also needs focus, the group said, pointing to Congress and the states to standardize privacy laws and increase access to patient data. The recommendations are compiled from the HLC's National Dialogue for Healthcare Innovation initiative – a collaboration of patient advocacy leaders, drug company representatives, patient advocacy leaders, patient groups and other industry experts that convened over the course of a few months. David Barrett, CEO of Lahey Clinic and Bill Hawkins, chairman and CEO of Medtronic, co-chaired the group. [Like Healthcare IT News on Facebook] “There's a widespread understanding that, for all of our healthcare system’s considerable strengths, we need to make strides in providing high-quality care at sustainable costs," Susan DeVore, president and CEO of Premier, Inc. and HLC chair, said in a statement. "The six steps on which we have reached agreement will move us significantly in that direction." HLC has begun meetings with congressional leaders about the recommendations and will continue the conversations in the coming weeks. The compiled recommendations were produced by a partnership with NORC, the independent public policy research organization at the University of Chicago. Twitter: @JessiefDavis

The hospital’s director of biomedical engineering will discuss at HIMSS16 securely bringing biomedical devices into the network, including mitigating existing gaps.

Atlantic Health cut operational costs $70 million in three years by effectively using predictive analytics, according to MaryPat Sullivan, chief nursing officer at Overlook Medical Center in Summit, New Jersey. “We have so many IT tools in the hospital setting,” Sullivan said, “but they’re only good if they actually get adopted." Overlook is part of the five-hospital Atlantic Health system. Sullivan spearheads healthcare literacy, diversity, and implementation of programs for pre-hospitalization, acute care and care transitions in the nursing department. When Overlook began its EHR transition, Sullivan’s team interviewed staff members to determine what data meant for them. While Sullivan thought culture change would hinder implementation, her staff actually embraced the transition. [Also: 21 awesome photos from past HIMSS conferences] “It’s a real find that staff were not only believing in the data, but were making decisions based on it,” she said. Sullivan will deliver a presentation titled “Reining in Labor Costs with Predictive Analytics,” at HIMSS16 later this month. Sullivan’s team spent a lot of time educating staff to help with the transition, she said, and found nurses felt “empowered to control their environment and to be good stewards to plan and evaluate.” Her team used business analytics to predict hospital productivity and analyze labor costs. By comparing data from previous years, Sullivan could create the best possible schedules to reduce costs and get the most from her staff. “We took the budget and the business analytics and married them,” Sullivan added. “It gives staff the control over their working environment and work in a way to maximize patient outcomes.” Even though it’s only Atlantic Health System’s first year with the data, there’s already been a big reduction in overtime and premium usage. See all of our HIMSS16 previews “There’s a million moving parts to this, but in terms of data, we’ve seen a quarter of a day length of stay less, and earlier morning discharges,” Sullivan said. Sullivan’s team is working toward the next steps of using the data to benefit the health system and apply the data concepts to other departments, like critical care. The session “Reining in Labor Costs with Predictive Analytics” is scheduled for March 2 from 8:30 – 9:30 a.m. in the Sands Expo Convention Center Palazzo E. Twitter: @JessiefDavis This story is part of our ongoing coverage of the HIMSS16 conference. Follow our live blog for real-time updates, and visit Destination HIMSS16 for a full rundown of our reporting from the show. For a selection of some of the best social media posts of the show, visit our Trending at #HIMSS16 hub.

Mount Sinai Health Partners -- a network made up of the Mount Sinai Health System and a voluntary provider group -- has created an accountable care organization with Aetna, the companies announced on Tuesday. The three-year agreement will allow Aetna commercial plan members who receive care at Mount Sinai to benefit from quality and cost efficiency improvements from the program and establishes a new payment model that will reward physicians for meeting established  quality measures. The partnership is just another step in Mount Sinai's strategy to improve care delivery from traditional fee-for-service models into population health management, by working with health plans like Aetna to improve care value for both the patients and providers. [Also: Healthcare providers weigh pros, cons of Merit-Based Incentive Payment System] "As a health system, we're moving aggressively toward population health," Niyum Gandhi, chief population health officer, Mount Sinai Health System, said. "Our strategy is toward moving into savings for all. When the opportunity came about that aligned incentives around keeping patients healthier - we jumped on it." Currently, Mount Sinai has ACO arrangements with the Centers for Medicare and Medicaid Services, Healthfirst and Empire, as well as similar contracts in the works that will be made official throughout the coming year. Mount Sinai hopes to have these arrangements with every insurer in its system. [Like Healthcare IT News on Facebook] "Our goal here is align our incentives across all payers," Gandhi said. "We're arranging resources to keep patients healthy and out of the hospital. This allows us to align the reward model to reap the benefits."  The agreement includes the more than 3,100 Mount Sinai employees and affiliated physicians. Aetna provides benefits to more than 1.1 million members in New York. "Our new agreement with Mount Sinai puts consumers at the center of a health care system that promotes wellness, provides better care for chronic conditions and uses economic incentives to reward positive health outcomes,” David Kobus, Aetna senior vice president, New York market, said in a statement. Twitter: @JessiefDavis

Dell's chief medical officer says baby boomers have great expectations about how health IT can work to their advantage.

To help information technology departments succeed at driving new projects, it takes viewing the IT team as partners, not roadblocks. That’s the aim at Illinois-based Advocate Health Care, said Rance Clouser, the system’s vice president of IT field services. Clouser, who leads unified communications and collaboration across the 12 hospitals and 250 care sites included in Advocate's campus, is also in charge of corporate support services, reporting and analytics.  See all of our HIMSS16 previews During a HIMSS16 presentation, "Competing IT Priorities? Master Your Enterprise IT Demand," Clouser will discuss how Advocate achieved better outcomes on initiatives from social, mobile, analytics and cloud techniques, as well as infrastructure. Clouser said that when projects are approached or denied, it's easy to paint IT as the bad guy, but business leadership should be making the big decisions and ensuring the IT department is heard. His team has interviewed many organizations in the healthcare space and recognized Advocate wasn't alone in the need for portfolio management and interoperability. When integrating processes over multiple institutions within one organization, it takes a lot of effort to get things just right. "Apparently, I was pretty naïve when we started out, and I thought it could be done quickly," Clouser said. "Don't underestimate the effort." Advocate’s leadership has allowed its separate sites to remain independent, Clouser said, and that independence in turn enables the communities to tailor their services to the needs of their region and demographic. But the individuality causes troubles with interoperability — an issue Advocate is currently trying to remedy. "We've developed a system, fully in place to work with the business end, upfront, to make sure we're moving toward standardization and consolidation at each site," he added. [Like Healthcare IT News on Facebook] Due to Advocate's size, and the independence of the individual sites, Clouser said, it was imperative to meet with all staff members to learn the culture and needs. Communication is also crucial to ensuring a successful implementation. "Communicate early, often and repeatedly,” Clouser said. “Because it just takes so long for a larger organization to adopt new processes." The session “Competing IT Priorities? Master Your Enterprise IT Demand,” is slated to take place March 1, 2016, from 4 to 5 p.m. in Palazzo B at the Sands Expo Convention Center. Twitter: @JessiefDavis This story is part of our ongoing coverage of the HIMSS16 conference. Follow our live blog for real-time updates, and visit Destination HIMSS16 for a full rundown of our reporting from the show. For a selection of some of the best social media posts of the show, visit our Trending at #HIMSS16 hub.

Collaboration with Greater Flint Health Coalition hopes to improve health IT infrastructure, analytics, long-term care coordination goals in the area.