Kat Jercich

According to a new JAMA study, patients reported finding mistakes in diagnoses, medical history, medications and more – and practitioners were not always open to correcting the errors.

Experts say a functioning system should be based on understanding your workforce, your technology and your employee workload – and it should involve everyone in your organization.

David Smith, executive director for the Medicaid Transformation Project, says vulnerable people are being left behind by the telehealth revolution – and it's vital to address systemic racism, language barriers and social determinants of health.

A report released from the GAO said the agency's modernization efforts are leaving out critical participants whose know-how could help with design, functionality and implementation.

The Exposure Notification Privacy Act requires public health officials to be involved with any exposure notification systems and prohibits commercial use of users' data.

The healthcare organization noted that it will work to develop actionable programs to mitigate health disparities and conceptualize a Global HIMSS Service Day.

Big transitions can present an opportunity to enact security improvements, but they can also make a complicated process even more complex.

Dr. Joe Kvedar, president-elect of the American Telemedicine Association, says providers have to figure out how to optimize the combination of virtual care and in-office visits.

Over the past decade, workloads and data have moved increasingly into the cloud. For the healthcare industry, that means personal health information is stored in multiple environments – and so security should be able to respond to threats across those environments too. "As the IT estate continued to evolve, the traditional 'gate in castle' approach to security became less and less relevant," said Ryan Smith, VP of product at Armor Cloud Security, in a HIMSS20 Digital presentation.  "It was no longer sufficient enough to have a firewall on the outside perimeter," he said. "Instead, you had to begin focusing on the workload. When you think about security, you have to be thinking about how you're protecting that workload." During his talk, Maintaining Visibility and Security Across Hybrid Infrastructure Deployments in the Healthcare Industry, Smith explained that cloud-based security failures are nearly always the fault of the customer, rather than the security provider – and that in healthcare companies, orchestrating security teams is often "a very fragmented picture." This means, Smith said, that security in the cloud is not a technology problem, but an operations problem – and a cultural problem – for businesses. The defense of healthcare information, in particular, presents a number of unique challenges, including a murky understanding of cloud architecture and data landscapes, poor authentication, weak role-based controls, stubborn end-user adoption, and a lack of orchestration between point solutions.  Another hurdle, Smith said, involves furthering the understanding that regulatory constraints under HIPAA aren't always prescriptive.  "Compliance is built on a checklist of how we should maintain best practices," Smith said. "Compliance is more of a point-in-time snapshot. … Security never sleeps, while compliance is often a once-a-year activity." "Threat actors don't care if you're compliant," he pointed out. Plus, as Smith noted, compliance often results from security.  Security platforms should protect the data environment from both accidental and intentional threats, Smith said. He explained that tools focused on Cloud Security Posture Management, Cloud Workload Protection and Cloud Access Security Brokers can work together to address the all-around security needs of an organization. This is important, Smith said, because "healthcare data is gold to bad actors."  The financial impact of data breaches is often significant due to government fines, loss of customers or theft of intellectual property. "If you are subject to breach," Smith said, "there is tremendous impact to the business." .jumbotron{ background-image: url("/sites/hitn/files/u2556/HIMSSDigitalJumbo.jpg"); background-size: cover; color: white; } .jumbotron h2{ color: white; } HIMSS20 Digital Experience the education, innovation and collaboration of the HIMSS Global Health Conference & Exhibition… virtually. Kat Jercich is senior editor of Healthcare IT News. Twitter: @kjercich Healthcare IT News is a HIMSS Media publication.

A decade-long study just published in JAMA finds a wide variance in the safety performance of operational EHR systems, especially when it comes to reducing adverse drug events.