Shot of two surgeons analyzing a patient’s medical scans during surgery
By Bill Siwicki
January 04, 2018
Informatics, data analytics, privacy and security, clinical documentation improvement and information governance are among the imperatives that will dominate data trends in 2018, according to the American Health Information Management Association.
Demand for services and projects will increase in 2018, AHIMA predicts. Data analysts are expected to be busy helping providers participate in new payment models and find their way through new policy initiatives such as MACRA.
Data experts will help to mitigate physician burnout with electronic health records by streamlining processes to capture data in EHRs, protect patient-generated data in mobile apps and develop interfaces and dashboards for telehealth services, AHIMA said.
Privacy & Security
While cybersecurity incidents will likely continue to make headlines in 2018, there are a number of policies related to data security to watch for this year, AHIMA said. These include the issuing of “minimum necessary” requirements, guidance around mental health information and data sharing as required by proposed rules of both the 21st Century Cures Act and the penalty sharing provision of the HITECH Act, experts said.
Clinical documentation improvement specialists will also continue to be deeply involved with claims denials in 2018, helping to identify denials for coding and documentation that should be appealed as well as continue to expand to new and specialty areas of healthcare such as long-term care, home health, psychiatric units and rehab facilities that call for high-quality documentation, AHIMA predicted.
In the area of information governance, experts said enterprise-wide retention policies and data quality will continue to cause cybersecurity challenges for providers in 2018, demonstrating the strong need for IG programs to address them.
Government & Policy
Federal rules and regulations will also be worth paying close attention to this year. In addition to the 2018 budget, which will affect funding of the Office of the National Coordinator for Health IT and HHS’ Office for Civil Rights, the forthcoming definition of “information blocking” defined by the 21st Century Cures Act will be a major story to look for because of its impact on a large portion of EHR users, AHIMA said.
Four big issues impacting inpatient and outpatient coding in 2018 will be reimbursement, telemedicine, copy/paste and coding auditing, the experts added. Also, starting in January, the Medicare Access and CHIP Reauthorization Act of 2015 will require physicians to start reporting patient relationship modifiers.
Finally, with regard to education and workforce issues, “upskilling” existing practitioners for more advanced roles in data analytics and informatics, preparing academic faculty to teach higher-level content in data analytics and revising curriculums to ensure students are prepared to meet workplace needs are all education and workplace trends to pay attention to in 2018, according to AHIMA.
An attractive senior black man uses his smartphone on the trail
By Jessie Bur
January 9, 2018
The healthcare industry operates with many incompatible networks, so the Department of Health and Human Services has taken a major step on its quest to forge a framework to bind them together. HHS on Jan. 5 released for public comment its draft Trusted Exchange Framework, which proposes policies and standards to promote the interoperability of health data systems.
“The draft Trusted Exchange Framework we issued today reflects the successes and challenges already existing in the exchange of health information and is designed to help guide the nation on its path to interoperability for all,” said Don Rucker, M.D., national coordinator for health information technology.
“The principles and direction we released today, combined with the support of providers, existing health information networks, health IT developers, and federal agencies, are designed to help improve patient care, care coordination, and the overall health of the nation.”
The framework was mandated by the 21st Century Cures Act, which became law in December 2016.
- According to HHS, health organizations currently have to subscribe to multiple data exchange networks, which drives up costs and has issues with scalability. A single interoperability framework would help ensure that different networks can communicate with each other.
The framework operates on six principles:
- Standardization – adhere to industry and government standards
- Transparency – conduct the exchange in an open and transparent manner.
- Cooperation and non-discrimination – work with others in the industry, even if they are a direct competitor.
- Security and patient safety – ensure data security and integrity throughout.
- Access – ensure that patients and caregivers have access to health data.
- Data-driven accountability – Exchange multiple records at one time to enable identification and trending of data to lower the cost of care and improve the health of the population.
According to the HHS press release, the final framework will support the goals of allowing patients to access their own information, health providers and others to receive population-level health data to better understand trends in that data and innovators to create new programs for increased usability.
Once the framework is finalized, HHS’ Office of the National Coordinator will select a Recognized Coordinating Entity to develop a common agreement that qualified health networks and their participants can voluntarily agree to adopt.
ONC will also be working with other health-related federal partners, including Veterans Affairs, to establish the best standards for the framework.
“The Department of Veterans Affairs supports ONC’s efforts to create a common ‘on-ramp’ to health information networks that supports widespread interoperability, said Dr. Carolyn Clancy, VA executive in charge. “We look forward to working with all stakeholders to ensure that our veterans’ health information flows and is available when and where it is needed to support seamless care.”
“We know that many stakeholders, including healthcare providers, health systems, developers, and existing health information networks have extensive experience in trust agreements and common exchange networks and strongly encourage stakeholders to share that insight with us,” said Rucker.
The comment period for the framework closes on Feb. 18, 2018, and comments can be submitted to firstname.lastname@example.org.
Cropped shot of an unidentifiable hacker cracking a computer code in the dark
By Bill Siwicki
January 5, 2018
This past year was another challenging one for healthcare organizations as they remained under sustained attack by cybercriminals who continue to target healthcare networks through the use of well-known vulnerabilities.
A new study predicts that 2018 won’t be any easier, especially as attackers increasingly set their sights on smaller providers and the myriad connected Internet of Things devices across healthcare.
In 2017, there were a total of 140 hacking-related data breaches reported to the Department of Health and Human Services’ Office of Civil Rights – a 24 percent increase over the 113 such events reported in 2016, according to the “2017 Health Care Cyber Research Report,” from cybersecurity vendor Cryptonite.
The number of reported hacking events attributed to ransomware by healthcare organizations jumped by 89 percent from 2016 to 2017, the study shows. This was an increase from 19 reported events in 2016 to a total of 36 events in 2017.
In 2017, ransomware events represented 25 percent of all events reported to HHS/OCR and attributed to IT/hacking. All six of the largest hacking-related healthcare events reported in 2017 were attributed to ransomware, the study found.
Somewhat encouragingly, this past year, just 3,442,748 records were reported to be compromised, a big decrease from 13,425,263 reported compromised in 2016.
But in years past, cybercriminals devoted significant time and effort to targeting the largest healthcare organizations. For example, 2015 breach events included Anthem (78.8 million records) and Premera Blue Cross (11 million records), and 2016 events included Banner Health (3.6 million records) and Newkirk Products (3.4 million records).
Now this low-hanging fruit has to some extent been harvested, and attackers are increasingly turning their attention to a broader mix of healthcare entities, the report said.
“The emergence and refinement of advanced ransomware tools lowers both the cost and the time for cyberattackers to target smaller healthcare institutions – now they can cost effectively reach physician practices, surgical centers, diagnostic laboratories, MRI/CT scan centers, and many other smaller yet critical healthcare institutions,” according to Cryptonite. “This is the beginning of a trend that will increase very substantially in 2018 and 2019.”
Internet of Things devices in healthcare also represent new and expanding opportunities for cyberattackers. IoT devices now are now nearly ubiquitous in healthcare – already widely deployed in intensive care facilities, operating rooms and patient care networks, said Michael Simon, president and CEO of Cryptonite.
“Cyberattackers target healthcare networks for two primary reasons – to steal the medical records they contain or to extort ransom payments,” said Simon. “Medical records are the targets of choice, as this data is highly prized to support identity theft and financial fraud. While 2017 was the year of ransomware, we are anticipating this already hard-hit sector will feel the wrath of cybercriminals targeting the hundreds of thousands of IoT devices already deployed in healthcare.”
The First Responder Network Authority will not award the contract for its nationwide broadband public safety network on Nov. 1 as anticipated, CEO Mike Poth said.
“FirstNet will continue to execute the acquisition process outlined in the [request for proposals] beyond the Nov. 1 target date for the award,” he said in an Oct. 28 statement on FirstNet’s website. “We will continue to work diligently with our federal partners to complete the RFP process in line with the [Federal Acquisition Regulation] while being as transparent as allowable.”