Top 10 Health IT Trends 2015

By Ken Congdon
Our annual reader survey may have identified the top 10 health IT trends for the coming year, but three initiatives clearly rank above the rest when it comes to provider mindshare.
2014 has been a tumultuous year for health IT. After Meaningful Use (MU) got off to a smooth start with Stage 1, it hit a brick wall with Stage 2 this year. As of the end of August, only 25 hospitals and 1,277 eligible professionals had attested to Stage 2 on the Medicare side of the program. Providers are clearly having a difficult time meeting the requirements outlined by Stage 2, and many feel their cries for help are being ignored by the federal government. The MU program has received numerous modifications to date, but CMS hasn’t budged on the one area providers seem to care about most (i.e., changing the Stage 2 attestation period from one year to 90 days).
Our annual reader survey may have identified the top 10 health IT trends for the coming year, but three initiatives clearly rank above the rest when it comes to provider mindshare.
2014 has been a tumultuous year for health IT. After Meaningful Use (MU) got off to a smooth start with Stage 1, it hit a brick wall with Stage 2 this year. As of the end of August, only 25 hospitals and 1,277 eligible professionals had attested to Stage 2 on the Medicare side of the program. Providers are clearly having a difficult time meeting the requirements outlined by Stage 2, and many feel their cries for help are being ignored by the federal government. The MU program has received numerous modifications to date, but CMS hasn’t budged on the one area providers seem to care about most (i.e., changing the Stage 2 attestation period from one year to 90 days).
The federal government can also be credited with stalling another major health IT initiative this year — the transition to the ICD-10 coding standard. Congress stepped in to delay the ICD-10 transition date by another year — from October 1, 2014 to October 1, 2015 — as part of the Protecting Access to Medicare Act of 2014 (a.k.a. SGR “Doc Fix” Bill) passed back in April. Many view the delay as a much-needed reprieve that will give providers and vendors more time to ensure a smooth transition to the new code set. However, providers that were diligently preparing for the initial 2014 deadline were blindsided by this move. Some feel their ICD-10 efforts to date have largely been wasted, and they’ll have to reinvest in training and education again in 2015 to properly ready themselves for the new deadline.
2014 has also been marked by some much-needed progress in the area of telehealth and telemedicine. For example, in late October, CMS issued new rules that include additional reimbursement coverage for telemedicine services, including remote annual wellness visits, psychotherapy services, remote monitoring of chronic conditions, and others. A lack of reimbursement has historically been a major barrier to telehealth technology and services by providers. Since private payers tend to follow CMS’s lead, it seems like this barrier is beginning to lift. We could see telehealth adoption begin to take off as a result.
With all of these forces at play in healthcare, it can be difficult to predict where providers will focus their IT efforts, budget, and resources. To gain insight into which initiatives will carry the most weight with providers in 2015, Health IT Outcomes surveyed 179 healthcare providers from its readership.
Research Sample
Health IT Outcomes’ 179 survey respondents were selected at random and are a fair representation of our total circulation of IT decision makers from healthcare providers. The majority of respondents (53.6 percent) represented hospitals and IDNs, followed by group practices/clinics/ambulatory care centers (19.2 percent).
![]() |
Some consultants, systems integrators, and value-added resellers (11.7 percent) were also included in the survey given their involvement in and influence over the health IT implementations of many healthcare providers. A complete facility breakdown of our survey respondents is presented in Figure 1.
IT, clinical, and executive titles were well represented in our sample, with IT leadership (including CIOs and CTOs) accounting for 32.9 percent of respondents, C-level executives (e.g., CEO, COO, CFO, CMO, CMIO, etc.)
![]() |
accounting for 20.4 percent, and clinical leaders accounting for 23.5 percent. Details regarding the complete title breakdown of our survey respondents can be found in Figure 2.
Of the hospitals and IDN contacts that responded to the survey, 22 percent were from hospitals with 500 beds or more, 18 percent were from hospitals with 300 to 499 beds, 36.6 percent represented hospitals with 100 to 299 beds, and 23.4 percent were from hospitals with fewer than 100 beds. Of the group practices, medical clinics, and ambulatory care centers that responded to the survey, 58.2 percent represented facilities with more than 50 physicians, 13.3 percent represented facilities with 26 to 49 physicians, 14 percent represented facilities with 10 to 25 physicians, and 15.5 percent represented facilities with nine or fewer physicians.
Survey Methodology
To identify the top trends, Health IT Outcomes asked each of the survey respondents to rank a series of technology initiatives in line with their implementation plans for 2015. For each initiative, respondents were asked to clarify whether the initiative was a “Top Priority,” a “Priority,” “Important,” “Somewhat Important,” or “Not Important At This Time.” Each response was then weighted. For example, all “Top Priority” responses were given a rating of one (1), while “Not Important At This Time” responses were given a rating of five (5). An average of the total ratings was then calculated for each initiative. The lower the cumulative rating, the higher the priority the IT project was to our survey respondents. This rating system was used to determine the Top 10 Health IT Trends for 2015. These trends are outlined in Table 1. For a complete list of how all the IT initiatives on our survey performed, visit www.HealthITOutcomes.com/2015_Top10.
Key Findings
I thought last year’s results were close, but this year’s were even more competitive. Last year there were two health IT initiatives that tied with the lowest cumulative score (EHR MU and ICD-10 Compliance). This year, we had a three-way tie for top health IT trend for 2015. EHR MU, PHI Security, and ICD-10 Compliance all received a cumulative rating of 2.07. This forced us to apply a tiebreaker (percentage of survey respondents that ranked an initiative as a “Top Priority”) to determine the final rankings. Nearly 50 percent of our survey respondents (47.43 percent) ranked EHR MU a “Top Priority” for 2015, making it our top overall health IT trend for the fifth year in a row. This initiative was followed by PHI Security, which received “Top Priority” designation by 45.71 percent of respondents. Finally, ICD-10 Compliance ranked third with 38.37 percent of respondents naming this initiative a “Top Priority.”
There was a marked score increase (0.25) separating these three initiatives and the number four trend on our list — Patient Portals/Engagement. This indicates that providers are dedicating much more focus and mindshare to the top three trends on our list than to the other seven. The cumulative scores between trend four and trend 10 (HIE) are clustered much more tightly together (only a 0.19 scoring difference separated these projects).
Table 1: The Top 10 Health IT Trends For 2015
This year’s survey also revealed that health providers are continuing to attack IT projects with heightened urgency. For the second year in a row the average score of our Top 10 Health IT Trends decreased (from 2.74 for 2013 to 2.38 for 2014 to 2.33 for 2015). However, when you calculate the average of all 44 IT initiatives listed on our survey, the score actually increased this year (from 2.78 to 2.84). Furthermore, while only one health IT initiative on our 2014 trends list had a higher score than the previous year, 21 IT initiatives received a score increase on our 2015 list. To me, this shows that health IT leaders are starting to prioritize their efforts more effectively. They realize they can’t tackle everything at once and are scrutinizing their spends and carefully delegating their resources.
Our list of 2015 health IT trends is similar to our 2014 installment (six of our top 10 trends for 2015 were also represented on our 2014 list), but there are some interesting new trends to crack our top 10 this year. However, not all of these trends are what I consider promising. For example, one initiative to crack our Top 10 this year is MU Audits. I find it troubling and counterintuitive to health IT progress that providers are forced to dedicate such a high level of focus and resources to retaining MU incentive dollars.
CDI (clinical documentation improvement) initiatives made its first appearance on our Top 10 Health IT Trends list this year, obviously gaining favor as part of ICD-10 preparation. E-Prescribing also returned to the Top 10 (number 5) after spending last year in the number 12 spot. Finally, Secure/Unified Messaging rounded out the new initiatives on our list, coming in as our number 6 trend for 2015. I believe the increased interest in secure messaging is twofold. First, providers are trying to lock down their mobile communications to ensure they are secure and HIPAA compliant. Second, and more importantly, providers are looking to these technologies to streamline clinical workflows. These solutions can go a long way toward facilitating communication between clinicians, accelerating response times, and ultimately improving care.
Biggest Climbers And Surprises
The two biggest climbers on our survey this year (e-Prescribing and IP Networking) were also two of the biggest surprises, in my opinion. The emphasis being placed on e-prescribing in 2015 by our survey respondents caught me off guard because I thought this was a solution most providers had already implemented and were actively using. For example, according to ONC analysis of physician subscriber data from Surescripts, 70 percent of physicians were e-prescribing using an EHR on the Surescripts network as of April 2014. Are there additional ways providers are seeking to leverage this technology, or was our survey sample just behind the curve in this regard? Obviously, we’ll have to make additional inquiries to get to the root of this growing trend. IP Networking took me by surprise simply because it’s not an initiative you commonly hear referenced by health IT leadership.
One trend climbing our list this year that didn’t surprise me is Telehealth/Telemedicine/ Remote Patient Monitoring. As referenced earlier, reimbursement barriers are starting to disappear, and providers are more willing than ever to include these technologies as part of their care strategies. Mass adoption of telehealth tools will be instrumental to serving the newly insured as part of healthcare reform, improving chronic disease management, and extending better care to patients in currently underserved rural markets. A list of the trends with the most improved scores this year is presented in Table 2.
Next Steps
Obviously, I have only scratched the surface in examining the health IT trends uncovered as part of our annual survey. On the following pages, our editors and several health IT visionaries provide additional insights and commentary on our top 10 trends.
Table 2: The 10 Biggest Climbers Between 2014 And 2015
Trend 10 HIE
HIE: Will We See Better Alignment In 2015?
By Linda Stotsky, Healthcare Consultant, Twitter: @EMRAnswers
There are several stakeholders in the HIE equation, and all need to improve their alignment with others in order to realize the full benefits successful HIE can deliver. The following are some focus areas involving each of these stakeholders.
ACO — Ambulatory physicians need to know what’s going on in the hospital, and the hospital needs to know what’s going on after discharge. Shared savings are based on how well care is managed across location and practice setting. This need for two-way communication is an excellent fit for HIE in the ACO. HIE data can reduce duplicate testing and hospital readmissions and provide real-time notifications to ACO care coordinators and providers. Yet data must be inclusive, accurate, and actionable. Interoperability continues to challenge this marriage. To achieve population health goals, we must include all data and break down silos.
Policy — It seems unlikely there will be one central repository of data in 2015, but it is possible to envision a virtual repository in the cloud. It is also possible that the data will be stored in a federation made up of the current existing repositories: medical practices, hospitals, and HIE data centers. NATE’s (National Association for Trusted Exchange) vision to develop a scalable Trust and Policy Framework takes vendors out of the middle, allowing interoperability, standards, and trust to coexist.
Payers — Payers have an incentive to ensure that the data collected is used to improve population health. These incentives are closely aligned with the HIE. Their ability to contribute funding to HIEs helps with financial sustainability. The HIE benefits payers with unstructured data, PHR, and self-reported data. This is an excellent match if the participants can reduce risk for all stakeholders.
Consumers — Enabling consumers to partner in the trusted sharing of health data is the most important benefit of the Triple Aim. It’s time to broaden broadband, widen access, and allow consumers to determine what is shared with whom. This link between structured and unstructured, clinical accuracy, and social engagement is a trifecta vital to HIE sustainability. Without an understanding of who your customers are, where they shop, and what influences their health decisions, it’s difficult to deliver a personal experience.
Trend 9 Clinical Documentation Improvement (CDI)
CDI Paves The Way To ICD-10 Success
By John Oncea, Editor, Health IT Outcomes, Twitter: @buck25
Ask any healthcare expert what element is most critical to ICD-10 success, and many will say clinical documentation improvement (CDI). This combination of processes and technology tools designed to enhance the overall quality and accuracy of clinical documentation is not only essential to ensuring a smooth transition to the new ICD-10 code set but also ultimately to improving the quality of patient care.
The need for CDI couldn’t be more logical. It follows the old “garbage in, garbage out” philosophy. Think about it. If a physician isn’t documenting patient encounters accurately and optimally, then everything that follows will suffer. Patient diagnoses could be inaccurate. Moreover, new ICD-10 codes could be incorrect or incomplete regardless of how powerful a provider’s CAC (computer-assisted coding) tools are.
Recent data shows that healthcare providers are finally starting to recognize the impact CDI will have on their ICD-10 transition efforts. Not only do the results of the Health IT Outcomes Top 10 Health IT Trends survey indicate increased investment in this area, but also a recent survey by Black Book Rankings does as well. According to survey data from 650 hospital technology and physician leaders contained in Black Book’s 2014 report titled Top Ranked Clinical Documentation Improvement Vendors, 71 percent of hospitals plan to engage a CDI partner in the coming year, and 25 percent have done so already.
Not only are providers realizing the role CDI will play in ICD- 10 compliance, but many are also beginning to see how the initiative can help them improve their existing revenue stream. Inaccurate clinical documentation is a key contributor to denied claims or for a provider’s being reimbursed less than it should for a procedure or treatment. For example, Valley Medical Center, part of the University of Washington Medical Center, recently generated more than $2.2 million in additional revenue following the implementation of a CDI program. If our Top 10 Health IT Trends survey results are any indication, many more providers are hoping CDI can produce similar results for them in 2015.
Trend 8 Clinical Decision Support/Evidence-Based Medicine
2015 Must Usher In Medical Evidence With CDS
By Shahid Shah, The Healthcare IT Guy, www.healthcareguy.com, Twitter: @ShahidNShah
Modern clinicians have prided themselves on ensuring evidence-driven care of patients and promoting safe use of drugs based on tried-and-true, double-blind trials. The evidence available in the past was limited to paper analysis; however, with the increased use of EHRs, and especially clinical decision support (CDS) tools, that’s changing. Evidence-based medicine requires “computable guidelines,” and that’s an area CDS tools have lacked. That will be improving over the next year because we need compliance and adherence tracking if we’re going to get better evidence. What’s still missing are “computable care maps” or critical path documents that are more than documents manually managed by clinical personnel.
The next logical path for CDS is not to generate documentation but to create traceable guidelines, care maps, and patient journey trails for each specific complex disease or condition. For example, if guidelines and care maps could be codified in a standardized, structured, and computable system, then CDS functionality could not only suggest critical pathways but also track adherence and compliance that could be used to judge clinical efficacy of protocols, tests, and drugs. Evidence-driven medicine is a worthy goal, and CDS capabilities in some modern EHRs are a great starting point. We shouldn’t celebrate prematurely, though — most EHRs in use do not have the ability to create customized care plans tied to their CDS systems let alone allow those care plans to be traced to completion or tracked for adherence. 2015 could usher in the use of better evidence, not just because of CDS but because health IT system interoperability is growing organically.
While EHRs don’t have the deep functionality needed to structure and act on a standardized library of protocols, big data and other health analytics systems are getting better at revealing what care is actually taking place through the use of Meaningful Use metrics as well as natural-language processing of clinician notes inside EHRs. As more clinicians use CDS, and as more and more data gets interoperable and the use of analytics increases, we’ll see the holy grail of medicine — ensuring that all decisions are made based on a preponderance of evidence and not guesswork — will seem within reach.
Trend 7 Meaningful Use (MU) Audits
Best Practices To Prepare For MU Audits
By Health IT Outcomes Staff
It’s unfortunate that providers are being forced to dedicate so much time, energy, and resources to defending themselves against Meaningful Use (MU) audits, particularly with all the other changes and initiatives on their plates today. However, these audits are a fact of life, and if you want to ensure your MU incentive dollars aren’t reclaimed, then you need to be prepared.
The first step in preparation is to understand that there are two different types of MU audit — a prepayment audit and a post-payment audit. CMS incorporates automatic prepayment edit checks into the EHR Incentive Program attestation and payment systems to detect inaccuracies in eligibility, reporting, and payment. It also conducts random prepayment audits that may target suspicious or anomalous data. Post-payment audits are obviously those conducted after a provider has already received its incentive funds from CMS. Providers selected for post-payment audits must present supporting documentation to validate their submitted attestation data. Furthermore, CMS will withhold the incentive payment for the provider’s subsequent MU attestation until any previous audits are resolved.
To prepare for both prepayment and post-payment audits, Daniel Gottlieb and Randall Ortman, of the international law firm McDermott Will & Emery, recommend health providers focus on the following:
Documentation and knowledge of core measures: In the event of an audit, all measures taken to fulfill MU objectives need to be supported by documentation. As such, Gottlieb and Ortman stress that providers should not neglect studying MU specification sheets and frequently asked questions (FAQs) published by CMS.
Identification of key MU stakeholders: Make sure the C-suite, clinicians, and health IT professionals are all on the same page.
Proof of EHR security: Providers must make sure they are in line with HIPAA regulations, and providers relying on cloud technologies must prove that their systems have been properly assessed for security.
EHR certification: Providers must use an EHR that is approved by an authorized certification body.
Trend 6 Secure/Unified Messaging
Secure/Unified Messaging: More Than HIPAA
By Katie Wike, Contributing Writer, Health IT Outcomes, Twitter: @KatieWike
Ensuring the security of patient information sent via texts between clinicians is definitely one key reason for the rising interest in secure/unified messaging solutions in healthcare. For example, a study published earlier this year in Telemedicine and eHealth illustrated just how out of control the current texting habits of physicians are. According to the study, titled TXT@WORK: Pediatric Hospitalists and Text Messaging, more than 60 percent of physicians surveyed claimed to both send and receive work-related text messages. Thirty percent of these respondents admitted that PHI was exchanged in these unsecure texts. Obviously, ensuring text communications between clinicians are complaint with HIPAA policies dictating the security of electronic data exchange is top of mind.
However, this isn’t the only (or even the primary) reason so many health providers are adopting secure/ unified messaging solutions. As it turns out, improving clinical workflows may be the most compelling benefit this technology offers. For example, a study conducted by the Ponemon Institute earlier this year showed that more than $11 billion per year is wasted in healthcare due to inefficient communication technologies (e.g., pagers, faxes, email, telephone calls) often used to coordinate patient admissions, emergency responses, patient transfers, and more. The study also indicated that adoption of secure/unified messaging solutions could help providers and the healthcare industry recoup the wasted time and more than half of the cost ($5.8 billion) attributed to use of these inefficient communication tools.
In addition to securing text messages sent by clinicians, unified messaging solutions offer a number of other benefits that are critical to streamlining clinical workflows including:
- Accurate, up-to-date clinician contact/directory/on-call information at your fingertips instead of having to refer to paper charts or emails to collaborate on patient care, receive updates on lab results, reach out to specialists for consults, etc.
- Ability to attach high-resolution images, including photos, X-rays, and EKGs to any text message, accelerating diagnosis and treatment.
- Integration with call centers and answering services.
Trend 5 E-Prescribing
E-Prescribing: Getting All Doctors On Board
By Linda Girgis, M.D., Girgis Family Practice, Twitter: @DrLindaMD
E-prescribing, or the ability to electronically transmit prescriptions from the point of care to pharmacies, has been evolving into the gold standard way of prescribing medications. According to the Office of the National Coordinator for Health Information Technology, 70 percent of doctors were e-prescribing as of April 2014. They additionally showed that its use has increased across all 50 states. They have also reported that 96 percent of all pharmacies in the U.S. have e-prescribing capabilities. These represent substantial increases in utilization since 2008, when MIPPA and the EHR Incentive Programs went into effect.
E-prescribing has truly revolutionized the way doctors prescribe medications. Prescriptions are now more legible, and this decreases dispensing errors because of illegible writing. In most systems, alerts pop up when there are drug interactions or contraindications, which have truly helped to cut back on physician time in looking these up when needed and have improved the quality of care by eliminating potential avoidable adverse outcomes. It has increased convenience for patients because they no longer have to take the paper prescription, drop it off at the pharmacy, and wait for it to be filled.
However, there are still several inefficiencies in the system that need to be worked out. For example, e-prescribing has been said to reduce callbacks from pharmacies. However, this isn’t the case for many physicians. In fact, many doctors (including myself) get frequent callbacks from pharmacies saying a prescription submitted electronically was never received. Most often, it is confirmed that these prescriptions were successfully submitted. However, this back-and-forth is frustrating for doctors, pharmacists, and patients alike.
The other big hurdle is getting the uniform ability to prescribe controlled substances across the board. This is a much safer way to ensure that those prescriptions do not fall into the wrong hands or are altered. It is cumbersome to send some prescriptions for the same patient electronically when they carry a written prescription for others.
In general, e-prescribing is seeing great increases in utilization and is becoming the standard in clinical practice. Hopefully, the inadequacies that exist can be addressed and solved, and it can evolve into the truly tremendous tool it has the potential to be.
Trend 4 Patient Portal/Engagement
It’s Time To Unify Portals & Eliminate Silos
By Neil Versel, Contributing Writer, Health IT Outcomes, Twitter: @nversel
Patient engagement has been on the minds of healthcare CIOs at least since the Stage 2 Meaningful Use rules came out in 2012, and probably longer. Not only is patient engagement a key component of Meaningful Use, but also it’s pretty much an imperative when it comes to reducing preventable hospital readmissions.
Since user-controlled PHRs haven’t caught on with the public despite years of development, patient portals have been the primary electronic means by which health systems, hospitals, and physician practices have delivered test results, supplied copies of records to consumers, and allowed patients to send secure messages to their providers.
Until someone figures out how to get large numbers of consumers to see value in PHRs, patient portals will remain the dominant vehicle for patient engagement. But they are far from perfect, as CIOs surely know.
The sickest patients and those most at risk of readmission could have records in multiple portals, even within a single healthcare delivery network — one for emergency care, another for inpatient care, and others tied to their primary care physicians and to rehabilitation or homecare services. That is inconvenient for patients, a nightmare for systems integrators, and a nonstarter for physicians, many of whom have a tendency to fight technology that makes them do extra work without additional compensation.
Providers often choose the portals supplied by their EHR vendors. A 2012 report from KLAS Enterprises called this strategy the “path of least resistance.” In 2015, this will no longer be good enough because CIOs will be in the business of breaking down data silos rather than creating new ones. Expect portal integration to become an important part of the discussion around interoperability.
As accountable care takes hold and fee-for-service reimbursement cedes ground to bundled payments, providers will find new uses for portals. Portals could help pull data from home-based monitoring devices into EHRs, for example. They also could enable more virtual care, including secure video visits in lieu of follow-up office visits, saving time and money for patients and payers while also freeing up appointment slots for those with acute illnesses.
Trend 3 ICD-10 Compliance
ICD-10: Exemptions, Incentives, & Silver Bullets
By Steve Sisko, Health IT Consultant and Blogger, www.shimcode.blogspot.com, Twitter: @ShimCode
In March of 2014, Congress and CMS gave the healthcare community what more than a few associations and people considered an unexpected gift: a third delay to the ICD- 10 compliance date. Many believe this third delay will be the charm and that the current compliance date of October 1, 2015 will stick and not be moved again. Others believe that in 2015 CMS will bequeath some sort of hardship exemption, nonenforcement grace period and/or incentive to those struggling toward compliance with the ICD-10 mandate. Still others are hoping they can purchase some sort of silver bullet to help them meet the compliance deadline.
Hardship Exemptions — As 2015 unfolds, watch for CMS to be lobbied to provide a hardship exemption, much like was made available this year for eligible professionals enrolled in the Meaningful Use program. A hardship exemption or non-enforcement period — as was done with the HIPAA 5010 deadline — may, in fact, be a reasonable remedy for those who’ve made a good faith effort toward compliance. And any exemption or nonenforcement period should be temporary and with clear expectations as to eligibility, participation, and exit requirements.
Incentives — Just as the government incented providers to adopt EHRs by providing them with financial assistance, there has been talk about providing a similar incentive to those struggling with ICD-10 compliance — particularly solo and small group practices. While this might have been a reasonable option two or three years ago, it seems that providing an incentive at this time is a day late and a dollar short (or maybe two years late and many thousands of dollars short).
Silver Bullets — Absent the availability of any hardship exemption, non-enforcement period, or financial incentives to comfort those struggling toward compliance, there will be organizations searching for a silver bullet with which they can slay the ICD-10 compliance beast. Some organizations will look to computer-assisted coding (CAC) tools to automate complex coding tasks. Others may hitch their diagnosis coding wagon to some sort of code translation tool, continuing to code in ICD-9.
Trend 2 PHI Security
Eliminate Common Health Data Vulnerabilities
By Ken Congdon, Editor In Chief, Health IT Outcomes, Twitter: @KenOnHIT
I’ve been immersed in the subject of PHI security lately. I’ve written several articles on the subject this year, and I’ve put together a series of webinars on the topic in this last quarter of 2014. There’s no question PHI security is top of mind with just about every healthcare provider out there, and there’s good reason for this. Just about everyone in the industry is painfully aware of the rise in health data breach activity over the past couple of years. For example, according to Redspin’s 2013 Breach Report, seven million patient records were breached in 2013 — a 137.7 percent increase in the number of patient records compromised the previous year. Moreover, the annual cost of these breaches to the healthcare industry is estimated at $5.6 billion annually.
Most health providers realize they aren’t doing enough to protect electronic patient data, and they’re searching for guidance on how to shore up their defenses. The bad news is securing PHI isn’t easy. There’s no magic bullet to ensuring PHI security, and no system will ever be 100 percent secure. That being said, there are some common vulnerability patterns in healthcare that account for the vast majority of health data breach activity to date. Identifying your own weaknesses in these areas and building a strategy to eliminate these data exposure risks are the first steps to improving your security infrastructure overall.
For example, of the 945 health data breaches reported to HHS to date, 30 percent of the violations were due to lost or stolen laptops or other portable devices. Instituting sound data encryption, remote wiping, and MDM (mobile device management) capabilities on these devices can reduce your exposure in this regard. Furthermore, implementing virtualization technologies to limit the amount of data actually stored on these devices is also recommended. Another 20 percent of the data breaches to date were due to the negligence of an employee or business partner. Proper identity and access management protocols are instrumental to limiting data exposure in this area.
Trend 1 EHR Meaningful Use
Meaningful Use: 2015 And Beyond
By Jim Tate, President, EMR Advocate, www.EMRAdvocate.com, Twitter: @jimtate
What a long way we have come in the past five years. In the frightening days of early 2009, with a global economic storm waging, there appeared a silver lining. Who could have imagined that massive seed funding for an interoperable healthcare system would emerge from a stimulus package designed to keep us from going off the financial cliff?
We had to learn a new vocabulary: “certified EHR,” “eligible professional,” “attestation,” and “Meaningful Use.” The entire kit and caboodle had to be created from scratch. Vendors were being offered a once-in-a-lifetime opportunity to sell products to customers who would be purchasing with taxpayer money. It was like watching a tree grow as new software was created to meet the escalating requirements. HIEs here, portals there, secure messages everywhere.
In some ways the achievement of Stage 1 Meaningful Use was a walk in the park. Some new software and a few tweaks to existing workflows and those initial incentives would come in like clockwork. Stage 2 brings the first heavy lifting on our way to the promised electronic interoperable healthcare system and power flowing to the patient side of the equation. Five years in and we are now in the deep part of the river. We are getting down to the disruptive forces of patient engagement. This is a major cultural shift in healthcare. Stage 2 requires that patients have direct online access to their records and the ability to securely message their providers. This level of patient empowerment undercuts the established patriarchal foundation of healthcare delivery and is fueled by patient advocates who demand, “Give me my data!”
A revolution happens one day at a time, and it is only in the looking back that we can see the pivot points of a new direction. We have had quite a few of those days in the past five years, and the landscape viewed from the 20,000-foot perspective shows just how far we have come. The next five years? Perhaps not too difficult to predict based on connecting the data points of the accomplishments we have seen. Clinging to the old ways will be more and more difficult as access to data, price transparency, and quality comparisons take hold. Welcome to the future. It’s been a long time coming.
Get unlimited access to:
Enter your credentials below to log in. Not yet a member of Health IT Outcomes? Subscribe today.