Tag Archives: medical tablets

3 Ways Patient Infotainment is Improving Patient Health

Credence Research, a worldwide market research and counseling firm, reports that increasing demands across the US, UK, and other nations for patient infotainment systems have prompted large investments from hospitals, making patient infotainment one of the largest markets in the world. The last place anyone wants to visit for an extended period of time is a hospital, so we’re seeing an increase in patient infotainment solutions. Trends for this market have been on the rise, combining the entertainment software application market with medical tracking software so medical computers serve a dual purpose—informing medical staff about patient conditions, and (hopefully) improving patient conditions by taking their mind off of why they’re in a hospital to begin with. There’s more to infotainment than that, however, and it requires a little education in patient infotainment trends to understand why.

Trends in Patient Infotainment Remove the Mystery

It’s not always clear how things operate in hospitals. The standard used to be reliance on nurses for everything—changing a television channel, ordering food, adjusting the bed, and other factors that would detract from a nurse’s duties. Patient infotainment is designed to remove the guesswork and present all options to a patient while freeing up most of the menial duties originally tended to by nurses and doctors. Instead of using a call button, waiting for a nurse to arrive, and then asking for blinds to be open or shut, that process is a patient engagement wrapped into a medical computer that a patient can easily access. Fewer questions are asked, nurses and doctors have more time to address pressing needs, and patient satisfaction results are higher. This reduces workload and stress for medical staff, thus boosting morale, potentially opening the door for larger staff, reducing the patient to nurse ratio, and increasing overall hospital efficiency rates. A recent case study showed that a standard hospital in France had a total staff-to-patient care time of about eight minutes on average. Efforts to implement patient infotainment systems can increase that time. To add, patients can turn their infotainment into edutainment, learning about their ailments while awaiting their next visitation or apple pie. RomexSoft recently gave a list of five overriding goals of EHR, one of them being inclusion and engagement of patients in their own care. If patients are educated about their own ailments, they may know enough to avoid ending up in the hospital again. Infotainment systems are key in stimulating conversations between medical staff and patients, removing ignorance about medical conditions that are keeping patients from their normal lives.

Connectivity is a Phone Call Away

Perhaps the most crucial aspect of patient infotainment is the ability to reach out to friends and family. With voice-and-video applications built-in to the medical grade monitors, patients can reach out to loved ones with the touch of a few buttons to connect. This factor alone is probably the greatest patient satisfaction feature medical computers can provide in hospitals. Not only can patients talk with anyone online, the connectivity of a medical tablet gives access to music, YouTube, movies, and even games. Much of the patient recuperation process isn’t just about healing—it’s about taking care of the full needs of the patient, which includes mental stimulation and removing the feeling that a patient is “all alone.”

Patient Infotainment Still Needs to be Informative

The benefits of having a single medical grade monitor for both the patient and hospital staff are numerous. Nurses can check medical records and see instant patient biofeedback, then return the PC to patient use. Doctors can prescribe medications and then have them sent to patient rooms within minutes. With security features enabled like a CAC or RFID scanner, medical staff can access important records, hide the unimportant details for patients, and then return the PC to patient operating status. A lot of the EHR software is entirely cloud-based, so if there’s ever a PC malfunction it can be replaced quickly with minimal loss to data. Plus, EHR software updates can happen universally, avoiding EHR compatibility between PCs. Medical professionals are constantly kept at the latest version of their software, and patients get the latest entertainment values during their stay.

The CyberMed H22 medical grade all in one computer is a widely popular choice for hospitals and patient infotainment systems. It features a sealed front bezel to protect against dust and water, an anti-microbial housing to ward off infections, and is certified to be patient safe. It’s built with infotainment in mind, reducing time medical staff use to cater to a patient’s needs so they can focus on more important duties. Customize it today to fit your medical PC needs.

Data Corruption in Hospitals

How to Avoid Data Corruption in Hospitals: Prevention Starts with Awareness

Technology in any industry is always subject to Murphy’s Law; if a problem can arise, it will. That’s the lay of the land in tech, and there’s no avoiding it. However, awareness of data corruption in hospitals and being prepared with the right hardware helps any facility combat whatever technological mishaps might come around the corner, whether it’s mishandling equipment, faulty machinery, cybersecurity threats, drive failure in medical grade computers, or even an individual accessing the wrong data. Patient information is on the rise for the black market and is considered more “valuable” than credit card numbers. Individuals can access past healthcare records and use patient information to order medicine—which can lead to a host of other problems. In order to minimize these problems, it starts with awareness. Beyond that, here’s what’s in place to ensure data corruption in hospitals and cybersecurity breaches are kept to a minimum.

RAID Array

Redundancy is one of the primary keys to keeping data alive, especially in a highly mobile environment where hardware can (and will be) mishandled. Granted solid state drives have been more reliable in the past because of fewer moving parts, but it’s important to have redundancy in medical grade computers regardless of drive condition or health. Dual solid state drives are a necessity to avoid data corruption in hospitals. If a drive fails, the secondary drive is available to copy to a replacement drive during downtime windows. Plus, solid state is a technology that doesn’t require defragmentation management—maintenance doesn’t have to run defragmentation software to pull computers out of commission. Using this technology keeps data throughput high, time on medical grade computer maintenance low, computer profiles slimmer, and patient records more secure.

Auto-Shut Down with Hot-Swappable Batteries

Mobile environment computers can’t compromise with stationary power or faulty batteries. The wrong battery-powered tablet might shut off immediately on low power instead of auto-saving work and shutting down. A computer plugged into a wall outlet can potentially turn into a tripping hazard, especially if the machine needs to be relocated around patients. And if someone actually does trip and pull the plug out of the outlet, and unexpected system shutdown can cause data corruption in hospitals and their integrated systems, unless those systems are equipped with redundancy power systems or are battery powered “hot swap” computers. These medical grade computers are designed to run on multiple Lithium-Ion batteries that can be swapped out while the computer is still running. Alerts will notify a user when battery power is below a certain threshold and can even initiate a system shutdown before complete power loss to avoid any system corruption. Over time, the efficacy of a Lithium-Ion battery will wear down as will any rechargeable battery, and eventually must be replaced. However, having extra batteries on hand will ensure power downtime will be virtually timeless.

Cybersecurity as an Utmost in Importance

The wireless data transmissions of a hospital are constant, transferring files between several computers at high speeds. That’s why a lot of systems operate with Intel-certified WiFi and Bluetooth wireless modules so data transmissions run with more secure wireless transmissions. It’s important to have the best hardware to ensure data bouncing between mobile environment computers stays intact. As before, data transmission is never perfect, but using the best technology available to healthcare professionals ensures top encryption for wireless file transmissions. If data is ever captured for use outside the medical environment, encryption ensures that it can’t be read for any purpose, whether malicious or not.

There’s Always the Human Element

Data corruption in hospitals can happen with something we’re all prone to—accidental dropping and damage. It’s important to have data storage shock-mounted in case of these slight mishaps, but, as before, mobile environment computers often have a secondary layer of protection against accidental damage using a RAID array for storage. Even if there’s significant damage to storage on a mobile environment computer, data redundancy is ensured so loss is kept at a low rate of chance. Solid state drives have improved security benefits over older platter drives—without moving parts, drive information is less prone to loss because of better manufacturing trends. To put simply: we all drop things and that causes damage. Solid state drives break less.

The good news is that Cybernet’s medical grade computers offer all of these features. These computers are built from the ground up with several real-world aspects in mind, data corruption being one of them. Take a look at what we have to customize for your medical staff needs and put us to the test. Combining higher-quality manufacturing for solid state drives, higher encryption with Intel-certified WiFi/Bluetooth modules, and never-off, hot-swappable Lithium-Ion batteries, Cybernet’s computers are prime for the medical environment, boasting a less than 2% failure rate in real world application.

How Medical Tablets with RFID Scanners Can Save Hospitals Money

How Medical Tablets with RFID Scanners Can Save Hospitals Money

The state of the healthcare industry is ever-changing, and medical providers need to focus both their time and their resources on ways to improve the quality of care for their patients as well as managing their company budget. Medical tablets with RFID scanners not only can streamline asset tracking but also help organizations cut back on costs in other areas.

Statistics show that 10 to 20% of mobile hospital assets are either lost or stolen and that the average cost per missing item is nearly $3,000. Also, 40% of hospital pharmacy funds are spent on “rush” orders, and these could very easily be prevented with better asset tracking.  What’s worse is that whopping three-quarters of the total time spent on hospital maintenance, as well as one-third of that of hospital nurses, is often wasted on searching for supplies. This essentially takes away from the quality of care given to hospital patients. One of the greatest challenges many hospitals and other medical facilities face is helping their already overextended workers spend less of their time on activities other than patient care.

One way that hospitals and other medical facilities are tackling these challenges is by investing in devices that utilize single sign on technology like that provided by Imprivata. These devices contain biometric readers or RFID technology that eliminates the need for manual password entry, making logging in to devices quicker and far more secure. Medical tablets with RFID technology offer hospitals a much better way to maximize their overall efficiency and reduce their amount of waste. Medical tablets with embedded RFID scanner give the users the ability to both track and manage all of their mobile assets and their patients. Medical grade tablets enable RFID data capture that does not require line of sight, thus allowing users to capture multiple tags in a single pass without having to move any equipment. It is also an ideal option for medication and supply storage areas requiring consistent monitoring, as it reads literally hundreds of tags each second, making for quick, easy and convenient monitoring of inventory.

Additionally, scanning and analyzing patient rooms, medical procedure areas, stock rooms, hospital labs, and numerous other areas with RFID-enabled medical grade tablet can be completed in just a few short seconds. There are a variety of ways hospitals can implement and utilize medical tablets with RFID technology in an effort to save their business a lot of money.

Here are a few of them…

Asset Tracking

Medical grade tablets with RFID scanners can be utilized for detecting and timestamping the movements of critical hospital assets in order to locate them quickly whenever they’re needed. This reduces both lost and theft of hospital equipment and supplies, thus improving overall productivity and quality of patient care. The collected data can then be used for managing equipment flow processes as well as for resource planning purposes.

Inventory Control

Medical tablet PCs with RFID technology can also be utilized for providing continuous automated inventory monitoring, and it can alert hospital personnel whenever minimum levels have been reached, as well as when the amount of stock is nearing expiration. This ensures the availability of medical products and treatments, thus preventing unnecessary and potentially costly rush orders from occurring.

Injection Safety

One of the most tangible manifestations of medical equipment management, wherein RFID scanning promises a sea change, is injection safety. The process is simple but effective – RFID tags are incorporated within patient wristbands, making all prescription data available to a care provider through a medical tablet. This information also connects to the hospital’s injection drug inventory and dispensing records, enabling a watertight monitoring system for better injection safety. This technology was successfully adopted by Tokyo based Sanraku Hospital, in collaboration with BayNexus.

Radiology Department

Radiology equipment undergoes frequent quality checks by means of government inspections. Medical tablets with RFID scanning make this process more efficient. An effort by Wake Forest Baptist Medical Center illustrates this. RFID tags were sewn into X-ray protection vests in order to locate them quickly during an inspection. RFID has also been instrumental in managing the contrast media vials inventory of a Florida hospital’s Radiology Department. Contrast media is commonly injected into patients undergoing MRIs; however, it is highly toxic for patients with compromised kidney function. Contrast media vials thus need to be regularly, meticulously and accurately monitored, a task that is greatly simplified when RFID technology comes embedded in medical grade tablets used by the personnel.

Healthcare IT Asset Management

Locating and protecting hospital devices that may contain private, sensitive and protected information or other data can be conveniently and efficiently carried out with the use of medical tablets with RFID scanners, thus maintaining compliance with HIPAA data security laws.

Patient Tracking

Should any incident of the type occur, RFID-enabled medical tablets aid in the prevention of medical mistakes and errors due to patient misidentification – and also alert first responders and other personnel nearby. Additionally, RFID badges provide patient relatives and other visitors with secure, temporary ID access that can be easily scanned by the staff using medical tablets.

Infection Control

Taking patient tracking a step further, medical tablets with RFID scanners enable hospital staff to keep tabs on people coming into contact with patients with contagious diseases. Texas Health Harris Methodist Hospital has set up a monitoring team especially for the purpose of evaluating RFID tracked data for possible infection screening.

There are many other ways in which RFID scanning helps prevent nosocomial infections. For instance, a RFID enabled wristband for hospital staff, developed by startup IntelligentM, is designed to ensure that hand-washing standards are met by means of a simple vibrating alert.

Additionally, medical tablets with RFID are completely antimicrobial including the casing and the touchscreen. IP65 sealed bezels allow them to withstand disinfection with liquid solutions, so hospitals can ensure the devices used by staff and the patients are sterile.

In conclusion, medical tablets with RFID technology can help hospitals and other healthcare facilities save money and improve their security, efficiency and overall quality of patient care. RFID-enabled medical tablets lower costs, simplify deployment and maximize company ROI.

Can Your Medical Computers Run Military Genesis EHR?

MHS Genesis EHR is now a reality. After four years of planning, months of tests and delays, and a $4.3-billion contract, Department of Defense’s first electronic health records implementation is live at Fairchild Air Force Base in Washington.

Military Healthcare System (MHS) Genesis is based on commercial Cerner EHR and is a part of the DoD’s plan to update its legacy HIT infrastructure. Originally slated for roll-out in December 2016, it was delayed for a revision to ensure the system testing is complete before its prime time.

The challenge that prompted the delay was the sheer complexity of the project. Data exchange, interoperability, and integration of the new system with legacy systems across the military healthcare providers caused some doubts whether Cerner had the capacity required for the project of such magnitude. The Office of Inspector General even audited the DoD EHR update project and stated the federal organization was trying to undertake a project too big for the set timeline.

Genesis EHR

Nonetheless, the first week of the implementation is rated as a success, according to the DoD press release. Fairchild’s 92 Medical Group is the first military clinic to use MHS Genesis. It is the first single, integrated inpatient and outpatient EHR in the U.S. enabling a team approach in providing healthcare services. The Genesis EHR is collaborative and gathers all health information of a patient into a single e-PHI record. The system will have the bandwidth for 9.4 million e-PHI records for DoD beneficiaries & 205,000 MHS personnel globally. MHS Genesis will cater to:

  • 55 military medical centers and inpatient hospitals
  • 300 US Navy ships
  • 2 hospital ships
  • 373 clinics
  • 5 theater hospitals
  • 251 dental clinics
  • 3 services

According to DHA’s brochure, MHS Genesis is a game changer because:

  • all services will use a single system
  • it replaces an estimated 50 legacy systems
  • healthcare providers & patients will be able to access e-PHI anytime, from anywhere
  • it enables greater collaboration and improved healthcare delivery

To address the interoperability requirements, Cerner’s MHS Genesis allows Department of Veterans Affairs and commercial healthcare providers to access its data through Joint Legacy Viewer.

During 2018, DoD plans to deploy it at Naval Hospitals in Bremerton & Oak Harbor, & Madigan Army Medical Center in Tacoma. Genesis EHR system is slated for a nationwide implementation & global deployment in the U.S. medical facilities and garrisons by 2022.

Earlier this year, during a House Committee on Veteran’s Affairs hearing, the Government Accountability Office Director of IT Management Issues David A. Power said the VA should take the same approach and adopt a commercial SaaS EHR solution instead of trying to upgrade a 30-year old VistA system.

A separate GAO report notes the abandoned VA and DoD interoperability project that sought to develop a joint EHR system for the healthcare providers for active military staff and veterans cost $564 million. Both agencies decided to drop the endeavor, but while DoD opted for Cerner’s EHR, VA decided to upgrade its legacy VistA. Power calls this last decision “unwise,” as running separate systems does not lend itself gracefully to interoperability. VA’s Acting Assistant Secretary for IT & CIO of the Office of IT Rob C. Thomas, II, noted VA intended to go commercial, indeed, in response to committee’s feedback.

Providers Might Not Have The Medical Computers & Tablets Apt for The Task

The Pentagon says training the end-users for the seamless transition to Genesis EHR is one of its highest priorities. However, some officials are not sure if their computers and tablets are powerful enough to run Cerner’s EHR, according to Politico. The computer hardware at many DoD installations might not be able to handle the upgrade.

The four initial deployment hospitals in the Pacific Northwest are funded to purchase new medical computers. However, the other facilities might need the Pentagon to adjust the budgets to accommodate the acquisition of new medical computers for Genesis EHR and medical tablets sophisticated and robust enough to support Cerner solution.

MHS officials have more concerns figuring out how to deal with certain healthcare programs that are outside of its EHR. Cerner built Genesis so that it could interface with existing programs, but some applications are left behind, such as the nuclear medicine info system.

Medical Computers for Military EHR

Medical tablets and medical computers for military EHR must meet multiple requirements.

  • Powerful Cerner compliant hardware

Medical computers for Genesis EHR must be Cerner compliant and have a powerful Intel last-gen CPU, video card, and ample connectivity options. EHR is a resource-hungry application. A single EHR update can clog a weaker PC and lead to costly downtime, which is debilitating for a healthcare setting.

  • Compatible operating system

Medical computers and medical tablets for Genesis EHR must be Windows-powered. No mobile operating system can afford your handhelds the compatibility, ease of use and integration advantages of Windows-based medical tablets.

  • Support for legacy hardware

Medical environments abound in legacy hardware and applications. Medical computers for military EHR must come with serial ports and interfacing capabilities to support legacy software.

  • Superior data protection mechanisms and support for advanced authentication

Integrated CAC, Smart Card reader, a biometric scanner and RFID Imprivata SSO are hardware-enabled advanced authentication mechanisms that help organizations bring their data protection strategies up-to-date. On the software level, Windows medical computers and medical tablets for military EHR must support full disk encryption and encryption of external drives through a standard USB wire.

  • Safety for near-patient use – antimicrobial housing, electric and radiation safety certification

Hospital-acquired infections claim thousands of lives and millions in costs yearly. Therefore, medical computers for military EHR must come with antimicrobial and waterproof housing, easy to disinfect. A CDC-compliant, fanless, antimicrobial build is perfect for sterile environments.

Radiation and electric safety certifications are paramount for medical computers & tablets. Particularly for the cart-mount computers with hot-swap batteries nurses and physicians use for patient checkups, EHR update and drug dispensing. FDA issued a warning the batteries in powered medical carts may cause fires and smoke, disrupting the workflow at U.S. hospitals. When you choose a medical cart computer for a military healthcare facility, account for more than battery uptime, but also for battery safety & reliability.

  • MIL-STD Components

MIL-STD components ensure the durability of your medical computers and tablets, as well as their long lifecycle and low overall failure rates that translate into low Total Cost of Ownership. Medical tablets used in military healthcare system must be rugged to withstand the pressures of the military environments.

  • Upgradeable, customizable, easy to deploy, maintain and use

Medical computers for military EHR must feature ample customization options and ensure the computers are able to accommodate any future EHR upgrades. From this perspective, it is always better to deal with the vendor rather than a reseller and inquire into the availability of spare parts over the course of device’s entire lifecycle, extended warranties, and out-of-warranty services.

  • Ergonomics and Power Efficiency

Military healthcare facilities have to deal with space constraints more than any other healthcare organization. Submarines, ships, military bases in remote locations require medical computers that can be mounted on virtually any surface, bedside arm, medical cart or in a vehicle. Additionally, medical computers and tablets for military hospitals must come with an internal power supply or hot-swap batteries to ensure full-shift uptime, and modest power consumption.

Contact a Cybernet representative today to find out about our Cerner-compliant medical computers & tablets.

5 Ways To Make Your Data Unhackable

In A Digital World, No Company Is Immune

The recent WannaCry ransomware attack wrecked havoc around the globe and highlighted the problems of cyber security in many industries. No country or industry was “left behind.” State institutions, telecoms companies, health care organizations, educational institutions, oil and gas companies, manufacturing across the world seized operations. Downtime, regress to pen-and-paper operations and panic – these are the takeaways of WannaCry for the majority of affected businesses.

Several issues have come to the forefront in the aftermath of the attack:

  • the use of the long-discontinued Windows XP across organizations
  • the lax attitude to software updates and data backups
  • the lack of proper security protocols

Fortune notes that “every company is a digital company now.” Every business nowadays relies on technology and the Internet for a variety of operations. Cloud is hosting a broad range of business operations from customer service to accounting. Once a company gains a digital footprint, it has a digital landscape to protect. One is inseparable from the other. Just like you protect the safe boxes in your office, you ought to protect the digital assets of your organization.

No organization is immune to cyber attacks. Small and medium-sized businesses might think they are not the priority targets, but reality says otherwise. SMBs are among the top targets for cyber criminals because they lag in cyber security, as compared to larger organizations. Additionally, SMBs present an easy entry point for attacks targeting their bigger partners, as was the case with Target.

Why Customer Data Protection Is Important

There are many reasons, but mainly due to – 1) legal liabilities, 2) brand reputation, 3) financial damage.

In the US, EU, and Asia, there are disparate, yet increasingly strict data protection regulations. Companies dealing with customer – or patient – private data are responsible for its privacy and security. Most known data breaches end up in administrative fines, audits and even revocation or suspension of license.

Once the data breach becomes known, customers seek to indemnify the damage of having their personal data compromised. Trust is broken, loyalty is undermined.

Brand damage usually goes beyond discontent customers. Lost contracts, mergers, and compromised partnerships can be enough to push an SMB out of business and cause a significant stock drop for large companies. Combined with the expenses associated with the downtime, breach investigation, and mitigation expenses, the cost of a data breach is an average of $4 million.

Must Do’s

1. OS and Software Updates

WannaCry outbreak once again highlighted the importance of timely patches and system updates. Many state institutions and businesses worldwide were reluctant to update from the discontinued Win XP to the newer Windows versions. Despite its convenience in many aspects, there are too many risks associated with running the outdated OS.

Windows 7, 8 and 10 can be set up to receive automatic updates and security patches from Microsoft. On the contrary, if uncontrolled updates are not in line with your company policy, your admins can control the updates.

Windows tablets, medical and enterprise class, allow remote administration, including the updates and fixes. Your admins can push OS and software updates remotely, overseeing the process for the entire fleet of your devices. This eliminates the pressure on the not-so-technically-savvy end users working with these devices.

Remote administration is an essential part of cybersecurity. Your admins can sandbox applications, disable apps store, webcam, microphone, or access to public Wi-Fi. They can black- and whitelist applications and connections.

Only Windows OS allows for such flexibility and advanced control over corporate devices, so business tablets and medical grade tablets powered by Windows offer the high-end security capabilities.

2. Secure Authentication

Advanced authentication is possible when software and hardware capabilities work together to ensure only authorized personnel can access the contents of the device.

BYOD does not provide the level of sophistication, ease of use and flexibility necessary to protect your corporate and customer data from unauthorized access.

Business tablets and medical tablets, as much as business all-in-one computers, incorporate the native Windows authentication features with security of RFID SSO, Smart and CAC card reader, biometric scanners and fingerprint readers.

Security must be robust but easy-to-use. When security is too difficult and time-consuming, the employees “forget” to adhere. Advanced authentication is indispensable under the circumstances. It allows you to enforce stringent protection and grant your employees the ease of use.

3. Safe Wi-Fi and Data Encryption

Data encryption is crucial in any cyber security strategy. Windows business tablets and medical tablets come with several USB ports, and support encryption of data on external hard drives. This means your workers can encrypt data on USB dongles and external hard drives directly from the tablet – fast, secure, simple.

Configuring your corporate devices to avoid connecting automatically to insecure public Wi-Fi is equally important. When access to corporate Wi-Fi is impossible, your business tablets will ensure your field workers are online due to advanced connectivity options. Supporting 3G, 4G, Bluetooth, GSM, CDMA, business tablets are not locked to any telecoms provider, so you can set up your payment plans and bandwidth the way you need it – not the way your locked device dictates.

4. User Management, Access Restriction

Restricting access to personal information (of your employees, customers, and partners) is essential to data protection. Employees who have no need to know should have no access to confidential data.

Likewise, administrators must be able to see who accesses what data, when, from where and what they do with it. They must be able to monitor incoming and outgoing traffic. Windows remote management streamlines user administration – adding, removing users and privileges, setting up accounts and passwords.

Employee Left or Fired Access Not Terminated is a severe problem that often leads to compromise of corporate data. Eliminating ELOFANTs from your networks is another must-do.

Employees with privileged access must be able to use secure connections when outside of the office (VPN, end-to-end encryption, zero-knowledge cloud provider).

Of special note is, again, advanced authentication for employees traveling with corporate devices. Lost or stolen corporate laptops and personal smartphones often lead to data breaches. That is why business tablets come with advanced authentication mechanisms on the hardware and software level enforced by the remote location, lock and wipe capabilities.

5. Data Visibility and Control

According to Veritas and Vanson Bourne, 52% of corporate data is dark data. “Dark” is the data a company knows nothing about. Some of that data is business-critical, and its compromise brings liabilities. Some of it is obsolete, redundant or trivial. It means companies are spending large sums on maintaining cloud and on-premise data storage, 50% of which is clogged with the dark data.

The loss of data visibility is a grave issue:

  • 86% of ITs believe the clog of data increases the time it takes to respond to a cyber attack.
  • The average cost of storing 1PB of data per year is $5 million.
  • You spend 52% of your data storage budget on the data you know nothing about.
  • Worse yet, 41% of that budget goes to storing the data no one in your organization has touched in 3+ years.

BYOD and unregulated use of consumer applications (cloud, email, chat) contribute volumes to the problem. Employees treat corporate storage as personal, uploading terabytes of personal photos, videos, movies, and music files.

With corporate-controlled business tablets, your admins can regulate the storage, uploads, downloads, installations and file sharing, regaining visibility of your data and identifying data that can drive value.

To prevent your IT budget from becoming bloated and ineffective, you must regain visibility of and control over your data. Corporate-owned business tablets let you do that. BYOD does not.

Why Patients Want Telehealth – And How Providers Can Benefit From It

A recent study reveals how patients feel about telehealth. More than 50 million U.S. consumers are willing to switch to a provider that offers telehealth services. Notably, patients want telehealth for a broad scope of issues ranging from minor tasks like getting prescription refills to managing chronic conditions and as an alternative to late-night ER visits.

65% of consumers want their primary care physician to offer telehealth video calls, not emails, or phone calls. Notably, most patients do not wish to switch a PCP because they trust their physician, but 20% are willing to make the switch to get the service.

According to 2017 Consumer Telehealth Index [pdf], 67% of adult patients delay visits to doctors. The reasons are obvious – high costs of care and, most importantly, long time it takes to see a doctor or nurse. For most U.S. consumers living in a city, it takes 18.4 days on average from the day they make an appointment to the day they visit a doctor. Once in the office, the visit takes 120 minutes on average – 100 to get in, 20 to talk to the doctor.

Having trouble to squeeze the visit into a busy schedule, or hoping the problem would go away on its own contribute to the list of reasons Americans are reluctant to see a doctor.

The patients delay seeking care for serious health issues, not just minor ones. A third of delayed visits accounts for serious conditions that could have cost the payer and the provider significantly less had the initial visit to the doctor been timely. Late diagnosis translates into aggravated conditions and more expensive treatment.

Delayed visits for routine checks and minor issues – preventative exams, flu shots – can lead to equally serious ramifications.

Time, Location, and Cost Benefits of Telehealth

With the waiting time and the tediousness of getting a brick and mortar appointment with the doctor, consumers value the time-saving advantages of telehealth. The survey estimates that when using telehealth video conferences with their physicians, patients spend an average of 5 minutes waiting, and 8-10 minutes “seeing” the doctor.

The great convenience of being able to have a video conference with a doctor from home, office or while traveling has significant cost savings for the payers. Increasingly more health plans now cover telehealth at a lower cost than a typical visit to the doctor.

Interestingly, the U.S. adults report their concerns were resolved completely in 64% of in-office visits to the doctor, and in 85% of telehealth video calls. A separate study found repeat visits for the same conditions within two weeks were lower for telehealth than for office visits.

Areas Where Consumers Want Telehealth

Emergency Rooms. 20% of Americans are willing to have a video call as an alternative to the late-night ER visits. The Houston Fire Department’s ETHAN program is a telling example of how telehealth averts low-acuity ER visits, ambulance rides, and makes the work of ambulance teams more productive and fast.

Traditionally, ER is a place with long waiting lines, and high costs, for both provider and payer. ERs, on the other hand, are highly overloaded, which does not help increase productivity or reduce staff burnout.

Telehealth is a lower cost alternative to an ER visit. Timely video calls help avert low-acuity ER visits, decreasing the pressure on the emergency care facilities, and the cost of care for the provider and the patient.

Follow-up visits. With preventable readmissions being a pressing financial concern for the providers, reducing the readmission rate is critical. 52% of patients want to use video conferences with their doctors for post-discharge follow-up visits.

Telehealth helps doctors achieve a greater level of control over the post-discharge care, give timely reminders and identify serious symptoms on time. Likewise, patients are less stressed physically during a video call than a visit to the office. Patients enjoy greater control over their treatment and are more likely to adhere to recommendations than with the office visits.

Chronic conditions. 60% of adult Americans want to have regular video conferences with their physicians to help them manage a chronic condition. Chronic conditions’ cost is high for the provider and the payer. So, telehealth solutions for such chronic conditions as diabetes and hypertension make care more accessible for the patients.

Getting a prescription refill is particularly tedious. So, most patients want their PCP to be available for a video call to get their prescription refilled. Half of female respondents are willing to have routine birth control-related visits via video calls.

79% of respondents who care for an elderly relative would like to be able to participate in the video conferences with the doctor. They expressed the need to be more informed and involved in the treatment. The group conferences doctor-patient-caregiver have a great potential to improve outcomes.

What This Means for Providers

One of the key takeaways from HIMSS17 was the urgent need for a patient-centric approach. As patients get more choices, they will inevitably switch to providers and care plans that offer more for less money. Telehealth allows patients achieve that goal – get an accessible care in a convenient format for the same or lower cost.

Doctors, on the other hand, want telehealth because it lifts the burden. ER units are more focused on acute patients, with the rest diverted via telehealth. Physicians service more patients in less time with video calls rather than office visits.

Combine that with the ability to complete EHR documentation instantly, during the video visit, sign prescriptions, view medical images, and get live updates from remote patient monitoring devices. That way, a doctor minimizes the time spent on the EHR documentation after work (2-3 hours of uncompensated time daily).

The benefits of telehealth for minimizing preventable readmissions and improving outcomes are significant. As much as in-room infotainment systems, telehealth solutions offer many user-friendly formats for educational material.

Now that providers see the wisdom in investing in telehealth, it is vital to screen solutions carefully.

Providers are responsible for electronic patient health information (ePHI) privacy and security. They need to control the flow of confidential data to and from their systems. Therefore, advanced authentication and remote administration are a must. Windows medical tablets have a biometric reader, CAC/Smart Card, and RFID Imprivata SSO. Add in the Windows native authentication mechanism, end-to-end encryption for incoming and outgoing data, and you get a compliant and secure solution.

Bring Your Own Device is not the best fit for the task. A fleet of disparate operating systems, rooted Android and jailbroken iPhone devices, poor cyber security awareness, bad browsing and downloading habits mean there is very little a provider can do to protect ePHI.

The providers need a reliable solution with minimum investment and maximum output. Windows medical tablets offer high ROI. Most programs are designed for Windows primarily, so you don’t need to cripple a desktop program to squeeze it into a mobile operating system.

Windows medical tablets have legacy ports, USB mini and regular ports, and allow encrypting data on external drives. They can run EHR. Resources of a Windows medical tablet are far superior to those of a typical BYOD device. Multitasking and viewing medical images is a breeze with Intel 5th-gen Intel processors.

Add in full-shift uptime with durable batteries, or hot-swap batteries, MIL-STD components, antimicrobial coating, barcode reader and full disk imaging, and you get a durable powerhouse that lasts for years.

Despite the seemingly low initial cost of BYOD, the total cost grows exponentially when you need to deploy mobile-dependent healthcare solutions. Only medical grade tablets are capable of powering your clinical needs, providing the security, resources, and usability required by your staff.

Data At Risk – BYOD vs Medical Tablets in Healthcare

You would be hard-pressed to find a healthcare worker who does not use a smartphone or tablet for work. Be it for taking notes during a phone conversation, searching for references, using medical apps, tapping out a quick email on the go, video conferencing with a patient, or signing medical image files and prescriptions, medical professionals are enjoying the benefits of the mobile technology.

However, extending healthcare data into employees’ personal devices is not without risks. Blurring traditional security perimeters and aggravating the problem of loss of data visibility, Bring Your Own Device (BYOD) is one of the top causes of data breaches in healthcare.

Acknowledging The Problem

A recent report by PwC (PricewaterhouseCoopers) rates the mobile devices third on the list of top health industry issues.

The 6th Annual Benchmark Study on Privacy & Security of Healthcare Data by Ponemon found that the security flaws in the employees’ personal mobile devices are the top security threat. The cost of data breaches in healthcare was $6.2 billion in 2016.  The average cost of a data breach per healthcare organization is more than $2.2 million.

HIPAA Journal published the list of the largest healthcare data breaches in 2016, with BYOD mobile devices and insiders causing the data breaches with the most harm to patients. Even when the insiders do not mean to cause a data breach, their behavior and the lack of cybersecurity awareness create a fertile ground for hacks.

Healthcare organizations have tight budgets, so adopting BYOD seems like a cost-effective strategy with little to no investment required. However, the advantages of the BYOD pale when you look at it from the perspective of data security, HIPAA compliance, and the cost of identifying and mitigating a single data breach. Nearly half of all Ponemon respondents experienced more than 5 data breaches in 2 years. Top that with the fact that many data breaches go undetected for months, sometimes years.

Criminal attacks top the list of causes of data breaches, with the malicious insider following suit. Ransomware plagues the healthcare sector, according to numerous industry experts speaking at HIMSS17. Employee negligence and the insecurity of BYOD, the use of public cloud services and consumer-grade mobile apps for telehealth have created a vast attack landscape the criminals are exploiting successfully.

Patient billing information, Social Security numbers, and employee records are the low hanging fruit that earns hackers a fortune. According to Experian, the value of healthcare records is around $50 on the dark web, more than the cost of a stolen Social Security or credit card number.

BYOD in Healthcare

As the medical workers use the same device as their work and personal phone, the organizations lose control and visibility of the healthcare data they are liable for protecting. A recent report from a security firm Skycure found that 99% of doctors use mobile devices to share patient data, including the medical images. They use SMS and consumer apps such as WhatsApp, FaceTime, Skype and Google Hangouts for work. 14% of BYOD devices used by doctors are not password-protected.

Both iOS and Android have OS-level vulnerabilities, and being the two most widespread mobile operating systems in the world, they are also the two most targeted platforms with thousands of exploit kits available on the dark web. More than 5,000 malware variants targeting smartphones, and 250,000 ransomware variants are released quarterly, according to security experts.

Google and Apple release new versions of their mobile OSs leaving large populations of users with devices that no longer support these newer versions. At the same time, the newer versions come with numerous vulnerabilities. Add in the trend to jailbreak iOS and root Android, and the threat landscape becomes insurmountable for an average healthcare organization.

Consumers delay installing security patches, and fail to use passcodes. BYOD devices used in healthcare often end up in the wrong hands. Friends, and children of the medical staff access these mobile devices on a regular basis.

On the software level, BYOD devices are jam-packed with consumer apps and games. Banks and insurance companies are blacklisting apps such as WhatsApp, Skype or Google Hangouts, prohibiting employees from using them for any work-related communication. Numerous organizations have banned games like Pokemon Go due to their privacy-invasive features. Even if the developers of these apps mean no harm, their apps can be compromised and used by malicious actors.

Now, the doctors rely on consumer apps to deliver care. According to PwC, mobile health app adoption has doubled since 2015, with 81% of clinicians saying the apps help coordinate patient care. Yet, privacy is not on the table for the majority of consumer grade apps.

The Journal of the American Medical Association published a study that scrutinized Android diabetes apps. At the time of the study, the researchers found 271 apps on Google Play. Six months later, 60 of the apps were no longer available. 81% had no Privacy Policies. 41 apps had privacy policies, but 80% of those collected user data, 50% of them shared user data without the user consent. Only 4 apps’ policies claimed they would ask users for permission to share their data with third parties. The point is: the market of consumer mobile apps is unregulated. The developers often do not know if they are liable to any federal regulations. Accountability as such is non-existent for consumer mobile app developers.

Medical Tablets

Windows is considered to be the most secure mobile OS platform by security experts, and hackers alike. The hackers disfavor Windows mobile devices due to multiple layers of security, such as encryption, Windows authentication, and sandboxing. The business, military and industrial users turn to Windows tablets instead of Android or iOS. Consumers, however, base their buying decisions on ads and OS adoption among family and friends. Device security is seldom a factor.

In medical tablets, embedded RFID Imprivata Single Sign-On and fingerprint scanner/biometric reader, or Smart Card/CAC reader paired with Windows authentication protect the health data from unauthorized access. Your staff can leave their medical tablets in the patient rooms, at the reception desk, in hallways, without compromising the data security. The health data is secure with the medical tablets even in the event of a device loss or theft.

Full disk encryption, remote lock and wipe and advanced remote administration allow your IT admins to locate the device or wipe it. Sandboxing allows your admins to isolate some programs while blacklisting apps and connections allows protecting the ePHI from potentially harmful applications or games.

Medical tablets allow for remote device control, so your admins can push updates, patches or troubleshoot remotely. With medical tablets, you have the full data visibility and control without compromising the usability and security. Windows is the most adopted OS globally, so your employees won’t have trouble getting used to the user interface and functionality of the Windows medical tablets.

In addition, medical tablets come with regular and mini USB ports, which means your staff can use regular USB sticks or hard drives to write, read and encrypt data on external storage.

Usability-wise, medical tablets are easier to use. They come with a digitizer stylus, and recognize input form a gloved hand. Medical tablets come with barcode scanner embedded, so you get multiple devices in one.

Conclusion

The allure of BYOD is its cost-free immediacy. The price of BYOD, however, is high when data breaches occur, when providers lose data visibility, and control. If protecting patient data is on the table, providers need solid security. Solid security is not an instantly downloadable commodity, but a result of the design choices that put security at the core of the medical tablet’s concept.

Houston Fire Dept.’s Mobile Innovations and Telehealth In Emergency Care

From Feb. 19 to 23, 2017, Orlando’s County Convention Center (OCCC) hosted this year’s largest health IT conference and exhibition, HIMSS17. Cybernet traditionally attended, and we have a lot of news and impressions to share. With 7 million square feet, OCCC is one of the country’s largest convention centers, so there was a lot of ground to cover.

Of particular interest was “Mobile Innovations and Telehealth in Emergency Care” session by Professor James Langabeer, Ph.D., M.B.A. The session focused on how Emergency Telehealth and Navigation program (ETHAN), in conjunction with mobile medical tablets, is helping the City of Houston Fire Department be more efficient in responding to medical emergencies, especially when serving low acuity patients.

ETHAN

ETHAN, funded by Delivery System Reform Incentive Payment, launched in 2015 based on the belief that there must be a more efficient solution to provide care to non-emergent patients. By now, ETHAN has served nearly 9,000 patients, which is approximately 5% of all emergency calls in the city.

The challenge that prompted the City of Houston Fire Department (HFD) to seek better solutions is that of an increasing Emergency Department overload. Long waiting lines in EDs are growing, as increased population is finding it easier to dial 911 from their smartphones.

With 600,000 911 calls and 400 EMS transports per day, HFD is stretched beyond its capacity. If an average person used to call 911 once or twice in a lifetime, the current population has drastically increased the level of 911 engagement. Densely populated cities can not keep up with the number of calls. Prof. Langabeer notes how educational programs that aim to increase population awareness on when to use 911 always end up increasing the number of 911 calls instead of reducing them. In Houston, the number of fear-related, low acuity visits to ED is 20%-50% of all 911 calls.

Hence, HFD ambulances respond to a large number of low acuity situations that do not require medical equipment or urgent medical attention. It is these low acuity visits that call for ETHAN activation.

How It Works

Ambulance and firefighter teams are equipped with mobile tablets running ETHAN program developed by CISCO. It is a commercially available solution customized specifically for the HFD needs. The requirement was to make the solution HIPAA compliant, encrypted, with the capability to record interactions, and guarantee a reliable connection between the ETHAN crew and the remote physician, who might be on the move.

If the crew, upon arrival, decide that the patient may not require an ED visit, they activate ETHAN and initiate a video call with a remote physician using a medical tablet.

The remote emergency physician interviews the patient as if he/she were at the bedside, and, based on vitals, history, and assessment of the medic on site, may offer several options:

  • The ambulance transport to ED.
  • Referral to an ED with a prepaid taxi.
  • Clinic referral with taxi transport.
  • Referral to the primary care provider or home care.

 

The goals of ETHAN are to:

  • Reduce the number of ambulance ED transports for low-acuity cases that do not require urgent medical attention
  • Improve unit availability & total turnaround times
  • Improve focus on true emergencies
  • Connect patients with a medical home
  • Improve care quality, reduce costs

 

There are some situations, in which people are over-utilizing 911, says Prof. Langabeer. Patients may be new to the city and do not have a primary care provider yet, or they may have chronic conditions and bounce from ER to ER whereas what they need is an appointment with their primary care provider, and tests, or they just need a medication refill.

If a remote physician decides the case is low acuity, he/she can recommend the patient be redirected to the clinic right away. The physician even schedules an appointment the same day or the next day. The taxi service is prepaid by the HFD. The cost savings are significant, as the taxi fare is several times cheaper than the ambulance transportation.

One of the special features of the program is the follow-up calls. The multiple callers get follow-ups that aim to engage them with other programs (primary care, home care) to reduce the number of non-emergent repeat callers.

Patient Disposition

The results in changing patient disposition are promising. Of a total 8,561 ETHAN patients:

  • 65% chose to go to a hospital ED with a taxi instead of an ambulance.
  • 7% chose the clinic referral with a taxi.
  • 6% chose the referral to PCP or home care.
  • 16% chose ambulance transport to ED.

 

Results summary:

  • ETHAN unit productivity (39 minutes per visit on average) is higher than that of the traditional EMS units (83 minutes per visit on average) by 44 minutes.
  • The cost of ETHAN unit visit is $167 per patient, while that of the traditional EMS unit is $270/patient.
  • Disposition to ED by ambulance is 67% in ETHAN patients, and 74% in traditional EMS units patients.
  • ETHAN’s ROI is $928,000/year; $2,468/ED visit averted.
  • At the same time, patient satisfaction is even for both ETHAN and traditional EMS patients.

 

As we can see, the crew productivity is doubled with ETHAN assistance, while cost savings in averted ED visits and reduced ambulance use are significant.

Challenges

At the same time, there are a few roadblocks that the program encounters:

  • Insufficient budget.
  • Policy and reimbursement issues.
  • Certain resistance from the healthcare community as providers get fewer ED visits that are expensive and more primary care visits that are cheaper (but more relevant).
  • Patient reluctance and lack of awareness, as most patients insist on ED visits and tend to feel their needs are not addressed when offered alternatives.
  • Staff training on the use of telehealth technology and the criteria that call to ETHAN activation.

 

“If this was your family member, would you be comfortable with sending them somewhere other than the emergency room?” said Prof. Langabeer, when asked about the criteria units rely on to activate ETHAN.

Revolutionizing Healthcare, One Step At A Time

ETHAN is the first of its kind in telehealth and the use of medical tablets, and it revolutionized Houston healthcare by enabling an instant and remote partnership between responders and caregivers. It transformed how the city handles emergency calls from patient, responder and health care perspectives by boosting turnaround time, and minimizing the number of unnecessary ED visits. The cost efficiency is apparent at the payer level, as the patients get expert advice on alternatives that are more reasonable and affordable than an ED ride with an ambulance.

The next step for the program is to expand telehealth into EMS and further incorporate mobile technology solutions. Projects such as ETHAN call for deployment of HIPAA-compliant, EHR-ready medical tablets with antimicrobial housing to ensure patient and staff protection from nosocomial infections. There is a need for hot-swap battery technology to ensure full-shift uptime, and RFID Imprivata SSO with integrated biometric scanner to enable advanced authentication and data protection.

HIMSS17 Takeaways on Cybersecurity, Interoperability & Telehealth

2017 HIMSS conference has come to an end. It was an overwhelming event – more than forty-five thousand attendees, 1,200+ exhibiting companies, 300 sessions on the 7 million square feet of Orlando’s County Convention Center. With so many topics and sessions, it is easy to feel like you have missed something. The Cybernet team summarizes its key HIMSS17 takeaways.

Cybersecurity

Cybersecurity was on everyone’s mind. In fact, it was one of the dominant topics this year, and it will continue to be dominant for years to come because the healthcare system continues to create an ever-growing digital footprint, amassing petabytes of data collected through a growing army of connected medical devices. At the same time, many providers have a vague understanding of which devices on their networks are smart and have the capability to siphon data when compromised.

Many HIMSS17 cybersecurity sessions pointed a finger on poorly controlled and managed IoT.

Data Security: Threat Assessment in the Ransomware Era cites a ForeScout survey of IT professionals, of which only 30% are confident they know what IoT “things” are on their network, and only 44% have a security policy for IoT. Those who thought they had no IoT devices on their networks actually had at least eight types of IoT devices. 88% of all ransomware attacks in 2016 hit healthcare, which is telling. All the while the effects are devastating – employees are locked out, EHR and prescriptions are down, patient appointments are canceled. Not to mention the administrative fines and liabilities.

In the light of propagating cyber attacks on healthcare and their significant cost on providers, medical device manufacturers are in the spotlight. Evolving State of Medical Device Cybersecurity featured Seth Carmody, Ph.D., the Cyber Security Program Manager at the FDA. Shared responsibility and the need for a collaborative approach to information sharing and risk assessment continue being the urgent needs.

Of note was a suggestion the medical devices should undergo a pre-market cybersecurity testing and certification. FDA’s Post Market Cybersecurity Guidance remained largely unchanged but the 30-day remediation time-frame has been expanded to 60 days, and the clarifications on terminology, participation with ISAOs and privacy and confidentiality harms were given.

Of practical use were key medical device cybersecurity myth busters:

  • Manufacturers can push software updates made to strengthen cybersecurity without FDA’s “re-certification,” and
  • Cybersecurity of medical devices is required by law; it is not an optional, voluntary feature.

 

Breaches and Ransomware? How Does Your Security Compare featured gloomy statistics and a useful scale for the organizations to compare their security strategies to those of their peers. Healthcare has the highest cost per capita of the data breach, $355. The Baseline security strategies focus on compliance, device encryption, mobile device management and prevention of data loss along with a few basic elements such as firewall, email and web gateway, and backups. Enhanced security adds device control, pen testing, SSD encrypted, endpoint data loss prevention, remote lock and wipe, multi-factor authentication with a timeout, remote administration, and virtualization. The Advanced security includes the above and adds digital forensics, multi-factor authentication with walk-away lock, tokenization, activity monitoring, and threat intelligence among others. Any IT professional responsible for the security of a healthcare organization should give the benchmark scale a good read.

HIMSS17 cybersecurity coverage included the CHIME/HIMSS CIO Forum keynote with Kevin Mitnick. The cybersecurity consultant to the FBI and Fortune 500 companies made a few live demos of how easy it is to compromise critical files and systems. Mitnick’s demos involved average technical skills and simple social engineering techniques exploiting the human error.

Key takeaway for providers – compliance is not enough. Good security encompasses a lot more than compliance, and minimizing the risks translates into reduced costs and downtime, and increased patient trust.

Key takeaway for manufacturers – with the growth of mobility and an increased volume of electronic health data, the potential of a data breach is escalating. Building cybersecurity into every HIT solution is critical in the value-based system. The medical devices’ pre-market cybersecurity testing/certification is a near-future possibility.

Interoperability

Transformation is in the process, but don’t get too comfortable – was the leitmotif of HIMSS17 interoperability sessions. The industry united around the HL7 Fast Healthcare Interoperability Resources (FHIR) standard. Health IT vendors are increasingly implementing FHIR-based interfaces into their solutions to streamline cross-platform information exchange that would require minimum effort on the user’s part.

HIMSS17 Interoperability Showcase featured real-world examples of how FHIR allows different HIT solutions to work together and communicate seamlessly.

Key takeaways: keep it simple. Presenting the wealth of health information in a consolidated view can hamper understanding. Limit the ways you present data. When conveying meaning through charts, make it simple and consistent rather than good-looking. “More is less” approach enhances understanding and increases the chances of physicians accounting for the data in decision-making.

Other interoperability sessions provided a similar conclusion: the data is growing, but presenting the end user with a reduced view helps visualize the information and tell a coherent story of what is happening, especially within large populations.

At the same time, EHR in the context of interoperability continues to be the cause of anxiety. Making EHRs more user-friendly and interoperable is an unmet necessity. The interoperability across EHRs and other applications will take longer than expected, and some providers are creating in-house solutions to address this issue.

Overcome Challenges/Obstacles to Achieving Interoperability stresses the health record is so fragmented the strain on physicians is immense, but barriers arise since federated model membership is voluntary. There is a need for a single place for the health record. It can be a single repository, Perpetual Health Record, a patient’s intelligent portal that would organize, prepare, display, self-correct, reconcile and archive data, and evaluate information in context, store and represent it based on relevance. All providers must engage and integrate the exchange capabilities from the ground up in their products. The industry needs a standard look and feel, and conventional algorithms of identifying relevant and useful data.

Breaking HIE Barriers underlines the need for the information exchange to be easy and ubiquitous. Providers and patients expect the data to be useful, not just accessible. For interoperability to demonstrate its value, it must show obvious benefits so that users would be willing to pay for it. So, interoperability and information exchange should be about more than health information.

Usability

Medical staff, especially primary care doctors, are overburdened with EMRs lacking in usability, clinical and clerical paperwork, general data overload and value-based care requirements. Ease of use was one of the main themes of many interoperability sessions.

Clinician burnout is a great concern for providers. Semantic Data Analysis for Interoperability and Managing a Legacy Team in an EHR Transition both articulate the same need to facilitate the transition to new technology easier on the staff. Choosing the right vendor is one of the key aspects of a successful upgrade and employee retention.

Key takeaways: providers need HIT solutions that are easier to use for the staff, not just the patients. Labor is nearly half of the healthcare system costs, and HIT must make it more efficient and hassle-free.

Telehealth, Mobile, and Cloud

HIMSS17 telehealth was one of the most exciting themes due to the real-world success stories with the visible progress. Reducing cost of care, providing care in rural areas under physician shortages, reducing readmissions through remote physician follow-ups – telehealth solutions are proving their worth.

Removing Barriers from Migrating to the Hybrid Cloud highlighted how the costs of expanding on-premise storage are unsustainable with predicted 25,000 petabytes of digital medical data by 2020. 77% of industry actors are seeking partners to help them maintain a high infrastructure reliability, and the cloud is the solution. At the moment, many cloud adopters run payroll, HR, EHR, email, and EMR in the cloud. More providers are planning to move disaster recovery, PACS, ERP, office data analytics, radiology and coding to the cloud.

Mobile Innovation and Telehealth in Emergency Care featured a success story of the Houston Fire Department’s mobile solution ETHAN in combination with medical tablets. The outcomes – the reduced number of low-acuity repeat callers and the increased efficiency of ambulance teams. The first was attained through follow-up calls, the second through remote physicians who advised low-acuity patients on alternatives to the ambulance transport to the emergency room.

Telehealth solutions are evolving to include record keeping, billing, secure messaging, or the voice-managed A.I. assistants.

An important point was the customer experience. Consumerization of HIT is changing the patients’ role from being a passive, reactive care recipient to an active manager of their health.

The Perfecting the Mobile Solution session by Palmetto Health made a strong point of how choosing the right EMR-ready equipment is key to success. Key takeaways: there is no one-size-fits-all solution in screen size, cart size or type, or MDM. Analyzing every stakeholder’s needs and addressing them with a proper configuration with flexible, modular approach can be successful within the framework of an all-in-one mobile solution.

Among the top barriers to mobility are budget constraints, BYOD, wireless network support, security concerns, compatibility, learning curve and device form factor choice. The form factor and OS are deal-breakers capable of solving all other concerns. Windows 10 medical tablet with a digitizer stylus beat all the other mobile solutions in the compatibility, cost, and productivity.

hims17

“For every hour physicians provide direct clinical face time to patients, nearly two additional hours is spent on EHR and desk work within the clinic day,” according to Annals of Internal Medicine. HIT productivity paradox saw EHR initially reduce staff productivity by 25-33%. The medical tablets’ effect is the opposite, resulting in faster triage and note completion, reduced wait times, the ability to document anywhere and a smaller technology footprint.

Palmetto Health reported numerous benefits of deploying their mobile solution: provider satisfaction, ease of use, less time documenting after work, improved access to patient records, ability to share data with patients at the bedside, improved security with less printing/ secure network/ fingerprint access, improved patient education and communication, reduced transcription costs, improved workflow, and fewer desktops.

Key takeaways: large screen, extended battery life, Dragon dictation support and corporate shared devices (vs. BYOD) are preferable.

Conclusion

Among other HIMSS17 dominant themes was uncertainty regarding new and old regulations, but overall the conference felt like a summary of the industry’s achievements, and the goals that lay ahead – innovation, consumerization, and improved ease of use.

Cybernet offers an extensive line of medical grade computers and tablets.

Medical Tablets: Complying with HIPAA

Healthcare providers increasingly use clinical applications such as EHR, clinical decision support systems, order entry systems, radiology, laboratory and other systems. Health IT makes the medical workforce more agile, mobile and productive. Mobile devices let physicians check patient records on the go, in any location. Nonetheless, the rise of mobile technology increases the risk of data breaches. HIPAA aims to protect ePHI while still allowing hospitals to adopt new technologies & improve their efficiency and care quality.

The Health Insurance Portability & Accountability Act (HIPAA), 1996, consists of HIPAA Privacy Rule & the HIPAA Security Rule. The former establishes national standards for the protection of individually identifiable health information; the latter – security standards for protecting individually identifiable health information held or transferred in electronic form. The Security Rule dwells on the technical and non-technical safeguards covered entities must implement to secure patients’ electronic protected health information (e-PHI).

Understanding HIPAA

The HIPAA Security Rule covers health plans, health care clearinghouses and health care providers that create, receive, store or transmit e-PHI, as well as their business associates. Read the Summary of the HIPAA Privacy Rule [PDF].

Under HIPAA, covered entities must:

  • Ensure confidentiality, integrity & availability of e-PHI.
  • Identify threats to e-PHI and protect against them.
  • Protect e-PHI against disclosures or impermissible uses.
  • Ensure HIPAA compliance by the workforce.

The HIPAA Security Rule requires covered entities to perform a risk assessment to determine reasonable security measures for a particular organization. Risk assessment includes evaluation of the likelihood of a data breach, implementation of appropriate security measures, documentation of security measures, & rationalization of their choice, and continuous protection of e-PHI.

Safeguards

On the administrative, physical and technical levels, HIPAA requires for the organizations to implement certain safeguards.

Administrative

  • Security management process – identify & analyze risks to e-PHI, implement security measures for protection.
  • Appointing a security official overseeing HIPAA compliance.
  • Information access management – limit uses and disclosures of e-PHI, granting access to data only when appropriate, to authorized personnel only.
  • Providing the medical staff with data protection training, ensuring policy compliance by the workforce.

Physical

  • Limit physical access to the facility for unauthorized individuals, yet ensure authorized access is allowed.
  • Implement device security procedures, specify proper use of devices and access to them, have policies regarding device transfer, disposal or re-use.

Technical

Health care providers must implement:

  • Access control to e-PHI for authorized personnel only.
  • Audit controls of hardware, software and data access and use procedures.
  • Integrity controls to ensure e-PHI is not destroyed or altered improperly.
  • Transmission security measures that guard against unauthorized access to e-PHI in transit.

Features of Medical Tablets That Ensure HIPAA Compliance

So, when we talk about the features of the medical tablets that ensure HIPAA compliance, we are primarily concerned with the Technical Safeguards of the HIPAA Security Rule provisions.

Encryption

The HIPAA Security Series Guidelines require covered entities to “consider the use of encryption” for e-PHI in transit. Encryption for data at rest is not mandatory, but its implementation depends on the risk assessment.

End to end encryption ensures the data in transit is protected against data breaches and man-in-the-middle attacks, according to HIPAA Journal. Technology based on the end to end encryption helps providers avoid HIPAA violations.

HIPAA-compliant medical tablets are Windows or Linux-based, which enables the support of full disk encryption for data at rest, & implementation of end to end encryption programs for data in transit. Furthermore, Windows medical tablets have USB 3.0 and USB 2.0 ports and can encrypt data on external storage devices just like your normal desktop computers would.

One of the glaring security holes in consumer grade mobile devices is text messaging and consumer chat apps medical staff use to communicate with patients and colleagues. e-PHI details sent in a text message is a direct violation of HIPAA Security Rule. Skype, WhatsApp or Hangouts lack necessary protections for a secure data transfer, despite claims of encryption. Medical professionals must implement secure communication programs, with the end to end encryption and preferably from trusted, zero-knowledge providers.

Data Access

HIPAA requires the implementation of technical policies and procedures that allow access to PHI to authorized staff only. Medical tablets have access control mechanisms that enable advanced user authentication. Moreover, they make it easy to use, because end users tend to bypass any technical procedures they deem as difficult, time-consuming, or hampering their productivity in any other way.

Multi-factor authentication in medical tablets is ensured with RFID Imprivata Single Sign-On, biometric scanner, Smart Card or CAC reader, and Kensington lock. Multi-layered access controls reduce the risk of unauthorized data access. Medical staff can safely leave the device in hospital’s public places, such as corridors or patient rooms, and rest assured the confidential data is locked.

Data Integrity

According to HIPAA, any e-PHI data stored on a mobile device (or transmitted with its help) must be protected against unlawful tampering or destruction. Mobile devices used to store or transmit e-PHI in healthcare must have features that allow them to be audited for access to e-PHI, including attempted access instances, and other activity that could potentially affect data security.

Medical tablets can be configured to enable remote device management to give the IT admins full control over the data stored and transmitted from it. IT admins can push system and software updates and patches remotely, or troubleshoot issues without having physical access to the device. They can set up the device so that the complete log of data access and failed login attempts be documented for revision. They can wipe the device remotely, should it be lost or stolen. They can monitor network activity and spot suspiciously large volumes in upload or download to, again, suspicious servers.

IT admins can block or disable certain OS features, whitelist and blacklist programs, to protect the confidentiality of e-PHI from the inadvertent exposure by the end users. For example, disabling automatic connection to any available Wi-Fi network protects devices from connecting to insecure public networks.

From ad-block browser extensions to firewalls and sandboxing, Windows supports the full list of security measures an IT admin can deploy on a device. With Windows 10, the security features have advanced even further.

Windows makes the use of password managers easy since most enterprise programs are developed for Win OS. Also, administrators can disable access to app store, so that users cannot download and install unauthorized applications, or games. Alternatively, blacklist every app but a list of authorized applications from accessing the Internet.

Medical tablets ensure admins have necessary means of scanning them for malware and other malicious code, install antivirus, perform regular and random scans. When an employee is left or fired, admins can safely terminate access to PHI.