2 government data breaches show cybersecurity must-haves

Now that data breaches are becoming so common among providers, hospital leaders have to learn from the mistakes of others if they want to protect their own systems. 

Cyber AttackThis is especially important since hackers and cyberattacks are now the leading cause of data breaches in health care.

Finding out where others skimped on security can help hospitals create more effective protection for their own systems and patients’ protected health information (PHI).

And two recent breaches at government offices give providers good insight on steps their own facilities need to be taking.

Lessons from the OPM

Recently, the Office of Personnel Management (OPM) experienced a breach due to a cyberattack and a lack of security provisions. The attack exposed the information of 4 million federal employees, and the event is being linked to similar attacks on Anthem and Premera.

Now, a new report commissioned by Congress and performed by the Institute for Critical Infrastructure Technology, highlights some of the areas where the OPM’s security fell short, as HealthITSecurity reports.

For example, Parham Eftekhari, co-founder of the institute, points out that the OPM didn’t have a multi-layered security system  in place. This lets organizations defend against outside intruders, and gives them a better chance to discover attacks before PHI is exposed if a hacker is able to infiltrate the system.

He also noted that the agency lacked a solid cybersecurity strategy in place, particularly to govern data and access credentials. According to Eftekhari, the OPM should have had policies in place to address regularly changing passwords, and manage and disable employee accounts when a worker leaves the organization.

The OPM needed wider use of encryption to protect data. For example, Eftekhari recommends facilities consider using split-key encryption, where half of the access keys go to the organization and the other half stays with the vendor, in addition to typical device encryption.

The report highlights that, regardless of an organizations’ size and access to resources, certain security precautions must be implemented. These steps are especially important as hospitals continue to implement new health IT and expand the number of locations where PHI is accessed and stored.

Keeping up with security maintenance

A Colorado State agency also recently experienced a breach due to an IT area which had become outdated.

As Health IT News reports, the Colorado Department of Health Care Policy recently exposed the PHI of nearly 3,000 residents after a technical glitch.

A “very old code” in the agency’s record system exposed a vulnerability, causing a glitch when it was finally updated. That glitch then inadvertently sent out letters with people’s PHI to the wrong households.

Several healthcare facilities have also been penalized for similar breaches, and the cost for these kinds of errors is often steep.

Last year, New York Prsbyterian Hospital and Columbia University Medical Center agreed to settle a similar HIPAA violation for a records setting $ 4.8 million after 7,000 patients’ PHI was accidentally put on Google.

These kinds of incidents highlight the importance of routine system maintenance, such as upgrade and security patch management. However, many health organizations lack the resources to manually oversee this task on top of addressing other security and health IT issues.

In these cases, facilities’ best bet is to consider finding ways or systems that can automate these processes, freeing staff for other projects.

Should cameras be installed in every operating room?

Preventable medical errors are one of the top causes of death in the United States. To help change that, the feds are starting to make hospitals directly responsible for patient outcomes. Some say accountability should go a step further, though, and they’re pushing to have cameras installed in the operating room.

security cameraA recent article in the Washington Post discusses this phenomenon. The rise in interest in recording surgeries has been driven in part by technological advances – and partially from family members’ desires for answers after loved ones experienced serious complications.

Mandates for cameras

In the past, states have received pushback from healthcare organizations and hospitals when trying to mandate the use of cameras in surgery. So laws weren’t getting anywhere. Massachusetts has unsuccessfully tried to pass a law requiring hospitals to record surgeries for years.

But now Wisconsin may be the first state to successfully implement a law requiring cameras in operating rooms. The legislation was introduced after the death of a woman who received excessive anesthesia during breast-enhancement surgery. One of her family members co-sponsored the law, and it’s currently before the state legislature.

If this law passes, it could turn the tide for allowing procedures to be recorded in hospitals across the country. Lobbyists in Wisconsin are already testing the waters to see if members of Congress would be willing to sponsor a national bill in the same vein.

Technological advances

As of now, facilities that record procedures (mostly for educational purposes when training medical students) opt for traditional methods, using cameras that pick up video and audio. However, other methods are available that paint a clearer picture of a procedure.

The newest technology: a “black box” created by a Canadian surgeon that simultaneously records patients’ health data and the surgical team’s actions and speech.

Essentially, the black box creates a “play-by-play” rendition of the entire procedure and how it affected the patient. This can help a surgical team pick up errors that wouldn’t even be caught by merely reviewing a video alone.

Two hospital systems in the U.S. will be piloting the black box system in the coming months to evaluate its effectiveness in the operating room.

Considerations with cameras

The biggest question that arises from recording surgeries: How will this affect HIPAA compliance in hospitals?

If hospitals decide to record patients, they’ll have to expressly let patients know they’re being recorded and get their consent before procedures take place. Then, they’ll need to take additional security steps when storing the footage. This raises the potential for a data breach – which can cause big legal hassles.

But the upside is that footage can be airtight proof for other lawsuits – especially malpractice cases. If all surgical procedures are followed, and there’s evidence on camera, this can keep hospitals out of hot water when an angry patient or family sues.

Surgeons may feel as though Big Brother’s watching, but cameras in the operating room could keep them from making careless mistakes – or making unprofessional remarks that could also land a hospital in trouble.

A patient in Virginia won $ 500,000 in a lawsuit because his cell phone inadvertently recorded medical staff saying inappropriate things about him during a colonoscopy – including purposely misdiagnosing his condition. Cameras could stop similar shenanigans from happening in your operating rooms.

Plus, reviewing footage could help surgeons refine their techniques – like athletes, they can use the video and audio recordings to point out deficiencies and create a better strategy for the next procedure. And in case a mistake happens, the footage could be used a training tool to prevent similar issues with future surgeries.

Recording surgeries as a routine practice has numerous benefits and drawbacks. But it has the potential to revolutionize health care by reducing never-events and preventable harm to patients. So don’t be surprised if it becomes common practice (or even a requirement) in the near future.

What do you think of using cameras in the operating room? Is it a good idea, or too risky to be considered? Let us know in the comments.

12 Quick Tips to Increase Your Affiliate Sales

Selling products online is really hard. Online is heavily crowded and there’s too much of noise. It’s almost impossible to grab someone’s attention and make them buy your affiliate products. If you are finding it difficult to increase your affiliate sales, I have a list of 12 proven tips for you. Over the years, I have struggled a lot, spent a lot of money on learning to increase my sales […]

Sepsis measures updated: Best response for hospitals

Besides the switch to ICD-10, hospitals have another looming deadline to worry about in October. That’s when stricter reporting standards for sepsis recognition and treatment will be enforced by the Centers for Medicare & Medicaid Services (CMS). 

200252833-001Hospitals that participate in the inpatient quality reporting program will be expected to report all instances of the condition to CMS, along with the steps taken to diagnose and treat patients with severe sepsis or septic shock.

With the help of the National Quality Forum (NQF), the agency is adopting a new measure called the Severe Sepsis and Septic Shock Management Bundle.

The measure’s already causing controversy, with some providers noting that it redefines what’s typically considered sepsis or septic shock in a clinical setting, making the condition broader, according to an article in MedPage Today. This may require hospitals to screen more patients for sepsis than they would normally, potentially exposing them to unnecessary treatment.

However, supporters of the new measure have stated, because sepsis is such a deadly condition (killing between 20% and 25% of patients who develop it in the hospital), more thorough screening protocols have the potential to save many lives.

5 steps to fight sepsis

Facilities that want to get a jumpstart on what’ll be expected of them with the updated reporting requirements can look to new guidance designed to reduce negative outcomes from sepsis.

The University of Pittsburgh’s School of Medicine just released a list of best practices hospitals can follow to ensure patients with sepsis are treated as thoroughly as possible, and it was published in a recent issue of the Journal of the American Medical Association.

Using data from several studies conducted about sepsis treatment, University of Pittsburgh researchers developed a general approach based on what’s worked well in clinical trials over the past few years.

Prompt treatment of sepsis is crucial to positive patient outcomes. However, a surprising result from the University of Pittsburgh analysis was that rigorous and aggressive one-size-fits-all sepsis approaches may not be the best bet.

While there are general best practices providers should follow when diagnosing sepsis, individual assessment and treatment choices still need to be made on a case-by-case basis for each patient.

The five-step process developed by the University of Pittsburgh researchers will help hospitals administer treatment for sepsis as quickly as possible, while still leaving room for personalized decision making from clinical staff:

  1. Identify. Clinical staff should identify the presence of a sepsis infection by looking for the accompanying signs of shock, including low urine output, confusion, and cool and clammy skin.
  2. Administer. Clinicians need to administer antibiotics, IV fluids and blood tests to patients with signs of sepsis as soon as possible to determine how severe the infection’s gotten.
  3. Ultrasound. The next step is for patients to receive a focused ultrasound. Intravenous catheters should also be placed for fluids and blood pressure monitoring.
  4. Vasoactive. Patients need to receive vasoactive medications to bring their blood pressure readings back within normal rates.
  5. Repeat. Providers should repeat assessments of these patients every four to six hours in intensive care.

Will Stage 3 of meaningful use ease providers’ burdens?

More information is coming out about Stage 3 of the meaningful use program — but it looks like providers will be dealing with familiar frustrations despite changes to the program. 

tired doctor with laptopMany hospital leaders and physicians have complained the Centers for Medicare & Medicaid Services’ (CMS) meaningful use program put a heavy burden on providers trying to attest and earn incentives.

Stage 2 of the program brought a lot of complaints about inflexible requirements and complex quality measures, resulting in continually low participation and attestation numbers.

Now, CMS is giving hospitals a peek at what to expect in the next stage of the program – and it looks like it’ll be more of the same issues.

CDS and certification changes

According to Healthcare IT News, the proposed rules could be the most challenging stage to date, making significant changes in areas like clinical decision support (CDS), quality reporting and certification.

For starters, Stage 3 will separate meaningful use and electronic health record (EHR) certification, which have gone hand-in-hand since the programs creation.

Pamela Chapman, director of clinical product and regulatory affairs of e-MDs, a healthcare software developer, says this is problematic because it means certification won’t reflect meaningful use criteria, making it harder to buy EHRs and meet program requirements. “We need to know the criteria and what measures will meet our customers’ needs best,” Chapman said. “We need to know which quality programs will require additional criteria for their programs and there is no way to anticipate that.”

Another big change is the increased importance of CDS in Stage 3 as one of the eight objectives laid out for the next stage.

Like Stage 2, Stage 3 will require five CDS interventions. However, some experts have noted that CDS criteria might be more flexible to meet than the proposed rule suggests.

For example, in additions to alerts, CDS interventions can include things like order sets, interdisciplinary sets of care, templates and other tools that help inform clinical decision making.

Continued assessments, looking for comments

One area that continues to be a priority in the program is the emphasis on regular security risk assessments. The program has 54 security measures that fall into one of three categories: physical, technical and administrative safeguards.

Risk assessments continue to be a priority largely because meaningful use continues to spur health IT and EHR adoption.

As hospitals add new equipment and internet-capable devices, it’s crucial they understand how those devices access or store protected health information (PHI) to ensure the proper safeguards are in place to guard data.

Stage 3 of meaningful use could add new hurdles in order to earn incentives and avoid pay adjustments for your facility. So providers have to strategize how to meet these criteria while there’s still time before Stage 3 rules become finalized.

In order to earn incentives and avoid pay adjustments, providers have to strategize how to meet these criteria while there’s still time before Stage 3 rules become finalized.

And if the criteria seems too burdensome, leaders should take their concerns to the feds. They’re still accepting comments on the proposed rule and how it impacts patient care.

Tenorshare ReiBoot Software Review

There is not any doubt in the fact that iPhone is a great invention, with most advanced design and latest technologies. On the other hand you cannot overlook the fact, that it is not problem-free. It may get stuck during iOS updates. May get stuck if you fail to jailbreak or restore iPhone to the default factory setting.

It is very irritating to find your phone unresponsive or to realize that you do not have any access to your messages, calls, photos and other important data any more. In the below article we are going to suggest you the simple and the powerful tool that is able to fix all kind of iOS stuck problems. ReiBoot is a magical software developed by Tenorshare that will enable you to deal with all iOS (iPhone, iPad, iPod) stuck problems.

What is iOS Recovery Mode?

Well let me explain you first what iOS recovery mode is. Most of the cases of dead iPhone are solved by using iOS recovery mode. It is basically used to re-flash your devices with new OS (operating system), if the previous one is not responding or is damaged. Most of the times, the white arrow pointing towards the iTunes appears on the screen.

ios recovery

Key Features:

  1.  Absolutely free effectiveness for all available iOS devices including iPhone, iPod, iPad and etc.
  2. It is very easy and simple in use. What you need to do is, simple one click and all your problems will get fixed. See how Amazing.
  3. All of above, it is free from all kinds of bugs and viruses. Feel free to install it into your iOS devices without any free of viruses or bugs.
  4. Software gets updated on time, to ensure its availability all the time.
  5. It offers both Windows version as well as Reiboot for Mac Version.
  6. It does not result in any kind of data loss, damage or any other risks.
  7. Enables you to enter iPhone recovery mode easily. If your home button is unresponsive or broken.

How to use Tenoshare ReiBoot?

It is very easy and simple in use. You do not need any kind of technical skills to operate Tenorshare ReiBoot. All you need is to remember that it is actually a computer based app, and not phone based. So you are required to download it in your computer. It will start automatically as soon as you are done with the installation process.

reiboot

You can see two options above — ‘Enter Recovery Mode’ and ‘Exit Recovery Mode’. Just click one of them according to your choice. Wait for 20 seconds and it will start its work. See how simple and easy.

Why ReiBoot?

ReiBoot is best option that will enable you to deal recovery mode problems of almost all iOS devices. Using ReiBoot to deal with your iPhone stuck problem is simply a ‘Do it yourself’ process. ReiBoot tried to make your life easier and better as it is much professional software. Download it now and make your life easy.

The post Tenorshare ReiBoot Software Review appeared first on TechShur.

The digital hospital: Streamlining workflow to improve care

doctor with touchscreenHospitals are complex ecosystems with hundreds of clinical and business processes. In this guest post, Brendan Ziolo, head of large enterprise strategy at an IP networking, ultra-broadband access and cloud technology company, gives hospital executives a glimpse at how digitization and automation of processes are key to streamlining workflows to enable providers to spend less time on non-care related tasks and more time on patients.

___________________________________________________________________________

Patient care teams handle multiple patients and care management tasks. The result is a multifaceted web of workflows that can be prone to decision bottlenecks or missed/delayed tasks that can impact patient safety and care quality.

If properly integrated and automated, these processes have the potential to seamlessly unite patients, doctors, staff, assets and information throughout the hospital.

Digital strategy

But, it’s not just about adopting new technology; hospitals must have a clear digital strategy across their entire organization and IT infrastructure. To become a digital hospital, processes must be streamlined and reengineered to create paperless automated digital workflows.

Many functions within hospitals are already on their way to becoming digital. For example, electronic health records (EHRs) are being widely implemented to help track patient health data and support medical decisions. Digital medical imaging systems are quickening the process of reviewing medical images by physicians and other healthcare professionals.

Hospitals are extending workflow through mobile health (mHealth) initiatives, which enable physicians and patients to use mobile devices such as smartphones and tablets to record and find the right information and resources anytime from any location. In fact, according to the 2014 HIMSS Analytics Mobile Devices Study, more than half of U.S. hospitals are using smartphones and/or tablets and 69% of clinicians are using both a desktop/laptop and a smartphone/tablet to access information.

In addition, hospitals are eliminating distance barriers with telemedicine through the use of network and communication technologies to provide broader access to standard or specialized care, regardless of location. Other functions and processes that are being digitized and automated include delivery robots that can handle a number of fetch-and-deliver tasks, and real-time location systems (RTLS), also known as indoor positioning systems, are used to locate equipment, patients and staff.

Duplication of processes

Progress is being made, yet most digital information and processes in hospitals reside in disparate systems or devices that must be interconnected and integrated to truly improve workflow and quality care. Duplication of information and processes must be avoided to eliminate unintended consequences.

Often you can find staff doing double data entry or pulling information from different systems, and jumping through hoops to pull together the knowledge required for the best patient care. There are many tasks throughout the hospital that staff spend time on every day just to get their jobs done. The goal in a digital hospital is to automate as many of these tasks as possible to improve staff efficiency, information accuracy and overall cost savings.

By standardizing procedures and breaking down processes into their component parts, digitizing, connecting and analyzing them, hospitals can realize unprecedented efficiency. Once processes are well understood, technology solutions can be leveraged to streamline these processes and integrate disparate elements. Essential to this integration is the information and communications technology (ICT) infrastructure that interconnects all aspects of care delivery and hospital administration.

The big picture

The use of mobile, cloud and new communication technologies can create a platform that can capture data from disparate sources, such as EHRs, wearables, clinical information systems, mobile devices and more.

Pull it all together and a caregiver is given a holistic and real-time view of a patient’s health on any device that is accessible to the patient, or other specialists as needed, for the best ongoing care.

This is just one view of how a digital workflow could look and the impact it might have on both the patient and provider. But it’s clear that the only way healthcare providers can meet the growing expectations of the healthcare consumer is with a streamlined, digital workflow that not only improves care but still meets critical compliance and security regulations.

Brendan Ziolo is head of large enterprise strategy at Alcatel-Lucent, an IP networking and cloud technology company that delivers innovative networks and communications to large enterprises. He has almost 20 years of security and technology industry experience. 

 

Buy a WordPress.com Domain Name or Register Thru GoDaddy? AGH!

If you want to create a WordPress blog or website there are many confusing choices before you’re actually up and running.

Let me try to explain a huge one: where to register your domain.

Where you register your domain has cost implications over time but also can decide what software you can run! (WordPress.com and WordPress.org are two different softwares, for example, even though they look similar.)

So, let’s take a few minutes and break it down.

Note: if you’re facing the question this post is titled after, or have, or have a similar situation, it would be great to hear your findings in the comments!

Buying a wordpress.com domain (why or why not)

If you buy your new .com at WordPress.com, then WordPress.com becomes your domain registrar — this is very important to understand and here’s why. A domain registrar decides how much you pay per year for your domain name and generally what you can do at that address. Go this route with WordPress.com as your registrar and you’ll pay (a larger than necessary) $ 18 for your domain name. You can then run WordPress.com software, which is NOT WordPress.org software.

WordPress.com is amazing software. It’s used by millions, and if you have a VIP plan like most of these large WordPress using companies then you’re probably all set.

But it will cost you this much for a pro plan, or more if you want more stuff later on.

The problem with an average WordPress user (like myself) using WordPress.com is they make us pay for additions like more storage space, video usage, and other criteria that are enjoyed for free on WordPress.org. That includes eCommerce, too.

If you decide you want to keep that WordPress.com domain name and start building your website thru GoDaddy or another web host, you’ll have to go thru some pretty complicated nameserver steps and a 72 hour delay. This is what you would have to do in order to use a WordPress.com domain and build using WordPress.org software, though I don’t recommend it. Fortunately, it doesn’t look that this costs anything (aside from your recurring cost of a domain name to WordPress.com).

Because domain names cost too much (IMHO) thru WordPress.com and because they give you a limited version of software which charges for several common website additions, I use WordPress.org for everything, both website and blog related.

Or course, there is a catch with WordPress.org.

Buying a domain name at GoDaddy…then getting your own hosting plan

GoDaddy is a very large place and for our purposes here that’s a good thing.

They have TONS of cheap domains with many neat extensions, like .guru or .club.

They also have web hosting.

They have the option to “point a domain” you purchase to another location, which I’ll explain now.

This is the option most intermediate to advanced WordPressers and developers alike will go.

We buy our domain names at GoDaddy because it’s the cheapest place (especially using a FatWallet coupon) and we create a website on our Host of choice (in my case, HostGator).

The idea is to get a cheap domain, but also get a hosting plan from a company dedicated to hosting.

So the process looks like this:

  1. Register a domain name at GoDaddy
  2. Register hosting space at HostGator at tell em you already have a domain name
  3. Click activate
  4. You also have to enter in your HostGator namesevers at GoDaddy to point the domain to the hosting space, which is sort of like giving your friend’s the address to your home
  5. Install WordPress.org on the hosting space (very easy)
  6. And you’re good to go with making a website

Following these five steps will give you a complete WordPress website.

You could also register your domain name thru HostGator directly, for $ 15, then skip steps 1 and 4 above! I’ve done this 4-5 times already.

So what is the catch? The catch is you’ll pay for web hosting every month, and the domain name every year. But, this is currently the cheapest way to make your own website.

A helpful tip here is hosting coupons, nearly all web host and domain name sign ups come with the option to use a coupon or some sort of promo code. If you decide HostGator is the place for you, you can enter “dearblogger2015″ to get 40% off your first billing, whether it is for 1 month, 6 months or 3 years!

Learn how to build a WordPress website in 2015 through our YouTube tutorial.

Headaches saved?

Did that save you any headaches as you build a website or blog? Hopefully it didn’t cause more.

In short, you should only register an $ 18 domain name with WordPress.com if you plan to fully use WordPress.com software, and do not want to more to another software in the future, maybe if you have the business funding to run WordPress VIP, or something like that.

You should buy a domain name at GoDaddy or thru a webhost like HostGator and build a WordPress.org website if you are a small business owner or pro-blogger, because it’s a good combination of being respected and affordable, and the method of nearly everyone who does this for a living! Speaking of which, maybe you can even monetize your blog or website to cover your costs.

The post Buy a WordPress.com Domain Name or Register Thru GoDaddy? AGH! appeared first on Dear Blogger.

More outbreaks linked to tainted scopes in hospitals

Your hospital may want to be extra careful when performing procedures on patients with fiber-optic duodenoscopes. Here’s why: There’s been another reported superbug outbreak directly linked to the use of tainted scopes in hospitals. 

Earlier this year, several patients fell ill due to an outbreak of carbapenem-resistant Enterobacteriaceae (CRE) bacteria that was traced to the scopes used during their procedures, according to an article in the Los Angeles Times

Now, new reports say more patients were exposed to dangerous antibiotic-resistant bacteria because of these tools.

The affected patients all underwent procedures using duodenoscopes to treat issues in their digestive tracts at Huntington Memorial Hospital in California. After reviewing lab samples, Huntington Memorial found there could be a link between patients infected with pseudomonas bacteria and the fiber-optic scopes.

At least three patients were likely infected with the bacteria after their procedures, and that number may grow as the hospital continues investigating the problem.

Feds cracking down

If you’re using these duodenoscopes at your hospital to treat gastrointestinal issues, expect more scrutiny in the future.

The feds are currently investigating three of the largest manufacturers of the scopes. Each of the manufacturers (Olympus Corp, Fujifilm and Pentax Medical) received warning letters from the Food and Drug Administration (FDA) because they didn’t report similar infection outbreaks related to these scopes.

Also, the U.S. Justice Department has subpoenaed each company, and top health officials are asking hospitals to voluntarily report whether they’ve had any issues with infections or illnesses after using duodenoscopes on patients.

Issues with sterilizing scopes

This scrutiny may mean that the FDA’s one step closer to releasing new guidelines about the proper sterilization of dudenoscopes.

The scopes have come under fire for having design flaws that make them difficult to clean, even before human error comes into play. Because the tools are so small, it’s tough to completely sterilize them using common cleaning techniques.

Several hospitals that have experienced superbug outbreaks due tainted scopes only resolved the problem after adopting more stringent cleaning requirements for the scopes, including a second round of sterilization and additional testing for residual bacteria once the cleaning process is complete.

Once the FDA’s finished its investigation, similar cleaning processes may be required for all hospitals using these scopes.

In the meantime, it’s important to make sure your scopes aren’t inadvertently spreading illnesses and bacteria to patients.

If your surgeons use these tools regularly, you may want to look into what extra steps your hospital can take to keep them clean. It’s also critical to closely monitor any procedures performed with fiber-optic duodenoscopes and watch for signs of any bacterial outbreaks.