Thursday, February 18, 2010

Healthcare revenue models

It will be an interesting discussion to explore whether HealthCare revenue model will evolve into a model based on Patient (Customer) satisfaction and Service Excellence.
http://medicounlimited.com/EckertMGMA909.pdf provides a few KPIs that captures Patient Satisfaction.

Electronic health records need monitoring - A Sixth Stage

http://bx.businessweek.com/american-medical-association/view?url=http%3A%2F%2Fesciencenews.com%2Farticles%2F2010%2F02%2F03%2Felectronic.health.records.need.better.monitoring.ut.prof.reports

The five stage proposal by Dean Sittig PhD and David Classen, M.D. is a great approach

One of the key benefits of EHR is the cost benefit that it bring about. It will be a worth-while consideration to include an ongoing CostBenfit analysis as the sixth stage (in addition to the five stages outlined by Dean Sittig and David Classen). This Sixth stage will stimulate continued innovation in EHR domain even after its implementation.
The approach can be very similar to the one that is outlined in "A cost-benefit analysis of electronic medical records in primary care" by Samuel J. Wang MD, PhD, Blackford Middleton MD, MPH, MSc et al.. The approach can be extended across various specialities and care givers. The study results estimated net benefit from using an electronic medical record for a 5-year period at $86,400 per provider. Savings primarily came from savings in drug expenditures, improved utilization of radiology tests, better capture of charges, and decreased billing errors. The one-way sensitivity analyses, identified proportion of patients as most sensitive. The magnitude of the return was dependent on several key factors.

Sunday, February 14, 2010

HealthCare consumers are susceptible but resilient to Security Threats (on Social Networking Sites/Email/Data Piracy):

Social networks are evolving into a much sought after resource for individuals seeking healthcare information. Patients leverage social networking groups to explore the experiences of others that are battling similar diseases. Clinicians connect via Social Networks to share information and learn from each other.

  • 57% of users report they have been spammed via social networking sites, a rise of 70.6% from last year
  • 36% reveal they have been sent malware via social networking sites, a rise of 69.8% from last year
  • 72% of firms surveyed are worried that employee usage of social networking sites places their firms at risk
  • Survey respondents identified Facebook as the social networking site posing the greatest security risks
  • 49% of companies survey allow their employees unrestricted access to Facebook, up from 36% a year ago

Data protection is listed in four out of five computer security risks for Healthcare identified by Computer theft recovery firm Absolute Software published a year ago (Feb 2009)

  1. Failure to Protect Sensitive Data Beyond Encryption
  2. Inability to Accurately Manage Mobile Computer Assets
  3. Sensitive Information on Public Terminals
  4. Difficulty Implementing a Comprehensive Data Security Plan
  5. Reluctance to Create a Data Breach Policy

Fortunately the biggest data losses of the last decade (http://informaticians.blogspot.com/2010/02/biggest-data-losses-of-decade.html) do not have an entry from HealthCare Industry. This may change in the next decade due to the extensive digitization in the HealthCare Industry and the high value of health records.
HIMSS had published steps and tools to effectively leverage HIPAA compliance to incorporate Data Security into a portfolio of risk management strategies thus protecting Data Privacy and Security Rule requirements and aligning Healthcare organization’s policies, procedures, and practices with an identifiable standard of practice.

Email and Web: One of the areas that Partnerka (Criminal affiliate networks) targeted extensively in 2009 is the online pharmacies promoted through spam to sell illegal, off-prescription and often unsafe pharmaceuticals. A report by web security company MX Logic states that pharmacy and other healthcare-related junk e-mails accounted for almost 69% of all spam during the month of Aug 2009. Source: http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf and http://www.mxlogic.com/pdf/forecast/threatforecast0909.pdf

What do consumers do now? If the digitization and internet statistics are any measure, the consumers are not running for cover. The consumers need to get savvy and protect him/her against such pranks and illicit trade on the internet. Consistent with any other facets of public life, consumers need to be alert of the illegal and anti-social activities in this exploding public domain of internet.

The biggest data losses of the decade

  • January 2000: 300,000 credit card numbers are stolen from online music retailer CD Universe—news is leaked to the web after ransom demands are rejected.
  • November 2000: Travelocity exposes data on 51,000 customers on a company web server.26
  • March 2001: Bibliofind.com, an Amazon-owned service website, is breached and records of 98,000 customers are compromised.
  • April 2001: Hackers announce the theft of personal data on 46,000 customers from US web hosting firm ADDR.com.
  • February 2002: A former employee of US financial services firm Prudential Insurance Company is charged with stealing a database of 60,000 clients to sell online.
  • March 2003: Five million credit card numbers and expiration dates are stolen from Data Processors International—an insider attack is suspected.
  • June 2004: 92 million email addresses of AOL subscribers are sold to spammers.
  • June 2005: 40 million credit card numbers are taken from a hacked credit card processing firm.
  • May 2006: Details of 26.5 million US Army veterans are stolen by hackers.
  • June 2006: Japanese telecom firm KDDI admits data on 4 million customers was leaked.
  • January 2007: TJX Companies Inc., the global conglomerate that includes T.J. Maxx, T.K. Maxx, Marshalls and Winners, loses at least 45 million sets of credit card details after systems are penetrated by hackers.
  • November 2007: UK HM Revenue & Customs loses detailed records of 25 million taxpayers.33
  • March 2008: 12.5 million sets of records on backup tapes are lost by BNY Mellon shareholder services.
  • September 2008: Two CDs containing records on 11 million people are found on a Seoul scrapheap. The data is traced to oil refinery GS Caltex.
  • October 2008: T-Mobile Germany loses a hard disk containing information on 17 million customers.
  • January 2009: Networks at Heartland Payment Systems are hacked, exposing data on 130,000,000 credit card users.
  • May 2009: Secret information on the Joint Strike Fighter and President Obama’s personal helicopter were leaked through P2P networks.
  • October 2009: Hard drives sent for repair are found to contain data on 76 million US Army veterans

Sources:

http://www.sophos.com/security/topic/privacy-data-security-compliance.html
http://attrition.org/dataloss/2000/01/cduniv01.html
http://news.cnet.com/2100-1017-251344.html
http://news.cnet.com/2100-1017-253601.html
http://attrition.org/dataloss/2001/04/addr01.html
http://www.nytimes.com/2002/03/02/nyregion/us-says-ex-prudential-worker-stole-colleagues-id-s-and-sold-them-online.html
http://www.sophos.com/pressoffice/news/articles/2005/02/sa_aolemail.html/
http://attrition.org/dataloss/2006/06/kddi01.html/
http://www.sophos.com/pressoffice/news/articles/2007/03/tjx.html
http://www.sophos.com/pressoffice/news/articles/2007/11/hmrc-id-theft.html
http://www.sophos.com/blogs/gc/g/2009/08/18/men-charged-130-million-credit-card-identity-theft/

Computer Security Risks for Healthcare

Computer theft recovery firm Absolute Software publised a year ago (Feb 2009) a list of top 5 computer security risk for healthcare institutions
http://www.securityinfowatch.com/root+level/1288605
1. Failure to Protect Sensitive Data Beyond Encryption
2. Inability to Accurately Manage Mobile Computer Assets
3. Sensitive Information on Public Terminals
4. Difficulty Implementing a Comprehensive Data Security Plan
5. Reluctance to Create a Data Breach Policy

Email experiences in Telemedicine - It is not all about Cost, but also about the Quality of Service

Location: Urban teaching Hospital in Western India and a Rural Primary Care-center
Subject: 182 newborn babies
Email traffic: 309 messages sent from the Rural Primary Care-center and 272 messages from the Urban teaching Hospital at an average response/reply time of 11.3 hrs.
Outcome:
38 babies were referred to the intensive care unit at the Urban teaching Hospital after these consultations and the remaining 144 babies were managed at the Rural Primary Care-center.
Telemedicine (via email) helped in the diagnosis, referral, treatment and follow-up of patients.
Cost to benefit ratio of 1:45
http://www.ncbi.nlm.nih.gov/pubmed/12217120

Saturday, February 13, 2010

Alert and Caution on the Security threats to Social Networking sites

Consistent with any other facets of public life, it is prudent to be alert of the anti-social activities in this exploding public domain. The higher enrollment and traffic (reported by the networking sites) may account to the rise in security threats as well.
Here is a summary of Sophos report -
http://www.sophos.com/sophos/docs/eng/papers/sophos-security-threat-report-jan-2010-wpna.pdf

  • 57% of users report they have been spammed via social networking sites, a rise of 70.6% from last year
  • 36% reveal they have been sent malware via social networking sites, a rise of 69.8% from last year
  • 72% of firms surveyed are worried that employee usage of social networking sites places their firms at risk
  • Survey respondents identified Facebook as the social networking site posing the greatest security risks
  • 49% of companies survey allow their employees unrestricted access to Facebook, up from 36% a year ago

Focus on HealthCare IT

US Govt. is funding $975 million in grants to states and healthcare providers to implement health information technology. The funding is available for 100,000 hospitals and primary care physicians across US by 2014. The funding is to advance the exchange of health information at the state level, develop regional extension centers to assist health care workers on health IT and support 55 training programs in 30 states to develop job skills of, as many as 15000 people in the health IT field.

http://www.pharmacychoice.com/News/article.cfm?Article_ID=535065

Comprehensive view of the future of health care by Dr. Yellowlees

Dr. Peter Yellowlees ebook at https://www.smashwords.com/books/view/1465 is a very well written, comprehensive view of the changing face of healthcare with the widening influence of the Internet, especially in the most populous parts of the world. The book makes the reader think whether he/she is ready for the evolution in healthcare. Dr. Peter Yellowlees is in an elite league that blends the view of a health practitioner, leading academician, technology evangelist and visionary.