Archive for the ‘Guest Posts’ Category

Guest Post: Clinicians and Developers Take Healthcare to New Heights Through Virtual Reality Technology

October 25th, 2018 by Laura Reagen

Hospitals and medical centers are using virtual reality and augmented reality technologies to assist in a variety of clinical applications.

What does a theme park game complete with roller coasters and thrill rides have to do with identifying cardiovascular birth defects in the womb? Both are the latest in virtual reality (VR), and among the many innovative experiences designed by some of today’s leading tech companies. What started out as fun and games has turned into a serious business for many VR developers, as well as the healthcare organizations they serve. In fact, all of healthcare is going virtual in a big way, as hospitals and medical centers use VR and augmented reality (AR) technologies to assist in a variety of clinical applications.

Using VR To Distract Patients From Pain

Prominent names in healthcare like St. Jude Children’s Research Hospital are among these organizations. St. Jude is exploring the use of VR as a way to distract children and teens from the intense pain that accompanies sickle cell disease. People with sickle cell disease have abnormally-shaped blood cells, which makes it difficult for these cells to navigate through tiny blood vessels throughout the body in order to deliver oxygen. When this blood flow is disrupted, it can be incredibly painful. Unfortunately, the IV medications used to manage this pain may not immediately ease the suffering of many patients.

To address that issue, the hospital is hoping to bring relief to these young people through an innovative study that will use virtual reality as a distraction technique while this IV medication is administered. Patients will be able to dive into the ocean, experience marine wildlife and navigate through sunken ruins through an innovative VR app, which clinicians hope will divert their attention away from their intense discomfort.

This particular application may not come as a surprise for anyone who has tried the real deal in VR—not just cardboard phone-enabled headsets but instead the sophisticated gaming systems like the Oculus Rift or HTC Hive. The idea of managing pain through this immersive experience isn’t far-fetched once you’re strapped inside a headset that controls your entire visual field and allows you to “virtually” walk inside of spectacular landscapes. It can distract you from all kinds of stimuli, both within your body and outside of it. This concept of distraction from pain and discomfort is one that is just beginning to find its way into the halls of many hospitals and prominent healthcare institutions.

Reducing the Reliance on Pain Meds During Labor and Delivery

At the forefront of this shift is Phoenix-based Banner Health. Physicians and researchers there are exploring the use of VR in the delivery room, in an effort to understand whether this intervention could help patients deal with labor pain and reduce the need for narcotic medications. Banner had already tried out virtual reality as a mechanism for training healthcare professionals. Then Dr. Mike Foley heard from other clinicians about the value of VR following surgery. Some felt using this technology in the recovery room could reduce the need for post-surgery pain medication and even drive earlier discharge from same-day surgery. Given the current opioid epidemic, Dr. Foley wanted to use this idea to help women deal with labor pain while receiving less opioids. This, in turn, could lead to safer deliveries and easier transitions home for both moms and babies. Dr. Foley and his team at Banner just completed a small randomized study of 20, which showed promising results in this area.

Pioneering the Use of VR in Managing Phobias and Pain

The origins of using VR in the area of pain management date back to some of the earliest days of this technology. Dr. Hunter Hoffman first heard about the potential for VR through a prominent researcher who was using it to help patients overcome a fear of heights. He decided to try a similar technique to assist a psychologist treating individuals with arachnophobia. Out of this very specific need, “Spider World” was born. The application was a means of exposure therapy, allowing individuals to gradually increase their interactions with fear-inducing scenarios.

This effort took place in the 1990s—when VR hardware and software were just emerging but were still cumbersome and costly. In fact, the hardware Dr. Hoffman used in these early efforts included a 75-lb supercomputer and helmets that weighed nearly eight pounds. But from this early iteration, Dr. Hoffman expanded his use of VR, ultimately developing a “Snow World” designed to help burn victims manage the pain associated with their injuries. Dr. Hoffman collaborated closely with Dr. Dave Patterson of the Harborview Burn Center on the effort, and is still using this same technique (albeit with much more affordable and lighter systems in place!) 20 years later. He is also at the forefront of using VR to help treat patients with post-traumatic stress disorder many of whom are veterans.

Pairing Clinical Best Practices With VR Expertise

For developers that specialize in creating virtual experiences, the future looks especially bright. As healthcare embraces this new technology as a natural extension of the clinical setting, VR could become more synonymous with treating patients than entertaining gamers. Those at the forefront of this trend, like St. Jude and Banner Health, will continue to publish their results and may inspire others to enter this “new world” of care delivery.

Laura Reagen

Laura Reagen

About the Author: Laura Reagen is the Creative Director of Activate Health, a Phoenix and Nashville-based marketing firm. Activate Health specializes in providing marketing, advertising and public relations support to entities across the healthcare industry including health technology firms, hospitals, health plans and health systems. Laura is a graduate of the Walter Cronkite School of Journalism and Arizona State University.

Guest Post: Rethinking Healthcare Cybersecurity by Focusing on the Attacker, not the Attack

October 4th, 2018 by Ofer Israeli

Why are healthcare systems so challenging to secure? What is driving this complexity. How might we rethink our approach?

Healthcare systems, like all digital networks today are increasingly inter-connected and consumer-driven. The digital transformation necessary to make them agile, also renders them easy targets for data and identity theft, insurance fraud, and other forms of cybercrime. As the recent spate of ransomware has shown, cyberattacks on healthcare institutions also disrupt vital services and risk patient safety.

Beyond the health organization’s core staff, a wide variety of guests, students, visitors, patients, maintenance workers and others have direct physical access to healthcare systems and devices. Temporary workers and contractors require access to sensitive systems while employed. External interconnection of these systems with universities, research partners, and other remote services further mitigates the effectiveness of perimeter and access security controls. Higher and thicker security walls will not support the organization’s need to break down barriers, share information, and increase patient access.

Clearly, a new approach is required. If we cannot stop attacks, then we must stop the attackers. This is not a semantic nuance. The key to protecting healthcare systems in the future will be to transform our thinking—from a focus on defending ourselves from an infinitely expanding phalanx of attacks and attack vectors, to instead focus on disrupting the attack process itself regardless of attack style or source. We must stop the attackers.

As difficult as that might sound at first blush, there is, in fact, a silver bullet that will disrupt the vast majority of attacks. Malicious actors targeting healthcare systems all share a common trait that makes them vulnerable to disruption and detection. Regardless of how they enter a healthcare network, or what their intent, attackers must move laterally across the healthcare network to access their target applications, devices, systems, and data. To move undetected, they must gather intelligence about the environment and make careful decisions regarding their attack path.

The key then, quite simply, is to disrupt the attacker’s decision-making process—to blind and befuddle them so that they cannot progress their attack. Done well, cyber deception technology disrupts the attacker’s intelligence gathering process, and destroys their ability to make accurate decisions, by flooding the attack plane with false and misleading data. Similar in effect to evasive maneuvers used in aerial combat such as disgorging flak, disrupting radar, and disorienting GPS signals, these new technologies destroy the attacker’s ability to navigate, and ensure they are detected by any movement they do decide to make.

The challenges of securing healthcare systems will continue to grow as attackers, and their tools, methods, and infrastructure, become more sophisticated and diverse. Just as digital transformation is improving efficiency and patient outcomes, the traditional security mindset must be transformed to a modern security mindset. To protect these new system architectures, we must refocus our efforts from defending against attacks to disrupting the attack process itself. Deception offers a promising path forward in this direction.

Ofer Israeli

Ofer Israeli

About the Author: Ofer Israeli, founder and CEO of Illusive Networks, pioneered deception-based cybersecurity. He leads the company at the forefront of the next evolution of cyber defense. Prior to establishing Illusive Networks, Mr. Israeli managed development teams based around the globe at Israel’s seminal cybersecurity company Check Point Software Technologies and was a research assistant in the Atom Chip Lab focusing on theoretical Quantum Mechanics.

Guest Post: 3 Strategies for Combating Physician Burnout

September 20th, 2018 by James Korman

Physicians now find themselves under more stress and pressure from a variety of sources beyond their control.

Physicians call it “Pajama Time.” But it has nothing to do with curling up with a good book before heading off to bed. In medical parlance, Pajama Time refers to the several hours at night that many physicians must set aside to catch up on completing notes, tasks and orders that they simply don’t have a time to manage during the workday.

Pajama Time is symptomatic of a larger and growing problem throughout the medical profession: physician burnout. Dealing with a flood of medical data is a major cause of physician burnout. But it’s not the only one.

Physicians now find themselves under more stress and pressure from a variety of sources beyond their control. For example, stress is sparked by increased patient volume, wrestling with complex and time-consuming electronic health records (EHRs), merging practices that result in a loss of autonomy and peer-to-peer interactions, and a sharper emphasis on outcome metrics and benchmarks.

Although many of these changes are necessary as medicine moves away from fee-for-service and toward fee-for-value, the triple aim that is meant to fix the U.S. healthcare system only magnifies and perpetuates the stress experienced among the nation’s physicians.

Often difficult to detect, physician burnout takes on many forms. Chief among them is emotional exhaustion, detachment and insensitivity toward patients and a lack of feeling successful and accomplished in their work.

The severity of physician burnout often depends on the type of medical specialty being practiced.

Tait Shanafelt, MD, a nationally recognized expert in physician wellness, in 2014 administered the Maslach Burnout Inventory to a large national physician sample showing that approximately 50 percent of U.S. physicians were experiencing at least one symptom of burnout. In 2013, the first year of the “Medscape Lifestyle Report,” showed that emergency medicine had the highest rates of burnout, just above 50 percent. That jumped to close to 60 percent in 2017. It also showed that physicians working in primary care tended to struggle most with burnout.

The consequences of physician burnout run far and wide.

Picture a Venn diagram, with burnout overlapping the personal and the professional effects. Personal consequences include anxiety, depression, alcohol and substance abuse, family conflict and an increased risk of suicide, according to the Mayo Clinic. Professional consequences range from decreased quality of care to increased medical errors to decreased patient satisfaction.

The rising level of physician burnout is simply unsustainable, with repercussions negatively affecting nearly every facet of the healthcare system.

Summit Medical Group, the nation’s largest independent multispecialty physician group, recognized the concerning trend of burnout among doctors even before it was talked about openly, and is at the forefront of this issue. The group is combating physician burnout on multiple fronts:

  1. Improve communications. One way to help physician burnout is to give physicians an avenue to express what they see as causing their stress and have someone take it seriously. Summit Medical Group (SMG) has made this a top priority by having its board of directors, who are practicing physicians, meet with the group’s physicians to obtain their feedback, thoughts and suggestions. By having regular small group meetings with physicians these leaders gain a keener sense of the possible remedies that SMG can adopt to reduce burnout. Also, most of the interventions that the group has adopted to address burnout has come from these meetings. To further help with communication, SMG assigned lead physicians to geographic regions to ensure that accurate and timely information gets down to the individual physician and their feedback gets up to leadership. Another way SMG has strengthened overall communication is through various electronic newsletters that keep its physicians informed and engaged about the medical group and their colleagues. They have also created a dedicated email address and voicemail allowing their physicians to leave confidential feedback at any time.

  2. Bolster physician support services. It is well-known that physicians are excellent at helping others, but not very good at asking for help themselves. It’s not in their DNA. That’s why it’s incumbent upon medical groups to proactively offer support services to their physicians with minimal barriers. For example, SMG has trained 14 volunteer physicians from different specialties to speak with their colleagues during times of acute stress, unexpected outcomes or when dealing with a medical malpractice lawsuit. These volunteer physicians often have been though similar situations, making it easier for them to offer support and advice. SMG also does not wait for their physicians to ask for help but will reach out to them to offer support whenever one has had a stressful event or appears in need. SMG further understands that at times medical providers need more than a peer to speak to and does have professional psychological services available to them. There are also other support services that SMG has implemented, including ways to help physicians unplug when they are on vacation. Because many physicians receive hundreds of patient orders and tasks per week it is no wonder that many feel compelled to log on to the EHR when they’re supposed to be recharging their batteries. And if they choose not to log-on many experience anxiety on vacation knowing what they are going to return to when they head back to the office. To help, SMG has hired Advanced Practicing Nurses and Physician Assistants to manage their doctors’ EMR inboxes when they are on vacation. This not only helps the vacationing physician but also reduces the burden on the office staff who are often managing their own work along with that of the vacationing doctor.

  3. Foster a sense of community. The ‘Physician Lounge,’ a physical space where doctors could unwind and exchange professional information and give each other support, used to be a staple of the medical profession. No longer. Physicians simply do not have the time to go to the lounge during busy work hours and many medical systems have eliminated them in favor of more clinical space. However, medical groups do need to find alternative means for their physicians to interact with each other to avoid having them feel isolated and siloed. For example, this summer SMG adopted a social media platform called Yammer. Yammer has been described as an on-line “Physician Lounge” where doctors can exchange medical information, consult on general medical cases, share social pleasantries and provide each other support. Similar to Facebook, Yammer is set up for each medical department throughout SMG as well as for the larger physician group. Perhaps most important, Yammer offers physicians a sense of community—a place where they can share ideas, frustrations and solutions to the stresses they face. In addition, SMG holds regular networking events, which give providers who may feel isolated in their work the opportunity to interact with colleagues both professionally and socially.

James Korman

James Korman

About the Author: James Korman, PSYD, FACT, is the director of behavioral health and provider engagement at Summit Medical Group.

Guest Post: The Provider’s Responsibility for Building Patient Relationships

July 31st, 2018 by Dr. Delanor Doyle

A foundational element of healthcare is the relationship between a patient and their PCP.

One of the foundational elements of healthcare is, or at least should be, the relationship between a patient and their primary care physician (PCP). And yet, it seems many Americans are not fully utilizing their PCP and instead are turning to emergency rooms or urgent care clinics for non-urgent conditions and illnesses. In fact, only 9 percent of emergency department visits result in a hospital admission. This means it is likely that many of these cases could have been avoided by seeking the care of a PCP.

Emergency department visits not only result in hefty costs to the patient and their employer, but also create wastes of time and resources in the healthcare system. The impact in terms of costs, for the patients can have many down-stream consequences. In fact, a recent report by the U.S. Federal Reserve found that four out of 10 adults in the United States could not cover an unexpected $400 expense. In some cases, this amount can easily be reached for a single emergency room visit between out-of-pocket costs for the visit, medications and laboratory services —especially when dealing with out-of-network issues. Providers should work to keep patients out of emergency rooms and urgent care facilities and to emphasize the importance and purpose of the PCP in the patient’s healthcare journey.

Until the 1940s, about 40 percent of all physician visits were house calls and while today patients don’t have this same expectation, providers should treat patients with that same level of personalized, individual care that builds a strong relationship. Providers can consider implementing the following best practices with their patients:

Every Discharge Deserves a Follow-Up

In many cases the PCP is not the provider who admitted or cared for the patient while in the hospital. However, it is imperative that the PCP insist on receiving information about the patient’s admission, so that he or she can be a part of the discharge plan. The patient should be seen back in the practice within three to five days after discharge —even if they were seen just prior to going into the hospital. In fact, this should be scheduled for the patient prior to hospital discharge. Timely follow-up appointments have been associated with a decreased risk of readmission. A converse association also exists. A study published in Clinical Interventions of Aging found only half of patients discharged following heart failure had a follow-up appointment scheduled and the readmission rate was significantly higher in those that had no follow-up scheduled.

Follow-up appointments allow for the provider to engage or re-engage the patient and ensures the patient is aware of any care transition recommendations. Concerns regarding disease process, expectations and convalescence should be addressed at this time. Working to schedule all patients for timely follow-up post discharge eliminates the risk of the patient forgetting to schedule the appointments themselves. Many patients report a higher sense of satisfaction with the communication between themselves and their provider and with their overall care.

Encourage Virtual Care Options

For after-hours needs, do your patients know there are virtual care options they can use in lieu of going to the emergency room or urgent care clinics for non-urgent concerns? Many patients are simply unaware of these services or aren’t sure how to use them so they don’t consider it as an option. According to the National Business Group on Health, only 8 percent of employees utilize telemedicine services, yet the cost of healthcare benefits is expected to increase an average of 5 percent due in part to pharmaceutical costs but also to site of service issues as well. Spend a few minutes during the visit to educate patients on the services available as well as when to use them.

Promote Health Plan Resources

Unfortunately, many patients are also not familiar with the services or programs offered by their health plans. These materials are good resources for preventative care measures and offer proactive suggestions for patients. For example, their insurance provider might offer diabetes educational materials and resources. Most health plans have programs for diabetes and other chronic conditions. If members are encouraged to access the materials available online, telephonically and in print they might be more likely to seek out that information and if contacted by the health plan they will be much more likely to engage. It is important that patients begin to get a sense that the health plan and the providers are collaborating for the patient’s benefit.

We are still in a fee-for-service world but moving toward fee-for-value. This is being driven by the Centers for Medicare and Medicaid Services (CMS) and all the major health plans. To be successful in this new world, improved patient outcomes should be a major focus for providers. Strategies that engage the patient and simplify the healthcare experience when and where it is needed most are going to be produce the winners in this new era. The literature is replete with strategies that can produce population health success, but few are shown to be consistently correlated to economic success combined with improved patient satisfaction and outcomes. The exceptions have been those that employ heavy care coordination in a face-to-face venue and that address the social determinants of disease.

Fully leveraging these strategies is going to require the development of trust between the patient and provider so that patients know we are not just treating a disease but caring for the whole person. When that level of trust is reached it becomes easier to influence utilization of the PCP practice and other more appropriate levels of care instead of the ED. Similarly, it becomes easier to impact the readmission rate in one’s own panel of patients.

About the Author:

Dr. Delanor Doyle

Dr. Delanor Doyle

Dr. Delanor Doyle is the chief medical officer of Texas Health Aetna. Leveraging the strengths of two leading organizations, Texas Health Aetna is blurring the lines of traditional health care plans and health systems to create a truly integrated solution that’s simple to navigate and puts the member’s experience first. The local health plan is committed to providing affordable, high-quality health care services and delivering customized care to members throughout the Dallas-Fort Worth metroplex. For more information about Texas Health Aetna, visit

Guest Post: A Report on Healthcare Data Security & Privacy Compliance

July 26th, 2018 by Gary Palgon

Privacy and security regulations for enterprise data in healthcare organizations are complex and current efforts to bolster enterprise data compliance among all organizations, including those in healthcare, are immature and ineffective, according to a recent study conducted by Aberdeen, an industry analyst firm.

In fact, 86 percent of 112 hospitals and hospital groups in the study are dealing with multiple types of data and data-related processes that are subject to compliance requirements. This is not surprising because healthcare organizations generate, collect, store and manage financial transactions, personally identifiable information, protected health information, employee records and confidential or intellectual property records such as partnership agreements and contracts.

When asked if their organizations were compliant with 11 common regulations and frameworks for data privacy and security, only 65 percent reported achievement. PHI has the highest percentage of compliance reported—85 percent. The lowest compliance rates were reported for ISO 27001 and the General Data Protection Regulation at 63 percent and 48 percent respectively.

To measure the maturity of healthcare organizations’ efforts to comply with privacy and security requirements for data, Aberdeen developed a Net Maturity Index across six key elements of an enterprise data lifecycle. An index score above 50 percent indicates strong maturity in compliance activities and below 50 percent indicates immaturity.

Managing data, which includes normalizing, cleansing, validating and correlating data, earned a 66.6 percent score for healthcare respondents, the only element that indicated maturity. Scores for other key elements were:

  • 49 percent for storing data—persistent, on-demand, self-service access to data;
  • 41.2 percent for protecting data—encryption, tokenization;
  • 33.4 percent for syndicating data between any two applications—including mobile, connected devices, on-premises or cloud;
  • 25.4 percent for ingesting data into a common repository—cloud-based, data lakes; and
  • 3.9 percent for integrating data from multiple sources—disparate sources, formats and protocols

The immaturity of the data lifecycle and associated enterprise data compliance efforts has real-world consequences for healthcare entities. Four out of five (81 percent) study participants reported at least one data privacy and non-compliance issue in the past year, and two out of three (66 percent) reported at least one data breach in the past year.

Investment in data compliance efforts is not lacking. A median of 37 percent of the overall IT budget of healthcare survey respondents is allocated to data compliance activities. This is a significant amount of funding to still experience data breaches, data compliance issues and low percentage of achievement of compliance with multiple enterprise data security and privacy regulations. When compared to respondents from life science and other industries, healthcare respondents reported the highest percentage of the IT budget devoted to data compliance.

The survey also indicated that healthcare organizations are more likely than organizations in other industries to have instituted compliance-specific governance processes and appointed specialized leadership such as data protection officers, compliance officers or chief risk officers, to oversee enterprise data compliance initiatives. While these are often considered to be best practices for achieving data compliance, still less than half of all healthcare organizations have instituted these approaches. Having specialized leadership is one of the most likely ways to effectively address enterprise data security and privacy compliance issues but it may also present further complications. Although the role may be assigned to an individual, the task of ensuring compliance with multiple regulations that evolve and change along with new technology and the addition of new data sources, requires an expertise that is difficult to achieve and oversee by one person who probably wears multiple hats in the organization.

One solution to the complex, challenging task of achieving data security and privacy compliance is the use of third-party providers who can address the healthcare organization’s need to enhance integration, management and storage of data. Providers who are experts at data management and integration but also provide the added value of the expertise needed to ensure compliance with regulatory requirements affecting data will offset some of the burden on hospital staff. The solution is not a simple application or a one-off project. Achieving and sustaining compliance with data privacy and security rules as they evolve is an ongoing effort.

The study also points to the need to better manage financial investment in compliance strategies. One option for healthcare organizations is managed services agreements with data management and integration providers. Switching to a predictable, monthly fee versus periodic capital investment or ongoing efforts that are ineffective frees IT funds to be used to advance other hospital goals.

Although many healthcare organizations do not consider outsourcing some of their data management, integration and compliance challenges, but choosing a partner wisely—one with expertise in healthcare as well as other data-centric industries with multiple privacy and security requirements—can reduce the compliance burden on an already overworked hospital IT staff and make funds available to continue digital transformation or other strategic initiatives.

Read the overall survey report here: Enterprise Data in 2018: The State of Privacy and Security Compliance

Read the brief on results for healthcare organizations here: Enterprise Data in 2018: The State of Privacy and Security Compliance in Healthcare

About the Author:

Gary Palgon

Gary Palgon

Gary Palgon is vice president of healthcare and life sciences solutions at Liaison Technologies. In this role, Gary leverages more than two decades of product management, sales, and marketing experience to develop and expand Liaison’s data-inspired solutions for the healthcare and life sciences. His unique blend of expertise bridges the gap between the technical and business aspects of healthcare, data security, and electronic commerce.

Guest Post: Increase HCAHPS Scores Through Healthcare Design

July 10th, 2018 by Rebecca Donner

Improving HCAHPS scores from an interior design perspective.

The Centers for Medicare & Medicaid Services’ (CMS) Hospital Consumer Assessment of Healthcare Providers and Systems (HCAHPS) survey was established as a way to measure patients’ perspectives on healthcare and make comparisons across hospitals based on the patient experience. Receiving a high score can boost hospitals’ Medicare/Medicaid reimbursement, while a low score can decrease funding by as much as 2 percent. Because HCAHPS scores can affect a hospital’s bottom line, it provides an incentive for them to place a greater focus on patient experience to receive a high score.

There a number of ways to increase a HCAHPS score, including patient communication and respect, speediness, cleanliness and even pain management procedures. But one way that may be overlooked is how to raise that score through interior design. There are a number of ways to approach HCAHPS scores from a design perspective.

Noise Reduction

With so much commotion in hospitals, it can be difficult for patients to rest, which is a key component to the healing process. Standard noise levels should be 35 dB(A) during the day and 30 d(B)A at night, but peak noise levels in hospitals often exceed 85 to 90 db(A), according to the Center for Health Design.

Aside from limiting overhead announcements and machine beeping, hospitals can reduce noise by focusing on the materials they use inside their facility. Carpet tiles or rubber flooring, as opposed to tile, can reduce the noise of foot traffic outside patient rooms. In addition, acoustic wall coverings and ceiling tiles act as giant sonic sponges, soaking up unwanted noise and echo. This can prevent any loud conversations or unwanted noises from traveling down hallways.


Privacy and comfort rank high in ways to improve patient experience. According to the 2016 Hospital Construction Survey, many hospitals are now converting semi-private rooms into private rooms to increase patient privacy. After all, no one wants to share a room with a stranger during what can be one of the scariest times in someone’s life. Plus, two patients in a room can increase the chance of infection.

Many hospitals are also increasing the square footage of patient rooms. This way, even if two patients are sharing a room, they each have plenty of private space.

Personal Controls

To make the hospital feel like home as much as possible, many facilities are now offering patients greater control over the lighting, temperature and window shades in their rooms. Everyone has different preferences when it comes to how warm or cool, or how dark or bright, they want a room to be. Personal dimming controls allow patients to adjust the lighting depending on their activity, whether they are trying to sleep or need extra light for reading or examinations. Giving patients control over these variables can lead to higher patient satisfaction.


Hospitals with high mobility and accessibility receive higher HCAHPS scores. Installing handrails makes it easier for patients to get to the bathroom, and wide bathrooms give patients the space they need when using the facilities.

About the Author:

Rebecca Donner

Rebecca Donner

Rebecca Donner is the owner and founder of Nashville-based healthcare interior design firm Inner Design Studio. For more information.

Guest Post: Staying HIPAA Compliant When Using Smartphones

July 5th, 2018 by Brad Spannbauer

Smartphones in Healthcare

Introducing smartphones into a healthcare environment also brings new security risks, especially when devices are used to create, receive, maintain or transmit ePHI.

Smartphones are becoming increasingly ubiquitous in clinical settings. When compared with the likes of pagers, smartphones offer many benefits, such as improved communication and collaboration, increased mobility, and more advanced security and privacy features. However, despite these benefits, introducing smartphones into a healthcare environment also brings new security risks, especially when devices are used to create, receive, maintain or transmit electronic protected health information (ePHI).

The compact size and portability of smartphones is what makes them so convenient for on-the-go healthcare professionals, but it is also this which makes them particularly susceptible to loss or theft, which can lead to data breaches.

According to a Ponemon study, 90 percent of healthcare organizations have been affected by at least one data breach, and nearly half have had more than five data breaches. While malicious activity continues to be the leading cause of these attacks, employee negligence and lost or stolen devices are the primary instigators.

Eliminating the security and privacy threats introduced by smartphones isn’t easy, but by addressing the following key areas, HIPAA (Health Insurance Portability and Accountability Act of 1996) covered entities can mitigate the risks and significantly reduce the likelihood of a data breach occurring.

Put a stop to non-secure communication

In today’s cyber crime ridden world, organizations must be proactive in guarding every aspect of their digital infrastructure, and maintaining secure communications is a key part of this process. Non-secure applications such as email or native text messaging apps are inherently risky due to a lack of security features and privacy controls, which ultimately render them non-compliant under the rules of HIPAA. Instead of using unsecure tools, healthcare providers should invest in secure communication solutions that are designed to withstand the rigors and regulations of healthcare.

Educate your workforce

Research by IBM suggests that 95 percent of all security incidents in 2016 involved human error—misaddressed emails, weak passwords and falling prey to phishing schemes are prime examples of how data breaches can occur due to carelessness or lack of proper education. Additionally, the rise in BYOD (Bring Your Own Device) means employees are more frequently using devices both inside and outside the office, which naturally increases the risks of a device being lost, stolen, or accessed by an unauthorized third party. Regular staff training should therefore be a top priority for any organization that allows its employees to use a mobile device for work purposes. Ultimately the onus is on employers to ensure employees understand their responsibilities, and to provide the tools to allow them to carry out their jobs effectively and securely.

Follow OCR’s advice

In recognition of the risks associated with increased usage of smartphones in clinical settings, the Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) has issued guidance for HIPAA covered entities who use mobile devices to create, access or store ePHI. The guide offers the following tips:

  • Implement policies and procedures regarding the use of mobile devices in the workplace—especially when used to create, receive, maintain, or transmit ePHI.
  • Consider using Mobile Device Management (MDM) software to manage and secure mobile devices.
  • Install or enable automatic lock/logoff functionality.
  • Require authentication to use or unlock mobile devices.
  • Regularly install security patches and updates.
  • Install or enable encryption, anti-virus/anti-malware software, and remote wipe capabilities.
  • Use a privacy screen to prevent people close by from reading information on your screen.
  • Use only secure Wi-Fi connections.
  • Use a secure Virtual Private Network (VPN).
  • Reduce risks posed by third-party apps by prohibiting the downloading of third-party apps, using whitelisting to allow installation of only approved apps, securely separating ePHI from apps, and verifying that apps only have the minimum necessary permissions required.
  • Securely delete all PHI stored on a mobile device before discarding or reusing the mobile device.
  • Include training on how to securely use mobile devices in workforce training programs.

Remember, at the end of the day, if you allow ePHI to be stored on mobile devices, some of those devices inevitably will be lost or stolen. And if that ePHI is not adequately protected through strong encryption along with robust access controls as described above, you will have a reportable data breach on your hands. So plan accordingly.

As devices and applications become more technically advanced, and as more and more healthcare organizations leverage the advantages of smartphones over traditional tools, smartphone usage is only set to increase. To realize the benefits, however, it is critical that the security of mobile devices is reviewed and updated regularly, and policies are modified when necessary. Convenience should never come before compliance.

About the Author:

Brad Spannbauer

Brad Spannbauer

A 20 year industry veteran, Brad Spannbauer currently oversees product strategy and planning, and provides direction and market leadership for j2 Cloud Connect’s worldwide business as their Senior Director of Product Management. His focus in the healthcare and legal verticals led to Brad’s involvement with the j2 Cloud Services™ compliance team, where he leads the team as the company’s HIPAA Privacy and Compliance Officer. Learn more about our HIPAA Compliant Fax Solutions.

Guest Post: 5 Steps To Prepare for Real-Time Enterprise Healthcare Data

July 2nd, 2018 by Melanie Matthews

The right real-time enterprise data infrastructure allows the information to be routed to a data lake where enterprises can employ modern business intelligence solutions to derive actionable insights.

Recent trends and emerging technologies are converging and a truly real-time enterprise will soon be an achievable possibility. As we move beyond traditional batch data to include streaming data, healthcare systems are seeing an unlimited and unyielding flow of data. This constant flow gives enterprises the ability to act on the information as it originates. Additionally, the right infrastructure allows the information to be routed to a data lake where enterprises can employ modern business intelligence solutions to derive actionable insights.

Of course, not every organization will need to be able to utilize truly real-time data, all organizations need to consider how they can best manage the increasing flow of data. Following are five steps to consider as you develop your enterprise information management (EIM) strategy:

  1. Define/identify business objectives – Is real-time data needed?: While the use cases are innumerable, real-time applications of data by their nature require a much higher level of network resources than data that is sent every hour or every day, as batch processes often are. Consider this: do you need data immediately or is once per hour sufficient? Organizations must first consider how frequently information is needed and then set the strategy.

  2. Find your edge and manage devices: Advancements in integration, messaging software, and Internet of Things (IoT) are building a new edge of the network. Mobile devices in the modern context can be virtually anywhere. To have success organizations need a data and device strategy to ensure that they can “read” the data they need, when they need it. Asset management strategies are also necessary for these devices to ensure that the information on them is controlled, secured, and properly maintained. An increasingly common example of device management at the edge is in healthcare, where tablets and mobile phones are increasingly used at the point of care.

  3. Let Data Streams Flow into Lakes: As organizations gather and use different kinds of often completely unrelated data forms, it makes a lot of sense to create a data lake. Whether this is required goes back to the context of use and the business objective, but in all cases, it is crucial to develop a strategy to consolidate, store, protect and back up the data.

  4. How Do Users Consume the Data?: Information for the sake of information can be distracting. Real-time data is no exception. Again, it is critical that its use be considered in the development of strategy. Let’s use monitoring again as an example. Do users need to know what is happening all of the time, or just when something is wrong, or some other key milestone? If they only need to know at certain points (problem detected, report generated, etc.), what is the best way to relay that information—an alert, a color-coded dashboard? The possibilities are limitless but should reflect a keen understanding of how the information will be used when needed most.

  5. Build in Analytics to Mine That Gold: Information is dynamic and so are the use cases that motivate different users to seek and apply it. For many, the information they gain is descriptive, for some it’s diagnostic in nature, and for others it’s predictive. An example can be found in the predictive analytics used to proactively identify equipment failure and to guide the resulting maintenance and repairs. For others it is prescriptive and informs what is happening currently to help define what should be happening. Regardless, the enormous range of use demands that organizations seeking to benefit from real-time data first establish the infrastructure necessary to run analytics in a way that pulls out actionable, relevant information.

A move to real-time enterprise will require changes to virtually every part of an organization. It will take a great deal of time, attention and hard work; however, the benefits will be significant. The five steps discussed here can help healthcare organizations find and stay on the right path to becoming a real-time enterprise.

About the Author:

Jennifer Schwartz

Jennifer Schwartz is an accomplished professional with special expertise in enterprise information programs, consulting, strategic planning, and mobile solution architecture. She has 18 years of experience with improving operational efficiency, reducing costs, and formulating strategic plans for her clients. As the Enterprise Information Management solution lead for CTG, Ms. Schwartz focuses on business process management and automation, providing best practice guidance, and executing special projects that help transform data into action. Jennifer works across industries, advising clients on the execution of projects to realize efficiencies.

Guest Post: Three Steps To Controlling Healthcare Costs with Data

June 21st, 2018 by Will Herold

Three Steps To Controlling Healthcare Costs with Data

Data analytics is key to reaching the goal of controlling healthcare costs.

Data analysis plays a key role controlling and potentially lowering healthcare costs, according to DHS Group.

DHS Group, an employer and health plan solutions provider based in Houston and Cleveland, provides three steps to reach the goal of controlling healthcare costs:

  1. Invest in your partners: If data, and the information you gather from accessing, reading and interpreting it, is important to you, then the company you work for to get the job done should be too. Don’t underestimate the value of investing in a partner that will go above and beyond in making sure the money you’re investing is put to good use and you’re able to access and understand the information you’re looking to gain.

  2. See data as actionable information: If you’re taking the time, and spending the money, to gain access to your data, consider the idea that the “data” is more meaningful when viewed as a place where actionable information resides. Look for partners that will translate your data into “Key Health Metrics” or information that you can make real decisions with based on your goals and benchmarks.

  3. Integrate your systems: Use the actionable information you have gained from your data to make informed decisions on the health and wellbeing of your employees – expanding programs to include areas like mental health and financial wellbeing. Data-driven benefits programs work best alongside health and wellbeing programs that are being driven by the same numbers and facts.

“Most people don’t realize all that can be done with regular access to claims data,” Jim Pritchett, DHS Group CEO, said. “Better plan design, discovery of preventative initiatives, empowering your members to better manage their health, identifying hard-dollar pharmacy savings, improving engagement and measuring ROI.”

Will Herold

About the Author: With years of experience in HR and benefits industries, Will Herold leads DHS Group’s Business Development team with a strong understanding of the HR and benefits marketplace. As a sales leader, he is responsible for managing DHS Group’s revenue and working with other professionals to assist corporations in establishing clear, aligned strategies for impactful, cost-effective benefit and wellbeing program outcomes.

Guest Post: Lab Data is the Missing Link in Healthcare Risk Adjustment

June 19th, 2018 by Jason Bhan, MD

Data informing risk adjustment programs is critical under value-based healthcare reimbursement models.

For health plans, value-based care means a continuous need to innovate and improve their risk adjustment, clinical quality, and care management programs. Unless payers identify and receive the correct amount of reimbursement, it is difficult for them to invest appropriately into member care programs for better outcomes while remaining financially successful.

The data informing risk adjustment programs are critical, as they build the foundation for accurate member risk stratification. In that respect, those data sources are directly related to the correct amount of reimbursement payers receive and can invest in proactive care management. In other words, high-quality clinical data delivered quickly enough for a plan to get a member into a care management program early enough is important to the health of the member and the business. The approach leads to improved clinical outcomes and reduced costs in emergency room visits, hospitalizations and chronic condition management.

Lab Data: An Untapped Resource

To achieve such clinical granularity, at scale, plans can turn to diagnostics—or lab—data. Lab data drives approximately 70 percent of medical decisions and, unlike claims data, is available in near real-time. It also provides an unrivaled level of specificity for clinical conditions. When lab data is integrated into plans’ claims- and chart-based programs, it enables earlier, more comprehensive and accurate clinical insights to benefit care management of both existing and new members. Utilizing the same information that clinicians use to make decisions, within the same timeframe, provides a powerful and unique opportunity to intervene and impact a patient’s health.

What Can Lab Data Do for You?

Expanding and improving their clinical data supply with diagnostics data can help health plans to:

  • Provide historical insights on members where claims are unavailable to improve risk adjustment. For new enrollees, this enables the health plan to get new members into the appropriate care/disease management programs from day one.
  • Serve as an early detection system for care management of all enrollees. Plans can identify patients in need of additional or alternative therapy from lab data earlier than from any other data source. For existing members, the detailed results uncover needs that may have been overlooked based on a claims analysis alone.
  • Identify high-risk members for case management and provider interventions from lab data. Optimized risk adjustment aligns reimbursements to health status, enabling the plan to more heavily invest in member care programs.

Applying AI Solutions

When it comes to gaining actionable insights from diagnostics data, plans can benefit from partnering with healthcare artificial intelligence (AI) specialists in the field. Healthcare AI organizations use techniques such as machine learning and natural language processing—coupled with massive computational power—on big data sets, to make sense out of non-standard, complex, and heterogeneous data.

Healthcare AI, when applied to diagnostics clinical lab data, improves risk stratification by identifying diagnoses earlier in the year versus waiting for the claim or searching charts. Rich in clinical details, it presents a more complete picture of the member’s health. Better risk stratification leads to better care management programs; and successful programs have been shown to reduce costs by targeting those most likely to benefit and keeping intervention costs low.

Dr. Jason Bhan

About the Author: Jason Bhan, MD, is co-founder and Chief Medical Officer at Prognos, an innovator in applying AI to clinical lab diagnostics. More than half of the Prognos team is made of engineers, data scientists, and clinicians. Prognos aims to increase the usefulness of disparate healthcare data to better inform clinical decisions and ultimately improve patient outcomes.