Healthcare // Mobile & Wireless
News
12/23/2013
09:06 AM
Connect Directly
RSS
E-Mail
50%
50%

5 Trends For Health CIOs In 2014

Patient portals, direct messaging, and medical identity theft will keep healthcare execs on their toes in the new year.

Hackers Outsmart Pacemakers, Fitbits: Worried Yet?
Hackers Outsmart Pacemakers, Fitbits: Worried Yet?
(click image for larger view)

As healthcare CIOs are well aware, 2014 promises to be the year of "the perfect storm." The potential impact of ICD-10 and Meaningful Use Stage 2, coupled with the transition to value-based reimbursement and new-care-delivery models, promise to overwhelm their budgets and burn out their already overworked staffs.

Nevertheless, there are some other trends healthcare CIOs should pay attention to in 2014, partly because of their bearing on the main events. Here are five significant trends.

1. Patient portals
Because of rising consumer interest in health IT, the industry transition to accountable care, and most of all, Meaningful Use Stage 2, patient portals are hot. Nearly 50% of hospitals and 40% of ambulatory practices already provide patient portals, according to a Frost & Sullivan report. The firm predicted that the value of the portal business would soar to nearly $900 million in 2017, up 221% from its worth in 2012.

[ What Obamacare sites can learn from online retail stores: Health Insurance Exchanges Struggle To Charm Customers. ]

KLAS Research, in a poll of 200 healthcare organizations, found that MU Stage 2 had made patient portals a "must-have" technology for doctors and hospitals. The government EHR incentive program requires providers to allow patients to access their health records electronically. In addition, providers must send care reminders and education materials to at least 10% of their patients. All of these tasks are most easily done through portals attached to EHRs. But there's also some interest in untethered, standalone portals that can help patients assemble their records from multiple providers in one place.

2. Direct messaging
In the past few years, the Direct Project protocol for secure clinical messaging has steadily gained momentum. EHRs must include Direct capability to receive 2014 certification, and Direct messaging is also one way to satisfy the Meaningful Use Stage 2 requirement that providers exchange care summaries electronically at transitions of care. Some health information exchanges are using Direct to communicate with physicians who don't have EHRs. Eventually, Direct messages could replace faxes.

The health information service providers (HISPs) that enable providers to send and receive Direct messages are growing by leaps and bounds, partly because EHR vendors must partner with these entities or create their own HISPs. Until recently, however, HISPs had difficulty communicating with one another because of a lack of trust. The nonprofit trade association DirectTrust is starting to overcome this obstacle by accrediting HISPs that meet specific trust criteria. Accreditation of HISPs that work with nine leading EHR vendors is expected by the end of 2013.

3. Cyberattacks and medical identity theft
Over the past few years, there has been a quantum leap in the number of cyberattacks on healthcare organizations. The Ponemon Institute, which tracks computer security in a number of industries, says healthcare is increasingly attractive to cyber-criminals because the information required to steal a medical identity is worth far more on the street than Social Security numbers or credit card numbers alone. As a result, Ponemon reported, the number of medical identity theft victims in the US soared from 1.42 million in 2010 to 1.85 million in 2012.

Medical identity theft is one of several big health industry trends expected to grow in 2014.
Medical identity theft is one of several big health industry trends expected to grow in 2014.

This criminal activity can be costly to victims and devastating to healthcare organizations that face lawsuits and government penalties as the result of security breaches. So healthcare systems are stepping up their efforts to combat cyberattacks. What most providers don't realize is that the spread of EHRs, patient portals, and health information exchanges are making them more vulnerable to attack at more points than ever before.

4. Cloud storage and cloud-based EHRs
Security concerns were the biggest reason CIOs and other healthcare leaders said they were reluctant to use cloud storage in an HIMSS Analytics focus group. Some participants said they'd be comfortable using a private cloud hosted by their software vendor. Others said the cloud was fine for business-related information, but that they wouldn't trust it for storing personal health information.

The healthcare execs also raised concerns about cloud vendors that didn't sign business associate agreements, which are required under the latest HIPAA rules. But some leading vendors, including BoxMicrosoft, and Verizon, have since signed BAAs.

One reason healthcare organizations will have to pay more attention to the cloud is the increasing popularity of cloud-based EHRs among doctors. A Black Book survey found that practices that were replacing their EHRs were generally switching to cloud-based systems because of the lower upfront cost. At the same time, financial pressures are forcing many of them to outsource their billing to cloud-based vendors. And a cloud-based EHR from Athenahealth beat products from eight bigger EHR vendors for usability in a recent KLAS poll. Keep your eye on the cloud in 2014.

5. Mobile devices
BYOD is a major concern for CIOs, as is insecure texting between clinicians, and those issues will continue. But 2014 could be the year when physicians start prescribing mobile health apps to patients. If there's a major increase in the use of these apps by patients with chronic diseases, monitoring data from patients' mobile devices might also start flowing into hospitals and practices.

The mobile health app revolution poses two questions to CIOs: How do you ensure the security of the bidirectional flow of personal health info between doctors and patients? And how do you deal with the sheer volume of data so clinicians aren't overwhelmed?

To address the security issue, IMS Health recently suggested prescribing guidelines that include rankings of all the health-related apps in the Apple store as well as the rudiments of a prescribing infrastructure. According to IMS, this framework includes the ability to send a secure email or text message to a patient's smartphone.

As for dealing with the flood of incoming data, doctors will probably follow the same model as that for home-monitoring devices. For example, the Center for Connected Health, a division of Partners Healthcare in Boston, has piloted the transmission of data from patients' homes to physician practices. After discovering that doctors would not go to portals to view the data, Partners integrated the monitoring data with its EHR. Now physicians can view all of the data in a spreadsheet or can let nurses cut and paste the relevant data into their EHRs.

IT is turbocharging BYOD, but mobile security practices lag behind the growing risk. Also in the Mobile Security issue of InformationWeek: These seven factors are shaping the future of identity as we transition to a digital world. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
M2SYS
50%
50%
M2SYS,
User Rank: Apprentice
12/23/2013 | 10:38:48 AM
Cybersecurity and medical identity theft pressing issues
Thanks for the article Ken.

I am particularly tuned into the growing concern from healthcare providers of the precipituous increase in medical identity theft. Most people don't know the extent of the problem and most healthcare providers have yet to take measured steps to incorporate technology that can help stop medical identity theft at the point of service.

I am encouraged that more healthcare providers are looking into adopting biometrics for patient identification to help stop the increase in medical identity theft. Not only does this technology thwart the ability to steal a medical identity, but some biometric modalities like iris recognition also offer providers the ability to link a patient's unique biometric profile to a unique medical record to prevent duplicates and guard against medical identity theft in a standardized format so information about the patient can be shared cleanly across disparate networks and health information exchanges.

I would look for a continued rise in the use of biometric patient identification modalities like iris recognition in 2014.
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Author
12/23/2013 | 1:16:55 PM
Potential of HealthIT -- Who is standing in the way
My primary care doc recently launched a patient portal with all my records, includng doctor's notes, medications upcoming appointments and -- in some cases, reports from specialists (those whose systems could talk to my doctor's EHR. ) I thought it would greatly simplify communication -- especially about simple health issues that come up or follow ups to referrals to specialists. Unfortunately, the messaging part of the portal doesn't function like any common email . Each message stands alone, so you have to repeat all the information in subsequent messages, rather than continue a string like standard gmail or exchange. When I asked my doc why it was set up like that, she replied that is was because too many patients want to become her pen pal. 

Healthcare IT has incrediable potential for revolutionizing patient care. But the providers still have a long way to go in understanding how to take advantage of it.
David F. Carr
50%
50%
David F. Carr,
User Rank: Author
12/23/2013 | 4:26:08 PM
Re: Cybersecurity and medical identity theft pressing issues
Re: increased use of biometric identification for healthcare IT, is that a prediction or a hope?
M2SYS
50%
50%
M2SYS,
User Rank: Apprentice
12/23/2013 | 5:52:32 PM
Re: Cybersecurity and medical identity theft pressing issues
It's neither a prediction nor a hope. It's a reality.
EKronthal
50%
50%
EKronthal,
User Rank: Apprentice
1/30/2014 | 4:37:06 AM
Re: Cybersecurity and medical identity theft pressing issues
BYOD and the increase in mobile devices has to be a huge factor in keeping sensitive medical information secure. I recently read that 4 out of 5 clinicians now use a mobile device at work. This same mobility makes for easier access to patient information and better collaboration can result in a vulnerability to cyber attacks. Here's an article with some interesting information about security and privacy for mobile devices:
http://www.koolspan.com/blog/next-generation-healthcare/
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - September 10, 2014
A high-scale relational database? NoSQL database? Hadoop? Event-processing technology? When it comes to big data, one size doesn't fit all. Here's how to decide.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.