Call Us (877) 740-5028
Call Us (877) 740-5028
Good morning from chilly National Harbor! Around 5,000 people are expected to be here today for the 5th annual mHealth Summit. Today’s morning keynote was given by Rick Valencia, VP of Qualcomm Life: Mobile is the largest health and wellness platform today. Many of the conversations at these summits in previous years were more focused on many of the problems revolving around mobile health; the fears and dangers. Now people are talking more about solutions for these issues, which is a really promising change. There are currently 6.8 Billion mobile connections. Just about every vertical and industry is going mobile. The expectation is that there will be 25 Billion mobile connected devices by 2020. Your entire world will be connected. Mobile is transforming the healthcare industry. Currently global health spend is $6.5 Trillion. Unfortunately, the healthcare industry is about 10 years behind the technology curve. The mobile health technology progression: Mobilize – Organize – Insight – Behavior Change The mobile health market is projected to be $30-$60 Billion by 2015.
Breakout Session 11-12 Monday: The Role of Patient Privacy & Security Innovations Kenneth A. Kleinberg, Managing Director, Research & Insights Ed Ricks (Beauford Memorial Hospital) There’s always a question of the tipping point, and with EMR, we’ve reached this point. Mobile health is transitioning from an optional thing to integrated and mandatory. With new technologies, the applications and the promise lead, and the management lags, and I think in this space it’s true. 5 categories of mobile health use: Access/interaction (putting the ‘use’ in Meaningful Use) Unified communications (key enabler of care coordination) Telehealth for extending reach Social networking Mobile health applications If you think about the kinds of technologies that we expected but it’s taken a very long time (like speech technology), there are other areas of tech that have crept up (like location). The idea that tech could tell you the closest ER, and indoor maps based on the GPS can help with many experiential challenges. You have to match these tremendous mobility changes within the context of security and manageability. Layers of Mobile Security: Application: protection with passwords, encryption, tokens. Should certain apps require multi-factor? Desktop and Server: remote and virtual desktop protections. Wireless/transport: Security in proprietary…
Making the trip to the 2013 mHealth Summit? Online Tech’s stable of health IT specialists is headed there this weekend (see our press release). Stop by and say ‘Hi’ at Booth 1112 on the summit exhibition floor, where Online Tech will exhibit – among other mobile health-related services – its fully encrypted, enterprise cloud. We’re also bringing along two of our mobile health clients as our guests at the summit, held Sunday through Wednesday at The Gaylord National Resort and Convention Center near Washington D.C. Daniel LeRiche and Charles “Chub” Price from DocView Solutions will spend some time in our booth, discussing the success they’ve experienced hosting their mobile app on our HIPAA-compliant cloud. DocView assists providers in the complex management of off-site patients with chronic diseases. The system engages patients in all aspects of their care signs, symptoms and health behaviors, and shares them with all providers, primary and caregivers. Dr. Kurian Thott, a gynecological surgeon and founder of instaRounds, will also be in attendance. Currently focused on the OBGYN field, instaRounds allows physicians to communicate over Online Tech’s HIPAA compliant servers, share call schedules, follow appointments, allow cross coverage and give physicians a mobile patient sign-out application. It…
The prolific number of endpoints that laptops, tablets, iPads and mobile phones bring to the traditional and mobile healthcare settings makes hair stand on end for those unfortunate information technology, security, and compliance officers forced to protect patient data. Those caught up on the instinctive rush to secure all endpoints with customized security protections quickly realize this approach is in vain, as the multiple of hardware times operating system platforms quickly out-tasks even the well-resourced healthcare IT department — and I challenge anyone to find a healthcare IT department with any idle time on its hands. It’s no wonder that those protecting health information struggle against the stereotype of being the eternal “no-go” person. Nonetheless, meaningful use is driving CPOE (Computerized Provider Order Entry), patient engagement, telemedicine and remote patient monitoring to improve outcomes for discharged patients and prevent unnecessary readmissions. Somehow, data security will need to harmonize with the efficiencies and improved care coordination digital health information can provide. Where to start? Experienced IT, security, and compliance professionals start at the top, identifying and classifying information according to its sensitivity and risk of exposure. What data could harm patients and the entity the most? What impact would result if…
Online Tech likes to refer to itself as the Fort Knox for data. We love to hear clients’ stories to support that claim. And we really love to hear when our services help clients impress their own prospective customers. We heard one of those stories Monday during a telephone conversation with DocView Solutions chief technical officer Daniel LeRiche. While chatting about the upcoming 2013 mHealth Summit in Washington D.C. (more information on that topic coming soon), LeRiche shared an experience he had with a potential client of DocView’s mobile app, which allows healthcare providers to interact with critical care patients. A healthcare provider performed penetration testing on DocView’s system – which is hosted on Online Tech’s encrypted cloud – and our firewall intrusion detection system did such a good job that it shut down access to the test. The client needed to complete the testing, so LeRiche had to ask Online Tech’s staff to shut down the firewall so the proper reports could be completed. The intent of a penetration test is to simulate a real-world attack situation with a goal of identifying how far an attacker would be able to penetrate into an environment. The potential DocView client learned…
Having trouble getting senior management to see the importance of implementing a Bring Your Own Device (BYOD) policy at your workplace? We know just how to grab their attention. If you missed it last week, Online Tech’s latest ‘Tuesdays at 2’ educational webinar series featured a BYOD presentation co-presented from technical and legal perspectives. Along with Online Tech’s Steve Aiello discussing the best technical practices for implementing an effective BYOD strategy, guest co-host Tatiana Melnik provided an overview of the legal and regulatory framework of the process. Or, in a nutshell, how proper implementation can keep senior management out of legal hot water and away from fines. Attention grabbed! We’ve provided a brief overview of the presentation below, but suggest you take a look at the video replay of the presentation. To be BYOD or not to be BYOD: Is a “Bring Your Own Device” Policy Right for Your Organization? First, some brief introductions: Melnik is a Tampa-based attorney focused on information technology, data privacy and security, and intellectual property. She is a healthcare IT columnist for the Journal of Health Care Compliance and the managing editor for the Nanotechnology Law & Business Journal. Aiello is a Senior Product Architect…
Last week Online Tech was in Milwaukee at the Midwest HIMSS Fall Technology Conference exhibiting our HIPAA compliant hosting solutions. There were about thirty different sessions on a variety of different topics related to healthcare IT, and with such a large concentration of healthcare professionals, the conversation was enriching. Here’s a recap from one of the most prolific topics regarding healthcare IT today: mobile. Preventative care and wellness In the session Key Success Factors to Delivering Population Health Management, Marilyn Follen and Kate Konitzer propose a new healthcare model for the future. This model is dependent on connectivity, rapid innovation, and proactive, wellness care. They propose that this focus will help stabilize or decrease costs compared to our reactive, episodic care as it currently stands. Dr. Nate Brady, the Director for Occupational Medicine at Mercy Medical Center focused his entire session on mobile health, and it’s effect on long term health and wellness programs. Citing rising health insurance costs as well as an increase in chronic conditions that are linked to lifestyle choices, he feels it’s important to link wellness coaching to technology. From one of his slides: “$2.4 Trillion (and rising) in U.S. healthcare costs. There is a lack…
It’s been a while since we checked in on the HHS Wall of Shame. At the time we discussed why Business Associates should invest in an independent HIPAA Audit (Jan 2012) , Business Associates were involved in 62% of the patient records breached. As of November 18, 2013, Business Associates (BAs) have been involved in 46.4% of the 27,772,675 patient records breached and reported to HHS with over 500 individuals affected[1]. Yes, that’s approaching 28 million patient records breached. Whether the smaller percentage of Business Associates involved can be attributed to better safeguards by BAs or the larger volume of PHI data breached by Covered Entities alone remains to be seen. Regardless of Business Associate involvement, data breaches involving over 500 patient records are widespread across the United States, including the District of Columbia and Puerto Rico. In fact, all but one state has reported at least one breach involving more than 500 Patient records, with California, Texas, and Florida the unfortunate “winners” of the most data breach incidents reported to date. Speaking to the reason behind the relentless focus on the need for encryption by HHS ONC Director Leon Rodriguez, the majority of PHI breaches involve theft or loss. In many…
It’s official! We have a new data center in Metro Detroit. We’ll be opening another world-class facility where we can continue to keep data safe and secure. We’re excited about the long road ahead of us with this new Michigan data center facility; the building is incredibly well fortified and will provide additional options for our clients. But with all that’s ahead, I believe we can sometimes lose sight of just how much goes into getting where we are. I had the opportunity to speak with Michael Kowal, our Director of Business Development, about what he does day in and day out to get us into these new spaces. Kowal’s process was explained to me as 4 legs on a stool. When he’s at a data center, there are four distinct categories he’s looking at: network, public utilities, tax base, and physical property. First is the network. Is there a good concentration of fiberoptics in the area? The second is the general utilities. “I try to get a feel for how the power is brought into the building” Kowal explained. “What’s the size of the utility feeders? What’s the redundancy look like both at the site and how it is…
If you missed the webinar panel discussion on managing emerging PCI security risks in the cloud with Brightfly, PCI Security Standards Council, Online Tech, and Catbird , you can now view the recording online. The panel discussed the role cloud service providers play in protecting cardholder data and the security issues involved. With Bob Russo from the PCI SSC (Payment Card Industry Security Standards Council) and Jason Yaeger of Online Tech, PCI Compliant Hosting provider, the webinar shares regulatory and technical perspectives to guide the development of a PCI compliant cloud. Webinar description: Organizations outsourcing card data to the cloud face significant security risks. As soon as an organization adds other players to the offsite card-management mix, ensuring compliance with the PCI Data Security Standard becomes increasingly challenging. Cloud users and cloud service providers need to understand what their roles and responsibilities are when it comes to protecting this data. Storing, processing and transmitting cardholder data in the cloud brings the cloud environment into scope for PCI DSS. For further guidance, read our PCI Compliant Hosting white paper. It discusses the impact of the PCI DSS standard on data centers and server infrastructure, describes the architecture of a PCI compliant data center both technically and contractually, and…