2015 Could Be the Year of the Hospital Hack

schwit1 writes After Obamacare required hospitals to convert all health records into electronic files, those records are now very vulnerable, and experts expect hackers to target them in the coming years. From the article: "Along with vast troves of credit card information and celebrity snapshots, hackers stole a record number of medical records from U.S. health-care facilities this year. In 2015, attacks targeting health data will become even more common, according to security researchers....The cause of the uptick isn't hard to diagnose. Medical organizations across the world are switching to electronic medical records, and computer security is not always a high enough priority during the process, says Leonard. Besides that, he says, easy and fast access to medical information often trumps security."

Re:Cash Doctors

I take the "stay healthy" route. And, I do get the original record. He retains nothing. The folder comes in with me, he writes in it, and it never leaves my sight the entire time I am at the office. That's what our confidentiality agreement says happens. Those were my terms, and that's all there is to it. He's fine with it. I'm a big boy and I'm perfectly capable of keeping my own papers.

I haven't taken a prescription drug in years. Haven't needed to, again, because of the whole "stay healthy" thing.

Re:Cash Doctors

[ColdWetDog]

And the minute his malpractice carrier sees that, he will never be insured again.

You both may be big boys, but you're not lawyers. And lawyers trump big boys in this system.

Re:Oh, I wouldn't worry about it.

[jellomizer]

You sound like an MD.

Often the choice of the EMR isn't a rational choice, they put more thought into getting a new car then their EMR, even though it may cost more.

Mistakes.
1. Wrong Size. You have a small practice and you get the system meant for a large hospital. Because you figure you deserve the best. It would be like everyone buying a Mac Truck for their daily car needs, just because they may need that in the future. There are a lot of small EMR systems that are fast and easy to use, but doesn't cover everything under the sun.

2. Unwilling to change your workflow. I have seen too many doctors use their EMR systems and populate information at the end of the day. While they were meant to be used on a Laptop or tablet in Real Time. Once you get the software most people can navigate rather quickly.

3. Fixed Price in your head. They start shopping with a fixed price in their head... Often buying not on features but the one closest to the price.

4. Lack of imagination. Once you get the data digital, there is so much more you can do with the data. Statistical Analysis on effectiveness of procedures. Being able to request and get back results electronically, getting alerts from the hospital. etc....

Re:No

[nbauman]

easy and fast access to medical information often trumps security."

That's the attitude of a lot of corporations, and that's why there is so much successful hacking going on.

In a medical situation, that might be the right decision. If your patient turns up unconscious in the ER at 2am, or if you're covering for your partner and his patient turns up unconscious in the ER at 2am, easy and fast access might trump security.

There was a study a few years ago in which a hospital tried an electronic records system in a pediatric ICU, and the death rate went up. The system was too hard to use. Instead of just writing a prescription on a prescription pad, they had to log into the system and go through screens.

I don't think there's a practicing pediatrician in the country who would let a patient die in order to improve security.

Re:Oh, I wouldn't worry about it. BULLSHIT

[uslurper]

Thats just bullshit.

Meaningful Use is NOT a requirement. It is NOT Obamacare.
It is an incentive that actually gives money to organizations to help them implement EHR infrastructure.
In order to qualify, and to make sure that money is NOT WASTED, there are a number of requirements that must be met. Stage 1 MU is bone-headedly simple, and Stage 2 is pretty straight-forward. Stage 3 is not even written yet, but is likely to include reporting to show how it affects patient outcomes.

The idea of it all is to actively manage your patient population and to use analytics to improve patient outcomes. -And by doing so, you can actually reduce the total cost of healthcare.

The problems are 1: blood-sucking EHR vendors that charge millions and provide crap products. 2: dumbass healthcare administrators who are so involved with political back-stabbing that they totally fail to even attempt to get the free money available from MU

I've worked for a number of healthcare organizations over the last 10 years, and I've seen organizations both large and small not only succeed in MU funding, but thrive as well. (I've also witnessed others utterly fail)

I'm lucky to be part of one of the good organizations right now. yay!