by medicaltechont | May 24, 2014 | Cloud, EHR, Ontario, Privacy, Software, Technology, The Internet
Is your cloud (online web-based) application vulnerable to hackers? Do you even know if the OpenSSL security flaw and bug affected your important data? Are you paying attention to your investment? Or do you even care?
With many moving full steam ahead with cloud-based solutions, recent developments have casted a slight shadow on the security of patient data and how much risk a medical practitioner is willing to take with personal medical information in the cloud.
When you visit the doctor, nurse practitioner or other health professionals there is a trust developed; whereby your confidentiality is respected and observed. As a patient you assume that all efforts are taken to uphold that trust. You assume that your personal medical data is secure from the prying eyes of others. However do you really know if your personal information is safe? It’s amazing to know that so many regular individuals assume, in Canada, that their personal information, located within a Doctor’s office, is 100% safe and secure. But what happens if they find out that there was a breach in security? What happens if a patient came to view results of something extremely important, only available within your EMR or medical software, and your “Internet” connection is down? What do you tell the patient? Are you certain that your medical information is safe?
Read: Cisco and Heartbleed, A Class Action Lawsuit In The Making (Seeking Alpha)
Although the term “online web based billing software” is the new buzz word, not all solutions have to be cloud-based. Many use terms like “bill from anywhere“, or “use any web-browser“, yet there are alternatives, which still allow you to be in control or your data. Many companies will never tell you how often their networks are down. Fear is used scare individuals into thinking that their equipment is safe with their company. “ 99% up-time“, is the standard default line for most online and cloud providers. However, as a medical professional, you assume the risk to your reputation and medical license. Patients believe that “you” and your medical practice are in trust of their personal medical and critical information. We all know, once trust is broken it is often difficult to repair.
Good luck trying to blame your technical problems on others when your cloud application is down (offline), your web-based provider was hacked (losing personal patient information) or even have disappeared with your data (bankrupted). Some comments from online vendors are shown below.
” Sorry about that folks, someone literally drove over our Internet connection this morning and ripped it from the pole. Everything restored.”
“The six-hour outage of Cerner’s network late last month has raised fresh concerns about cloud hosting of patient records.”
“ Target ignored its own alarms—and turned its customers into victims of an epic hack“(Bloomberg Businessweek)
“EBay initially believed user data safe after cyberattack“(Toronto Sun)
If your medical patient records are in the cloud ask yourself the following questions.
- Who actually has your data?
- Where, on planet Earth literally, is your data located?
- Are their cloud servers in Canada? The U.S.? Overseas? Or in an undesirable location in another country?
- If your patient data is in a foreign country what laws govern access to that information?
- Who is actually looking at your entrusted patient data?
- What is the risk and liability to your medical practice?
When choosing a vendor, for your medical software, never assume that the data within their office. Ask questions, first and never assume. Servers could be anywhere.
“If the cloud that hosts your data has servers in a foreign country, the laws of that foreign country may govern your data when stored in that server.”
Think of a more balanced approach to medical file management and health records. There are options to mobility that will not compromise your medical data. Just because it looks cheap, bleeding edge and downright “cool”, does it make it the best solution for you?
You can survive without your Facebook page, even Microsoft Word online for a while, but what about your medical records, lab reports and more; in relation to your office, or hospital? Under some certifications and requirements today EMR is considered a medical device; which must operate and function in a specific manner. If medical records and software were like a pace-maker, how much risk would you take?
by medicaltechont | Oct 10, 2012 | e-Health, eHealth, Healthcare, Hospitals, Ontario, Technology
The case for electronic medical records is compelling: They can make health care more efficient and less expensive, and improve the quality of care by making patients’ medical history easily accessible to all who treat them.
Small wonder that the idea has been promoted by the Obama administration, with strong bipartisan and industry support. The government has given $6.5 billion in incentives, and hospitals and doctors have spent billions more.
But as health care providers adopt electronic records, the challenges have proved daunting, with a potential for mix-ups and confusion that can be frustrating, costly and even dangerous.
Some doctors complain that the electronic systems are clunky and time-consuming, designed more for bureaucrats than physicians. Last month, for example, the public health system in Contra Costa County in California slowed to a crawl under a new information-technology system.
Read more
by medicaltechont | Mar 25, 2010 | Healthcare, Ontario MD, Technology
By Anne-Marie Tobin (CP) – Mar 24, 2010
TORONTO — As Donna Hammill-Chalk undergoes treatment for breast cancer, she can log onto the website at Sunnybrook Health Sciences Centre in Toronto, type in a username and secure password, and gain access to her medical records.
In Prince Edward Island, her mother, who was diagnosed with breast cancer in December, doesn’t have electronic records – but if they existed, it would be easier for her to share updates on her condition and treatment with her four grown children living in different parts of the world.
“Cancer – you lose all control and you can get some control back by having access to your information,” Hammill-Chalk said in an interview Wednesday from her home in Markham, Ont., where she is recovering from a mastectomy.
“I think in this day and age, patients need to take ownership and accountability for managing their own care. And you can’t do that if you don’t have the information.”
She tells her story in a report card on cancer, released by the Cancer Advocacy Coalition of Canada. The report also calls for more funding for cancer drugs, bans everywhere on smoking in cars with kids and more genetic testing so treatments can be targeted to those who will benefit.
Dr. Pierre Major, chair of the report card committee, said the electronic records system at Sunnybrook, known at MyChart, is the only one he’s aware of that’s available to cancer patients in Canada.
Physicians there have told him they’re happy with it, he said.
“It’s great because patients look up in their chart what the results are, and it saves phone calls. The patients are happy because they can access their results or even change their appointments.”
It’s something that Marlene Nicholson, who lives in Bedford, N.S., can only wish for as she helps her mother navigate the health-care system. She’s Hammill-Chalk’s sister, and has made the three-hour drive to Lower Freetown, P.E.I., on numerous occasions in recent months to support their 69-year-old mom, Margaret Hammill, during her medical appointments.
With one sister in Ontario, another in Bahrain, and a brother in California, she has to relay a lot of information, Nicholson said.
“When the siblings are at a distance, yes, it would be great to be able to just say ‘OK, go here’ or ‘Mom has a password’ or whatever it takes, or if we could send a file … everybody can have access to it.”
Read More
by medicaltechont | Mar 12, 2010 | Apple, Hardware, Microsoft, Technology
By Larry Dignan
The questions of the day are really quite simple: Should you preorder a device you’ve never touched, played with or used in any fashion? And will gadget lust trump logic?
That’s what everyone is wondering. It’s the curse of the early adopter. The logic goes like this:
- I have to preorder the iPad or I may not get one.
- OK, so I’ve never tried it but man it looks good.
- But I want to be the coolest geek on the block.
- And it’s revolutionary.
- No wait, do I really want to plunk down $499.
- Oh why not I’ll order two.
Read More
by medicaltechont | Mar 12, 2010 | Healthcare, Technology
The unprecedented level of detail in EMR clinical data opens new possibilities for defining clinical quality measures in more clinically meaningful ways. However, more detailed data can cause difficulties in ensuring that data across institutions are comparable, according to an article in the online March edition of the Journal of Medical Informatics Association.
Michael G. Kahn, MD, department of pediatrics at the University of Colorado in Denver and Daksha Ranade from the department of clinical informatics at The Children’s Hospital in Aurora, Colo., sought to examine the impact of billing and clinical data extracted from an EMR system on the calculation of an adverse drug event (ADE) quality measure approved for use in The Joint Commission’s ORYX program, a mandatory national hospital quality reporting system.
http://www.healthimaging.com/index.php?option=com_articles&view=article&id=21163:jamia-more-detailed-emr-data-may-make-comparisons-difficult-XX
The Child Health Corporation of America‘s (CHCA) “Use of Rescue Agents—ADE Trigger” quality measure uses medication billing data from 48 nonprofit free-standing children’s hospitals in the U.S. contained in the Pediatric Health Information Systems (PHIS) data warehouse and was used to create The Joint Commission-approved quality measure, according to the authors.
“Using a similar query, we calculated the quality measure using PHIS plus four data sources extracted from our EMR system:…Four versions of the ‘Use of Rescue Agent – ADE Trigger’ quality measure’s numerator and denominator events were developed as SQL-based queries against the EPIC EMR system:
Read More
