Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

A 2 Prong Strategy for Healthcare Security – Going Beyond Compliance

Posted on November 7, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This post is sponsored by Samsung Business. All thoughts and opinions are my own.

As if our security senses weren’t on heightened alert enough, I think all of us were hit by the recent distributed denial of service attacks that took down a number of major sites on the internet. The unique part of this attack was that it used a “botnet” of internet of things (IoT) devices. It’s amazing how creative these security attacks have become and healthcare is often the target.

The problem for healthcare is that too many organizations have spent their time and money on compliance versus security. Certainly, compliance is important (HIPAA Audits are real and expensive if you fail), but just because you’re compliant doesn’t mean you’re secure. Healthcare organizations need to move beyond compliance and make efforts to make their organizations more secure.

Here’s a 2 prong strategy that organizations should consider when it comes to securing their organization’s data and technology:

Build Enough Barriers
The first piece of every healthcare organization’s security strategy should be to ensure that you’ve created enough barriers to protect your organization’s health data. While we’ve seen an increase in targeted hacks, the most common attacks on healthcare organizations are still the hacker who randomly finds a weakness in your technology infrastructure. Once they find that weakness, they exploit it and are able to do all the damage.

The reality is that you’ll never make your health IT 100% secure. That’s impossible. However, if you create enough barriers to entry, you’ll keep out the majority of hackers that are just scouring the internet for opportunities. Building the right barriers to entry means that most hackers will move on to a more vulnerable target and leave you alone. Some of these barriers might be a high quality firewall, AI security, integrated mobile device security, user training, encryption (device and in transit), and much more.

Building these barriers has to be ingrained into your culture. You can’t just change to a secure organization overnight. It needs to be deeply embedded into everything you do as a company and all the decisions you make.

Create a Mitigation and Response Strategy
While we’d like to dream that a breach will never occur to us, hacks are becoming more a question of when and not if they will happen. This is why it’s absolutely essential that healthcare organizations create a proper mitigation and response strategy.

I recently heard about a piece of ransomware that hit a healthcare organization. In the 60 seconds from when the ransomware hit the organization, 6 devices were infected before they could mitigate any further spread. That’s incredible. Imagine if they didn’t have a mitigation strategy in place. The ransomware would have spread like wildfire across the organization. Do you have a mitigation strategy that will identify breaches so you can stop them before they spread?

Creating an appropriate response to breaches, infections, and hacks is also just as important. While no incident of this nature is fun, it is much better to be ahead of the incident versus learning about it when the news story, patient, or government organization comes to you with the information. Make sure you have a well thought out strategy on how you’ll handle a breach. They’re quickly becoming a reality for every organization.

As healthcare moves beyond compliance and focuses more on security, we’ll be much better positioned to protect patients’ data. Not only is this the right thing to do for our patients, it’s also the right thing to do for our businesses. Creating a good security plan which prevents incidents and then backing that up with a mitigation and response strategy are both great steps to ensuring your organization is prepared.

For more content like this, follow Samsung on Insights, Twitter, LinkedIn , YouTube and SlideShare.

The Waiting Room – A Patient’s First Impression

Posted on September 23, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This post is sponsored by Samsung Business. All thoughts and opinions are my own.

We’ve all heard about the importance of first impressions. They last a long time and happen very quickly. The same is true for a medical practice. Patients’ first impression of a medical practice is the waiting room and that impression can last a very long time. What have you done to improve your patients’ experience in the waiting room?

Instead of doing a bunch of small things in your waiting room, I suggest you focus on creating one specific WOW! factor that patients will remember. In many cases people are turning to digital signage to provide this wow factor. Combine amazing content with some amazing digital signage like a curved TV, 3D TV, or massive screen and you can quickly implement the WOW! factor in your waiting room.

These type of memorable experiences for patients in your waiting room are the fuel that feeds social media and physician rating services today. If you want patients to share their experience at your office on social media or rate you highly on the various physician rating websites, start by WOWing them in your waiting room. Almost all of your patients now arrive with a phone in their pocket which they can use while they wait to provide your practice a quality rating. Leverage that as an asset.

I’ve heard some people argue that digital signage isn’t valuable anymore in the exam room because patients all show up with their own smartphones and tablets. They argue that patients have their heads buried in their phones and so they never see the digital signage you put in the exam room. This couldn’t be further from the truth.

The reality is that most of us with smartphones have become quite habituated to what people call the second screen experience. More and more people are watching TV while playing on their smartphone. It’s normal for us to be processing what’s on a TV while keeping an eye on our smartphone at the same time. The same thing happens in the waiting room when you provide a compelling digital experience. We consume both the TV and our smartphone.

Leveraging a high-quality digital experience in your waiting room provides a better patient experience overall. What’s the worst part of a waiting room? You have to wait. What’s the solution? We all have experienced a long flight or car ride that felt like it was much shorter thanks to some sort of digital media experience. This same experience can be had by patients if you invest in the right digital signage and content. Shorter wait times lead to better physician ratings in ambulatory practices and better HCAHPS scores in hospitals.

How have you approached your waiting room? Is there something unique or interesting you’ve done that’s made the patient experience better? What kind of first impression are you making on your patients?

For more content like this, follow Samsung on Insights, Twitter, LinkedIn , YouTube and SlideShare.

Facebook in Healthcare

Posted on October 6, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

A story on Reuters reported late last week that Facebook is making an entry into the healthcare space. Here’s an excerpt from the article about Facebook’s plans for healthcare:

The company is exploring creating online “support communities” that would connect Facebook users suffering from various ailments. A small team is also considering new “preventative care” applications that would help people improve their lifestyles.

In recent months, the sources said, the social networking giant has been holding meetings with medical industry experts and entrepreneurs, and is setting up a research and development unit to test new health apps. Facebook is still in the idea-gathering stage, the people said.

This move is especially interesting when paired with the announcements of Apple Health, Samsung Health, and Google Fit (and a few other Google health initiatives like Calico). It’s not the first time that big corporations have seen an opportunity in healthcare (See Microsoft HealthVault and Google Health). However, we have yet to see any of these big corporations really make a dent on healthcare.

The reality for many of these large corporations is that they don’t realize the crazy complexities that exist in healthcare. Many like to site the healthcare privacy argument as a reason for their failure. No doubt, HIPAA and privacy are a challenge for these organizations. In fact, I can already hear the outcry of people talking about Facebook and privacy of their health data. Many don’t trust Facebook with privacy and with good reason. However, privacy is the least of the reasons why these big corporations have a challenge entering the healthcare space.

Remember that healthcare is a complex beast with the largest customer being the government (ie. Medicare and Medicaid). Healthcare is not a rational market. The government, employer owned health insurance, health insurance plans, etc etc etc all make healthcare extremely complex to navigate full of perverse incentives. Plus, how do you do an ROI on the value of saving someone’s life?

While I’m skeptical of any large corporation entering healthcare, I’m actually quite interested in what Facebook could do to help healthcare. No doubt, a lot of healthcare already exists on Facebook.

Just a few weeks ago I was running up an escalator to catch a flight and sliced my big toe from top to bottom (you should see the pics). Luckily TSA was really helpful and I made my flight. Once I got home, I assessed the damage and wasn’t sure if I should go get sutures or not. I turned to Facebook where I posted a picture of my toe and tagged a few of my doctor friends. Long story short, my doctor friends told me I should go to the doctor and quickly, because if I waited until the next day they wouldn’t be able to suture it.

This is a small example, but Facebook was really effective for me. In fact, I posted a follow up picture a few days later (you know how men always like to show off their scars) and a doctor friend told me it was healing well. Of course, many might say that it was a small flesh wound and so that’s not as big a deal to post on Facebook. Would I post me health details if I had some chronic condition?

The interesting thing is that chronic patients are more than happy to give up all privacy in search of a cure. Unfortunately, they have nothing to lose and everything to gain. It’s part of the reason why Patients Like Me has been so successful. Plus, Patients Like Me has proved that we want to take part in online support communities for our conditions.

We’ll see if Facebook can really execute on online support communities like they have on Patients Like Me. It will be a real challenge for them because it’s not the focus of the company. However, they’re obviously well connected to a lot of people that could and would benefit from these types of healthcare communities. No doubt many people on Facebook don’t visit or even know about sites like Patients Like Me.

I’ll be interested to see what Facebook does in this space. I think they’d be smart to roll it off into a separate product that focuses on things like privacy and security. Being tied to the Facebook brand is a huge liability in this case. Plus, the value of Facebook to a Facebook created healthcare community is not in the Facebook brand, but in the Facebook audience and reach.

Besides creating various healthcare communities similar to Patients Like Me, I think Facebook has a huge opportunity to use social pressure to influence healthcare decisions. Changing behavior is an extremely hard thing to accomplish. However, never underestimate the power of positive peer pressure. Peer pressure can be one of the most powerful ways to change people’s behavior. Unfortunately, it works for good and bad. Facebook has all of your peers mapped to you. Can Facebook use that to help you become healthier? If they can, they’ll be on to something.

What do you think of Facebook possibly entering healthcare?