HealthTech Magazine - Technology Solutions That Drive Healthcare en Hackers Tap Deep Learning and AI for Nefarious Purposes <span>Hackers Tap Deep Learning and AI for Nefarious Purposes</span> <span><span lang="" about="/dashboard/hanorahsrihari18081" typeof="schema:Person" property="schema:name" datatype="" content="hanorah.srihari_18081">hanorah.srihar…</span></span> <span>Fri, 05/24/2019 - 16:34</span> <div><p>As researchers and healthcare organizations continue to explore how artificial intelligence might support diagnostic efforts and save doctors time by automating some tasks, radiology has emerged as a field where the technology shows great promise. </p> <p>AI and its subsets, deep learning and machine learning, are “being used in radiology in a number of ways, such as computer-aided detection for cancer, auto-segmentation of organs in 3D postprocessing, natural language processing to facilitate critical results reporting, consultation of best guidelines for recommendations, and quantification and kinetics in postprocessing,” <a href="">according to </a><em><a href="">Radiology Today</a>.</em></p> <p>This combination of AI-assisted data paired with human intelligence and insight is promising for the field.</p> <p>“Adding information acquired from AI algorithms to our reporting and workflow can significantly improve patient care,” Dr. Bibb Allen, chief medical officer of the American College of Radiology’s <a href="" target="_blank">Data Science</a> Institute, tells the publication. “AI can find patterns in data that humans cannot see. This applies to image data, nonimage data such as predicting patient no-shows, or improving workflow.”</p> <p><a href="">AI can also help train radiologists</a>. For example, a team of researchers from the <a href="" target="_blank">Massachusetts General Hospital</a> and <a href="" target="_blank">Brigham and Women’s Hospital Center for Clinical Data Science</a> (CCDS) and the Rochester, Minn.-based <a href="" target="_blank">Mayo Clinic</a> are using generative adversarial networks (GANs) to train neural networks. Using <a href="" target="_blank">NVIDIA’s</a> AI platform, they’ve developed a deep-learning model that can generate accurate and reliable synthetic images of abnormal brain MRIs using public data sets to train an AI system. </p> <p>“A model can essentially compress the information you have in the data to start with,” CCDS Director Adam McCarthy tells <em>HealthTech</em>. “The more data you have and the better quality you have, the better your results and model will be.”</p> <p>But researchers have also discovered a more nefarious use for the technology. </p> <h2>The Concerning Security Vulnerability in Imaging Systems</h2> <p>According to a <a href=";user=A0LUsmUAAAAJ&amp;view_op=list_works&amp;sortby=pubdate#d=gs_md_cita-d&amp;u=%2Fcitations%3Fview_op%3Dview_citation%26hl%3Den%26user%3DA0LUsmUAAAAJ%26sortby%3Dpubdate%26citation_for_view%3DA0LUsmUAAAAJ%3Aj8SEvjWlNXcC%26tzom%3D240" target="_blank">new study</a> by cybersecurity researchers at Ben-Gurion University of the Negev in Israel, cybercriminals can alter 3D medical scans to remove existing medical findings or add false ones using deep learning. It’s possible, they said, that an attacker could use malware to modify 3D medical imagery using deep learning in order to commit insurance fraud, falsify research evidence or even murder someone by hiding cancer that would otherwise be treated. </p> <p>Sound unbelievable? In fact, both radiologists and AI software were highly susceptible to CT-GAN’s image tampering attacks in the researchers’ covert penetration test, which was conducted in an active hospital network. The attack had an average success rate of 99.2 percent for cancer injection and 95.8 percent for cancer removal. The AI was fooled every time, while radiologists fared slightly better. But that could be due to diagnosis errors, such as missing an inserted nodule. Although knowledge of the attack can help mitigate some cases of cancer injection, the error rates and confidence scores suggest that the attack may not be reported in most cases, the researchers concluded.</p> <p><a href="" target="_blank" title="How 3D Technology Is Transforming Medical Imaging"><em><strong>MORE FROM HEALTHTECH</strong>: Gain a greater understanding of how 3D technology is transforming medical imaging.</em></a></p> <h2>How to Prevent and Identify Imaging Attacks</h2> <p>To guard against DICOM medical file tampering, administrators should secure data in motion by enabling encryption between the hosts in their picture archiving and communication system (PACS) network using proper SSL certificates. </p> <p>“This may seem trivial,” the researchers wrote in their report. “But after discovering this flaw … we turned to the PACS software provider for comment. The company, with over 2,000 installations worldwide, confirmed to us that their hospitals do not enable encryption in their PACS because ‘it is not common practice.’” And some PACS don’t support encryption at all. </p> <p>Here’s how researchers recommend staying ahead of imaging system hacks:</p> <ul><li><strong>To secure data at rest</strong>, administrators should keep servers and anti-virus software on modality and radiologist workstations up to date, and limit the PACS server’s exposure to the internet. </li> <li><strong>To detect tampering</strong>, enable the field for applying a digital signature if your PACS software provider offers that feature. Then, administrators should check that valid certificates are being used and that the radiologists’ viewing applications are indeed verifying the signature. </li> <li><strong>To test the integrity of images</strong>, add a digital watermark — a hidden signal embedded into an image that would be corrupted by tampering — to indicate a loss of integrity. Detecting photo response nonuniformity may be an easier method, because it only needs to be implemented at the endpoint viewing application. </li> </ul><h2>As Offensive Security Tactics Evolve, So Must Defensive Tools</h2> <p>Cybersecurity best practices is a term that’s almost an oxymoron, given how often and rapidly attackers shift their tactics in response to new security solutions. For example, <a href="">a generation of “polymorphic” malware</a>, designed to elude security detection, is now assaulting networks worldwide.</p> <p>The problem is that healthcare is particularly vulnerable to attacks, in part because large machines, such as MRIs, often run on old operating systems that no longer receive updates and patches. </p> <p>This became clear during the 2017 WannaCry ransomware attack, which targeted computers running outdated versions of the Microsoft Windows operating system, encrypting data and demanding ransom payments in bitcoin. Good defensive practices include <a href="">updating software whenever possible</a>, backing up data regularly and isolating older machines so they can’t infect other systems if they’re breached.</p> <p>“What has changed is the diversity of evasive tactics that attackers employ and the frequency with which they use them,” Lenny Zeltser of the <a href="" target="_blank">SANS Institute</a> recently told <em><a href="">HealthTech</a></em>. “Our adversaries aren’t standing still.” </p> <p>Neither, experts agree, can healthcare organizations’ security tactics.</p> </div> <div> <div class="field-author"><a href="/author/gienna-shaw" hreflang="en">Gienna Shaw</a></div> </div> Fri, 24 May 2019 20:34:11 +0000 hanorah.srihari_18081 42541 at What Shifting Health Plan Models Will Mean for IT <span>What Shifting Health Plan Models Will Mean for IT</span> <span><span lang="" about="/dashboard/hanorahsrihari18081" typeof="schema:Person" property="schema:name" datatype="" content="hanorah.srihari_18081">hanorah.srihar…</span></span> <span>Thu, 05/23/2019 - 10:34</span> <div><p>An intuitive web of connected devices that leverage preventive medicine and patient data has big implications — not only for cost-conscious consumers seeking greater control but also for the survival and profitability of health plans in a crowded marketplace. </p> <p>That’s the focus of a Deloitte report, “<a href="" target="_blank">The Health Plan of Tomorrow</a>,” which maps out challenges for traditional plans and urges them to invest in <strong>IT tools and strategies that could shift the nature of patient care</strong>. </p> <p>After all, it won’t be long before a person with asthma might wake up to a smartphone alert about the morning pollen count. <strong>With access to a patient’s phone contacts and calendar</strong>, a scheduling function can suggest moving an early outdoor jog to the afternoon, when conditions may improve. Another tracking app might detect a low supply of inhalers, triggering a home delivery. </p> <p><a href="" target="_blank"><em><strong>MORE FROM HEALTHTECH: </strong>Learn how telehealth programs can evolve to meet patient needs.</em></a></p> <p>Such interoperability requires coordination and money. </p> <p>“Think about all the elements that have to come together,” says David Biel, a Deloitte principal who spoke to <em>HealthTech</em> about the report. “Traditional provider and <strong>health plan executives should really be thinking about these future scenarios</strong> and how the shifts are going to impact them.”</p> <p>A key player in this transformation: IT teams that must make sense of proliferating options, persuade hesitant executives and deploy the right tools to work effectively and in sync. </p> <p>Biel, a former software developer, explained what these teams must consider when doing so. </p> <h2 id="toc_0">Support and Invest in Digital Transformation</h2> <p>As nimble, tech-centric players of all sizes seek a share of the health plan market, legacy plans that have relied on traditional models must shake off past practices and outdated technology.</p> <p>“In order to do that, they have to <strong>focus a portion of their time and energy and dollars on pivoting their businesses</strong> to take advantage of a new health economy,” Biel says. Groups may consider investing in AI and analytics, automation, blockchain and cloud technologies.</p> <p><strong>Giving IT teams a prominent seat at the table</strong> can help achieve buy-in from executives. The technologies are meant to reduce cost of care, streamline processes and achieve better outcomes, but they won’t necessarily bring short-term returns on investment, Biel notes. </p> <h2 id="toc_1">Hire Forward-Thinking Tech Talent</h2> <p>Beyond having sharp IT leaders at the forefront, it’s also key to hire smart, adaptable employees that can handle <strong>shifting daily tasks and new workflows.</strong></p> <p>A worker’s duties, for example, may evolve from processing individual claims to managing and reviewing outputs from automated technology designed to outsource those once-manual tasks.</p> <p>Access to an increasingly vast data pool will also require IT teams to be nimbler and <strong>more comfortable among a variety of sources and platforms</strong> to direct the necessary information to support care and claims staff. </p> <p>What’s more, patient privacy concerns, as well as regulatory and compliance issues, must be considered as new data collection tools flourish. Health plans, the report notes, need <strong>a strong information governance philosophy</strong> that defines data elements and the rules that guide their use across applications.</p> <p>Still, Biel says that consumerism and the ease of personal technology <strong>has allowed many patients to feel comfortable sharing more data.</strong> IT teams must help craft that message in a way that is advantageous for the consumer and that also helps health plans with their top and bottom lines.</p> <p>Such information has value: The report points out that data <strong>collection could help health plans tap new revenue streams</strong> through monetization of information, customized offerings and algorithms to help reduce errors and offer incentives based on healthful behaviors, among other objectives. </p> <h2 id="toc_2">Embrace Outside Collaboration</h2> <p>Big tech companies and small startups have a deep knowledge of consumer behavior and emerging technologies. They’re also free from traditional business-model constraints that might keep legacy health plans stalled at the starting line.</p> <p>That’s why health plans and providers possessing the lion’s share of patient data <strong>must be open to working with both disruptors and competitors.</strong> The report cites the recent news of Amazon, JPMorgan Chase and Berkshire Hathawa<a href="">y creating a joint venture to overhaul healthcare</a> for their 1.1 million employees. That, no doubt, required IT staffs to abandon their respective silos.</p> <p>“The new health economy will be driven by the traditional players partnering with each other in a much more collaborative way,” Biel says. <strong>“The infrastructure is not going to reside in the walls of these organizations</strong>; it’s going to need to be deployed ubiquitously and globally to allow the interoperable connected data sources to come together to allow the new models to form.”</p> </div> <div> <div class="field-author"><a href="/author/kevin-joy" hreflang="en">Kevin Joy</a></div> </div> Thu, 23 May 2019 14:34:48 +0000 hanorah.srihari_18081 42531 at What Is the HIMSS Infrastructure Adoption Model and Why Should You Care? <span>What Is the HIMSS Infrastructure Adoption Model and Why Should You Care?</span> <span><span lang="" about="/dashboard/philgoldstein6191" typeof="schema:Person" property="schema:name" datatype="">phil.goldstein_6191</span></span> <span>Wed, 05/22/2019 - 11:31</span> <div><p>Last fall, HIMSS Analytics announced the launch of a new maturity model designed to<strong> assess the IT foundational readiness of healthcare organizations</strong>. The effort — <a href="" target="_blank">dubbed the Infrastructure Adoption Model (INFRAM) </a>— enables providers to measure the stability of their technology base, which is particularly important as more and more organizations turn to digital solutions to innovate the clinician and patient experiences.</p> <p>The model reviews five areas of an organization’s infrastructure: <strong>collaboration, data center, mobility, security and data transport</strong>. It is complementary to HIMSS Analytics’ other maturity models — the <a href="" target="_blank">Electronic Medical Record Adoption Model</a> (EMRAM), the <a href="" target="_blank">Analytics Maturity Adoption Model</a> and the <a href="" target="_blank">Continuity of Care Maturity Model</a> — all of which help to ensure organizations are on the right track when it comes to EHR deployment, leveraging the growing pool of analytics resources and coordinating care across a variety of settings. </p> <p><a href="" target="_blank">INFRAM</a> stands apart from its sister models, however, <strong>because it sets the tone for all of them</strong>. Without the proper data center setup, new EHRs won’t be effective. Without the proper mobility infrastructure in place, organizations could struggle to collect data in real time — and without the proper security foundation in place, IT staff and other employees can’t focus their attention where it needs to be: on the patient.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="IT%20Infrastructure_IR_1%20(2)_0.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> <h2 id="toc_0">Partnership with Cisco Gets to the Heart of Provider Needs</h2> <p><a href="" target="_blank">Cisco</a>, which <a href="" target="_blank">worked with HIMSS Analytics on development of the model</a>, talked about INFRAM’s potential impact at the annual HIMSS conference in Las Vegas in 2018, saying that i<strong>t could help to guide organizations beyond the level of healthcare-specific applications</strong>.</p> <p>“We wanted to really create a maturity model or an adoption model that linked the infrastructure to the performance and capability of business and clinical processes,” Barbara Casey, global healthcare and life sciences director for Cisco, <a href="">told <em>HealthTech</em> at the conference</a>. “The EMRAM really gets to those business and clinical processes, but what we’ve found is, really, working with customers over the years, if they didn’t have the right layers of infrastructure or the right sophistication modernization and the level of a modern network, there were a lot of point solutions that just wouldn’t work.”</p> <p>Taking it a step further, Casey said that <strong>infrastructure investments are not optional to take care innovation to the next level</strong>. “IT teams really understand the necessity for this,” she said. “Where we’re trying to raise awareness is with clinicians and business leaders.”</p> <p>While the holy grail for participating organizations is to achieve Stage 7 status on the model, its true value is in ensuring providers’ technology implementations aren’t derailed by ignored or overlooked elements. Within each of the five primary domains are subdomains that dig into specifics to maximize optimization. For instance, within data transport, Casey pointed out, are the subdomains of campus connectivity, secure remote access, traffic optimization, quality of service and more.</p> <p>“We help the customer actually plan what their next investments are going to be in order to modernize their network,” she said.</p> <p><strong>The devil is in the details, but with the proper planning, it doesn’t have to be.</strong></p> <p><em>This article is part of </em>HealthTech<em>’s <a href="">MonITor blog series</a>. Please join the discussion on Twitter by using <a href="">#WellnessIT</a>.</em></p> <p><em><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="MonITor_logo_sized.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></em></p> </div> <div> <div class="field-author"><a href="/author/jonathan-karl" hreflang="en">Jonathan Karl</a></div> </div> Wed, 22 May 2019 15:31:10 +0000 phil.goldstein_6191 42526 at Why Healthcare Is Warming Up to Cloud-Based Security Solutions <span>Why Healthcare Is Warming Up to Cloud-Based Security Solutions</span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Thu, 05/16/2019 - 16:20</span> <div><p>According to a recent <a href="" target="_blank">survey</a> by Reaction Data, <strong>more than 70 percent of responding healthcare executives</strong> say the IT industry is headed for the cloud, with a majority (29 percent) citing security as the top consideration in moving.</p> <p>Along those lines, <strong>a growing number of healthcare providers say they have no qualms about implementing cloud-based security solutions</strong> because of the maturity of Software as a Service tools.</p> <p>Ram Ramadoss, vice president for privacy, information security and EHR compliance at <a href="" target="_blank">CommonSpirit Health</a> (formerly Catholic Health Initiatives) in Englewood, Colo., notes that <strong>cloud security vendors have a robust infrastructure and make sure their environment is solid and hardened</strong>.</p> <p>“From an availability perspective, these tools are operating at a high maturity level,” he says. “They have <strong>robust controls</strong>, so it definitely makes it much easier to achieve compliance with major regulations like PCI and HIPAA from day one.”</p> <p>Michael Gaskin, CIO for Madera County, Calif.-based <a href="" target="_blank">Camarena Health</a>, agrees. When <a href="" target="_blank">Proofpoint</a> released its <a href="" target="_blank">Data Discover</a> data loss prevention software in the cloud, he didn’t hesitate because <strong>the Proofpoint email security software he deployed in house was solid</strong>.</p> <p>“We rely on cloud tools to ensure that our email is protected, data loss is at a minimum and protected health information is secured by our organizational policies,” he says. “Given their history, <strong>I had zero hesitation on moving some of their services to the cloud</strong>.”</p> <p><em><a href="" target="_blank"><strong>MORE FROM HEALTHTECH: </strong>Here’s our checklist for staying HIPAA-compliant in the cloud.</a></em></p> <h2 id="toc_0">Email Security Issues Loom Large for Providers</h2> <p>Email protection, of course, is an essential element to any organization’s cloud security strategy. But <strong>in Q4 2018, healthcare providers faced 96 email fraud attacks on average, a 473 percent increase from Q1 2017</strong>, according to Proofpoint’s 2019 “Email Fraud in Healthcare” <a href="" target="_blank">report</a>. Additional daunting figures from the report include:</p> <ul><li><strong>95 percent of healthcare providers</strong> say they were targeted by an attack using their own trusted domain.</li> <li><strong>Nearly half (49 percent) of healthcare organizations</strong> were targeted in email fraud attacks using at least five spoofed identities.</li> <li><strong>77 percent of healthcare organizations</strong> say they had more than five employees targeted by email fraud.</li> </ul><p>To that end, <strong>cloud-based security is a more enticing option for some providers</strong>, Frank Dickson, research vice president of IDC’s security products research practice, <a href="">tells <em>HealthTech</em></a>.</p> <p>“Now, almost anything you can do on-premises, you can do in the cloud,” he says. “You may not have a fully baked IT staff in every location, so <strong>the cloud enables simplification and the ability to cover a greater number of facilities</strong>. It’s less for you to manage and provides for greater efficiency and effectiveness.”</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> <p>One company taking advantage of the shift in mindset is <a href=";searchscope=all&amp;sr=1" target="_blank">Imprivata</a>, which in late April <a href="" target="_blank">announced</a> that it is creating an identity and access management cloud platform specifically for healthcare in a collaboration with <a href="" target="_blank">Microsoft</a>. For the first part of the collaboration, <strong>Imprivata launched Healthcare Seamless SSO</strong>, which allows individuals to use badges to tap into <a href="" target="_blank">Office 365</a>, as well as applications connected to the <a href="" target="_blank">Microsoft Azure Active Directory</a>.</p> <p>“<strong>Users can access all the applications they need to do their job</strong>, whether on-premises or in the cloud, using the existing badge tap workflows,” Imprivata CTO Wes Wright says in an <a href="" target="_blank">interview</a> posted to company’s website. “Even if they’re on a shared clinical workstation, they now have their applications. When they click on Outlook or Teams, it’s their Outlook or Teams.”</p> </div> <div> <div class="field-author"><a href="/author/wylie-wong" hreflang="en">Wylie Wong</a></div> <div class="field-author"><a href="/author/dan-bowman" hreflang="en">Dan Bowman</a></div> </div> Thu, 16 May 2019 20:20:52 +0000 daniel.bowman_26806 42521 at Healthcare Providers Must Ensure All Angles Are Covered During Network Upgrades <span>Healthcare Providers Must Ensure All Angles Are Covered During Network Upgrades</span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Wed, 05/15/2019 - 14:37</span> <div><p>According to a <a href="" target="_blank">survey</a> of <a href="" target="_blank">Association for Executives in Healthcare Information Technology</a> members published earlier this year, <strong>wireless network quality continues to grow as a priority for provider organizations</strong>, especially with the proliferation of wireless biomedical devices.</p> <p>However, wireless upgrades for healthcare organizations <strong>require planning on multiple fronts</strong>, and not just by IT and networking leaders.</p> <p>“If you have an issue, you can’t just shut down your wireless system,” Jennifer Covich Bordenick, CEO of eHealth Initiative, <a href="">tells <em>HealthTech</em></a>. “There’s no downtime for improving your network, so it can be tough work. And that requires a lot of upfront time thinking through what you need the network to do now, as well as <strong>planning for future capabilities</strong>.”</p> <p>Healthcare IT leaders have <strong>several recommendations</strong> to ensure that all angles are covered.</p> <p><a href=""><b><i>MORE FROM HEALTHTECH:</i></b><em> </em></a><a href="" target="_blank"><em>Discover how healthcare organizations are boosting network capacity to meet IoT demand.</em></a></p> <h2 id="toc_0">Define Investment Requirements, But Consider More Than Cost</h2> <p>For instance, Laura Bagus, vice president of IT at <a href="" target="_blank">Ann &amp; Robert H. Lurie Children’s Hospital of Chicago</a>, says that it helps to <strong>first define business requirements, skill sets, and capital and operating investment</strong>.</p> <p>“And make sure to <strong>include not just your networking team but also organizational stakeholders in the entire process and selection</strong>. It helps with the adoption of change if that is the outcome,” she says.</p> <p>Jake Dorst, chief information and innovation officer at Truckee, Calif.-based <a href="" target="_blank">Tahoe Forest Health System</a>, says <strong>organizations shouldn’t rule out smaller, lesser-known applications</strong>.</p> <p>“Your team really needs to <strong>get down in the weeds with your end users</strong> to find out what is the one-off piece of software that they have on their computers that they absolutely have to have,” says Dorst, whose organization recently switched to a mobile-first healthcare network from <a href="" target="_blank">Aruba</a>.</p> <p>Meanwhile Dominic Freeman, network manager at <a href="" target="_blank">Community HealthCare System</a> in Onaga, Kan., says decision-makers would be wise to <strong>consider more than just the initial price</strong>.</p> <p>“Consider how well the vendor is going to support it and the lifecycle costs,” says Freeman, whose organization is in the midst of standardizing its entire switch and wireless infrastructure on <a href=";enkwrd=cisco+meraki" target="_blank">Cisco Meraki</a> solutions. “Not just what you have to pay out of pocket but the <strong>costs you’ll avoid and the fact that you’ll be able to provide more efficient and better support</strong>.”</p> <p>Dorst and Tahoe Forest Health System applied the latter thinking to their effort. <strong>The health system was facing a $1.8 million network refresh</strong> to stay on a previous platform, which would also have included purchasing security and management software tools to go with it.</p> <p>According to Dorst, <strong>the health system would have incurred more than $2.5 million in estimated fees</strong> to remain on the previous platform over the next five years, including hardware costs.</p> <p>In moving to its new platform — which was a complete replacement instead of a refresh and included the software and hardware required for security — the health system estimates <strong>it will save between $750,000 and $1 million over the next five years</strong>. What’s more, Dorst expects the new vendor’s hardware to be supported on average about two years longer than Tahoe Forest’s previous vendor.</p> <p>“We are a small team, so <strong>this is going to save us time and free up resources so we can really start digging into the new features</strong> and setting up more automation, which will allow us to focus that much more of our time on other key IT areas and supporting our users,” he tells <em>HealthTech</em>.</p> </div> <div> <div class="field-author"><a href="/author/heather-b-hayes" hreflang="en">Heather B. Hayes</a></div> <div class="field-author"><a href="/author/dan-bowman" hreflang="en">Dan Bowman</a></div> </div> Wed, 15 May 2019 18:37:58 +0000 daniel.bowman_26806 42516 at StoneGate Boosts ROI <span>StoneGate Boosts ROI</span> <div><p>StoneGate Senior Living — which operates communities in Texas, Oklahoma and Colorado — updated its data center, deploying a new hyperconvergence appliance. The revamped infrastructure improved its ability to deploy analytics and monitor the kinds of patients it serves and calculate their clinical outcomes.</p> </div> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Wed, 05/15/2019 - 13:23</span> <div> <div>Tweet text</div> <div>A @nutanix #hyperconvergence setup at @StonegateSrLvg allows it to better monitor its #patient populations and improve care efficiency.</div> </div> <div> <div>Video ID</div> <div><p>1653964196</p> </div> </div> <div> <div>video type</div> <div><a href="/taxonomy/term/7391" hreflang="en">Case Study</a></div> </div> <div> <div>CDW Activity ID</div> <div><p>MKT25523</p> </div> </div> <div> <div>CDW VV2 Strategy</div> <div>Data Center</div> </div> <div> <div>CDW Segment</div> <div>Healthcare</div> </div> <div> <div>Customer Focused</div> <div>True</div> </div> <div> <div>Buying Cycle</div> <div><a href="/taxonomy/term/7441" hreflang="en">Awareness</a></div> </div> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="" data-title="A @nutanix #hyperconvergence setup at @StonegateSrLvg allows it to better monitor its #patient populations and improve care efficiency." data-via="CDW_Healthcare" data-button-background="none"> <span> <span>May</span> <span>15</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="" data-title="A @nutanix #hyperconvergence setup at @StonegateSrLvg allows it to better monitor its #patient populations and improve care efficiency." data-via="CDW_Healthcare" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="" data-title="A @nutanix #hyperconvergence setup at @StonegateSrLvg allows it to better monitor its #patient populations and improve care efficiency." data-via="CDW_Healthcare" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href=";" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div> <div>Pull Quote</div> <div> <p class="quote"><a href="node/"> Because of these new technologies, we are able to deploy analytics on a population of patients which give us answers within a day that we used to have to wait a quarter for. </a></p> <img src="/sites/" width="60" height="60" alt="Brandon Jackson, StoneGate Senior Living" typeof="foaf:Image" /> <p class='speaker'> <span>Brandon Jackson</span> VP of Financial and Business Intelligence, StoneGate Senior Living </p> </div> </div> Wed, 15 May 2019 17:23:32 +0000 daniel.bowman_26806 42511 at Tips to Hack Your Healthcare Security Strategy <span>Tips to Hack Your Healthcare Security Strategy </span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Mon, 05/13/2019 - 12:46</span> <div><p>It’s been a long time coming: <strong>Health institutions now consider cybersecurity a serious patient safety issue</strong> that is core to healthcare’s overall mission. This is a marked change from the earlier part of the decade when cybersecurity was more of an afterthought, tacked on to IT budgets for HIPAA compliance or to secure Meaningful Use funding in support of electronic health record implementations.</p> <p>This sea change could not come soon enough. Health institutions are <strong>under continuous attack</strong> by both financially motivated and state-sponsored threat actors who cause significant financial damage to the industry while eroding patients’ confidence in their healthcare providers’ abilities to protect their most sensitive data.</p> <p>According to a <a href="" target="_blank">study</a> from <a href="" target="_blank">IBM</a> Security and the Ponemon Institute, the cost of a data breach for healthcare organizations rose <strong>from $380 per breached record in 2017 to $408 per record in 2018</strong>, the highest cost, by some distance, of all industries measured. The same study found health consumers to be the most likely to change providers following a data breach.</p> <p>Perhaps the most concerning cybersecurity challenge facing the healthcare industry is the <strong>growth of email fraud</strong>, a phenomenon that includes business email compromise and a range of identity deception threats. According to the FBI, BEC alone has cost organizations <a href="" target="_blank">$12.5 billion globally</a> — yes, billions — since 2013.</p> <p><a href="" target="_blank"><em><strong>MORE FROM HEALTHTECH: </strong>Discover how Camarena Health relies on Proofpoint solutions and other tools to optimize its security setup.</em></a></p> <h2 id="toc_0">Preying on Fear and Trust to Exploit Users</h2> <p><strong>Email fraud preys on fear, trust and the desire to be helpful</strong>, creating opportunities for threat actors to steal money and valuable information, or launch phishing or malware attacks.</p> <p>These socially engineered attacks seek to exploit those who have made it their mission to protect patients. <strong>These events are highly targeted and use identity deception tactics such as spoofing and fake email chains</strong> to pose as trusted colleagues or business partners over email. This was illustrated by a recent ransomware attack in which cybercriminals purported to be from the <a href="" target="_blank">Centers for Disease Control and Prevention</a>. This particular campaign included an email news flash warning of a flu pandemic and offered guidance to contain the outbreak.</p> <p>Unfortunately, the “guidance” was a link that downloaded <strong>GandCrab ransomware</strong>. The very qualities that draw people to the healthcare profession, however — an unwavering focus on patient safety and public health — also create human vulnerabilities to cyberattacks like this one.</p> <h2 id="toc_1">How Healthcare Organizations Are Targeted</h2> <p>As in the CDC example, <strong>cybercriminals use a variety of techniques, often in tandem, to launch email fraud attacks</strong>. Here are the most common:</p> <p><strong>Display-name spoofing:</strong> Threat actors favor webmail services, such as Gmail, because they’re free and easy to use. In email fraud, attackers often simply change the display name of the email sender. (Email display names are unrelated to the actual email address being used; they can be anything the sender wants them to be.) Over the course of 2017 and 2018, <a href="" target="_blank">Proofpoint found that</a> <strong>33 percent of email fraud across healthcare used,,, or addresses</strong>.</p> <p><strong>Domain spoofing:</strong> Another common tactic involves sending fraudulent email from the organization’s own trusted domain. This is called domain spoofing. <strong>Criminals spoof healthcare-owned domains</strong> to target an organization’s staff, patients and business associates.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Cybersecurity-report_EasyTarget.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> <p>In the fourth quarter of 2018, <a href="" target="_blank">Proofpoint</a> threat researchers concluded that <strong>95 percent of healthcare firms were targeted by at least one email fraud attack launched from their own domain</strong>. The average organization was targeted with 57 domain spoofing attacks.</p> <p>Moreover, every health institution in Proofpoint’s study had their domains spoofed by <strong>attackers sending fraudulent messages to patients and business associates</strong>.</p> <p>Overall, <strong>45 percent of email sent from healthcare-owned domains in Q4 appeared suspicious</strong>. The percentage was even higher for email sent to healthcare staff (65 percent). Roughly 42 percent of the email sent to patients from hospital-owned domains were suspicious, as was 15 percent of email sent to business associates.</p> <p><strong>Lookalike domains:</strong> Attackers often register look-alike domains to trick people into believing an email is from someone they trust. They create new, deceptively similar domains by swapping characters, such as replacing the letter o with the numeral 0, or inserting an additional character such as an s or a hyphen. <strong>In 2017 and 2018, 67 percent of healthcare providers were targeted by attacks</strong> launched from look-alike domains.</p> <h2 id="toc_2">How Hospitals Can Protect Themselves</h2> <p>Email fraud tactics are always shifting. That’s why <strong>healthcare institutions need a multilayered defense</strong>.</p> <p>To protect staff, patients and business partners from email fraud, <strong>consider these five initiatives</strong>:</p> <ul><li><strong>Email authentication:</strong> Domain-Based Message Authentication, Reporting and Conformance, or DMARC, blocks all impostor attacks that spoof trusted domains.</li> <li><strong>Machine learning and policy enforcement:</strong> Analyze the contents and context of email to stop display-name spoofing and look-alike domains at the email gateway.</li> <li><strong>Domain monitoring:</strong> Automatically identify and flag potentially risky domains registered by fraudsters.</li> <li><strong>Protect VAP:</strong> In addition to high profile executives, cybercriminals often target individuals deep within an organization whose privilege and ample access to sensitive information make them valuable targets. It’s important for healthcare institutions to identify these “very attacked people” and establish security controls to protect them from targeted threats.</li> <li><strong>Security awareness training and process accountability:</strong> Educate people on how to recognize and report email fraud, phishing and other cybersecurity threats.</li> </ul><p>Despite large investments in security, email fraud continues to rise. <strong>Cybercriminals are growing more advanced</strong>, and attacks are evading traditional security tools, leaving people as the last line of defense. Taking a multilayer approach to cybersecurity, and protecting your most attacked employees, will significantly reduce risk and allow your institution to focus on patient care.</p> </div> <div> <div class="field-author"><a href="/taxonomy/term/12146" hreflang="en">Ryan Witt</a></div> </div> Mon, 13 May 2019 16:46:31 +0000 daniel.bowman_26806 42506 at How Technology Is Transforming Care for New and Expectant Mothers <span>How Technology Is Transforming Care for New and Expectant Mothers</span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Fri, 05/10/2019 - 14:09</span> <div><p>To paraphrase a popular saying, <strong>when mom’s happy, everybody’s happy</strong>.</p> <p>That holds true for obstetrics service lines at hospitals and health systems too. <strong>Women have a choice when it comes to prenatal care and delivery</strong> and will often research those options, including relying on word-of-mouth referrals. As for downstream revenue, women make most of the health decisions for their families, and are typically more engaged in their own healthcare decisions as well.</p> <p>Bottom line: <strong>Patient experience is important to women</strong>, and patient-centric programs that offer greater convenience, lower costs, and top-notch patient safety and quality are a powerful marketing tool.</p> <p>Healthcare organizations, to that end, <strong>increasingly are turning to digital tools to improve the patient experience</strong> for expectant mothers.</p> <p><a href="" target="_blank"><em><strong>MORE FROM HEALTHTECH: </strong>Learn how telehealth programs can evolve to meet patient needs.</em></a></p> <h2 id="toc_0">Wireless Solutions Keep Patients Connected</h2> <p>Ochsner Health System, a nonprofit based in southeastern Louisiana, for instance, offers a <strong>free digital health tool called Connected Maternity Online</strong> Monitoring (<a href="" target="_blank">Connected MOM</a>) to help expectant mothers manage their pregnancy with fewer visits to the obstetrician. Patients use advanced wireless technology — including scales and blood pressure cuffs that connect to their smartphone — to send weight and BP readings directly to their medical record, where a team of health coaches and obstetrics care providers monitor the data.</p> <p>“Connected MOM is an opportunity to extend prenatal care beyond the physician’s office and make care more convenient for our patients,” says Dr. Jody Morris IV, chairman of women’s services at Ochsner Baptist, in a <a href="" target="_blank">press release</a>. “<strong>Issues such as high blood pressure or excessive weight gain can be identified earlier, not just when a woman shows up for her routine prenatal appointment</strong>. We can identify patient trends, which can improve quality of care, reduce cost and enhance the patient experience.”</p> <p>The Mayo Clinic Center for Innovation launched a similar program in 2011 called OB Nest for women experiencing low-risk pregnancies. Now a standard care option at Mayo’s Rochester, Minn., clinic, it offers <strong>home monitoring equipment that connects to a knowledge-based tracking system</strong> that pulls health information into a single, accessible location.</p> <p>“Women still receive all the recommended laboratory tests, ultrasounds, immunizations, and patient education of a traditional care path,” write Dr. Yvonne Butler Tobah, an obstetrician and health sciences researcher at Mayo, and Abimbola Famuyide, chair of Mayo’s department of obstetrics and gynecology, in a <em>Harvard Business Review</em> <a href="" target="_blank">article</a>. “However, <strong>by optimizing current technology, OB Nest makes women active participants in their care</strong> and the wellness experience of pregnancy, while reducing the associated costs and time commitment,” they wrote.</p> <p><a data-entity-type="" data-entity-uuid="" href="" target="_blank"><img alt="Digital%20Transformation_IR_1.jpg" data-entity-type="" data-entity-uuid="" src="" /></a></p> <h2 id="toc_1">Telehealth Enables Remote Monitoring of Women and Infants</h2> <p><strong>Telehealth services play an important role in caring for women and infants</strong> during and after delivery as well.</p> <p>Ochsner telehealth services include pediatric intensive care and maternal fetal medicine. And the organization’s <a href="" target="_blank">Telestork</a> program, launched in 2016, <strong>provides remote monitoring of labor and delivery patients</strong> at most of Ochsner’s hospitals. The program has monitored over 1,200 patients and has reduced neonatal intensive care unit and cesarean section rates, according to a HIMSS <a href="" target="_blank">paper</a> on the system’s Stage 7–earning achievements.</p> <p>Post-delivery, <strong>webcams that allow parents to monitor newborns in NICU when they can’t be there in person </strong>are an increasingly popular option — they’re in place at OHS as well as at Cleveland Clinic.</p> <p><strong>Parents get a unique username and password that they use to log in and watch their baby on any internet-capable device</strong>, including computers, tablets and smartphones, <a href=";__hssc=69683983.1.1517529600095&amp;__hsfp=998628806" target="_blank">notes</a> MedCity News. Parents can also choose to share their NicView system login with friends and family.</p> <p>Technology, of course, is changing the way hospitals treat all patients: <strong>Videoconferencing tools such as <a href=";searchscope=all&amp;sr=1" target="_blank">Skype</a>, combined with wearables like <a href=";searchscope=all&amp;sr=1" target="_blank">Fitbits</a>, are laying the foundation for virtual care</strong> to revolutionize all aspects of the health space, <a href="">says</a> Mariea Snell, an assistant professor and coordinator of the Online Doctor of Nursing Practice program at Maryville University in St. Louis, and a telehealth clinician at Maven Clinic, a “digital clinic” that connects women to vetted healthcare practitioners.</p> <p><strong>Every patient will eventually have a treatment plan that includes telehealth in some fashion</strong>, Snell predicts, whether through remote visits with a primary care provider or more extensive, long-term care. “As insurance companies trend toward reimbursing more telehealth treatment options, telehealth will only continue to grow more widespread and beneficial, helping increase the overall health and well-being of urban and rural communities alike,” she writes for <em>HealthTech</em>. “The future of healthcare is inseparable from telehealth.”</p> </div> <div> <div class="field-author"><a href="/author/gienna-shaw" hreflang="en">Gienna Shaw</a></div> </div> Fri, 10 May 2019 18:09:29 +0000 daniel.bowman_26806 42501 at Summer 2019 <span>Summer 2019</span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Tue, 05/07/2019 - 16:37</span> <div class="pw-widget pw-size-medium pw-layout-vertical" data-layout="vertical" data-url="" data-title="Summer 2019" data-via="CDW_Healthcare" data-button-background="none"> <span> <span>May</span> <span>07</span> <span>2019</span> </span> <a class="pw-button-twitter cdw-taboola-social"></a> <a class="pw-button-facebook cdw-taboola-social"></a> <a class="pw-button-linkedin cdw-taboola-social"></a> <a class="pw-button-reddit cdw-taboola-social"></a> <a class="pw-button-flipboard cdw-taboola-social"></a> <a class="pw-button-email cdw-taboola-social"></a> <!-- Pinterest button is in EdTechk12 theme's vertical template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-counter="true" data-url="" data-title="Summer 2019" data-via="CDW_Healthcare" data-button-background="none"> <div> <a class="pw-button-twitter cdw-taboola-social"></a> <a href=";" target="_blank"><span class="pw-box-counter cdw-taboola" data-channel="twitter"></span></a> </div> <div> <a class="pw-button-facebook cdw-taboola-social"></a> </div> <div> <a class="pw-button-linkedin cdw-taboola-social"></a> </div> <div> <a class="pw-button-reddit cdw-taboola-social"></a> </div> <div> <a class="pw-button-flipboard cdw-taboola-social"></a> </div> <div> <a class="pw-button-email cdw-taboola-social"></a> </div> <!-- Pinterest button is in EdTechk12 theme's horizontal template --> </div> <div class="pw-widget pw-size-medium pw-layout-horizontal" data-url="" data-title="Summer 2019" data-via="CDW_Healthcare" data-button-background="none"> <div> <a class="pw-button-twitter"></a> <span class="pw-box-counter" pw:channel="twitter"></span> </div> <div> <a class="pw-button-facebook"></a> <span class="pw-box-counter" pw:channel="facebook"></span> </div> </div> Tue, 07 May 2019 20:37:50 +0000 daniel.bowman_26806 42496 at When It Comes to Email Security, Healthcare Orgs Must Stay Vigilant <span>When It Comes to Email Security, Healthcare Orgs Must Stay Vigilant </span> <span><span lang="" about="/dashboard/danielbowman26806" typeof="schema:Person" property="schema:name" datatype="">daniel.bowman_26806</span></span> <span>Tue, 05/07/2019 - 15:47</span> <div><p>By and large, security persists as a major area of concern for the healthcare industry. According to the <a href="" target="_blank">2019 HIMSS Cybersecurity Survey</a>, <strong>82 percent of hospital respondents and 64 percent of nonacute providers</strong> reported that, over a 12-month span, they had experienced a “significant security incident.”</p> <p>Twenty-seven percent of hospitals said that online scam artists employing phishing tactics targeted business email accounts. What’s more, <strong>in Q4 2018, healthcare organizations were targets for email fraud attacks 473 percent more often than in Q1 2017</strong>, according to <a href="" target="_blank">Proofpoint</a>’s “<a href="" target="_blank">Email Fraud in Healthcare 2019 Report</a>.” A deeper dive into the latter report found that 45 percent of all email sent from healthcare-owned domains in Q4 2018 appeared “suspicious,” including the bulk of emails to employees and 42 percent sent to patients.</p> <p>Additionally, recent <a href="" target="_blank">research</a> published on JAMA Network Open found that roughly <strong>1 in 7 simulated phishing emails were clicked on by employees</strong>, a number the study’s authors called “notably high.” While hackers’ strategies for infiltrating target organizations’ data and IT systems continue to evolve, old-fashioned attack methods are far from obsolete.</p> <p><em><a href=""><strong>MORE FROM HEALTHTECH: </strong></a></em><a href=""><em>Are</em></a><a href="" target="_blank"><em> passwords still reliable for healthcare IT security?</em></a></p> <h2 id="toc_0">Follow the Trends</h2> <p>Camarena Health in Madera County, Calif., a community healthcare ­provider that’s <strong>grown from three clinics to 14 over the past seven years</strong>, now uses a mixture of on-premises and cloud-based security solutions to help protect its expanding environment. Email is one of Camarena’s primary emphases, especially as it looks to address data sprawl and ensure the safekeeping of protected health data.</p> <p><a href="" target="_blank">According to</a> data from <a href="" target="_blank">Mimecast</a>’s December 2018 email security risk assessment, <strong>1 in 350 emails to healthcare organizations was flagged as an impersonation</strong>, while 1 in 3,741 emails contained malware. Providers must make it a point to follow these trends closely and react accordingly.</p> </div> <div> <div class="field-author"><a href="/author/ryan-petersen" hreflang="en">Ryan Petersen</a></div> </div> Tue, 07 May 2019 19:47:43 +0000 daniel.bowman_26806 42491 at