The use of artificial intelligence, machine learning and robotics has enormous potential, but along with that promise come critical privacy and security challenges, says technology attorney Stephen Wu.

For example, in healthcare, “we’re beginning to see surgical robots … and robots that take supplies from one part of a hospital to another. …You can use AI to help sequence a child’s DNA … and match and identify a condition in very short order,” Wu says in an interview with Information Security Media Group.

But along with those bold technological advances come emerging privacy and security concerns.

“The HIPAA Security Rule doesn’t talk about surgical robots and AI systems,” he notes. Nevertheless, HIPAA’s administrative, physical and technical safeguard requirements still apply, he says.

As a result, organizations must determine, for example, “what kind of security management procedures are touching these devices and systems - and do you have oversight over them?”

Also critical is ensuring that “communications are secure from one point to another,” he points out. “If you have an AI system that’s drawing records from an electronic health record, how is that transmission being secured? How do we know the AI systems drawing [information] from the EHR system has been properly authenticated?”

A security expert offers a variety of suggestions for how to improve security training to effectively beat the threat of ransomware and other criminal mischief.

Tech giant Google continues to face Congressional scrutiny about its collection and use of sensitive health data in a project with Ascension. Rep. Pramila Jayapal, D-Wash., sent a letter last week to Google CEO Sundar Pichai, former Alphabet CEO Larry Page, and Google Cloud senior official Tariq Shaukat demanding answers on how the companies use the health data they collect and the procedures they have in place to protect that data.

One health system recently learned the cost of relying too heavily on the HIPAA Breach Notification Rule’s “low probability of compromise” standard when it failed to notify all affected individuals and report the HIPAA breach to the Office for Civil Rights (OCR).

HIPAA covered entities frequently struggle with determining whether an inappropriate disclosure of protected health information (PHI) rises to the level of a reportable HIPAA breach—or alternatively, whether the disclosure creates only a “low probability of compromise.” A low probability of compromise determination means the covered entity is not required to notify the affected individual(s) or OCR under HIPAA’s Breach Notification Rule.

On November 27, 2019, Sentara Hospitals (Sentara), a health system with sites of care in Virginia and North Carolina, settled with OCR for $2.175 million for failing to properly notify OCR and affected individuals of a breach of unsecured PHI. Specifically, Sentara mailed out 577 patient billing statements to the incorrect addresses. The billing statements included patient names, account numbers, and dates of services. At the time of the incident, Sentara conducted a risk assessment and determined Sentara only needed to notify eight individuals of the breach because the other disclosures did not contain a patient diagnosis, treatment information, or other medical information. That is, Sentara determined the other disclosures created only a “low risk of compromise” to the PHI and thus, notification was not required.

The Office of the National Coordinator for Health IT (ONC) engages in several global health IT projects from a United States government perspective. ONC works with global counterparts to share experiences, and ensure alignment between global interoperability efforts and the United States’ approaches to interoperability. This includes working through worldwide partnerships, bi-lateral and multi-lateral engagements, global networks, and memoranda of understanding. Through these engagements, we focus on advancing common health data standards for global interoperability, enhancing individuals’ access to their data, progressing healthcare providers’ experiences, and improving factors associated with transparency and competition.

This past summer, ONC hosted the 3rd Interoperability Forum in Washington DC, where we heard from several global health IT leaders who are working on similar health IT issues in their own countries. This post highlights the insights and resources these leaders provided during the Forum, and is not inclusive of ONC’s complete global health IT efforts.

Commercially available for five years, the Apple Watch received clearance from the U.S. Food and Drug Administration in 2018 for its electrocardiogram function, which employs machine learning and individual algorithms to detect issues such as atrial fibrillation (AFib). The news sparked wider discussion about the role of wearable consumer devices in medicine.

Commercially available for five years, the Apple Watch received clearance from the U.S. Food and Drug Administration in 2018 for its electrocardiogram function, which employs machine learning and individual algorithms to detect issues such as atrial fibrillation (AFib). The news sparked wider discussion about the role of wearable consumer devices in medicine.

In our first episode of “When It Works,” intracranial hematoma patient Danielle Collins and George Washington University Hospital’s Dr. Walter Jean discuss how a virtual reality tool provided surgical theater to help Collins comprehend her condition.

AI Med19 is for those interested in the biggest paradigm shift in healthcare and medicine: Artificial Intelligence. This is the biggest event of it’s kind in the USA dedicated to the transformative impact that AI-inspired technology is having on healthcare. A platform designed by clinicians to showcase the latest thinking and facilitate new ideas and partnerships. 

5 reasons to attend AIMed 19

AIMed 19 has a very impressive line-up of expert speakers including, Stephen Kingsmore, Tim Chou, Lynda Chin, Aziz Nazha & Ted Shortliffe. Our agenda covers several hot topics including, Quantum Computing, overcoming issues in AI development, Facilitating the adoption of AI systems in clinical practice, Public Health Perspectives - Opportunities and Applications of AI around the world. See fresh new talent coming out of academia as our accepted applicants present their innovative ideas from our Abstract Competitions. Discover the next big thing set to disrupt med-tech with our Shark Tank start-up competition. AIMed 19 offers one of a kind networking with our unique social events. Speed networking with canapes and drinks, an AIMed BBQ with music and our spectacular Gala beach dinner under the stars.

Reserve your place now. For more information, visit aimed.events/north-america-2019/Read on aimed.events
“The goal is not to replace doctors, but to elevate them. Artificial

Keeping patients happy doesn’t end with mobile technology — but it’s an excellent start.

The CURE ID online data repository’s crowdsourcing approach could help the agency to identify novel uses for approved drugs.

University Health Care System has replaced the manual process of creating price estimates with a digital tool that’s accurate within 5% – and patients’ upfront payments have been steadily increasing.

Healthcare organizations have been fighting the good fight against cybercrime for many years. But they still need to up their game. As such, they need to take the following steps as they more proactively deal with cybersecurity threats.

Cerner will address the ongoing issue of clinician burnout with this advanced voice-enabled technology.

Gaming can be used to prepare for space health emergencies, says Level Ex founder and CEO Sam Glassenberg, who demonstrates the VR technology involved.

The longtime CIO and health IT evangelist will leave Boston’s Beth Israel Lahey Health to lead digital health strategy at the Rochester, Minnesota, academic medical center.

Hospitals are alive with activity and awash with information. Just a single healthcare complex can contain hundreds of staff members who are using thousands of devices to tap into a vast ecosystem of healthcare data. As such, hospitals and just about any other healthcare setting are ticking time bombs in terms of cybersecurity and are constantly at risk for major violations.

While organizations in every industry face similar scrutiny and risk for violation, health care is unique in two ways. First, medical information is extremely sensitive, as the very nature of the data could potentially contribute to a life-or-death scenario for an individual if that data is compromised. Secondly, health care relies on a huge number of network-connected devices that haven’t necessarily been updated at the same pace with technology advancements and, therefore, may lack appropriate cyber-defense measures or even capabilities. These unique hurdles place the healthcare industry at a much higher risk for noncompliance, an important distinction because violations with healthcare data often come with elevated consequences for the healthcare provider.

This situation will not get any better as health care becomes even more reliant on technology. Now that patients are using at-home devices to transmit health information, the sheer number of devices that hackers could target is growing significantly.

Hyperconverged infrastructure combines storage, computing and networking into a single system. This architecture, compared with traditional data centers, makes HCI cheaper to operate, easier to manage, more scalable and more agile. It’s no wonder that enterprises in just about every industry are migrating to HCI — and healthcare is no exception.

Transparency Market Research predicts the healthcare industry’s share of the HCI market to have a compound annual growth rate of nearly 42 percent through 2025.

This shift is partly the byproduct of two trends: the growing adoption of digital information storage systems and an increasing use of smartphone-based technologies for patient interaction, the firm says. For example, healthcare vendors such as Epic have spent the past few years making it easier to migrate applications such as electronic health records to an HCI environment.

HCI’s benefits to healthcare are still being realized, but the technology is worth the consideration of IT teams hoping to simplify their workloads, enhance performance and reduce system maintenance — even though its advantages might not be immediately obvious.

For instance, one hospital migrated its picture archiving and communication system (PACS) to a Nutanix HCI cluster. “PACS might seem like an odd candidate for virtualization,” says Logan Ayers, CDW principal inside solution architect for data centers. “But for them, eliminating the expense of owning and operating storage arrays made it worth the effort.”

Ideally, organizations will have a breach response plan in place that they regularly practice and refine, based on emerging types of attacks and risk management strategies. (See part one of this series: To Survive a Data Breach, Create a Response Playbook.)

“In terms of preparedness, companies have progressed in a good and thoughtful way in recent years,” says attorney Nicole Friedlander, a partner at Sullivan & Cromwell in New York, where she’s a member of the firm’s criminal defense and investigations group and co-heads its cybersecurity practice. “They have moved from a largely reactive stance - acting only if and when a breach occurred - to a world in which they appreciate preparedness matters. It affects how well they are able to respond and recover from the breach and can reduce the likelihood of follow-on criticism from regulators or the public.”

Here are eight incident response essentials for any organization that suffers a security incident.

The new HIPAA-compliant tool will be able to capture physician dictation or doctor-patient conversations.

Consumer satisfaction with health insurers is on the upswing, according to an annual report from the American Consumer Satisfaction Index. Hospitals, however, aren’t quite so lucky.

In 2018, hospitals earned a score of 76 on ACSI’s indicator. Their most recent score is a mere 72, with the decline driven largely by a sizeable drop in consumer rankings for emergency department care, which dipped from a 73 to a 67 over the same period.

Inpatient care also declined but not as steeply, falling from a 77 on the indicator to a 76.

Perhaps reflecting emerging models of care that emphasize growing consumerism in the industry, outpatient care settings are garnering more satisfaction. While outpatient care provided by hospitals dropped on the index from a 78 score in 2018 to a 75, ambulatory care netted a 77 for the second year running.

As the clinician burnout epidemic continues, a new JAMA report shows how provider well-being is critical to patient safety.

Cianflone Domenico, associate professor at San Raffaele University in Milan, Italy, says it’s “mandatory” to adopt new technologies that empower the patient.

Electronic health records do more than collect and store patient information. Increasingly, these records compute and communicate the data, providing insights that can make a difference in treatment.

HealthIT.gov reports that 75 percent of healthcare providers say their EHR enables them to deliver better patient care, which results in higher patient satisfaction rates and fewer medication errors, among other benefits.

These systems, though associated with higher physician stress and burnout, can be lifesaving when managed efficiently. Data shared in an EHR can help clinicians choose the right medication for a patient with allergies, for example, or provide history on an unresponsive patient when they arrive at an emergency room.

An EHR can also play a role in public health outcomes by allowing clinicians to look more meaningfully at patient data when it comes to their current medications and specific conditions such as high blood pressure or low blood sugar.

The path to high functionality is a slow process. But most improvements in today’s EHRs can be attributed to the ever-growing prevalence of technology in patient’s lives and a demand for medical tools to be more intuitive and user friendly, says Dr. Bruce Darrow, chief medical information officer for Mount Sinai Health System in New York.

With the ongoing transition to value-based care, the importance of technology is growing, for patient engagement increase, data management for informed decision-making and introduction of more effective treatments. However, the advancement of all these is complicated by limited resources and lack of reimbursement. Such are the conclusions of the third annual Top of Mind for Top Health Systems survey from the Center for Connected Medicine (CCM) conducted in partnership with KLAS Research.

As cybersecurity threats to healthcare grow in number and severity, artificial intelligence is helping providers detect vulnerabilities and respond to data breaches faster and with greater precision.

Given that 63 percent of organizations of all types don’t have enough staff to monitor threats ²⁴⁄₇, according to a 2019 Ponemon report, the added defense is crucial. It’s arguably even more important for the healthcare industry, whose data is often considered more valuable than Social Security and credit card numbers.

As a healthcare tool, AI can help predict falls in seniors and identify early signs of sepsis. It’s also poised to shape many other facets, from disease detection to administrative tasks. As an IT defense mechanism, however, AI may be employed to recognize network behaviors unlikely to represent human action, keep watch for fraud threats and predict malware infections based on previously identified characteristics.

Such intuitive IT capacities offer “preventative medicine, helping prevent the infection in the first place,” says Rob Bathurst, an adviser for anti-virus software firm Cylance, in a recent white paper about AI and healthcare infrastructure.