Ransomware focus limits healthcare IT progress in 2017
Skip to main content
Sister Publication Links
  • Modern Healthcare Metrics
MDHC_Logotype_white
Subscribe
  • Subscribe
  • Register
  • Login
  • News
    • This Week's News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • People
    • Regional News
    • Digital Edition
    • Dr. Richard Snyder
      Outdated privacy laws hinder coordinated care, especially in the fight against addiction
      Nurses recycle surgical wraps for the homeless
      Nurses sew surgical wraps into sleeping bags for the homeless
      Joan Budden
      Q&A: Priority Health CEO eager to share best practices with Total Health Care
      Wright Lassiter III
      Healthcare leaders urge full court press on social determinants of health
    • November was healthcare's second strongest hiring month of 2019
      Primary-care provider ChenMed to enter five new markets
      Lacking specialist access drives health disparities
      Genetic Counseling
      Addressing barriers to expanding genetic counseling
    • Joan Budden
      Q&A: Priority Health CEO eager to share best practices with Total Health Care
      Silver-loading, CSR elimination lowered premiums for some rural enrollees
      Centene to sell Illinois plan to CVS Health
      Blue Cross of Idaho unveils souped-up short-term health plans
    • Capitol Building with pills
      Week Ahead: House to vote on drug bill; SCOTUS hears risk-corridor case
      MedPAC thinks hospice payments are too high
      MedPAC says ambulatory surgical centers don't need a pay raise
      States focus on healthcare costs to address coverage problems
    • Analysts to CommonSpirit Health: Show us the savings
      Smallest hospitals saw biggest earnings gains last month
      Sutter Health postpones financial filing
      doctor helping patient stock image Sandoz
      Sponsored Content Provided By Sandoz
      As hospital executives look to reduce costs, biosimilars offer a compelling option
    • astronaut
      Astronauts developed bloodstream issues in space
      Sponsored Content Provided By ABM Healthcare
      Protecting and Maintaining Medical Devices
      human hand robotic hand stock image
      Sponsored Content Provided By Deloitte
      The Health System of the Future: How Digital Health Technology is Transforming Care
      EHR
      EHR vendors most in-use throughout Medicare incentive program
    • MRIs of dense breasts find more cancer but also false alarms
      Flu season takes off quickly in Deep South states
      Uber driver says South Carolina hospital dumped patient on him
      1 in 3 adults age 45 and older reported being lonely in a 2018 AARP survey
      Data Points: Loneliness and its impact on health
    • Jim Allison playing the harmonica
      Documentary tells tale of Nobel winning researcher
      Seema Verma
      Seema Verma's bold initiatives land her in No. 1 'Most Influential' spot
      New CEO takes the helm at Lurie Children's Hospital of Chicago
      Mayo Clinic taps Dr. John Halamka to lead its Google partnership
    • Midwest
    • Northeast
    • South
    • West
  • Special Features
    • Best Practices
    • InDepth Special Reports
    • Innovations
    • Chest x-ray from a patient with a vaping-related lung injury
      Vaping-related cases lead to care guidelines from Intermountain
      Arkansas Children’s was a founding partner in Solutions for Patient Safety.
      Children's hospitals collaborate rather than compete on patient safety
      Peer recovery specialists at St. Barnabas Medical Center work with nurse Brenna Zarra.
      Peer recovery helping patients with addiction seek treatment
      UNC Health Care trains staff to treat dementia patients
    • Linda Kenney
      Patient advocate recalls two medical errors that nearly killed her
      Leah Binder, CEO of the Leapfrog Group, with her grandmother, Estelle Greifer.
      With no national reporting system, volume of medical errors is still unknown
      Man in hospital bed
      Minnesota looks to evolve its patient-safety reporting system
      Dr. Don Berwick
      Despite progress, we’re still waiting for a truly safer healthcare system
    • Randy Oostra, CEO of ProMedica
      HCR ManorCare deal laid foundation for ProMedica’s growth
      Advanced ICU Care
      Telemedicine helps rural hospitals meet intensivist shortage
      Paging Dr. Robot: Artificial intelligence moves into care
      A child being screened for vision problems using a smartphone.
      App screens kids for eye problems before they can talk
  • Transformation
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • ProMedica doubles down on social needs data analysis
      Amazon taps first pharmacy for Alexa Rx management
      Trump administration unveils new price transparency rules
      A child being screened for vision problems using a smartphone.
      App screens kids for eye problems before they can talk
    • VA dives into artificial intelligence R&D
      Home health to pare down therapy services, up telehealth offerings
      Amazon launches medical transcription service
      Hospitals' uncompensated care continues to rise
    • Chest x-ray from a patient with a vaping-related lung injury
      Vaping-related cases lead to care guidelines from Intermountain
      Advanced ICU Care
      Telemedicine helps rural hospitals meet intensivist shortage
      Peer recovery specialists at St. Barnabas Medical Center work with nurse Brenna Zarra.
      Peer recovery helping patients with addiction seek treatment
      UNC Health Care trains staff to treat dementia patients
    • Value-based pay still struggles to improve costs, quality
      Hospitals sue HHS over negotiated price disclosure rule
      Bundled payments get a boost in two states with employee programs
      CMS wants primary-care docs to take on financial risk
  • Data/Lists
    • Rankings/Lists
    • Data Points
    • Modern Healthcare Metrics
  • Op-Ed
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
    • Randy Oostra, CEO of ProMedica
      HCR ManorCare deal laid foundation for ProMedica’s growth
      Steve Strongwater
      How Atrius Health stayed independent by not shying away from risk
      Why moving the VA to a new EHR was a pivotal decision
      Why AdventHealth's rebrand was more than a name change
    • Terry Shaw
      A diverse and inclusive culture should empower others
      Paving the path to diversity and inclusion
      The next step in healthcare evolution
      Breaking Bias: A road map to boost women and minorities into healthcare leadership
    • Dr. Richard Snyder
      Outdated privacy laws hinder coordinated care, especially in the fight against addiction
      David Dill and Keith Myers
      Healthcare partnerships are a proven path to better care, healthier communities
      Health systems need to devote more resources to caring for the caregivers
      Fawn Lopez and Bernard Tyson
      In remembrance and gratitude for a life well-lived
    • Letters: Let’s keep humanity in discussions about patient safety
      Hospital with money
      Letters: Let providers set their prices,
 and then publish them all
      Letters: Ambulatory surgery centers aren't getting a break on regulation
      Letters: Rising Medicaid spending isn't a windfall for providers
    • Sponsored Content Provided By Optum
      How blockchain could ease frustration with the payment process
      Sponsored Content Provided By Optum
      Three steps to better data-sharing for payer and provider CIOs
      Sponsored Content Provided By Optum
      Reduce total cost of care: 6 reasons why providers and payers should tackle the challenge together
      Sponsored Content Provided By Optum
      Why CIOs went from back-office operators to mission-critical innovators
  • Awards
    • Nominate
    • Award Programs
    • Previous Award Programs
    • Other Award Programs
    • Nominations Open - Top 25 Minority Leaders
      Nominations Open - Health Care Hall of Fame
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top 25 Innovators
    • Top 25 Minority Leaders
    • Top 25 Women Leaders
    • Excellence in Nursing Awards
    • Design Awards
    • Top 25 COOs in Healthcare
    • 100 Top Hospitals
    • ACHE Awards
  • Events
    • Conferences
    • Galas
    • Webinars
    • Kronos webinar logo lockup
      Sponsored Content Provided By Kronos
      Webinar: The Future of Work in Healthcare
    • Leadership Symposium
    • Healthcare Transformation Summit
    • Critical Connections: Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Workplace of the Future Conference
    • Strategic Marketing Conference
    • Health Care Hall of Fame Gala
    • Top 25 Women Leaders Gala
    • Best Places to Work Awards Gala
    • Top 25 Minority Leaders Gala (2020)
  • MORE +
    • Advertise
    • Media Kit
    • Newsletters
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Technology
December 26, 2017 12:00 AM

Ransomware focus limits healthcare IT progress in 2017

Rachel Z. Arndt
  • Tweet
  • Share
  • Share
  • Email
  • More
    Print

    "Cyber" came into its own in 2017. As hackers hit healthcare and other industries with ransomware attacks that crippled some companies for weeks, the term has been on the tip of every executive's tongue.

    Now, companies are putting their energy and money into cybersecurity as they try to protect themselves from digital threats.

    But that focus reflects more than the growing landscape of cyber threats; it also reflects the relative lack of focus—or at least broad progress—on other health IT topics in 2017. Interoperability continues to elude the industry, delays in electronic health record requirements mean old technology can stick around for a bit longer, and general uncertainty stymies confidence in what comes next.

    If there was a bright spot in healthcare's technological progress in 2017, it was telemedicine. The majority of providers now offer telehealth services. In May, Texas became the final state to allow telemedicine visits without in-the-flesh preliminary meetings, symbolizing the acceptance of the practice across the country.

    There were important shifts—a new head of the Office of the National Coordinator for Health Information Technology, for instance, and an electronic health record deal between Cerner and the VA—that point to a 2018 in which health IT buzzwords, like interoperability and "meaningful," will continue to evolve, as the industry insists upon technology that doesn't just sound good but actually makes good on its patient-care promises.

    Cybersecurity

    In the most high-profile attack of the year, hackers unleashed the WannaCry ransomware into hundreds of thousands of computers —including those at the U.K.'s NHS—around the world in May. The software took over, encrypted files, and required ransom in return for decryption.

    Soon after WannaCry wreaked havoc on information systems, hackers let loose another piece of malware, dubbed NotPetya. That malware took down several healthcare organizations in the U.S., including Merck and Nuance. It took Nuance weeks to come back online after the attack.

    "There was a huge switch this year in the threat world," said Mac McMillan, CEO and co-founder of privacy and cybersecurity consulting firm Cynergistek. "Now, threat actors have decided it's ok to disrupt a hospital and affect patient care so they can extort money," he said. "That's a big deal. It basically points to the concept that they will risk patient safety to commit a crime."

    As attacks have increased, so has vigilance. But McMillan worried that people still aren't going to really take action until someone gets injured because of a cyberattack.

    Nevertheless, the Health Care Industry Cybersecurity Task Force took a proactive step in June, releasing recommendations for new security frameworks and amendments to anti-kickback laws.

    Meanwhile, most healthcare organizations have implemented cybersecurity training programs. Some even send out fake phishing attacks to teach employees how to recognize malicious emails.

    The focus on email makes sense, since it's the most common entry point, followed by network servers, according to the Office for Civil Rights Breach Portal. Overall, by the end of November, HHS received 314 breach reports since the beginning of the year, affecting 4.7 million people.

    Along with email, the industry has also recognized another potential point of entry: internet-connected medical devices. A hacker could break into a health system's entire network through an internet-enabled pacemaker. Or the hacker could make the pacemaker malfunction. That concern led to the recall of 465,000 Abbott pacemakers in August.

    Theoretically, if a medical device were on the same network as a hospital's EHR, hackers could also break into the EHR through the device, using it as a point of entry to all the data in the network just as they might break into a home network through a connected device like an Amazon Echo or Google Home.

    Certified EHRs and regulatory relief

    The very technology that hackers take advantage of to compromise data is the same technology that providers take advantage of to improve patient care. While electronic health records help providers reduce unnecessary tests and treatments, they're also a bane for physicians who spend about half of each day working with EHRs.

    "There still remains a real frustration around EHRs and usability and whether or not there should be federal mandates to use technology as opposed to incentives to use it," said Anders Gilberg, senior vice president of government affairs for the Medical Group Management Association.

    The CMS tried to help with that administrative burden by putting off requirements for physicians and Medicare-eligible hospitals to use 2015-certified EHR technology, allowing them to use 2014-certified EHR technology for another year without being penalized. That change gave providers more leeway in software choice, preventing what would have been last-minute scrambling to get certified EHRs in place and protecting them from penalties.

    "The thing they are not calling for is the demise of the meaningful use program," pointed out Leslie Krigstein, vice president of congressional affairs for the College of Healthcare Information Management Executives.

    The ONC also tried to reduce the regulatory burden on vendors, announcing in September that it would allow vendors to "self-declare" meeting most of the criteria for getting their products certified. The agency said the change would make the ONC Health IT Certification Program more efficient.

    But some worried that deregulation could put patient safety at risk.

    That was the concern with eClinicalWorks' software. The company found itself in legal trouble a couple of times in 2017 for lying about its software's capabilities. In one case, a patient claimed he couldn't ascertain from his EHR records when he first had symptoms of cancer. In May, the vendor settled a different case with the government, agreeing that it and some of its employees would pay $155 million for misleading regulators.

    Telemedicine

    Telemedicine was a clearer technological bright spot for providers in 2017. Providers and telemedicine companies say the technology could cut costs. They also say it could broaden access to healthcare, which it did in the aftermath of the the hurricanes that swept the southern part of the country this fall. Then, some companies offered their services for free to those in hurricane-hit areas.

    But telemedicine is still somewhat nascent. Though most states have telemedicine parity laws that require commercial payers to reimburse in-person and telehealth encounters equivalently, and there's legislation pending to expand Medicare coverage, limited reimbursement stymies the technology.

    "Medicare is behind and is just catching up," said Alexis Gilroy, chair of the American Telemedicine Association's business and finance group. "There's been a misperception of increased utilization and cost to the Medicare program by opening up telemedicine."

    The VA has been leading the charge for telemedicine lately. In August, VA Secretary Dr. David Shulkin announced the VA's "anywhere to anywhere" healthcare initiative, which would allow providers to care for patients virtually across state borders, so matter where the providers or patients are. In November, the House passed a bill that would allow VA healthcare providers to do just that.

    Interoperability—or the lack thereof

    Healthcare is still an industry of data silos, with patient data held apart by different EHRs. The 21st Century Cures Act tasked the industry with improving interoperability, and it also prohibited data-blocking. But though systems are getting better at sharing information, they're not truly interoperable yet.

    Take Epic's Share Everywhere, for instance, announced in September: A patient can grant any provider access to his or her records, which are viewable through a web browser. But that's it—that records are not integrated into the receiving provider's EHR.

    While the feature is important step forward, the technology is still more about providing access to data, rather than actually true interoperability.

    Critics of the VA's EHR have long complained about the lack of interoperability between it and the DoD's system. That may soon change, though, thanks to Cerner, whose technology the DoD contracted to use in 2015 and whose technology the VA will begin implementing as soon as a contract is signed (imminently, is the word on the street).

    "The age of interoperability is upon us," said Chuck Christian, vice president of technology and engagement for the Indiana Health Information Exchange. "The industry has realized that in order for us to truly have an impact, we need more information about the patient than just what is contained in our (EHR)."

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    Sponsored Content
    Get Free Newsletters

    Sign up for free enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today

    The weekly magazine, websites, research and databases provide a powerful and all-encompassing industry presence. We help you make informed business decisions and lead your organizations to success.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS
    • Instagram

    Stay Connected

    Join the conversation with Modern Healthcare through our social media pages

    MDHC_Logotype_white
    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    Modern Healthcare
    Copyright © 1996-2019. Crain Communications, Inc. All Rights Reserved.
    • News
      • This Week's News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition
    • Special Features
      • Best Practices
      • InDepth Special Reports
      • Innovations
    • Transformation
      • Patients
      • Operations
      • Care Delivery
      • Payment
    • Data/Lists
      • Rankings/Lists
      • Data Points
      • Modern Healthcare Metrics
    • Op-Ed
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Awards
      • Nominate
      • Award Programs
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top 25 Innovators
        • Top 25 Minority Leaders
        • Top 25 Women Leaders
      • Previous Award Programs
        • Excellence in Nursing Awards
        • Design Awards
        • Top 25 COOs in Healthcare
      • Other Award Programs
        • 100 Top Hospitals
        • ACHE Awards
    • Events
      • Conferences
        • Leadership Symposium
        • Healthcare Transformation Summit
        • Critical Connections: Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
        • Workplace of the Future Conference
        • Strategic Marketing Conference
      • Galas
        • Health Care Hall of Fame Gala
        • Top 25 Women Leaders Gala
        • Best Places to Work Awards Gala
        • Top 25 Minority Leaders Gala (2020)
      • Webinars
    • MORE +
      • Advertise
      • Media Kit
      • Newsletters
      • Jobs
      • People on the Move
      • Reprints & Licensing