Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

CXO Scene Episode 3: EHR Cloud Hosting, the EMR Market, and Health IT Staffing Challenges

Posted on August 28, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In case you missed the live taping of the third CXO Scene podcast with David Chou, Vice President and Chief Information and Digital Officer at Children’s Mercy Kansas City and John Lynn, Founder of HealthcareScene.com, the video recording is now available below.

Here were the 3 topics we discussed on the 2nd CXO Scene podcast along with some reference links for the topics:
* Cloud hosting
http://www.fiercehealthcare.com/ehr/uc-san-diego-health-pushes-ehrs-to-cloud-uc-irvine-slated-for-november

* Future of the EMR market with McKesson acquisition
http://www.mckesson.com/about-mckesson/newsroom/press-releases/2017/allscripts-to-acquire-mckessons-enterprise-information-solutions-business/
http://www.hospitalemrandehr.com/2017/08/18/is-allscripts-an-also-ran-in-the-hospital-emr-business/

* IT staffing challenges

You can watch the full CXO Scene video podcast on the Healthcare Scene YouTube Channel or in the video embed below:

Note: We’re still working on distributing CXO Scene on your favorite podcasting platform. We’ll update this post once we finally have those podcast options in place.

Take a look back at past CXO Scene podcasts and posts and join us for the live recording of future CXO Scene podcasts.

CXO Scene Episode 2: EMR As a Commodity, Shadow IT, Health IT Training, and Printer Security

Posted on July 28, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In case you missed the live taping of the second CXO Scene podcast with David Chou, Vice President and Chief Information and Digital Officer at Children’s Mercy Kansas City and John Lynn, Founder of HealthcareScene.com, the video recording is now available below.

Here were the 4 topics we discussed on the 2nd CXO Scene podcast:
* Did Meaningful Use Turn EMRs Into a Commodity?

* Shadow IT – How should healthcare leaders deal with Shadow IT?

* The EHR Dress Rehearsal – Should this be a best practice for every health IT implementation?

* Printer Security – Where do printers and print devices rank on security risks for an organization?

You can watch the full CXO Scene video podcast on the Healthcare Scene YouTube Channel already:

Note: We’re still working on distributing CXO Scene on your favorite podcasting platform. We’ll update this post once we finally have those podcast options in place.

Take a look back at past CXO Scene podcasts and posts and join us for the live recording of future CXO Scene podcasts.

New Healthcare CXO Scene Podcast

Posted on July 17, 2017 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We recently did the inaugural recording of our new bi-weekly Healthcare CXO Scene podcast where David Chou, Vice President and Chief Information and Digital Officer at Children’s Mercy Kansas City and John Lynn, Founder of HealthcareScene.com sit down to talk about the latest happenings in Healthcare IT. We expect CXO Scene to be a lively, but practical look at the topics that matter most to Healthcare CXOs.

Here were our 3 topics for the inaugural CXO Scene podcast:
* Petya – Ransomware and HIT Security are keeping us all up at night
* MACRA – A look at the new proposed rule
* Organizational Blindness – Not becoming desensitized to your organization’s weaknesses

You can watch the full CXO Scene video podcast on the Healthcare Scene YouTube Channel already:

Note: We’re still working on distributing CXO Scene on your favorite podcasting platform. We’ll update this post once we finally have those podcast options in place.

Resources from CXO Scene #1:
http://www.emrandhipaa.com/emr-and-hipaa/2017/07/03/the-petya-global-malware-incident-hitting-nuance-merck-and-many-others/
http://www.hospitalemrandehr.com/2017/07/03/wannacry-will-make-a-cio-cry/
http://www.emrandehr.com/2017/06/26/2018-qpp-proposed-rule-what-it-means-for-mips-quantifying-the-impact-on-specialty-practices-macra-monday/
http://www.hospitalemrandehr.com/2017/06/26/are-you-desensitized-to-whats-happening-in-your-organization/

We’ll be holding the 2nd CXO Scene podcast on July 20th at 1 PM ET (10 AM PT). You can watch the CXO Scene #2 live stream recording on YouTube where you can also chime in during the recording with your own comments and questions. Plus, we welcome your feedback on how we can make CXO Scene more valuable to you or if there are any topics you’d really like us to cover. Just let us know on our Contact Us page.

If you’d like to receive future health care CXO Scene content in your inbox, you can subscribe to future Health Care CXO Scene content here.

WannaCry Will Make a CIO Cry

Posted on July 3, 2017 I Written By

David Chou is the Vice President / Chief Information & Digital Officer for Children’s Mercy Kansas City. Children’s Mercy is the only free-standing children’s hospital between St. Louis and Denver and provide comprehensive care for patients from birth to 21. They are consistently ranked among the leading children’s hospitals in the nation and were the first hospital in Missouri or Kansas to earn the prestigious Magnet designation for excellence in patient care from the American Nurses Credentialing Center

Prior to Children’s Mercy David held the CIO position at University of Mississippi Medical Center, the state’s only academic health science center. David also served as senior director of IT operations at Cleveland Clinic Abu Dhabi and CIO at AHMC Healthcare in California. His work has been recognized by several publications, and he has been interviewed by a number of media outlets. David is also one of the most mentioned CIOs on social media, and is an active member of both CHIME and HIMSS. Subscribe to David’s latest CXO Scene posts here and follow me at Twitter
Facebook.

If you like CXO scene, you can subscribe to future Health Care CXO Scene posts here or read through the CXO Scene archive. Also, join us for the live recording of our first ever CXO Scene podcast on Thursday, 7/6/17 at 1 PM ET (10 AM PT) where we’ll be talking Petya, MACRA, and Organizational Blindness.

As continuous research is done to create better defenses against malicious computer attacks, cybercriminals have also come up with more ways to get cash into their pockets as quickly as possible.  In the past years, a new breed of computer virus has started infecting computers and mobile devices. These viruses are unlike the previous malware as they lock down the computer including the precious files in it and only unlocks it when the user has paid the demanded amount. WananCry, Cryptolocker, Cryptowall, and TeslaCrypt are the new computer viruses that belong to a family of infections known as ransomware.

Cryptolocker is the earliest version of ransomware that started infecting computers in 2013. It easily infects computers through phishing links usually found in email attachments and through computer downloads.  Once a computer has been infected with ransomware, all the computer files are held as ‘hostage’ of the cybercriminals. In some cases, ads of pornographic websites appear on the screen each time a user clicks. These cybercriminals demand payment in order to unlock the files and restore the computer to its previous state.  As an added pressure, these criminals threaten users to delete all files if certain demands are not met within a specified period (usually within 24 hours). The desperate user usually doesn’t have any choice but to give in.

Ransomware Threat in Hospitals

Threats from ransomware has been widespread and it has affected computers of hospitals. In a Reuters report, it stated that a study from Health Information Trust Alliance on 30 mid-sized U.S. hospitals revealed that over half of these establishments (52%) were infected with the malicious software.  Recently we are starting to see countries get shutdown due these attacks while a global voice dictation vendor was shut down and this interfered with the doctor’s ability to voice dictate their notes.

How Companies Can Prevent Ransomware Attacks

Ransomware attacks are serious threats in healthcare. When computers in hospitals stop functioning, there will be delay in information access and flow and may compromise the safety of the patients. When there is ransomware attack, caregivers will have no access to patients’ data which can be crucial for those who are unconscious. It can also result in delayed or undelivered lab requests and prescriptions. And since there are medical devices that rely on computers to be operated, they can be inoperable all throughout the period the computer is held ‘hostage.’

With more medical facilities relying heavily on technology for its operation, it’s crucial to keep the computers malware-free. The following are some tips on how you can prevent these ransomware attacks:

  • Back up your data
    One of the best things companies can do to protect themselves from ransomware is to regularly do backups. Regularly backing up your files can give you a peace of mind even if a malicious attack happens. Since ransomware can also encrypt files on mapped drives, it’s important to have a backup regimen on external drives or backup services that are not assigned a drive letter. The one key element that is missing during the backup process is testing the backup to make sure that it is working. Do not miss the testing step.
  • Make file extensions visible
    In many cases, ransomware arrives as a file with a .PDF.EXE extension. By adjusting the settings to make these file extensions visible, you can easily spot these suspicious files. It also helps to filter email files with .EXE extension. Instead of exchanging executable files, you may opt for zip files instead.
  • Take advantage of a ransomware prevention kit
    The rise of ransomware and its threats have paved way for cybersecurity companies to come up with ransomware prevention kits. These kits protect the computer by disabling files that are run from the App Data, Local App Data folders, and executable files run from Temp directory.
  • Disable the RDP
    The RDP or Remote Desktop Protocol is a Windows utility that enables others to access your desktop remotely. If there is no practical use of RDP in your daily operations, then it’s best to disable it as it’s often used by ransomware to access targeted machines.
  • Update your software regularly
    Running outdated software makes your computer more vulnerable to ransomware attacks. So, make sure to regularly update your software.
  • Install a reliable anti-malware software and firewall
    This is applicable to malware in general. Having both the anti-malware software and firewall creates a double-wall protection against these malicious attacks. If some gets past the software, the firewall serves as the second level of protection from the malware.
  • When ransomware attack is suspected, disconnect immediately from the network
    While this isn’t a foolproof solution, disconnecting immediately from the network or unplugging from the WiFi as soon as ransomware file is suspected can reduce the damage caused by the malware. It may take some time to recover some files but doing this can sometimes cut back the damage.

Ransomware poses a serious threat not just to the security of hospital files but as well to the patients’ safety. Hence, companies, especially healthcare facilities, must not take this malware issue lightly.  Your biggest security risk exposure is internal so make the effort to educate your internal workforce as a priority as well.

If you’d like to receive future health care C-Level executive posts by David in your inbox, you can subscribe to future Health Care CXO Scene posts here.

Pros and Cons of Healthcare IT Outsourcing

Posted on December 4, 2015 I Written By

David Chou is the Vice President / Chief Information & Digital Officer for Children’s Mercy Kansas City. Children’s Mercy is the only free-standing children’s hospital between St. Louis and Denver and provide comprehensive care for patients from birth to 21. They are consistently ranked among the leading children’s hospitals in the nation and were the first hospital in Missouri or Kansas to earn the prestigious Magnet designation for excellence in patient care from the American Nurses Credentialing Center

Prior to Children’s Mercy David held the CIO position at University of Mississippi Medical Center, the state’s only academic health science center. David also served as senior director of IT operations at Cleveland Clinic Abu Dhabi and CIO at AHMC Healthcare in California. His work has been recognized by several publications, and he has been interviewed by a number of media outlets. David is also one of the most mentioned CIOs on social media, and is an active member of both CHIME and HIMSS. Subscribe to David’s latest CXO Scene posts here and follow me at Twitter
Facebook.

Recently Black Book issued a report stating that CFOs, CIOs both favor outsourcing for technology. Outsourcing is not new to healthcare information technology and it has been practiced for decades. However, with the healthcare scenery changing rapidly, outsourcing of IT has again gained prominence. Introducing technology to a healthcare organization can be an expensive undertaking and thus, outsourcing may be the way to go. One of the main reasons why outsourcing is attractive is because it helps put together resources quickly and reduces the time to market when implementing technology.

Besides cost, other reasons for outsourcing include increased flexibility, organization inability to further develop staff quickly and there may be a cash flow problem in keeping an employee long term. Building a trusted relationship with a vendor is key and someone must monitor their performance to hold the vendor accountable. One needs to weigh the pros and cons before proceeding to outsourcing because it is not without risks.

Outsourcing Tips:

  1. Lower cost is often the single most influential factor when deciding on offshore outsourcing. Some of the world’s largest organization use contract employees or foreign labor to perform the commodity work. This also reduces the need for full time employees.
  2. Outsourcing is ideal when you need a 24×7 workforce. Outsourcing is an easier method to augment your existing staff in order to manage the 24 hour operation we require in healthcare.
  3. With outsourcing, it is usually easier to transition and move temporary staff because they do not have permanent ties with your organization
  4. In certain countries, there are rules and regulations that govern privacy and intellectual property; when you outsource outside of geographical boundaries, you will need to pay closer attention to data export regulations.
  5. You must manage the internal staff culture and feelings about outsourcing. Most personnel will view outsourcing as a threat to their job, so leaders must be transparent when they are outsourcing projects or tasks.
  6. The outsource contract must be clear and concise as to the roles and responsibilities of each party. The arrangement will fail quickly if both parties are not clear on this.

I believe that successful departments and organization can utilize outsourcing as a competitive advantage if it is managed appropriately, but there has to be a dedicated resource managing the vendor relationship. I have managed both an outsourced IT department along with insourced staff. The key is to have transparent leadership which treats every employee (outsource, and insource) the same. Clear communication is definitely required from the leader.

If you’d like to receive future health care C-Level executive posts by David in your inbox, you can subscribe to future Health Care CXO Scene posts here.

Can Silo-ed Leadership Work Together Effectively?

Posted on November 30, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

All week I’ve been chewing on David Chou’s recent article about running health care IT as a business. David makes a pretty solid case for why hospital CIOs should become essentially the CEO of the hospital IT business. There’s a lot of value in a leader taking that type of responsibility and forward thinking approach to their organization. However, it can also lead to some interesting challenges.

This concept has been extended as I’ve attended the RSNA (radiology) conference in Chicago. Many of the same messages are being shared with radiologists about leading their organization and about being proactively involved with the patient. You could say that radiologists are being encouraged to run their departments as if they’re CEO of the radiology department.

While this seems like sound advice it should also come with a partial caution. If you’re not careful this can lead to a lot of conflict between various fiefdoms. Everyone feels like they’re the “CEO” and so that ownership and leadership can make it hard for them to work with others. It takes a really powerful leader to bring together department heads who see themselves as CEOs.

A great example of the consequences of this silo-ed leadership is illustrated by what we call shadow IT. For those not familiar with shadow IT, it’s IT purchases and implementations that happen outside of IT. It essentially operates in “the shadows” as opposed to out in the open. This is often purchased with department budget and is usually some sort of hosted application and so departments are able to implement their IT project without the involvement of the main IT organization.

A department head that felt like CEO of their department would have little to no issue with a shadow IT purchase. They rationalize that they can’t wait for IT because if they wait for IT it will never get done. In fact, going around IT seems like the right option since it gets them access to a tool or technology that they need to provide better patient care. That’s what you should want your leaders to do no? Provide the best patient care possible.

Unfortunately, shadow IT has lots of challenges. For example, did they think about the long term cost of supporting the shadow IT system? Did they ensure that the shadow IT system met all the HIPAA security requirements? Did they vet the vendor to ensure that they would be a good long term choice? etc etc etc.

It’s a real challenge for these internal “CEOs” to balance the needs of their department against the needs of the organization as a whole. Many times they’ll get it wrong and it will be lock the gears of an engine or clock that aren’t aligned quite right. It can grind things to a halt. However, with the right leader in place, all of the gears can be leaders within their own departments while still working together nicely with all the other leaders around you.

Isn’t that the real challenge of leadership? Get everyone on board with the same vision, but leave them enough flexibility that they can surprise you with their results.

Thoughts On The Quality Systems Transaction – What Does It Mean for Ambulatory EMR?

Posted on November 9, 2015 I Written By

David Chou is the Vice President / Chief Information & Digital Officer for Children’s Mercy Kansas City. Children’s Mercy is the only free-standing children’s hospital between St. Louis and Denver and provide comprehensive care for patients from birth to 21. They are consistently ranked among the leading children’s hospitals in the nation and were the first hospital in Missouri or Kansas to earn the prestigious Magnet designation for excellence in patient care from the American Nurses Credentialing Center

Prior to Children’s Mercy David held the CIO position at University of Mississippi Medical Center, the state’s only academic health science center. David also served as senior director of IT operations at Cleveland Clinic Abu Dhabi and CIO at AHMC Healthcare in California. His work has been recognized by several publications, and he has been interviewed by a number of media outlets. David is also one of the most mentioned CIOs on social media, and is an active member of both CHIME and HIMSS. Subscribe to David’s latest CXO Scene posts here and follow me at Twitter
Facebook.

The top news last week was from Quality Systems Inc., which owns physician software vendor NextGen Healthcare Information Systems. The news was that NextGen will acquire HealthFusion Holdings, another ambulatory vendor, for $165 million (NextGen also sold their hospital division to QuadraMed the week before). As healthcare systems are consolidating, we are also seeing the consolidation happen on the vendor side and the payer side. The shrinking healthcare profit margin has an effect on the entire industry.

What is next for the ambulatory space?

  1. Physician Groups Joining Health Systems

As we move towards creating a clinical integrated network, the number of physician groups and independent physicians will also decrease where the majority will join an ACO or become an employee for the health systems. The decrease in medical groups and the consolidation of the medical groups will have a huge impact on the ambulatory EMR space. The industry will see a shift in the ambulatory EMR systems transition to the same EMR system that is used by the health systems, so I see a big pickup for the Cerner and Epic in the ambulatory world.

  1. Enterprise EMR

The enterprise EMR will have bigger demands from their clients to focus on the ambulatory side. Health systems are utilizing their technology investments as part of the outreach and growth strategy so it is vital that the clinics and medical groups have a system that fits their workflow. Many industry leading healthcare organizations are becoming a software EMR vendor by providing their ambulatory system to smaller hospitals, rural clinics, and physician groups that cannot afford the technology investment of an enterprise system.

This will be a very interesting space to watch in the next year. We’ll see which players will survive and see what their strategies will be moving forward. I have been providing advisory services for many health systems in regards to their strategy for maximizing their technology investment and making it a revenue-generating tool. So I will be keeping a close eye on this space and sharing insights with you on CXO Scene going forward.

If you’d like to receive future health care C-Level executive posts by David in your inbox, you can subscribe to future Health Care CXO Scene posts here.