Healthcare IT: Will 2015 Be the Year of Data Breaches?

Healthcare IT: Is Your Data Safe?

A month into 2015 and it’s already become apparent that it’s going to be a big year for healthcare IT. In the aftermath of the Ebola Outbreak — which made several touchdowns on U.S. soil— there has been an intense focus on how electronic medical records can prevent similar events from happening in the future.

EMRs have consistently been tapped as hospitals work to avoid sentinel events (sometimes called “never-events” as in, they should never happen) and the prevention of an outbreak certainly qualifies as such.

Designing EMRs

When it comes to designing EMRs, however, one major change that we’ll see this year is vendors and software companies heading back to the drawing board to design patient-friendly modules. Since patients are more aware of their health information than ever before, electronic health records are no longer for a doctor’s eyes only. When you take health literacy into account, the challenge of designing tools that are patient friendly are obvious: only 12% of Americans have proficient health literacy skills. That leaves the vast majority of patients ill-equipped to interpret the information about their health and very lives that they now have access to.

Patients aren’t just getting this information from their hospital charts either: mobile tech, specially wearable health tech, is also rising in prominence. Weather it be something like a Fitbit or an iPhone app, patients have more power over their health data than ever before, and doctors can monitor patients for adherence to the agreed upon treatment protocols. The task for physicians and patients together will be how can they use this wealth of information from healthcare IT?

The Big Picture

On a much larger scale, the implications of such technological initiative will have far-reaching influence on population health. Being able to get a bird’s eye view of a particular city or state’s health could make connections between geographic, lifestyle and health that have the potential to change medicine. From a sociological standpoint, mining hard data about the overall health of a city (by using metrics like “walkability” and air quality) might help us solve some of the more complicated health issues of the day.

We know that certain parts of the country are more likely to be obese, that certain cities would be problematic for asthmatics, and even what states are the happiest. Casting a wider net, it would be interesting to see what information could be gleaned if science has even more data points to work with.

In the same way we’re changing how we get the data, our process of analyzing and using it will be changing too. While healthcare IT systems will need to remain accountable to state and federal governments in terms of data reporting (both to receive financial incentives and avoid penalties) they will also need to consider how they can present the data in a health literate way to the communities they serve. Generally speaking, the reports that go out to the government would be a nightmare of numbers and graphs for anyone who wasn’t working in the spreadsheets. So how do we take that information and translate it into patient friendly terms? How do we make it actionable?

No doubt another aspect of the healthcare IT game that will need to change will be how we present such data, and the ways in which we keep records over time. Many healthcare systems are making good use of social media, and things like Youtube videos or Infographics (healthcare.gov has even hopped on this bandwagon to help people understand the enrollment process for Obamacare) to help create a picture — literal and figurative—of what all this data means. The truth is, everyone can benefit from clear, concise and actionable health information — whether or not you have a PhD.

Data Breaches

You can’t talk about all this data without talking about data breaches. Perhaps the biggest task of all for healthcare organizations and patients will be keeping this data safe and out of the hands of hackers who aim to steal patient identities. It’s projected that by the end of next year, 50% of healthcare organizations will have experienced at least 1 and as many as 5 cyber attacks.

With at least one of those attacks resulting in a successful security breach. In a world where “ethical hackers” are often tapped for helping the federal government keep information private and out of the hands of terrorist organizations, will healthcare IT find its own crew of “good bad guys” who can find weaknesses in computer security and patch them before breaches happen?

A patient’s health record often contains not just personal identifiers like social security numbers and addresses, but can also provide crucial financial information. Keeping these charts out of the hands of those who are looking to steal identities is crucial — but perhaps will be more challenging than ever since the requisite sharing of information not just between doctors, but patients too, creates vulnerabilities that we haven’t seen before.

As healthcare organizations strive to keep costs down all while providing high quality care, they’ll have to embrace everything from EMRs to wearable tech to the unavoidable ICD-10 transition later this year. The good news is, it’s only January, so there’s still plenty of time for organizations and individuals to get organized.