Dedicated to providing the latest
HIPAA compliance news

Healthcare Technology Trends to Keep Track of in 2014

Share this article on:

Over the past year there has been a host of new technologies introduced and the progress made in Healthcare IT systems continues at an extraordinary pace. It is therefore difficult to single out the technologies which promise to have the greatest impact on healthcare over the coming year, although there are a number of key areas which are likely to see substantial advances during 2014 and promise to have a major impact on healthcare providers and patients alike.

A Strong Focus on Data Security

One of the major problems faced by healthcare organizations today is the need to develop computer systems to manage Electronic Health Records (EHRs). Electronic devices make record keeping easier and less labor intensive; however, keeping EHRs secure and restricting access to PHI does present a serious challenge. Patient data can be entered into EMRs from hand held devices, laptops and PCs and that data can be quickly and easily accessed, although these devices pose a major security risk.

The healthcare industry has been hit by a number major data breaches over the past 12 months and it is clear that there is still some way to go to ensure that patient data is properly protected. Healthcare organizations will need to make even greater efforts to secure patient data as the risks increase in 2014.

Experian reported that 46% of all data breaches it was involved in during 2013 affected the healthcare industry and 2014 is likely to see that trend continue. Targeted hacks are on the increase and the wide variety of portable devices are being used to access and store PHI require additional safeguards to be put in place to keep data secure.

The challenge for Healthcare IT professionals is to implement new technical safeguards to keep digital PHI secure as well as develop the appropriate risk mitigation strategies. The coming months are likely to see healthcare organizations start to invest in new methods to safeguard data, data encryption services for example, to prevent security breaches from exposing patient records.

The Office for Civil Rights will be conducting compliance audits in 2014 and Attorney Generals are likely to start introducing financial penalties for non-compliance. With increased enforcement and severe financial penalties for non-compliance, IT Security is more important for healthcare providers than ever before.

Hackers will Continue to Steal Medical Information

The potential prize for a successful hack is access to the health data of millions of patients, which can be used to commit Medicare and Medicaid fraud, make false insurance claims and commit Identity theft. The value of Social security numbers and medical data is far in excess of credit card numbers, law enforcement has greater problems tracking the theft and in many cases, instances of fraud go undetected for a considerable period of time.

Hacking attempts are becoming much more sophisticated in mature and highly coordinated attacks are planned by individuals across continents and all major healthcare providers can expect to be targeted. It is no longer a case of if a healthcare organization will be targeted by hackers, it is now a question of when it will occur.

Secure Text Messaging Systems to be Commonplace

Encrypting data at rest is vital to prevent unauthorized access; however it is also essential to encrypt data in transit. Mobile devices are being increasingly used by healthcare professionals in a clinical setting and the appropriate controls need to be put in place to protect the data they transmit.

Mobile devices allow fast communication, are convenient, most healthcare professionals own or use a device already, and the medium has been shown to improve efficiency and standards of patient care. However, SMS messages are insecure and any PHI sent via mobile networks can be all too easily intercepted. SMS messages are also stored on the recipient’s and sender’s devices and information remains on the servers of network carriers for some time after a message is sent. The devices therefore pose a significant risk of exposing patient health data.

The increase in use of this non-HIPAA compliant communication channel is likely to result in healthcare providers being issued with fines for non-compliance and the use of mobile phones in healthcare is expected to come under increasing scrutiny over the coming year.

The next 12 months are unlikely to see legislative changes introduced to specifically control the use of text messages in healthcare, but as the use of SMS is likely to grow, we can expect to see more healthcare organizations implement secure messaging systems in order to stay compliant with HIPAA. A healthcare messaging app on physicians’ Smartphones, tablets and laptops is likely to be commonplace in a year.

Pagers Continue to be Phased Out

The death of the pager is not expected in 2014; although it is the beginning of the end for this hospital stalwart with the rise in the use of modern mobile devices. Smartphones, tablets and other mobile devices offer too many benefits for the technology to be ignored by the healthcare industry for much longer.

While pagers are robust and low cost, the same cannot be said for modern devices and the cost of supplying these to staff is prohibitively expensive; not only in terms of the cost of the device itself, but also maintenance, support and device replacement.

Pagers are not HIPAA compliant and while messages sent including phone numbers would not breach privacy and security regulations; if any PHI is included it would be a violation. Pagers will continue to be phased out in healthcare in favor of newer mobile devices now that HIPAA-compliant text messaging services are available.

Growth of BOYD Schemes

Since the vast majority of healthcare professionals already own such a device, Bring Your Own Device schemes are the logical step forward. Over the course of the coming year healthcare providers are likely to have no alternative but to implement policies and procedures to cover the use of these devices in the workplace and develop their own BOYD schemes.

A BOYD scheme is likely to lead to happier staff, although it is essential that the devices are properly managed as the use of mobile devices carries a considerable risk of accidental disclosure of patient health data. IT departments are likely to find BOYD schemes a challenge, as multi-device support needs to be provided but this is becoming easier to implement but they are likely to be faced with little alternative.

HIPAA Enforcement to Increase with Heavy Fines for Non-Compliance

The release of the Omnibus Final Rule last year warranted a round of compliance audits by the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). The pilot audits were conducted on 115 organizations and highlighted numerous problems organizations were having with HIPAA-compliance.

This year will see the OCR conduct Phase 2 of its audit program, and in contrast to previous audits which were only conducted on covered-entities, the next round will also include Business Associates. The audits are expected to focus on the Privacy Rule, Security Rule and Breach Notification Rules.

In light of recent high-provide breaches which have affected millions of Americans, the OCR is expected to take a tough stance on organizations that fail to implement the appropriate controls to protect patient data and to be affected by security breaches, with heavy fines expected to be issued for non-compliance issues, even when they do not resulted in a security breach.

The Introduction of HITECH has allowed Attorney General’s Offices to also take legal action against organizations that breach HIPAA Privacy and Security Rules, and while very few have taken action to date, this is expected to change in 2014. Class action attorneys are also eager to sign up victims of breaches and sue for damages and the volume of lawsuits is expected to increase substantially this year.

Big Data to Continue to be a Key Issue

The move from paper to electronic health records has created a wealth of electronic data, and as more healthcare organizations take advantage of the falling cost of EHR systems, that volume of data will naturally grow. Physicians are now able to take tablets into consultations and enter patient data directly into EHR systems, while apps are being developed for to record health data.

Provided that this data can be effectively integrated, it holds a wealth of information that can be used to develop better services, identify problem areas, improve treatment outcomes and reduce operational costs. If used as a knowledgebase it can also help physicians provide more accurate prognoses. The benefits to be had from a comprehensive database of healthcare data is not something healthcare providers should ignore, and 2014 is likely to see major steps forward in the use of big data.

While there are benefits, data security remains a key issue and the appropriate safeguards , policies and procedures need to be implemented to ensure Protected Health Data is only accessible by authorized personnel. The data is not only valuable for healthcare professionals; criminals too want access for the purposes of medical and identity fraud.

Growth in Telehealth and Telemedicine

Soaring costs of medical care and increased pressure on hospitals to cut costs continue to plague the industry. New methods of improving the level of patient care must be found while at the same time operational costs must be cut. One area that has shown considerable promise in recent months is the provision of Telehealth services; which have already been demonstrated to be cost effective and scalable, as well as popular with patients.

Physicians may not feel the same way. There there have been numerous problems with reimbursement for time spent in teleconferences and providing remote care, but as the cost advantages are realized by healthcare providers these issues are likely to be addressed.

In the UK, the Department of Health has reported huge benefits from Telehealth services which have been shown in a recent study to decrease Emergency room visits by 15% and reduce elective admissions by 14%, while the number of bed days has similarly been reduced by 14%. In the U.S., 19 states have a Telehealth policy and 9 others are in the process of developing laws covering Telemedicine according to the American Telemedicine organization. Major growth in the area is expected in 2014.

Wearable Devices and Smart Sensors

Miniaturization of technology and the development of innovative Smart sensors has enabled wearable tech to be developed that has the potential to revolutionize healthcare, health insurance and dramatically improve patient health.

Devices which monitor heart rate, blood pressure and other vital signs allow individuals to sport warning signs early enough to take action and reduce the risk of injury. One of the main problems with this tech is getting patients to wear the devices, although a recent survey conducted by the Consumer Electronics Association suggests this may no longer be a major issue. Popularity of the devices has grown by 10% over the past year, with 13% of the population now interested in making a purchase, while a further 9% already own wearable devices.

While invaluable in preventative healthcare, the use of the devices for monitoring chronic health conditions is expected to grow, and the use of GPS trackers, accelerometers, pedometers and geolocators all have potential to greatly improve patient care, for the elderly and Alzheimer’s patients in particular. The devices can be used to alert medical services to falls, track individuals and send automatic alerts to emergency services.

If health insurers are given access to the data recorded by the devices – or if they provide them to their policy holders – the information gained can be used to reduce costs, which in turn could mean lower premiums for customers.

Devices such as Google Glass also have great potential in healthcare. In operating rooms surgeons will be able to view patient vital signs quickly while performing operations, recorded data can be invaluable in training and real time viewing can be invaluable for surgical consultations. Provided privacy and security issues can be resolved, the technology could greatly improve patient care.

Explosion in Mobile Health Apps

There are currently more than 40,000 health-focused mobile apps available for download from the Apple Store, although one major issue for consumers is finding the most appropriate apps. There have been a number of advances in this area, and ratings systems are being developed to allow users and healthcare professionals to identify the most appropriate apps to prescribe for patients.

Mobile health apps are an important part of preventative healthcare, allowing patients to make healthy living choices more easily and keep track of their general health. The FDA may need to step in to regulate apps, in particular any which are used as an accessory to a regulated medical device or potentially pose a health risk to patients. It is expected to exercise enforcement discretions although premarket review applications are not expected to be required before the apps are submitted for FDA approval.

Many developers are also now coming up with effective methods of monetization of mHealth apps and if they can be effectively commercialized, the volume of health apps is likely to explode over the course of the next 12 months.

Cloud based EHRs

There has been much skepticism about the use of Cloud technology in healthcare due to privacy and security concerns that the cloud poses; however an increasing number of healthcare organizations are now migrating their EHR systems and databases to the cloud as security measures have improved.

The cost of maintaining ever increasing volumes of electronic data requires increased space to be dedicated to servers, temperature control systems to be employed and places an increasing burden on IT departments. Cloud computing places much lower financial demands on organizations, requiring relatively little investment in hardware and can be completely outsourced, freeing up IT departments and allowing them to concentrate on other vital areas.

2014 is expected to see even more healthcare providers make the switch to cloud-based storage solutions and for EHR vendors to start offering HIPAA-compliant cloud-based storage solutions and app development platforms.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On