Health IT

 VI. Key Issues: Financing and Delivery >> A. Health Spending >> Health Cost Containment  >> Improve Administration >> Health IT (last updated 4.30.16)

Lead Editor: Dana Beezley-Smith, Ph.D.


The adoption of various forms of health information technology (HIT) may have disparate impacts, including improvements in access/continuity of care, quality, patient satisfaction or privacy of medical information.  However, a principal motivation for pursuing HIT is the expectation that it will lead to system efficiencies that result in net savings in the short run or long run. Because most HIT innovations have multiple effects, this section examines the benefits and costs of a full range of HIT innovations for which there is real-world evidence even if their purpose or impact might be quality improvement at the expense of cost containment.
Discussion of health reform policy proposals related to HIT (i.e., policy options under discussion and not yet adopted or implemented) is contained at Health IT under Health Reform, Components of Reform, Cost Containment.


Health Information Technology for Economic and Clinical Health (HITECH) Act 


Health Information Exchange (HIE)


Electronic Health Records (EHRs)

Meaningful Use Program 

CMS (Update, 10.6.15): The American Recovery and Reinvestment Act of 2009 (ARRA) (Pub.L. 111–5) was enacted on February 17, 2009. Title IV of Division B of ARRA amends Titles XVIII and XIX of the Social Security Act (the Act) by establishing incentive payments to eligible professionals (EPs), eligible hospitals, critical access hospitals (CAHs), and Medicare Advantage Organizations to promote the adoption and meaningful use of interoperable health information technology (HIT) and qualified electronic health records (EHRs). These incentive payments are part of a broader effort under the HITECH Act to accelerate the adoption of HIT and utilization of qualified EHRs.
Meaningful Use (MU) is a Center for Medicare & Medicaid Services program that pays an incentive for “meaningful use” of an electronic health record (EHR). It is a separate program from PQRS (Physician Quality Reporting System). Those eligible for the Meaningful Use include doctors of medicine or osteopathy, dental surgery or dental medicine, podiatry, optometry, and chiropractic. Meaningful use is defined as use of certified electronic health record (EHR) technology to: Improve quality, safety, efficiency, and reduce health disparities; Engage patients and family; Improve care coordination, and population and public health; Maintain privacy and security of patient health information.

Stages of Meaningful Use

2011-2012 Stage 1: Data capture and sharing

2014 Stage 2: Advance clinical processes

2016 Stage 3: Improved outcomes

Stage 1 EHR Meaningful Use Requirements

  • Use of a certified EHR in a meaningful manner (e.g. e-prescribing)
  • Use of a certified EHR for electronic exchange of health information to improve the quality of health care
  • Use of certified EHR technology to submit clinical quality measures (CQM).

Qualifying for Stage 1 Meaningful Use of an electronic health record (EHR) means that:

  • The EHR meets all 20 objectives for meaningful use.
  • Six clinical quality measures are reported.
  • The EHR has been in use for at least 90 days during the first year and 12 months for all subsequent years.
  • Three core measures plus three additional measures must be reported. If the provider does not qualify for the three core measures, three alternate core measures must be reported. List of core and alternate measures.

Stage 1 EHR Meaningful Use Specification Sheets 

The Centers for Medicare & Medicaid Services (CMS), which administers the Medicare and Medicaid EHR Incentive Programs, provides these sheets to help professionals and hospitals understand the requirements of each objective and demonstrate meaningful use successfully.

Stage 2 EHR Meaningful Use 

On September 4 2012, CMS published a final rule that specifies the Stage 2 criteria that eligible professionals (EPs), eligible hospitals, and critical access hospitals (CAHs) must meet in order to continue to participate in the Medicare and Medicaid Electronic Health Record (EHR) Incentive Programs. All providers must achieve meaningful use under the Stage 1 criteria for two years before moving to Stage 2.

To help providers better understand Stage 2 Meaningful Use requirements, CMS developed Stage 2 Meaningful Use Specification Sheets for EPs and Eligible Hospitals that provide detailed information on each Stage 2 objective.

  • Meaningful Use Round Two: New Rules of Engagement. (EHR Decisions, 10.15.12) “The rules for both Meaningful Use and the new Standards and Certification Criteria went into effect October 4, after the requisite 30 days since first posting in the Federal Register have passed. for patients while attempting to play by the rules. Here are a few key points to guide successful attestations, using appropriately certified EHR technologies.”

Stage 3 EHR Meaningful Use

For Stage 3 of the EHR Incentive Programs in 2017 and subsequent years, major provisions include:

  • 8 objectives for eligible professionals, eligible hospitals, and CAHs:  In Stage 3, more than 60 percent of the proposed measures require interoperability, up from 33 percent in Stage 2.
  • Public health reporting with flexible options for measure selection.
  • CQM reporting aligned with the CMS quality reporting programs.
  • Finalize the use of application program interfaces (APIs) that enable the development of new functionalities to build bridges across systems and provide increased data access. This will help patients have unprecedented access to their own health records, empowering individuals to make key health decisions.

All providers will be required to comply with Stage 3 requirements beginning in 2018 using EHR technology certified to the 2015 Edition. The Stage 3 requirements are optional in 2017. Providers who choose to begin Stage 3 in 2017 will have a 90-day reporting period. Objectives and measures for Stage 3 include increased thresholds, advanced use of health information exchange functionality, and an overall focus on continuous quality improvement.
CMS restructured the objectives and measures of the EHR Incentive Programs in 2015 through 2017 to align with Stage 3, and modified “patient action” measures in Stage 2 objectives. 
CMS announced on 10.6.15 a 60-day public comment period to facilitate additional feedback about Stage 3 of the EHR Incentive Programs going forward, in particular with the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), which established the Merit-based Incentive Payment System (MIPS) and consolidates certain aspects of a number of quality measurement and federal incentive programs into one more efficient framework. (Center for Medicare and Medicaid Services, 10.6.15)

Stage 3 Meaningful Use Resources

Meaningful Use Replacement

  • CMS Promises Meaningful Use Replacement This Year. “Slavitt said CMS was in the process of making the much-reviled program more physician-friendly, with EHR technology built around ‘individual practice needs, not the needs of the government.’ ‘We have to get the hearts and minds of the physicians back,’ he said. ‘I think we lost them.’ Slavitt’s statements don’t mean that the incentive program is screeching to a halt this year, relieving physicians of reporting obligations and financial penalties. However, they could portend major changes in meaningful use as early as next year, according to medical society leaders interviewed by Medscape Medical News. The changes come in conjunction with a massive overhaul of how Medicare pays physicians. Slavitt said at the San Francisco healthcare conference that on the basis of consultations with the American Medical Association (AMA) and other physician groups, CMS was drafting meaningful use reforms that it would disclose over the next several months. The focus, he said, would move from rewarding physicians for using EHRs to rewarding them for patient outcomes. And EHR technology would be user-centered and interoperable — no more programs that can’t swap data.” (Medscape Medical News, 1.14.16)
  • CMS Reveals Successor for Meaningful Use Program. “As part of the proposed rule on the implementation of the Medicare Access and CHIP Reauthorization Act (MACRA), the meaningful use electronic health records (EHR) incentive program will be folded into the Merit-Based Incentive Payment System (MIPS), effective January 1, 2017, Andy Slavitt, acting administrator of the Centers for Medicare & Medicaid Services (CMS), announced at a news conference today… The three priorities for this program are improved interoperability to facilitate health information exchange, increased flexibility, and “user-friendly” technology, according to a blog post by Slavitt and Karen DeSalvo, MD, national coordinator for health information technology (IT) and assistant secretary of health.” (Medscape Medical News, 4.27.16)
  • See Federal Health IT Mandates under Health IT, EHR News and Analysis for more information on the Meaningful Use program.


EHR News and Analysis



Legal and Professional Issues

  • Online Psychotherapy Gains Fans And Raises Privacy Concerns. “Some studies suggest that therapy online can be as effective as it is face to face. ‘We have a lot of promising data suggesting that technology can be a very good means of providing treatment,’ says Lynn Bufka, a clinical psychologist who helps develop health care policy for the American Psychological Association…Family therapists, mental health counselors and clinical social workers are licensed to practice by individual state boards. But it’s unclear whether a practitioner who lives in one state can or should treat someone who lives elsewhere.’ We’d like to see a little more mobility and flexibility with that, because certainly for licensed psychologists the standards are pretty similar across state lines,’ Bufka says. Perhaps, she adds, therapists could get a special certification that would allow them to practice in multiple states or countries.” (National Public Radio, 6.30.14)
  • FSMB Compact Could Ease MultiState Licensing. “The Federation of State Medical Boards (FSMB) has unveiled a draft interstate compact for physician licensure that, it said, should make it easier to practice telemedicine across the country. The compact, which the FSMB expects to finalize in the next month or two, offers a ‘streamlined alternative pathway’ for physicians who want to practice in multiple states, according to a federation news release. Under current state medical board policies, physicians must be licensed in the state where a patient is located to diagnose or treat that patient, a stance that the FSMB recently reaffirmed in its model policy for telemedicine. As a result, physicians who consult remotely with patients in other states must be licensed in those states. That can create barriers to telehealth consultations, especially for on-call physicians who are not licensed in every state where patients may contact them online. The FSMB’s interstate compact would allow physicians to apply once and receive licensure in all states that are party to the compact.” (Medscape Medical News, 8.5.14)
  • Current Law Restricts Millions of Americans’ Access to Telehealth Services. “Several of the nation’s largest pharmacies and health-care companies are urging lawmakers to expand the types of telehealth services that can be covered by government insurance programs, arguing that an outdated federal law is limiting the number of Americans who can access telemedicine. Under current law, only telemedicine services offered through rural hospitals and clinics are covered by Medicare, according to a section of the Social Security Act that regulates how Medicare reimburses for telemedicine.” (Washington Post, 10.19.14)
  • Teladoc Files Antitrust Suit Against Medical Board. “In just over a month, a new state rule is set to kick in that could undercut the business model of Dallas-based Teladoc, a rapidly growing telemedicine company that connects patients and doctors over the telephone and internet. With the clock ticking, the company is brandishing every weapon in its arsenal, deploying teams of lobbyists and lawyers to fight a Texas Medical Board rule change that it says is more about stifling competition than protecting patient health. The board’s rule, set to start June 3, would prevent doctors from treating people over the phone — making a diagnosis or prescribing medicine — unless another medical professional was physically present to examine the patient.” (Texas Tribune, 4.30.15)
  • Telepsychology: Compliance Alert from State Psychology Board. (Ohio Psychological Association 7.22.15) “Psychologists and other mental health professionals are being actively and increasingly recruited by national companies to provide online services. The Board’s Telepsychology Rules include specific requirements and direction regarding the practice of Telepsychology within the state of Ohio. However, when online services involve residents outside of Ohio, numerous challenges and considerations become apparent. Deliberation, competence, and caution are necessary.”


  • Former Senators Join Forces to Advance Telemedicine. “In their post-Senate careers, the three former lawmakers have relocated to K Street, home to lobbyists, and are working on behalf of the Alliance for Connected Care, a nonprofit collection of health care providers, insurers, pharmacies, technology firms and telecommunications companies, to pursue legislative and regulatory changes to let more Americans essentially get much of their health care remotely…All three former lawmakers said they became interested in the potential of digital technology to deliver health care when they were representing states with pockets of poverty, where access to health care can be difficult for geographic and economic reasons.” (New York Times, 5.20.14)
  • Pediatric eHealth Interventions: Common Challenges During Development, Implementation, and Dissemination. “The challenges associated with eHealth interventions and their proposed solutions are multifaceted and cut across a number of areas from eHealth program development through dissemination. Collaboration with a range of individuals (e.g., multidisciplinary colleagues, commercial entities, primary stakeholders) is the key to eHealth intervention success. To ensure adequate resources for design, development, and planning for sustainability, a number of public and private sources of funding are available. A study design that addresses ethical concerns and security issues is critical to ensure scientific integrity and intervention dissemination. Table I summarizes key issues to consider during eHealth intervention development, testing, and dissemination.” (Journal of Pediatric Psychology. 2014;39(6):612-62)
  • The Cleveland Clinic: Coming to a Kiosk Near You? Health System to Offer New Telehealth Options. “The Cleveland Clinic has signed a letter of intent to partner with HealthSpot, a provider of telehealth services based in Ohio, to provide care to patients via walk-in kiosks located in non-traditional health care settings, like workplaces, universities, and retail stories. The kiosks are private, eight-by-five foot spaces outfitted with medical devices, videoconferencing capabilities, and medical devices. They allow Cleveland Clinic providers to see patients through the kiosks, and each kiosk is staffed by a medical assistant.The clinic will integrate patient data from the kiosks into its electronic health record system.” (The Advisory Board Company, 5.22.14)
  • Physicians Warm to Digital Communications With Patients. “Forty percent of physicians say they believe the use of digital technologies to communicate with patients can improve outcomes, and the same percentage say they have increased their use of digital tools in patient care during the past year, according to a recent Manhattan Research survey. These digital technologies include everything from the use of patient portals and emailing and texting with patients to the prescribing of mobile health apps for self-tracking and remote patient monitoring, Monique Levy, vice president of research at Manhattan Research, told Medscape Medical News.“ Medscape Medical News, 6.12.14
  • Telecare Collaborative Management of Chronic Pain in Primary Care: A Randomized Clinical Trial. “The Stepped Care to Optimize Pain Care Effectiveness (SCOPE) study was a randomized trial comparing a telephone-delivered collaborative care management intervention vs usual care in 250 patients with chronic (≥3 months) musculoskeletal pain of at least moderate intensity (Brief Pain Inventory [BPI] score ≥5). Patients were enrolled from 5 primary care clinics in a single Veterans Affairs medical center from June 2010 through May 2012, with 12-month follow-up completed by June 2013…Telecare collaborative management increased the proportion of primary care patients with improved chronic musculoskeletal pain. This was accomplished by optimizing nonopioid analgesic medications using a stepped care algorithm and monitoring.” JAMA. 2014;312(3):240-248
  • New Push for TeleHealth in ACOs. “NAACOS has co-signed a letter to HHS urging CMS to grant a waiver to permit all ACOs to use and bill for TeleHealth services. HHS clearly has the authority but so far has been unwilling to exercise it.” (National Association of ACOs, 6.6.14)
  • Telehealth Services Comments Letter: NAACOS has signed on to an Alliance for Connected Care letter to the House Energy and Commerce Chairman and the Energy and Commerce Subcommittee on Health Chairman addressing improvements to the availability and use of telehealth services. (National Association of ACOs, 6.16.14)
  • Medicare Increases Telehealth Coverage…a Bit. “The Centers for Medicare & Medicaid Services (CMS) proposes to increase incrementally the telehealth services that Medicare will cover, including wellness visits and some behavioral health services. However, CMS continues to restrict telehealth coverage to rural areas and offers a very circumscribed definition of the telehealth technology that can serve as the basis for coverage…Years ago, Dr. Bashshur recalled, CMS refused to cover telehealth at all, and it is still taking a very restrictive approach because it is afraid of the potential for overuse. On the basis of his own research, Dr. Bashshur has estimated that CMS paid only $12 million for telehealth last year.” (Medscape Medical News, 7.16.14)
  • Does Telehealth Diminish Physician-Patient Relationships? “Nonvisit care of patients is becoming a necessity in primary care, noted Dr. Scherger, who practices part-time and was a pioneer of secure email consultations. Moreover, he pointed out, the Internet has created new ways to deliver chronic and preventive care and treat minor acute problems, and those modes will be used. ‘You’ve got this new platform of communication and care that is going to be delivered, whether it’s by a continuity provider or by somebody else.’” (Medscape Medical News, 7.25.14)
  • Virtual Visits Benefit Physicians as Well as Patients. “Virtual patient visits — via videoconferencing on a personal computer, laptop, tablet, or smartphone — as well as remote visits via old-fashioned telephone, secure email, and even texting, are controversial to many physicians, who may regard a hands-on office visit as being the sine qua non of good patient care. That’s changing fast. In August, a Deloitte report predicted that the number of telehealth visits in the United States and Canada could soar to 75 million in 2014, representing 25% of the addressable market. The study noted that of the 600 million annual visits to primary care practices in North America, approximately half were for problems that could be solved by remote rather than in-office visits. To meet exploding patient demand, especially for videoconferencing, virtual physician networks are springing up across the country. They are being sponsored by insurers, health plans, employers, hospitals, and physician groups, often funded by millions of dollars in venture capital, and there appears to be no shortage of physicians who seek to join them. Here’s why.” (Medscape Business of Medicine, 9.25.14)
  • What Will You Do With All That Telemedicine Data? “(T)he growing prevalence of monitoring devices is starting to make many doctors nervous as they contemplate how they will deal with all the data they may receive. And if you work in an environment where reimbursement will increasingly be based on outcomes—a hospital, a practice owned by a hospital system, an accountable care organization (ACO), or a patient-centered medical home (PCMH)—this dilemma may affect you sooner than you may think…Many physicians fear that once remote patient monitoring becomes the standard of care, they will be deluged with patient data that they will then need to evaluate and, in some cases, act on in a timely fashion, when there already aren’t enough hours in the day.” (Medscape Business of Medicine, 12.18.14)
  • ACP Supports Expanding Telemedicine in Primary Care. “Telemedicine can broaden access to care, improve outcomes, and reduce care costs, but risks and benefits must be carefully evaluated for both patients and physicians, say authors of a new position paper from the American College of Physicians (ACP). The paper, published online September 8 in the Annals of Internal Medicine, offers more than a dozen recommendations — and the rationale behind them — for successful telemedicine, which the ACP says should be held to the same standards of practice as in-person medicine.” (Medscape Medical News, 9.8.15)
  • Patients Consent to Physicians Crowdsourcing for Diagnosis. “The increasing number of apps and online services that allow physicians to use crowdsourcing to make a diagnosis highlights the need for a debate on how to allow for patient privacy and consent, according to results from a new survey. When asked whether they would give permission to have their picture posted online, about 80% of respondents agreed to posting to improve their own medical care, about 80% agreed to posting to educate other doctors, and about 80% agreed to posting to advance scientific knowledge.” (Medscape Medical News, 5.1.15)

TeleMental Health

  • Coalition for Technology in Behavioral Science Formed (Summer, 2014). CTiBS is an inter-disciplinary group dedicated to fostering the legal and ethical use of evidence-based technology in behavioral health care and is open to members of all disciplines who share an interest in technology in improving the human experience. “Please review the many areas of technological research, development and consultation that we support; review our mission; avail yourself of our extensive and searchable bibliography; and read about the latest writings about the intersection of technology and behavioral health in our blog.”
  • Telepsychologist Competencies for Psychologists Practicing in Ohio. Webinar provides an overview of competencies and best practices in implementing telemental health. (Ohio Psychological Association, October, 2014)
  • Cognitive Therapy Works Even by Telephone, Computer. “Cognitive behavioral therapy (CBT) for anxiety and depression, whether self-guided, provided via telephone or computer, or provided face to face, was better than no care in a primary care setting and was also better than treatment as usual (TAU), according to a meta-analysis published online September 22 in Family Practice.” (Medscape Medical News, 10.9.14)
  • Telephone-Delivered Cognitive Behavioral Therapy and Telephone-Delivered Nondirective Supportive Therapy for Rural Older Adults With Generalized Anxiety Disorder. “Telephone-delivered CBT consisted of as many as 11 sessions (9 were required) focused on recognition of anxiety symptoms, relaxation, cognitive restructuring, the use of coping statements, problem solving, worry control, behavioral activation, exposure therapy, and relapse prevention, with optional chapters on sleep and pain. Telephone-delivered NST consisted of 10 sessions focused on providing a supportive atmosphere in which participants could share and discuss their feelings and did not provide any direct suggestions for coping…In this trial, telephone-delivered CBT was superior to telephone-delivered NST in reducing worry, GAD symptoms, and depressive symptoms in older adults with GAD.” (JAMA Psychiatry, October, 2015)
  • Antea Group Launches Online Cognitive Behavioral Therapy Benefit. “When Antea Group realized employees often could not access mental health services from their EAP or medical plan on a timely basis, they added Learn to Live, an online cognitive behavioral program available 24/7 to their benefits program…’Our broker brought Learn to Live to our attention, and we totally fell in love with it because it was 24/7 which is really appealing to our employees who are always on the go,’ she says. Learn to Live provides online CBT to address psychological problems such as social anxiety, depression, stress and worry. Employees complete an online questionnaire and based on the results, they are directed to one of three eight-module programs. The goal is that by the end of the program, participants have the tools and resources to deal with the specific challenge they are facing…The online CBT program was just rolled out in January so it is still early days, but she says already 16 people have completed the program.” (Employee Benefit Advisor, 3.18.16)

TeleMental Health Guidelines

Remote Monitoring

  • Patients Self-Monitor With Wearable Diagnostics. “In a scene that does not usually take place at a medical conference, models showed off wearable diagnostic and tracking devices here at the Health 2.0 Annual Fall Conference. The technology included otoscopes attached to smart phones and monitors that fit inside pendants, bras, socks, and wrist watches. A model demonstrated a headset that monitors brainwaves to accompany an armband that tracks heart rates (Evoke Neuroscience), jewel-like sensors that update the wearer on exposure to sunlight (Netanol), and a monitor that inserts under the skin to continuously report on glucose (Medtronic)…Despite marketing directly to consumers, the entrepreneurs still envision a role for physicians.“ (Medscape Medical News, 9.25.14)
  • Fifteen Game-Changing Wireless Devices to Improve Patient Care. Cardiac electrophysiologist David Lee Scher, MD, clinical associate professor of medicine at Penn State University, director of a digital health consulting firm, avid blogger on mobile health issues, and chairman of the Healthcare Information and Management Systems Society (HIMSS) Mobile Health Roadmap Task Force, points to 15 potential game changers in mobile health technology that hold the promise of revolutionizing patient care in hospitals, in nursing homes, and at home. (Medscape, 10.23.14)
  • The Tyranny of the Should. “In the UK, it appears the NHS will have a ‘huge rollout‘ of wearable technology as part of a ‘revolution in self care.’ Being able to monitor patients remotely, especially those with a chronic condition, is admirable. If entities in healthcare will be able to monitor us remotely, surely that’s always going to be a good thing? Perhaps not. Given the huge financial pressures facing the NHS over the next 20 years, we may have to ration access to care. In the future, could all this data collected about our behaviour be used to ration or even deny care? I’m not the only one who is asking that question. In a great article by Hamza Shaban examining the impact of sensors collecting data about our health on the pricing of health insurance, one sentence stands out, ‘Imagine a pricing scheme that would punish sleep-deprived single parents or the dietary habits of the working poor.’ A world where our health insurance premiums decline when we behave within the guidelines, and rise when we deviate from the guidelines…Today, the National Institutes of Health announced it’s searching for a wearable or otherwise discreet device capable of measuring blood alcohol level in real time. There is a fine line between ‘Digital Nudges’ and ‘The Tyranny of the Should’ – and it’s not clear to me that we’re having the right conversations in the right places.” (Juneja, Maneesh, 3.2.15)
  • Digital Healthcare Services in 2016 (and Beyond). “Tap into these eight industry leading trends in digital healthcare services for 2016…While payers have had patient health analytics software for a few years already, in 2016, we can expect patient scoring and health analysis to make its way into the hands of the clinicians and patients. Software tools for visualizing a patient’s complete range of health metrics, along with clinically validated algorithms for scoring a holistic view of patient health will make their debut. These will provide clinicians with at-a-glance analytics of a patient’s overall health, allowing doctors to spot patterns and red flags by comparing a person’s health data against targeted health ranges, based on factors like age and gender.” (Mobi Health News, 1.5.16)
  • Using Facial Recognition and AI to Confirm Medication Adherence. “The developers of AiCure’s technology have likened it to a personal trainer in a gym working directly with a client to achieve their goals. It involves facial recognition and motion-sensors in a mobile device. It records patients taking their medication and transmits that data back to a clinician through a HIPAA-compliant secure network, who can then confirm that patients took their medication. It can also flag up adverse events or potential barriers and work with patients to overcome them. It is designed to support Directly Observed Therapy…The move comes as Barton Health became the first health system to prescribe ingestible sensors, initially for patients with hypertension. emocha, a DreamIt Health company from Baltimore, also enlists video from mobile phones to confirm when patients have taken their medication.” (MedCity News, 1.12.16)
  • Care Plans: The Future. “The ‘Magic Mirror’ on the wall is not just a fantasy anymore. Using facial recognition and mood sensing, blood pressure and heart rate sensing through skin pigmentation, and other technology, we can imbue the ordinary bathroom mirror with interactive qualities to help monitor our health.” (GoInvolution, March 2016)
  • Care Plans: A Path to Driving Better Outcomes. “In 2016, expect the basics of digital adherence — self-reporting, tracking refills and chronic disease outcomes, etc. — will receive a boost from the use of sensors to collect confirming data, whether it’s via breath analysis, urine sampling, or another non-invasive method.” (Involution Studios, March, 2016)

Telehealth Resources

  • Smartphone Applications for Patients’ Health and Fitness. Article introduces evidence that smart phone apps can better help patients reach their health and fitness goals,  describes what features to look for in an app, gives an overview of popular health and fitness apps, and offers app recommendations. Current limitations of apps, and future research are also discussed. (The American Journal of Medicine, 2016)
  • Care Plans: A Path to Driving Better Outcomes. “Healthcare payers are transitioning from a volume-based to value-based payment model, meaning that medical professionals will only get paid for the success of care, rather than for conducting the care itself. This shift requires quality metrics to assess outcomes, which can only be achieved through consistently delivered care plans and comprehensive health data tracking. When the feedback loop of an intervention engine is achieved, effectiveness of standardized interventions can be understood to accurately provide reimbursement and improve national healthcare as a whole. (Involution Studios, March, 2016)


Health IT and Hospitals

  • The Healthcare Chief Information Officer MindMap. “It’s a beautiful display of everything that’s happening in healthcare IT. Although, it’s also an illustration of the challenge we hospital CIOs face. Is it any wonder that so many hospital CIOs feel overwhelmed?” (EMR and HIPAA. 4.8.14)



  • Transition to a Post-HITECH World (9.18.15) The Robert Wood Johnson Foundation. “In 2015…a large percentage of acute care hospitals have at least a basic electronic health record (EHR) system. But many are not ready to meet Stage 2 meaningful use criteria—criteria that must be met in order to participate in the Medicare and Medicaid EHR Incentive programs. Key Findings: By 2014, 75.5 percent of hospitals had adopted at least a basic EHR, a substantial increase from 58.9 percent in 2013; Seventy-six percent of hospitals reported exchanging data with outside health professionals in 2014, up from 62 percent in 2013 and 41 percent in 2008, the year the survey began including this measure; Hospitals continue to face barriers toward adopting national standards enacted in 2009 to encourage technology investments and the development of health information exchanges.”

Hospital Monitoring of High-Risk Behavior

  • Hospitals to Begin Monitoring Your Credit Card Purchases to Flag ‘Unhealthy’ Habits. “What you buy at the grocery store, where you live, and even your membership status at the local gym are all subject to a new data collection scheme by the American medical system. Reports indicate that hospitals and doctors’ offices all across the country are now collecting this and other personal information in order to target individuals deemed to have ‘unhealthy’ lifestyle habits that put them at high risk of disease.”(Caldwell, Leonard, 8.11.14)
  • Hospitals Soon See Donuts-to-Cigarette Charges for Health. “Some hospitals are starting to use detailed consumer data to create profiles on current and potential patients to identify those most likely to get sick, so the hospitals can intervene before they do…Information compiled by data brokers from public records and credit card transactions can reveal where a person shops, the food they buy, and whether they smoke. The largest hospital chain in the Carolinas is plugging data for 2 million people into algorithms designed to identify high-risk patients, while Pennsylvania’s biggest system uses household and demographic data.” (Bloomberg Business, 6.26.14)


Health IT News and Analysis

  • Omnibus Bill Keeps Office of the National Coordinator for Health IT Funding at Same Level as 2014. “In its ‘Congressional Asks’ — formal requests to Congress to accomplish specific goals to advance health IT–HIMSS urged lawmakers to fund ONC at the higher level. It calls this fourth year and Stage 2 of Meaningful Use a ‘critical juncture’ for the adoption and effective use of EHRs, citing the need to maintain the momentum achieved so far.” (Fierce Health IT, 12.15.14)

Security Concerns

  • Medical Devices Can Lead to Breaches. “Computer-security researchers have discovered a website containing documents that could allow hackers to easily obtain electronic medical records and payment information from health-care providers, CIO Journal’s Rachael King reports. The documents—found by two cybersecurity firms on a site commonly used by hackers—detail the type of equipment used in computer networks, the Internet addresses for computers and other devices, and the passwords to network firewalls run by health-care providers such as nursing homes, doctors’ offices and hospitals. If such networks were accessed, cybercriminals easily could find personal details on individuals, security experts said. Such information could be used to sell credit-card information and—more valuable to hackers—medical information that could be used to commit insurance fraud…The SANS Institute corroborated widespread problems with hackers infiltrating health-care networks and plans to issue a report on the vulnerabilities Wednesday. The report finds that security practices at health-care companies generally aren’t keeping pace with the high volume of attacks, SANS researchers say. Researchers from the institute found evidence of hacked dialysis and MRI machines and compromised personal health information…Medical records sell for about $60 apiece on the black market, while credit-card information typically goes for about $20, said Sam Glines, the CEO of cybersecurity firm Norse Corp. Medical records are ‘more valuable because you can do more with it, including Medicare fraud and prescription fraud,’ he said.” (Wall Street Journal CIO Report, 2.18.14)
  • Expert: U.S. Hospital Breach Biggest Yet to Exploit Heartbleed Bug. “Hackers who stole the personal data of about 4.5 million patients of hospital group Community Health Systems Inc broke into the company’s computer system by exploiting the “Heartbleed” internet bug, making it the first known large-scale cyber attack using the flaw, according to a security expert…Community Health Systems, one of the biggest U.S. hospital groups, said the information stolen included patient names, addresses, birth dates, phone numbers and social security numbers of people who were referred or received services from doctors affiliated with the company over the last five years.” (Reuters, 8.20.14)
  • Apple: Health Apps Shouldn’t Use iCloud Storage. “After an apparent breach into celebrities’ iCloud accounts led to nude photos leaking, Apple is forbidding its health app developers from housing sensitive user data with the storage service. Apple’s latest version of its App Store developers guidelines, released on Tuesday, say that apps “using the HealthKit framework that store users’ health information in iCloud will be rejected, 9to5mac originally reported.” (CNBC, 9.3.14)
  • Patients’ Medical Records Under Threat from Data Breaches. “Your private medical information is under threat. That’s according to a study that found almost 30 million health records nationwide were involved in criminal theft, malicious hacking or other data breaches over four years. The incidents seem to be increasing. Compromised information included patients’ names, home addresses, ages, illnesses, test results or Social Security numbers. Most involved electronic data and theft, including stolen laptops and computer thumb drives…Hackings doubled during the study, from almost 5 percent of incidents in 2010 to almost 9 percent in 2013. Hackings are particularly dangerous because they can involve a high number of records, said Dr. Vincent Liu, the lead author and a scientist at Kaiser Permanente’s research division in Oakland, California. ‘Our study demonstrates that data breaches have been and will continue to be a persistent threat to patients, clinicians, and health care systems,’ Liu said…A JAMA editorial says there’s evidence that the incidents are leading some patients to avoid giving doctors sensitive information about their health, including substance abuse, mental health problems, and HIV status. ‘Loss of trust in an electronic health information system could seriously undermine efforts to improve health and health care in the United States,’ the editorial said.” (Associated Press, 4.14.15)
  • Partners Data Breach Affects 3,300 Patients. “Hackers may have accessed medical and personal information, including Social Security numbers, about 3,300 patients at Partners HealthCare, the health system said Thursday. The breach happened when some Partners employees responded to phishing e-mails, which allowed unauthorized access to their e-mail accounts. Some of the e-mails contained private patient information, including Social Security numbers, addresses, phone numbers, and information about medical treatments and health insurance.” (The Boston Globe, 4.30.15)
  • Three Keys to Improving Privacy and Security Protections for Electronic Health Information Exchange. “Increasing reports of cyber theft of patient information via hacking — most recently of UCLA Health System, EHR vendor Medical Informatics Engineering and its patient portal NoMoreClipboard, and, earlier, of Anthem and Premera — suggest these data breaches will continue as criminals increasingly seek out medical data because the data contain links to financial and insurance information. According to DirectTrust President and CEO David C. Kibbe, MD, MBA, ‘The reason healthcare data are so vulnerable is, in a word, neglect. Despite the rich trove of data it stores, the healthcare industry has not taken security as seriously as other sectors of the economy, where privacy breaches have occurred for several years and systems have been hardened to protect against intruders.’… ‘Ironically, the push to make healthcare information systems more interoperable, and the rush into mobile and wearable healthcare applications may be increasing the vulnerability of health information to hacking events,’ Dr. Kibbe continued.” (Market Wired, 8.4.15)
  • Over 90% Of Cloud Services Used In Healthcare Pose Medium To High Security Risk. “According to cloud security vendor Skyhigh Networks, more than 13% of cloud services used in healthcare are high‒risk and 77% are medium risk ‒ as measured across 54 different security attributes (like data encryption and “two factor” authentication).” Munro, Dan. (Forbes, 9.1.14)
  • Roundup: Three Data Breaches, One Settlement. “The health data breaches continue apace. In Ohio, Kentucky, and North Carolina, for instance, providers have had to announce a series of recent exposure, while in Connecticut a hospital said it has agreed to pay a settlement related to its own security incident.” (Government HealthIT, 11.23.15)
  • Health Care Industry Susceptible to Cyber Attacks. “Health care organizations are a popular target for cyber attacks. According to a KPMG survey published last month, 81 percent of health care executives said their organizations had been hit by malware, botnets or cyber attacks at least once in the past two years. Similarly, recent Raytheon/Websense research found that the health care industry experiences 340 percent more security incidents and attacks than most other industries. Hackers are interested in health care data because of its high value, said Carl Leonard, principal security analyst for Raytheon/Websense. ‘Health care providers have very complete data sets. Your doctor knows pretty much everything there is to know about you,’ he said, adding that the data often even includes links to insurance and other sensitive financial information. With widespread adoption of electronic health care record systems just a few years old, health care organizations are behind the curve when it comes to data protection best practices. ‘They are still learning how to expose data to authorized individuals,’ Leonard said.” (eSecurityPlanet, 10.5.15)


Health IT and Patient Privacy


Governmental Health IT Initiatives