Patient Safety & Quality Healthcare’s mission is to provide news, science, research, and a forum for opinion for clinicians, healthcare professionals, and everyone interested in improving quality in healthcare. Learn more .
PSQH: Patient Safety & Quality Healthcare, March 23, 2021
The toolkit offers a core elements checklist for assessing policies and procedures, treatment recommendations in primary care taken from the CDC, and a flow chart that maps out considerations for surgical procedures.
This article was originally published March 22, 2021 on PSQH by Matt Phillion
To help combat drug-resistant bacteria, the Accreditation Association for Ambulatory Health Care (AAAHC) has published a new toolkit for improving antimicrobial stewardship.
The toolkit, which also addresses COVID-19 considerations, offers an overview of the challenges organizations face in this arena, as well as strategies for optimizing the use of antibiotics.
Organizations will find specific information on unnecessary or inappropriate use of antibiotics across the spectrum, including ambulatory, dental, primary care, and surgical settings.
The toolkit offers a core elements checklist for assessing policies and procedures, treatment recommendations in primary care taken from the CDC, and a flow chart that maps out considerations for surgical procedures. It also provides recent information on potential threats to antimicrobial stewardship due to COVID-19.
According to the CDC, drug-resistant bacteria cause at least 2.8 million illnesses and 35,000 deaths every year in the U.S. At the same time, a strong antimicrobial stewardship program offers the ability to reduce:
Antibiotic resistance
Adverse drug effects
Mortality
Healthcare costs
The toolkit comes on the heels of feedback from the field, says Belle Lerner, MA, assistant director of the AAAHC Institute for Quality Improvement.
“We produce several patient safety toolkits and choose our topics based on client needs, as well as interest voiced in surveys,” she says. “They align with our standards, but they’re really more—they can also go beyond and offer best practice information.”
New and updated information
When addressing antimicrobial stewardship, the AAAHC has standards requiring patients to be given information on safe, effective use of medications, as well as standards for quality of care. The toolkit goes into more specific details on these areas.
It also follows up on a toolkit in 2017 that addressed antibiotics use. “We do update our toolkits on a regular basis with the latest and greatest research,” says Lerner. “And this toolkit was timely, with a section that addresses the pandemic.”
The team building the toolkit was aware there could be an increase in prescriptions for mild or moderate symptoms that didn’t have a demonstrated fungal or bacterial infection. They were also aware of the potential increase in healthcare-associated infections during a pandemic that could lead to more use of antibiotics. “These were both potential threats due to COVID,” says Lerner.
To this end, the team received expert input from the CDC’s Office of Antibiotic Stewardship on their potential toolkit materials (much of the material is also based on CDC guidelines). “In terms of additional guidance, we also looked at information on increases in prescribing put out by the World Health Organization (WHO),” says Lerner.
Key antimicrobial issues addressed
There are two key issues when it comes to addressing antimicrobial stewardship, says Cheryl Pistone, AAAHC’s clinical director.
“One is patient education,” she says. “There is an expectation out there that patients want to be prescribed antibiotics when they’re not feeling well. That puts pressure on the prescriber, which may not always be in accordance with what’s recommended with national guidelines. There’s a reluctance to do the wait-and-see approach.” Many illnesses are not bacterial in nature, Pistone explains, and patients will benefit from being educated about this.
Secondly, providers need to be allowed to refer to standardized protocols for prescribing based on national guidelines. “So the second step is educating the clinician as well as the patient,” says Lerner.
“We need to use a multidisciplinary approach to determining and monitoring prescription practices against national guidelines,” says Pistone. “How do we do it, and how do we align it on a national level?”
Patients aren’t necessarily aware that upper respiratory issues with viral symptoms are very different from bacterial infections, Lerner explains. A patient might walk into a clinic and ask for antibiotics right away, when waiting to see if the symptoms clear up could show that antibiotics are unnecessary for the patient’s condition.
“To Belle’s point, if you educate the patient on the symptoms and you wait the symptoms out, explaining that you look for symptoms at a certain point,” it can be a game changer, says Pistone. “Saying we’ll treat your symptoms, but if it’s viral, not bacterial, you don’t need antibiotics.”
This is a two-pronged approach: verifying the issue is bacterial before prescribing antibiotics, but also making sure the right dose of the right antibiotic is prescribed at the right time, if one is needed.
Lerner notes that progress has been made in terms of patient education. “There was a study by the University of Michigan Institute for Healthcare Policy & Innovation about the perception of use of antibiotics among adults 50–80 years old that surveyed over 2,200 adults,” she says. “Nine out of 10 are cautious about using antibiotics, and 80% knew that antibiotic overuse increased the chances they wouldn’t work next time.”
However, the study found that despite patients knowing this, they still wanted treatment with antibiotics when they themselves were sick. “More education needs to take place in terms of not requesting antibiotics,” says Lerner.
Implementing the toolkit
The toolkit, Pistone explains, provides the elements an organization would need to run an antimicrobial stewardship program. But where do you start with such a program?
“Typically, it works best if you have a physician champion,” she says. “They can be the one to spearhead it and help other physicians get on board.”
If you have a strong advocate to act as a “true believer” in the program, the toolkit outlines how to verify whether you’re complying with these best practices and what you can put in place to monitor prescribing and usage.
“It’s really designed to encourage organizations to develop their own unique antibiotic stewardship programs at their facilities and curtail the types of antibiotics they’re prescribing,” says Lerner. “It gives providers the evidence-based information to help them explain this to their patients.”
Where antibiotics prescribing is now
Strangely, though perhaps not unexpectedly, there is anecdotal evidence that antibiotic prescriptions have decreased during the pandemic—not because people are necessarily healthier, but because they’ve had fewer opportunities to catch a respiratory illness due to staying at home.
“Isolation did something for us,” says Pistone.
Even before COVID-19, there were the rumblings of change, though. Lerner refers to an anecdote of her own.
“Pre-COVID, I got sick while on vacation and contacted my PCP. Their policy was now to not prescribe antibiotics without seeing the patient,” said Lerner. “I believe that as part of antimicrobial stewardship there may be organizations adopting policies that unless they can see you and better diagnose your condition, they’re not prescribing over the phone.”
There are a few barriers to be aware of before implementing some of the components of the toolkit to ensure your organization gets the most from it. In some cases, your facility may have inadequate data tracking systems, limiting its ability to collect good data about how your providers are prescribing. Without that data, it will be hard to measure your success. “We call that internal benchmarking,” says Lerner.
Secondly, once you have a good way of tracking that information, you’ll also want a way to measure your progress as the program evolves. “Part of it is to target your high-priority conditions—the common ones you prescribe antibiotics for,” says Lerner. “You’ll want targeted tracking systems. Once you track it, you can then benchmark against national guidelines. This is the perfect opportunity [for] a quality improvement study to move the needle.” Prescribers are more likely to change their behavior if they can see the data tracked.
What would the AAAHC team like to see from the toolkit’s implementation? “My takeaway would be that this improves and measures prescribing, so medicines are only used when needed,” says Lerner.
Pistone, meanwhile, says she’d like to “dream bigger.” “We have something called the annual ‘Bernie’ Awards—the Bernard A. Kershner Innovations in Quality Improvement Award,” she says. “I would like to see an organization make improvements using this toolkit that they’re able to implement in their system and be able to save money, better treat their patients, and use it as a quality improvement study and truly impact patient care—and I’d love to see them win a Bernie Award.”
PSQH: Patient Safety & Quality Healthcare, March 5, 2021
Evolving threats, new guidance add to need for healthcare cybersecurity.
This article was originally published March 2, 2021 on PSQH by Megan Headley.
As if the COVID-19 pandemic wasn’t hardship enough, healthcare organizations across the country are also under attack from another threat: cybercriminals.
In a joint cybersecurity advisory issued in late 2020, the FBI, the Cybersecurity and Infrastructure Security Agency, and the Department of Health and Human Services (HHS) warned the healthcare and public health sector that they held “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The organizations warned healthcare providers to take precautions to protect their networks against malware threats that could lead to ransomware attacks, data theft, and disruption of services.
Since that date, HHS has investigated more than 100 new data breaches reported by healthcare providers. While these providers grapple with a COVID-19 response that has significantly expanded their reliance on IT networks, many are struggling to fight off an increase in dangerous cyberattacks.
“For those who have been watching, ransomware attacks have been on the rise for years and have only accelerated under the lockdowns being used to combat COVID-19,” says Allen Lynd, a veteran FBI cybersecurity expert and senior incident response advisor at cybersecurity consultancy CriticalStart.
These attacks may have also become more dangerous. In September 2020, a ransomware attack in Germany crippled a facility’s computer systems and forced a critically ill patient to be routed to a hospital in another city. The delay in treatment reportedly may have contributed to the patient’s death.
Small providers are often a favorite target. A 2020 intelligence brief from cybersecurity software provider RiskIQ found that, of a survey of ransomware attacks, 70% impacted small providers, who are more likely to pay ransoms to prevent care disruption and less likely to have robust security support. These attacks have affected facilities in every state, including hospitals and healthcare centers (51% of RiskIQ surveyed attacks), medical practices (24%), and health and wellness centers (17%).
Now, to combat this increase in attacks, the U.S. Treasury Department is cracking down—on organizations that pay off cybercriminals. This new guidance could hit healthcare organizations hard for fighting off ransomware in the way that’s traditionally served them best.
New guidance on ransomware response
In the past, Lynd says, there has been some “gray area” when it comes to how the Treasury Department looks at ransomware payments. “What the Treasury Department has been saying is if you’re being extorted for money and feel paying the ransom is the way to keep yourself operational, alright, you’re being forced to do this under duress. It’s not like you’re actively trying to give aid and comfort to the enemy, so to speak,” he says. “Nobody in healthcare was actually prosecuted or sanctioned under this.”
“What it boils down to is if this is a known foreign actor who is on the sanctions list maintained by the Treasury Department, and you provide any money or any support, then you can face fines yourself and sanctions,” Lynd says. He explains that this list of what the Treasury Departments’ Office of Foreign Assets Control (OFAC) calls “malicious cyber actors” includes nations, as well as a long and evolving list of ransomware groups.
The reasoning behind this crackdown, states the advisory, is that “facilitating a ransomware payment that is demanded as a result of malicious cyber activities may enable criminals and adversaries with a sanctions nexus to profit and advance their illicit aims. … Ransomware payments may also embolden cyber actors to engage in future attacks.”
As a result, Lynd says, OFAC has stated that any person or organization that pays ransoms demanded by sanctioned players can themselves be sanctioned for facilitating those transactions. “It’s not limited to just the healthcare organization. It could include the cyber insurance companies paying it, and it could include the incident response or other company that is hired to negotiate that ransom down. So, anybody along the path who’s involved in this could face sanctions,” Lynd says.
Players on the Treasury Department’s sanctioned list are absolutely targeting healthcare organizations. OFAC specifically notes in its advisory SamSam ransomware, one example of an attack targeting “a large healthcare company.” Behind the attacks were two Iranian hackers who caused more than $30 million in losses to more than 200 victims, including six healthcare-related entities.
Federal agencies are also cautioning healthcare organizations to watch out for attacks from the cybercriminal enterprise behind TrickBot, the presumed creator of BazarLoader malware. This malware is disseminated via phishing campaigns that contain either links to malicious websites that host the malware or attachments with the malware.
It’s not just more attacks
The change in guidance isn’t just about responding to an increase in attacks. It’s also about a shift in how ransomware attacks target healthcare organizations.
“Prior to about three years ago, ransomware was just about making the systems inoperative,” Lynd explains. By paying the ransom, the healthcare provider was able to regain access to data that had been encrypted. Some larger organizations, though, could avoid paying by moving to a backup of the encrypted data—and the hackers noticed. About three years ago, these malicious cyber actors began to also threaten to release the encrypted data to the public if the ransom wasn’t paid; the threat to hospitals thus shifted from data loss to data exposure.
Paying off the ransom has often been the most direct route to release stolen data—and, for insurance companies, the easiest way to remove that liability—but it also drives up the cost of future ransoms. Lynd notes that ransom demands average around $1.4 million today. Add to that the indirect costs of business downtime and system restoration work to prevent future attacks, and the costs go higher still.
Now, with greater reliance on connectivity to serve patients, there’s more incentive than ever for healthcare to prioritize investments in cybersecurity.
Where to start improving your cybersecurity
For organizations ready to take a more proactive approach to their cybersecurity, Lynd begins by walking clients through best practices as laid out by the National Institute of Standards and Technology’s cybersecurity framework. This includes basic recommendations on backing up data. The industry standard is the 3-2-1 rule of thumb. This guidance advises keeping at least three backups of your data in at least two separate formats, with one of those formats being off-site.
“That solves a lot of problems at once, not only in making sure that you can get up and running if you do have ransomware, but also for disaster recovery,” Lynd says. “If you have a tornado coming through your data center, you want to be able to get back up and running quickly.”
The next step Lynd’s firm recommends is requiring multifactor authentication to get into any kind of account. “Passwords alone are not sufficient at this point,” he says. However, effectively shifting toward multifactor authentication requires a great deal of education for employees.
“Unfortunately, the single largest factor for these attacks is still the individual employees who get hit with a bad phish,” Lynd says. “Conti and Ryuk [ransomware] looked at using COVID-19 bulletins with bad links to infect users. If you’re a healthcare organization and you’re seeing that come in, you’re likely to tend to click on it. Being able to detect a bad email is going to reduce the chances of your system getting infected.”
Solutions to mitigate the damage from a successful phishing attack include role-based access control, which restricts data at varying levels so that employees only have access to the data that is necessary to effectively do their job. This segregation of protected data makes it harder to compromise, while making it easier to comply with cybersecurity regulations.
Finally, it’s critical that health systems have someone monitoring their cybersecurity at all times. “It’s great to put all this security in, but if you don’t have somebody dedicated to monitoring your security and looking at what the devices are telling you all the time, it’s not going to help,” Lynd says.
Weighing your risks
These steps are good places to start, but many small healthcare organizations will find that hiring a dedicated cybersecurity advisor or outside contractor is necessary for proactively addressing cybersecurity.
“Frankly, when it comes to healthcare organizations, a lot of them are very small and they’re not really geared internally to allow their own people to do the best security,” Lynd says. “They need to outsource it, but a lot of them are reluctant to outsource because of HIPAA rules. There’s a Catch-22 where in order to be secure they need outside help, but they don’t want to necessarily bring in that outside help because they’re afraid of exposing data to those outside vendors.”
Lynd notes that many healthcare cybersecurity firms are led by professionals who come from either healthcare backgrounds, where they gained familiarity with HIPAA regulations and HITRUST compliance requirements, or from law enforcement. The risk of working with an outside firm is much less than doing nothing.
Bringing in these experts at the earliest stages of your cybersecurity efforts is critical to create a cohesive approach. “Security has to be part of the design process and part of the integration from the very beginning. It can’t be bolted on afterwards; it will never be as secure as it would if it were part of the original design,” Lynd says.
As Lynd points out, healthcare systems cannot completely eliminate risks from cyber threats, which are constantly evolving. Yet to mitigate those risks as much as possible, cybersecurity efforts cannot be static. The only way to truly keep your patients safe is to prioritize cybersecurity measures and training.
PSQH: Patient Safety & Quality Healthcare, March 4, 2021
IT upgrades position urgent care centers as promising vaccination sites.
This article was originally published March 2, 2021 on PSQH by Megan Headley
The convenience of urgent care centers and retail health clinics have made these sites ideal locations for consumers to secure COVID-19 testing, and they can also help expand access to COVID-19 vaccines. After all, there are more than 9,600 urgent care clinics and at least 2,000 retail clinics across the country. The combined membership of the Urgent Care Association (UCA) and Convenient Care Association (CCA) alone have the capacity to serve and vaccinate more than 130 million patients across the country.
What’s more, many people are reluctant to seek care from their physician’s office due to fear of infection transmission from patients with COVID-19. While urgent care centers have faced some of that caution from consumers, UCA reports that visits to urgent care centers in 2021 are up 67% compared to the previous three-year average.
Finally, urgent care centers could help alleviate the gaps in vaccination coverage. UCA and CCA note that more than 76.6% of Americans live within a 10-minute drive of an urgent care center and 40% live within a 10-minute drive of a retail health clinic. Expanding the number of facilities able to vaccinate could work to close coverage gaps. An analysis from the University of Pittsburgh School of Pharmacy and the nonprofit West Health Policy Center has found that several states may not have a sufficient number of healthcare facilities in some areas to administer the COVID-19 vaccine to all residents who want it.
However, UCA CEO Lou Ellen Horowitz wrote in October 2020 that the Centers for Disease Control & Prevention had initially discounted urgent care facilities as a part of its strategy for vaccine deployment, citing concerns over centers’ ability to handle high-volume throughput, manage cold storage and universal supply chains, and track and report vaccination activity.
Many convenient care centers are working to strengthen their back-end reporting infrastructure to combat these claims that they cannot manage the high throughput. After all, the early rollout of COVID-19 tests was partially hampered by facilities that did not have the online infrastructure to support scheduling and reporting.
“They were really not set up to provide the testing at the pace that they were expected to do,” says Hari Prasad, CEO of Yosi Health, a mobile patient registration software provider. “Volume was a big challenge.” Through Yosi Health, Prasad has helped bring back-end systems up to date to reliably streamline scheduling while reducing downtime.
Yosi Health had already been working with urgent care centers around the country when the coronavirus pandemic struck, and so it soon became one of a number of technology firms pivoting to provide urgent care centers with appropriate back-end support for COVID-19 testing and service volume. This gave Prasad insight into the accessibility advantages that urgent care centers offer over medical campuses, as well as the bottlenecks that needed to be addressed.
For example, Prasad notes that many urgent care centers have required support in collecting vital information from patients and connecting it to their electronic medical record systems. “Because this was all new for everyone, they needed a system that could collect all of that information and transfer it back-end into their medical record systems.”
Electronic data collection helps to speed the process of accurately transferring patient information to labs and then back to the patient—speed that becomes even more critical as labs face their own surges in demand. “There were a lot of time-sensitive results, so they needed to get that information from the patient, transfer to lab, and get it back-end from the labs,” Prasad says. “Our system was critical in helping bridge the time delays.”
Increases in volume may have been an issue for most medical facilities in 2020, but Prasad found urgent care centers were “poised to move faster than large health systems based on how their infrastructure is set up.”
Electronic data collection is also helping urgent care centers address the “fear factor” that kept patients away from medical care last year. By creating no-contact virtual waiting rooms, health centers are able to encourage consumers to safely seek out emergency care.
“The vision that we have is to allow patients to complete forms and payment at home for their own safety, so when they come to the care center all they have to do is see the care provider and not deal with the administrative work that often involves touching kiosks and clipboards, handing over their insurance card and driver’s licenses, credit cards, etc. All of that is handled by our system, creating a safe environment for patients,” Prasad says.
Of course, Prasad also sees this virtual waiting room as bringing “the airline check-in experience” to healthcare—a comfort factor with potential to outlast the pandemic. “Similar to how we’re able to get our boarding passes before we get to the airport to streamline our journey or travel process, Yosi Health is helping patients do all of this at home at their own safety and convenience,” he says.
Urgent care centers with the technology in place to support vaccination may find they also have the support they need for a more competitive edge post-pandemic.
PSQH: Patient Safety & Quality Healthcare, March 4, 2021
According to FBI statistics, since March 2020 there has been a 400% increase in cyberattack complaints.
This article was originally published March 2, 2021 on PSQH by Matt Phillion
Healthcare organizations are prime targets for cyberattacks. Patient information represents a high-value proposition for hackers, and bad actors know how effective the threat of attacking patient data is. While organizations have turned their attention to the COVID-19 pandemic, numbers show that cyberattacks have not relented: According to FBI statistics, since March 2020 there has been a 400% increase in cyberattack complaints.
Changes in how medical care is provided has opened up a host of avenues for cyberattacks, with the rise of telehealth and more healthcare staff working remotely. But many of the challenges the industry faces are tied to problems that existed before the pandemic. Old systems, outdated policies, and unprotected Internet of Things (IoT) devices were issues healthcare facilities needed to address before the lockdown, and they’re still problems for many facilities today. Meanwhile, hackers get better and better at tricking workers and patients into giving up private information, making cybersecurity all the more challenging.
Heather Annolino, senior director of healthcare practice for Ventiv Technology, has been exploring how healthcare organizations can adopt better technology, policies, practices, and processes to protect patient information and defend against cyberthreats.
“Compared to other industries, the health systems have been slower to move forward in creating departments focused on cybersecurity,” says Annolino. “But often when looking at all the risks they’re trying to prioritize, cyberthreats are lower on the list than they should be.”
Prior to the pandemic, data breaches and other cyberthreats were hitting the healthcare world hard. But the advent of COVID-19 both introduced new challenges and accelerated existing ones. The World Health Organization wrote in April that they had seen a fivefold increase in cyberattacks targeting healthcare.
The first question we have to ask is: What is the appropriate response for hospitals and other organizations?
Cyberthreats are a disaster, like any other
Hospitals are constantly preparing for disasters—whether that means natural disasters, overloaded emergency departments, or even a pandemic response.
“Cyberattacks have to be considered one of those potential disasters,” says Annolino. “They should be doing drills so they can be prepared to manage what comes their way, just as they would with other disasters.”
The risk of cyberthreats became even more prevalent as, out of necessity during the pandemic, staff who could work remotely were urged to do so. This opened up more opportunities for risk.
“An increased digital adoption meant we had to ask: Were organizations prepared to handle the increase in network risks as more staff worked remotely?” says Annolino. “Did they have a crisis plan in place for these new threats?”
Like any other disaster preparedness program, healthcare should look for ways to bridge process gaps and identify security weaknesses. Annolino recently worked with a group that brought facility leaders across four states together to have a frank discussion about preventive measures for security breaches they could adopt with their budget and resources.
Prevention is a huge part of protecting against cyberthreats, not just in terms of technology or digital solutions, but in identifying gaps where human error can occur—similar to other risk analyses.
“One challenge is the education gap, where in large systems with turnover you’re constantly reeducating staff about cybersecurity,” Annolino says. “But there’s also unfortunately human error. Human error impacts patient safety, and the same can happen with cybersecurity.”
Busy, distracted workers are a prime target for security risks like phishing attacks. Phishing emails and messages are designed to trick users into providing information like usernames and passwords through clever, treacherous language. And busy workers, even ones who are trained to spot signs of a phishing attack, are apt to fall for one eventually.
“Making sure staff can quickly identify phishing risks is critical. But in the fast-paced environment of healthcare, that may not always be possible,” says Annolino. “This requires organizations to have ongoing training to teach staff how to prevent breaches. As nurses are not embedded in the security industry, providing constant insight into the latest methods used by hackers will reduce the chances of cyber risks.”
There’s a surprising overlap between patient safety and cybersecurity, and in how we approach both. “As we know, patient safety stories are important; that’s one way we can learn from our mistakes,” says Annolino. “I don’t think cybersecurity breaches are any different.” Stories help paint a bigger picture: an enterprise-level risk management view that many hospitals may not have taken yet.
Protecting patient data is patient safety
That story component can, and should, be used to help everyone understand that cybersecurity isn’t just a technology issue—it’s part of patient safety.
“You’re in the business of caring for patients. This is a patient safety issue,” says Annolino. “You’re protecting their data.”
Anyone who deals with patient data is one of its guardians, and staff should be aware of how precious hospital and patient data is. Personal health information is incredibly valuable to hackers, and bad actors can use that data in different nefarious ways. Not only can they access patient records in a ransomware attack, but by holding that patient data for ransom, they can increase the risk for patient errors.
Sometimes it sounds like science fiction—TV shows where hackers try to attack a world leader’s pacemaker come to mind—but if we can imagine it, hackers are thinking about it. And with more and more technology connected to the web, the attack vector for cyberattacks grows. It’s not just horror stories about stealing control of a medical device. Every time a physician uses their phone in a way that touches patient data, there’s additional risk.
IoT and wireless devices bring with them a range of additional concerns. Take a stolen or lost laptop, for example: Can the organization lock or wipe the machine remotely?
“Technology is only going to get more complicated. We need ways to protect the sensitive data and for identifying if anything is going outside the central system. This requires daily scans, monitoring, testing, and making sure security measures are working,” says Annolino. “Organizations should be testing their business continuity plans. It’s not just the potential for loss of data. It’s the potential for loss of life.”
An interesting side effect of the number of hospital and health system mergers in the past decade has been an increased threat surface for potential cyberattacks. Mergers connect disparate systems that organizations are trying to cohesively manage.
“That connectivity has expanded dramatically, which expands vulnerability,” Annolino says. “Key questions organizations need to ask include, ‘How do our systems talk to each other? And what gaps are there?’ ” And it will be even more critical for staff to receive education about the risks of not using proper care with technology.
Another challenge: Many hospitals are still on legacy systems. “They’re at least doing the patches, making sure they’re using the latest versions possible,” says Annolino. “But these are not easy, budget-friendly options to fix. We do need to think more forward with our budgeting in order to make sure we have the right antivirus, the right antimalware solutions, and that we’re doing regular backups and asking what would we do during disaster recovery.”
Backing up data isn’t enough anymore, either—hackers using ransomware will instead threaten to expose stolen data, posting it to the internet if a ransom is not paid. “Even though hospitals were trying to be smart about security, hackers were one step ahead,” says Annolino.
Thinking back to the way telehealth has expanded during COVID-19, now is an excellent time to reassess how that process is secured. Necessity required quick-fix systems to get patients and doctors talking to each other during the pandemic, but now that the dust has settled a bit, it’s time to make sure everything is in place to protect patient information in virtual visits as well.
“[Telehealth] won’t be going away,” says Annolino. “It’s amazing technology and helps with increasing care access for patients such as the elderly. It was rushed forward because of the crisis, but now we need to make sure it’s all in working order.”
Tips for staying ahead of the bad guys
When assessing cyber risk, one place to start is access. Who can get their hands or eyes on what data? “Even with a VPN or some other way of protecting access points, it’s important that access is based on job responsibility or job description,” says Annolino. Limiting access then limits the potential for loss or theft.
Thinking of cyber risks in a similar way as other risk management issues can go a long way to detecting threats as well as educating staff. Consider doing unannounced training for phishing to help staff better understand the kinds of attacks that may target them, either individually or as part of the larger organization. “It’s not intentional, but we can get tunnel vision,” says Annolino. By making the best practices for better cybersecurity second nature to staff, you can help eliminate some of the human error risks all organizations face.
Excellent cybersecurity in hospitals goes beyond just hiring a CIO or CISO. “Give those roles the resources they need,” says Annolino. This goes not just for larger organizations like healthcare systems or university hospitals. Critical access hospitals, urgent care clinics, freestanding clinics—all organizations can be targeted for attacks. And now, with the COVID-19 vaccine rolling out, additional vectors are appearing as pharmacies and other smaller locations handle patient data in new ways.
“Look to your home base first,” says Annolino. Hospitals are getting there, but as physician groups, ambulatory settings, and others become part of larger systems, they are also part of the larger organization’s cybersecurity domain.
Finally, consider making cybersecurity part of your overall incident reporting and management system. “Make sure you’re tracking cyber events there,” says Annolino, “not just what the cybersecurity team sees. How are you tracking your cyber events? This is a patient safety issue, and it’s not just about money, or about HIPAA compliance. You need to be tracking all of those events.”
Treat a cyber event like a patient error, says Annolino. There is a real impact on the patient when their data is stolen, and it can affect their care and treatment. “It’s important to really understand operationally what the event did to those involved.”
She notes, “There is so much information available on improving cybersecurity. Healthcare needs to seek those experts out to help address the accelerated need for more protection and more awareness.”
PSQH: Patient Safety & Quality Healthcare, March 3, 2021
According to the CDC, 81,000 drug overdoses were identified in the 12 months ending in May 2020, the highest number ever in a 12-month period.
This article was originally published March 2, 2021 on PSQH by Matt Phillion
The U.S. has wrestled with the demons of the opioid epidemic for decades, and even a global pandemic can’t stop that. But so much has changed during the past year in terms of healthcare. The use of opioids, both appropriate and inappropriate, has appeared to change too, sometimes in surprising ways.
We know that overdoses quickened their pace in 2020, according to the CDC. The CDC identified over 81,000 drug overdoses in the 12 months ending in May 2020, the highest number ever in a 12-month period. And while those numbers were increasing prior to COVID-19, the latest data indicate the numbers accelerated further during the pandemic. According to the CDC:
37 of 38 U.S. jurisdictions with opioid data reported increases in synthetic opioid–related overdose deaths
18 of those jurisdictions saw increases of more than 50%
10 western states reported increases of more than 98%
G.T. LaBorde, CEO of IllumiCare, has spent a lot of time looking at opioid prescription data during the pandemic and has some thoughts on COVID-19’s impact on opioid over-prescription based on the numbers gleaned by IllumiCare’s software.
IllumiCare is an electronic medical record (EMR)–agnostic tool that nudges doctors with helpful insights directly in their clinical workflow. One of the apps on IllumiCare’s platform checks a patient’s history for controlled substance prescriptions. Every opioid filled in a clinic or a local drugstore is reported to the state prescription drug monitoring program (PDMP) database, creating a single source within each state of every opioid prescription filled.
Most U.S. states, in no small part because of the opioid crisis, legally require providers to consult the state’s PDMP database before writing a new opioid prescription. The IllumiCare app quickly checks the patient’s opioid prescribing history and injects that information into the clinical workflow. “If the patient has a history of filling prescriptions for a controlled substance, it will surface this information automatically to the clinical user,” says LaBorde.
Normally the clinician might log into a website or look in the EMR to find the information they need, but the intent here is to make it easier to do the right thing for the patient.
“Our app is utilized thousands of times a day all over the country, and that gives us insight into the data,” LaBorde says. “We know what medications are prescribed for patients and how often clinicians are checking the PDMP database.”
And through the knowledge this app provides about the drugs prescribed and the information providers are looking for, it offers insight into how the opioid crisis is changing.
What the data says
LaBorde has two pieces of key data, and a hypothesis based on his analysis. First, the data.
IllumiCare observes that providers are checking the state PDMP databases, and through examining the app’s users and install base, LaBorde notes that the population of those providers has stayed constant. “From late 2019 to now, there’s been a 64% increase in the number of provider checks of the state database,” he says. “That is a proxy measure for outpatient opioid prescribing.”
Physicians are required to check the PDMP before they write a new prescription, so this increase indicates that, unfortunately, more people are being prescribed opioids today than pre-COVID-19, LaBorde says.
The second key data point is the use of overdose rescue drugs.
Naloxone, well known by its brand name Narcan®, is given to patients who present with an overdose. “You don’t want to see an increase in use of this,” says LaBorde. But according to IllumiCare’s data, health systems’ use of naloxone increased 16% from February 2020 through January 2021. “That tells me that not only is opioid usage going up, so are the total number of overdoses,” says LaBorde.
The numbers aren’t as simple as they first appear. Interesting factors to take into account are elective surgeries and emergency department (ED) visits. Elective surgeries are a huge driver of initial opioid prescriptions, since patients often deal with pain in their aftermath. “Opioid prescriptions by health systems showed an enormous dip in March, April, and May, when many health systems stopped doing elective procedures,” he says.
But overall prescriptions went back up after that. Elective surgeries, however, were not fully back in swing, as organizations limited procedures out of caution. Also, ED visits were still down even in late 2020.
“A lot of people had, and still have, a hesitancy to go to the ED because of COVID,” says LaBorde. “So when I said there was a 16% increase in Narcan use, I ruled out every surgical patient and said let’s eliminate these populations and see what’s happening with the rest of the medical world.”
With fewer elective surgeries and limited ED visits, the prescriptions for opioids should have been limited, LaBorde thought. “My takeaway and hypothesis is that COVID has caused a huge mental strain,” he says. “It doesn’t surprise me at all that people would turn to a drug that has been abused for mental health reasons.”
The increases in prescriptions and overdoses as tracked by the IllumiCare app support this hypothesis. “If you look at the chart of overall use, it looks like things are unchanged from pre-COVID,” says LaBorde. “Those surgical cases involved were a baseline of appropriately prescribed opioid use. But remove that population, and that’s where you see this troublesome increase.”
Acting on the data
So looking at these numbers, what do we do with them? And how do we address opioid over-prescribing in the age of COVID-19? LaBorde suggests that the data offers an opportunity for greater awareness and sensitivity among providers.
“Clinicians can appreciate that any patient could be really struggling with mental health issues during this horrible crisis,” he says. “That may be the underlying reason why they’re there. For people to see the doctor today, they have to overcome a bit of hesitancy and may be desperate to reach out.”
Remarkably, even almost a year into the crisis, surgeries and ED volumes are down as much as 15% to 20%. Even primary care physicians may not see their patients as often, as many patients are still shying away from entering medical facilities to avoid the coronavirus.
“What I see is we have a population struggling,” says LaBorde. “The problem hasn’t magically gone away. We understand why we’re focusing so much energy on COVID, but other crises continue to need our attention.”
PSQH: Patient Safety & Quality Healthcare, March 3, 2021
The electronic medical record environment has presented communication hurdles.
This article was originally published March 2, 2021 on PSQH by Matt Phillion
Collaboration in healthcare is always evolving, though not always as rapidly as we’d like. Efficient communication and sharing of data are key to patient care improvements. The healthcare integration market is enormous—expected to hit $7.5 billion by 2026—and organizations are constantly on the lookout for better ways to collaborate securely to improve patient care.
“The industry’s challenges have been amplified over the past year,” says Will O’Connor, MD, chief medical officer for TigerConnect, a communication and collaboration platform for healthcare organizations.
Two main challenges have come to the forefront as hospitals adjusted how they treat patients during a pandemic, O’Connor says. First, the electronic medical record (EMR) environment has presented communication hurdles.
“We’ve had EMR for 30 years, and they’ve been pervasive for the last decade,” says O’Connor. “I think there’s been a strong overreliance on the EMR as the solution to everything. That’s because a lot of providers spend a lot of time and money on EMR tech, so they want it to do everything, which means that we’re asking it to do something it’s not meant to do.”
Secondly, Connor notes, “the industry is still using fax and pagers to communicate. A lot of health systems are reliant upon these systems, yet they are not connected in a meaningful way that fosters communication.” In a modern world, older communication methods are prohibitive to maximizing communication between caregivers.
“Older technology like pagers and fax machines are not a good way to communicate in any industry, and certainly not in healthcare,” says O’Connor. “That’s what I see as the biggest hurdle.”
Healthcare has a tendency to resist change when it comes to communications technology, and evolving away from the customary methods of collaborating, whether that means pagers or landlines or something else, has been a hard sell for many hospitals.
“People often try to force tools that are not good for communication and in doing so, create inefficiencies,” says O’Connor.
Clinical communication and collaboration platforms
This is where clinical communication and collaboration (CC&C) platforms come into play. “These technologies are available today, designed for healthcare,” says O’Connor.
CC&C is a sort of offshoot of the EMR revolution. When EMR first rose to its current prevalence, organizations weren’t looking for all of their EMR solutions from one location—they might have been using software from several vendors to make everything work. EMR products became more defined, though, with options springing up that were designed to work better together as a single offering.
This kind of evolution is starting to happen with CC&C offerings, as well. “We’re seeing job titles like unified communications director becoming more common, and the industry is now recognizing CC&C much the same way EMR was recognized,” says O’Connor. “These leaders get it; they understand the need for this kind of technology.”
There’s still a struggle in the field with understanding the best way to communicate between providers, support staff, and patients, and how a CC&C can address that—and cut down on the signal-to-noise ratio for providers to help improve care.
“A CC&C includes all your alerts, alarms, and notifications—any form of communication in healthcare that you may get, whether it’s a message to me, or in the context of the job I’m doing, or an alert for a patient I’m taking care of,” O’Connor says. “All of those communications come through the same place.”
And information overload is a real thing in healthcare. “Everything is competing for the primacy of notification,” says O’Connor. “If I’m taking care of a patient in a room, and my old wireless handset device rings, I don’t know if that’s a patient who has pushed a call bell for water or if they’re in distress and need immediate help. Put it all in one spot and you let staff manage their work better rather than be overwhelmed by alerts.”
The ability to triage information is enormous. It can help alleviate the risks of safety issues, and it offers a better experience for both patients and providers.
Real-time location systems
Alarm management and improving provider experience is where the concept of real-time location systems (RTLS) shines.
“At the base of what RTLS systems do is that they track a person and their location,” says O’Connor. “For example, a nurse [on duty]. With RTLS, if there’s an alarm going off, their physical presence answers that alarm and turns it off. There’s a record—I was there, I addressed the alarm.”
The reporting component is essential. By tracking and reporting, the need to manually manipulate the response creates more opportunities for better care.
“It enables staff to operate at the top of their license,” says O’Connor. “That’s what we want nurses and doctors to do. We don’t want them getting water for a patient nine times a day, necessarily. The right system routes the alarm so it’s going to the right person.”
So, for example, a request for water would go to a tech, and the RTLS system would identify the tech’s presence with the patient. This frees up the nursing staff to address time-sensitive tasks requiring their level of expertise. “It’s taking the burden off of people to help them do the best work they can,” says O’Connor.
Communication in a COVID-19 world
The benefits of a technology like RTLS go beyond improving efficiency. There are particular benefits on the patient side as well.
“COVID has exposed a lot of weaknesses,” O’Connor says. For example, patients can no longer have family members with them in the hospital anymore, at least in the ways they once did. “Those family members might have acted as a buffer between the patient and the provider,” says O’Connor. They might have gone to get the patient water, for example, but now the nursing staff must absorb this work.
Because patients’ family or other external caretakers can’t be with them on-site, there’s a new level of need for external communication, and the right tools can help address it.
“These patients may not be able to communicate, and suddenly [because of COVID-19], you’ve got to call the family from the floor,” says O’Connor. It’s one thing to speak to family members in the room with the patient, but with COVID-19, updating loved ones about a patient’s status is suddenly much more complicated.
It turns out that text message is by far the most preferred method of sending status updates to family members, O’Connor says. “With a five-second text, you can reach out to say, ‘We have your spouse here, they’re doing better, and they can check out tomorrow.’ And this saves a nurse or doctor a 20-minute phone call trying to get in touch with the patient’s family.”
Converting phone calls and chasing down family members into quick, easily sent texts means freeing up providers to handle more volume. “If all my communications for the day can be done in 35 minutes instead of two hours, I have more time with my patients,” says O’Connor.
Not having the family in the hospital has exposed how traditional communication between providers and family members has actually been inadequate. Ensuring instructions get where they need to go has always been difficult in the best of times, but now it’s something that a CC&C solution can assist with.
An eye on security
Of course, with any technology, especially one involving conversations that extend outside the hospital, it’s important to consider cybersecurity.
“We can’t just simply text patients; it’s not HIPAA compliant,” says O’Connor. “What we do, and what CC&Cs generally do, is send a secure link [via text] that will open up an app-less experience. We can push all security through a browser link.”
Being app-less is important, O’Connor says, because apps can come with their own security and adoption challenges. Also, having the right methods in place—an easy-to-send secure link, for example—can help keep staff from doing the wrong thing while trying to do the right thing. It helps avoid the temptation to simply text the family unsecurely, opening up the risk of a data breach.
Barriers to adoption
So what has stood in the way of more adoption for CC&C or RTLS options? In some ways, the frustrating build-out of EMRs bears some of the blame. “EMRs took all the oxygen out of the room,” says O’Connor. “Clinicians might think: Now you want me to use something else?”
There was a massive amount of work implementing and training providers on EMR, and the workday shifted significantly with its advent and adoption, forcing providers to spend less time with the patient.
“The extra time working with new technology has to come from somewhere, so it comes from their personal time, or time with the patient,” says O’Connor. “A lot of people in medicine have been resistant because of bad experiences rolling out EMR.”
But the time saved with a CC&C system can be a game changer, if everyone gets on board. O’Connor mentions a colleague, an ED doctor who still uses pagers and loses time waiting for consults to call him back, which could take anywhere from 30 seconds to two hours.
“But what if you don’t have to look at the board and see who’s on call: the solution tells you,” says O’Connor. Start typing the specialist you need, and the right person pops up on screen.
“That’s when you get people hooked,” says O’Connor. “And the communication is just one small part of it. Data, analytics, identifying which nurses are overloaded—a CC&C helps your data tell a story, and that leads to better care.”
Matt Phillion is a freelance writer covering healthcare, cybersecurity, and more. He can be reached at matthew.phillion@gmail.com.
PSQH: Patient Safety & Quality Healthcare, February 24, 2021
For any healthcare organization, from a group practice to a corporate entity or hospital system, maintaining performance improvement should be the primary goal in seeking accreditation.
This article was originally published February 23, 2021 on PSQH by José Domingos
From HIPAA laws to the Affordable Care Act, the healthcare industry is highly regulated. In an ever-evolving healthcare landscape, significant regulatory updates occur rapidly and frequently. The COVID-19 pandemic has served to highlight this trend, often requiring organizations to shift focus abruptly while simultaneously demonstrating compliance in a new, challenging environment.
Now more than ever, healthcare provider organizations can benefit from leveraging the broad value of accreditation. Many people associate accreditation solely with compliance and the survey experience, but with the right partner, accreditation is the source of a business relationship that can help drive performance improvement, operating efficiencies, and risk management—all aspects of a successful business growth strategy—while maintaining regulatory compliance.
Ongoing quality improvement
For any healthcare organization, from a group practice to a corporate entity or hospital system, maintaining performance improvement should be the primary goal in seeking accreditation. Performance improvement is central to sustaining all other objectives—fulfilling legal requirements, attaining higher reimbursement, and strengthening competitive advantage.
There is considerable evidence that accreditation programs improve outcomes across a wide spectrum of clinical conditions (Melo, 2016). Actively engaging the entire organization—from administrators and practitioners to facility engineers and human resources—in a culture of improvement embeds the practice of accreditation into daily policies and procedures to improve the quality of care and strengthen the organization.
Quality improvement is a pervasive theme across accreditation standards, regardless of setting. The broad issues addressed may be rooted in patient safety and clinical care, but they are also building blocks of a high-performance organization. Elements include:
Developing a broadly conceived program to touch every area of an organization through data collection activities. Whether employee-based or contracted service, almost every aspect of operations can be covered by a comprehensive, effective quality improvement program.
Attaching specific, measurable goals to each service area to establish data-driven, evidence-based protocols. Data for data’s sake is not useful. Context makes the data actionable.
Fully communicating results to ensure engagement and establish accountability spanning from frontline staff through the governing body. At the staff level, quality data is collected and compared with past performance. At the management level, patterns are identified and recommendations are made to maintain a positive trajectory or to correct off-target trends. The executive level holds ultimate responsibility for the quality of services delivered, and as the quality reporting is communicated upward, there is continuing evaluation of whether performance is serving to advance the organization’s mission and strategic goals.
In short, the more frequently organizations are thinking about accreditation, the easier it is to integrate the standards into daily, frontline activities and managerial decision-making. For executive leaders who embrace a performance improvement process as the nexus of their operating plan, an accreditation focus brings added value to business operations. Continuous, small course corrections are easier and more sustainable than instituting major overhauls when a survey is approaching. This principle applies equally to standards compliance and business management.
Optimizing efficiencies
With healthcare organizations operating on slim margins, operational efficiency is critical to success. Administrators and other leaders must comply with complex federal and state laws while simultaneously seeking to manage and reduce costs.
For an organization considering expansion, ensuring consistency in quality of care across all services and locations is essential. Whether a home health agency wants to expand into home infusion therapy or a physician group seeks a hospital partner for a joint venture in outpatient surgery, an accreditation resource offering comprehensive service solutions can support sustainable business growth. Taking an integrated approach promotes consistency of practice, optimizing efficiencies across service lines and locations.
Similarly, sharing best practices across service lines and/or facilities is a major benefit for any organization, regardless of size. For a system, a single accreditor facilitates internal benchmarking opportunities. For a smaller setting looking to expand service lines, it streamlines the launch process.
Using an already accredited facility as a template of quality care allows providers to adapt their model of success in other areas. With these best practices established, healthcare organizations also can demonstrate to investors the value of a new operation.
There are many documented benefits of accreditation, such as enabling better organizational structures and processes, promoting quality and safety cultures, and improving patient care (Nicklin et al., 2017). In a survey of health departments that had been accredited for one year, more than 90% reported experiencing benefits such as stimulation of quality improvement and performance improvement opportunities, increased accountability and transparency, and improved management processes (Kronstadt et al., 2016).
Accreditation standards offer a framework to help your organization develop improved structures and operational excellence. Healthcare leaders should use the accreditation process to inform strategic management and operational decisions.
Differentiating from competitors
Accreditation status can differentiate a healthcare organization within the community and offers significant competitive advantages. Achieving accreditation assures patients and potential partners that your organization provides the highest quality of care, giving them the confidence to choose your facility over one that is not accredited.
The ideal accreditor provides ongoing, comprehensive guidance and services to meet a range of needs, such as recognition for specialties that distinguish facilities from their competitors. For example, a stroke center designation for a hospital means the local EMS can transport a patient to that facility knowing the patient will receive the specialized care necessary for quick assessment and treatment. This type of recognition focuses on the organization’s ability to provide a specialized service and stresses to the public that the organization is dedicated to meeting the community’s need.
While accreditation standards are designed to meet federal and state requirements, healthcare providers should consider an implementation strategy that is customized and tailored to their organization to ensure adequate differentiation and relevant risk management. Ongoing access to accreditation resources, experts, and education helps organizations identify high-risk areas and adjust to regulatory changes more smoothly and efficiently.
By using best practices and data collected to meet accreditation requirements, a process is already in place to adjust for risk or update methods and procedures to improve quality of care. This proactive approach to risk management should limit errors and lead to safer processes. As testament, many liability insurers recognize the benefits of accreditation and reduce premiums for accredited organizations.
Accreditation can be a vital tool to optimize and expand your healthcare business. Through ongoing support from an accreditation provider, an organization can realize the value of accreditation beyond the survey cycle. Its optimal impact is achieved when an organization uses quality improvement and risk management to leverage accreditation as a capacity-building tool.
José Domingos is president and CEO of Accreditation Commission for Health Care (ACHC), a nonprofit healthcare accrediting organization with 35 years of experience promoting safe, quality patient care.
PSQH: Patient Safety & Quality Healthcare, February 24, 2021
The shortage affects not just cardiology, but the entire spectrum of care—and it extends beyond places traditionally thought of as having limited healthcare options.
This article was originally published February 23, 2021 on PSQH by Matt Phillion.
An aging population, a shortage of clinicians, and an abundance of data—treating patients grows more and more complicated all the time. Leveraging available and emerging technology to maximize efficiency, however, offers a chance to improve care in innovative ways.
“The population is aging, and more and more people are suffering from cardiac issues. Expertise is expensive, and there is limited access to those experts,” says Jia Li, co-founder of Cardiologs, a medical technology company developing medical-grade artificial intelligence (AI) and cloud technology to improve cardiac diagnoses. “If we want accurate diagnoses and to deliver the proper therapies to the right patient, this shortage of expertise is a problem.”
The shortage affects not just cardiology, but the entire spectrum of care—and it extends beyond places traditionally thought of as having limited healthcare options. From the U.S. and Europe to Africa and Asia, the universal need for more highly skilled physicians and other clinicians places these experts, and their time, at a premium.
There’s also the matter of cost. “[Cardiac] diagnoses are extremely labor-intensive,” says Li. “Before delivering therapy, physicians need to interpret and analyze the data gathered on the patient.” Electrocardiogram (ECG) data, for example, can take up to 90 minutes for a physician to interpret. And with today’s technology, Li notes, we are creating more and more data to be analyzed and interpreted.
“Our healthcare system, our doctors cannot analyze all the data available,” he says. “I don’t think it’s just a problem of there being not enough people with the expertise. While the science and the knowledge is developed, we have a need for more and more specialists in one domain. The problem is that a human, even an expert in their domain, has a limited capacity to digest all the data and information presented, and it requires years of training to reach that expert level.”
Beyond this, specializing in one domain may not be enough—the task of analysis becomes more difficult, even for experts, as the amount of data grows.
Leveraging emerging technology
The answer, Li says, lies in adapting to available technology to improve the efficiency of that analysis. For example, he specifically works with developing machine learning to address ECG processing problems. Machine learning is the study of computer algorithms that improve automatically through experience, and is part of the general concept of AI. These algorithms build a model from “training data” to make decisions or predictions.
But, one might ask, won’t letting AI do part of the analysis mean we’ll need or rely on humans less? Not so, Li explains.
“I don’t think AI is going to take the job from humans,” he says. “Humans don’t have anything to fear at this stage. We are far from what we see in science fiction in terms of AI capability. We’re not moving in a direction in the industry in which AIs can replace human beings.”
The current context, Li adds, is that AI would work alongside humans to deliver better care. “It’s extremely important for us to find the correct interface between the two,” he says. So what would that interface look like?
In terms of communication, the first thing an AI would do is help physicians make their diagnosis. This is already happening in CT scans, MRIs, and ECGs. “This allows the doctor to spend less time on the diagnosis, and focus instead on the therapy and the time they spend with the patient,” says Li.
AI wouldn’t remove the doctor from the diagnosis completely, Li says. Some diagnoses are extremely complicated, but others can be labor-intensive and repetitive—and an AI can shoulder that latter work, freeing up physicians to handle the more complex tasks.
Involving AI in diagnosing patients could also help create more accurate data. Li notes that in ECGs, physicians have developed rules for biomarkers for certain conditions. In the future, AI could help analyze the large amount of data collected to identify biomarkers that are not necessarily visible to the human eye. Experts could then study the results the AI provides, get a better understanding of a biomarker, and better correlate how it is related to the condition involved.
Concerns about AI
While fears about AI taking over human jobs are unfounded at this point, there are some limitations to AI that are worth noting so that the humans using this technology can work through them.
One important topic in this area, Li notes, is bias. “There’s a lot of debate about this,” he says. “Studies have shown that there might be bias introduced either from the data set used, or the way the human developers model their data that could introduce this bias into the machine learning or AI model.”
A typical example of bias outside of healthcare is facial recognition. It’s known that racial bias can show up in this technology, rendering it far less accurate when scanning images of darker-skinned women, for example.
While the origin of bias is not always 100% understood depending on the data the AI is examining, healthcare teams developing AI are aware that it can crop up.
“This is a hot topic, and people are trying to address this concern by making more robust data sets, more robust evaluation,” says Li. “From our end, we also make sure to include variability and large sample sizes in the demographics of our ECG training data, so as to account for potential bias linked to ethnicity.”
Another concern is being able to explain what the machine learning model has learned. The process of machine learning can be difficult to explain, and experts on the healthcare side might be confused by the conclusions the AI comes up with.
“This is why dedicated researchers and experts try to improve transparency and to develop tools to explain what happens inside the machine learning model,” Li says. Cardiologs, for example, tries to build a comprehensive visual interface for physicians to interact with the AI.
Helping physicians connect the dots comes down to understanding how the AI does its job. For example, most of the time AI will report the result of the specific analysis it was asked to undergo. It will say whether a given condition exists or does not exist. It will look for what it’s told to look for.
“The AI will tell you it sees no dog, it sees no cat,” Li says. But a human can ask: What about another animal?
Future benefits
The potential benefits of AI extend beyond helping with efficiency and freeing humans from labor-intensive analysis, Li says; it could also help with the spread of expertise across the industry.
“In the future, if machine learning could provide a deep dive into specific areas, we might need more general practitioners or technologists, cross-domain experts to work with that data,” Li says. “The AI would enhance or augment doctors on a very specific topic.”
For example, a neurologist working with a stroke patient may need to work with the cardiology department to look for atrial fibrillation if they’re unable to read the results of a test themselves. But neurologists can sometimes have trouble synching up with the expertise they need because of limited access to specialists. In this case, an AI could help them analyze the data, speeding up diagnosis and treatment.
Li imagines the industry might end up needing more generalists, pilots who can oversee the big picture provided by AI analysis.
He also talks about AI’s potential in remote monitoring of patients. Healthcare has already seen an increase in remote monitoring over the past 10 years, driven further by the COVID-19 pandemic. The ubiquitous nature of mobile devices helps make recording digital signals remotely far more accessible than before. There are 10 times as many Apple Watch® wearables worldwide than there are Holter recorders for monitoring ECG signals, for example. This has the potential to generate more and more data—the sheer volume of which, Li points out, would call for AI assistance.
“Doctors are already saying they don’t have the capacity for this much data—and that means it may not have as much value,” Li says. “AI will be able to help doctors triage this amount of data.”
At the end of the day, the concept of using AI in healthcare is meant to expand how patients receive care, rather than take away from the value of human expertise.
“The goal of AI in the medical domain is similar to all medical devices. We want to bring benefits to the patients,” Li says. “We want to enhance and help doctors.”
PSQH: Patient Safety & Quality Healthcare, February 23, 2021
Free peer support offering for healthcare workers gains global traction.
This article was originally published February 23, 2021 on PSQH by Megan Headley
New York insurer EmPRO Insurance Co. has long been providing peer support and other management tools to help healthcare workers deal with chronic stress and other burnout-related issues. It is, after all, good business for a medical malpractice insurance company to keep the physicians it insures in excellent shape.
However, since March 2020, the company has opened its support groups to healthcare employees around the world who may need help managing the mental and emotional stress of the COVID-19 pandemic. To date, more than 1,000 professionals from all 50 states and other countries, including India, Israel, and Canada, have taken the company up on these free, anonymous resources.
Gerri Donohue, vGerri has a accountice president of education at EmPRO, who developed the company’s physician peer support program, calls this popularity more evidence of the need to better support frontline workers’ emotional needs.
“A peer support program, especially of the complexity of the level that EmPRO offers, is not really something that we’ve seen in the industry,” Donohue says. “Why not offer it to as many healthcare workers as we possibly can?”
As Donohue remarks, EmPRO isn’t actively seeking to collect information about the diverse group of physicians who are tuning in, although some clinicians have volunteered the information that they’ve set their alarm clock to Eastern time to tune into a group discussion session. This group is less about marketing and entirely about removing isolation—which is a key contributor to physician burnout and has only intensified since the beginning of the pandemic.
In the roughly 10 years since EmPRO began offering emotional support tools, the company has recognized, perhaps paradoxically, that as an insurance company they’re able to provide a unique level of support to clinicians suffering from burnout and chronic stress.
“It’s very difficult for hospitals and healthcare organizations to try to implement something like this within their organization because of disclosure issues and fear,” says Tristan Mueck, DO, assistant medical director at EmPRO. “We know that there are hospitals telling people what to say and what not to say outside of their organization, and that [clinicians] are worried about termination related to things that they have said in relation to the pandemic. In that environment, having an honest, open discourse is very difficult.”
Because the healthcare workers taking part in these programs come from so many health systems, EmPRO’s leaders hope there’s greater trust in the anonymity their program offers. It’s a model that could prove useful to other third-party support groups or health systems working together to drive greater adoption of their burnout prevention offerings.
Permission to seek help
Donohue notes that the pandemic seems to have given physicians more “permission” to admit that they need help, and that could be contributing to the uptick in people registering for support sessions.
“Physicians are terrible at assessing their own level of stress,” Mueck adds, citing a 2014 study published in Annals of Surgery. A survey of 1,150 U.S. surgeons asked to assess their own well-being relative to their colleagues found a majority (89%) believed their well-being to be at or above average—including 71% of surgeons with scores in the bottom 30% relative to national norms.
“It just shows how physicians are disposed to minimize their own suffering psychologically and to bear down and take whatever load is placed upon them,” Mueck says. “That’s what we’ve seen with the pandemic.”
That’s one reason Donohue sees burnout-prevention programs as critical to implement today: These programs may now be more likely to encourage healthcare workers to care for their own emotional needs and build habits that could improve their health in the future.
“When the vaccine comes and everything starts to fall back into some sense of order and normalcy, there may be a tendency for physicians to retreat rather than to go for help,” she cautions. “It’s in the nature of physicians. They want to give and they want to help.”
Support that deemphasizes stigma
While EmPRO’s physician wellness program includes individual and group peer support elements, it also relies on programming that does not emphasize providing help, but instead focuses on building community. In many ways, the stigma around support has shaped the programs the company offers.
“Most of our groups are not called support groups,” Donohue explains.
One recent example is the company’s Writer’s Studio, run by narrative medicine specialist and endocrinologist Barbara Hirsch, MD, MS. In these recent sessions, Donohue says, “[Hirsch] will bring a story or poem, everybody will take a look at it together, and it usually leads them back to COVID, even though the story or poem had nothing to do with COVID.”
Narrative medicine uses reflective writing or literary analysis to help humanize healthcare. It increasingly helps physicians connect with patients at a human level, pushing them to use storytelling to look more fully at the patient. In these programs, however, stories also provide a cathartic release for the stressors that clinicians face. What’s more, Donohue says, a program can provide this release without being advertised as a support group.
“If you ever asked those physicians if they went for support that night, they would say, ‘No, my insurance company is offering something that reminds me of my college days in literature that I loved.’ In fact, they’re expressing their fears of getting sick themselves, bringing sickness to their families, and the stresses that they face on a day-to-day basis,” she explains.
The company’s mindfulness offerings are promoted in much the same way, as is its newest offering, Women in Medicine.
“When you look at that title, nothing comes to mind initially. It could be women in medicine getting the same pay or women in medicine becoming CEOs of hospitals,” Donohue says. “We wanted to do that intentionally to let it take its own form.”
The goal, however, was to create a place where women could form supportive connections and begin to turn the increasing tide of risks uniquely impacting female physicians. The program was built with a 2020 JAMAstudy in mind, which had found that while male physicians are 33% less likely to die by suicide than men in the general population, female physicians are 46% more likely to die by suicide than women in general.
Ultimately, Donohue says, this was the heart of this targeted group’s earliest meetings. “We wanted to have a place for them so that when the group is over that they have a connection with each other, another woman physician going through something very similar,” she says. “We are hopeful that we’re going to be able to reach those who have been a little bit more silent in their suffering and give them a life preserver.”
An important trend
The Medscape National Physician Burnout and Suicide Report 2021 released this January found that, percentage-wise, physician burnout remains at the same critical level as before the pandemic, with 42% of physicians reporting burnout. However, the pandemic has changed the specialties hit hardest, with critical care, rheumatology, and infectious disease specialists ranking among the highest in reporting burnout for the first time. Nearly 80% of the 12,000 physicians surveyed said they had felt burned out before the pandemic began, and only 8% named the stress of treating COVID-19 patients as the primary cause of burnout (most cited bureaucratic demands).
If Donohue’s and Mueck’s observations are correct, healthcare workers who have been dealing with burnout for some time are finally, as a result of the pandemic, seeking critical support and self-care. Putting more such tools and support in place now could help make this a growing trend in the months and years ahead.
PSQH: Patient Safety & Quality Healthcare, February 16, 2021
Although the GHS's most current version is Revision 8, published in 2019, OSHA is aligning with the previous version of the GHS, published in 2017.
This article was originally published February 16, 2021 on PSQH by Lisa Whitley Coleman
The Occupational Safety and Health Administration (OSHA) proposed rules to modify the Hazard Communication Standard (HCS) to conform to the United Nations’ Globally Harmonized System of Classification and Labelling of Chemicals (GHS) Revision 7, which is more current than the version of the GHS that’s incorporated into the existing HCS.
This action is expected to “address issues that arose during the implementation of the 2012 update to the HCS, and provide better alignment with other U.S. agencies and international trading partners, without lowering overall protections of the standard,” according to OSHA’s proposed rulemaking. “OSHA has preliminarily determined that the proposed revisions to the HCS will reduce costs and burdens while also improving the quality and consistency of information provided to employers and employees regarding chemical hazards and associated protective measures.”
The summary of the rulemaking also states, “The agency has preliminarily determined that the proposed revisions will enhance the effectiveness of the HCS by ensuring employees are appropriately apprised of the chemical hazards to which they may be exposed, thus reducing the incidence of chemical-related occupational illnesses and injuries. The proposed modifications to the standard include revised criteria for classification of certain health and physical hazards, revised provisions for updating labels, new labeling provisions for small containers, technical amendments related to the contents of safety data sheets (SDSs), and related revisions to definitions of terms used in the standard.”
See OSHA’s HCS website for more detailed information regarding these changes.
These updates to the HCS are expected to “improve and enhance worker protection by:
Providing additional clarification of existing regulatory requirements
Incorporating new hazard classes and categories
Improving and streamlining precautionary statements
Facilitating international trade through increased alignment.”
Although the GHS’s most current version is Revision 8, published in 2019, OSHA is aligning with the previous version of the GHS, published in 2017.
This regulatory action is expected to affect 115,758 firms; 152,427 establishments; and 1,510,780 employees. However, because the rulemaking is not expected to cost more than $100 million in any one year, it is not considered to be an economically significant action, as defined by Executive Order (EO) 12866.
It is scheduled to be published in the Federal Register on February 16, 2021, after which public comments will be accepted for a 60-day period.