The Future of Healthcare – Patient Engagement is Due for a Paradigm Shift

Post by Beth Sutherland, RN, BSN

Clinical Product Manager, Caradigm

Just as healthcare is making the shift from volume to value, the concept of Patient Engagement needs to be reimagined in several important ways:

View patients as healthcare consumers with varying levels of engagement in their own care…
Some patients will actively choose how, where and when to access healthcare based on cost, quality data and other patient’s reviews. They expect personalization and patient-centricity from their healthcare providers, and make decisions based on being directly responsible for healthcare costs.

Other patients may feel overwhelmed by managing their health and will require a more guided and supportive approach to understanding, monitoring and potentially confidently managing their conditions at some point.

Acknowledge the impact of factors such as behavioral economics in decision-making…

The reality is people often don’t make rational decisions – in fact, many irrational factors influence thinking such as:

  • Status Quo bias: “This is what I’ve always done…”
  • Complexity Aversion bias: “Too many factors to consider…”
  • Present Time bias: “Going to the gym now is too hard…”
  • Peanuts effect: “It was only 1 donut a day (for 10 years)…”

Important health-related behavior changes need to be framed for patients in recognition of these biases – the long-term impacts of old habits can be re-framed relative to current goals, incentives can be created to establish more immediate payoffs for difficult changes and seemingly overwhelming tasks can be broken into a series of smaller, achievable wins that build confidence and belief that “Yes, I can do this.”

Health goals and behavior changes must be made relevant to each patient by relating them to individual, personal priorities:
For behavior change to occur, care has to fit meaningfully into patient’s lives. Patients are motivated more by personal goals rather than potentially overwhelming healthcare metrics. Patients care more about spending time with their grandkids or being able to walk their dog rather than controlling blood glucose levels or lowering blood pressure. By understanding these priorities and reaching patients with relevant, personalized messages at the right time outside of the care setting, the likelihood of successfully triggering positive health-related behaviors increases dramatically.

For success in population health management to be achieved, Patient Engagement must evolve from being a non-essential, ‘nice to have’ function to a critical driver of success. By clearly demonstrating the value and ROI that patient engagement can bring to the management of populations, the role that patients play will finally be recognized – for the impact it can have in their own success and that of care teams. When patients are truly activated to participate in their own care and own the management of their health, the industry will be transformed.

How Some Accountable Care Organizations (ACOs) are Taking the Lead

Post by Christine Boyle

Senior Vice President of Marketing, Caradigm

The number of Accountable Care Organizations (ACOs) in the Medicare Shared Savings Program (MSSP) has continued to grow steadily as there are now approximately 405 participants after the latest wave of 89 newly accepted applicants.[i] Participating as a MSSP ACO gives healthcare organizations a low-risk means to start transforming to value-based care while they change processes and acquire new health IT infrastructure. Although the program is still fairly new, having only been around since 2012, about 25 percent of ACOs have started to separate themselves from the pack by being able to generate shared savings.[ii]

Being able to generate shared savings is crucial for ACOs because the underlying premise of value-based care is that coordinated, preventive and evidence-based care will both improve the health and  lower the per capita cost of a defined population. Furthermore, the sharing in cost savings helps offset reductions in fee-for service revenue, pay for new health IT infrastructure, and builds organizational momentum for the expansion of risk-based contracting. However, generating shared savings has been an elusive goal for the majority of MSSP ACOs to date.    

Dr. Randall Williams, MD wrote an interesting article on this topic recently on Pharos Innovations discussing why most ACOs have fallen short of generating cost savings. His hypothesis is that “…most ACOs are still working on basic organizational issues like:

  • Integrating their doctors
  • Getting CMS claims data into a format that can be analyzed
  • Documenting and reporting quality performance metrics

While that work is necessary, it is not at all sufficient. It won’t generate the cost savings required to get to the shared savings bonus opportunity.” [1]

Dr. Williams believes that the ACOs that have been successful in generating shared savings have focused heavily on reducing avoidable admissions and readmissions.  He makes an excellent point that ACOs need to transition from a tactical focus on operationalizing their ACOs to a strategic one that will drive greater results. 

Transforming to value-based care is a complex process because it impacts the entire organization. For ACOs to achieve greater results they have to move away from siloed efforts and approach value-based care as a series of interconnected activities. It is not just solely about data, not solely about analytics and not solely about clinician workflows. It’s about all of those activities operating in an integrated manner and augmenting each other. This is known as an enterprise population health approach that integrates data, analytics, and workflows across the entire organization to support new care models. An enterprise approach leads to synergies and efficiencies across the organization that are the difference makers when trying to drive results as quickly as possible for a targeted population.

2015 is a critical year for ACOs to hone in on the strategies and health IT infrastructure that will help them move into the leaders group of ACOs generating shared savings. We have just published a new whitepaper entitled “ACO Best Practices for Shared Savings” that explores this topic more by profiling the strategies used by a few successful ACOs and recommending what ACOs could be doing differently this year.

Download the whitepaper here.

[i] Evans, M. (2014, December 22) 89 ACOs will join Medicare Shared Savings Program in January. Modern Healthcare. Retrieved from

[ii] Kocot, S., Mostashari, F., White, R. (2014, February 7) Year One Results from Medicare Shared Savings Program: What it Means Going Forward. Retrieved from:

[iiI] Williams, Randall, MD. Want to win with value based purchasing? Start with the fundamental challenge. February 2015.

The Future of Healthcare: Innovating Coordinated Care

Post by Scott McLeod

Director of Product Marketing, Caradigm

One of the most impactful developments in healthcare today is the movement towards coordinated care. It’s essential as more healthcare organizations engage in population health management and participate in a broader health network with a variety of partner providers. Many providers have recognized that the care of a high-risk patient is a team-based activity that requires the coordination of a variety of clinicians and care givers serving different roles. It also involves a series of processes – intake, screening, assessment, developing a plan of care, reviewing a plan of care, making contact with care givers, reviewing medications, etc. To deliver the best patient outcomes possible, providers need to ensure that these processes are being completed efficiently and consistently across the team.  

The idea of coordinated care is not new, but being able to deliver it effectively is starting to become a reality as new health IT emerges to help enable it. A care team is made up of a diverse group of clinicians and family members that can include primary care physicians, specialists, a lead case manager, an in-patient case manager, a field coordinator that works on non-clinical tasks, a pharmacist, community organizations, and family and friends that may be providing support such as transportation or helping pick up medications. That’s a lot of people and a lot of information that is needed to properly care for just a single patient. Multiply that by potentially thousands of patients in a care management program, and it becomes clear why coordination and efficiency can be challenging.

Here’s how health IT can innovate care coordination. First, it brings together all the data and information needed to care for a patient from all systems across the health network. All care givers have a 360 degree view of the patient that includes the plan of care, medications, lab results, vitals, documents, immunizations etc. When an update is made, all care givers have that update in real-time. With a full 360 degree view of patients, the care team can see longitudinal data and patient responses over time, identify and address subtle changes and deliver patient-centered care by incorporating patient personalized goals.

Second, it transforms the efficiency of clinician workflows, which leads to increased productivity and consistency of care. Physicians can see care gaps and close them while still in the presence of a patient. Care plans, task lists and interventions can be automatically generated from the patient’s clinical information and assessment responses. Complete medication histories can be brought into single patient views that display order and fill history for easier review. Patients that may need immediate attention can also be tracked across the continuum through event-based alerts (e.g. admissions, discharges or Bluetooth device alerts). Lastly, all of the needed tasks are being assigned to the right team members assuring “top of license” activity.  

From the patients’ perspective, they’re on a better path to become healthier as they receive care focused on wellness and preventive measures. They’ll also receive a better patient experience as they don’t have to repeat answers and all care givers are up-to-date on their information. Care coordination is one of the foundational strategies healthcare organizations must employ to achieve the Institute for Healthcare (IHI) Triple Aim of 1) Improving the patient experience 2) Improving the health of populations and 3) Lowering the per capita cost of care. With a little help from innovative new health IT, coordinated care can become a reality.

The Future of Big Data in Healthcare

Post by Neal Singh

Chief Technology Officer, Caradigm

The idea that there could be undiscovered insights residing in large data sets that can be used to drive innovation is fascinating. That’s why Big Data has so many people excited, including myself. In healthcare, Big Data is essentially a core component of population health management, a strategy that is helping healthcare organizations transform to value-based care. Although most healthcare organizations are still in the early stages of both strategies, there is no question that Big Data and population health will play major roles in shaping the future of healthcare. Let’s explore this issue further to better understand what steps healthcare organizations can take to realize the full promise of Big Data.

Getting to Big Data

The traditional healthcare organization is evolving beyond the walls of the hospital. Providers must now coordinate care across a broader health network that can include a large number of clinical partners often using a variety of technology systems. Although it can be a challenge to bring data together, it is the first required step towards gathering large quantities of data. It is also important to consider that clinical data is only the starting point. Where Big Data in healthcare starts to get really innovative is when clinical data is combined with other types of information such as claims, financial, lab, pharmacy, unstructured data (e.g. clinical notes), etc.  Providers that can establish the processes and tools to automate the aggregation and normalization of data regardless of the system or structure they reside in will be set up for Big Data success.

From Data to Insights

After an organization achieves data aggregation, it should celebrate because that is a major accomplishment. However, that is only step one in the journey because the data has to be turned into insights that can drive improvement. One of the most powerful uses of healthcare data is in predictive modeling, which helps providers understand their patient populations and anticipate where they can have the highest return on intervention. For example, providers can measure patient motivation, and use it to predict which patients will follow physician instructions and benefit most from targeted interventions. They can also predict which patients will become the sickest next, i.e. those that are most likely to transition from low to high clinical and financial risk over the next 12 months, so they can intervene proactively. As risk has shifted from payers to providers, this ability to understand the risk in a population has become essential.

From Insights to Action

The last, but most important, step is to surface insights and information within clinician workflows in real-time so that they can take action and improve outcomes. For example, a physician can see gaps in care for patients and close those gaps while still in their presence. A care manager can be alerted when a high-risk patient is admitted to the emergency department to ensure proper transition of care. A clinical analyst can monitor patient data on a large number of patients who have had catheters inserted, and alert a nurse when the data shows that a patient is showing signs of a potential infection.  

Most exciting is that all of the above use cases are not hypothetical or years away from becoming reality. They are all possible with today’s health information technology. These innovations stemming from Big Data are starting to take hold, but it will take time for them to truly become the norm in healthcare. There is no doubt, however, that momentum is building for both Big Data as well as population health, and that they will play leading roles in healthcare’s future.

What The Anthem Breach Teaches Us About Access Control

Post by Azam Husain

Senior Product Manager, Caradigm

As more details continue to emerge from the Anthem breach, the incident has put all healthcare organizations on notice. The estimated cost of the breach could be in excess of $100 million with as many as 80 million people impacted.[1] A breach of this magnitude is an important learning opportunity to think about healthcare security best practices and in particular, how to control access to sensitive data in organizations.  Here are several key takeaways from the breach for healthcare organizations.

Data thieves are looking for soft targets

Healthcare organizations are prime targets for cyberattacks not only because healthcare data is valuable, but because healthcare organizations have a reputation for being susceptible to breaches. In this HealthcareIT News article discussing the breach, Lynne Dunbrack of IDC Health Insights said “Cybercriminals view healthcare organizations as a soft target compared with financial services and retailers because historically, healthcare organizations have invested less in IT, including security technologies and services than other industries, thus making themselves more vulnerable to successful cyberattacks.” Until healthcare as an industry improves its adoption of security practices including data access control, cybercriminals will continue to view healthcare data as a vulnerable target.     

Improper access is a top security vulnerability

Investigators believe hackers accessed Anthem’s information by stealing system administrator credentials of five different employees. They also believe that the breach had been in progress for several years.  Benjamin Lawsky, Superintendent of New York State Department of Financial Services, said in this article that “Anthem is a wake-up call to the insurance sector really showing that there is a huge potential vulnerability here.”

Some have pointed out that Anthem should have encrypted the information, however, the greater shortcoming was the lack of proper access controls. Encryption would not have stopped attackers who had gained authorized credentials. The vulnerability was not in the software, operating system or hardware, but in the process of managing proper access controls based on business and operational requirements. 

Three types of safeguards are needed to control access to sensitive data

Managing access control can be challenging, especially with respect to preventing insider data breaches or simple mistakes by users with high level access. Anthem is not alone as many organizations need to tighten system access.  When providers are considering what strategies to employ to improve access control, they should consider three broad types of safeguards.  

1)      Technical safeguards – Grant role-based access to data and applications on a need-to-know basis.

2)      Physical safeguards – Control of physical workstation access and access to clinical applications.

3)      Administrative safeguards – Create comprehensive policies and auditing tools that allow a compliance manager to report on who has access to which systems, applications and patient records as it applies to their role.

Caradigm is the leader in Identity and Access Management (IAM) solutions, and is focused exclusively on healthcare organizations. If you’d like to discuss your access control needs further or see a demo, contact us here.   

[1] Osborne, Charlie. “Cost of Anthem’s data breach likely to exceed $100 million.” Retrieved from 2.12.15

Planning Your DSRIP Implementation

Post by Vicki Harter

Clinical Product Manager, Caradigm

We are in the middle of a broad and dynamic effort to reform Medicaid. In 2014, 30 states reported having some delivery system reform initiatives underway with that number increasing to 40 states in 2015.[1] Delivery System Reform Incentive Payment (DSRIP) programs are one example of Medicaid reform that is top of mind for provider organizations because of the significant funding available to support the transformation of care to Medicaid beneficiaries. Nine states (California, Illinois, Kansas, Massachusetts, New Hampshire, New Jersey, New Mexico, New York, and Texas) have indicated that they plan to implement or expand DSRIP programs in FY 2015, so for providers in those states, it is the right time to strategize how to implement a successful DSRIP project supported by health information technology (HIT).

The following are a few recommendations to consider in order to get your DSRIP Year 1 off to a strong start.

A Key First Win is Integrated Health IT (HIT)

In order to truly transform how healthcare organizations meet the needs of the Medicaid population, silos of care must be brought together. Healthcare collaboration has been challenging across the healthcare community due to the lack of interoperability of IT solutions, which prevents the aggregation and sharing of information across a diverse team of care givers. Integrated HIT across a health system should be one of the first goals of a PPS (Performing Provider System) because it enables the longitudinal information required to accomplish DSRIP projects including care coordination and population health management. When evaluating solutions, keep in mind that the integration of HIT is outside the scope of many population health solution providers that focus on a specific area of population health such as analytics or workflow efficiency. The ability to aggregate and share all data within a diverse PPS is a capability that few solution providers are executing on today.   

Factor in Speed of Results with Performance-Based Payments

DSRIP waiver funds are allocated with the achievement of specific performance metrics. Initially, those metrics will be process based, but they will become performance based for the majority of the program. In order to receive full funding amounts, implementation plans should consider the scale, speed and scope of deployment. As PPS’ are committing to take on a number of different projects, it’s important to identify synergies and efficiencies that can accelerate clinician processes and results across multiple projects. Without those efficiencies, clinicians can become bogged down by the amount of change management and new processes being introduced.  Examples of new efficiencies that are possible include:

  • Identifying patients that are most impactful in order to achieve faster results from targeted interventions.
  • Enabling an interoperable, longitudinal patient record across the PPS so clinicians don’t have to log into many different systems for the information they need.
  • Team-based care with clear roles and responsibilities assuring “top of license” activity.  
  • Enabling quality analysts and other clinicians to see performance analytics and gaps in care in real-time so those gaps can be closed quickly and even while still in the presence of a patient.
  • Automatically generating personalized care plans, task lists and interventions for care team members to enhance efficiency and reduce variations in care.
  • Utilizing those personalized care plans to generate self-management action plans for patients so they can engage in self-care.

Take An Enterprise Approach to Transform Care

The goals of DSRIP align very closely with population health approaches as both seek to transition from fee-for-service, episodic care to value-based care for a population across a community of providers.  The ultimate goal is health delivery transformation, which can’t be accomplished with a narrow, point solution approach. Point solutions for population health can be counter-productive to DSRIP goals because they sustain the silos and inefficiencies that DSRIP was intended to address. The difference with an enterprise population health approach is that it integrates all of the core capabilities needed for population health and true care delivery transformation: integrated information systems, health care analytics, care coordination and patient engagement.  An enterprise approach is also extensible, which allows providers to support today’s needs while planning for the initiatives of tomorrow.

Caradigm is the leading enterprise population health company that can help organizations succeed with their DSRIP initiative. To learn more about how Caradigm can help you plan your DSRIP implementation, please visit our DSRIP page, see our recent DSRIP press release or send a note here

[1] Smith, Vernon K. Ph.D., Gifford, Kathleen, Eileen Ellis Health Management Associates and Rudowitz, Robin and Snyder, Laura Kaiser Family Foundation. National Association of Medicaid Directors. Medicaid in an Era of Health & Delivery System Reform: Results from a 50-State Medicaid Budget Survey for State Fiscal Years 2014 and 2015. October 2014. 

The Population Health Marathon

Post by Peter Kinhan

Vice President/General Manager, GE Healthcare IT

There are significant changes underway in the healthcare reimbursement models. While changes are broad and rapid, it is becoming clear that this will feel more like a marathon than a sprint.

The US healthcare system is facing significant cost, quality and access challenges. Recognizing these challenges, and catalyzed by the Affordable Care Act, a variety of alternative Fee-For-Value (FFV) reimbursement models have emerged. These models emphasize value (higher quality per unit cost) rather than volume, like one-sided and two-sided Medicare or private shared savings models, bundled payments, partial and full capitation reimbursement models.
But when will the tipping point happen? When will the majority FFV revenue outweigh that of FFS. If this was a marathon, I would say we are still in the early miles when the legs are strong and buoyant. There are still many tests and challenges to come in the mid to late stages of the race.

Early results suggest that the transition from volume to value has not been easy for many providers. CMS ACOs results from PY1 & PY2 show that only 25% of participating ACOs were able to realize shared savings1. Furthermore, ACO data tracked by the Leavitt Partners LLC shows that after an initial start that led to nearly 700 private and CMS ACOs in the last 2 years, the rate of new ACO formation has slowed down2. These ACOs cover less that 10% (nearly 23 Million) lives so far, potentially suggesting that providers are currently “dipping their toes” and large scale adoption is yet to come.

One could make the argument that this trend mirrors a “hype cycle” where the initial expectation from population health is giving way to the realities on the ground and we are in the “trough of disillusionment”. There is no shortage of potential roadblocks that may delay the migration towards of large scale adoption – lack of a clear long term value based care strategy with a predictable business model, misalignment of incentives (physicians, payers, others), ever regulatory landscape, capability gaps. Despite the challenges, there is reason for cautious optimism. The majority of the ACOs improved on 30 out of 33 quality metrics and 25% of ACOs were able to realize shared savings. Given that many of these efforts were essentially pilot projects it would be fair to assume that important capabilities have been built and lessons learned for greater future success.

As the landscape continues to evolve, in addition to internally developing some of the core capabilities, providers will need a dependable partner who will continue to innovate and invest in new capabilities and solutions to best meet the evolving needs. At GE Healthcare, we not only understand the market challenges but also have made population health a core pillar of our integrated care portfolio and strategy. Through Caradigm, a joint venture between GE and Microsoft, we have augmented our CentricityTM portfolio to offer comprehensive industry-leading population health solutions. Looking ahead, we realize that the journey ahead will be difficult but ultimately rewarding. By continuing to innovate, grow our portfolio and collaborate with our customers, we are progressing to the finish line of transforming healthcare by improving care quality and population health outcomes.

This post was originally published on the GE Health IT Views blog.

What is an Enterprise Data Warehouse for Healthcare?

Post by Neal Singh

Chief Technology Officer, Caradigm

Healthcare organizations have become more aware of the need to leverage all of their data in order to support new population health management initiatives. An Enterprise Data Warehouse (EDW) is one of the key solutions many healthcare CIOs are considering to help accomplish this goal. In recent conversations that I’ve been having with CIOs, I often hear them say that they need more than what a horizontal EDW provides. The “Aha!” moment comes when CIOs realize that they need an EDW specifically designed for healthcare that has the vertical functionality needed to drive a scalable healthcare data and analytics strategy.

The first step in building an EDW for healthcare starts with choosing an enterprise EDW foundation. Caradigm has developed a deep integration with Microsoft SQL, a Leader in the 2014 Gartner BI Magic Quadrant that provides a strong horizontal EDW foundation including SSIS, SSAS, SSRS and Power BI tools. Caradigm has added an array of vertical functionality to that foundation to deliver an EDW for healthcare. Let’s explore further what distinguishes it from horizontal solutions.

A single-source of aggregated data in near real-time

Aggregating different types of data (e.g. clinical, claims, financial) from potentially dozens of systems across a health network is a core requirement for population health that horizontal EDWs are not equipped to handle efficiently.  An EDW for healthcare is different because it provides the following functionality that enables a single-source of data to be possible:

  • A healthcare data model that can automate the process of combining different data sources and data structures to create a single, longitudinal patient record.
  • Complex healthcare data aggregation parsers that automate the ingestion of data from all healthcare information technology systems and normalize disparate data to semantic healthcare terminology tailored to your enterprise.
  • The ability to use Hadoop and NLP (Natural Language Processing) to leverage and derive insights from non-structured data.
  • The ability to update and make the data available in near real-time as opposed traditional EDWs that require delayed monthly or quarterly batch processing.

Actionable and Extensible Data

An EDW for healthcare also must deliver the following functionality that enables the data to drive action:

  • The ability to write data back into source systems to surface actionable information at the point-of-care. This is a key requirement that allows you take action from insights.
  • Healthcare specific tool sets for non-technical clinical analysts that allow them to perform analysis and reporting with strong visualizations. You want to decrease the barriers for information access by bringing end users closer to data. The traditional route of requiring end users to work through IT for coding reports is slow and expensive.
  • Data exploration tools should enable insight discovery i.e. exploring data to discover hidden insights versus the traditional route of asking the questions and building rigid data marts around them.
  • Native support for predictive analytics like estimations of risk and predicted outcomes. Examples include cohort stratification, patient identification, risk modeling, readmissions management, and total cost of care.
  • Integrated out of the box analytics applications like Quality Improvement, Risk Management, and Condition Management that can leverage the EDW to perform and share analytics.
  • An open platform that can share data via web services APIs (Application Programming. Interfaces) or access via other 3rd party popular BI tools like Tableau, QlikView, and Spotfire
  • An application development platform that gives the ability to create new applications utilizing the EDW.

Security and Compliance

Lastly, but as important as any of the functionality mentioned above is the ability to provide a security model that is role-based, row based, field level redaction with auditability. This can be an important tool for HIPAA best practices.

My advice to providers is that they need to think about which tools can help them today and scale with their future needs. The overall strategy has to be extensible and simple from the customer’s point of view. Providers shouldn’t have to acquire multiple new systems, develop custom solutions, or build an internal team of developers.  Providers need a partner with a defined path forward that includes infrastructure, domain expertise, out-of-the-box functionality and tool sets that can simplify processes today while being able to adapt in the future. If you’re struggling to get out of the gate beginning with data aggregation, then that’s an indicator that there are missing fundamental capabilities. It’s unlikely that population health data capabilities can be patchworked together without delaying the timeframe for success and increasing costs.     

Caradigm is unique because we deliver a mature and comprehensive EDW designed specifically for healthcare.  We have already helped customers aggregate their data and are surfacing that information in clinician workflows to improve care. Once these core requirements are in place, providers are positioned well to succeed with their population health initiatives. I look forward to having more discussions with providers about how we can partner to help you realize the full potential of your data to support your population health efforts.

All Signs Point to Population Health Management

Post by Scott McLeod

Director of Product Marketing, Caradigm

In this recent Becker’s Hospital Review article, I found it notable that so many of the top 10 challenges and opportunities for hospitals in 2015 were related to population health management. In addition to population health, which was called out on its own, five other related trends included the shift to value-based reimbursement, M&A, system integration, the use of data, and the need to lower costs due to reimbursement rate differences. To that list, I would also add clinical integration and quality improvement as two other top challenges hospitals are facing. It’s interesting that while providers have a variety of challenges that fall into different buckets, population health is a single strategy that can help address them all.

Some providers are taking a conservative approach with population health because it is still so new, and they are trying to determine the best way to proceed. However, we’re starting to see more providers view population health as a strategy that is central to solving many of the biggest challenges they are facing. Those providers have already begun building their population health capabilities because they view them as requirements to achieve their overall long term strategy, which often falls into one or more of these broad categories:

Growth – providers seeking growth via acquisition, clinical integration, partnerships or the signing of new commercial contracts

Quality – providers that make quality their organizational focus and want to differentiate on it

Raise Margins/Lower costs – providers seeking to strengthen long-term financial performance by lowering costs and benefiting from risk-based contracts

Efficiency – providers that want to improve clinical efficiency and achieve better coordinated and consistent care

Population health solutions bring a broad set of value to organizations that allows them to solve a variety of business challenges. The core capabilities of population health are:

  • Data aggregation – merge and share all data from information systems across a health network
  • Predictive analytics – understand clinical and financial risk of a population to identify opportunities for improvement
  • Care coordination – improve coordination, efficiency and consistency of care in order to improve patient outcomes
  • Patient engagement – empower patients in self-care to modify behaviors that can improve patient outcomes 

One of the most valuable aspects of these core capabilities is that they can be applied broadly. Providers can use them to address today’s initiatives, but can expand and evolve them as new challenges emerge in the future. Whether it’s integrating the health IT systems from an acquisition, lowering the cost of care for a population in an ACO, expanding a clinically integrated network, or lowering readmissions rates, population health solutions are needed. I’m predicting that 2015 is the year that population health shifts from being perceived as a new concept to a core strategy that providers will be employing to achieve long term success.

Insider Threats Are Top of Mind for Healthcare CISOs

Post by Azam Husain

Senior Product Manager, Caradigm

I had an interesting conversation with a healthcare CISO at a recent event about what worries him the most. Even more than external malicious threats, he was most worried about employees abusing privileges and violating the trust they had been given by his organization. One of the most challenging aspects of information security is that the security perimeter keeps expanding, and now includes insider threats as well as external ones.

Recent healthcare breaches caused by insiders show that the CISO is justified in his concern. Last month, a former employee of a hospital was caught inappropriately accessing patient medical and financial records for nearly three and a half years causing a breach impacting nearly 700 records.  Also last month, a different provider received a ransom demand made by an unknown party threatening to release protected health information unless payment was received. The ransom email contained evidence of PHI from the hospital. After an investigation by external forensic experts, an internal threat became suspected because it was determined that hospital servers had not been hacked and remain secure.  Also recently, the FBI and the U.S. Department of Homeland Security (DHS) issued a warning about the increase in insider threats from disgruntled current and former employees.

These are all timely reminders about the serious risk from insider threats. External threats are already being addressed and generally understood today by security professionals, however, it’s the risk from internal threats that healthcare organizations may need to apply more focus.

The question then becomes how do you manage the trusted access you’ve already given to employees? Healthcare organizations can take control of the risk through a strong identity and access management (IAM) program. IAM is a solution that allows providers to give precise, role-based access to clinical applications that contain protected health information (PHI). That access can be granted or revoked in seconds, monitored, reported on and is easily available for audits.  IAM is a fundamental component of a good security and HIPAA compliance program, which all healthcare organizations are required to have in place.

To learn more about how providers are effectively using IAM solutions, you can sign up to view the recording of a recent webinar we hosted with Duke University Health System who talked about how they evolved their use of IAM as their business needs evolved over time.