Skip to content Skip to navigation

Best of Blogs

April 30, 2008
by root
| Reprints

The following commentaries are the most read postings from HCI's Blogosphere. To read other postings and leave your comments and questions, visit, register with a username and password, and blog away.

Top Trends: What am I Missing?Posted on: 3.17.2008 6:45:56 PM Posted by Anthony Guerra

I recently had a meeting at which I was asked to present some of the major trends in healthcare IT — here they are (these are rough notes):

Investment optimization — Initial monies have been spent (electronic medical record packages) — now it's time to focus on continuing education, optimization, change management, adoption, fostering adoption — getting more people to use more of the system — how do you get the right information to the right clinician at the right time in the right format (Clinical decision support)

Stark — everyone wants to lock up the docs first

ERP optimization — Integrating revenue cycle management, computerized physician order entry (CPOE), operating room scheduling into enterprise resource planning for financial reporting and analytics

Efficiency — staffing/scheduling, patient logistics, asset and patient tracking

Patient safety — reducing medical errors, medication administration, CPOE, workflow management, optimization

Cross vendor application integration — integration (sharing single database) rather than interfacing — HL7, CCR, DICOM, CCHIT, HITSP, ASTM

Project management — system selection – how many to involve, super-users

Vendor relationship management — Utilization of consultants in baseline, needs assessment, request for proposal development, system selection, contract negotiation, and service level agreement management (it's a marriage)

What do you think?


Monday, March 17, 2008 9:01:35 PM by Nardo

You are missing Business Process Management, Improvement and Optimization

Monday, March 31, 2008 8:17:39 AM by Pete Rivera

Outsourcing — IT Infrastructure Management, Data Center and Billing and Reimbursement departments. As it becomes harder to attract talent, especially in remote areas, outsourcing is becoming critical for the bottom line. It is also much more efficient to outsource your billing (for instance) at a smaller percentage of your revenue than what you are currently paying in salary, benefits and expenses.

Oops, They Did It AgainPosted on: 3.16.2008 2:09:43 PM Posted by Reece Hirsch

Human curiosity is a powerful thing, often more powerful than a hospital's privacy policies and procedures. The L.A. Times reports that employees at UCLA Medical Center were warned of the consequences of snooping on the medical records of Britney Spears' when she was admitted as a patient on January 31. Days later, several employees and physicians did just that, examining Ms. Spears' records when they were not involved in the patient's treatment. The result — 13 of the employees of the medical center were fired and six doctors face disciplinary action.

Unnecessary access to a patient's records will generally be considered a violation of the HIPAA Privacy Rule's “minimum necessary” rule governing uses and disclosures of protected health information (“PHI”). Incidents like this one and the one involving George Clooney (see posting below) suggest that privacy policy violations are increasing becoming firing offenses. Privacy and data security are becoming critical compliance issues that affect patient trust in an organization. Being willing to fire an employee for a privacy violation is one way to demonstrate to your community and your workforce that you don't take these issues lightly.

HIPAA Security Rule Investigations: CMS Casts A Wider NetPosted on: 3.21.2008 6:02:43 PM Posted by Reece Hirsch

In an earlier post, I talked about the “new era of HIPAA Security Rule enforcement,” which was heralded by public statements made by Tony Trenkle, the director of the Centers for Medicare and Medicaid Service (“CMS”) Office of E-Health Standards and Services (“OES”). In February, OES posted additional information about the new HIPAA security enforcement initiatives on its website, and there were a few surprises.

First, Mr. Trenkle's initial statements indiciated that OES would focus its HIPAA security “investigations” on covered entities that had already been the subject of complaints of non-compliance submitted to CMS. Apparently, OES is going to being reviewing a broader range of entities. The OES website states, “Onsite investigations may be triggered by complaints alleging non-compliance, while onsite compliance reviews will typically arise from non-compliant related sources of information such as rmedia reports or self-reported incidents.” This means that a HIPAA covered entity that has experienced a high-profile security breach can add “OES HIPAA security compliance review” to the list of bad things that could happen to them (right alongside “class action lawsuit” and “Attorney General enforcement action”).