Data – Health Care
Tag

Data

Browsing

Health technology company Seqster is focused on helping patients bring all their health information into one place.

The San Diego-based company, which launched in 2016, announced Thursday it secured backing from Japanese pharmaceutical giant Takeda Pharmaceutical. 

The companies did not disclose the funding amount.

Case Study

Across-the-Board Impact of an OB-GYN Hospitalist Program

A Denver facility saw across-the-board improvements in patient satisfaction, maternal quality metrics, decreased subsidy and increased service volume, thanks to the rollout of the first OB-GYN hospitalist program in the state.

See how

The funds will be used to accelerate the adoption of the company’s interoperability technology for enhancing clinical trials, patient engagement and outcomes, the company said.

“Seqster’s technology is a very unique platform that addresses interoperability on not only a nationwide scale but also globally. Interoperability is one of the biggest barriers to applying precision medicine to clinical trials and patient engagement,” Bruce Meadows, head of investments at Takeda Digital Ventures, said in a statement.

Seqster’s platform retrieves, parses and harmonizes multidimensional data sets to help accelerate the entire drug development process and provides clinical trial participants a platform to share their data with investigators in real time creating a longitudinal health record, according to the company.

Before the Takeda investment, the company raised at least $4 million in seed funding.

The company’s name, Seqster (pronounced seekster), comes from the idea that everyone is “seeking” health data, company CEO and co-founder Ardy Arianpour told FierceHealthcare during Health Datapalooza this week.

Arianpour said he was motivated to launch the startup as a result of his mother’s experience as a cancer patient and the challenge of aggregating health data from multiple providers and hospitals.

As a health technology entrepreneur, Arianpour has a background in genomics and big data. Prior to starting Seqster, he helped bring next-generation DNA sequencing to the clinic as chief strategy officer of Pathway Genomics as well as senior vice president of Ambry Genetics, which Konica acquired for $1 billion in 2017.

Seqster aims to provide “person-centric interoperability,” he said.

“When I started on this journey I didn’t know what interoperability was,” he said. “Recently a former executive from a large EHR vendor came to us and said: ‘You cracked interoperability.”

The platform is designed to pull together episodic clinical electronic health record (EHR) data, baseline genetic DNA results and continuous fitness/wearable device data all in one place. The company’s technology standardizes and harmonizes different data sources on the back end and then organizes and visualizes those health data in an easily accessible format.

Arianpour compares the platform to the personal finance management platform Mint.com, which was designed to be a platform that brought all of an individual’s financial information together to a single place.

Seqster is not a consumer-facing platform, but licenses it to enterprise customers such as providers and payers. The platform currently connects users to more than 3,600 healthcare providers and over 150,000 hospitals and clinics nationwide.

Other companies taking a stab at aggregating patient records include Picnic Health, which collects and digitizes health records, and PatientBank, which offers online medical record sharing. Apple also launched its Health Records feature that is now supported by hundreds of hospitals, medical clinics and specialty practices.

One distinction from Apple Health Records is that Seqster is platform-agnostic, the company says. It also enables families to aggregate health data to form a multigenerational health record, an idea that has raised privacy concerns. 

In January, the company added new interoperability features it says will help its customers more easily share longitudinal health information across various sources. Seqster improved its connectivity to providers by adopting the Fast Healthcare Interoperability Resources (FHIR) standard through the FHIR application programming interface, the company said.

The company says the new platform can help healthcare providers and health plans come into compliance with upcoming federal interoperability regulations to be released by the Office of the National Coordinator for Health IT and the Centers for Medicare & Medicaid Services.

As we wait for final rules that will enable consumers to freely access their health data, electronic health record (EHR) giant Epic is saying breaking down the silos where this information lives will create a privacy hazard for patients.

While privacy concerns over health data sharing are always legitimate, they can’t stem the tide of the inevitable: Patients and consumers are demanding access to their data, and new proposed government rules supporting a consumer-directed, seamless flow of medical information will likely go into effect as soon as this month.

When they do, it will accelerate the race among technology companies to offer consumers the end-to-end healthcare experience and outcomes we’ve all been missing. At the same time, they will force the government to move quickly to establish a new privacy framework that will replace HIPAA’s limited reach and work to benefit all stakeholders.

Case Study

Across-the-Board Impact of an OB-GYN Hospitalist Program

A Denver facility saw across-the-board improvements in patient satisfaction, maternal quality metrics, decreased subsidy and increased service volume, thanks to the rollout of the first OB-GYN hospitalist program in the state.

See how

We could be in for a wild ride. But when the dust settles, we will have what we should have had all along: a healthcare system where consumers sit at the center and are empowered by ownership of their own health data.

A snapshot of health IT’s bumpy history

In 2004, the Office of the National Coordinator for Health IT released a framework for strategic action, the decade of health information technology: delivering consumer-centric and information-rich care (PDF).

I worked for David Brailer at the time, who was appointed by President George W. Bush to be the country’s first information “czar” for healthcare. Dr. Brailer is still an advocate for information-sharing, recently calling on healthcare CEOs to lean into, not away from, the opportunity to engage the patient in a more meaningful way. If healthcare CEOs fall short, tech companies will fill the void (more on that later). 

We envisioned a system where important health data would follow the individual by building interoperability into EHRs from the start—a vision that tragically has yet to be realized. 

ELATED: Epic’s Judy Faulkner: ONC data blocking rule undermines privacy, intellectual property protections

We imagined health data would function as a powerful currency for consumers, but to date, this valuable asset has stayed in the hands of EHR companies who keep it under lock and key. 

Consumers will soon hold this currency in their hands for the first time. If they seek to understand and apply their health data like they have with their genetic information—consider the explosion of tech companies like 23andMe and others—we’ll see dramatic shifts in the health tech landscape.

Consumers are most likely to share their health information with companies that have proven they can offer a powerful, secure and user-friendly experience: companies like Amazon, Apple, Google and a host of established and emerging technology players.

We must now endeavor to build the necessary security and privacy frameworks that ensure the consumer will always be protected and in control of their personal health information.

Where to go from here

We’re entering a new era, one where healthcare providers, payers, solutions providers and technology companies will create a superior healthcare experience and deliver improved patient outcomes.

The days of medical information being walled off and guarded by EHR vendors are coming to an end.

We can expect three things to occur once the rules are finalized:

  •  EHR companies will see their business models disrupted: As consumers control their health data, the silos created by EHR companies will gradually erode. This will change these companies’ business models permanently. No longer the central gatekeepers of the country’s medical information, EHR companies will scramble to build new capabilities and services in a bid to remain important players in healthcare.
  • Technology companies that build trust will earn their moment in the sun: Consumers have shown a willingness to share sensitive information with technology companies in exchange for insights about their health. With new rules in place that turn loose volumes of health data, incumbent tech giants and newcomers will compete to create compelling new healthcare experiences and superior outcomes. Consumers will decide the winners by preferentially sharing their data with companies whose products and services are both transparent and secure.
  • New privacy laws must take shape: As tech companies compete to win the trust of consumers, the government will develop updated rules of the road for our new, consumer-centric health system. This effort is already underway thanks to multi-stakeholder groups like the CARIN Alliance and the work that the Robert Wood Johnson Foundation is doing with Manatt. We can expect these efforts to ramp up quickly.

HIPAA doesn’t cover many of the new digital products and services that can benefit consumers, but that doesn’t mean consumers and technology companies cannot hold this data. It means we need to modernize HIPAA.

When these trends come to pass, it will be the consumer—newly empowered with their health data—who will drive our country toward value-based care. Top-down decisions by healthcare providers, insurers and government agencies haven’t accomplished this vision—consumers can and will.

As a consumer, a health tech entrepreneur, a mother and a former federal and state official, I am eager to bear witness as consumers take the driver’s seat, which was the intention all along.

Lori Evans Bernstein is a co-founder and the president and chief operating officer of HealthReveal. She was a senior advisor to the first National Coordinator for Health IT in the U.S. Department of Health and Human Services and served as deputy commissioner of the New York State Department of Health’s Office of Health IT Transformation. 

Over 41 million patient records were breached in 2019, with a single hacking incident affecting close to 21 million records.

Healthcare data breaches in 2019 almost tripled those the healthcare industry experienced in 2018 when 15 million patient records were affected by breach incidents, according to a report from Protenus and DataBreaches.net.

Protenus, a healthcare compliance analytics firm, analyzed data breach incidents disclosed to the U.S. Department of Health and Human Services or the media during 2019.

Case Study

Across-the-Board Impact of an OB-GYN Hospitalist Program

A Denver facility saw across-the-board improvements in patient satisfaction, maternal quality metrics, decreased subsidy and increased service volume, thanks to the rollout of the first OB-GYN hospitalist program in the state.

See how

There also has been an alarming increase in the number of breaches of patient privacy since 2016. Four years ago, there were 450 security incidents involving patient data, and that jumped to 572 incidents in 2019.

This number is likely to be a huge underestimate, as two of the incidents for which there were no data affected 500 dental practices and clinics and could affect significant volumes of patient records, Protenus reported.

There continues to be at least one health data breach per day, a trend Protenus first reported in 2016.

Here are three major cybersecurity trends Protenus found:

1. Hacking incidents surge

It appears hacking incidents, particularly ransomware incidents, are on the rise—hacking was the cause of 58% of the total number of breaches in 2019, impacting 36.9 million patient records

And one disturbing trend: Hackers are getting more creative in how they exploit healthcare organizations and patients alike.

In 2019, there were incidents of hackers attempting to extort money from patients whose records were exposed, not just the affected healthcare organization. In one incident in Florida, hackers sent ransom demands to a number of the affected patients, “threatening the public release of their photos and personal information unless unspecified ransom demands are negotiated and met,” Protenus reported.

2. One massive data breach

The single largest privacy incident reported last year was a massive security breach at American Medical Collection Agency (AMCA), a third-party billing collections firm. At least four clinical labs, including Quest Diagnostics and LabCorp, were impacted by AMCA’s security breach which, to date, exposed the sensitive data of 21 million patients.

The breach was discovered when analysts discovered patient information including dates of birth, social security numbers and physical addresses, for sale on the dark web, according to Protenus.

In the aftermath of the breach, AMCA’s parent company, Retrieval-Masters Creditors Bureau, voluntarily filed for Chapter 11 bankruptcy protection in the Southern District of New York in June.  

3. Staff members pose major security risk

Staff members inside healthcare organizations were responsible for breaching 3.8 million patient records in 2019, up from 2.8 million records in 2018.

The report characterized insider incidents as either human error or insider wrongdoing, which includes employee theft of information, snooping in patient files and other cases where employees appeared to have knowingly violated the law. 

As one example, the report highlighted an incident where a nurse is suspected of gaining access to patient information and providing the data to a third-party for fraudulent purposes. It is estimated that 16,542 patients could have been affected over the course of almost two years before discovery. The investigation is still ongoing.

Phishing attacks also continue to plague healthcare. Hospital employee education and training to detect and not fall victim to such attacks are imperative to get ahead of the hacking incidents, the report said.

“Hackers are also using credential-stuffing attacks, making it increasingly important to train employees not to reuse passwords across work settings and personal accounts,” Protenus wrote.

NRC Health was hit with a ransomware attack Feb. 11 and it still working to restore its systems and services.

The company, which works with 75% of the 200 largest U.S. hospital chains, administers patient survey tools to hospitals.

The cyberattack was first reported by CNBC’s Chrissy Farr on Thursday.

Case Study

Across-the-Board Impact of an OB-GYN Hospitalist Program

A Denver facility saw across-the-board improvements in patient satisfaction, maternal quality metrics, decreased subsidy and increased service volume, thanks to the rollout of the first OB-GYN hospitalist program in the state.

See how

NRC Health works with 9,000 healthcare organizations, including Adventist Health, Jefferson Health, Cedars Sinai, Phoenix Children’s Hospital, Ochsner, and Providence Health, according to the company’s website. NRC Health collects data from more than 25 million healthcare consumers a year across the U.S. and Canada.

In a statement provided to FierceHealthcare, Paul Cooper, Chief Information Officer at NRC Health, said on Feb. 11 the company experienced a ransomware attack on certain computer systems and immediately shut down its “entire environment,” including client-facing reporting portals, to contain the issue.

“We also immediately launched an investigation with the assistance of a leading forensic investigation firm to determine the nature and scope of the incident and notified the FBI,” Cooper said.

Since last week’s attack, NRC Health has made “significant progress” in restoration to its systems and services to its customers.

The company anticipates full restoration in the coming days, according to Cooper.

Cooper said in his statement that there is no evidence, to date, of unauthorized access to or acquisition of any data from NRC Health’s systems, including protected health information or other confidential information.

The company started notifying its hospital customers with an email alerting them to the attack, according to CNBC.

Despite the company’s assurances, some hospitals notified of the cyberattack have raised concerns that private patient data was accessed, according to sources who spoke with CNBC’s Farr.

One health system CEO, who requested anonymity, said that they were concerned about hackers having access to confidential information about their hospital including its market share, Farr reported.

David Holtzman, executive advisor to cybersecurity firm CynergisTek said federal HIPAA Rules and many state laws hold health care organizations responsible for assessing and carrying out notifications to consumers when one of their vendors suffers a cybersecurity incident or ransomware event that compromises their unencrypted electronic protected health information (e-PHI).

“HHS’ Office for Civil Rights has issued guidance that when an intruder has gained access to an information system in which e-PHI is stored and has compromised the availability or integrity of the data, it is presumed to be a reportable breach,” Holtzman said.

Measures from patient satisfaction surveys are not only used for patient loyalty, but the majority of senior health care executives have compensation tied to patient satisfaction scores. Hospital reimbursement is also being directly affected by inpatient satisfaction ratings as a part of the Centers for Medicare and Medicaid Services (CMS) value-based purchasing program and private payer initiatives, according to the American Medical Association Journal of Ethics.

“With NRC’s systems shut down, one chief information officer at a hospital said that it’s been a ‘major source of irritation internally,’ because the systems are used to determine how much its physicians are getting paid,”  Farr reported. The executive requested anonymity because they were not authorized to speak about the attack

If private patient information was accessed, hospitals will need to notify their patients.

“Our resources are singularly dedicated to regaining full operability and investigating this matter to completion,” Cooper said. “NRC Health takes our customers’ information and security very seriously, and we have and will continue to share additional updates on progress with customers on a daily basis until the issue is completely resolved.”

A recent report from Protenus found that over 41 million patient records were breached in 2019, almost triple what the healthcare industry experienced in 2018. Incidents involving business associates impacted 24 million patient records.

One incident alone, a massive security breach at third-party billing collections firm American Medical Collection Agency (AMCA), exposed the sensitive data of 21 million patients.