Cybersecurity Career Awareness Week

By Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

October is Cybersecurity Awareness Month, and the Electronic Health Record Association (EHRA) will use this opportunity to share helpful reminders of cybersecurity fundamentals throughout the month. 

The 2020 HIMSS Cybersecurity Survey provides a look into cybersecurity issues facing US healthcare organizations. Based upon the feedback from 168 US-based healthcare cybersecurity professionals, “Cybersecurity budgets are still lacking with typically 6% or less of the information technology budget allocated for this purpose. A large attack surface exists within many healthcare organizations due to the profound lack of resources.”

Even as cyberattacks are increasing exponentially, businesses including healthcare organizations are facing another significant risk –  a shortage of available, qualified cybersecurity professionals. 

According to the fifth annual global study of cybersecurity professionals by the Information Systems Security Association (ISSA), more than 57% of organizations have been negatively impacted by the “cybersecurity skills crisis.” Of the professionals surveyed by ISSA, 95% indicated the skills shortage has not improved in recent years and 44% say it has worsened. 

Read the full post »

Have you updated your software today?

By Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

October is Cybersecurity Awareness Month, and the Electronic Health Record Association (EHRA) will use this opportunity to share helpful reminders of cybersecurity fundamentals throughout the month. 

The 2020 HIMSS Cybersecurity Survey provides a look into cybersecurity issues facing US healthcare organizations. Based upon the feedback from 168 US-based healthcare cybersecurity professionals, “Relatively few healthcare organizations are conducting end-to-end security risk assessments. Sensitive information is exposed and such systems are vulnerable to attack.”

A simple yet important precaution to reduce cybersecurity risks is ensuring software updates and patches are applied in a timely manner. Though they are easy to ignore, most software updates or patches are important, as they address a vulnerability or security flaw in the endpoint of computer systems or medical devices. 

Healthcare organizations have been increasingly targeted with ransomware and other cyberattacks since the beginning of the COVID-19 pandemic. This has shown hackers’ ability to endanger healthcare organizations’ operations as well as patient lives. 

Read the full post »

Passphrases are good, multi-factor authentication is better

By Nam Nguyen, Vice Chair
EHRA Privacy & Security Workgroup

October is Cybersecurity Awareness Month, and the Electronic Health Record Association (EHRA) will use this opportunity to share helpful reminders of cybersecurity fundamentals throughout the month. 

The 2020 HIMSS Cybersecurity Survey provides a look into cybersecurity issues facing US healthcare organizations.  Based upon the feedback from 168 US-based healthcare cybersecurity professionals, healthcare organizations must deal with a growing array of significant security incidents. These issues not only compromise the integrity of your technology and the privacy of patients, but can also disrupt an organization’s ability to provide patient care.

Being prepared for cyberattacks requires doing all you can to reduce cybersecurity risks. One of the most significant risks identified by security professionals is password management. Many people are still using simple passwords such as a series of numbers (123456) or easily guessed words (password). However, the easier it is to guess a password, the higher the risk of being compromised by a cyberattack. 

Read the full post »

Enhanced EHR Usability Starts With Understanding Users’ Needs and Challenges

By the EHRA Clinician Experience Workgroup

EHR utilization places a number of burdens on clinicians that can impact decision-making, workflow and satisfaction. This has been confirmed by recent studies, including one published earlier this year by the Journal of Biomedical Informatics which found that clinicians face numerous cognitive demands when using EHRs. The study concluded that the management of those demands ultimately limits clinicians’ agency to work individually and collaboratively while failing to help them develop awareness of, or reason about, the big picture or their patients’ current and future states, including effects of potential treatments. 

A study in Journal of the American Medical Informatics Association (JAMIA) found that when goal-based decision-making, sense-making, and agency/autonomy are overlooked in EHR design, it results in increased cognitive load, emotional distress, and unfulfilling workplace environments. And a study from Mayo Clinic and the American Medical Association (AMA) and published in Mayo Clinical Proceedings, gave EHR usability a grade of F, which is “markedly lower” than for most other technologies. Researchers further noted a strong relationship between usability and risk for physician burnout.  

Read the full post »

State of the Note Summit 2021 from ACP and EHRA

By EHRA Clinician Experience Workgroup

In January of this year, CMS adopted new billing guidelines from the American Medical Association (AMA) regarding E&M coding. The new guidelines include a wide variety of much-needed changes focused on streamlining billing processes and reducing clinical documentation burdens.

Seeing this as a watershed moment for clinical documentation and an opportunity to produce shorter, more clinically focused notes, the American College of Physicians (ACP) partnered with the Electronic Health Record (EHR) Association. Together, we examined the practical impacts of the coding changes with our community of vendors and clinical stakeholders, specifically:

  1. What consensus about documentation burden exists across vendors, healthcare organizations, and specialist societies when interpreting the guidelines?
  2. What questions, if any, exist around the guidelines?
  3. How can we effectively educate the community about the impact of the guidelines?
Read the full post »

The USCDI Curation Process: Why Stratify?

By John Travis and members of the EHRA Information Blocking Task Force 

In our last blog on the United States Core Data for Interoperability (USCDI), the focus was on USCDI as the policy ground for advancing federal interests for promoting high impact needs for health data, and USCDI’s import as a certification specification impacting developers of Certified Health Information Technology (CHIT). In this blog, we focus on how the evolution and curation of USCDI impacts the efforts of health IT developers and implementers to “stay current.” 

Read the full post »
  • Categories

  • Follow EHRA on Twitter

  • Enter your email address to follow this blog and receive notifications of new posts by email.

    Join 168 other followers

  • Contact Us

    Kristi Feliksik
    kfeliksik @ ehra.org

    Amanda Patanow
    Communications and Media
    ehracomms @ npccs.com