Blog
Log In
Contact us

Day: January 25, 2022

Categories
Editorial

Three Tips for Building a Strong Security Posture in Healthcare

Regardless of where your company plays in the healthcare industry or your particular role within an organization, cybersecurity in healthcare is of utmost importance and should be a top responsibility for all members of any organization. Below, we share three tips that we implement here at OMNY, but also recommend for any organization in the healthcare industry. 

Tip #1: CIA Triangle 

The first is the CIA Triangle, a set of guiding principles that help ensure data security. CIA stands for Confidentiality, Integrity, and Availability. 1.) Confidentiality is the principle that objects are not disclosed to unauthorized subjects. 2.) Integrity is the principle that objects retain their veracity and are intentionally modified by only authorized subjects. 3.) Availability is the principle that authorized subjects are granted timely and uninterrupted access to objects. For more details, check out this video: 

 Tip #2: Compliance and Certification 

Generally, compliance means adhering to a rule such as a policy, standard, specification, or law. Certification means that your system has been certified to be in conformance (compliance) with all the requirements of a selected standard. A certification is done in five major steps: 1.) Select an industry-standard framework, 2.) Work with a trusted third-party auditor, 3.) Conduct a security gap analysis and remediate gaps, 4.) Undergo the audit and achieve certification, 5.) Maintain certification. For more information, check out this video:

Tip #3: Maintaining Certification 

As you may have guessed, obtaining certification is only the beginning of an ongoing process to maintain that certification. Here are four efforts that your company should implement to maintain a solid security posture at all times: 1.) Make it a company effort, 2.) Automate evidence collection, 3.) Maintain awareness and alert levels, 4.) Set regular security checkpoints. For more information, check out this video:   

We recently implemented all three of these tips with our SOC 2 certification. We found that these three tips were great guidance and hope you can implement some of these to protect your organization as well.

About the Author:

Dr. Maik Lindner is OMNY’s Chief Information Security Officer (CISO). As CISO, he is responsible for the strategic direction and alignment of the Information Security Program. Dr. Lindner has over 25 years of Information Systems experience in multiple industries and currently holds the ISC2 certification CISSP – Certified Information Systems Security Professional. Prior to OMNY he held various positions at Dell and SAP. 

Categories
Editorial

Four Ways to Create Knowledge and Value from Healthcare Data Using Analytics and Data Science

Improving outcomes, lowering costs, and increasing quality — in healthcare, these three objectives are known as the “triple aim.” How does investment in healthcare data and analytics help health systems achieve these goals? This question is important. Too often in this field, workers focus on the “how” while ignoring the “why.” It can be relatively easy for data and analytics teams to build an app or a notebook that “looks cool” or grabs some attention on social media by demonstrating a new functionality; however, the challenge is applying that work towards the healthcare triple aim.  

So how exactly can data and analytics teams contribute towards the healthcare triple aim? At a high level, here are four ways: 

Invest in open-source tools

Sometimes, analytics teams rely on certain tools or software with less favorable properties than others. Some tools are not suited for big amounts of healthcare data and may have file size limitations; some rely on a learning curve that includes “learning where to mouse-click”; some may require expensive licenses. Clinical and healthcare analytics experiences indicate that the future lies in tools that rely/focus on the following: (1) knowledge of coding; (2) open-source, community-based development; and/or (3) repeatable, reproducible, and programmatic processes.   

Embrace new analytics technologies

The field of healthcare can be resistant to change. For example, when automated blood pressure machines were introduced to hospital wards, there was some hesitancy and disbelief that automated cuffs could accurately take blood pressure. Today, these cuffs are a mainstay in hospitals and free up precious time of nurses to achieve other care needs. Analytics technologies that face similar skepticism include specific types of artificial intelligence, including machine learning, deep learning, and natural language processing. 

Align with healthcare systems towards product development

To ensure that time consuming product development will benefit health systems, it is important to involve health systems at multiple points throughout the process. For analytics applications, this involvement often involves using a modern agile approach that focuses on rapid sprints and repeated healthcare system touchpoints, releases, iterations, and improvements of a product, rather than a traditional waterfall model that focuses on a single, lengthy iteration of the software development lifecycle. 

Take advantage of new payment models and government incentives

As the United States switches from a fee-for-service payment system towards a value-based care system that rewards quality over quantity of healthcare services, the government is offering many financial incentives for health systems to improve outcomes, quality of care, and satisfaction. An overview of such programs at the federal level can be found here: https://www.cms.gov/Medicare/Quality-Initiatives-Patient-Assessment-Instruments/Value-Based-Programs/Value-Based-Programs .  

Generating useful insights from healthcare data through analytics is not a one-day project — it can take weeks to several years for relevant teams to achieve desired goals, depending on the bottom-line impact amount and the project. These four high-level ideas described above can serve as a starting point to extract value from healthcare data. Looking forward to bringing you more webinars and blog posts throughout the year that will focus on specific, lower-level techniques and tools for creating knowledge and value from healthcare data. 

About the Author:
Vikas Kumar, MD, MS is a Senior Data Scientist at OMNY Health where he works on data science projects that focus on real-world clinical evidence, machine learning, and natural language processing. In his spare time, he has also authored a book on healthcare analytics, contributed to two online healthcare informatics courses, and currently serves as a teaching assistant for a graduate level data science course at the Georgia Institute of Technology. He holds a Doctor of Medicine degree from the University of Pittsburgh and a Master of Science in Computational Science and Engineering degree from the Georgia Institute of Technology. s across the country in order to help guide the development of innovative solutions that can sustainably impact patient care.