Ultra Low-Dose CT Might Not Mean an Equipment Upgrade

Published on the Nov. 3, 2011, Diagnostic Imaging website

By Whitney L.J. Howell

Bringing your low-dose CT protocols down even further doesn’t have to mean tossing out your old scanners and buying pricey new ones. According to one San Diego-based imaging center, you can trim radiation doses to almost nothing and still get high-quality scans appropriate for diagnosis.

The key is pairing iterative reconstruction (IR) with other methods that tailor low-dose protocols based on patient weight, said Jon M. Robins, MD, co-chief executive officer for Imaging Healthcare Specialists (IHS). IR technology wipes noise from CT scans, leaving behind an image with clear resolution. Using both strategies together means Robins wasn’t forced to purchase new scanning equipment.

“Our center made a commitment a few years back to offer the lowest dose CT scans we could. We have older scanners in my office – 4-slice, 8-slice, and so on – and I didn’t want to spend the $90,000 to $100,000 on technology with low-dose characteristics built in,” said Robins, who is also IHS’s heart imaging medical director. “IR has allowed us to extend our low-dose efforts to head and neck scans, pelvis, colonoscopy, sinus, and others.”

IHS purchased its IR technology – generic iterative retrospective reconstruction (GIRR) – from a third-party vendor in Israel. According to Robins, it interfaces with older scanners, enabling the machines to produce ultra low-dose images with clarity equal to scans from more modern technologies.

To read the remainder of the article: http://www.diagnosticimaging.com/low-dose/content/article/113619/1983914

November 7, 2011 Posted by wljhowell | Healthcare | challenges of reading low-dose CT scans, generic iterative retrospective reconstruction, GIRR, Imaging Healthcare Specialists, iterative reconstruction, Jon M. Robins, low-dose CT protocols, Paul Kinahan, potential 90 reduction in dose in CT scans, removing noise from CT scans, ultra-low dose CT protocols, upgrading older CT equipment to provide low-dose scans | Leave a Comment

Protecting patient data

Published in the Fall 2011 UNC Medical Bulletin (The Medical Foundation of North Carolina)

Electronic health records and information security in the age of the hacker

By Whitney L.J. Howell

To this day, no one knows when or how the crime actually happened. The thief didn’t take any property and didn’t steal any money outright. But he did visit 83 different hospitals under the name of his victim and never paid the bills.

Now, collection agencies for the hospitals are calling, and they don’t care that the imposter racked up the charges or that the man they’re calling (not a UNC patient) is really a victim of medical identity theft.

“This client is now combatting 83 collections cases in various states for thousands of dollars because someone stole his name, Social Security number, and address,” says Pam Dixon, founder and executive director of the World Privacy Forum, a nonprofit, public interest group focused on privacy research, analysis, and consumer education. “Now, he has fraudulent medical files in these places and because the information is identical in all cases, he hasn’t been able to get on top of the problem.”

According to Dixon, medical identity theft is the fastest growing type of identity theft nationwide with reported incidents rising between 3 percent and 7 percent annually for the past decade. Many health care experts point to both the existence of electronic health records (EHRs) and the ability to move them around digitally, also known as a health information exchanges (HIE), as contributors to the crime’s rise.

North Carolina is not currently among the biggest adopters of EHRs, but state officials are set to enact several HIEs within the next few years. Those systems will make it easier and faster for physicians to share patient data long distance. However, they will also boost the opportunity for medical identity theft and HIPAA-protected patient information to be accidentally exposed or intentionally breached.

With the federal mandate to switch all patient records to electronic files by 2015 looming in the distance, it’s up to each provider or facility to put protective measures in place that appropriately balance patient privacy with a physician’s need to access medical information.

The current health of EHRs

The national nonprofit group Privacy Rights Clearinghouse reported 592 breaches of private patient information nationwide in 2010 – more than double that of 2009. Some exposures were the result of stolen laptops, and some resulted from outside persons illegally accessing medical files. The biggest threat, though, has been the disgruntled employee who breaches patient confidentiality from inside the system.

In an attempt to prevent the privacy breaks, the federal government passed the 2009 Health Information Technology for Economic and Clinical Health Act (HITECH). The law calls on health care providers and facilities to demonstrate they’re using EHRs in a meaningful way by Oct. 1, 2012. It also allocates, along with the American Recovery and Reinvestment Act, more than $27 billion to encourage early adoption. In fact, under Medicare and Medicaid, providers who show they’ve met the requirements are eligible for $40,000 to $65,000 in incentives through 2017.

“In an effort to protect patients and patient rights, the government is trying to nudge institutions and vendors to tighten security and access to patient records,” says Michael Greenley, PhD, director of the RAND Center for Corporate Ethics and Governance. “There’s significant concern about this topic, and encouraging health care to make these changes is the right thing to do.”

Within 10 years, the Congressional Budget Office predicts that 90 percent of providers and 70 percent of hospitals will meet the standards for EHR meaningful use.

But the law doesn’t just affect providers. Patients now have enhanced rights around their medical information. At any point, a patient may request an audit trail of when and by whom their medical histories were accessed. And, if an institution is infiltrated, it must alert patients that their records have been compromised. But, because those types of requests would add a significant clerical burden to doctor’s offices, both the American Health Information Management Association and the Medical Group Management Association are now asking the U.S. Department of Health and Human Services to repeal that part of the law.

The impact of EHR privacy on an MD

For a physician, healing and positive outcomes aren’t the only clinical priorities. Properly documenting a patient’s health history is paramount, and EHRs make it easier to write notes, record prescriptions, and include information about past conditions and procedures.

But while instant electronic access to patient history can make it easier to create, coordinate, or improve a plan of care, some doctors are leery of relying on a digital database for such sensitive data.

These fears are understandable, but EHRs didn’t introduce privacy risks to health care, says Michael Barr, MD, vice president of practice advocacy and improvement at the American College of Physicians (ACP).

“I certainly appreciate the concerns about record breaches and the concern over exposure of information. People are very nervous about external parties accessing their information with malicious intent,” Barr says. “But this risk isn’t new to health care. Paper records can be lost, dropped, and thumbed through. A fax can be picked up by the wrong person.”

However, the possibility that someone could sneak a remote peek at a patient’s private data does make additional protection measures necessary, he says. Most importantly, physicians or clinics should have a health information technology (HIT) expert on staff to update and maintain the EHR hardware and software so they can effectively shield patient information. This person must be part of the office team to ensure the EHR is implemented in a useful and consistent way.

Although transferring patient records to an EHR can be both time consuming and worrisome, Barr recommends that physicians – especially those in more rural locations – take the plunge as soon as possible to ensure they comply with federal regulations.

“From a policy perspective, adopting an electronic health record earlier rather than later will give physicians and their offices time to learn the system,” he says, noting that practices must choose an EHR that has been certified by the Office of the National Coordinator, the chief federal entity charged with promoting HIT adoption. “Early implementation also provides time to create a workflow that helps doctors and protects patients.”

The pros and cons of EHRs

When EHRs first came on stage, many medical professionals viewed them as the silver bullet answer to all office conundrums. The belief was the new record system would streamline patient records and allow physicians to cut staff in order to save money. This initial impression hasn’t exactly proven true.

The systems do provide a faster, more efficient way to collate and organize personal health care details, but the technology isn’t always intuitive, says Harry Rhodes, director of practice leadership at the American Health Information Management Association (AHIMA). He agreed with the ACP’s Barr: the biggest challenge is maintaining in-house expertise to successfully use EHRs.

“We often see people purchasing and using an EHR for the first time with the intent of cutting staff and lowering administration costs,” Rhodes says. “The systems can eliminate the need for a file clerk, but the practices that reduce staff are often the ones victimized by security breaches because they have no one on staff to update the system and execute security patches.”

A correctly managed EHR does allow a practice to quickly and simply designate who can access a patient file and how. If an employee leaves a clinic or switches jobs away from one involved with direct patient care, a few clicks of a button eliminates his or her ability to see inside health records. Rhodes recommended the human resources department send IT administrators a bi-weekly employment update to keep access to the EHR system current.

Frequent EHR password changes can safeguard files in the meantime. Periodically creating a new alpha-numeric password for authorized employees can prevent recently dismissed or departed employees from illegally breaching records.

With the advent and prolific use of smartphone and wireless technology, however, the best thing a doctor, practice, or hospital can do to protect health records is to train staff so they know what they can and cannot do.

“It’s commonplace these days for employees to take work home on thumb drives or download files onto their laptops, but thieves can easily take advantage of weaker security on those devices,” Rhodes said. “Doctors and hospitals must take the time to train staff on which platforms are appropriate for EHRs. Knowing what not to do is a big tool in keeping records safe.”

How Carolina protects patient information

It’s a little known fact that UNC Hospitals was among the first health systems to implement a comprehensive EHR. It built its 20-year-old system from the ground up and recently partnered with Seimens to manufacture the system on a large scale. UNC’s EHR platform will appear on the market under the Seimens brand in three years.

The heart of UNC’s EHR is housed offsite in a room to which only six people have access. The security around the router room is extensive, including 24-hours-a-day monitoring and an alarm. In an added step, the University has a complete duplicate of all patient records in a secondary location inside the hospital on campus. According to Robert Berger, MD, UNC’s chief medical information officer, the secondary location will take over immediately if the primary location becomes nonfunctional.

Each of these physical safeguards exists to support UNC’s mission of protecting patient privacy. They are only part of what the University does to protect patient data, however.

“We’re as safe as a bank,” says Berger, who is a practicing physician involved with creating UNC’s EHR. “Our biggest danger is a disgruntled employee who knows the system, has access, and logs into the database inappropriately.”

To protect against that internal danger, as well as external ones, UNC established a set of electronic safeguards. As with most secure systems, providers can only access the EHR through a secure portal. Inside the hospital firewall, the system is accessible from most computer terminals with the proper user name and alpha-numeric password. If a physician needs to access a record off-site, he or she can enter the system through a secure website.

“This site is highly encrypted,” Berger says. “We’ve never had anyone break the encryption, and if they did, we have measures in place to intercept their attempt. Any information would come over the screen to them as nonsense.”

Entering the wrong password three times will also shut a user out of the system. After the third incorrect entry, the account in question is immediately deactivated as a safety precaution. Log-in session are also automatically shut down if users are inactive in the system for 30 minutes.

Just because an employee has clearance to access the EHR system doesn’t mean he or she can open all patient records. Based on who the employee is – and who the patient is – Berger says the system can pinpoint an internal breach, identify the perpetrator and cut off his or her EHR access.

The protections around the EHR system are equally as effective when combatting outside attacks. Sniffer and scanner software constantly troll through the EHR, looking for evidence of external assaults. So far, these methods have been effective.

“We have hundreds of attempts from outside hackers to break into our system every day,” Berger says. “In the 20 years that we’ve had our electronic health record system in place, none has ever been successful.”

The hospital is taking its safety measures a step further with a pilot test of a new patient portal that will allow patients to receive e-mail messages and test results from doctors. The new portal will be opt-in, and each time a doctor adds information to the file, patients will receive an e-mail, directing them to a secure, UNC-controlled site. After entering an alpha-numeric password, patients will be able to access their records and any messages from the doctor. The patient portal will be widely implemented by the end of this year.

A new e-prescribing system will also change how doctors prescribe medications, including narcotics, as well as keep a patient’s drug information safer. The password-protected system requires providers to both swipe their identification badges through a reader and enter a password that changes every 30 seconds. They can retrieve the password from a fob carried in their pocket. The dual authentication works to curb fraud and any unauthorized access to a patient’s medication files, Berger says.

While protecting patient information in clinical settings is of the utmost concern, UNC also has a system in place to shelter patient information used in research studies. Known as the Carolina Data Warehouse-Health, the system, launched in 2008, works more like a repository for de-identified information than a clinical EHR. The North Carolina Translational and Clinical Sciences Institute (NC TraCS), established in 2006, is its gatekeeper and is the only door through which physician-researchers can access the warehouse and all the patient data it holds.

“The Warehouse is UNC’s cutting edge, safe harbor of where all data used in research can go,” says Brent Lamm, NC TraCS IT manager. “It provides a secure workspace in a virtual environment for researchers.”

Investigators can log into the system with their ONYEN, search through files, and analyze rich data sets to use in retrospective studies. They cannot, however, download, e-mail, or otherwise excise the data from the Warehouse. This way, TraCS can be confident that no patient-related information falls into unapproved hands, Lamm says.

The physical equipment behind the Warehouse, which was constructed through a partnership with IBM, is housed in offsite alongside the EHR system for the hospital and is protected behind the same set of security measures. Additionally, the School of Medicine recently upgraded its firewall, making protection for more computers and devices possible.

For investigators who have never worked with NC TraCS, the Institute provides experts who can walk them through the research, ethical, and Institutional Review Board rules they must follow both for their studies to succeed and to keep patient information safe. Seminars and workshops, such as training about HIPAA, are also available to teach faculty the proper way to use collected data.

“We have an operations committee and an oversight committee,” says Donald Spencer, MD, family medicine professor and Warehouse leader. “They ensure research studies are designed and executed properly.”

In addition to keeping research data secure, the Warehouse reduces the amount of time researchers spend analyzing data, lowering the time span that patient data is displayed on the screen. Before its existence, investigators would evaluate characteristics from hundreds of patient files, spending between 15 minutes to 30 minutes on each one. The Warehouse technology can perform the same functions in only two to three hours.

In mid-2009, a data breach was detected on the Carolina Mammography Registry (CMR) database (a self-contained server not connected to the clinical EHR or the Data Warehouse) housed at UNC, potentially exposing data on 180,000 breast cancer research participants. Although there was no evidence of data theft, UNC quickly shut the server down and removed all of the data, and letters were sent to all of the patients informing them of the breach. The event prompted a review of, and several subsequent changes to, the CMR’s information security measures. Now, all research data at CMR are safer than ever.

The security measures in place in both the hospital and in University-side research allow physicians and investigators to conduct their work without the constant worry they will accidentally breach a patient’s confidentiality. However, it’s the public’s perception of these measures that matter most.

“It’s most important that the community knows UNC has established an ultra-secure system that protects electronic health records and other information that patients provide,” said Dennis Schmidt, the director of the School of Medicine’s Office of Information Systems. “People want to know that when they see a doctor or when they volunteer to be a study subject that their privacy will be respected and protected. Security is our No. 1 priority at UNC.”

November 7, 2011 Posted by wljhowell | Healthcare, Politics | $27 billion for EHR early adoption, American College of Physicians, American Health Information Management Association, American Recovery and Reinvestment Act, Carolina Data Warehouse-Health, Carolina Mammography Registry, changing passwords to prevent privacy breaches, dangers of cutting staff after adopting EHR, Dennis Schmidt, Donald Spencer, e-prescribing, EHR privacy, EHR safety, EHRs in North Carolina, electronic health record privacy, electronic health record privacy at UNC, electronic health record safety, electronic health record safety at UNC, electronic health records in North Carolina, electronic medical notes, federal 2015 deadline for EHR adoption, federal deadline for EHR adoption, Harry Rhodes, having health information technology expert on staff, health information exchanges, health information exchanges in North Carolina, health information technology experts, Health Information Technology for Economic and Clinical Health Act, HIEs, HITECH, HITECH Oct. 1 2012 deadline, how EHRs affect physicians, how UNC protects patient information, increase in medical identity theft, meaningful use incentives, Medical Group Management Association, medical identity theft, Michael Barr, Michael Greenley, NC TraCS, new privacy protections in Carolina Mammography Registry, North Carolina Translational and Clincal Sciences Institute, number of patient privacy breaches in 2010, Pam Dixon, patient data breaches from inside healthcare facility, patient data breaches with laptops, patient data expose in Carolina Mammography Registry, patient data privacy threats from smartphones, patient data privacy threats from thumb drives, physician offices that cut staff most often experience privacy breaches, privacy protections around UNC patient information, Privacy Rights Clearinghouse, privacy threats from paper medical records, RAND Center for Corporate Ethics and Governance, Robert Berger, safety precautions around UNC patient inforamtion, UNC among first health systems to build EHR, UNC EHR sold to Seimens, UNC patient information never breached, UNC research database protection, UNC School of Medicine Office of Information Systems, University of North Carolina at Chapel Hill EHR, University of North Carolina at Chapel Hill electronic health record, updates to UNC EHR, what providers must tell patients about privacy breaches, World Privacy Forum | Leave a Comment

‘Affective Meaning’ in Arabic

Published in the Fall 2011 Gist From the Mill (Duke University Social Sciences Research Institute)

By Whitney L.J. Howell

Stop for a moment, and think about mothers. What image pops to mind? What emotions does that word evoke?

Now consider whether someone from another country and culture would respond the same way. There’s a chance they won’t – but why?

It’s this question that fuels Lynn Smith-Lovin’s research. Her previous work has decoded the answers for societies in China, Japan, Korea, and Germany. Now, with one to five years of funding from the Office of Naval Research (ONR), she’s turned her focus to providing the same clarity for Arabic-speaking cultures.

Smith-Lovin began applying Charles Osgood’s affective control theory — developed in the 1950s to determine how individuals respond cognitively to outside actors and stimuli — to Arabic-speaking populations in October 2010. With faculty and doctoral student collaborators from the sociology department, as well as researchers from Indiana University and the University of Georgia, she developed a survey to collect data from this group.

“We’re using the affective control theory to look at how ethnic groups perceive various social situations. From prior research, we know cultural knowledge is acquired and imprinted through a lifetime of experiences,” said Smith-Lovin, a sociology professor in Duke’s Women’s Studies Program, describing her basic research that will be unclassified and available to all future investigators. “Cultural meaning is a stable feature, and it tells us a lot about social interactions in a society.”

The study population had varying levels of education, ranging from Iraqi refugees to Egyptian professionals who worked in Research Triangle Park. Overall, 33 native Arabic speakers from the Triangle area participated in the eight-part, 200-scenario pre-test, and they offered initial reactions to various situations, such as a mother comforting or striking a child.

For even greater detail, participants rated the interactions based on three additional dimensions: evaluation (how good or bad a scenario or its actors are), potency (strength or weakness), and activity (liveliness or passivity).  To date, very little research like this exists around the Arabic language.

“If we were to find in the pre-test that Arabic speakers tended to see good actors as powerful and bad actors as weak, that would a cultural feature of real importance,” Smith-Lovin said. “We’re aware much military work involves interacting directly with local populations, and having knowledge like that could help soldiers determine who is and isn’t a friend.”

The results and analysis will enhance the military’s cultural training methods, according to Kim Rogers, a sociology doctoral student working with Smith-Lovin. Soldiers in any Middle East combat theater could use the survey’s details to improve interactions with local populations and augment cultural sensitivity to avoid any potential problems from cultural misunderstandings.

In additional to the impact on military activities, studying social interaction and implications in Arabic-speaking societies is valuable because the language has ranked among the top 10 most widely spoken tongues globally for the past 15 years, according to the Summer Institute for Linguistics Ethnologue Survey. There are four distinct dialects within Arabic, and Smith-Lovin’s team has tried to address them all.

Jen’nan Read, one of Smith-Lovin’s sociology faculty partners, agreed studying the Arabic language and how its native speakers respond to social situations will bolster the safety of U.S. military personnel abroad.

“Anything we can do to ease the tasks of the military will be a benefit. We’re giving them a tool they can use so they won’t feel so vulnerable in what is clearly a hard role,” Read said. “By helping them understand these affective meanings, we’re making their work with another culture less of a leap.”

As an expert on American Muslims, Read leveraged her strong ties with this community in the Triangle to explain both the importance and the legitimacy of the research. Many Muslim and Arab-speaking groups often fear outside requests are facades engineered to extract and abuse private information. So, her involvement was imperative because these groups trust her.

“The Arabic speakers who participated in the pre-test were happy to do it because they often feel overlooked since most people don’t know who or where they are,” she said. “It’s important to understand how perceived meanings and culture can help identify if there are differences between groups.”

Despite all Smith-Lovin and her colleagues have gleaned so far, the survey still isn’t in its final form – plans exist not only to perfect it for Arabic-speakers in the United States, but to also design a survey for international use. The process to create a questionnaire that provides accurate, clear feedback hasn’t been simple, said Mary Hovespian, assistant professor of sociology and native Arabic speaker.

The Arabic language has many dialects, and the survey team wasn’t able to query speakers of each dialect, such as Palestinian territory residents, before designing and writing the survey. This is where Hovespian’s expertise came in.

“We had to make sure what was said in the survey was really what was understood by generic Arabic speakers,” Hovespian said. “We had to back-test how the scenarios were written. I met with [Smith-Lovin], who wrote the scenarios in English, to determine if what they were trying to test was actually what was coming through to the participants. And, in some cases, we did have miscommunication.”

Hovespian spent nearly a week translating and checking the survey. During this time, she identified many unclear or incorrect terms that have since been modified to convey the proper meaning.

As the team looks to expand its research to other Arab-speaking countries, such as Lebanon, Morocco, and Tunisia, they are revamping the survey scenarios to ensure they have a good measurement instrument.

“We are hoping our collaborators in the Arab-speaking countries will help us navigate the dialect issues,” Smith-Lovin said. “We are looking for a better sense of the degree to which shared reactions are the same across the Arabic language and whether they change over time.”

To read the article in the original publication: http://issuu.com/ssriduke/docs/fall2011/15

November 7, 2011 Posted by wljhowell | Education, Science | affective control theory, affective meaning, affective meaning in Arabic-speaking cultures, Ararbic in top 10 most spoken languages, Charles Osgood, cognitive response, Duke University Women's Studies Program, Jen'nan Read, Kim Rogers, Lynn Smith-Lovin, Mary Hovespian, Muslim and Arab-speaker fears of abuse through language, Office of Naval Research, studying affective meaning in Arabic-speaking culture to assist military, Summer Institute for Linguistics Ethnologue Survey, surveying cultural meaning in Arabic language | Leave a Comment