Feature Articles

Coronavirus and the Recurring Mistake of Fighting the Wrong Wars

What do the coronavirus and Navy ships have in common? For that matter, what do our military spending and our healthcare spending have in common? More than you might think, and it boils down to this: we spend too much for too little, in large part because we tend to always be fighting the wrong wars.I started thinking about this a couple weeks ago due to a WSJ article about the U.S. Navy's "aging and fragmented technology." An internal Navy strategy memo warned that the Navy is "under cyber siege" by foreign adversaries, leaking information "like a sieve." It grimly pointed out...

Read More »

3 Steps For Product Marketing Your Open Source Project

Product marketing for COSS is materially different from product marketing for proprietary software and from general marketing practices like ads, lead generation, sponsorships, booths at conferences and trade shows, etc. Because the source code is open for all to see and the project's evolutionary history is completely transparent, you need to articulate—from a technical level to a technical audience—how and why your project works. Using the word "marketing" in this context is, in fact, misleading. It's really about product education. Your role is more like a coach, mentor, or teaching assistant in a computer science class or a code bootcamp than a "marketing person."

Read More »

VA Tackles Medical Device Vulnerabilities and Cyberthreats

VA recently signed partnerships with Massachusetts General Hospital and Shepherd University. This collaboration's research will address cybersecurity and compatibility measures needed in devices used for VA patient care. It will also refine existing and emerging cybersecurity standards and practices for network connectable medical devices, medical data systems and other related technology. Beyond VA, the agreements could have a broad impact in standardizing cybersecurity and safety requirements within the larger public health sector. VA is contributing to industry-wide awareness of both medical device vulnerabilities and threats, while applying further tests of the Underwriters Laboratories criteria and other emerging standards.

Read More »

Mortal Coils: Why We Must Stop Tolerating Failing Health Tech

Today, data are scattered across thousands of database tables within any single electronic medical record (EMR) system, but also across dozens of other systems that hold pharmacy data, imaging data, insurance data, laboratory data, etc. Pretty much none of it is available on demand in any given clinical setting. The inevitable result of this disconnected galaxy of data "black holes" is mistakes, or if not outright mistakes, well-intentioned missteps based on lack of background data within the acute-care setting.

Read More »

CMS Promoting Interoperability in 2021: All good things must come to an end?

We have spent years involved with the management of the Center for Medicare and Medicaid Services (CMS) Electronic Health Records (EHR) Incentive Programs which were created by the HITECH Act (2009). These programs were recently renamed Promoting Interoperability (PI) programs. In a nutshell, these programs were tied to the Medicare and Medicaid insurance programs and provided financial incentives over a number of years to ambulatory providers and hospitals to adopt and use EHRs. Vendors submitted their technology products for testing and certification that they performed specific functions and could exchange data using specified message formats...But the provisions of the HITECH Act are due to expire on September 30, 2021 (see CMS timeline). These are the programs affected...

Read More »

How The VA and UL Created an Orchestrated Approach to Healthcare Cybersecurity Assurance

In today's high-risk Internet of Medical Things (IoMT) and cyber-warfare environment, one tool or individual line of cybersecurity solutions would likely not be able to satisfy the requirements for security and safety put forth by an HDO; hence, the aggregation of solutions branded as MedFusion was derived. The VA UL CRADA discovered that healthcare is strengthened in terms of security and safety of connectable medical devices through in-depth cybersecurity defense...Learning from the VA and UL cybersecurity research results, with respect to product-level management of vulnerabilities and threats to medical devices and their associated software algorithms, we can impact the quality of adoption of electronic health records and other data collection systems connected to the IoMT and consumers...

Read More »

What Are We Prepared to Do in the United States to Save Primary Care?

I propose two significant changes to help make primary care relevant in the 21st century...I wrote a longer piece on [Virtual Care] earlier in the year. In short, it's a disgrace that we've put so many hurdles on telemedicine, and that it continues to be so underused. It is widely available in health plans, but rarely practiced by physicians nor by patients. Instead, we still mostly go to our doctors offices, to ERs, or perhaps now to drugstores.A televisit should be the first course of action for non-emergencies. We must remove regulatory and reimbursement barriers, and incent patients to take advantage of the speed and convenience of the option. Moreover, as AI options for diagnoses and advice quickly become more viable, we can use them to triage our needs, help assure continuity with physicians, and eventually reduce the need to talk to a human...

Read More »

The Current State of Blockchain and Where it's Going

In an earlier post, Blockchain evolution: A quick guide and why open source is at the heart of it, I discussed the first generations of blockchains: the public Bitcoin and cryptocurrency blockchains, followed by the Ethereum blockchain capable of executing programs ("smart contracts"), leading to permissioned versions of code-executing blockchains (e.g., Hyperledger Fabric, Quorum). Let's step back into the blockchain jungle and take a look at the current state of the ecosystem and the projects trying to solve some of the limitations of blockchain technology: speed and throughput, cross-blockchain information and value exchange, governance, and identity and account management.

Read More »

Let's Place Some Big Bets - Reinventing Medical Care

When we think about market research and Big Data, think about Henry Ford's (possibly apocryphal) quote: Most of our healthcare innovations and reforms take the existing healthcare system as a given and try to build upon it in some way. They add more on-ramps to the healthcare superhighway, widen its lanes, try to smooth the pavements, maybe even automate our driving on it. But sometimes we need to tear the highway down. Here, in brief, are some big bets I'd like to see someone take on...

Read More »

A Framework For Building Products From Open Source Projects

If your experience with technology resembles mine in any way, you know intuitively that the projects we DIY are not the same as the products we spend money buying. This isn't a new observation in the open source community...Sarah Novotny, who led the Kubernetes community and was heavily involved in the Nginx and MySQL communities, emphatically articulated at the inaugural Open Core Summit that the open source project a company shepherds and the product that a company sells are two completely different things. Yet, project and product continue to be conflated by maintainers-turned-founders of commercial open source software (COSS) companies, especially (and ironically) when the open source project gets traction. This mistake gets repeated, I believe, because it's hard to mentally conceptualize how and why a commercial product should be different when the open source project is already being used widely.

Read More »

The Goldilocks Problem of Mobile Security - Usability vs. Security

The “Goldilocks and the Three Bears” story begins with a girl tasting porridge. The first bowl is too hot, the second is too cold, and the third is “just right.” This article considers mobile device security for government and organizations. The theme is trade-offs between the usability of a mobile device and security for confidential organizational data such as conversations, messages, documents, images, and locations. The security, confidentiality, and integrity of communication are key. However, if the usability of mobile devices for end-users, administrators, and organizations is too challenging, then the availability of the data for productive work is lost.

Read More »

New Report: Top Challenges Facing HHS Includes Harnessing Data

In November 2019 the US Department of Health and Human Services (HHS) Office of Inspector General (OIG) released a new report, Top Management and Performance Challenges Facing HHS. Divided into six major sections, this report reviews the OIG's observations with respect to financial integrity of HHS programs, value and quality, protecting the health and safety of beneficiaries as well as the public at large, harnessing data to achieve these goals, and working across government. The fifth challenge, "Harnessing Data To Improve Health and Well-Being of Individuals," is particularly foundational. Read More »

Towards a New EHR Metaphor - Or, How to Fix Unusable EHRs

News flash: docs hate Excel! In a recent study, which included researchers from Yale, the Mayo Clinic, Stanford, and the AMA, physicians rated it only at 57% on a usability rating, far below Google search (93%), Amazon (82%), or even Word (76%). But, of course, Excel wasn't their real problem; the study was aimed at electronic health records (EHRs), which physicians rated even lower: 45%, which the study authors graded an "F." If we want EHRs get better, though, we may need to start with a new metaphor for them.Lead author Edward Melnick, MD, explained the usability issue: "A Google search is easy. There's not a lot of learning or memorization; it's not very error-prone. Excel, on the other hand, is a super-powerful platform, but you really have to study how to use it. EHRs mimic that."

Read More »

Product Vs. Project In Open Source

The main reason that open source is good for security is that you can see what's going on when there's a problem, and you have a chance to fix it. Or, more realistically, unless you're a security professional with particular expertise in the open source project in which the problem arises, somebody else has a chance to fix it. We hope that there are sufficient security folks with the required expertise to fix security problems and vulnerabilities in software projects about which we care.It's a little more complex than that, however. As an organisation, there are two main ways to consume open source:

Read More »

What Western States Can Learn From Native American Wildfire Management Strategies

News media coverage of wildfires commonly frames them as "natural disasters" - dangerous elements of the natural world over which humans have little control. The language of climate change, fear of fire and the sense that it has become inevitable can be overwhelming, leaving people with the view that little can be done to manage these events. But in fact, people aren't helpless. While fires can be dangerous, they are inevitable and necessary in many ecosystems, and humans have long adapted to them. Across North America, indigenous peoples have actively managed forest ecosystems through the use of fire. Euro-American settlers were struck by the rich biodiversity of California's forests, woodlands and prairies, but they didn't understand that indigenous people's use of fire was responsible for them.

Read More »