Health Technology, Digital Healthcare
Article | September 8, 2023
“Health care is different, the data here is emotional! If you tell me you were buying a fishing rod online and were emotional about it, I’d say you are lying. But I do frequently see people helpless and confused when it comes to receiving health care, managing its costs, making sense of its data.”
- Senior Product Leader inOptum Global Solutions Pvt. Ltd.
Yes, health care is different, and so is product management in it. This piece highlights the top 4 product management trends that are specific to health care and serve beyond being just a list of technologies making their way into health care.
Health care consumerism
Lance broke his ankle in a bicycle accident and is now in hospital waiting for surgery. Which of these words would describe him more aptly— a ‘patient’ or a ‘health care consumer’? The fact that Lance holds a high-deductible health plan, manages an interactive relationship with his primary doctor, keenly monitors his fitness through his smartwatch, and learns about healthier diet plans and recipes online — I can say he isn’t just receiving health care, but making active choices on how to pay for and manage his health. This choice and responsibility that people demand, is ‘health care consumerism’. This trend has been growing since 2015 when value-based care started picking up in the US.
What does this imply for products/PMs?
These are challenging and exciting times to be a product manager (PM) in health tech. This is because people are now demanding an experience equivalent to what they’re used to from other products in their lives, such as e-commerce, streaming platforms, and digital payments, to name a few. Any consumer-facing product (a mobile app, a web-based patient portal, a tech-enabled service) needs to meet high expectations. Flexible employer-sponsored health plans options, health reimbursement arrangements, price transparency products for drugs and medical expenses, remote health care services, and government's push to strengthen data and privacy rights — all point to opportunities for building innovative products with ‘health care consumerism’ as a key product philosophy.
Wellness
COVID-19 has tested health care systems to their limits. In most countries, these systems failed disastrously in providing adequate, timely medical assistance to many infected people. Prevention is of course better than cure, but people were now forced to learn it the hard way when cure became both inaccessible and uncertain. With lockdowns and social isolation, prevention, fitness, diet, and mental wellbeing all took center stage.
Wellness means taking a ‘whole-person approach’ to health care — one where people recognize the need to improve and sustain health, not only when they are unwell, but also when they’re making health care decisions that concern their long-term physical and mental health. A McKinsey study notes that consumers look at wellness from 6 dimensions beyond sick-care— health, fitness, nutrition, appearance, sleep, and mindfulness. Most countries in the study show that wellness has gained priority by at least 35% in the last 2–3 years. And wellness services like nutritionists, care managers, fitness training, psychotherapy consultants contribute 30% of the overall wellness spend.
So, what do health-tech PMs need to remember about wellness?
The first principle is, “Move to care out of the hospital, and into people’s homes”. A patient discharged after knee surgery has high chance of getting readmitted if he/she has high risk of falling in his/her house, or is unable to afford post-discharge at-home care with a physiotherapist. This leads us PMs to build products that recognize every person’s social determinants of health and create support systems that consider care at the hospital and care at home as a continuum.
The second principle is, “Don’t be limited by a narrow view of ‘what business we are in’, as wellness is broad, and as a health tech company, we are in health-care, not sick-care”. Wellness products and services include — fitness and nutrition apps, medical devices, telemedicine, sleep trackers, wellness-oriented apparel, beauty products, and meditation-oriented offerings, to name just a few. Recent regulations in many countries require health care providers to treat behavioural health services at par with treating for physical conditions, and this is just a start.
Equitable AI
Last month, WHO released a report titled “Ethics and Governance of Artificial Intelligence for Health”. The report cautions researchers and health tech companies to never design AI algorithms with a single population in mind. One example I read was, “AI systems that are primarily trained on data collected from patients in high-income settings will not perform as effectively for individuals in low or middle-income communities.” During COVID-19, we came across countless studies that talked about the disproportionate impact on minorities in terms of infections, hospitalizations, and mortality. A student at MIT discovered that a popular out-of-the-box AI algorithm that projects patient mortality for those admitted in hospitals, makes significantly different predictions based on race — and this may have adversely moved hospital resources away from some patients who had higher risks of mortality.
How should I think about health equity as an AI health-tech PM?
Health equity means that everyone should have a fair chance at being healthy. As a PM, it’s my job to make sure that every AI-assisted feature in my product is crafted to be re-iterative and inclusive, to serve any community or subpopulation, and is validated across many geographies. To prevent any inequitable AI from getting shipped, it is important to ensure that the underlying AI model is transparent and intelligible. This means knowing what data goes into it, how it learns, which features does it weigh over others, and how does the model handles unique features that characterize minorities.
Integrated and interoperable
In every article that I read on topics such as digital platforms, SaaS, or connectivity with EMRs, I always find the words: ‘integrated’ and ‘interoperable’ therein. Most large and conventional health tech companies started by offering point-solutions that were often inextensible, monolithic, and worked with isolated on-prem servers and databases. To give a consistent user experience, leverage economies of scope, and scale products to meet other needs of their customers, started an exodus from fragmented point-solutions to interoperable, integrated solutions. The popularization of service-oriented architectures (SOAs) and cloud vendors like AWS, Azure, and GCP has also helped.
The what and how of integrated-interoperable solutions for PMs:
Integrated solutions (IS), as I see them, are of two kinds — one, in which as a health tech company, we help our customers (health systems, insurance companies, direct to consumers) accomplish not just one, but most/all tasks in a business process. For example, a B2B IS in value-based care contract management would mean that we help our customers and health systems by giving an end-to-end solution that helps them enter into, negotiate, plan for, manage, get payments for their value-based contracts with health plans.
In the second type of IS, we offer products that can be easily customized to different types of customers. For example, a health management app that people can subscribe to for different programs such as obesity, diabetes, hypertension, cholesterol management, as needed. The app works with different datasets for these programs and uses different analyses and clinical repositories in its backend, but still delivers a consistent user experience across programs to a user who enrolled in multiple programs, say diabetes and weight management.
‘Interoperable’ simply means that one product should be able to talk to other products both in and out of the company. For example, if product-A can alert a doctor about any drug-drug interactions or allergies a patient might have, while she is writing prescriptions for the patient in product-B (an EMR), then product-A does talk to product-B, and hence, is interoperable. This trend is picking up further with the growth of IoT devices, and industry-wide participation in adopting common standards for data exchange.
Conclusion
Though the article derives much of its context from US health care, I have tried to keep a global lens while choosing these topics. For developing economies like India, digitization is the number one trend as much of the health system is still moving from manual records to digitally store patient and medical data in EMRs. The good news is that India is booming with health-tech innovation and that is where consumerism, wellness, and equitable AI make sense. Once companies develop enough point-solutions for different health system needs and use-cases, Indian health tech will see a move towards creating integrated, interoperable (IGIO) systems as well.
There are some other trends such as — use of non-AI emerging tech such as Blockchain in health information management, cloud infrastructure for health tech innovation, big data and analytics to improve operational efficiency in areas such as claims management and compliance reporting, Agile product management for co-developing with and continuously delivering to clients etc. — but I see them either as too nascent, or too old to feature in this list.
Finally, as a health tech product manager, you can use the following questions to assess your products against the above trends — (Consumerism) do the products that I manage, empower consumers with choice, information, and actionability? (Wellness) Does my product emphasize keeping them out-of-hospitals and healthy in the first place? (Equitable AI) Am I sure that my product doesn’t discriminate against individuals belonging to underserved populations? (IGIO) And finally, is my product scalable, integrated and interoperable to expand to a platform, in the true sense?
Read More
Health Technology, AI
Article | July 18, 2023
Prioritizing health and managing it, has become highly important because our lifestyle is continuously evolving in ways that take a toll on us mentally, physically, and emotionally. However, the major issue for the patients lies in the inaccuracy of treatment due to the lack of complete health records in any hospital. With the recent changes in privacy legislation and data management, patients are even unable to retrieve their own health records.
For example, someone had an accident and was taken to the emergency room. The first thing they will need to do in their condition is to fill the hospital’s form. Then, for the treatment, if the injured person is conscious enough, doctors ask questions like if they are allergic to some medicines or do they suffer from diabetes or any other disease. Besides, what if the individual denies having allergies or diabetes in their half-conscious state? And the previous hospitals where they have already had treatment before have denied sharing the medical details of the person either due to privacy issues or data corruption. Well, it can create a lot of fuzz.
Solely, to improve the health industry without compromising the security of the individuals, blockchain has remained in the discussion. It has the potential to address the operability challenges present in the healthcare industry. But, what is blockchain, what are its underlying fundamentals, why blockchain, and what are its advantages?
Today’s blog will help in understanding every aspect of blockchain and its impact on the healthcare industry. So let’s get started!
What is Blockchain?
Blockchain is a P2P or peer-to-peer distributed or decentralized ledger technology. It stores a chain of data called blocks of information. These blocks are chained together by cryptographic signatures. These signatures are called hash that is stored in the shared ledger and backed by a connected processes network - node. These nodes reserve a copy of the complete chain and get continually updated by synchronization. Though, to include blockchain in the process it’s necessary to hire a developer who has prior experience and knowledge about its architecture and can work with the components efficiently as blockchain is a designed pattern that consists of three major constituents - a distributed network, a shared ledger, and all the digital transactions.
a. Distributed Network
As discussed before, blockchain is built on peer-to-peer networks. While having no central point of storage, it makes the information on the network less vulnerable to being lost or exploited.
Unlike the traditional client-server model that has a centralized storage point or controlling party, all the information in the blockchain network is constantly recorded and transferred to the participants of the network that are also known as nodes or peers. These peers also own several identical copies of the information. That’s why blockchain is seen as a huge improvement to centralized models and is considered the future of data storage and ownership.
b. Shared Ledger
Each authorized participant in the network records the transactions into the shared ledger. If they want to add any transaction, it is important to run algorithms that evaluate and verify the transactions. If the majority of members agree to the transaction’s validity, a new transaction gets added to the shared ledger. The changes done in the shared ledger is reflected in minutes or even seconds in the copies of the blockchain. Once the transaction is added, there’s no way to modify or delete it. Also, as the copy is shared in the form of a ledger to each member, no single member can alter data.
c. Digital Transaction
Transactions are information i.e. data transmission to one block. During the process of data transmission, each node acts as a central point to generate and digitally sign the transaction. As the nodes connect each other in the network, each of them has to verify the transaction independently for its conflicts, validity, and compliance. Only after the transaction passes the verification, the information is added into the shared ledger. The major element that makes digital transactions successful is cryptographic hashing that encrypts the data for security.
Why Blockchain technology in healthcare?
It has happened so often that the patient remains unable to gather all of their previous medical records in one format from one place swiftly or sometimes cannot even collect the required information at all. Unfortunately, in most cases, the information of critical patients remains scattered across several different institutions of healthcare that too in different formats. Besides, the data management systems along with the security regulations also vary in different institutions making it difficult to trace and fix mistakes.
But, what can blockchain do?
A blockchain is a system used for storing and sharing information with security and transparency. Every block in the chain is an independent unit of its own and a dependent link among the collective chain that creates a network controlled by participants rather than a third party.
As blockchains are managed by network nodes instead of central authority, they are decentralized that prevents one entity from having complete control over the network. With the incorporation of blockchain, the need for a central administrator will be removed by cryptography. Healthcare providers will be able to promote data management processes beyond perception. It will help in collecting, analyzing, sharing, and securing medical records. It will provide the access to healthcare workers for retrieving health records with the cryptographic keys provided by patients from anywhere without creating any privacy or security problems.
Advantages of Healthcare Blockchain
Although applications of blockchain in the healthcare industry are inceptive, some early solutions have shown the possibility of reduced healthcare costs, improved access to information among different stakeholders, and streamlining the entire business process. So, keeping aside the buzz, let’s see the real advantages of blockchain in healthcare.
1. Master Patient Indexes
The master patient index helps in the identification of patients across separate administrative systems. It is often created within the EHR or electronic health record system. As these EHRs have different vendors, there are several irregularities of MPIs. In many cases, the data of a patient between these healthcare systems become mismatched. However, with the nature of decentralization in Blockchain, it possesses the ability to solve the issue. In the blockchain-based MPIs, the data will be hashed to the ledger and content will remain unique as only the authorized nodes of the data can make changes to the hashes while all parties with access can only check the related information.
2. Single, elongated patient records
Blockchain technology is potent to transform health care by placing patients at the center of the system while increasing the security and privacy of health records. It provides a new model for health information exchange by forming electronic elongated patient records secured and efficient. Additionally, the fact that the data is copied among all the nodes of the blockchain network creates an atmosphere of clarity and transparency that enables healthcare providers and patients to know how their data is handled by whom, how, and when. It can also help healthcare from potential frauds, data losses, or security attacks.
3. Supply Chain Management
Supply chain management in healthcare is a challenging aspect. With scattered settings for ordering drugs, medical supplies, and critical resources, there’s an inherent risk of compromising the supply chain that might impact patient safety. Indulgence of blockchain technology in the transactions can tap into the complete process of medicine or drug products movement. As all the transactions will be recorded onto the shared ledger with every block recording and maintaining every transaction, it will become easy to verify the vendor, distributor, and origin of the drug within a matter of seconds. It will also enable healthcare physicians and officials to check the authenticity of the supplier’s credentials.
4. Claims Justification
Currently, the insurance claim processes face difficulties like lack of transparency i.e. most customers don’t even know how insurance works; human errors and inefficiencies i.e. insurances are full of confusion along with human errors that create inefficiencies that lead to the increased cost to customers; higher frauds in claims. But, blockchain technology can simplify and enhance recordkeeping, payment processing, claims registration, contract management, and closure with its immutable ledger.
5. Interoperability
Interoperability is the capability of distinct healthcare information technology to interpret, exchange, and use data. Due to the privacy issues, the alphanumeric code to identify a patient has been revoked that caused problems in gathering the required record of the patient. Enforcing measurement standards for industry-wide interoperability is also a challenge in interoperability. With blockchain in healthcare interoperability, data can be shared in real-time on the trusted network and provides access to the patient’s record in a secured manner. Moreover, with the pri
Read More
Digital Healthcare
Article | November 29, 2023
The healthcare industry has become a prime target for cybercriminals in recent times.
According to The State of Ransomware in Healthcare 2023 report from Sophos, six in 10 healthcare organizations have been hit by ransomware in the last 12 months, up from 34% in 2021.
Among this uptick have been several headline-grabbing attacks. For example, Shields Health Care Group became the subject of the single-largest breach affecting any organization globally in April 2023, when 2.3 million patients of the Massachusetts-based medical services provider had their personal data stolen after a cybercriminal gained unauthorized access to the organization’s systems.
Meanwhile, in the UK, a ransomware attack on the University of Manchester occurred in June, affecting an NHS patient data set holding information on 1.1 million patients across 200 hospitals.
Critically, the wealth of data housed in healthcare networks, and the potential impact of data unavailability in healthcare, make the industry both attractive and lucrative to threat actors.
It’s no coincidence that the Sophos report shows the rate of encryption in the healthcare sector is at its highest level in recent years. Of those healthcare organizations which suffered a ransomware attack in 2023, 73% had their data encrypted – up from 61% in 2022. When cybercriminals can successfully take down hospital systems and/or encrypt patient data so it can’t be used, they can blackmail health service providers, demanding significant sums before reinstating systems and/or data availability.
Considering healthcare's critical role as the highest-stake industry in our society, where people's lives depend on its success, the likelihood of attackers achieving their goals is greater than in other sectors, as confirmed by the Sophos report. Indeed, of the 73% of healthcare organizations that had their data encrypted, 42% reported that they paid the requested ransom to recover data.
DSPT and the compliance burden
Without question, the security-related challenges in healthcare are mounting. Right now, industry organizations are operating against a backdrop of unprecedented operational and workforce pressures, spiralling demand for care and industrial action.
Moreover, there is a growing regulatory burden, with organizations continually asked to comply with evolving cybersecurity rules, battling with multiple compliance mandates at any given time.
Take the NHS as an example. According to the 2023 NHS Providers’ Regulation Survey, just over half (52%) of respondents said the regulatory burden on their trust had increased. And this is expected to ramp up further in the future, with the UK government setting out a new 2030 strategy aimed at bolstering cyber resilience in healthcare.
Among the compliance burdens that the NHS faces is the challenge of meeting the requirements of the newly updated Data Security and Protection Toolkit (DSPT).
Mandated to minimize cyber risks and enable healthcare providers to maintain a robust information security posture, the DSPT is not a simple checklist of security controls, but a comprehensive toolkit to evaluate current security maturity and establish a risk management programme.
Indeed, in more recent times, DSPT has moved away from being a guide for achieving certain levels of assurance, and toward a mandatory evidence-based system which demands NHS organizations align with 10 precise National Data Guardian (NDG) standards: 1. The organization assures good management and maintenance of identity and access control for its networks and information systems. 2. The organization closely manages privileged user access to networks and information systems supporting essential services. 3. The organization ensures passwords are suitable for the information being protected. 4. Process reviews are held at least once a year where data security is put at risk and following security incidents. 5. Action is taken to address problems as a result of feedback at meetings. 6. All user devices are subject to anti-virus protections, while email services benefit from spam filtering and protection deployed at the corporate gateway. 7. Action is taken on known vulnerabilities based on advice from NHS Digital, and lessons are learned from previous incidents and near misses. 8. The organization has a defined, planned and communicated response to data security incidents impacting sensitive information or key operational services. 9. The organization has demonstrable confidence in the effectiveness of the security of technology, people, and processes relevant to essential services. 10. The organization securely configures the network and information systems that support the delivery of essential services.
Reducing Compliance Challenges with the Right Solutions
Taken individually, these standards may not seem too strenuous to adhere to. However, to be compliant with DSPT, all 10 items need to be completed and deemed ‘satisfactory’.
To tick all 10 key boxes in the most effective and efficient manner simultaneously, organizations should consider their strategy carefully. This could involve embracing supportive tools to accelerate and enhance their compliance journey.
Boiled down, DSPT demands several key things, including unincumbered visibility of the entire ecosystem, as well as the ability to demonstrate secure access, logs and storage, and essential auditing processes to maintain data security.
Achieving these things might appear complicated, even daunting. However, there are solutions known as Security Information and Event Management (SIEM) systems on the market that can make achieving these capabilities, and in turn DSPT compliance, easy.
Here, we outline some of the key features to look out for to meet compliance: • Log retention: A modern SIEM should be able to provide a centralized log storage and big data platform that scales to any organization’s size. Platforms should be able to provide role-based access to log data, including ‘data privacy’ functionality that can mask sensitive data until approved. Log data should not be modified or removed by users once ingested into the platform, while all data held should also be indexed and fully searchable. • Identifying and disabling unnecessary accounts: A good SIEM will also provide account auditing facilities for Active Directory that allow administrators to quickly identify dormant accounts. They should also be able to remove privileged user access when no longer required or appropriate. More sophisticated platforms will be able to do this in an automated manner. • Easy identification of issues: Clear and easily readable dashboards, alerts and reports for user logging activity should be provided, including failed login, apparent brute-force attempts, and bad password management practices. Further, those using machine learning will be able to identify unusual behavior patterns based on a baseline of activities of users and their peer group. • Integrate with third-party threat feeds: It will also be able to integrate with a wide variety of third-party threat feeds that provide information about specific known threat payloads/hashes and destination domains/addresses.
Meeting the mandate
Of course, having the right features in place is only part of the puzzle. For organizations to be truly successful in embracing tools that enable them to meet DSPT compliance more effectively, they should work to ensure that solutions providers offer them ongoing support – both in terms of ease of deployment and to ensure that they are using key systems in an optimal manner.
Scalability is another important aspect to consider.
Systems should be able to scale and continue to support the organization as data volumes increase and become more complex over time.
In respect of scalability, organizations should take time to think about pricing models, ensuring that these are based on the number of devices (nodes). In doing so, it will become easier to accurately budget future costs, as well as provide greater budgeting certainty over the short, medium and longer term.
A converged SIEM allows organizations to prioritize the big picture over individual tools, enabling them to develop a seamless and easy to use security operations setup. Not only does this approach boost cost transparency and eliminate potential complexities with managing a variety of siloed products – equally, it reduces the burdens on security teams, eliminating complexities over system integration and enhancing performance.
A converged SIEM combines key technologies easily to offer improved security outcomes. In doing so, organizations can easily home in on specific standards and adopt security best practices while reducing the burden on security teams tasked with meeting DSPT compliance.
Read More
Digital Healthcare
Article | February 19, 2022
As competition for patients intensifies, more hospitals and health systems are embracing a consolidated, single-bill approach for services rendered. Creating a single bill for the patient’s portion of inpatient or outpatient services can help eliminate confusion and reduce the ill will that frequently results when patients receive multiple invoices for a single care event. Yet incorporating anesthesia charges into a consolidated invoice is often problematic due to the unique nature of the anesthesia billing compliance.
Anesthesia Billing Service Hurdles
A few weeks ago, I met with the CEO of a 300-bed hospital. We discussed anesthesia billing, and he explained that his hospital traditionally outsourced this portion of its billing due to the more complex nature of anesthesia coding and the need to collect anesthesia minutes for billing. Unlike most inpatient services, anesthesia charges are not directly derived from CPT codes but instead utilize minutes and modifiers unique to the specialty.
That means coders must use a CPT crosswalk to account for ASA codes, base and time units, emergency- and physical-status monitors, split anesthesia units reflecting CRNA involvement, and other specialty-specific nuances. Most coders and hospital billing staff are not trained in these complexities, and hiring and retaining capable staff in today’s competitive market can be difficult. Moreover, many billing platforms are simply not equipped to incorporate all the variables necessary to produce an accurate anesthesia bill.
As a result, producing a consolidated patient bill that includes anesthesia is tricky. Yet leaving anesthesia off a single bill can undercut its value since, after facility and surgical charges, anesthesia often is one of the largest cost items patients incur. Fortunately, we at Change Healthcare know how to roll anesthesia charges into existing hospital billing systems to produce an accurate and timely single patient bill.
Helping to Reduce Costs
The benefits of consolidated billing extend beyond an improved patient experience. Producing just one bill reduces costs and repetition at both the front and back end of the revenue cycle management process. It can also ease staff burden when collecting on self-pay accounts, since there’s only one bill per patient. Finally, consolidated bills can help increase revenue by simplifying collections when patients present for follow-up care.
Here’s an example: When the patient comes back for post-surgery physical therapy, a hospital employee at the registration desk can remind them that they still owe $150 for anesthesia and ask if they’d like to take care of that now. In my experience, patients usually hand over their credit card and settle their bill on the spot when asked at the time of care about a balance due.
System-Agnostic Billing Across Hospital Platforms
Change Healthcare has a long history of providing full-service, outsourced anesthesia-billing services to hospital and health-system clients. Unlike most other billing vendors, we’ve developed what we call a system-agnostic approach. That means we’ll provide billing services on our proprietary system or on the hospital’s existing billing platform, regardless of type, to generate accurate anesthesia-billing results.
In practical terms, we’ll function as part of your billing team and use the same system your coders and billing staff rely on to generate anesthesia charges that can be included in a single patient bill.
System-agnostic billing also allows us to provide clients with custom anesthesia reporting that wouldn’t otherwise be available with an outsourced billing solution. This helps clients gain far greater visibility and insight into anesthesia-billing charges. And by incorporating our anesthesia coding and billing capabilities into your existing billing system, you’ll be spreading the platform’s fixed costs across a greater number of departments.
The bottom line? It’s not a heavy lift for us to virtually embed our trained anesthesia coders and billing professionals into your system. Our specialists will review your existing platform and provide, at no obligation, a return-on-investment analysis that can help you determine whether outsourcing anesthesia billing to capture claims on a single hospital bill makes sense for you.
We expect the answer will be yes. Not only will you enjoy greater system efficiencies, but you’ll be in a position to produce a single bill that truly reflects the entire episode of care.
Read More