Issue link: https://beckershealthcare.uberflip.com/i/1311112
34 CIO / HEALTH IT 7 alerts, tools hospitals are adding to their EHRs By Jackie Drees H ere are seven digital alerts and tools that hospitals and health systems have developed or integrated with their EHR systems from June to October of this year. 1. Evanston, Ill.-based NorthShore University HealthSystem in June completed a precision medicine program that adds patients' genetic testing information into its Epic EHR to alert clinicians of potential medication interactions. 2. Cleveland-based MetroHealth in June in- tegrated Unite Us' electronic resource referral platform within its EHR to better track and coordinate resources for patients' social de- terminants of health needs. 3. Nashville, Tenn.-based HCA Healthcare deployed Smiths Medical's wireless infusion pump programming across its EHR systems at nine HCA Capital Hospitals in June. 4. SSM Health merged its EHR with docu- mentation systems that local EMS agencies use to share patient data more quickly both inside and outside of the health system's fa- cilities in Wisconsin. e system — whose headquarters is in St. Louis but has hospitals in Missouri, Wisconsin, Oklahoma and Illi- nois — became the first in Wisconsin to use the ESO Health Data Exchange in July. 5. Nashville, Tenn.-based Vanderbilt Universi- ty Medical Center in July launched a program called 'Clickbusters' to reduce the number of automated alerts and reminders in the EHR. 6. Springfield, Mass.-based Baystate Health teamed up with EHR optimization soware company PatientKeeper to make its charge capture soware an app embedded in Cerner EHR systems. 7. Minneapolis-based University of Minnesota and M Health Fairview researchers created a new artificial intelligence algorithm that eval- uates chest X-rays to diagnose potential cases of COVID-19 and made it available at scale for free in Epic's App Orchard in October. n Former Mayo Clinic employee wrongly viewed 1,600+ patients' info: 4 things to know By Laura Dyrda A former Rochester, Minn.-based Mayo Clin- ic employee inappropriately accessed patient health records, according to the Star Tribune. Four details: 1. The health system notified more than 1,600 pa- tients that the former employee wrongly viewed patient information including names, demograph- ic information, birth dates, medical record num- bers, clinical notes and medical images, according to an Oct. 5 hospital announcement. 2. The healthcare worker's time at Mayo "was end- ing when the breach was discovered" a spokes- person for Mayo told the Star Tribune. The spokes- person would not confirm that the termination was due to the breach. However, that individual is not eligible for rehire. 3. Mayo notified the FBI and Rochester Police De- partment about the incident and will allow law en- forcement to further investigate and decide wheth- er to pursue charges against the former employee. 4. No payment information was breached and Mayo reported no evidence that the former em- ployee retained the inappropriately accessed data. n CHS settles patient data breach for $5M By Jackie Drees F ranklin, Tenn.-based Community Health Systems has agreed to pay $5 million to settle a 2014 data breach that affected about 6.1 million patients, according to an Oct. 8 Iowa Jus- tice Department news release. Five details: 1. In August 2014, a cyberhacking group gained access to CHS' business associate services entity's information system and stole the protected health information of 6.1 million patients. 2. At the time of the breach, CHS owned, leased or operated 206 affiliated hospitals. Patient information exposed as a result of the incident included names, Social Security numbers, birthdates and addresses. 3. The CHS associate, named CHSPSC, agreed to pay the Office for Civil Rights $2.3 million to settle the HIPAA breach, accord- ing to a Sept. 24 news release. OCR's investigation found that the company failed to conduct a risk analysis and implement access controls. 4. The Oct. 8 judgment requires CHS to pay $5 million to 28 states participating in the settlement. Those states are: Alaska, Arkansas, Connecticut, Florida, Illinois, Indiana, Iowa, Kentucky, Louisiana, Massachusetts, Michigan, Mississippi, Missouri, Nebraska, Ne- vada, New Jersey, North Carolina, Ohio, Oregon, Pennsylvania, Rhode Island, South Carolina, Tennessee, Texas, Utah, Vermont, Washington and West Virginia. 5. In addition to the financial settlement, CHS agreed to establish policies for business associates and implement an information security program with a written incident response plan, security awareness and privacy training for all employees who have access to protected health information. n