Brian Lapidus is a seasoned expert in security and risk mitigation who focuses on the increasing challenges faced by the public and private sectors in protecting sensitive data and personal information from loss, theft and fraud.

The chief architect of product development at Kroll’s Fraud Solutions group, Lapidus sets direction for the company’s continued success in identity theft discovery, investigation and restoration.  Lapidus is particularly knowledgeable about the security gaps – physical, procedural and electronic – common to many U.S. companies and organizations, as well as the criminal landscape where stolen identities are bought, sold and used.

He is frequently quoted on the types of data breaches being experienced by thousands of organizations, and what steps can be taken to better protect confidential data and to recover should a data breach occur.  He oversees a highly-skilled team that includes veteran licensed investigators who specialize in supporting breach victims and restoring individuals’ identities to pre-theft status.

The fact of the matter is that patients – and
the law – demand that healthcare companies protect highly sensitive information
from every possible threat. But in-house security options just can’t keep pace
with rapidly growing risks. After all, anti-virus software won’t stop someone
from taking medical records. A firewall can’t help retrieve a stolen
laptop.  Below, I answer several questions that every healthcare
organization should know.

Q: Why are healthcare organizations particularly vulnerable to data breaches? A: There are several factors that make healthcare organizations particularly vulnerable to data breaches. Some of these factors include:

I. Sensitivity of data – The  healthcare industry is responsible for maintaining its patients’ most   sensitive Personal Health Information. PHI is a treasure-trove for identity thieves.

II. Immense Data flow (masses of data flowing in and out) – A primary reason healthcare data security breaches occur is because facilities do not know where all instances of their patients’   sensitive or confidential information resides within the network. Moreover, the danger does not stop at the hospital perimeter, but includes vendors that share or receive the data, as well as employees’ and contractors’ laptop   computers and other portable storage devices.

III. Portability/Usage of EPHI (Electronic Protected Health Information) storage devices – Improvements in technology and the portability of patient data come at a cost to security.   Devices used to store and access PHI include laptops; home-based personal   computers; Personal Digital Assistants (PDAs) and Smart Phones; USB Flash Drives and Memory Cards; floppy disks; CDs; DVDs; backup media; Email; Smart cards; and Remote Access; not to mention hotel, library or other public workstations and Wireless Access Points (WAPs).

Continue reading…

Health Wonk Review: the party’s at Workers Comp Insider where Julie Ferguson has put together a great collection of wonkery.

In your Friday funny….

Police seek ‘professionals’ who removed St. Paul man’s testicles. Apparently this was consumer choice! They must have really hurt before and I’m sure they did afterwards.

Bazian’s Tom Donald responds to critics of evidence-based-medicine in
our post discussing the company’s

new approach to the controversial field.

"Unfortunately EBM has, in many circles, become a “dirty word” through its
  blunt application by insurers and regulators, as well as its devaluation by  groups (mostly published products) who say they’re evidence-based when they’re
  not. EBM does, however, play a critical function, as you note. So it’s time 
for a fresh start. The sullying of its reputation leads us all to evidology –
  aka EBM 2.0. Evidology recognises that “getting evidence based” requires a new
  specialisation, one which sits between the clinical front line and the bean
  counters, assuring quality care without wasteful expenditures. As a company,
  we’re working towards the day when evidology bridges the clinicians’ world to
  the bean counters’ world, allowing them to better understand each others
  needs, requirements and decisions."

Bob Mooney has this to say to critics who think too much time is spent at medical schools teaching prospective doctors to "think like entrepreneurs" and not enough on the trickier subject of teaching them how to cost-effectively treat disease.

"What you learn in school and during training is how to diagnose and to treat disease.  As Dr. Bradley observes, little attention is payed to doing so in a cost effective manner.  There are physicians who are positioned so as to have a financial incentive to order diagnostic testing."
  Most physicians, however, have no such incentive.  We see a patient and we try
  to get through the encounter without overlooking something that will cause us
  to have to face the patient months or years later having to own up to the fact
  that we missed a diagnosis.  Every office encounter presents an opportunity to
  make a mistake that is going to get us sued.  We don’t know what the MRI
  costs, what the CT scan costs, or what cost is of the exhaustive laboratory
  workup that our patient is demanding to explain why they are always tired." 

Xoova VP of Communications, Miriam Bookey was so inspired by the post on the HEALTH AFFAIRS
interview with Regina Herzlinger that she wrote to us. (Disclosure, as
required by the unwritten Geneva convention for blogs  we now humbly disclose the fact that Xoova is a Health 2.0 sponsor.)

"I know more about my Raisin Bran than about the guy who delivered my
children or the hospital in which he practiced. That’s because there’s
no consumer market yet in health care, and these information
organizations exist only in consumer market." — Regina Herzlinger Yes, there’s a need for physician ratings, and there are resources on the
Internet that already provide that. But we need more than the nutrition label on
the side of the cereal box. We need a real connection with the doctors who
provide our care, because selecting a doctor is both an intellectual and an
emotional choice. That’s where an enhanced profile rather than a simple
directory listing can make a difference. Today we have thousands of enhanced
physician profiles nationwide, and in time, Xoova aims to be the most popular,
trafficked site for doctors to communicate directly to patients. Today they can
do this by updating their own profiles, offering forms for download, and adding
online appointment scheduling…for free. Soon we’ll incorporate the consumer
voice in moderated testimonials, along with physician to physician referrals.
Hopefully, this will take us a step further to the world Herzlinger envisions in
which we know as much about the person who, say, performs our mastectomy as we
know about the restaurant that prepares our dinner …"

Continue reading…

I’ve heard about this company but despite a couple of half-hearted efforts to get in touch never figured out what First Opinion did.

The First Opinion system is a medical knowledge-based system designed to give medical advice to the general public. Using Internet, wireless, interactive voice response, and automatic speech technologies, as well as three new authoring languages, the First Opinion system encodes a highly useful core of expert and general practitioner diagnostic and treatment knowledge into a computer system that can be accessed by non-medically trained personnel. <SNIP> The First Opinion system provides up-to-date medical advice for approximately 200 of the most commonly encountered problems in general practice and emergency medicine. If a chronic disease is diagnosed, the diagnostic system can refer the patient to the First Opinion system’s automated disease management system. The system also transmits a full report of the interaction to the patient and the patient’s physician. It can also provide valuable information to the public on numerous additional medical topics.

But at least someone was paying attention. Last week Healthways paid $22.3m for the company.

Meanwhile Healthways itself has seen its stock go on a tear the last few days. Anyone out there have a theory as to why?  It can’t have been just Gordon Norman’s bullish views on DM—or was it just the Kramer effect once more?

Anyone knowing any more about either story, let the rest of us know in the comments.