How medical laboratories can show value through process improvement methods and analytics will be among many key topics presented at the upcoming Lab Quality Confab conference
Quality management is the clinical laboratory’s best strategy for surviving and thriving in this era of shrinking lab budgets, PAMA price cuts, and value-based payment. In fact, the actions laboratories take in the next few months will set the course for their path to clinical success and financial sustainability in 2020 and beyond.
But how do medical laboratory managers and pathologists address these challenges while demonstrating their lab’s value? One way is through process improvement methods and another is through the use of analytics.
Clinical pathologists, hospital lab leaders, and independent lab executives have told Dark Daily that the trends demanding their focus include:
Ensuring needed resources and appropriate tests,
while the lab is scrutinized by insurance companies and internally by hospital
administration;
“Our impact on patient care, in many cases, is very
indirect. So, it is difficult to point to outcomes that occur. We know things
we do matter and change patient care, but objectively showing that is a real
struggle. And we are being asked to do more than we ever had before, and those
are the two big things that keep me up at night these days,” he added.
This is where process improvement methods and analytics are
helping clinical laboratories understand critical issues and find opportunities
for positive change.
“You need to have a strategy that you can adapt to a changing landscape in healthcare. You have to use analytics to guide your progress and measure your success,” Patricia Nortmann, System Director of Laboratory Services at St. Elizabeth Healthcare, Erlanger, Ky., told Dark Daily.
Clinical Laboratories Can Collaborate Instead of Compete
Prior to a joint venture with TriHealth in Cincinnati, St. Elizabeth lab leaders used data to inform their decision-making. Over about 12 years preceding the consolidation of labs they:
Implemented front-end automation outside the core area and in the microbiology lab.
“We are now considered a regional reference lab in the state
of Kentucky for two healthcare organizations—St. Elizabeth and TriHealth,”
Nortmann said.
Thanks to these changes, the lab more than doubled its
workload, growing from 2.1 million to 4.3 million outreach tests in the core
laboratory, she added.
Christopher Doern, PhD (left), Director of Microbiology and Associate Professor of Pathology at Virginia Commonwealth University Health System; Patricia Nortmann (center), System Director of Laboratory Services at St. Elizabeth Healthcare; and Joseph Cugini (right), Manager Client Solutions at Health Network Laboratories, will present practical solutions and case studies in quality improvement and analytics for clinical laboratory professionals at the 13th Annual Lab Quality Confab, October 15-16, 2019, at the Hyatt Regency in Atlanta, Ga. (Photo copyright: The Dark Report.)
Using Analytics to Test the Tests
Clinical laboratories also are using analytics and information technology (IT) to improve test utilization.
At VCH Health, Doern said an analytics solution interfaces
with their LIS, providing insights into test orders and informing decisions
about workflow. “I use this analytics system in different ways to answer
different questions, such as:
How are clinicians using our tests?
When do things come to the lab?
When should we be working on them?
“This is important for microbiology, which is a very delayed
discipline because of the incubation and growth required for the tests we do,”
he said.
Using analytics, the lab solved an issue with Clostridium
difficile (C diff) testing turnaround-time (TAT) after associating it with
specimen transportation.
Inappropriate or duplicate testing also
can be revealed through analytics. A physician may reconsider a test after discovering
another doctor recently ordered the same test. And the technology can guide
doctors in choosing tests in areas where the related diseases are obscure, such
as serology.
Avoiding Duplicate Records While
Improving Payment
Another example of process
improvement is Health Network Laboratories (HNL) in Allentown, Pa. A team there established an enterprise master patient index (EMPI) and implemented digital tools to find and eliminate
duplicate patient information and improve lab financial indicators.
“The system uses trusted sources of data to make sure data is clean and the lab has what it needs to send out a proper bill. That is necessary on the reimbursement side—from private insurance companies especially—to prevent denials,” Joseph Cugini, HNL’s Manager Client Solutions, told Dark Daily.
HNL reduced duplicate records in its database from 23% to
under one percent. “When you are talking about several million records, that is
quite a significant improvement,” he said.
Processes have improved not only on the billing side, but in
HNL’s patient service centers as well, he added. Staff there easily find
patients’ electronic test orders, and the flow of consumers through their
visits is enhanced.
Learn More at Lab Quality Confab Conference
Cugini, Doern, and Nortmann will speak on these topics and more during the 13th Annual Lab Quality Confab (LQC), October 15-16, 2019, at the Hyatt Regency in Atlanta, Ga. They will offer insights, practical knowledge, and case studies involving Lean, Six Sigma, and other process improvement methods during this important 2-day conference, a Dark Dailynews release notes.
Register for LQC, which is produced by Dark Daily’s sister publication The Dark Report, online at https://www.labqualityconfab.com/register, or by calling 512-264-7103.
The proof-of-concept experiment showed data can be encoded in DNA and retrieved using automated systems, a development that may have positive significance for clinical laboratories
It may seem far-fetched, but computer scientists and research groups have worked for years to discover if it is possible to store data on Deoxyribonucleic acid (DNA). Now, Microsoft Research (MR) and the University of Washington (UW) have achieved just that, and the implications of their success could be far-reaching.
Clinical pathologists are increasingly performing genetic DNA sequencing in their medical laboratories to identify biomarkers for disease, help clinicians understand their patients’ risk for a specific disease, and track the progression of a disease. The ability to store data in DNA would take that to another level and could have an impact on diagnostic pathology. Pathologist familiar with DNA sequencing may find a whole new area of medical service open to them.
The MR/UW researchers recently demonstrated a fully automated system that encoded data into DNA and then recovered the information as digital data. “In a simple proof-of-concept test, the team successfully encoded the word ‘hello’ in snippets of fabricated DNA and converted it back to digital data using a fully automated end-to-end system,” Microsoft stated in a news release.
DNA’s Potential Storage Capacity and Why We Need It
Thus far, the challenge of using DNA for data storage has
been that there wasn’t a way to easily code and retrieve the information. That,
however, seems to be changing quite rapidly. Several major companies have
invested heavily in research, with consumer offerings expected soon.
At Microsoft Research, ‘consumer interest’ in genetic testing has driven the research into using DNA for data storage. “As People get better access to their own DNA, why not also give them the ability to read any kind of data written in DNA?” asked Doug Carmean, an Architect at Microsoft, during an interview with Wired.
Scientists are interested in using DNA for data storage because
humanity is creating more data than ever before, and the pace is accelerating.
Currently, most of that data is stored on tape, which is inexpensive, but has
drawbacks. Tape degrades and has to be replaced every 10 years or so. But DNA,
on the other hand, lasts for thousands of years!
“DNA won’t degrade over time like cassette tapes and CDs, and it won’t become obsolete,” Yaniv Erlich, PhD, Chief Science Officer at MyHeritage, an online genealogy platform located in Israel, and Associate Professor, Columbia University, told Science Mag.
Tape also takes up an enormous amount of physical space compared to DNA. One single gram of DNA can hold 215 petabytes (roughly one zettabyte) of data. Wired puts the storage capacity of DNA into perspective: “Imagine formatting every movie ever made into DNA; it would be smaller than the size of a sugar cube. And it would last for 10,000 years.”
Researchers at the University of Washington claim, “All the movies, images, emails and other digital data from more than 600 basic smartphones (10,000 gigabytes) can be stored in the faint pink smear of DNA at the end of this test tube.” (Photo and caption copyright: Tara Brown/University of Washington.)
Victor Zhirnov, Chief Scientist at Semiconductor Research Corporation says the worries over storage space aren’t simply theoretical. “Today’s technology is already close to the physical limits of scaling,” he told Wired, which stated, “Five years ago humans had produced 4.4 zettabytes of data; that’s set to explode to 160 zettabytes (each year!) by 2025. Current infrastructure can handle only a fraction of the coming data deluge, which is expected to consume all the world’s microchip-grade silicon by 2040.”
MIT Technology Review agrees, stating, “Humanity is creating information at an unprecedented rate—some 16 zettabytes every year. And this rate is increasing. Last year, the research group IDC calculated that we’ll be producing over 160 zettabytes every year by 2025.”
Heavy Investment by Major Players
The whole concept may seem like something out of a science
fiction story, but the fact that businesses are investing real dollars into it
is evidence that DNA for data storage will likely be a reality in the near
future. Currently, there are a couple of barriers, but work is commencing to
overcome them.
First, the cost of synthesizing DNA in a medical laboratory
for the specific purpose of data storage must be cheaper for the solution to
become viable. Second, the sequencing process to read the information must also
become less expensive. And third is the problem of how to extract the data
stored in the DNA.
In a paper published in ASPLOS ‘16, the MR/UW scientists wrote: “Today, neither the performance nor the cost of DNA synthesis and sequencing is viable for data storage purposes. However, they have historically seen exponential improvements. Their cost reductions and throughput improvements have been compared to Moore’s Law in Carlson’s Curves … Important biotechnology applications such as genomics and the development of smart drugs are expected to continue driving these improvements, eventually making data storage a viable application.”
Automation appears to be the final piece of the puzzle. Currently,
too much human labor is necessary for DNA to be used efficiently as data
storage.
“Our ultimate goal is to put a system into production that, to the end user, looks very much like any other cloud storage service—bits are sent to a datacenter and stored there and then they just appear when the customer wants them,” said Microsoft principal researcher Karin Strauss (above), in the Microsoft news release. “To do that, we needed to prove that this is practical from an automation perspective.” Click here to watch a Microsoft Research video on the DNA storage process. (Photo copyright: Microsoft Research/YouTube.)
It may take some time before DNA becomes a viable medium for
data storage. However, savvy pathology laboratory managers should be aware of,
and possibly prepared for, this coming opportunity.
While it’s unlikely the average consumer will see much
difference in how they save and retrieve data, medical laboratories with the
ability to sequence DNA may find themselves very much in demand because of
their expertise in sequencing DNA and interpreting gene sequences.
CDC estimates that 92% of cancers caused by HPV could be eliminated in the US if HPV vaccination recommendations in this country are followed
Medical
laboratories in the United States once processed as many as 55-million Pap tests each year. However,
the need for cervical cancer screening tests is diminishing. That’s primarily because
the human
papilloma virus (HPV) vaccination effectively eliminates new cases of
cervical cancer. At least, that’s what’s happening in Australia.
When it was introduced in 2007, Australia’s nationwide
publicly-funded HPV
vaccination program only included girls, but was extended to boys in 2013.
Today, it is being credited with helping slash the country’s cervical cancer
rates.
Research published in The
Lancet Public Health (Lancet) predicts cervical cancer could be
eliminated in Australia by 2028 if current vaccination rates and screening
programs continue. Cervical cancer would be classified as effectively
eliminated once there are four or fewer new cases per 100,000 women each year.
These developments will be of interests to pathologists and cytotechnologists in
the United States.
“From the beginning, I think the [Australian] government
successfully positioned the advent of HPV vaccination as a wonderful package
that had a beneficial effect for the population,” Karen
Canfell, PhD, Director, Cancer Research Division at Cancer Council New
South Wales, Australia, and Adjunct Professor, University
of Sydney, told the Texas
Tribune. “It was celebrated for that reason, and it was a great public
health success.”
In addition to high vaccination rates, the Lancet
study notes that last year Australia transitioned from cytology-based cervical screening
every two years for women aged 18 to 69 years, to primary HPV testing every
five years for women aged 25 to 69 and exit testing for women aged 70 to 74
years.
“Large-scale clinical trials and detailed modelling suggest
that primary HPV screening is more effective at detecting cervical
abnormalities and preventing cervical cancer than screening with cytology at
shorter intervals,” the Lancet study states.
The incidence of cervical cancer in Australia now stands at
seven cases per 100,000. That’s about half the global average. The country is
on pace to see cervical cancer officially considered a “rare” cancer by 2020,
when rates are projected to drop to fewer than six new cases per 100,000 women.
US Cervical Cancer Rates
In Texas, meanwhile, the state’s failure to embrace HPV
vaccination is being blamed for slowing potential improvements in cervical
cancer rates. In 2007, Texas lawmakers rejected legislation that would have
mandated girls entering sixth grade be vaccinated for HPV. The Texas Tribune
reports that, in the decade that followed, vaccination rates remained stagnant
with only about 40% of Texans between 13 and 17 years old having been vaccinated
for HPV by 2017.
Though Texas has a similar size population as Australia, the
state’s low vaccination rates have meant cervical cancer rates have shown
little improvement. Statistics compiled by the federal Centers for Disease Control
and Prevention (CDC) show that Texas’ age-adjusted rate of new cervical
cancer cases sits at 9.2 per 100,000 women—unchanged since 2006.
Texas has the fifth highest rate of cervical cancer in the
nation, according to the CDC.
Texas State Rep. Jessica Farrar, a Democrat from Houston, maintains Texas should have followed the example of Australia, which in 2007 began a publicly funded HPV vaccination program that has the country on the verge of eliminating cervical cancer by 2028. Texas rejected mandatory HPV vaccinations and now has one of the highest cervical cancer rates in the US. “This is a preventable disease, and we should and can be doing more,” she told the Texas Tribune. “Here we are 12 years later, and look where we could’ve been, but because of certain beliefs, we’re suffering from cancers that could have been avoided.” (Photo copyright: The Texas Tribune.)
Lois Ramondetta,
MD, Professor of Gynecologic Oncology at MD Anderson Cancer Center in Houston,
told the Texas Tribune the state ignored an opportunity that Australia
seized. “[Australia] embraced the vaccine at that time, and our fear kind of
began around then,” Ramondetta said. “Really, vaccination in general has just
gone down the tube since then.”
CDC Study Pushes HPV Vaccination Recommendations in US
Texas is not the only state failing to capitalize on the HPV
vaccine’s cancer-curing promise. The CDC recently stated in a news
release announcing a recent study that 92% of cancers caused by HPV could
be eliminated if HPV vaccine recommendations were followed. CDC published the
study in its Morbidity
and Mortality Weekly Report.
HPV is a common virus that is linked to not only cervical
cancer but also cancers of the penis, head, and neck, as well as conditions
like genital warts. Though the CDC recommends children get the two-dose vaccine
at ages 11-12, the study findings indicate that only 51% of teens ages 11 to 17
have received the recommended doses of HPV vaccine, a 2% increase from 2017 to
2018.
“A future without HPV cancers is within reach, but urgent
action is needed to improve vaccine coverage rates,” Brett
Giroir, MD, Assistant Secretary for Health, US Department of Health and
Human Services (HHS), stated in the CDC news release. “Increasing HPV
vaccination overage to 80% has been and will continue to be a priority
initiative for HHS, and we will continue to work with our governmental and
private sector partners to make this a reality.”
Can Australia Eliminate Cervical Cancer?
University of Queensland Professor Ian Frazer, MD, who
co-authored the Lancet Public Health study, believes Australia is on the
verge not only of eliminating cervical cancer, but also eradicating the HPV
virus itself.
“Because this human papillomavirus only infects humans, and
the vaccine program prevents the spread of the virus, eventually we’ll get rid
of it, like we did with smallpox,” Frazer told The
Age.
“It’s not going to happen in my lifetime,” he added. “But it
could happen in the lifetime of my kids if they go about it the right way.”
If Australia’s combination of high HPV vaccination rates and
new HPV screening program succeeds in effectively eliminating cervical cancer,
clinical laboratories in this country should expect stepped-up efforts to
increase HPV vaccination rates in the United States. A renewed focus on reducing—and
ultimately eliminating—cervical cancer, could lead to fewer or less-frequently
performed Pap tests as part of cervical cancer screening protocols.
Though data on delays in treatment due to misdiagnosis have been collected by TJC since 2015, misdiagnosis is not listed among the reported top 10 sentinel events
Accurate diagnosis could be the most critical aspect of all
healthcare. Without accurate diagnoses, doctors may be delayed in starting
treatment for their patients. In other cases, ordering inappropriate clinical
laboratory tests might contribute to a misdiagnosis.
SIDM’s analysis revealed that “one in three malpractice cases involving serious patient harm is due to misdiagnosis.” And that, “Cancer, vascular events, and infection account for three-fourths of high-harm, diagnosis-related claims.”
Therefore, it seems odd that misdiagnosis would not be front and center on the latest list of Sentinel Events from The Joint Commission (TJC), the non-profit organization that accredits more than 21,000 healthcare organizations on behalf of the federal Centers for Medicare and Medicaid Services (CMS). Was it omitted? Perhaps not.
What Is a Sentinel Event?
The Joint Commission adopted its formal Sentinel Event
Policy in 1996 as a way to help healthcare organizations improve safety and
mitigate future patient risk. TJC defines a sentinel event as a “patient safety
event that reaches a patient and results in any of the following:
“death,
“permanent harm,
“severe temporary harm, and
“intervention required to sustain life.”
TJC determines healthcare events to be “sentinel” when they
“signal the need for immediate investigation and response.”
Misdiagnosis leading to preventable medical errors would
seem to be a sentinel event, but it is missing from TJC’s list for the past two
years. It’s not, however, missing from an earlier TJC list of preventable
diagnostic errors.
Delay in Treatment Due to Misdiagnosis
A 2015 TJC advisory report on safety and quality issues in healthcare, titled “Preventing Delays in Treatment,” lists misdiagnosis among several reported events that led to delays in diagnosis that then led to patient harm or death.
In that report, TJC defines “delay in diagnosis” as “a
non-optimal interval of time between onset of symptoms, identification, and
initiation of treatment. A delayed diagnosis occurs when the correct diagnosis
is delayed due to failure in or untimely ordering of tests (e.g., [clinical
laboratory] work, colonoscopies, or breast imaging studies). Whether due to
delay in diagnosis, misunderstanding of the disease, misdiagnosis, or failure
to treat, delay in treatment can reduce the number of treatment options a
patient can pursue.”
So, misdiagnosis was, at that time, an event the TJC
collected data on and included in its advisor statements. But since then, it
has been omitted from the list. What changed?
Recent Sentinel Events
Turns out, nothing really. Though misdiagnosis is not listed on TJC’s lists for 2018 and 2019, it is part of a more comprehensive list published by TJC in February titled, “Most Commonly Reviewed Sentinel Event Types.” That report offers more details on the listed sentinel events, and also includes a section drawn from TJC’s 2015 report on delays in treatment, which covers results due to misdiagnosis.
Unanticipated events such as asphyxiation,
burns, choking, drowning or being found unresponsive
Suicide
Delay in treatment
Product or device event
Criminal event
Medication error
Then, in August, TJC release a new report based on the 436 reports of sentinel events TJC received in the first six months of 2019. They include:
Anesthesia-related events
Care management events
Criminal events
Environmental events
Product or device events
Protection events
Suicide—emergency department
Suicide—inpatient
Suicide—offsite within 72 hours (these are
defined in the Sentinel Event Policy)
Surgical or invasive procedure events
Following the release of its March sentinel events list, TJC noted that the components were typical when compared to previous years.
“The trend for the most frequently reported sentinel events remains generally unchanged,” stated Gerard Castro, PhD, MPH (above), Project Director, Patient Safety Initiatives at The Joint Commission, in a PSQH analysis of the Joint Commission’s 2018 list of sentinel events. “Organizations should continue their work toward minimizing risks associated with these types of events, but also strengthen systems and processes that keep patients safe, such as reporting and learning from close calls, teamwork, and improving safety culture.” (Photo copyright: The Joint Commission.)
TJC’s website notes, however, that “fewer than 2% of all sentinel events are reported to The Joint Commission. Of these, 58.4% (8,714 of 14,925 events) have been self-reported since 2005. Therefore, these data are not an epidemiologic data set, and no conclusions should be drawn about the actual relative frequency of events or trends in events over time.”
Might that be because the healthcare organizations in the US
accredited by the Joint Commission are “encouraged” to report sentinel events
and not “required” to do so? This also allows accredited healthcare
organizations to pick and choose which events to report to TJC.
If there is one easy conclusion to draw from all the information presented above, it is that the true rate of misdiagnoses—as well as other types of sentinel events—remains unknown. But what is equally true is that, step by step, the adoption and use of electronic health systems (EHRs), along with other digital tracking modalities, will make it easier for providers and healthcare policymakers to more accurately identify and classify instances of misdiagnoses.
When that happens and better data on misdiagnoses is
available, it will be possible for medical laboratory professionals to use the
methods of Lean
and quality management to collaborate with physicians and other providers. The
first step will be to identify the sources of misdiagnoses. The second step
will be to use these quality improvement techniques to support providers in
ways that allow them to reduce or eliminate the causes of diagnostic errors and
misdiagnoses.
Clinical laboratories need to understand how their patients’ protected health information is being used and secured by vendors to avert data breaches and HHS penalties
Most readers of The Dark Report, the sister publication to the Dark Daily, are aware that more than 24-million clinical laboratory patients had their protected health information (PHI) stolen during several recent data breaches involving multiple medical laboratory companies.
The first public statements made by clinical lab companies
about breaches of protected health information were issued in June.
Collectively, the following three lab companies announced that the data of more
than 20 million patients was compromised:
What all these clinical lab companies had in common was that they had contracted with American Medical Collection Agency (AMCA) to process lab test claims. AMCA is where the data breaches originated.
Under the rules established by the federal Health Insurance Portability and Accountability Act (HIPAA) of 1996, responsibility for the security of patient PHI falls to covered entities and business associates. This includes healthcare providers, health plans, and healthcare clearinghouses, such as AMCA. For clinical laboratories, this also includes vendors who receive patients’ PHI to complete their service contracts.
Until recently, any violation of HIPAA could draw down enormous fines—called Civil Money Penalties (CMPs)—by the US Department of Health and Human Services (HHS). Fines could reach $1.5 million annually across four categories, or tiers, of violations, depending on HHS’ determination as to the “level of culpability” of the violator. Those categories and min/max fines include:
No Knowledge, $100-$50,000 fine, $1.5 mil annual
limit.
Reasonable Cause, $1,000-$50,000 fine, $1.5 mil
annual limit.
In the notice, HHS stated, “the Department recognized that
section 13410(d) contained apparently inconsistent language (i.e., its
reference to two penalty tiers ‘for each violation,’ each of which provided a
penalty amount ‘for all such violations’ of an identical requirement or
prohibition in a calendar year). To resolve this inconsistency, with the
exception of violations due to willful neglect that are not timely corrected,
the [interim final rule] adopted a range of penalty amounts between the minimum
given in one tier and the maximum given in the second tier for each violation
and adopted the amount of $1.5 million as the limit for all violations of an
identical provision of the HIPAA rules in a calendar year.”
Modern Healthcare reports that “organizations that have taken measures to meet HIPAA’s requirements will face a much smaller maximum penalty than those who are found neglectful.”
Thus, the new HHS guidelines will be of interest to clinical
laboratories, which must ensure the privacy of patients’ PHI, including being
keenly aware of how vendor business associates are handling their patients’
data.
In an exclusive interview with The Dark Report, James Giszczak (above), Data Privacy and Cybersecurity Attorney and Chair of the Litigation Department at McDonald Hopkins, said two important steps clinical laboratories must take include, “ensuring that your vendor has appropriate insurance policies in place that cover PHI breaches, and confirming that vendors comply with laws governing the protection of patients’ information.” To do that, he says, every lab needs to ensure that all critical provisions are covered in each contract it has with each vendor. (Photo copyright: Institute of Continuing Legal Education.)
Did HHS Go Too Far?
Some experts, however, wonder if HHS went too far in
reducing annual penalties providers may owe. Could lower annual CMP caps cause
organizations to relax strict PHI policies? Some privacy authorities urge
caution and raise concern about how incentives may be perceived by providers
and others.
“HHS is adopting a much lower annual cap for all violations except those due to willful neglect, which means significantly lower penalties for large breaches and for ongoing persistent violations of the rules,” Deven McGraw, Chief Regulatory Officer at Citizen Corporation and former Deputy Director Health Information Privacy for HHS’ Office for Civil Rights, told FierceHealthcare.
“Arguably,” she continued, “the incentive to fix these
persistent failures is much less because the potential fines for failing to do
so will not be very large. Same is true for large breaches—if you breach 10
records, at a minimum penalty of $1,000 for a breach due to reasonable cause,
your fine would be $100,000, which is the annual cap.”
New Annual Limits Recognize ‘Unintentional’ Violations
But not all experts agree. Prior to HHS’ announcement,
minimum to maximum penalty violations were the same as noted in the tiers
above. The annual limits ($1.5 million), however, were the same for each of the
four tiers.
Matthew Fisher, Partner at Mirick O’Connell and Chair of the Worcester, Mass. firm’s health law group, says the new penalty structure “is arguably good in terms of aligning potential penalties with the level of culpability.”
“If a violation was clearly unintentional and without
knowledge, why should a potentially massive fine follow? While the discretion
existed, the interpretation will now be binding and remove the potential
uncertainty,” he told FierceHealthcare.
Advice for Clinical Laboratories
Labs are advised to develop appropriate procedures to
safeguard their patients’ PHI under federal and state laws. And this includes
knowing how vendors handle PHI.
“Every lab should be proactive and do a review to understand
each vendor’s policies, procedures, training, and response in the event of a
breach,” James
Giszczak, Data Privacy and Cybersecurity Attorney and Chair of the
Litigation Department at McDonald
Hopkins in Bloomfield Hills, Mich., told The
Dark Report (TDR).
“By being prepared, clinical laboratories can save
themselves many headaches,” he said. “Ultimately, these proactive steps may
help laboratories save time, money, and costly bad publicity.”
Following that advice, along with understanding the new HHS notice,
will help medical laboratory managers ensure the privacy and security of their
client’s PHI.
