#Health2STAT HealthIT.gov cybersecurity raises hackles in the audience.

The Cyber Security game from the ONC raised some hackels in the audience when it indicated that the right answer to a patient request to copy their patient records on to a USB they provided was the WRONG answer. Instead the recommendation is for the practice to provide the data on a USB drive they provide.

This seems bizarre. What is driving that line of thought. If you follow this to the logical conclusion then BlueButton data should be encrypted and shouldn’t be able to be requested by the patient and returned in real time.

May be the driver of this decision was to prevent trojan horse or malware being introduced to the practice. But if this is not the issue then this seems to be a crazy road block that does not enhance data security from the patient perspective. Copying the data to a patient’s USB drive has to be more secure than printing the record and paper and handing to the patient.



#Health2STAT Cyber secure your medical practice – a training game on HealthIT.Gov

More from #Health2STAT in Bethesda

A presentation from the Office of the National Coordinator for Health IT

Avatar Based Security Training Game (Co-Speaker Presentation)

Will Phelps, MS, is the IT Security Specialist at the U.S. Department of Health and Human Services Office of the National Coordinator for Health Information Technology (ONC), and currently works in the Office of the Chief Privacy Officer (OCPO) where he leads several projects on mobile device security and risk management and mitigation for physician practices. He has more than 11 years of extensive experience in leading major tasks and programs for the federal government, and commercial clients. His background includes experience in leading the design, development and implementation of high-performance technology solutions. He has created and managed corporate and government-wide information technology, security, compliance, assurance and risk management programs as well as has implemented these initiatives across private and government organizations. His information security experience encompasses HIPAA, NIST, DITSCAP, FISMA, FISCAM, OMB and other federal guidance requirements for information security.


Laura Rosas serves as a Privacy and Security Professional at the Office of the National Coordinator for Health IT, Office of the Chief Privacy Officer (OCPO). She has broad and deep experience in healthcare, especially public health, privacy and security, health information technology, Meaningful Use, EHRs, HIE, health policy, management and patient safety. In her role with OCPO, she provides expertise on the privacy and security issues related to EHR implementation. She serves as a subject matter expert and ONC lead on the REC Community of Practice. She also leads on strategy for provider outreach, education and training on privacy and security. She has been instrumental in co-leading the development of security-focused, interactive video training games to engage healthcare practitioners and educate them on security awareness. 

Cybersecure your medical practice.

Developed a series of games to train Providers and Staff.

Information Security Awareness is a requirement of HIPAA

Teaches provides safe best practices.

The game is available on HealthIT.gov

The game looks to be fun and informative but I thought I spotted an error in one of the answers. 🙂

#Health2STAT @craigstoltz talking about Stopbullying.gov a project supported by @MichelleObama and the White House

More from #Health2STAT


Stopbullying.gov was launched in March 2011 at the White House Council on Bullying Prevention, as the result of a high-level administration initiative involving both the President and First Lady. A partnership between HHS and the Department of Education, it was originally conceived as a one-stop-shop for information about bullying in schools and communities. After feedback to the launch showed a desire for more practical information, it was re-launched in April 2012 with a more practical, how-to-handle-bullying focus. In September it gained a blog and an upgraded kids section featuring games and videos. The site receives about 250,000 visits per month. Its Facebook page has been liked over 40,000 times and its Twitter feed has over 17,000 followers.
Craig Stoltz is the Content Team Leader for the Web Communications Division at the U.S. Department of Health and Human Services (HHS). In this position, he leads the team of content managers that produce such sites as healthcare.gov, flu.gov, vaccines.gov, foodsafety.gov, stopmedicarefraud.gov, and stopbullying.gov. Each of these sites combines resources from across HHS and in some cases across the federal government, creating communication and coordination challenges among traditionally siloed organizations. He also leads the Division???s plain language efforts.

StopBullying.gov pull information from various government sources to provide all resources from across Government that addresses Bullying.

Content is targeted towards Parents and Teachers.

They found that there weren’t many resources around Cyber-Bullying. This was added.

These resources address:

– What is bullying
– Who is at risk
– How to prevent bullying

“Be more than a bystander” is one area of the site that is targeted to kids. Advices kids how they can help.

Some great Multimedia resources – uses YouTube and other resources.

#Health2STAT Think Global – Act Mobile – Alison Pilsner – @InfieldHealth

More from #Health2STAT

Think Global, Act Mobile: How mobile technologies are helping to change the face of global public health

There is a growing body of evidence that demonstrates the potential of mobile communications to drastically improve healthcare services, even in some of the most remote and poverty-stricken locations worldwide. In many parts of the world, epidemics, natural disasters, and a shortage of healthcare workers continue to present challenges; however, over the last decade, the explosive growth of mobile communications offers a new hope for the promotion of quality healthcare. This presentation will focus on how mobile technologies have helped impact health awareness, outcomes, and behavior change in the developing world.

Alison Pilsner, MPH, CPH, CHES is a Health Strategist at Infield Health with a diverse background of experiences using emerging technologies, social media, and mobile solutions as a way to improve reach and engagement of public health interventions and campaigns. A recent Boulder, CO, transplant from Washington, DC, Alison is primarily responsible for matching Infield products to the needs of health institutions. Alison was inspired to pursue a career in public health with a goal of developing products and better models of prevention to empower everyone to take control of their health. Her recent experience includes serving as the eHealth Ambassador for the National Cancer Institute’s (NCI) Smokefree.gov suite of projects where she consulted on the use of emerging technologies and mobile solutions. Fluent in Spanish, Alison serves as an affiliate faculty member for the Misi??n de Amistad global healthcare mission in Central/South America several times a year. In addition, Alison sits on the Advisory Board for My Bridge 4 Life???. Alison completed a Cancer Research Training Award Fellowship at the NCI in Health communication and Informatics and a LEND Fellowship in Neurodevelopmental Disabilities at the University of Pittsburgh. Alison holds both an MPH and BS from the University of Pittsburgh, is CHES certified, and was a member of the charter class to receive the Certified in Public Health (CPH) credential in 2008.

Mobile Technology is reshaping the developing world.

Mobile reach further in to developing countries than any other technology.

There are now 1B smartphones world wide. That’s 15% of the world population.

Here are some examples:

SMS for Life

Reduced clinics running out of meds from 90% to 6% during a pilot program. Tanzania is now deploying to 5,000 health facilities. IBM and Vodafone piloted this.

SMS For Life prompts health staff to check their supplies of anti-malaria medications on a weekly basis.

ChildCount – improves child health in Kenya.

Measurements transmission times were reduced from 2-3 months to 2-3 minutes.

64,800 times faster than paper-based systems.


India national rural health mission. Trained 3/4M health activists and educates then via phone.

More from #Health2STAT Michelle Murray – Patient Support Groups on Facebook

More from #Health2STAT


Facebook Hospital Patient Support Groups

Michelle Murray will discuss the University of Maryland Medical Center???s (UMMC) Facebook Patient Support groups which were launched in March 2011. She???ll discuss what they offer to UMMC patients ??? a chance to interact with each other and offer support in a private group environment ??? how these groups have grown considerably since the launch date, and how the groups are managed.

Michelle Murray serves as the Assistant Web Site Editor for the University of Maryland Medical Center???s award-winning umm.edu site. In addition to managing and developing content for the site, Michelle also manages the Medical Center???s Facebook page, which has added more than 18,000 fans under her leadership. In addition, Michelle also manages two Facebook pages for the Songwriter???s Association of Washington and hosts and produces ???The Open Stage,??? an online radio show on BlogTalk Radio.

These were an outgrowth of real life groups.

– Liver Transplant
– Trauma Survivors

Wanted to expand the reach of patient support services.

These groups help answer questions like:

– Does this happen to anyone else
– Provide encouragement and advice

Groups are easy to create and manage.

Reaches people where they are.
Overcomes the challenges of long commutes.

Things to do:

– Monitor daily
– Respond to questions and concerns


#Health2STAT in Bethesda. Great to see @kaitbroe @lostonroute66 and many more. Thanks to @Aquilent for their efforts hosting this event

This evening I am at #Health2STAT at the Barking Dog in Bethesda. This should be another lively evening. We have a series of rapid fire 5 minute presentations.

If you are interested in future STAT events then check out Meetup.com – http://www.meetup.com/DC-MD-VA-Health-2-0/events/45832242/

@MikeTock starts by talking about the support work @Aquilent does to support the Children’s Inn at the National Institutes of Health

I am interested to hear from Jim Blaigaich talking about “What Type of Cloud?”

3) NCATS in the Cloud

 Jim Blagaich has been the CIO at the National Center for Advancing Translation Sciences (NCATS) since Dec. 2011. He provides the technology vision and leadership in the development and governance of the NCATS information technology (IT) program. He has 20 years of experience in Federal information technology operations and planning. Prior to the establishment of the NCATS, he was the CIO at the National Center for Research Resources since April, 2008. He held a position at the Center for Scientific Review (CSR), where he led the Planning, Policy, and Budgeting efforts.  Before joining the CSR, he was a Defense Information Manager, Access to Care, ASD (HA) TRICARE, where he managed enrollment, care authorization, health survey, and patient appointment-related software applications for 150+ hospitals. In addition, he has 7 years’ experience in implementing hospital information systems and telemedicine applications. He holds s an MBA from Frostburg University (2006).

National Center for Advancing Transitional Services (NCATS) advance the development, testing and implementation of diagnostics and Therapeutics.

Accelerating transition of Research to the bedside.

Launched a site in 6 weeks. Purpose was to communicate the role of NCATS to the public.

They faced a lot of opposition: Our hosting is better, it will cost more and it is not secure. 
They overcame all of that.

Now NCATS uses Amazon Web Services.
Use Active Directory – but not as simple as they expected.

Things to learn when experimenting in the cloud:
– Organization opposition and pain points
– Cost
– Security Policies
– Network Configuration 
– Performance

Experiment in the cloud on a low impact system.