Select Page
Crain’s Chicago Business: Notable Entrepreneurs

Crain’s Chicago Business: Notable Entrepreneurs

Crain’s Chicago released their 2019 Notable Entrepreneurs list, which includes the top 44 business people who have identified needs and opportunities in the market, organized and run companies, and taken on greater than normal financial risks. Terry Ryan, founder and CEO of HealthChampion, was named a notable entrepreneur on the Crain’s top 44 business people list.  

Terry Ryan was frustrated at the lengths he had to go to in order to obtain his health records. Being the entrepreneur that he his, he created HealthChampion to make it easier for consumers to obtain their health records. 

Crain’s Chicago staff took time for a deeper dive with Terry, as the featured nominee. Read more about his thoughts below.

‘You need younger, unencumbered talent’

Terrence Ryan leads HealthChampion, a startup that aims to help consumers access their electronic health records and consolidate data on a single platform. It provides tools that will enable consumers to be proactive about wellness, such as reminders to work out. Users can share their data and track the health of children and elder parents. Ryan is a serial entrepreneur, having started a number of companies including consultancy Knightsbridge Solutions, which he sold to Hewlett-Packard.

CRAIN’S: How did you get the idea for HealthChampion?
RYAN: I find the blank white space very enjoyable. I looked at what was going on in the industry, and it challenged me to understand why the consumer wasn’t the center of the equation.

How will the venture make money?
From providers, who will be able to get access to a patient’s historical data before that patient walks in the door. Afterward, they can see how a patient is doing. Is she going to physical therapy, taking her meds?

What’s the hardest part?
It’s in front of us. Patients have the legal right to request their data, but they can still be refused. Providers may claim they are protecting patient privacy, but they’re looking out for themselves. We need to break down that barrier.

How will you reach your consumer audience?
There’s a world of social media tools. Tweets get to 40 million people at no cost. Compare that to the $200,000 marketing campaign of the past. You have to surround yourself with the people that understand social media and can make sure we’re positioned on these platforms in the right way.

What lessons from your previous entrepreneurial experiences have you been able to apply?
I know how to build a company, where and when you take risk and roll the dice. Beyond that, I’ve reflected on past companies I built that were good, but maybe weren’t great. How do we do it differently? You need younger, unencumbered talent that understands the latest in product development as well as sales and marketing.

How do you see Chicago as a center for entrepreneurship?
The incubators have too many people together that are too alike, at a similar stage. They’re trying to incubate through a network rather than using the resources of people who have done it before. Incubators need to do a better job attracting credentialed people. When I look to raise institutional capital, the people on both coasts are at a higher level of thinking and expertise. But Chicago people are salt of the earth. You get a straight answer.

 

 

Business Insider: Nick Biernat on Cybersecurity in Healthcare

Business Insider: Nick Biernat on Cybersecurity in Healthcare

Nick Biernat, Manager of Information Services and Compliance of HealthChampion recently shared his insights with Business Insider Intelligence. Here’s what the pros are saying:

Nick B Business insider

 

 

What’s the biggest contributor to the poor state of cybersecurity in healthcare? 

Currently the biggest contributor to the poor state of cybersecurity in healthcare is a lack of awareness and training. According to the 2018 Verizon Data Breach Investigations Report phishing and financial pretexting — obtaining financial information under false pretenses — represented 93 percent of all breaches investigated by Verizon, with email being the main entry point at 96%.

Well over 90% of successful attacks against healthcare providers involve exploiting people in some form to reveal sensitive information, and therefore the most effective way of preventing an attack is to invest in a comprehensive and periodic training program for staff. The days of disgruntled high school kids playing pranks are gone and online criminals are sophisticated and well equipped.


What, if anything, can healthcare stakeholders do to boost their organizations’ cybersecurity efforts?

Many online attacks begin with automation, that is, a smart bot or computer running a series of commands to attack systems via various means such as email and web. Enabling Multi-factor authentication for all user accounts is hands down the cheapest, quickest and most simple way to immediately decimate a criminal’s chances of exploiting healthcare systems. Multi-factor authentication – or MFA for short – requires a user to have username and password (something they know) paired with a separate authentication code that is sent to their mobile device. By forcing users to approve each sign-on, an attacker who successfully steals usernames and passwords has them rendered useless. According to Microsoft’s Security Blog 99.9% of attacks can be prevented using MFA.

 

 

 

 

 

Business Insider: Terrence M. Ryan on the Digital Boom and Healthcare

Business Insider: Terrence M. Ryan on the Digital Boom and Healthcare

What’s in My Electronic Health Record (EHR) and Who Can Access It?

What’s in My Electronic Health Record (EHR) and Who Can Access It?

Understanding and harnessing the powerful potential of EHRs

 

The U.S. and much of the world is undergoing a profound transformation in how medical and health records are created, stored, used and shared. The digitization of health records has been a huge and expensive undertaking, but at least in the U.S., almost 99% of health systems, hospitals and medical groups now use some type of electronic health record (EHR) or electronic medical record (EMR) system.

The reason behind this transformation is driven partly by the promise of potential improvements in healthcare and health outcomes. Many health IT proponents believe that with more data available in digital form, we’ll be able to more quickly improve our health systems, diagnostics and treatment. Digital records also bring us closer to the promise of precision, personalized medicine.

 

What is an EHR?

An EHR, or electronic health record, is a digital compilation of your health information. But EHR is much more than just a digital version of your medical charts. In fact, they’re much more than just medical records.

EHR is much more than just a digital version of your medical charts. In fact, they’re much more than just medical records.

EHR vs. EMR

Many people, even healthcare industry people, often use the term EHR and EMR interchangeably. But there is an important distinction between the two terms, which has not always been clear or recognized.

In the past, your medical records were probably the only health records you had. But as people began generating more health- and wellness-related data – that were not technically medical records – the distinction between EHR and EMR has become more apparent and important.

Strictly speaking, EMR refers to your patient records, typically produced every time you were a patient at hospital, health clinic or doctor’s office. However, the term EMR also applies to any information and data you generated when interacting with a healthcare professional – even when you weren’t in a healthcare or medical facility:

  • Paramedic. For example, when you are treated by paramedics, they routinely complete a report about the care they provided, regardless of whether they brought you to a hospital. Their reports typically become part of your EMR.
  • Home visits. Many homebound and elderly patients receive in-home care from caregivers and medical practitioners. The patient records they produce from those home visits also become part of your EMR.
  • Telehealth. Many health plans and medical systems are increasingly turning to telehealth or telemedicine services to lower expenses, by lowering the instances of unnecessary hospital visits. Trained healthcare professionals, usually nurses, nurse practitioners or even doctors, staff these phone calls to answer questions and even write prescriptions. Patient records produced by these telehealth sessions also become part of your EMR.

 

EHR and Telehealth 

Hopefully, this gives you an understanding of how broad the definition of medical records and EMRs have become.

But how does EMR compare with EHR?

Simply put, your EHR includes your EMR – plus many other health-related data not produced by hospitals or medical professionals. From your exercise and diet records to data from your wearables and medical devices, today’s EHR can encompass much more data than traditionally found in medical records.

 

What can I find in my EMR?

Continuing the focus on your medical records, here are more items you’ll find in your EMR file:

  • Administrative and billing data: from your provider and insurance companies. This allows you to trace back your visits and review your claims history.
  • Patient demographics: this includes your date of birth, gender, and contact info. This allows your providers to identify you, as well as making it easy for them to contact you.
  • Progress notes: this includes everything your physician documents about you; details about your visit, your doctor’s observations, and management plan(s).
  • Vital signs: this includes your basic health parameters; blood pressure, body temperature, heart rate and breath rate
  • Medical histories: this includes any prior doctor visits, hospitalizations, treatments or surgeries you may have underwent.
  • Diagnoses: any of your active or prior diagnoses, the treatment plan for each and their outcome.
  • Medications: the list of medications that you are currently on or have previously been prescribed.
  • Immunization: all the immunizations you have received, as well as reminders of any upcoming shots you need to take.
  • Allergies: this makes note of all the food and drug allergies you have, as well as any previous allergic reactions, and how they were managed.
  • Radiology images: this may include X-rays, MRIs, PET and CT scans that your physician ordered.
  • Lab and test results: this encompasses any lab tests ordered by your healthcare provider, this can include your complete blood count, metabolic and lipid panels, liver and kidney function tests.

 

PHR vs EHR

While EMRs form only a part of EHRs, a more apt comparison exists between personal health records (PHR) and EHR. In fact, your EHR is essentially the electronic version of your PHR.

As we note in our deep dive into PHRs, your PHR is the collection of available information, data and statistics about your health. As such, your PHR and EHR includes an array of health-related data that is often not found in your EMR:

  • Annotations. Your own personal notes and annotations to your medical files are part of your PHR and EHR, but not your medical records.
  • Health diary. Similar to annotations, your health journal or diary are part of your PHR and EHR.
  • Apps. Whether you’re using the Weight Watchers or the Nike Training Club, these apps generate a stream of tracked data, which are usually not part of your EMR.
  • Fitness devices. Fitness devices like Fitbit and Apple watches likewise generate a lot of health and wellness data, which are typically not included in your EMR.
  • Medical devices. Patients with medical devices like home blood pressure monitors and glucose monitors produce data that may be included in your EMR, but is often not.

These are just a few of the non-EMR data that can be included in your PHR and EHR.

 

Metadata and analytics

Using an electronic records system generates significantly more data than a similar paper chart. When your healthcare provider used to complete your patient charts by hand, your medical record was limited to whatever was manually recorded into your patient file.

The advent of digitization, however, added metadata and analytics to your medical and health records:

  • Metadata. When data is added to your EMR today, your EMR also records metadata information such as IP addresses, server timestamps, GPS locations, identities of everyone who views your file (even if they don’t add anything), revisions, deletions and even where previous deleted versions can be found.
  • Analytics. Digitized data makes advanced analytics and even machine learning possible. Comparing your data with the records of millions of other patients can uncover important warning signs about your personal health that isolated medical providers may not easily realize. This can produce recommendations and health programs tailored for specific individuals.

Metadata and analytics results are typically not part of your EMR. But they are important elements for advanced EHR systems.

Today, almost all new medical records produced in the U.S. are in electronic form.

 

The digitization of health records

According to the Office of the National Coordinator for Health Information Technology (HIT), which is part of the U.S. Department of Health and Human Services (HHS), 96 percent of hospitals and 78 percent of physicians’ offices use EHRs – as of 2016!

Today, almost all new medical records produced in the U.S. are in electronic form.

This transformation is partly the result of the 2009 Health Information Technology for Economic and Clinical Health (HITECH) Act. At the time that HITECH was passed, fewer than one in 10 hospitals and 17 percent of physicians used EHRs.

HITECH was passed as part of the larger American Recovery and Reinvestment Act and represented the first time that the American government had committed federal resources to accelerate the pace of healthcare technology. The federal government used financial incentives to encourage EHR adoption, including direct subsidies.

 

Who Gets To Access and View My EHR?

First, let’s answer this question by focusing on just your medical records – the EMR portion of your EHR.

To begin, you have access to your EMR. In fact, your healthcare providers are required by federal regulations to provide you with copies of your medical records in the format you request (i.e. paper or electronic).

Your healthcare provider also has access to the patient medical records they have on file for you. As we discuss later, the fact that they generated your patient data implies some degree of ownership. This means that almost everyone in that health system could have access to your EMR file kept by that health system.

Practically speaking, however, the Health Insurance Portability and Accountability Act (HIPAA) calls on any entity that has controls health data to limit access to that information. Only employees and personnel who have a valid reason for accessing and viewing that medical record should do so.

HIPAA also requires healthcare providers and other covered entities handling medical and health data to inform patients how their records are being used.

 

Sharing My EMR Data

According to HIPAA, healthcare providers must first get permission from the patient before sharing medical and health records with a third party. Here are common examples of third-party medical records sharing:

  1. Second opinions. If you want to get a second opinion from a specialist at a different health system or network, you would need to request and authorize the sharing of your EMR.
  2. New providers. Many companies switch health plans (and provider networks) every few years. If you switch to a new healthcare provider or primary physician, you may need to authorize the transfer of copies of your EMR to your new provider.
  3. Personal data release. If you want a relative or friend to access your health records, particularly in case of emergencies, you will need to authorize such releases as well.

The beauty of today’s EMR and EHR systems is that it makes it easier for you to share data as needed. For example, if you’re on vacation and have to visit an out-of-town hospital for an emergency, that hospital can now obtain your EMR file from your primary physician in seconds. As long as your current provider and that out-of-town hospital use EMR or EHR systems that follow established protocols, they can share files over the Internet – with your permission.

However, there are exceptions to this permission requirement. There are, in fact, some cases in which your healthcare provider shares portions of your medical information without obtaining your permission:

  • Government agencies. The Centers for Medicare and Medicaid Services (CMS) and the Social Security Administration (SSA) can examine portions of your medical records to ensure you qualify for certain benefits. When you apply for benefits, however, you may receive notification of their intent to gather some of your healthcare information.
  • School records. Your child’s school can share immunization and other records with the state repository without your permission, though they will often give you notice.
  • Health insurance. You typically give health insurers permission to access portions of your medical and healthcare records when you obtain health insurance. But insurers may share it with other entities as part of their process.

 

Who can access and view my EHR and PHR?

After reviewing the regulations for medical records above, we can now turn to the bigger picture of EHR and PHR. The answer is that it’s largely up to you, but not completely.

For starters, HIPAA doesn’t apply to most non-medical EHR records. For example, the health data produced by your Fitbit machines or weight loss apps are typically not part of HIPAA. That’s the case with many health and wellness applications.

And as health apps proliferate – they now number in the hundreds of thousands – the question of protecting my health data privacy becomes more urgent.

 

EHR and Health Devices + Apps 

For now, your non-HIPAA covered health data is essentially protected by you and the agreements you have with your app providers and other data-generating providers. Start by checking the privacy policies and user agreements with your apps. You should also consider how much of your EHR is shared by these different parties, from medical devices to your personal trainer.

As the volume of our non-medical (and non-HIPAA-covered) EHR continues to grow, more of our EHR information could theoretically be more open than we realize. That is why the need for greater protection for health data privacy – and perhaps the expansion of the two-decades-old HIPAA regulations – is becoming more urgent.

 

Who owns my EHR?

This is a tricky question. There are actually two dimensions to this question worth considering:

  1. Who legally owns your EHR?
  2. And who SHOULD own your EHR?

As we noted in the preceding section, the issue of privacy is growing in importance. And data privacy is intertwined with the question of data ownership.

When it comes to medical records, it depends on the state you live in. Only New Hampshire has given patients ownership over the information in their medical records. But 21 other states have passed regulations that gives primary ownership of patient records to the hospital or healthcare provider that produced your medical records.

The majority of state governments are still silent over the question of who owns medical records, let alone EHR.

 

Who should own our EHR?

In many ways, the U.S. is playing catch-up with Europe and Canada when it comes to data privacy and ownership. Europe’s recent General Data Protection Regulation (GDPR) has shifted the balance significantly in favor of consumers when it comes to privacy for all personal data – not just health information.

Europe and Canada have already started dealing with the question of who should own your personal data. And they are siding with you, the consumer.

U.S. healthcare consumers are currently working under HIPAA, a regulation created before the…

  • Emergence of Google,
  • Widespread adoption of social media,
  • Growth of the Internet of Things (IoT), and
  • Evolution of mobile applications

So while the question of who legally owns your medical data is fragmented based on your state, the question of who should own your medical and all your health data is now an issue that all Americans must address and decide.

 

One way to return control of the healthcare journey back to us, the consumers, is to return control and ownership of health data, especially EHR, back to the patient.

 

Why ownership of our health data is important

The American healthcare system faces many daunting challenges. Many believe that it is in crisis, with skyrocketing healthcare costs making our current system unsustainable.

We believe that one reason for the current state of our U.S. healthcare system is the current model of our system, which has removed much of the control and decision-making from patients and healthcare consumers. One way to return control of the healthcare journey back to us, the consumers, is to return control and ownership of health data, especially EHR, back to the patient.

There is a growing movement to transform our healthcare system and individual health journeys to one driven by patients and consumers. We invite you to join us in this movement to reshape U.S. healthcare.

 

Full HIPAA Compliance Verification for HealthChampion

Full HIPAA Compliance Verification for HealthChampion

HealthChampion Continues Meeting High Standards for Consumer Protection

For Immediate Release

HealthChampion — the world’s first platform giving people unprecedented control over their healthcare information to improve their individual health goals and outcomes — is now fully HIPAA compliant.

With the fundamental belief that people should be able to access their own health data as easily as their credit score, HealthChampion is developing an app that enables consumers to do precisely that. In addition, HealthChampion — from the very beginning — also focused on the highest level of protection for people’s health data.

“Health data is personal and highly sensitive. That’s why every one of our staff members — from IT to marketing — went through extensive, vigorous HIPAA compliance training. Each new hire will, as well,” says Nick Biernat, Manager of Information Services and Compliance at HealthChampion.

The HIPAA Seal of Compliance is the entire health care industry’s third-party HIPAA verification. There is no formal HIPAA compliance certification from the federal government or subsidiary regulatory agencies. U.S. health care professionals rely on companies such as the Compliancy Group to demonstrate their compliance.

“App users deserve to know how their data is being used,” adds Terrence M. Ryan, HealthChampion CEO. “We are accountable to consumers and hold ourselves to the highest standard of security, promising to safeguard their personal health information. In fact, we hope all app developers in this sector will take their customers’ privacy seriously and also become HIPAA compliant.”

About HealthChampion: HealthChampion is building the world’s first people-driven healthcare platform to give consumers unprecedented control over their healthcare while providing the highest level of security and privacy. Combining technology, artificial intelligence, predictive analytics, and health scoring, we’re enabling consumers to own their medical records, spend less for quality care, and achieve optimal health. This breakthrough technology will provide users with more insights into their health, connecting them with providers and specialists around the world, and drive precision medicine. HealthChampion is headquartered in Chicago, IL, with an office in Milwaukee, WI. Our team includes the founders and leaders of Knightsbridge Solutions (acquired by former HP Enterprises), LaunchPoint/ Discovery Health Partners (Inc. 500 and Crain’s Fast50 multi-year awardee) and Tricast Health.

Contact: pr@healthchampion.com

# # #

Pin It on Pinterest