HMT: Analytics helps hospitals, more data theft, Snowden update, and more
To view this email in your browser, please click here.
HMT on Facebook HMT on Twitter   HMT on LinkedIn 
Health Management Technology News
January 21, 2014
New! Graduate programs in Health Informatics

In this issue:

Next-generation comparative analytics solution helps hospitals get paid faster

Massive data theft hits 40% of South Koreans

NSA program defenders question Snowden’s motives

Buzz-laden startup Shape unveils security technology to cripple online fraud

The 25 worst passwords of 2013: 'password' gets dethroned

Next-generation comparative analytics solution helps hospitals get paid faster

Today RelayHealth Financial unveiled a new version of RelayAnalytics Pulse, the company’s flagship comparative analytics solution. New in this release: the ability to bring your own data, which lets hospitals use claim and remit records from any claims management system. By bringing their data to Pulse — the industry’s largest, most diverse database of revenue cycle data — hospitals and health systems alike can accurately assess RCM performance, monitor KPIs and find payment obstacles fast. And that may lead to better cash flow.

“RelayAnalytics Pulse gives you continuously updated data from thousands of hospitals of all types, sizes and geographic regions,” said Jason Williams, vice president of Business Analytics for RelayHealth. “Consistent calculations and the ability to filter across this amount of complex data is crucial for CFOs and revenue cycle managers, because it lets them do apples-to-apples and “what if” comparisons of financial performance using data of similar peers. A 100-bed hospital in the northeast might not benefit from comparisons to a 1,000-bed hospital out west. A teaching hospital might want to exclude non-teaching hospital data. A hospital with maternity services could narrow data to other maternity hospitals for accurate length-of-stay comparisons. Pulse helps ensure your change management roadmap isn’t based on dissimilar peer sets that can lead to flawed insights and bad decisions.”

This release of RelayAnalytics Pulse is the second generation of RelayHealth Financial’s flagship comparative analytics solution. Hosted in the cloud and provided as an on-demand software service, it helps hospitals and health systems benchmark performance across peer groups to compare revenue and cash flow; see financial trends; measure productivity; automate collection and calculation of KPIs to quantify improvement opportunities; do root cause analysis; prioritize areas for improvement; and rationalize investments with data-driven decisions. Hospitals and health systems can:

  • Benchmark hospital performance to peers across key performance indicators (KPIs). Define peer sets using criteria such as hospital size, setting, claim volume and hospital type.
  • Benchmark subgroups within a hospital system based on organizational structure or other characteristics. Then set peer comparison criteria to analyze and compare hospital productivity and overall performance.
  • Aggregate and update data daily from RelayHealth’s repository to help minimize manual (and error prone) surveys, data loads, and calculations. This immense database is compiled from more than 1,000 hospitals and health systems across America. It uses claim and remit data harvested from a subset of the 1.9 billion transactions transmitted annually by RelayHealth Financial, valued at $1.1 trillion. And now, thanks to this new release, hospitals can import and use claim and remit records from any claims management system.
  • Strategically prioritize process improvement by focusing in on revenue potential or cost savings associated with each KPI, and set target goals accordingly.
  • Perform scenario and “what if” planning using the Improvement Estimator to determine potential financial results of improvement efforts.
  • Gain actionable insight to establish root cause by drilling into KPIs and sub-KPIs, comparing peer performance, and examining details to isolate root cause and quantify opportunities for revenue acceleration.

Read more from McKesson here

Return to the table of contents >

Massive data theft hits 40% of South Koreans

The personal data of 20 million South Koreans -- or 40% of the country's population -- has been stolen, sparking outrage as worried consumers scramble to replace compromised credit cards.

Customer details appear to have been swiped by a worker at the Korea Credit Bureau, a company that offers risk management and fraud detection services.

The worker, who had access to various databases at the firm, is alleged to have secretly copied data onto an external drive over the course of a year and a half.

Clients of three Korean companies -- KB Kookmin Bank, Lotte Card and Nonghyup Bank -- were hardest hit by the data theft. Crucial personal data like identification numbers, addresses and credit card numbers were all stolen.

The Korean government has launched an investigation into the matter. The country's financial regulators said in a statement that the "relevant credit card companies will compensate for any financial loss caused by the latest incident."

Since the data theft, about half a million customers have applied to have new credit cards issued, the companies told CNN.

The data theft follows a massive security breach at Target (TGT, Fortune 500) that impacted up to 100 million customers in the United States. Luxury retailer Neiman Marcus has said that it, too, was breached.

Target's massive breach was due to malware on point of sale systems, while the Korean banks were compromised by a third-party worker, facts that underscore the wide variety of threats facing consumers.

Read the full CNN Money article here

Return to the table of contents >

NSA program defenders question Snowden’s motives

The chairman of the House Intelligence Committee on Sunday condemned former National Security Agency contractor Edward Snowden as a “thief” and said he may have had help from Russia.

“I believe there’s a reason he ended up in the hands, the loving arms, of an FSB agent in Moscow,” said Rep. Mike Rogers (R-Mich.), referring to Russian President Vladi­mir Putin, a former head of the Russian security service. “I don’t think that’s a coincidence.”

He said that some the things Snowden did were “beyond his technical capabilities” and that it appeared that “he had some help and he stole things that had nothing to do with privacy.” Rogers did not elaborate on when he thinks Russian officials and Snowden were first in contact.

Rogers, appearing on NBC’s “Meet the Press,” said Snowden’s actions have done significant damage to the U.S. military.

The majority of what Snowden took from government systems, Rogers said, had nothing to do with Americans’ privacy and was instead focused on U.S. military operations. That information may now have been obtained by other nations, he said.

In an interview on ABC’s “This Week,” Rep. Michael McCaul (R-Tex.), chairman of the House Homeland Security Committee, said he thinks Snowden was “cultivated by a foreign power.”

Snowden has denied turning over any documents to the government in Russia, where he obtained a one-year asylum visa after flying there from Hong Kong in June. He has also denied providing any classified material to China.

Rogers said that organizations such as al-Qaeda and nation-states have changed their communication protocols in response to Snowden’s leaks and that the United States will have to spend billions to rebuild its capabilities.

In a speech Friday, President Obama said he no longer wants the government to collect and hold the phone records of millions of Americans and would like to narrow officials’ access to the data.

Sen. Dianne Feinstein (D-Calif.), chairman of the Senate Intelligence Committee, said she was heartened by the president’s speech, particularly because he intends to continue to allow the collection of Americans’ phone records, albeit with tighter controls and with the data in the hands of some outside entity. Obama has instructed the attorney general and the director of national intelligence to come up with a plan to make good on his proposal.

“The president very clearly said, ‘We need this capability to keep people safe,’ ” said Feinstein, who also appeared on “Meet the Press,” adding that the majority of members on her committee would agree with that.

Read the full Washington Post article here

Return to the table of contents >

Buzz-laden startup Shape unveils security technology to cripple online fraud

With online fraud on everyone's lips, a secretive but much-buzzed-about startup on Tuesday will unveil technology that one leading security expert says could cut global cyberattacks by half.

Shape Security operates behind locked doors in a bland Mountain View office building, but its founders -- including a former high-ranking Pentagon official -- have developed a new approach to fighting the kinds of malware attacks that have brought down the White House computer network and cost consumers and e-tailers hundreds of millions of dollars each year in bogus charges.

And they do it by turning hackers' own techniques against them.

"It can be a game-changer," said Gartner Research vice president Avivah Litan, a security consultant who previously was director of financial systems at the World Bank.

She and other experts say security software is often handicapped because it fights reactively: A virus or bit of malicious software may not be discovered until long after it's begun to work.

"There are armies of 'bots' sitting on user machines that quietly take over for a few unnoticed moments, then go back to sleep," Shape co-founder Sumit (pronounced "summit") Agarwal said recently from the company's compact offices.

Those so-called bots, or automated programs, can scour a person's computer for passwords and other information such as birthdates and Social Security numbers. Often, they steal that data from websites the person has visited.

"This problem is bigger today than it's ever been because every American household is wired," Agarwal said.

An Air Force cyberwarfare veteran and MIT graduate, he spent six years in product management roles at Google (GOOG) before the Obama administration named him deputy assistant secretary of defense.

The federal government is increasingly keen to stop cyberassaults; former Defense Secretary Leon Panetta, in a recent speech in San Jose, said the agency is hit more than 100,000 times each day. Many of those are "distributed denial of service" attacks, in which a network of bots use stolen user IDs to flood a site with billions of clicks.

At the Pentagon, Agarwal got to know another tech refugee: Derek Smith, who had founded security startup Oakley Networks and sold it to defense contractor Raytheon.

Agarwal and Smith came to believe the key to warding off attacks via websites was to change the nature of the sites themselves. So in late 2011, they headed back to Silicon Valley.

When a bot scours a website, the software is looking for telltale fields such as "username" and "password." Shape's solution: Passing sites through a second server that replaces those fields with constantly changing bits of gobbledygook. The bots can't tell which code to zero in on, but to the user, the website appears unchanged.

Those rapid changes are called "real-time polymorphism," a technique traditionally used by malware to rewrite its code every time a new machine is infected.

Shape's approach wouldn't stop scams like the massive theft of shopper credit card numbers from Target; that attack wasn't launched through the retailer's website but via malware placed on card-swiping devices in stores.

But what Shape's technology conceivably could do is stop fraudsters from using those stolen card numbers to order things on and other websites. Using stolen cards to buy gift cards or other items, then quickly resell them, is a key strategy behind credit card theft, Agarwal said.

Litan, who's spoken to users of Shape's fledgling service, said it would virtually eliminate malware takeovers of a user's computer and the kinds of denial-of-service attacks that crashed federal websites in 2009 and those of major U.S. banks last year.

Read the full Denver Post article here

Return to the table of contents >

The 25 worst passwords of 2013: 'password' gets dethroned

“123456” is finally getting some time in the spotlight as the world's worst password, after spending years in the shadow of “password.”

Security firm Splashdata, which every year compiles a list of the most common stolen passwords, found that “123456” moved into the number one slot in 2013. Previously, “password” had dominated the rankings.

The change in leadership is largely thanks to Adobe, whose major security breach in October affected upwards of 48 million users. A list of passwords from the Adobe breach had “123456” on top, followed by “123456789” and “password.” The magnitude of the breach had a major impact on Splashdata's results, explaining why “photoshop” and “adobe123” worked their way onto this year's list.

Fans of “password” could reasonably petition for an asterisk, however, given that the stolen Adobe passwords included close to 100 million test accounts and inactive accounts. Counting those passwords on the list is kind of like setting a home run record during batting practice. Don't be surprised if “password” regains the throne in 2014.

Weaker passwords are more susceptible to brute-force attacks, where hackers attempt to access accounts through rapid guessing. And when encrypted passwords are stolen, weaker ones are the first to fall to increasingly sophisticated cracking software.

As always, Splashtop suggests avoiding common words and phrases, and says that replacing letters with similar-looking numbers (such as “3” instead of “E) is not an effective strategy. Instead, consider using phrases of random words separated by spaces or underscores, and using different passwords, at least for your most sensitive accounts. Password management programs such as LastPass, KeePass and Splashdata's own SplashID can also help, as you only have to remember a single master password.

Here's the full list of worst passwords from 2013, according to Splashdata:

  1. 123456
  2. password
  3. 12345678
  4. qwerty
  5. abc123
  6. 123456789v
  7. 111111
  8. 1234567
  9. iloveyou
  10. adobe123
  11. 123123
  12. admin
  13. 1234567890
  14. letmein
  15. photoshop
  16. 1234
  17. monkey
  18. shadow
  19. sunshine
  20. 12345
  21. password1
  22. princess
  23. azerty
  24. trustno1
  25. 000000

Read the full PC World article here

Return to the table of contents >


A single test could cost your hospital millions

View the NEW exciting White Papers and Webinars on HMT!

Surviving value-based purchasing in healthcare

Late-binding: Why you DON'T need a comprehensive data warehouse model

Click here to read these white papers. >

January 2014  HMT digital book

Industry News

Mississippi establishes a Medicaid EHR database
On January 13, 2014, Mississippi State Representative Omeria Scott filedHouse Bill 206 which provides “for a...
Read more>>
ONC SAFER Guides outline best practices
This week the Office of the National Coordinator for Health IT (ONC)released the Safety Assurance Factors for EHR...
Read more>>
U.S. hospitals show EMR growth opportunities
Patient portals, clinical data warehousing/mining and radiology barcoding applications are poised for accelerated growth among...
Read more>>
WEDI joins chorus asking CMS for more ICD-10 Medicare testing
CMS always takes a bit of a pounding when it comes to initiatives announced through the federal agency, and ICD-10 is no...
Read more>>
Hospitals urge audit suspension amid appeal stoppage
The American Hospital Association is urging suspension of Medicare audits until a backlog of appeals is cleared. The suspension...
Read more>>


Subscribe to the
HMT newsletter



Subscribe to HMT

Resource Guide

Media Kit


Career Builder

White Papers

Advertising Inquiries

Editorial Inquiries

Website and Newsletter Inquiries

Subscription Inquiries

HMT Online Only features

Subscribe to Health Management Technology | Contact the Publisher | Advertise With Us  |   Privacy Statement

Copyright 2014 NP Communications LLC, 2477 Stickney Point Rd, Suite 221B, Sarasota, FL 34231