Spring World 2015

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 27, Issue 4

Full Contents Now Available!

Jon Seals

Consolidates all hospital data in single, easily-accessible, standards-based repository; ideal for organizations seeking to improve EPR or implement a portal

WOBURN, Mass. – BridgeHead Software, a leader in healthcare data management, today announced BridgeHead HealthStore™, the first Independent Clinical Archive (ICA) for long-term storage, protection and sharing of hospital data. A modular solution built on top of the BridgeHead Healthcare Data Management (HDM) platform, BridgeHead HealthStore enables hospitals to standardize access to key elements of the patient record while simultaneously freeing them from dependence on any single system to locate the information.

Consolidating many of BridgeHead’s existing capabilities behind a single management console, BridgeHead HealthStore offers standards-based integration with any clinical data source (HL7, unstructured files, DICOM and XDS).  It is both application and storage independent and maintains its own meta-data to ensure content is accessible and clinically useful into the future.

With BridgeHead HealthStore, two things are achieved. Firstly, content can be transparently accessed by the originating application but is now prepared for secondary use by future applications, for example health analytics. Secondly, the data in HealthStore is held independent of the storage. This means hospitals can move to a new application without affecting their storage, or move to new storage without impacting their applications. Ideally suited to manage both new data as well as bulk import of historic data, BridgeHead HealthStore comes with BridgeHead’s full suite of implementation, integration and migration services.

BridgeHead HealthStore brings the following benefits to healthcare data management:

     Enables faster clinical decisions and a more complete EPR with more efficient access to all types of data, which improves EPR or portal implementation;

     Simplifies data quality management, especially for data that is unlikely to change again;

     Allows access to patient data even if one or several primary applications are unavailable;

     Frees departmental applications (e.g. PACS) to concentrate their main activity -- managing the department -- not on being a data-warehouse;

     Streamlines non-clinical access to data (e.g. research) without impacting primary data repositories (e.g. PACS);

     Future proofs data access via standards-based architecture for easy connection to other systems in the future, especially those systems wishing to recall data from HealthStore;

     Removes constant migration headaches as new applications only need a meta data update, not the movement of the physical items;

     Provides a framework to home and secure content from applications that are being retired or taken permanently offline;

     Fully audited.

The healthcare market is acknowledging that the Vendor Neutral Archive (VNA) is no longer sufficient. What’s needed is an ICA with the broader abilities to consolidate access to and management of all of a hospital’s data. “BridgeHead’s data management pedigree makes it eminently qualified to author a complete healthcare facing archive,” said Tony Cotterill, Chief Product Officer at BridgeHead Software.  “For the past five years, BridgeHead has developed APIs for all healthcare-specific data ingestion methods. Now BridgeHead HealthStore brings together our traditional DICOMStore, FileStore and XDS capabilities into the industry’s first true ICA.”

“With BridgeHead HealthStore functioning as a hospital’s ICA, MEDITECH foresees the possibility to publish its own data for independent access by other applications as well as a repository, which will simplify MEDITECH’s access for things like images and other clinical content, all via standards such as XDS,” said John Valutkevich, Manager of Interoperability Initiatives, MEDITECH.  “Initiatives like this all help MEDITECH present the Electronic Health Record more efficiently for our customers running specialty applications in the community and that is why we value the BridgeHead relationship.”


About BridgeHead Software

With 20 years’ experience in data and storage management, and 12 years in healthcare, BridgeHead Software is trusted by over 1,000 hospitals worldwide. Today, BridgeHead Software helps healthcare facilities overcome challenges stemming from rising data volumes and increasing storage costs while delivering peace of mind around how to storeprotect and share clinical and administrative information.

BridgeHead’s Healthcare Data Management (HDM) solutions are designed to work with any hospital’s chosen applications and storage hardware, regardless of vendor, providing greater choice, flexibility and control over the way data is managed, now and in the future. For more information, visit http://www.bridgeheadsoftware.com or follow on Twitter at @BridgeHeadHDM.

Abletek Shares Startling Findings and Educates Healthcare Providers on Solutions

CROSBY, Texas – Abletek, a leader in unified communications, announced today that the company is sharing a startling fact that has many people questioning the data security practices of hospitals and clinics everywhere. According to privacy researchers at the Ponemon Institute, “Recent numbers show 90% of health care organizations have exposed their patients' data -- or had it stolen -- in 2012 and 2013.” The implications of this research are far-reaching and unsettling for most consumers. However, unified communications and IT security providers, like Abletek, have devised many solutions to help curtail this epidemic. 
	Most attacks are the caused by hackers who want to acquire medical records due to their extreme value. The information in medical records (name, birthdate, addresses, phone numbers, medical history and social security numbers), can be easily used for identity theft, fraudulent medical billing or acquiring prescriptions to resell on the street. Hackers can use the medical information to accomplish just about anything once acquired. This flaw in IT security is not a series of isolated incidents but an incredibly widespread problem now affecting millions of people across the nation. 
	In August, Community Health Systems reported that Chinese hackers had allegedly stolen a staggering 4.5 million patient records in what could be the largest breach of patient data to date. The company is treating the breach as a violation of HIPPA, even though the hackers didn’t gain access to medical records (only names, addresses, birth dates, phone numbers, and Social Security numbers were stolen). The breach happened between April and June this year, and was discovered in July. According to cyber-security firm Mandiant, which helped investigate the breach, the group responsible for the attack is known as “APT 18,” and may have links to the Chinese government. 
	The majority of hospitals and health organizations are using outdated technology on a single network making the job of hacking into networks even easier for criminals. IT security is often a large oversight for healthcare organizations because their objective is to save lives. Unfortunately, lack of internal IT expertise and outdated technology plagues the healthcare industry making it an easy target.
Bill Parker, President of Abletek, commented, “The challenge here is that doctors are inherently more interested in saving lives, instead of upgrading their IT security. This a great thing for society and we believe that’s exactly what doctors should be focused on! The only thing is that IT security must be addressed too. Over the years, we’ve learned exactly what it takes to protect health organizations and we love being a part of the solution to this problem. It’s unfortunate when something like this happens but it brings much needed education to the issues at hand. We consider it our duty to educate our market and provide doctors with the technology tools they need to do their jobs, protect their  patients and spend their time focused on saving lives, instead of firewalls. That’s our job.”

Abletek is not your typical IT & communications company. We are a TECHNOLOGY SOLUTION PROVIDER and we care deeply about helping you maximize your productivity through effective Managed Services (MSP), IT, communications and related business technology solutions, and while a lot of companies may talk about increasing your productivity, Abletek actually delivers. 
ABLETEK will remove the burden of managing your network and communications infrastructures by providing everything needed to  maintain your servers, workstations, laptops, Pocket PCs/PDA/Treo, Switches, Routers, Email, Printers, VoIP, SIP, Digital & Analog Communications systems and more.  Leverage our team of dedicated professionals and proven  technology  management  resources  to:  CONTROL & REDUCE YOUR COSTS. 
For more information on Abletek, call (713) 455.1888 or visit www.abletek.com.

How Closely is Your Organization's BCM Program Aligned to ISO 22301?

The International Consortium for Organizational Resilience (ICOR) is committed to increasing the resilience of organizations in an effort to increasing the resilience of communities world-wide.  As part of this commitment, ICOR has created a process to formally recognize an organization's Self-Declaration of Conformity to ISO 22301.  This process is intended to support and promote eventual third-party certification by providing organizations a tool to improve their Business Continuity Management (BCM) programs and to conform to ISO 22301 requirements.

The ICOR Self-Declaration of Conformity (SDoC) to ISO 22301 is available to organizations of all sizes globally.  It is a process where an organization declares formally that its Business Continuity Management System (BCMS) meets the requirements of ISO 22301:  Societal Security - Business Continuity Management Systems - Requirements.

One element of this process is the development of an ISO 22301 Maturity Model that organizations can use to self-assess the capability and maturity of their Business Continuity Management System (BCMS) using the International Standard ISO 22301 as a reference.  The ISO 22301 Maturity Model excel tool was created using the Virtual BCMM as a reference. 


Determination of an ICOR verified Self-Declaration of Conformity

Determination of meeting the requirements is based on a combination of the following scores and criteria:

  1. Completion and submission of ISO 22301 Maturity Model with a minimum overall score of 2.5 with no single competency area scoring less than 2.0.  3.0 is a perfect score.
  2. Successful completion of Biographical Data and review by ISO 22301 Auditor
  3. Successful completion of BCMS Information and review by ISO 22301 Auditor
  4. Submission of Required Documents or "Proofs" and review by ISO 22301 Auditor

Upon successful completion of the online application (including completion of the ISO 22301 Maturity Model) your application will be evaluated by an ISO 22301 Lead Auditor with credentials earned from ICOR, BSI, or PECB.  Estimated time for evaluation is less than 30 days.  

If your application is verified, your organization's self-declaration of conformity will be listed on the ICOR SDoC webpage.  In addition, your organization will receive a certificate verifying your self-declaration and may use the ISO 22301 SDoC "mark" as evidence of the ICOR verification.  Verification is valid for 3 years.


Link here for more information  

Email all questions to ISO22301@theicor.org.   


ISO 22301 Maturity Model only:  $995.00 USD 

ISO 22301 Application:  $2,495.00 USD (Includes Maturity Model) 


Amalgamated Life's goal is to further enhance its best in class practices and risk management through the comprehensive automation of its life waiver claims and adjudication process

BEDMINSTER, N.J. – FastTrack RTW Services & Solutions, a division of Kamine Technology Group, LLC, announced that Amalgamated Life Insurance Company of White Plains, New York, a leading provider of insurance solutions including group life, disability and medical stop loss, has become the latest Life Waiver Tools client.

Amalgamated Life will look to improve its Best in Class Practices and operational risk management profile by standardizing and automating their life waiver claims administrative tasks and adjudication processes through use of FastTrack's Life Waiver Tools. 

The FastTrack Life Waiver process inputs key restrictions and limitations data from the claimant's medical provider into an advanced Physical Capabilities Form (PCF). The PCF is then compared against a specialized and validated occupational library to identify the claimant's ability to perform his or her own occupation or any occupation, based on the terms of the claimant's policy. Further analyses can be specified based on the claimant's gainful wage, Training, Education and Experience (TE&E) and geographic criteria as underwritten. This next generation automation enhances, standardizes and speeds the waiver of premium adjudication process, while providing comprehensive assessment data to the insurer's benefit specialist to make optimal claim adjudication decisions.

In addition to licensing FastTrack's Life Waiver Tools software, Amalgamated Life will also utilize FastTrack's Claim Administrative Services to perform specific administrative tasks, which will allow their claims personnel to focus on core adjudication decision-making functions.

"At Amalgamated Life, we are continually improving in order to maintain the highest standards of quality in operations and customer service," said Executive Vice President of Sales and Marketing John A. Thornton. "By integrating advanced technologies such as FastTrack's Life Waiver Tools, we can streamline and enhance our processes to facilitate optimum outcomes."

Carl Capato, FastTrack's Senior Vice President of Strategic Risk Management Solutions commented, "We are very excited to welcome Amalgamated Life as FastTrack's newest Life Waiver Tools Customer.  We believe there is strong synergy between Amalgamated's risk management goals and our own products and services, which will greatly benefit both parties." Capato went on to say, "With the many significant additions to our Life Waiver Tool client base this year, there  is no doubt that the industry believes the time has come to establish stronger waiver of premium best practices through assistive technology as it significantly enhances the current waiver of premium claim evaluation and adjudication processes."


About Amalgamated Life

Amalgamated Life is a leading provider of comprehensive insurance solutions. Founded in 1943, Amalgamated Life has a long history of serving diverse businesses, unions, and health and welfare funds. In 2014, the company earned its 39thconsecutive "A" (Excellent) Rating from A.M. Best Company.  Amalgamated Life is a member of the Amalgamated Family of Companies which includes: Amalgamated Agency, a property and casualty brokerage; AliCare, a third-party administrator; AliCare Medical Management, a medical care management firm; AliComp, a mainframe outsourcing and Information Technology solutions provider; and AliGraphics,a full-service printing and mailing company. Amalgamated Life Insurance Company is located at 333 Westchester Avenue, White Plains, NY 10604.   For more information, visit:www.amalgamatedlife.com.


About FastTrack RTW Services & Solutions

The FastTrack RTW Services & Solutions Division (FastTrackRTW.com) of Kamine Technology Group, LLC helps the insurance vertical proactively enhance its Return-to-Work and Risk Management programs with a comprehensive suite of tools. The FastTrack tools are utilized by Short/Long Term Disability, Life and Workers Compensation insurance carriers, Self-Insured Employers and TPA providers as integral parts of their Return-to-Work and Risk Management initiatives. FastTrack's goals are to help speed the return of claimants/injured workers to their existing employers, find them new employment opportunities when occupational changes are required and to assist carriers to more effectively adjudicate claims from a Risk Management perspective.

The US National Fire Protection Association (NFPA) has made two announcements regarding the current revision process for the 2016 edition of its business continuity standard, NFPA 1600. 

First, the Public Comment closing date for online submissions is November 14th, 2014.  For details on how to submit comments, please click here

Second, the date for the Second Draft Meeting to review the updated standard will be March 24th-26th, 2015 at the Palmer House Hilton hotel in Chicago.  For more details on this activity, please click here

NFPA 1600, and its current version dated 2013, has been recognized as the National Preparedness Standard by the 911 Commission.  It is also the US national standard on emergency preparedness, and has an important focus on business continuity.  NFPA 1600, 2013 Edition, is also one of the three standards being used in the voluntary Private Sector Preparedness (PS-Prep) program as administered by the Department of Homeland Security. 

A new survey from Lieberman Software Corporation has revealed that 78 percent of IT security professionals are confident that firewalls and antimalware tools are robust enough to combat today’s advanced persistent threats.

Lieberman Software says that these findings highlight the fact that while cybercrime is on the rise, many organizations are still dangerously relying on outdated perimeter security solutions to defend against the latest threats.

The survey, which was carried out at Black Hat USA in August 2014, also revealed that 22 percent of those surveyed do not think that tools like firewalls and antivirus are able to defend against APTs. However, given the surge in organizations suffering advanced targeted cyber attacks, this number should have been much higher.



When the topic of encryption comes up in conversation (and doesn’t it always?), skeptics are fond of interjecting self-satisfied statements along the lines of, “The question isn’t whether encryption is crackable, but when will it be cracked?” In the face of such smugness, I usually counter with the ego-deflating rejoinder, “Let me know when you’ve joined us in the cloud era.”

You see, when data is encrypted in the cloud, your keys remain within your control; thus only authorized users have access to protected data. Unauthorized users will only see indecipherable codes, which is fine, but how do you think unauthorized users will attempt to access and exploit said data?



With the security threats around today, the sheer mass of information and the vulnerabilities to attack, it has to be admitted that information security is a challenge. But not an insurmountable one. The right information security takes planning and organisation. The advantages include prevention of loss and damage through information being stolen or compromised, as well as a more alert, capable workforce. So why does one recent survey show a downwards trend in implementing information security procedures?



Leaders of business intelligence (BI) projects should push for a revamped data architecture that supports more integrated data, even if it means looking at a Big Data option, according to a recent InfoWorld column.

In “Why BI projects fail -- and how to succeed instead,” software consultant Andrew C. Oliver says it’s essential to be able to integrate large amounts of data. BI tools tend to be resource-hungry, he adds.

So, rather than viewing technologies such as Hadoop, data lakes, enterprise data hubs and data warehouses as “trendy,” you should view them as essential to BI success, argues Oliver.

“A successful BI project does not forget about either business integration (more later) or data integration,” he writes. “Your requirements should dictate what, how much, and how often (that is, how ‘real time’ you need it to be) data must be fed into your data warehousing technology.”



The proposition that human resources hold one of the golden keys to successful business continuity will be presented on day two of the BCI World Conference and Exhibition in the Listen Stream. David Evans and Lynne Donaldson of Corpress LLP will argue that the HR role in business continuity is often understated, possibly not understood and for many organisations undervalued.

Please share your thoughts with us on how important HR (Personnel) are to your BCM process: are they heavily engaged or just reactive when pushed and how much time do you spend working with them?