eHealth Articles (1,988)

Brazil looks set to expand telemedicine

Market research report on Brazil’s telemedicine shows it’s likely to increase from $495.3 million in 2015 to $743.8 million in 2017. That’s about a 50% increase in two years. Research and Markets published its findings and also found that the country’s mHealth market revenue look set to grow from $446.8 million to $1.43 billion over the two years, more than three times its 2015 spend.

Brazil’s teleradiology takes a huge market share, 98%. The remaining 2% is for specialist consultations and distance learning and education. mHealth is a different market. Its range’s broad, and includes some apps for telemedicine.

Despite mHealth’s gigantic growth forecast, there are several investment barriers. Short life-cycles is one. Both wearable and apps, and across vital signs remote monitoring and chronic disease management, mHealth’s rapidly and constantly transforming its ecosystem with new value proposition and solutions. Dealing with these obsolescence costs creates affordability challenges.

World Bank data shows Brazil’s Gross Domestic Product (GDP) per head as about US$8,539. An average for Africa’s about US$5,666. The extra 50% can make a big difference to eHealth affordability. Even so, Brazil’s forecast expansion’s huge, so Africa’s health systems may be able to see some significant growth.

Mar 23, 2017

Wiikwemkoong goes live with a bit of razzamatazz

In eHealth, going live usually involves uploading software and starting it up. Canada’s First Nations have a much better idea. Manitoulin Expositer has a report about eHealth’s razzamatazz. First Nations health officials and a Telus Health team were at Wiikwemkoong Health Centre to launch an EHR programme that will extend to more First Nations.

Manitoulin Island’s in Lake Huron in Ontario province. Its first nation routes go deep. Archeological discoveries found Paleo-Indian and archaic cultures dating from 10,000 BC.

With Michael McGregor of Giiwednong Health Link (GHL) eHealth programme manager as master of ceremonies, the go live started with a song by local drum group High Eagle Singers. Rita Corbiere, a Wiikwemkoong elder provided an opening invocation.

GHL’s a health and information management collaboration between Manitoulin Island and North Shore First Nation health organisations. It’s funded by Health Canada, with priorities for planning and implementing EMRs in GHL members’ health centres. Practice Solutions Suite (PSS) are part of the project too.

The project started in 2006. The long timeline justifies the celebrations. Next, 14 First Nation member communities will have their EHRs by March 2018. No wonder High Eagle Singers concluded the proceedings with an honour song.

This leaves two challenges for Africa’s communities. One is to start up their EHRs. The other’s to celebrate in a way that only Africans can do.

Mar 23, 2017

M-Afya app helps ease worries about maternity fees in Kenya

Many pregnant women live in informal settlements in Embakasi, Kenya. They have to rely on private healthcare, and so find the money to pay the hospital bills. It’s due to the limited availability of public hospitals in their area. Mobile phones and pre-payment plans can help.

An article in the African Healthcare IT News says the average maternal billing for medical check-ups and delivery and postnatal care received at a private health facility in Kenya is estimated at 10,000 to 15,000 Kenyan shillings, roughly US $100 to $150 or €95 to €142. It’s a considerable financial burden for women and their families in this community.

While most people in the settlements are wage earners, they often rely on  unpredictable means of income. The added stress of pregnancy and the fears of not easily affording medical treatment are realities for many women living here.

These maternal challenges caught the attention of relief organisation Malteser International. It led to the mHealth system M-Afya, M for Mobile and Afya meaning health in Kiswahili.

The app doesn’t provide financial support, but helps in saving the money that is needed. Women who register at private clinics are provided with a birth plan and encouraged to create accounts. They can then use M-Pesa to deposit money in their accounts. People pay as much as they can afford each time, so having no requirement of fixed amounts is very helpful. The system uses SMS to send updates and other information too.

M-Afya also provides access to a database that helps promote maternal and child health. Twice a week, women who have registered, receive messages on their mobile phones with information about their pregnancy. They’re reminded of doctors’ appointments, given advice about their pregnancy and sent health data about their unborn children. After they've given birth, M-Afya sends messages of support to mothers and family members.

The initiative has two main benefits. It reduces levels of stress associated with medical bills. Secondly, it promotes maternal and child health, helping to address core issues of the Sustainable Development Goals.

Mar 22, 2017

IOp isn’t easy, it needs more planning and evaluation

At eHealth’s high peak sits Interoperability (IOp). Reaching the summit’s a test of preparation and endurance. The view from the top might be breath-taking, but the ascent’s a continuing challenge.

A report from the US Government Accountability Office (GAO) has identified some of these. They’re essential lessons for Africa’s health ministries and systems. ELECTRONIC HEALTH RECORDS HHS Needs to Improve Planning and Evaluation of Its Efforts to Increase Information Exchange in Post-Acute Care Settings sets out five important findings from stakeholders about the US IOp project:

  1. Cost:
  • Facilities often have limited financial resources for the initial costs of EHRs
  • Additional costs may be incurred for exchanging information and maintenance
  1. Implementing standards: concerns are:
  • Variability in implementing health data standards
  • Difficulty finding health information relevant to post-acute care providers when this information’s exchanged
  1. Workflow disruptions: implementing EHRs needs post-acute facilities to change their daily work activities or processes, which can be disruptive
  2. Technology challenges: such as EHRs that can’t exchange health information electronically
  3. Staffing: a lack of staff with expertise to manage EHRs and high staff turnover result in a constant user training.

There are other challenges too. The Department of Health and Human Services (HHS) hasn’t measured the effectiveness of its efforts to promote EHRs. It also lacks a comprehensive plan to meet its goal to increase the proportion of post-acute care providers exchange electronically. These gaps are seen as inconsistent with leading principles of sound planning.

Current planning excludes key external factors and risks that may affect its efforts adversely. Without a comprehensive plan to address these, risks of not achieving goals. Consequently, HHS cannot determine if its efforts contribute to its goal, or if they need modifying.

The Office of the National Coordinator for Health Information Technology (ONC) plans to survey providers in post-acute settings to collect baseline data on EHR adoption rates and activities to

demonstrate ways to exchange health information electronically. Currently, they don’t extend to assessing HHR’s effectiveness in promoting EHRs use. In addition, most of the key efforts lack specific plans for evaluating their progress.

HHS accepts the findings. It plans to improve its tracking of EHRs use in post-acute care if resources become available. The constructive dialogue reveals the way that Africa’s programmes for EHRs should proceed up the mountain, one step at a time, where each step adds to the ascent.

Mar 22, 2017

A roadmap for image-based mobile technologies in Africa

"We need new energy to change the world,” said Maud Olofsson, former Swedish Deputy Prime Minister. She was opening the fifth STIAS-Wallenberg Roundtable in Stellenbosch, South Africa. She was talking about the energy of innovation and the people driving it. She emphasised how mHealth experts should help politicians to understand these rapidly changing technologies and work with them how to secure the benefits and opportunities for health systems strengthening. 

The roundtables are an initiative of the Marianne and Marcus Wallenberg Foundation. They have been run every year since 2013. Delegates are from South Africa, Sweden and the broader international community, invited to engage in dialogue and debate to explore solutions to global challenges.

The February 2017 Roundtable focused on image-based mobile health. Over 60 participants attended from 16 countries. The event provided an opportunity for cross-sectoral and cross-disciplinary discussions and networking, says an article in africahealthnews.

A tangible output of the roundtable is a roadmap to be published in a special issue of Global Health Action devoted to mHealth. eHNA will share it once it's available.

The roadmap emerged from discussions on five key questions about the implementation, expansion and up-scaling of image-based mHealth in resource-constrained settings:

  1. How should the most important barriers to the implementation of image-based mHealth in the clinical setting be overcome?
  2. How can frontline healthcare workers adopt image-based mHealth in their practice?
  3. Which key strategies are needed to overcome organisational challenges to implementing image-based mHealth?
  4. Which are key strategies to overcome technical challenges in implementing image-based mHealth within the health sector?
  5. For each stakeholder groups represented, what are the most important priorities to build and sustain mHealth leadership?

Emphasis on finding solutions and crafting a tangible roadmap provides a constructive model for this type of sector engagement. African eHealth experts included African Centre for eHealth Excellence’s (Acfee) Dr Sean Broomhead (South Africa), Prof Peter Nyasulu (South Africa and Malawi), Dr Ousmane Ly (Mali) and Dr Eddie Mukooyo (Uganda). They will take lessons from the roundtable experience into the Acfee stakeholder events planned for Southern Africa and East Africa towards the end of 2017.

Helping end users make better decisions and provide better care was critical a focus. Discussions included how best to deal with barriers such as regulatory aspects, costs, Internet accessibility, airtime, power shortages, lack of training, use of personal phones and safety issues around phones, data accuracy and security - a long list - so that users are able to embrace mobile health.

Delegates included nurses and doctors sharing practical experiences using mHealth in clinical settings, overcoming implementation challenges, and leading change. Their stories fuel optimism for what is possible. We look forward to reading the roadmap and to sharing it with eHNA readers.

Image courtesy of STIAS

Mar 21, 2017

VFAN’s expanding into more countries

After its success in Rwanda, Vision for a Nation (VFAN) is planning to take its approach to other countries. It could be good news for some African countries.

It’s already helped more than a million people in Rwanda to access eye care services. In four years, VFAN’s provided:

  1. Over 1.2 million eye screenings, more than 10% of the population
  2. 560,000 prescriptions
  3. 144,000 referrals for specialist treatment
  4. 109,000 pairs of glasses.

VFAN’s programme has supported Rwanda’s Ministry of Health to build an affordable, successful nationwide eye care service locally available to 10.5 million people. It’s fully integrated into the public health system.

Tom Rosewall, VFAN’s CEO says “Rwanda is the first emerging country in the world to provide all of its people with local access to affordable eye care.” The service in Rwanda’s sustainable. eHNA reported earlier that Rwanda’s Ministry of Health will assume full responsibility for new eye care services from January 2018. VFAN now plans to take its initiative to other countries around the world. Other parts of Africa are good places to start.

Mar 21, 2017

eHealth’s revolutionising healthcare in emerging markets

Access to basic healthcare information is a challenge in many parts of the world. It’s especially demanding in developing countries. Google’s latest move in India may help increase access to healthcare information for millions of people.

An article in The Market Mogul says Google identified this gap in Indian and has added health information to its Knowledge Graph. It’s a sematic search base that Google uses to supplement organic search results with summarised information.

So, the next time someone in India uses Google to search common health conditions, it’ll show information cards illustrated with images. This information will include typical symptoms, details on how common the condition is, whether it’s critical, if it’s contagious and which age groups it affects. Google said that it’ll provide a condensed version if users have limited Internet connections. This goes some way to deal with India’s slow and intermittent mobile connections.

An article in TechCrunch says Google’s initiative is in response to start-ups dedicated to democratising India’s healthcare. Lybrate, an online, web-based healthcare service’s an example. It aims to increase access to doctors and quality healthcare information. It’s app service allows users to ask doctors questions online, search surgeries nearby and make and manage appointments.

Other developing countries benefit from mHealth initiatives too. Successful start-ups include Docway, Beep Health and Dr Vem! in Brazil. These use apps and the web to connect patients and doctors. Doctors have to be registered with the app, and  set their own consultation rates. Users can also browse doctor’s resumes before deciding to book appointments. Most users are parents looking for paediatricians. The next big group of users are elderly people with limited mobility.

Are these online initiatives coming to Africa on a big scale? A more appropriate question may be when will they be available?

Mar 20, 2017

NIST consulting on updated cyber-security framework

Despite a comprehensive cyber-security framework in place in the US, cyber-crime’s a major threat. It didn’t seem to help prevent a huge phishing attack to a hospital, reported on eHNA, indicating the scale and complexity of the challenge.

The US National Institute of Standards and Technology (NIST) has released for consultation its updated Framework for Improving Critical Infrastructure. It has two main parts, the report and a comprehensive checklist in Excel. They’re both essential for Africa’s health systems in developing their cyber-security.

The new report expands the cyber-security measures in the original framework from February 2014. Its new content includes:

  1. A new section on cyber-security measurement and correlating business results to cyber-security risk management metrics
  2. Expanded explanation of using the framework for supply chain risk management
  3.  Refinements to improve accountability for authentication, authorisation and identity proofing
  4. Better explanation of the relationship between implementation tiers and profiles, including establishing or improving a cyber-security programme and using framework tiers for implementation, and integrating framework considerations with risk management.

The Excel checklist has 23 categories. These lead on to 106 sub-categories and 398 cyber-security reference links. It’s a comprehensive list of actions needed for good cyber-security practices. The 23 categories are including:

  1. Asset Management (ID.AM) Asset Management (ID.AM):  identifying and managing data, personnel, devices, systems, and facilities consistent with their relative importance to business objectives risk strategies.
  2. Business Environment (ID.BE): understanding and prioritising mission, objectives, stakeholders, and activities to inform cyber-security roles, responsibilities, and risk management decisions
  3. Governance (ID.GV): understanding and using policies, procedures, and processes for managing and monitoring regulatory, legal, risk, environmental and operational requirements to cyber-security risk management
  4. Risk Assessment (ID.RA): understanding cyber-security risks to operations such as mission, functions, image, or reputation, organisational assets and individuals
  5. Risk Management Strategy (ID.RM): establish and use priorities, constraints, risk tolerances, and assumptions for operational risk decisions
  6. Supply Chain Risk Management (ID.SC): stablish and use priorities, constraints, risk tolerances and assumptions for risk decisions for managing supply chain risk and implementing processes to identify, assess and manage them
  7. Identity Management and Access Control (PR.AC): limiting and managing access to physical and logical assets and associated facilities to authorised users, processes, and devices consistent with the assessed risk of unauthorised access
  8. Awareness and Training (PR.AT): ensuring personnel and partners are aware of cyber-security and adequately trained to perform their duties and responsibilities consistent with cyber-security policies, procedures, and agreements
  9. Data Security (PR.DS): ensuring data’s managed consistent with risk strategies to protect its confidentiality, integrity and availability
  10. Information Protection Processes and Procedures (PR.IP): maintain and use cyber-security policies that address purpose, scope, roles, responsibilities, management commitment, and coordination, processes, and procedures to protect information systems and assets
  11. Maintenance (PR.MA): ensure control and information system components are maintained in line with policies and procedures
  12. Protective Technology (PR.PT): manage technical security solutions to ensure cyber-security and resilience of systems and assets consistent with policies, procedures and agreements
  13. Anomalies and Events (DE.AE): detecting and understanding anomalous activity and its potential impact promptly
  14. Security Continuous Monitoring (DE.CM): monitor information systems and assets at discrete intervals to identify cyber-security events and verify the effectiveness of protective measures
  15. Detection Processes (DE.DP): maintain and test detection processes and procedures ensure timely and adequate awareness of anomalous events
  16. Response Planning (RS.RP): implement and maintain response processes and procedures to ensure timely responses to detected cyber-security events
  17. Communications (RS.CO): co-ordinate responses with internal and external stakeholders, including external support from law enforcement agencies
  18. Analysis (RS.AN): analyse and review cyber-security measures to ensure adequate responses that support recovery activities
  19. Mitigation (RS.MI): performed activities to prevent expansion of events, mitigate their effect, and eradicate incidents
  20. Improvements (RS.IM): implement lessons learned from current and previous detections and responses
  21. Recovery Planning (RC.RP): implement and maintain recovery processes and procedures to ensure timely restorations of systems or assets affected by cyber-attackes
  22. Improvements (RC.IM): improve recovery planning and processes by incorporating lessons learned
  23. Communications (RC.CO): co-ordinate restoration activities with internal and external parties, such as coordinating centres, Internet Service Providers (ISP), owners of attacking systems, victims, other Computer Security Incident Response Teams (CSIRT) and vendors.

Challenges for Africa’s health systems include where to start and how long should it take to set up? The second question depends on the resources available. The reasonable answer to the second question is, pick a start that matches cyber-security priorities. If these aren’t explicit, start at 1. If there’s already been a cyber-attack, start at 1 and 20 may be relevant.

Mar 20, 2017

Healthcare has several cloud priorities

Cloud computing seems to have clear priorities for healthcare. A survey by Gatepoint Research, available from Health IT Security, sets out the views of 100 ICT senior decision takers in US healthcare. Supported by Level 3 Communications, Strategies for Next-Gen Healthcare Networks provides Africa’s eHealth leaders with a comparator for their cloud and network investment decisions. The survey shows:

  1. Cloud investment priorities are:
  • Business productivity 54%
  • Business continuity and disaster recovery 41%
  • Telemedicine 25%
  • Big Data and analytics 25%
  • EHRs 22%
  • Data storage 19%
  1. Healthcare network priorities are:
  • Reliability 76%
  • Security 63%
  • Support 47%
  1. Drivers for network investment are:
  • Security 91%
  • Manage application growth 8s%
  • Business productivity 81%
  • Future requirements 815
  • Storage 58%.

Like all eHealth, networks become obsolete. Half the ICT executives said their networks are due for upgrading in the next two years. About 21% said it was needed between one and two years’ time. Some 29% said it was needed within the next year. Taken together, none saw their networks’ current services being appropriate beyond two years.

This may indicate how important investment priority is for Africa’s eHealth leaders to find a slot in their short term eHealth investment plans. As networks are expanded to fill the gaps, short term upgrading’s needed too. 

Mar 17, 2017

How to combat SQL and XSS cyber-attacks

Just because it’s an old hat doesn’t mean cyber-criminals give it up. Structured Query Language (SQL) the long-standing international standard for database manipulation, can still be part of a cyber-attack. SQL injection and Cross-Site Scripting (XSS) attacks enables cyber-attackers to inject client-side script, JavaScript, or Hypertext Markup Language HTML into web pages so other users can see them.

JavaScript’s an object-oriented programming language for creating interactive effects in web browsers. HTML’s a standardised system for tagging text files to achieve font, colour, graphic, and hyperlink effects on web pages.

SQL injections are common for Hypertext Preprocessor (PHP) applications, usually on Linux servers and with MySQL, and Active Server Page (ASP), Microsoft’s web server technology for creating dynamic, interactive sessions with users. Code Project has a post describes a small, sample code to deal with the vulnerabilities and combat these attacks. It’s available to download.

There’s more help, advice and a demonstration on a webcast from Alien Vault. It’s released it partly because it says SQL injection and Cross-Site Scripting (XSS) attacks affect millions of users and they need Security Information and Event Management (SIEM) solutions to find these vulnerabilities. SIEM collects and correlates data to identify patterns and raise alerts on cyber- attacks.

Watch this demo to learn more about how these attacks work and how AlienVault USM gives you the built-in intelligence you need to spot trouble quickly.

  1. How these attacks work and what you can do to protect your network
  2. What data you need to collect to identify the warning signs of an attack
  3. How to identify impacted assets so you can quickly limit the damage
  4. How Unified Security Management (USM) can simplify detection with built-in correlation rules and threat intelligence.

Both sources offer Africa’s eHealth projects a start. It also needs to be part of comprehensive cyber-security strategies.


Mar 17, 2017