eHealth Articles (1,988)

Cyber-security can improve by adopting best practices

Patients and their families expect healthcare professionals to know and apply best practices. They can also expect that eHealth’s cyber-security aspires to the same standards. A white paper from Osterman Research, and sponsored by KnowBe4, a cyber-security and training firm, sets these out for combating phishing and ransomware cyber-attacks.  They offer a good start for Africa’s eHealth. Core themes include:

  1. Phishing and ransomware are increasing at the rate of several hundred percent a quarter
  2. Most organisations have been victimised
  3. Phishing and ransomware are in  security decision makers’ four main concerns
  4. Security spending will increase significantly in 2017
  5. Most organisations don’t seeing improvements in their security
  6. Security awareness training is vital to combat phishing and ransomware
  7. Organisations with well-trained employees are less likely to be infected

In this increasing challenging cyber-crime world, organisations can adopt many best cyber-security practices to deal with phishing and ransomware. They include:

  1. Cyber-security awareness training to create a human firewall
  2. Test staff periodically to see if cyber-security awareness training’s effective
  3. Rigorous password management
  4. Deploy systems that detect and eliminate phishing and ransomware attacks
  5. Search for and remedy cyber-security risks and vulnerabilities
  6. Maintaining good, isolated backups
  7. Using reliable threat intelligence
  8. Establish communication backchannels for key staff members
  9. Keep reminding employees of the risks of oversharing content on social media
  10. Ensure every employee maintains robust anti-malware defences on their managed platforms
  11. Keep software and operating systems up-to-date.

These are sensible and pragmatic practices that Africa’s health systems can adopt. Making theme effective needs a cyber-security leader, who must be an executive.

Mar 02, 2017

PASS 555 can help Africa’s eHealth cyber-security

Standards, so regulation, for cyber-security are essential for Africa’s eHealth. In May 2013, the British Standards Institute (BSI) published Publicly Available Specification (PAS) PAS 555: 2013 Cyber security risk. Governance and management. Specification. It’s relevant for Africa’s eHealth.

BSI is the world’s first national standards body. Sir John Wolfe-Barry, who designed London’s iconic Tower Bridge, formed it in 1901. It registered its BSI Kitemark in 1903, the first year of life for which Harley Davidson, Crayola crayons and the Tour de France. It has a track record of setting standards for quality.

PAS 555 is generic, so fits healthcare. It aims to help organisations understand and manage their exposures to cyber-threats, a downside to eHealth’s costs and benefits, healthcare’s reputation and risks to patients and communities. It uses outcomes-based methodologies to define the overall outcomes of effective cyber-security and ensure organisations’ confidence. Its standards comprise:

  1. Business-led, holistic approach to cyber-security
  2. Technical aspects of cyber-security
  3. Physical, cultural and behavioural aspects
  4. Effective leadership and governance.
  5. These can help Africa’s healthcare organisations:
  6. Focus investment appropriately
  7. Minimise potential loss
  8. Improve operational effectiveness and efficiency
  9. Develop organisational resilience
  10. Improve loss prevention and incident management
  11. Identify and mitigate cyber-security risk throughout organisations.

It also helps organisations to choose how it achieves their specified outcomes. These can be through their own processes or adopting other standards and management systems and cross references to other standards, including some from the International Standards Organisation (ISO), such as:

  1. BS ISO/IEC 27001 Information Security Management
  2. ISO/IEC 20000-1 Information Technology. Service Management. Service management systems requirements
  3. ISO 22301 Business Continuity Management
  4. ISO 31000 Risk Management.

These offer constructive start points for Africa’s eHealth cyber-security. But, as cyber –threats continue to develop, it’s important to keep up too. Acfee’s first in a series of reports on cyber-security  aims to help with this.

Mar 02, 2017

Weather surveillance and food security are vital for better health

Rising sea temperatures and glacial retreats are two climate change measures reported by National Aeronautics and Space Administration (NASA). It’s clear that its effects are damaging in many ways. One negative impact’s food security, with its knock on adverse impact on nutrition. The  UN World Food Programme (WFP) has collected evidence that climate change aggravates the risks of undernutrition and hunger caused by extreme weather events such as floods, droughts and tropical cyclones. These can destroy crops, critical infrastructure such as hospitals, and key community assets. The results are deteriorated livelihoods and aggravated poverty. These exacerbate Africa’s health challenges.

Climate change affects all dimensions of food security and nutrition such as food availability, food access, food utilisation and food stability. The World Bank has reported that more than 700 million people in the world are still living in extreme poverty, while the 2015 State of Food Insecurity in the World (SOFI) report states that 793 million people are undernourished. A BioMed Central report has also indicated that droughts as a result of climate change can cause food insecurity which may lead to psychological distress.

To track changes in people's food security, the WFP’s Food Security Monitoring System (FSMS) monitors market prices, rainfall patterns and collects information on individual households, their income and food consumption. The FSMS data alerts the humanitarian community to adverse changes to ensure that help is provided when needed.

FSMS uses the WFP Seasonal Monitor to examine satellite imagery of rainfall and vegetation. It analyses real-time satellite data streams and seasonal forecasts to identify potential changes that may result in food insecurity. 

Highlights of the latest FSMS report for Southern Africa include:

  • Need for a good performance from the growing season from October 2016 to April 2017 for Southern Africa after suffering two consecutive droughts due to the lasting El Niño event that resulted in food insecurity
  • This season has suffered an irregular start, especially for countries like Zimbabwe, Mozambique and Zambia
  • Early rains are mostly used to restore the depleted soil moisture reserves, but its current limitation has caused depressed vegetation cover across most of the region and this has resulted in delays in crop and pasture develop
  • Positive, major cereal production areas in NE Southern Africa, Botswana, Namibia and Southern Angola have had a promising start
  • There are grounds for some optimism as the seasonal forecasts indicate more rainfall than average during January to March. 

This data’s an essential component of health surveillance. It can be used to plan the health and healthcare initiatives needed to respond to adverse climate changes and avoid or minimise the effects. On its own, it’s crucial information. Combined with health surveillance and healthcare resource data, Africa’s health systems can plan effectively. An mhealth app can be created to educate community members on how to adapt to climate change can help reduce the effects of climate change.

Mar 01, 2017

Big Data is not big in Africa’s eHealth - unpacking the 3rd Global Survey on eHealth

As a relatively new part of eHealth, Big Data has a negligible effect on Africa’s health systems and eHealth programmes. Big Data insights are in Chapter 8 of the WHO and Global Observatory for eHealth (GOe) publication eHealth Report of the third global survey on eHealth Global diffusion of eHealth: Making universal health coverage achievable. WHO Global Survey 2015 provides the data source for the report.

It hasn’t taken off globally yet. Fewer than a fifth of countries say they have a national policy or strategy for regulating Big Data in health and healthcare. In Africa, it’s about 2%. This Big Data deficit isn’t much of a cause for concern. As the eHNA posts about WHO’s report show, Africa’s health systems have many other eHealth priorities. One that wasn’t included in WHO’s survey is stepping up cyber-security. Acfee’s report from its African eHealth Forum (AeF) our priorities include  cyber-security and others, such as Interoperability (IOp), cloud computing, eHealth governance, regulation and capacity building are well ahead of Big Data.

WHO found that a lack of integration, privacy and security are major barriers to Big Data adoption. It’s constructive that Africa’s health systems are focusing on these as part of their expanded eHealth initiatives. Acfee’s activities in 2017 will support them.

Mar 01, 2017

Self-testing HIV kits will soon be coming to Rwanda

HIV in Rwanda’s below Africa’s average, but it’s still a priority for the Rwanda Ministry of Health who has planned to introduce an HIV Self-Testing (HIVST) service to support the country’s existing testing services, such as those offered at health facilities or mobile voluntary testing and counselling. HIVST’s an innovative approach that can increase access to HIV testing services, particularly among populations with the lowest coverage and highest risk.

People can buy the HIVST kit and perform a HIV diagnostic test and interpret the result in private, an article in allAfrica says. They can use oral fluid or blood-finger-pricks to check their status. Results are ready in 20 minutes, sometimes less.

The Rwanda Biomedical Centre (RBC) advises people with positive results to seek follow-up tests at health clinics to check the results.  WHO recommends that peoples who test positive receive information and links to counselling and rapid referral to prevention, treatment and care services.

Self testing isn’t only convenient and fast. It will support earlier detection of the virus too. "Once introduced, people will be diagnosed earlier by bringing the services closer to where people live, and create demand for HIV testing," says Beata Sangwayire, a voluntary counselling and testing (VCT) senior officer at RBC.

This is particularly relevant for people facing barriers to accessing services.

Groups who’ll benefit from self-testing include people with tight work schedules, groups with higher risks of catching the virus, mainly female sex workers, men who have sex with men and injectable drug users.

RBC says the new service is an innovative measure to achieve the '90-90-90 targets' for 2020. The aim’s to diagnose 90% of all HIV-positive people, providing antiretroviral therapy (ART) for 90% those diagnosed and achieving viral suppression for 90% of those treated, by 2020. It’s also in line with WHO's new guidelines for countries to consider self-testing services as a means to meet the UN target of diagnosing 90%of all people with HIV by 2020. So far, 23 countries have adopted HIV self-testing policies. Many others are developing them.

Statistics from RBC show Rwanda has succeeded in containing the HIV prevalence at 3% in its general population for people between the ages of 15 - 49. This is a remarkable feat. In June 2016, Rwanda launched the Test-and-Treat-All programme. Latest estimates indicate that roughly 80% of people needing ART receive it, not far off its 90% target for 2020.  Additionally, evidence shows the HIV transmission rate from mother to child is estimated at less than 2%.

Rwanda’s working with different stakeholders looking at the feasibility of these new services, where it can be piloted, and instructions on how to use the kit.  HIVST could easily be combined with a mobile app that provides information on HIV and AIDS, treatment options, information on where to go to receive medication and counseling services. Mobile solutions helping to tackle HIV are already underway in Lesotho too.

Feb 28, 2017

There’s not enough eHealth for healthy living

An important theme in Acfee’s goal of healthy Africans is eHealth that supports healthy lifestyles and discourages unhealthy behaviours. Few eHealth initiatives are available for this public health strategy. In an article in KQED Science, Stephen Downs, chief technology and strategy officer the Robert Wood Johnson Foundation (RWJF), attributes the paucity to two main causes. One’s the growing proliferation of chronic diseases, especially diabetes, cancer and heart ailments. The other’s a huge growth in wearables that monitor the consequences of sedentary lifestyles, such as mHealth apps that count steps to show that people don’t naturally incorporate the time and space to walk.

Down’s solution is for innovators to stop treating symptoms and start remedying the problem’s roots. This needs much more than eHealth. It needs unhealthy systems to be re-engineered to remedy the effects of unhealthy environments by engineers and designers in all industries and for them to identify their products’ effects people’s health.

An example is the Changing Places group at the Massachusetts Institute of Technology (MIT) Media Lab. It’s attempting to create solutions that change human behaviour fundamentally. One initiative’s designing ways to feed people healthier diets through urban farms that make use of city spaces. If it succeeds it could benefit millions of Africans living in Africa’s huge cities. A project is the MIT CityFARM that aims to eliminate the large water volumes used by agriculture and avoid unnecessary fertilizers and pesticides.

Another’s the Blue Apron delivery services. It provides boxes of fresh food to doorsteps, with all the ingredients and spices needed to cook meals at home. It replaces fast food with faster food and better nutrition.

ColaLife’s an equivalent and expanding initiative in Africa. eHNA’s previously posted about its activities and successes.

With eHealth’s existing, huge emphasis in healthcare, it seems it’ll be sometime before eHealth for health will start to catch up. Links needed with other activities make it a complex endeavour. Africa’s health systems could take a leading role.

Feb 28, 2017

AAMI presents 80001-1 standard cyber-risk management response

Healthcare professionals are integrating technology with medical devices to improve disease management, reduce medical errors, and to increase communication with their patients. All these valuable benefits are reduced by cyber-risk, some of which become cyber-security breaches. The surge of Internet of Things (IoT) and web-connected medical devices has increased these cyber-security risks and vulnerabilities. An article in Forbes says that hacktivists and cyber-criminals exploit vulnerabilities in systems with poor cyber-threat monitoring, lack of regulations and policies. There’s also a need for reactive and detective controls and defences.  

 As The Association for the Advancement of Medical Instrument  (AAMI) celebrates its 50th anniversary this year, it welcomes its new president and CEO Robert Jensen. AAMI’s developed standard 80001-1:2010 to apply to risk management for ICT networks that incorporate medical devices. The most common cyber-security risks are web application attacks with malware that includes viruses, worms, spyware and ransomware. It’s crucial to provide a cyber-security strategy for total product life-cycles, starting from design and stretching to obsolesce to ensure maximum cyber-security.

80001-1: 2010 stipulates requirements needed to attain vital safety, effectiveness, data and systems and interoperability. It provides guidelines to suppliers, and it’s their responsibilities to comply when manufacturing, installing and distributing their medical devices for use. The first part in 80001-1 aims to guarantee the safety, security and privacy of both delivery and quality healthcare for patients, and address patient and operators risks.  Some recommendations to improve cyber-security are:

  1. Install benchmarks to test and trail medical devices for any vulnerabilities
  2. Develop programs for routine software updates
  3. Impose strict access and control policies to authorised personnel
  4. Increase cyber-security features in medical devices

Africa’s health systems can adapt the 80001-1 safety requirements to increase the cyber-security in medical devices. This will help secure eHealth systems and go along way in protecting patient data.

Feb 27, 2017

Should Africa’s eHealth strategies include all healthcare, like Kerala’s?

A goal of healthy Africans is neutral healthcare ownership. State, private, faith-based and company healthcare all share in the objective, but may not provide services to all patient groups. To achieve consistency of good practice and comprehensive public health data, is there a case for extending health ministries’ eHealth strategies across all healthcare?

Kerala state health department in India thinks there is. The Times of India has reported that the state’s private healthcare sector may have to comply with its eHealth initiatives. About two thirds of patients in Kerala depend on private hospitals. Including them will ensure public health data collection will be complete. Currently, Kerala is rolling out its programme for EHRs, as eHNA posted previously.

Extending it to other healthcare sectors will provide a full data set. How it’s done is important. The state government plans discussions with private hospitals. This builds on existing engagement where several private hospitals already co-operate with the state government under several schemes like Rashtriya Swasthya Bima Yojana (RSBY), a government health insurance scheme for people with low incomes.

Success depends on engaging all types of healthcare providers from the outset. As public health promoters it makes sense for African countries to seek comprehensive eHealth coverage.

Feb 27, 2017

MEASURE provides advice on eHealth investment decisions

Taking decisions on new eHealth is complex. There are many factors to assess and weigh. A technical brief from MEASURE can help to move from ad hoc to rational decisions. It identifies eleven components that decision takers need to consider.

  1. Severity of disease                           
  2. Average population health         
  3. Ease of implementation                                 
  4. Emergency situations                     
  5. Burden of disease                             
  6. Economic growth
  7. Irresponsible behaviour                                 
  8. Vulnerable populations                                  
  9. Budget impact                                                                         
  10. Disease of the poor                          
  11. Cost effectiveness.

These have four decision criteria. They’re evidence-based medicine, burden of disease, cost-effectiveness and equity. Burden of disease and cost-effectiveness are decision component that are also a decision criteria. Examples of criteria are:

  1. Anticipated impact: what’s the magnitude of an intervention’s impact expected on health outcomes or on quality of care?
  2. Costs and expenses: will the intervention require buying expensive equipment, such as servers that need maintaining?
  3. Usability: is the software easy to use or will it need intensive training for expected users?

Long-standing, proven business cases, such as the five case model, have important extra decision components. One’s the realism of eHealth procurement. This needs assessing rigorously in a business case before the procurement stage’s reached to ensure that suppliers can meet requirements. Another’s healthcare organisations’ capacity and capability to succeed with the whole eHealth life-cycle that stretches from engagement, planning and design, ICT, and on to benefits realisation. These softer costs can exceed health ICT costs, so are an essential resource that need including in eHealth projects’ financial and economic models.

Another’s efficiency. eHealth can improve productivity, often in numerous small margins across several healthcare resources. Their contributions to benefits can exceed significantly the estimated value of other benefits. They can create opportunities to expand healthcare’s capacity, but the decisions are complex.

For large-scale eHealth, such as EHRs and Health Information Exchange (HIE), the wide range and types of healthcare, patients, communities and research activities covered can be beyond the scope of cost-effectiveness. For these, Cost Benefit Analysis (CBA) may be more appropriate.

Three specific themes are essential. One’s sustainability, especially the availability of comprehensive and reliable connectivity that may depend on entities beyond the health sector. Second’s cyber-security, that’s become a big issue in eHealth. It needs continuous monitoring, learning, skill development and training for all users.

The third’s risk mitigation. eHealth investment is risky. Risk’s a cost, and unmitigated, can increase costs by more than 40%, and in some cases, Acfee has found unmitigated risk costs of some 500%. It’s a vital component of all eHealth decisions.

MEASURE’s technical brief provides helpful advice on several components needed for a sound eHealth business case. It’s a welcome step forward.

Feb 24, 2017

Med-e-Tel’s conference’s 5 to 7 April

Telecardiology, social media and beyond are Med-e-Tel’s annual conference themes for 5 to 7 April 2017. It’ll include sessions on:

  1. Pharmacy and m and eHealth, presented with the Pharmaceutical Group of the European Union ( PGEU)
  2. Primary care
  3. Mental health
  4. Telenursing
  5. Women's and maternal health
  6. Disease management and remote monitoring
  7. Education and eLearning

Agence eSanté Luxembourg will present on:

  1. Artificial intelligence for decision support
  2. Multidisciplinary consultation meetings and coordination in oncology
  3. Quality of mHealth apps, with Med-e-Tel.

The preliminary conference programme’s now available. Join and be a part of this exciting program and networking event. Hear from and meet with colleagues from around the world, and develop new partnerships and collaboration. You can register now.

Feb 24, 2017