Q&A: Christopher Roth on Cybersecurity, EHRs and HIMSS18

Many of radiology’s hottest topics are closely connected to health IT personnel and technologies, making HIMSS18 in Las Vegas an especially enticing meeting for any imaging professional. Christopher J. Roth, MD, associate professor of radiology at the Duke University School of Medicine and a member of the HIMSS-SIIM Enterprise Imaging Workgroup, spoke with RBJ to preview HIMSS18 and talk about the industry as a whole. 

Q: Privacy and cybersecurity are big issues across U.S. healthcare. What are some things imaging providers should be doing right now to improve their own security and keep patient data out of the wrong hands? 

There are a lot of things that just aren’t being done. The bad guys are a part of the problem. The other part of the problem is ourselves, because we make a lot of mistakes. We aren’t executing from within our organizations as well as we could be. 

There are things that aren’t even specific to imaging, such as stress testing your firewalls, malware software and the various URL, attachment and ad blockers you have in place. I personally love password managers, because they’re a huge productivity win and they strongly encourage good password hygiene. Testing your staff with a fake phishing initiative is another important way to build  risk awareness.

There’s also identify-theft protection, which is being increasingly recognized as important by healthcare providers because many of their employees are also patients with data at the organization. 

At Duke, this protection was actually given to us as an employee benefit in the event something were to occur. 

These things may not be specific to radiology, but I think those kind of “blocking and tackling” elements are the things that get forgotten. 

Q: If an imaging provider thinks they need additional assistance in this area, where should they turn? 

Every organization needs to have a designated person for security and a designated person for privacy as a HIPAA-covered entity. They can be the same person or people, but every entity needs to have someone in place. 

If physicians out there have questions, finding that person within your organization is a great place to start. 

HIMSS also understands this landscape really well and has information on its website that all people within healthcare organizations can access related to security and privacy. 

Q: Electronic health records have changed so much in recent years. How do you expect them to change from this point forward? 

I think the future of EHRs looks like a consolidation of knowledge and the sharing of best practices. 

What’s beautiful about the growth of EHRs is that it’s really easy for me to reach out to a colleague at another university and ask what he or she is doing. 

Some EHRs build in enough flexibility with workflow that there are different ways to get things done. I’ve been able to learn a lot from other sites and I’ve had a lot of people reach out to me. A lot of us know each other and it’s easy to talk about these things. 

Q: Let’s talk about HIMSS18 in Las Vegas. What can attendees expect to see as far as artificial intelligence is concerned? 

The growth of AI, including machine learning’s ability to improve care, has been fun to watch. 

These topics were a small part of everyone’s vocabulary just three to five years ago. Today you’re already starting to see how they are permeating both imaging and non-imaging care. 

Imaging is very much in the cross-hairs in this world of accountable care organizations and cutting costs, and these things help make us smarter about how and where imaging is provided.
Watching these technologies evolve over the last few years, as we’re seeing the beginnings of change, has been really encouraging. I think this provides a shot in the arm for innovation. 

Q:  What should medical imaging providers keep an eye out for at this year’s show? 

Imagers attending HIMSS18 should broaden their horizons and look at things they have a hard time finding in other places. 

Look into the basics of population health. Look at what’s going on with healthcare policy. 

I think the benefit of imagers going to the conference isn’t just to see medical imaging information specifically. It’s also to learn how they can serve patients better.