Thursday, February 28, 2019

VFEmail Suffers Attack from Hacker that Deletes 18 Years of Email... Including the Backups

biohazardwarning.jpg
 
It sure seems like I’ve been posting this biohazard symbol a lot lately… maybe because I have been.  
 
This story is just a bad one.  Many of us, myself included, rely on our email providers to keep copies of our emails for us.  It’s one less backup I have to do or worry about.  Or at least I haven’t worried about that until now.
 
The story is the email service VFEmail suffered an attack from an anonymous hacker.  Evidently the hacker was concerned with something that was being stored on the VFEmail severs.  It was obviously something either the hacker or whoever hired them, didn’t want to have be published.  Obviously that is speculation on my part, but it sure seemed to be geared toward keeping something from being found.
 
To prevent that, the hacker gained access to the VFEmail servers and deleted EVERYTHING.  One user lost at least 10 years worth of data which was roughly 60,000 emails.  The attack appeared to be aimed at servers in the US and they were wiped clean.  The company said the hack destroyed roughly 18 years worth of data held in file AND backup servers.
 
I’ve actually visited the Tier 3 Data Center where my email servers are held and I have no doubt about how serious they take their security.  However, now I’m giving serious consideration to implementing a backup of my email from my local machine… just in case.

Wednesday, February 27, 2019

Physical Server Theft in Waco, TX Dental Practice

biohazardwarning.jpg
 
Although this doesn’t happen often… it does happen.  In Waco, Texas thieves broke into a dental clinic and actually stole the server.  That’s right, the thieves broke into the office, grabbed the computer, took it away.  Most of us today, heck even those of us who are big on IT Security, don’t consider this as something that happens any more… but it does.  People *still* steal computers and then try to crack into them later.  When you think about it, there is a certain amount security defeat that goes on with that.  You don’t have to crack into the network and *then* break into the server.  You just grab the server and run.  Then at your leisure you try and work through the security on the device itself.
 
Now the good news about this theft is that the clinic had protected the server with 2 layers of password protection.  This means that the actual chances of breaking through BOTH password layers is pretty remote.  Good on the clinic for thinking ahead and making this theft unlikely to be profitable.  They did NOT have the data encrypted which would have added another much more difficult layer of security.  However, I really think this should have been the job of their IT provider to suggest this and then implement it.  Not every doctor is a computer security expert.  
 
I bring this whole story up because anytime something like this happens, it opens the window of opportunity for all of us to learn from these disasters and hopefully close the loopholes that exist in our offices so that these situations are not replicated elsewhere.
 
The other smart thing the office did, was to have a cloud backup system running which ensured that even though the data from the server itself was unreachable, they could still recreate everything from the cloud.
 
As many of you know, I’m a big fan of DDS Rescue and their backup systems.  They were the ones that first tipped me off to this story.  However, that’s not why I’m mentioning them.  Part of their service is to provide you with a FREE security assessment.  During my assessment they advised me to physically lock my server to my facility… which I had not done… yet.  However, they were right.  If your physical server is in someway “chained to your office” there is no easy way for bad guys to just walk out the door with it.
 
I consider that security assessment invaluable as I work to make my IT infrastructure as current and secure as possible.  The assessment allows me to focus on what I do best, which is care for my patients, while I know that DDS Rescue has provided the information necessary for our data to meet and exceed the requirements of HIPAA.
 
Accidents happen.  Severs crash, viruses replicate, ransomware gets installed (somehow), hackers get in through the firewall, there are plenty of ways for bad things to happen to your server and your data.  Using DDS Rescue is a solid way to prepare for the bad things that can happen to good people.

Tuesday, February 26, 2019

Sleep Apnea Patients Who Are Drowsy During the Day at Risk for Heart Woes

OSA 1.jpg
 
I’ve become very passionate about Obstructive Sleep Apnea and the terrible health related problem it can cause.  Probably some of that stems from the fact that I actually suffer from the disease.  The other reason is because as a practicing dentist it is within my scope of practice to diagnose and treat this debilitating disease.
 
As someone who suffers from OSA, I know just how unpleasant it can be.  After I discovered the problem and got treatment, I felt exponentially better.  That lead me to become a major advocate for treatment of OSA, whether from a dental treatment philosophy or a CPAP.
 
As a sufferer AND a practitioner, it also means I’m constantly scouring all of my sources for more info on how to better treat OSA as well as diseases or symptoms that are linked.  I recently came across the following from the Mayo Clinic.  The article does a great job of explaining lots of things about Obstructive Sleep Apnea and I credit the Mayo Staff for a really great job on this one!
 
If you are a dental professional and are interested in treating OSA and greatly helping your patients but do not know where to start, I highly recommend reaching out to SleepArchiTx.  The company provides a complete turnkey system that educates doctors on everything you need to know and helps you through the process.
 
 

Overview

Obstructive sleep apnea
 
Obstructive sleep apnea is a potentially serious sleep disorder. It causes breathing to repeatedly stop and start during sleep.

There are several types of sleep apnea, but the most common is obstructive sleep apnea. This type of apnea occurs when your throat muscles intermittently relax and block your airway during sleep. A noticeable sign of obstructive sleep apnea is snoring.

 
Treatments for obstructive sleep apnea are available. One treatment involves using a device that keep your airway open while you sleep. Another option is a mouthpiece to thrust your jaw forward during sleep. In more severe cases, surgery may be an option too.

 
Symptoms
Signs and symptoms of obstructive sleep apnea include:

  • Excessive daytime sleepiness
  • Loud snoring
  • Observed episodes of breathing cessation during sleep
  • Abrupt awakenings accompanied by gasping or choking
  • Awakening with a dry mouth or sore throat
  • Morning headache
  • Difficulty concentrating during the day
  • Experiencing mood changes, such as depression or irritability
  • High blood pressure
  • Nighttime sweating
  • Decreased libido
  • When to see a doctor

Consult a medical professional if you experience, or if your partner observes, the following:

  • Snoring loud enough to disturb your sleep or that of others
  • Waking up gasping or choking
  • Intermittent pauses in your breathing during sleep
  • Excessive daytime drowsiness, which may cause you to fall asleep while you're working, watching television or even driving a vehicle
  • Many people may not think of snoring as a sign of something potentially serious, and not everyone who snores has obstructive sleep apnea.

Be sure to talk to your doctor if you experience loud snoring, especially snoring that's punctuated by periods of silence. With obstructive sleep apnea, snoring usually is loudest when you sleep on your back, and it quiets when you turn on your side.

Ask your doctor about any sleep problem that leaves you chronically fatigued, sleepy and irritable. Excessive daytime drowsiness may be due to other disorders, such as narcolepsy.


Causes


Obstructive sleep apnea occurs when the muscles in the back of your throat relax too much to allow normal breathing. These muscles support structures including the soft palate, the uvula — a triangular piece of tissue hanging from the soft palate, the tonsils and the tongue.

When the muscles relax, your airway narrows or closes as you breathe in and breathing may be inadequate for 10 to 20 seconds. This may lower the level of oxygen in your blood and cause a buildup of carbon dioxide.

Your brain senses this impaired breathing and briefly rouses you from sleep so that you can reopen your airway. This awakening is usually so brief that you don't remember it.

You can awaken with a transient shortness of breath that corrects itself quickly, within one or two deep breaths. You may make a snorting, choking or gasping sound.

This pattern can repeat itself five to 30 times or more each hour, all night long. These disruptions impair your ability to reach the desired deep, restful phases of sleep, and you'll probably feel sleepy during your waking hours.

People with obstructive sleep apnea may not be aware that their sleep was interrupted. In fact, many people with this type of sleep apnea think they slept well all night.

Risk factors

Anyone can develop obstructive sleep apnea. However, certain factors put you at increased risk, including:

  • Excess weight. Around half the people with obstructive sleep apnea are overweight. Fat deposits around the upper airway may obstruct breathing.However, not everyone with obstructive sleep apnea is overweight and vice versa. Thin people can develop the disorder, too.
  • Narrowed airway. You may inherit naturally narrow airways. Or, your tonsils or adenoids may become enlarged, which can block your airway.
  • High blood pressure (hypertension). Obstructive sleep apnea is relatively common in people with hypertension.
  • Chronic nasal congestion. Obstructive sleep apnea occurs twice as often in those who have consistent nasal congestion at night, regardless of the cause. This may be due to narrowed airways.
  • Smoking. People who smoke are more likely to have obstructive sleep apnea.
  • Diabetes. Obstructive sleep apnea may be more common in people with diabetes.
  • Sex. In general, men are twice as likely as women to have obstructive sleep apnea.
  • A family history of sleep apnea. If you have family members with obstructive sleep apnea, you may be at increased risk.
  • Asthma. Recent research has found an association between asthma and the risk of obstructive sleep apnea.

Complications
Obstructive sleep apnea is considered a serious medical condition. Complications may include:

  • Daytime fatigue and sleepiness. The repeated awakenings associated with obstructive sleep apnea make normal, restorative sleep impossible. People with obstructive sleep apnea often experience severe daytime drowsiness, fatigue and irritability. They may have difficulty concentrating and find themselves falling asleep at work, while watching TV or even when driving.
  • Children and young people with obstructive sleep apnea may do poorly in school and commonly have attention or behavior problems.
  • Cardiovascular problems. Sudden drops in blood oxygen levels that occur during obstructive sleep apnea increase blood pressure and strain the cardiovascular system. Many people with obstructive sleep apnea develop high blood pressure (hypertension), which can increase the risk of heart disease.
  • The more severe the obstructive sleep apnea, the greater the risk of coronary artery disease, heart attack, heart failure and stroke. Men with obstructive sleep apnea appear to be at risk of heart failure, while women with obstructive sleep apnea don't.
  • Obstructive sleep apnea increases the risk of abnormal heart rhythms (arrhythmias). These abnormal rhythms can lower blood oxygen levels. If there's underlying heart disease, these repeated multiple episodes of low blood oxygen could lead to sudden death from a cardiac event.
  • Complications with medications and surgery. Obstructive sleep apnea also is a concern with certain medications and general anesthesia. These medications, such as sedatives, narcotic analgesics and general anesthetics, relax your upper airway and may worsen your obstructive sleep apnea.
  • If you have obstructive sleep apnea, you may experience worse breathing problems after major surgery, especially after being sedated and lying on your back. People with obstructive sleep apnea may be more prone to complications after surgery.
  • Before you have surgery, tell your doctor if you have obstructive sleep apnea or symptoms related to obstructive sleep apnea. If you have obstructive sleep apnea symptoms, your doctor may test you for obstructive sleep apnea prior to surgery.
  • Eye problems. Some research has found a connection between obstructive sleep apnea and certain eye conditions, such as glaucoma. Eye complications can usually be treated.
  • Sleep-deprived partners. Loud snoring can keep those around you from getting good rest and eventually disrupt your relationships. Some partners may even choose to sleep in another room. Many bed partners of people who snore are sleep deprived as well.
  • People with obstructive sleep apnea may also complain of memory problems, morning headaches, mood swings or feelings of depression, and a need to urinate frequently at night (nocturia).

 

 

Monday, February 25, 2019

Dental Products Report Adds Noah Levine as Editorial Director

DPR Logo.jpg
 

With the recent change in ownership of Dental Products Report, a change has been announced.  Noah Levine has joined the DPR family as Editorial Director.  Noah and I have worked together at DPR previously.  He left and worked for another publication, but like the Hotel California “you can check out but you can never leave”.  I was thrilled to have breakfast with Noah on Thursday February 21st where we reminisced about the past and planned for the future.

Noah is a real trooper and I’m excited to have him back in the fold.  Look for great things as DPR begins to take a new shape under new leadership.

 

Here is the info from the Business Wire press release:

Dental Products Report (DPR), a leading resource focused on providing dental professionals with current and insightful information they need to provide the best patient care, has appointed Noah Levine as its editorial director, announced Tom Ehardt, president of MultiMedia Healthcare LLC.

“We look forward to having Noah join the Dental Products Report team”

In this role, Levine will lead the editorial team in their mission to provide dental professionals with presentation of techniques, as well as innovative concepts, insights and discoveries in dental technology. Levine will ensure that DPR continues to help dentists future-proof their practices and deliver the best patient care possible by delivering quality editorial content.

“With innovative treatments, technologies, and materials changing the ways dental professionals care for and interact with their patients, it’s an exciting time in dentistry. I’m equally excited to be heading up DPR editorial team as we help the dental community understand the techniques, products, and services ready to help them achieve new levels of patient care and practice success,” Levine added.

Levine has more than 10 years of experience in the dental industry. From 2008 to 2012, he worked with DPR as a senior editor and managing editor. After that, he served as an editor and then publisher of Dentalcompare.

For more information on DPR, click here.

About Dental Products Report

Dental Products Report aims to provide dentists with comprehensive, accurate and unbiased information across the spectrum of specialties. In consultation with forward-looking clinicians and manufacturers, DPR supports dentists as they apply new products and technologies to patient care. DPR provides readers with quality editorial content such as peer reviews, technique guides and articles on the latest advances in equipment, materials, supplies and services in the dental industry. Dental Products Report is part of MultiMedia Healthcare LLC.

Thursday, February 21, 2019

Healthcare Takes Around 350 Days to Identify, Contain Data Breach

biohazardwarning.jpg
 
As someone who works in the healthcare industry (in a few roles) I tend to expect a lot from my peers and the companies I really on.  Needless to say I was disappointed when I read that my industry was the second slowest in Identifying and Containing Data Breaches, behind only the entertainment industry.
 
From a personal standpoint, I find that embarrassing and, quite honestly, sad.  However, this may be at least party due to the fact that the costs associated with healthcare related breaches are among the highest in IT circles.  The cost of a data breach in healthcare, according to IBM and the Ponemon Institute, is a jarring $408 per record, which is the highest of any industry for the 8th straight year and three times higher than the cross-industry average of $148 per record.
 
I’d speculate that much of that is due to the sheer amount of data that is contained in a healthcare record.  It’s not just a credit card number and perhaps an address.  They contain almost all of the data necessary to pull off a clean and easy identity theft. That’s one of the biggest reasons the federal government is so concerned on data security in the healthcare field.
 
I feel the other factor is the how well the data is guarded and the level of those protecting it.  In large institutions such as hospitals, there is a highly trained and supported IT department, but in a private practice situation such as mine, we rely on small IT Security contractors who are not onsite and are not watching the security profile at all times.  Without divulging any info that might compromise my situation, I feel that I am as well protected as possible for a small office, but I do not have a team of dedicated professionals who are onsite and watching my traffic 24/7 and 365.25.
 
I found a terrific article by Fred Donovan that does a great job of detailing this entire situation and the risks involved.  I feel that anyone  in a small healthcare setting should give this a read.
 

The healthcare industry had the second highest number of days to identify and contain a data breach, around 350 days, according to a recent study by The Ponemon Institute and IBM.

The healthcare industry was second only to the entertainment industry, which took 367 days. Financial services had the fewest number of days to identify and contain a data breach, 217 days.

Financial services had the highest frequency of data breaches, followed by services, and industrial and manufacturing. Healthcare was well down the list of industries in terms of frequency of data breaches

The study also found organizations that use proactive data recovery planning decreased the cost and frequency of data breaches by more than 30 percent.

The study found that the longer it takes to identify, contain, and recover from a data breach, the more it consumes significant time, money, and resources.

On average, companies that have business continuity management (BCM) programs saved 44 days in the identification of a data breach, 38 days in the containment of a data breach, and 31 days in recovery from a data breach.

In addition, organizations with BCM programs had a $9.3 reduction in per capita cost of data breach, 6.5 percent reduction in the per capita cost of data breach, and a 32 percent decrease in the likelihood of a data breach over the next 2 years.

Sixty percent of the study participants who have a disaster recovery program currently use automation and/or orchestration. These organizations have been able to reduce the mean time to identify, contain and recover from a data breach by more than 30 percent; reduce the average daily cost of a data breach by more than half; reduce the chance of disruption to material business operations by more than 20 percent, and reduce the likelihood of a data breach recurring by more than 30 percent.

“Our research over the last few years continues to confirm that the proactive steps business leaders and organizations are taking to protect and recover critical data are working,” said Ponemon Institute Chairman and Founder Larry Ponemon. “These actions can improve the bottom line, make businesses more efficient, and give customers more confidence to entrust the enterprise with their data.”

This study is a follow up to the Cost of a Data Breach study that Ponemon and IBM released earlier this year. That study found that healthcare data breach costs average $408 per record, the highest of any industry for the eighth straight year and three times higher than the cross-industry average of $148 per record. Last year, the average cost of $380 per record for a healthcare data breach.

The average cost of a data breach across industries and countries is $3.86 million, a 6.4 percent increase from 2017 and a nearly 10 percent net increase over the past five years.

The IBM-Ponemon study compared the cost of data breaches in different industries and regions. It found that data breaches are the costliest in the United States and the Middle East, and least costly in Brazil and India. 

One factor affecting data breach cost in the United States was the cost of lost business, which was $4.2 million, more than double the amount of “lost business costs” compared to any other region surveyed.

The study found that hidden costs in data breaches are difficult and expensive to manage. Based on interviews with nearly 500 companies that experienced a data breach, the study analyzed hundreds of cost factors surrounding a breach, from technical investigations and recovery, to notifications, legal and regulatory activities, and cost of lost business and reputation.

For mega breaches, the biggest expense category was costs associated with lost business, which the report estimated at nearly $118 million for breaches of 50 million records, almost a third of the total cost of a breach this size.

 

If you would like to view the article in its native form, here is the link.  

 

Wednesday, February 20, 2019

Office of Inspector General Finds Security Risks in National Institute of Health Data Sharing Processes & Controls

OIG HHS.png
 
Opportunities Exist for the National Institutes of Health To Strengthen Controls in Place To Permit 
 
It seems that even the National Institute of Health could use some security training…   A recent report from the Office of the Inspector General has states:
We recommend that NIH work with an organization with expertise and knowledge in scientific data misuse. NIH could strengthen its controls by developing a security framework, conducting a risk assessment, and implementing additional appropriate security controls designed to safeguard sensitive data.
 
However, NIH disagreed with the overall assessment from the OIC.  Here is the report overview:
 

As part of the Department of Health and Human Services (HHS), the National Institutes of Health (NIH) is the largest public funder of biomedical research agency in the world, investing more than $30 billion in taxpayer dollars to achieve its mission. NIH's mission is to seek fundamental knowledge about the nature and behavior of living systems and the application of that knowledge to enhance health, lengthen life, and reduce illness and disability. OIG has identified risks related to the sharing of sensitive data.

Our objective was to assess whether NIH had adequate controls in place when permitting and monitoring access to NIH sensitive data.

We reviewed NIH's internal controls for monitoring and permitting access to sensitive data. To accomplish our objective, we used appropriate procedures from applicable Federal regulations and guidance. We reviewed NIH policies, procedures, and supporting documentation, and we interviewed NIH staff.

NIH should improve its controls when permitting access to sensitive NIH data. We provided a detailed restricted report to NIH, and we shared with NIH information about our preliminary findings before issuing our draft report to ensure that NIH could take prompt corrective actions.

We recommend that NIH work with an organization with expertise and knowledge in scientific data misuse. NIH could strengthen its controls by developing a security framework, conducting a risk assessment, and implementing additional appropriate security controls designed to safeguard sensitive data. We also recommend that NIH develop and implement mechanisms to ensure data security policies keep current with emerging threats. Lastly, we recommend that NIH make security awareness training and security plans a requirement.

NIH did not concur with our recommendations to develop a security framework, conduct a risk assessment, and implement additional controls for sensitive data. NIH concurred with our recommendations to ensure security policies keep current with emerging threats and to make training and security plans a requirement; however, NIH did not agree to the addition of controls to ensure training and security plan requirements have been fulfilled. NIH also stated that it recently established a working group to address and mitigate risk to intellectual property as well as to protect the integrity of the peer-review process.

We maintain that our findings and recommendations are valid. We recognize that NIH reported that it is already taking certain actions, such as the working group that was recently established, that may address our recommendations. We also provided NIH with other potential actions to address our findings and recommendations. If NIH determines that it does not need to strengthen its controls, it should document that determination consistent with applicable Federal regulations and guidance.

 

The official report available in a pdf file can be read or downloaded at this link.  

Tuesday, February 19, 2019

Centers for Disease Control - Use of Toothpaste and Toothbrushing Patterns Among Children and Adolescents — United States, 2013–2016

CDC-Logo.jpg
 
Fluoride can be a truly amazing thing for dental health.  When dosed properly and done so in accordance with the known and proven science, fluoride can save millions from the ravages of tooth decay.
 
However, it is important to use any medicament properly for it to provide the proper benefits.  To that end, the CDC recently published in the “Morbidity and Mortality Weekly Report” information on the proper use of fluoride and fluoride containing toothpastes.  Like any medication or actually *anything* that can be ingested by the human body, too much of a good thing can lead to serious problems.
 
This post is in no way to be construed to mean that fluoride is harmful.  Used properly, fluoride is one of the best things for optimal oral health.
 
The CDC cautions that instructions be followed to provide the best possible benefits from fluoride.
 
Here is the recently published article, but if you would like to view it on the CDC website, follow this link to read it.  
 

Fluoride use is one of the main factors responsible for the decline in prevalence and severity of dental caries and cavities (tooth decay) in the United States (1). Brushing children’s teeth is recommended when the first tooth erupts, as early as 6 months, and the first dental visit should occur no later than age 1 year (2–4). However, ingestion of too much fluoride while teeth are developing can result in visibly detectable changes in enamel structure such as discoloration and pitting (dental fluorosis) (1). Therefore, CDC recommends that children begin using fluoride toothpaste at age 2 years. Children aged <3 years should use a smear the size of a rice grain, and children aged >3 years should use no more than a pea-sized amount (0.25 g) until age 6 years, by which time the swallowing reflex has developed sufficiently to prevent inadvertent ingestion. Questions on toothbrushing practices and toothpaste use among children and adolescents were included in the questionnaire component of the National Health and Nutrition Examination Survey (NHANES) for the first time beginning in the 2013–2014 cycle. This study estimates patterns of toothbrushing and toothpaste use among children and adolescents by analyzing parents’ or caregivers’ responses to questions about when the child started to brush teeth, age the child started to use toothpaste, frequency of toothbrushing each day, and amount of toothpaste currently used or used at time of survey. Analysis of 2013–2016 data found that >38% of children aged 3–6 years used more toothpaste than that recommended by CDC and other professional organizations. In addition, nearly 80% of children aged 3–15 years started brushing later than recommended. Parents and caregivers can play a role in ensuring that children are brushing often enough and using the recommended amount of toothpaste.

NHANES is a multistage probability sample of the noninstitutionalized U.S. population; data are obtained from assessments made using interview questionnaires and clinical examinations (5). This analysis was limited to children and adolescents aged 3–15 years whose parent or caregiver completed the following open-ended questions: “At what age did study participant (SP) start brushing (his/her) teeth?” and “At what age did (SP) start using toothpaste?” The responses were coded into the following four categories: <1 year, 1 year, 2 years, and ≥3 years. Response to the question “How many times (do you/does SP) brush (his/her) teeth in one day?” was recoded into the following three categories: 1 time, 2 times, and 3–6 times. To estimate the amount of toothpaste used, parents were asked, “On average, how much toothpaste (do you/does SP) use when brushing (his/her) teeth?” Responses, based on the amount of toothpaste on the toothbrush, were categorized as smear, pea size, half load, and full load. All analyses were performed using statistical software that accounted for the complex sample design of NHANES. All estimates were obtained using the interview sample weights. Chi-squared tests were used to assess the association between toothbrushing and toothpaste use behaviors and sociodemographic characteristics, and a p-value <0.05 was considered to be statistically significant (5).

A total of 5,157 children and adolescents aged 3–15 years were included in this analysis (Table 1). Approximately half (51%) were non-Hispanic white (white), 14.4% were non-Hispanic black (black), and 15.9% were Mexican-American. More than half (52.8%) were from households earning ≥200% of the federal poverty level, and more than two thirds (69.1%) of heads of households had completed more than a high school education. Overall, 20.1%, 38.8%, 26.6%, and 14.5% of children and adolescents were reported to have started brushing their teeth at age <1 year, 1 year, 2 years, and ≥3 years, respectively (Table 2). Approximately 60% of white and black children were reported to have started toothbrushing at age ≤1 year, including 22.9% and 18.6%, respectively, at age <1 year, and 40.8% and 40.0%, respectively, at age 1 year. Among Mexican-American children, nearly half (49.3%) were reported to have started toothbrushing at age ≤1 year, including 15.4% at age <1 year and 33.9% at age 1 year. More than one fifth (22.6%) of Mexican-American children were reported to have initiated toothbrushing at age ≥3 years, compared with 11.4% of white children and 13.9% of black children. Among children living with a head of household with less than a high school education, 44.5% were reported to start tooth-brushing at age ≤1 year compared with 63.2% of those living with a head of household with higher than a high school education. Overall, 60.5% of children aged 3–15 years were reported to brush their teeth twice a day.

Initiation of toothpaste use at age <1 year, 1 year, 2 years, and ≥3 years was reported for 9.0%, 35.2%, 32.7%, and 23.1% of children, respectively. Overall, 8.9%, 10.8%, and 7.7% of white, black, and Mexican-American children, respectively, were reported to have started to use toothpaste at age <1 year, whereas 21.4%, 17.3%, and 31.2% of white, black, and Mexican-American children, respectively, were reported to have started at age ≥3 years. Among children living with a head of household with less than a high school education, nearly 6% were reported to have commenced using toothpaste at age <1 year, compared with 10.6% whose head of household had a high school diploma and 9.3% whose head of household had more than high school education (Table 3).

Approximately 60% of children and adolescents aged 3–15 years reported using a half load (28.7%) or full load (31.4%) of toothpaste when brushing. Among children aged 3–6 years, the reported amount of toothpaste varied: 12.4% used a smear, 49.2% used a pea-sized amount, 20.6% used a half load, and 17.8% used a full load (Table 3).
 
Discussion
CDC recommends that all persons drink optimally fluoridated water (0.7 mg/L) and if aged ≥2 years, brush their teeth twice daily with a fluoride toothpaste to reduce the risk for dental caries (1). CDC also advises parents to consult with their child’s dentist or physician before introducing fluoride toothpaste to children aged <2 years (6). The American Academy of Pediatrics (AAP), American Academy of Pediatric Dentistry (AAPD), and American Dental Association (ADA) recommend fluoride toothpaste for all children and limit the amount of toothpaste used by children aged <3 years to a “smear” the size of a grain of rice (2–4). In this study, >38% of children aged 3–6 years reportedly used a half or full load of toothpaste, exceeding current recommendation for no more than a pea-sized amount (0.25 g) and potentially exceeding recommended daily fluoride ingestion (1,6). In addition, some children, particularly Mexican-Americans, were reported to have started brushing their teeth and using toothpaste at age ≥3 years, which is later than is recommended. Similarly, some children living in a low-income household or one in which the head of household had less than a high school education were reported to start toothbrushing at age ≥3 years. Recommendations aim to balance the benefits of fluoride exposure for prevention of dental caries with the potential risk for fluorosis when excessive amounts of fluoride toothpaste are swallowed by young children. The findings from this study highlight the importance of recommendations that parents supervise young children during brushing and monitor fluoride ingestion (7–10).

Recently, CDC and AAP have begun collaborative work to develop messages targeted at pregnant women and new mothers regarding recommended toothbrushing practices. CDC, AAP, AAPD, and ADA recommend that children aged 3–6 years brush their teeth twice daily using a pea-sized amount of fluoride toothpaste. Supervision is emphasized as a critical role for the parent or caregiver as the child first begins using a toothbrush and toothpaste.

The findings in this report are subject to at least three limitations. First, the measures used are based on parents’ self-report, so reporting bias is possible. Second, the question about the amount of toothpaste used focuses on the amount currently used and therefore might overestimate the amount that was used at younger ages. Finally, the type of toothpaste (fluoride versus nonfluoride) was not specified. Use of these self-report questions is part of the CDC Division of Oral Health’s surveillance plan to improve and monitor fluoride exposure. For future surveillance efforts, it would be ideal to know the amount of toothpaste used when the child first started to use toothpaste and to ensure that the parent or caregiver understands the distinction between the amounts of toothpaste recommended for children and adolescents by using visual aids.

The findings suggest that children and adolescents are engaging in appropriate daily preventive dental health practices; however, implementation of recommendations is not optimal. Careful supervision of fluoride intake improves the preventive benefit of fluoride, while reducing the chance that young children might ingest too much fluoride during critical times of enamel formation of the secondary teeth. Health care professionals and their organizations have an opportunity to educate parents and caregivers about recommended toothbrushing practices to ensure that children are getting the maximum preventive effect by using the recommended amount of fluoride toothpaste under parental supervision.
 Top
Corresponding author: Gina Thornton-Evans, gdt4@cdc.gov, 770-488-5503.

 

Monday, February 18, 2019

New Sonic Toothbrush Evaluation - Brüush is a Definite Winner

Bruush.jpg
 
The past few days I’ve been experimenting with a new sonic toothbrush.  This new device, affectionately named Brüush (note the umlaut) has been in my hands for enough time for a clinical evaluation and I’ve got to tell you that I am impressed with it.  Check out the website here.  
 
In fact, one might say that I have a crüush on the Brüush (sorry, now that I’ve got an excuse to use an umlaut, it’s hard to control myself).  But seriously, let me tell you why I think this brush bears serious consideration by consumers.
 
It features the following:
  • Sonic technology with over 30,000 vibrations per minute
  • Rechargeable battery that lasts up to 4 weeks
  • Multiple cleaning modes
  • Subscription brush head delivery
  • 90-day risk free trial
 
There are a lot of things to like here.
 
First is the sonic energy that the device uses.  Currently in the powered toothbrush world there are 2 types of devices.  The first is the oscillator type where the brush head is round and the brush oscillates in a partial turn clockwise then a partial turn counterclockwise motion.  This “back and forth” motion of the bristles causes them to function in a manner very similar to a manual toothbrush.  The brush is actually gear driven and is pretty hard to stop.
 
The second type is the sonic type.  These devices (of which Brüush is one) use a reversing polarity to cause the brush head and bristles to vibrate.  This vibration causes the bristles to move in a wave type motion several times a second and it is this motion that cleans the teeth.  Unlike the oscillating model, too much pressure on the sonic type causes the bristles to decrease or stop their vibration, thus lessening the chances of abrasion from the bristels.  The sonic energy provides a smooth efficient cleaning motion.
 
If you are curious how these brushes look in slow motion, here is a video:
 
 
 
As a personal preference, I happen to prefer sonic toothbrushes.  I feel they are easy to use due to their shape and are less damaging to delicate oral tissues.
 
Brüush features sonic energy of 30,000 vibrations per minute as well as a 4 week per charge battery.  The device feels incredibly good in the hand, which is something that is hard to describe here, but definitely should not be discounted by consumers.  It has a nice size handle & fits well into my palm.  Some brushes have a slick finish that makes them easy to drop, but Brüush in comfortable and not slick.
 
The device also has the best brush head attachment (and brush head in total) of any sonic toothbrush I have tried.  They “click” onto the handle and are very sturdy which makes them incredibly easy to use.  The power button is flush with the handle which prevents accidentally changing modes mid-brushing.
 
The device is also *very* affordable.  A great brush doesn’t do anyone any good if it is too expensive to own.  The kit comes with 3 brush heads, the handle, charger, and travel case all for $69 and free shipping.  I feel the value here is incredible.
 
The company sells brush heads on a subscription model where every 6 months you are shipped 3 new brush heads for $18 (making the price of each brush head an amazing $6!)  There is no need to keep using a frazzled and poorly functioning brush head when you can swap them out economically every 2 months.
 
One other thing that sets this company apart is its social mission.  The company has partnered with “A Reason To Smile” (ARTS) and donates a toothbrush, toothpaste, and fluoride treatment to a person in need for every brush head refill they sell.  That means using  Brüush isn’t only good for your teeth, it is also good for the teeth of someone who desperately needs your help!
 
I’m very impressed with both the product and the social conscience of this company.  While Brüush isn’t a company you’ve heard of now, I feel it will be a company you’ll know about in the future.  A great product combined with concern for their fellow man gets Brüush my highest recommendation.  Trust me when I say, you need to check these brushes out!!!

Thursday, February 14, 2019

HHS Proposes New Rules to Improve the Interoperability of Electronic Health Information

HHS-logo-1024x930.gif
 
Here is some really interesting information from the Department of Health and Human Services.  I remember back in 2006, during the George Bush 43 presidency, the word came down through HHS that the federal government was concerned about the amount of GNP that was predicted to be dedicated to the healthcare sector.  If memory serves me correctly, they were concerned that by 2020 healthcare would consume over 20% of US GNP.
 
To help control costs, the federal government was moving healthcare toward greater efficiency through the use of the EMR (Electronic Medical Record).  For those in healthcare that are digital, we can attest to how efficient these systems are.  However, interconnectedness of these systems has not always been smooth.  Now the Department of Health and Human Services is proposing new rules to help with the interoperability of these software programs and databases.
 
Here is the announcement directly from the HHS website:
 

New innovations in technology promote patient access and could make no-cost health data exchange a reality for millions
The U.S. Department of Health and Human Services (HHS) today proposed new rules to support seamless and secure access, exchange, and use of electronic health information. The rules, issued by the Centers for Medicare & Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC), would increase choice and competition while fostering innovation that promotes patient access to and control over their health information. The proposed ONC rule would require that patient electronic access to this electronic health information (EHI) be made available at no cost.

“These proposed rules strive to bring the nation’s healthcare system one step closer to a point where patients and clinicians have the access they need to all of a patient’s health information, helping them in making better choices about care and treatment,” said HHS Secretary Alex Azar. “By outlining specific requirements about electronic health information, we will be able to help patients, their caregivers, and providers securely access and share health information. These steps forward for health IT are essential to building a healthcare system that pays for value rather than procedures, especially through empowering patients as consumers.”

CMS’ proposed changes to the healthcare delivery system support the MyHealthEData initiative and would increase the seamless flow of health information, reduce burden on patients and providers, and foster innovation by unleashing data for researchers and innovators. In 2018, CMS finalized regulations that use potential payment reductions for hospitals and clinicians to encourage providers to improve patient access to their electronic health information. For the first time, CMS is now proposing requirements that Medicaid, the Children’s Health Insurance Program, Medicare Advantage plans and Qualified Health Plans in the Federally-facilitated Exchanges must provide enrollees with immediate electronic access to medical claims and other health information electronically by 2020.

In support of patient-centered healthcare, CMS would also require these health care providers and plans to implement open data sharing technologies to support transitions of care as patients move between these plan types. By ensuring patients have easy access to their information, and that information follows them on their healthcare journey, we can reduce burden, and eliminate redundant procedures and testing thus giving clinicians the time to focus on improving care coordination and, ultimately, health outcomes.

“Today’s announcement builds on CMS’ efforts to create a more interoperable healthcare system, which improves patient access, seamless data exchange, and enhanced care coordination,” said CMS Administrator Seema Verma.  “By requiring health insurers to share their information in an accessible, format by 2020, 125 million patients will have access to their health claims information electronically. This unprecedented step toward a healthcare future where patients are able to obtain and share their health data, securely and privately, with just a few clicks, is just the beginning of a digital data revolution that truly empowers American patients.”

The CMS rule also proposes to publicly report providers or hospitals that participate in “information blocking,” practices that unreasonably limit the availability, disclosure, and use of electronic health information undermine efforts to improve interoperability.  Making this information publicly available may incentivize providers and clinicians to refrain from such practices.

ONC’s proposed rule promotes secure and more immediate access to health information for patients and their healthcare providers and new tools allowing for more choice in care and treatment. Specifically, the proposed rule calls on the healthcare industry to adopt standardized application programming interfaces (APIs), which will help allow individuals to securely and easily access structured and unstructured EHI formats using smartphones and other mobile devices. It also implements the information blocking provisions of the 21st Century Cures Act, including identifying reasonable and necessary activities that do not constitute information blocking. The proposed rule helps ensure that patients can electronically access their electronic health information at no cost. The proposed rule also asks for comments on pricing information that could be included as part of their EHI and would help the public see the prices they are paying for their healthcare.

“By supporting secure access of electronic health information and strongly discouraging information blocking, the proposed rule supports the bi-partisan 21st Century Cures Act. The rule would support patients accessing and sharing their electronic health information, while giving them the tools to shop for and coordinate their own health care,” said Don Rucker, M.D., National Coordinator for Health IT. “We encourage everyone – patients, patient advocates, healthcare providers, health IT developers, health information networks, application innovators, and anyone else interested in the interoperability and transparency of health information – to share their comments on the proposed rule we posted today.”

Policies in the proposed CMS and ONC rules align to advance interoperability in several important ways. CMS proposes that entities must conform to the same advanced API standards as those proposed for certified health IT in the ONC proposed rule, as well as including an aligned set of content and vocabulary standards for clinical data classes through the United States Core Data for Interoperability standard (USCDI). Together, these proposed rules address both technical and healthcare industry factors that create barriers to the interoperability of health information and limit a patient’s ability to access essential health information. Aligning these requirements for payers, health care providers, and health IT developers will help to drive an interoperable health IT infrastructure across systems, ensuring providers and patients have access to health data when and where it is needed.

For a fact sheet on the CMS proposed rule (CMS-9115-P), please visit: https://www.cms.gov/newsroom/fact-sheets/cms-advances-interoperability-patient-access-health-data-through-new-proposals

For fact sheets on the ONC proposed rule, please visit: https://healthit.gov/nprm

To receive more information about CMS’s interoperability efforts, sign-up for listserv notifications, here: https://public.govdelivery.com/accounts/USCMS/subscriber/new?topic_id=USCMS_12443

To view the CMS proposed rule (CMS-9115-P), please visit: https://www.cms.gov/Center/Special-Topic/Interoperability-Center.html

Wednesday, February 13, 2019

CDC Claims Children in US are Using Too Much Toothpaste

CDC-Logo.jpg
 
A recent report from the Center For Disease Control states that nearly 40% of kids aged three to six are using more toothpaste than dental professionals recommend.
 
This information was released in CDC’s weekly Morbidity and Mortality Weekly Report (MMWR).
 
Here is the CDC information direct from the CDC website:
 

Fluoride use is one of the main factors responsible for the decline in prevalence and severity of dental caries and cavities (tooth decay) in the United States (1). Brushing children’s teeth is recommended when the first tooth erupts, as early as 6 months, and the first dental visit should occur no later than age 1 year (2–4). However, ingestion of too much fluoride while teeth are developing can result in visibly detectable changes in enamel structure such as discoloration and pitting (dental fluorosis) (1). Therefore, CDC recommends that children begin using fluoride toothpaste at age 2 years. Children aged <3 years should use a smear the size of a rice grain, and children aged >3 years should use no more than a pea-sized amount (0.25 g) until age 6 years, by which time the swallowing reflex has developed sufficiently to prevent inadvertent ingestion. Questions on toothbrushing practices and toothpaste use among children and adolescents were included in the questionnaire component of the National Health and Nutrition Examination Survey (NHANES) for the first time beginning in the 2013–2014 cycle. This study estimates patterns of toothbrushing and toothpaste use among children and adolescents by analyzing parents’ or caregivers’ responses to questions about when the child started to brush teeth, age the child started to use toothpaste, frequency of toothbrushing each day, and amount of toothpaste currently used or used at time of survey. Analysis of 2013–2016 data found that >38% of children aged 3–6 years used more toothpaste than that recommended by CDC and other professional organizations. In addition, nearly 80% of children aged 3–15 years started brushing later than recommended. Parents and caregivers can play a role in ensuring that children are brushing often enough and using the recommended amount of toothpaste.

NHANES is a multistage probability sample of the noninstitutionalized U.S. population; data are obtained from assessments made using interview questionnaires and clinical examinations (5). This analysis was limited to children and adolescents aged 3–15 years whose parent or caregiver completed the following open-ended questions: “At what age did study participant (SP) start brushing (his/her) teeth?” and “At what age did (SP) start using toothpaste?” The responses were coded into the following four categories: <1 year, 1 year, 2 years, and ≥3 years. Response to the question “How many times (do you/does SP) brush (his/her) teeth in one day?” was recoded into the following three categories: 1 time, 2 times, and 3–6 times. To estimate the amount of toothpaste used, parents were asked, “On average, how much toothpaste (do you/does SP) use when brushing (his/her) teeth?” Responses, based on the amount of toothpaste on the toothbrush, were categorized as smear, pea size, half load, and full load. All analyses were performed using statistical software that accounted for the complex sample design of NHANES. All estimates were obtained using the interview sample weights. Chi-squared tests were used to assess the association between toothbrushing and toothpaste use behaviors and sociodemographic characteristics, and a p-value <0.05 was considered to be statistically significant (5).

A total of 5,157 children and adolescents aged 3–15 years were included in this analysis (Table 1). Approximately half (51%) were non-Hispanic white (white), 14.4% were non-Hispanic black (black), and 15.9% were Mexican-American. More than half (52.8%) were from households earning ≥200% of the federal poverty level, and more than two thirds (69.1%) of heads of households had completed more than a high school education. Overall, 20.1%, 38.8%, 26.6%, and 14.5% of children and adolescents were reported to have started brushing their teeth at age <1 year, 1 year, 2 years, and ≥3 years, respectively (Table 2). Approximately 60% of white and black children were reported to have started toothbrushing at age ≤1 year, including 22.9% and 18.6%, respectively, at age <1 year, and 40.8% and 40.0%, respectively, at age 1 year. Among Mexican-American children, nearly half (49.3%) were reported to have started toothbrushing at age ≤1 year, including 15.4% at age <1 year and 33.9% at age 1 year. More than one fifth (22.6%) of Mexican-American children were reported to have initiated toothbrushing at age ≥3 years, compared with 11.4% of white children and 13.9% of black children. Among children living with a head of household with less than a high school education, 44.5% were reported to start tooth-brushing at age ≤1 year compared with 63.2% of those living with a head of household with higher than a high school education. Overall, 60.5% of children aged 3–15 years were reported to brush their teeth twice a day.

Initiation of toothpaste use at age <1 year, 1 year, 2 years, and ≥3 years was reported for 9.0%, 35.2%, 32.7%, and 23.1% of children, respectively. Overall, 8.9%, 10.8%, and 7.7% of white, black, and Mexican-American children, respectively, were reported to have started to use toothpaste at age <1 year, whereas 21.4%, 17.3%, and 31.2% of white, black, and Mexican-American children, respectively, were reported to have started at age ≥3 years. Among children living with a head of household with less than a high school education, nearly 6% were reported to have commenced using toothpaste at age <1 year, compared with 10.6% whose head of household had a high school diploma and 9.3% whose head of household had more than high school education (Table 3).

Approximately 60% of children and adolescents aged 3–15 years reported using a half load (28.7%) or full load (31.4%) of toothpaste when brushing. Among children aged 3–6 years, the reported amount of toothpaste varied: 12.4% used a smear, 49.2% used a pea-sized amount, 20.6% used a half load, and 17.8% used a full load (Table 3).
 
Discussion
CDC recommends that all persons drink optimally fluoridated water (0.7 mg/L) and if aged ≥2 years, brush their teeth twice daily with a fluoride toothpaste to reduce the risk for dental caries (1). CDC also advises parents to consult with their child’s dentist or physician before introducing fluoride toothpaste to children aged <2 years (6). The American Academy of Pediatrics (AAP), American Academy of Pediatric Dentistry (AAPD), and American Dental Association (ADA) recommend fluoride toothpaste for all children and limit the amount of toothpaste used by children aged <3 years to a “smear” the size of a grain of rice (2–4). In this study, >38% of children aged 3–6 years reportedly used a half or full load of toothpaste, exceeding current recommendation for no more than a pea-sized amount (0.25 g) and potentially exceeding recommended daily fluoride ingestion (1,6). In addition, some children, particularly Mexican-Americans, were reported to have started brushing their teeth and using toothpaste at age ≥3 years, which is later than is recommended. Similarly, some children living in a low-income household or one in which the head of household had less than a high school education were reported to start toothbrushing at age ≥3 years. Recommendations aim to balance the benefits of fluoride exposure for prevention of dental caries with the potential risk for fluorosis when excessive amounts of fluoride toothpaste are swallowed by young children. The findings from this study highlight the importance of recommendations that parents supervise young children during brushing and monitor fluoride ingestion (7–10).

Recently, CDC and AAP have begun collaborative work to develop messages targeted at pregnant women and new mothers regarding recommended toothbrushing practices. CDC, AAP, AAPD, and ADA recommend that children aged 3–6 years brush their teeth twice daily using a pea-sized amount of fluoride toothpaste. Supervision is emphasized as a critical role for the parent or caregiver as the child first begins using a toothbrush and toothpaste.

The findings in this report are subject to at least three limitations. First, the measures used are based on parents’ self-report, so reporting bias is possible. Second, the question about the amount of toothpaste used focuses on the amount currently used and therefore might overestimate the amount that was used at younger ages. Finally, the type of toothpaste (fluoride versus nonfluoride) was not specified. Use of these self-report questions is part of the CDC Division of Oral Health’s surveillance plan to improve and monitor fluoride exposure. For future surveillance efforts, it would be ideal to know the amount of toothpaste used when the child first started to use toothpaste and to ensure that the parent or caregiver understands the distinction between the amounts of toothpaste recommended for children and adolescents by using visual aids.

The findings suggest that children and adolescents are engaging in appropriate daily preventive dental health practices; however, implementation of recommendations is not optimal. Careful supervision of fluoride intake improves the preventive benefit of fluoride, while reducing the chance that young children might ingest too much fluoride during critical times of enamel formation of the secondary teeth. Health care professionals and their organizations have an opportunity to educate parents and caregivers about recommended toothbrushing practices to ensure that children are getting the maximum preventive effect by using the recommended amount of fluoride toothpaste under parental supervision.
 
Corresponding author: Gina Thornton-Evans, gdt4@cdc.gov, 770-488-5503.

Tuesday, February 12, 2019

What Happens on Your iPhone Stays on Your iPhone... Sort Of

What happens....jpg
 
With the recent discovery of a few apps in the Apple Store that were sending your data out to remote servers, Apple has become more than a little concerned about the privacy of its users.  For years Apple has made a point of letting users know they support privacy and have been pretty staunch defenders of that.  They have refused to yield to the FBI demands to unlock phones and other powers that be have tried to force them to build in backdoors so that access can be easily gained even if the user forbade it.  Every step of that journey, Apple has fought for the user and I appreciate that.  I have a suspicion that Thomas Jefferson would have felt the same way.
 
However, in the last month or 2 there have been some things that have come to light about Apple approved apps that are stealing your data and habits and then sending them along to servers without your knowledge or permission.
 
The latest news comes due to an investigation by one of my favorite sites TechCrunch.  Now personally I don’t mind if people know what I’m doing as long as I give them permission first.  What really frosts me though is when they just start monitoring me like the kid that used to sit behind me in Psychology 101 and copy my test answers without my permission.  That is the point where I get seriously ticked off.  
 
So I was pretty happy when TechCrunch investigated and reported that major companies, like Expedia, Hollister and Hotels.com, were using a third-party analytics tool to record every tap and swipe inside their apps.  TechCrunch also discovered that none of the apps tested asked the user for permission, and none of the companies said in their privacy policies that they were recording a user’s app activity.  AND while the right thing to do would at least be to encrypt the data they were stealing, some things like passport numbers and credit card numbers were leaking.  Heck, no big deal it’s ONLY your passport and your credit cards.
 
Apple was not happy about this.  In fact  they expressly forbid this type of behavior.  In order to collect user data, Apple requires that a user be notified and agree with the collection practices.  Apple then sent an email to the companies stating:
“Your app uses analytics software to collect and send user or device data to a third party without the user’s consent. Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity,” Apple said in the email.
So the good news is that this situation appears to be on the path to being rectified.  Of course the bad news is that it had to be rectified in the first place.
 
I’d like to thank TechCrunch for their research and reporting on this.  By bringing the system into the world of Apple and its users, they directly impacted getting this situation fixed.
 
I’d also like to issue a big “Mahalo” to Patrick Wardle.  He is the Chief Researcher Officer and Founder at Digita Security.  Patrick is one of the security professionals who discovered that the app Adware Doctor was stealing users browser history and sending it to a hidden server in China.  This discovery in September 2018 helped trigger this entire examination of app security in the Apple App Store.  He deserves a lot of kudos.  It goes to show that one man with a mission can impact the security of millions and I for one am grateful.
 
 
 
 
 
 

Monday, February 11, 2019

Cottage Health Settles with OCR for $3 Million Penalty Over 2 Data Breaches

OCR.png
 
A Health Care group called Cottage Health has agreed to a settlement with the federal government over 2 separate data breaches.  Interestingly the $3 million fine is due to TWO separate data breaches.  One occurred in 2013 and the other in 2015.  Combined, these 2 breaches exposed the PHI (Protected Health Information) of 62,500 patients.
 
The first incident was, unfortunately, almost comical.  A server was misconfigured during security setup  which gave access to anyone without the use of a username or password.  The exposed data consisted of names, addresses, dates of birth, diagnoses, lab results, and other treatment information of more than 32,000 patients.  Yikes!
 
The second occurred when a server needed service and the IT personnel misconfigured the unit during the incident repair.  The resulting security hole left patient names, addresses, dates of birth, Social Security numbers, diagnoses, medical conditions, and other treatment details exposed over the Internet.
 
In addition to these problems Cottage Health also failed to obtain a BAA (Business Associate Agreement) with a contractor that maintained PHI for the company.
 
For those of you who are unfamiliar with the term BAA or are just a little fuzzy on the whole concept, here is some info on Business Associates directly from the Department of Health and Human Services (HHS):
By law, the HIPAA Privacy Rule applies only to covered entities – health plans, health care clearinghouses, and certain health care providers. However, most health care providers and health plans do not carry out all of their health care activities and functions by themselves. Instead, they often use the services of a variety of other persons or businesses. The Privacy Rule allows covered providers and health plans to disclose protected health information to these “business associates” if the providers or plans obtain satisfactory assurances that the business associate will use the information only for the purposes for which it was engaged by the covered entity, will safeguard the information from misuse, and will help the covered entity comply with some of the covered entity’s duties under the Privacy Rule. Covered entities may disclose protected health information to an entity in its role as a business associate only to help the covered entity carry out its health care functions – not for the business associate’s independent use or purposes, except as needed for the proper management and administration of the business associate.  
 
The OCR then began an investigation into the “why’s and how’s” of these breaches.
 
Compounding the IT mistakes listed above was what the Office of Civil Rights referred to as failing to implement security measures "sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level."
 
This lead the OCR to also require Cottage Health to abide by a corrective action plan.
 
I’m posting this info to help colleagues understand the importance of data security and to be proactive in protecting PHI.  I’ll end this post with a quote from the Director of OCR.
 
“Our record year underscores the need for covered entities to be proactive about data security if they want to avoid being on the wrong end of an enforcement action,” OCR Director Roger Severino, said in a statement. “Information security is a dynamic process and the risks to ePHI may arise before, during, and after implementation covered entity makes system changes.” 

Thursday, February 7, 2019

Oral Health America Ceases Operations - Does Not Intend to Continue

OHA.jpg
 
The dental industry was stunned last week when the announcement came that the OHA Gala at the Chicago MidWinter meeting was cancelled.  The Gala had been a huge fund raising and networking opportunity as well as an event where the “who’s who” of dentistry gathered every year.  The formal event had become a tradition at the MidWinter and was the way many of us thought of “kicking off” the meeting.  
 
Now an equally, if not more, stunning announcement has come out that Oral Health America is discontinuing operations.  Here is official statement:
 

Oral Health America


OHA has currently ceased, and does not intend to renew, active operations. The OHA Board has determined that, due largely to an unanticipated precipitous decline in contributions in the last quarter of 2018 and the unlikely renewal of sufficient contributions in the near future, OHA does not have and is not likely to have sufficient capital and reserves to continue as a going concern. OHA has therefore terminated its existing staff and is preparing documentation to implement a formal and orderly liquidation of its assets, and resolution of creditor claims, through applicable law. As part of its liquidation and final wind-down efforts, OHA is reviewing options to transition pending programs and projects to other entities which may have the financial ability to sustain or manage them; however, OHA cannot at this time guarantee that such options will be viable. As a result of the foregoing, persons or entities who intend to seek grants or other financial support from OHA, including those who have obtained such grants or financial support from OHA in the past, should seek such grants and financial support from other sources. As to persons or entities that have received pledges of financial support from OHA, please note that OHA will likely not have sufficient resources to honor such pledges and that such entities or persons will be notified in due course by appropriate authorities as to whether the proceeds of OHA’s liquidation will result in any distribution on their creditor claims against OHA. OHA deeply regrets being unable to continue with its 65-year mission, and further regrets any hardship that may ensue from its liquidation. 

Any questions can be directed to info@oralhealthamerica.org and we will respond as soon as possible.

Wednesday, February 6, 2019

MJH Associates, Inc. Acquires Assets from UBM Life Sciences Group Becoming the Largest Privately Held Medical Media Company in the United States

DentalProductsReport-Cover.png

 

The publication where I serve as Technology Editor and Chief Dental Editor has a new home!  Dental Products Report has been acquired by MJH Associates, Inc.  Here’s the news from the press release:

 

MJH Associates‚ Inc., (MJH) a leading independent full-service health care education, market research and multichannel medical communications company, has acquired media assets from the UBM Life Sciences Group (part of Informa PLC). The acquisition comes with seven offices — six in the U.S. and one in the United Kingdom — and over 220 associates.

The acquisition of UBM Life Sciences assets includes iconic multimedia platforms in the health care, animal care, pharma sciences and dental fields, as well as three pre-eminent veterinarian conferences. The integration of these brands will complement the existing MJH portfolio and, together, significantly extend access and engagement with meaningful health content. These new assets will form a new business unit within MJH called MultiMedia Healthcare, LLC. This combined entity makes MJH the largest privately held medical media company in the U.S.

“The strategic purchase of UBM Life Sciences’ media assets leaves no question that MJH is dedicated to remaining at the forefront of delivering trusted health care information now and into the future. It furthers our overall commitment to providing diverse stakeholders — from providers to patients to caregivers — access to trusted and timely resources to help inform care and optimize outcomes,” said Michael J. Hennessy, Jr., president of MJH Associates‚ Inc.

Tom Ehardt, executive vice president and managing director of the UBM Life Sciences Group added: “We are pleased to find a partner that is invested in engaging our valued audiences in new and exciting ways. MJH is an ideal fit for us as they understand how to deliver high-quality content in multimedia platforms and live events.”

Ehardt will continue in his current role and serve as president of MultiMedia Healthcare, LLC, reporting to George Glatcz, COO of MJH.

The Life Sciences Group features 3 vertical markets. Some of the leading brands MJH has acquired are as follows:

  • Health care— Medical Economics, Patient Care, Practical Cardiology, Dermatology Times, Drug Topics, Ophthalmology Times, Psychiatric Times, Urology Times, Contemporary OB/GYN, Oncology, Dental Products Report and Managed Healthcare Executive.
  • Pharma — Pharmaceutical Technology, LC/GC, Pharmaceutical Executive, Spectroscopy, BioPharm International and Nutritional Outlook.
  • Animal Health — DVM360, Vetted and Firstline. Additionally, the animal health group produces the Fetch series of three live regional conferences.

MJH was advised by Oaklins DeSilva & Phillips.

About MJH Associates, Inc. (MJH)

MJH is the largest privately held, independent full-service medical media company in the U.S. dedicated to delivering trusted health care news across multiple channels. Over 600 MJH associates are dedicated to providing health care professionals with the information and resources they need to optimize patient outcomes. MJH combines the reach and influence of its powerful portfolio of digital and print product lines, live events, educational programs, and market research with customization capabilities of a boutique firm. Clients include world-leading pharmaceutical, medical device, diagnostic and biotech companies. For more information, please visit http://www.mjhassoc.com.

Tuesday, February 5, 2019

3M is Introducing 3M™ Chairside Zirconia

 

3M_Chairside_Zirconia_blocks.jpg

New chairside zirconia optimizes strength, esthetics, process speed
for crowns and bridges

 

ST. PAUL‚ Minn. – (Feb. 4, 2019) – Chairside CAD/CAM dentistry has promised convenience since its inception, including the advent of the single-visit crown; however, with convenience can come compromise. While software and equipment technology has advanced continuously, materials have struggled to keep pace. A strong material might appear lifeless in the mouth, while a more esthetic material may crack or fracture. Recognizing the need for a well-balanced alternative that maximizes new high-speed sintering technology, 3M is introducing 3M™ Chairside Zirconia – a new CAD/CAM zirconia block optimized for the fast-sintering CEREC® SpeedFire Furnace1. The new block offers an optimal blend of high strength and esthetics to go along with a fast sintering time of approximately 20 minutes2,3 for a thin-walled crown.


“The esthetics and better sintering time of 3M™ Chairside Zirconia have made this my go-to zirconia material,” said Daniel Butterman, DDS. “It polishes very easily and has a good level of translucency. I see no need to glaze this material.”


For easy shade matching, the material is available in eight different shades and two block sizes designed for crowns and three-unit bridges4 to match the VITA® classical shades. Additionally, due to its low minimum wall thickness of 0.8 mm, dentists are able to carry out less invasive preparations and preserve more tooth structure.


“The overall promise of chairside dentistry has always been efficiency in a single-visit appointment,” said Karen Burquest, Global Business Leader, 3M Oral Care.


“Our new zirconia is designed for high-speed sintering to deliver even more efficiency without compromises in strength or esthetics.”

Monday, February 4, 2019

Attorney General Becerra Announces $935,000 Settlement with Aetna over Allegations that it Revealed Californians’ HIV Status

1200px-Flag_of_California.png

Back in August of 2017 Aetna made the news worldwide by making a terrible mistake.  The company had inadvertently mailed notices to patients that allowed the HIV status to be seen through the clear plastic window on the envelope.  My original post on this story can be read here.  

Now comes word thataa Aetna has settled with state of California for $935,000.  The fine was for several laws that were broken by the mail debacle.

This post is from the Attorney General of California.  Aetna had already settled with the patients affected by the mailing for $17 million in 2017.  The story of the settlement can be found here.  

SACRAMENTO – California Attorney General Xavier Becerra today announced a $935,000 settlement resolving allegations that Aetna Inc. (Aetna) violated California health privacy laws in connection with its 2017 breach of patient confidentiality. Due to a mailing error, a vendor for Aetna sent letters to 1,991 Californians that revealed through an oversized clear window on mailed envelopes that the recipient was taking HIV-related medication.

“A person’s HIV status is incredibly sensitive information and protecting that information must be a top priority for the entire healthcare industry,” said Attorney General Becerra. “Aetna violated the public’s trust by revealing patients' private and personal medical information. We will continue to hold these companies accountable to prevent such a gross privacy violation from reoccurring.”

Aetna is a health insurance company based in Connecticut. On July 28, 2017, Aetna mailed letters to approximately 12,000 people nationwide, including 1,991 Californians. The letters revealed through an enlarged window on the envelope that the recipient was taking HIV-related medication. Attorney General Becerra alleges that by breaching its customers’ confidential medical information, Aetna violated state law, including the Confidentiality of Medical Information Act, Health and Safety Code section 120980, the State Constitution, and the Unfair Competition Law.

The injunctive terms in today’s settlement require Aetna to implement and maintain specific mailing procedures that preserve the confidentiality of medical information. Included in these necessary procedures are steps to ensure that medical information is not visible through the window of the envelopes. Additionally, Aetna must designate an employee responsible for Aetna’s implementations and maintenance of the revised mailing program, compliance with state and federal privacy laws, and management of external vendors handling medical information in compliance with Aetna’s privacy policies and procedures. Aetna is also required to complete an annual privacy risk assessment evaluating compliance with the terms of the settlement for three years.

The victims have additionally received over $17 million in compensation through a private class action settlement.

Attorney General Becerra is committed to protecting consumer and individual privacy through civil prosecution of state and federal privacy laws. Since taking office in January 2017, he has announced a $148 million settlement with Uber for failing to notify regulators and users of a data breach; an $18.5 million settlement with Target for failing to provide reasonable data security; a $9.8 million settlement with Walgreens for failing to adhere fully to requirements imposed by California law for the dispensing of certain prescriptions drugs under Medi‑Cal; and a $3.5 million settlement with Lenovo for illegally preinstalling software that compromised the security of its computers.