healthcare reforms and software development
321 views | +0 today
Your new post is loading...
Your new post is loading...
Scooped by Lava Prasad Kafle
Scoop.it!

Cost and effort estimation — simula.no

Cost and effort estimation — simula.no | healthcare reforms and software development | Scoop.it
The goal of the research is to improve software cost estimates through better training, practices and tools. Our focus is on estimation processes that rely on human judgment as a key element.
more...
No comment yet.
Rescooped by Lava Prasad Kafle from #PopulationManagementPortal #BigDataHealthCareReporting
Scoop.it!

What Factors Encourage Physician HIE Adoption, Use? | EHRintelligence.com

What Factors Encourage Physician HIE Adoption, Use? | EHRintelligence.com | healthcare reforms and software development | Scoop.it
Physician HIE adoption hinges on the ability of health information exchanges (HIE) to deliver trusted data as well as deliver a return on investment.

Via Technical Dr. Inc., HealthlinkNY, Lava Kafle
more...
Lava Kafle's curator insight, February 20, 2015 3:17 AM

Deerwalk #DidYouKnow #Physician #HIE Health #Information #Exchange #Adoption 

Scooped by Lava Prasad Kafle
Scoop.it!

Deerwalk - One Platform for Population Health Management

Deerwalk - One Platform for Population Health Management | healthcare reforms and software development | Scoop.it
Deerwalk is one of the top healthcare data analytics companies that provides a fully integrated Big Data healthcare solutions for healthcare analytics and population health management
Lava Prasad Kafle's insight:
Good Tuesday @deerwalkinc #TeamGenomics #BigData #Healthcare #Analytics #PopulationHealthManagement http://deerwalk.com 
more...
No comment yet.
Scooped by Lava Prasad Kafle
Scoop.it!

Deerwalk - One Platform for Population Health Management

Deerwalk - One Platform for Population Health Management | healthcare reforms and software development | Scoop.it
Deerwalk is one of the top healthcare data analytics companies that provides a fully integrated Big Data healthcare solutions for healthcare analytics and population health management
Lava Prasad Kafle's insight:
#April Fools Day, logo, #deerwalkinc,bigdata,healthcare #Teamgenomics
more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Hospital EHR Vendors

Hospital EHR Vendors | healthcare reforms and software development | Scoop.it
As of December 2014, 179 health IT vendors supply certified EHR products to 4,623 hospitals participating in the CMS EHR Incentive Programs.

Via HealthlinkNY
Lava Prasad Kafle's insight:

#TeamGenomics @deerwalkinc uknow?

 Scooped by @HealthlinkNY
onto Electronic Health Information Exchange Scoop.it! Hospital EHR Vendors emr ehr venodrs hospitals providers
more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Health Information Exchange: A Path Towards Improving the Quality and Value of Health Care for Patients | The U.S. Senate Committee on Health, Education, Labor & Pensions

The U.S. Senate Committee on Health, Education, Labor & Pensions

Via HealthlinkNY
Lava Prasad Kafle's insight:

@deerwalkinc #TeamGenomics #geneticTesting bigdata healthcare analytics population management #HIE patients providers doctors physicians nurses medicine education quality improvement

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Does Healthcare Fraud Impact Meaningful Use Aud...

Does Healthcare Fraud Impact Meaningful Use Aud... | healthcare reforms and software development | Scoop.it
While the majority of medical providers are preparing for the ICD-10 transition deadline and are utilizing diagnostic coding accurately, there are certainly outliers who have attempted to defraud the healthcare system and the Centers for Medicare &...

Via HealthlinkNY
Lava Prasad Kafle's insight:

healthcare fraud impacts meaningful use auditing #TeamGenomics deerwalk.com have ur voice While the majority of medical providers are preparing for the ICD-10 transition deadline and are utilizing diagnostic coding accurately, there are certainly outliers who have attempted to defraud the healthcare system and the Centers for Medicare &...

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

What’s the Best Foundation for a Health Information Exchange? How About a Practical One?

What’s the Best Foundation for a Health Information Exchange? How About a Practical One? | healthcare reforms and software development | Scoop.it
Healthcare Informatics Magazine | Health IT | Information Technology,Health care information technology & IT strategy news for CIOs, CMIOs & clinical informaticists. Learn about EMR EHR, ARRA HITECH, wireless technologies & meaningful use policy.

Via HealthlinkNY
Lava Prasad Kafle's insight:

#TeamGenomicsDeerwalkINCUKnow:From www.healthcare-informatics.com   Healthcare Informatics Magazine | Health IT | Information Technology,Health care information technology & IT strategy news for CIOs, CMIOs & clinical informaticists. Learn about EMR EHR, ARRA HITECH, wireless technologies & meaningful use policy.

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

ONC's New CMO Talks Meaningful Use, EHR Implementation Strategies & More - iHealthBeat

ONC's New CMO Talks Meaningful Use, EHR Implementation Strategies & More - iHealthBeat | healthcare reforms and software development | Scoop.it
The Office of the National Coordinator for Health IT's new CMO Thomas Mason discusses how the meaningful use program is working on the ground, his advice for providers just getting started with electronic health record adoption and what he hopes to...

Via HealthlinkNY
Lava Prasad Kafle's insight:
From www.ihealthbeat.org #TeamGenomics @deerwalkinc #UKNew The Office of the National Coordinator for Health IT's new CMO Thomas Mason discusses how the meaningful use program is working on the ground, his advice for providers just getting started with electronic health record adoption and what he hopes to...
more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Pay for Performance Extends to Health Care in New York State Experiment - NYTimes.com

Pay for Performance Extends to Health Care in New York State Experiment - NYTimes.com | healthcare reforms and software development | Scoop.it
New York State experimenting with paying healthcare providers based in outcomes not services http://t.co/PWezoZRSsn

Via HealthlinkNY
Lava Prasad Kafle's insight:

#TeamGenomics @deerwalkinc #DiduKnow New York State experimenting with paying healthcare providers based in outcomes not services http://t.co/PWezoZRSsn

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Study: HIEs Help Reduce Unnecessary Medical Imaging Up to 25% - iHealthBeat

Study: HIEs Help Reduce Unnecessary Medical Imaging Up to 25% - iHealthBeat | healthcare reforms and software development | Scoop.it

A study finds that access to a health information exchange makes providers up to 25% less likely to order unnecessary repeat medical imaging procedures. Researchers found that the most commonly repeated images were ultrasounds, X-rays and mammograms.


Via HealthlinkNY
Lava Prasad Kafle's insight:

@deerwalkinc #diduKnow A study finds that access to a health information exchange makes providers up to 25% less likely to order unnecessary repeat medical imaging procedures. Researchers found that the most commonly repeated images were ultrasounds, X-rays and mammograms.

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

In Meaningful Use Stage 3, an API could replace the patient portal for some providers | mobihealthnews

In Meaningful Use Stage 3, an API could replace the patient portal for some providers | mobihealthnews | healthcare reforms and software development | Scoop.it
 RT @ShimCode: "In Meaningful Use Stage 3, an API could replace the patient portal for some providers" http://t.co/7xeiYx14lQ #MU #APIEconom…

Via HealthlinkNY
Lava Prasad Kafle's insight:

RT @ShimCode: "In Meaningful Use Stage 3, an API could replace the patient portal for some providers" http://t.co/7xeiYx14lQ #MU #APIEconom @deerwalkinc #diduknow

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Social Media Medicine
Scoop.it!

Social Media Users Willing To Share Health Data Despite Concerns About Privacy

Social Media Users Willing To Share Health Data Despite Concerns About Privacy | healthcare reforms and software development | Scoop.it
A recent Institute of Medicine discussion paper finds that the majority of social media users with medical conditions are willing to share their health information to improve medical care, despite high levels of privacy concerns.

Via Lucere Leadership
Lava Prasad Kafle's insight:

@deerwalkinc #didyouknowthis A recent Institute of Medicine discussion paper finds that the majority of social media users with medical conditions are willing to share their health information to improve medical care, despite high levels of privacy concerns

more...
No comment yet.
Rescooped by Lava Prasad Kafle from #PopulationManagementPortal #BigDataHealthCareReporting
Scoop.it!

How nine out of ten healthcare pages leak private data

A study by a Timothy Libert, a doctoral student at the University of Pennsylvania, has found that nine out of ten visitsto health-related web pages result in data being leaked to third parties like Google, Facebook and Experian:

There is a significant risk to your privacy whenever you visit a health-related web page. An analysis of over 80,000 such web pages shows that nine out of ten visits result in personal health information being leaked to third parties, including online advertisers and data brokers.

What Libert discovered is a widespread repetition of the flaw that the US government's flagship Healthcare.gov website was dragged over the coals for in January.

The sites in question use code from third parties to provide things like advertising, web analytics and social media sharing widgets on their pages. Because of the way those kinds of widgets work, their third party owners can see what pages you're visiting.

The companies supplying the code aren't necessarily seeking information about what you're looking at but they're getting it whether they want it or not.

So if you browse the pages about genital herpes on the highly respected CDC (Centres for Disease Control and Prevention) site you'll also be telling marketing mega-companies Twitter, Facebook and AddThis that you've an interest in genital herpes too.

It happens like this: when your browser fetches a web page, it also fetches any third party code embedded in it directly from the third parties' websites. The requests sent by your browser contain an HTTP header (the annoyingly misspelled 'referer' header) that includes the URL of the page you're looking at.

Since URLs tend to contain useful, human-readable information about what you're reading, those requests can be quite informative.

For example, looking at a CDC page about genital herpes triggers a request to addthis.com like this:

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com

Referer: http://www.cdc.gov/std/Herpes/default.htm

The fact that embedded code gets URL data like this isn't new - it's part of how the web is designed and, like it or not, some third parties actually rely on it - Twitter uses it to power its Tailored Suggestions feature for example.

What's new, or perhaps what's changed, is that we're becoming more sensitive to the amount of data we all leak about ourselves and, of course, health data is among the most sensitive.

While a single data point such as one visit to one web page on the CDC site doesn't amount to much, the fact is we're parting with a lot of data and sharing it with the same handful of marketing companies.

We do an awful lot of healthcare research online and we tend to concentrate those visits around popular sites.

A 2012 survey by the Pew Research Center found that 72% of internet users say they looked online for health information within the past year. A fact that explains why one of the sites mentioned in the study, WebMD.com, is the 106th most popular website in the USA and ranked 325th in the world.

The study describes the data we share as follows:

...91 percent of health-related web pages initiate HTTP requests to third-parties.  Seventy percent of these requests include information about specific symptoms, treatment, or diseases (AIDS, Cancer, etc.). The vast majority of these requests go to a handful of online advertisers: Google collects user information from 78 percent of pages, comScore 38 percent, and Facebook 31 percent.  Two data brokers, Experian and Acxiom, were also found on thousands of pages.

If we assume that it's possible to imply an individual's recent medical history from the healthcare pages they've browsed over a number of years then, taken together, those innocuous individual page views add up to something very sensitive.

As the study's author puts it:

Personal health information ... has suddenly become the property of private corporations who may sell it to the highest bidder or accidentally misuse it to discriminate against the ill.

There is no indication or suggestion that the companies Limbert named are using the health data we're sharing but they are at least being made unwitting custodians of it and that carries some serious responsibilities.

Although there is nothing in the leaked data that identifies our names or identities, it's quite possible that the companies we're leaking our health data to have them already.

Even if they don't though, we're not in the clear.

Even if Google, Facebook, AddThis, Experian and all the others are at pains to anonymise our data, I wouldn't bet against individuals being identified in stolen or leaked data.

It's surprisingly easy to identify named individuals within data sets that have been deliberately anonymised.

For example, somebody with access to my browsing history could see that I regularly visit Naked Security for long periods of time and that those long periods tend to happen immediately prior to the appearance of articles written by Mark Stockley.

For a longer and more detailed look at this phenomenon, take a look at Paul Ducklin's excellent article 'Just how anonymous are "anonymous" records?'

It's possible to stop this kind of data leak by setting up your browser so it doesn't send referer headers but I wouldn't rely on that because there are other ways to leak data to third parties.

Instead I suggest you use browser plugins like NoScript, Ghostery or the EFF's own Privacy Badger to control which third party sites you have any interaction with at all.

What the study hints at is bigger than that though - what it highlights is that we live in the era of Big Data and we're only just beginning to understand some of the very big implications of small problems that have been under our noses for years.

 


Via Technical Dr. Inc., Lava Kafle
more...
Lava Kafle's curator insight, March 3, 2015 5:40 AM

#DidYouKnowThis #HealthCare #Cyber #Security #threats #leaks #vulnerabilities #Mitigation #strategy @deerwalkinc #bigdata #thirdparty

Lava Prasad Kafle's curator insight, March 23, 2015 1:15 AM

@deerwalkinc

Instead I suggest you use browser plugins like NoScript, Ghostery or the EFF's own Privacy Badger to control which third party sites you have any interaction with at all.

What the study hints at is bigger than that though - what it highlights is that we live in the era of Big Data and we're only just beginning to understand some of the very big implications of small problems that have been under our noses for years.

Rescooped by Lava Prasad Kafle from #PopulationManagementPortal #BigDataHealthCareReporting
Scoop.it!

How EHRs Will Produce Big Benefits in the Long Run

How EHRs Will Produce Big Benefits in the Long Run | healthcare reforms and software development | Scoop.it
Eugene Heslin discusses how transitioning to electronic health records may be difficult at first, but they will produce big benefits in the long run.

Via HealthlinkNY, Lava Kafle
more...
Lava Kafle's curator insight, April 5, 2015 1:05 AM

#Genomics team #deerwalk.com inc #uknow #easter eggs sunday 2015 healthcare.adsc.com Eugene Heslin discusses how transitioning to electronic health records may be difficult at first, but they will produce big benefits in the long run.

Scooped by Lava Prasad Kafle
Scoop.it!

Skit Wow @ Vipassana

Lava Prasad Kafle's insight:
#Vipassana #Maate #Pitey #Jeff #Gasser #Starring as #Father #role #wow #ProblemSolver #DeerFest2016 #TeamGenomics #DeerwalkInc #BigDataAnalyticsInHealthCare #Population #Health #Management #Festival #Celebration #Fun #Joy #Enjoy #Good #Friday #Monday #Sunday #Saturday #Thursday #Wednesday #Tuesday #deer #fest #2016
more...
No comment yet.
Scooped by Lava Prasad Kafle
Scoop.it!

A sickening rehash of the lies used to add ACA's Cadillac Tax underlines the misunderstood driver of high-cost!

A sickening rehash of the lies used to add ACA's Cadillac Tax underlines the misunderstood driver of high-cost! | healthcare reforms and software development | Scoop.it
High-cost is driven by high population chronic disease. The Cadillac tax will penalize the sickest groups, not so-called "rich/cadillac benefit structures. Employer plan sponsors increasing plan
Lava Prasad Kafle's insight:
Cadillac Tax underlines the misunderstood driver of high-cost
more...
No comment yet.
Scooped by Lava Prasad Kafle
Scoop.it!

Deerwalk | One Platform for Population Health Management

Deerwalk | One Platform for Population Health Management | healthcare reforms and software development | Scoop.it
Deerwalk provides a fully integrated suite of Big Data healthcare solutions for complete population health management on the Deerwalk One platform.
Lava Prasad Kafle's insight:

#TeamGenomics #GeneticTesting #BigDatahealthCareAnal;ytics #PopulationHealthManagement #CloudComputing #Hadoop #ElasticSearch #Cascading #Distributed #Robust #Reliant

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Engage Patients through Medication Education - HITECH Answers

Engage Patients through Medication Education - HITECH Answers | healthcare reforms and software development | Scoop.it
When patients have a better experience with their medication, they are safer, have better outcomes, and satisfaction scores go up. It's a win-win.

Via HealthlinkNY
Lava Prasad Kafle's insight:

#nepalearthquake: many patients, need more doctors nurses : When patients have a better experience with their medication, they are safer, have better outcomes, and satisfaction scores go up. It's a win-win. @deerwalkinc #teamgenomics

more...
No comment yet.
Rescooped by Lava Prasad Kafle from EHR and Health IT Consulting
Scoop.it!

Is the Triple Aim of Healthcare Achievable Through EHRs?

Is the Triple Aim of Healthcare Achievable Through EHRs? | healthcare reforms and software development | Scoop.it

EHR technology, e-prescribing software, and other health IT systems are being adopted by healthcare organizations in order to achieve the triple aim established by the Institute for Healthcare Improvement (IHI). The triple aim of healthcare include improving the patient experience such as satisfaction and quality of care, reducing the costs of healthcare, and enhancing population health. However, there may be some issues that inhibit health IT and EHR technology from achieving the triple aim of healthcare, according to a new study published in the Journal of the American Medical Informatics Association (JAMIA).

Researchers from the University of Edinburgh conducted in-depth interviews with a variety of health IT professionals, providers, payers, and government employees in order to determine whether health IT systems improved patient care and population health as well as reduced healthcare costs.

 

Out of 47 interviews, it was clear that health IT led medical organizations to develop an infrastructure toward healthcare reform and innovation as well as strategic initiatives for reducing costs. Some of the issues that were uncovered include poor usability of EHRs and inferior health information exchange capabilities leading to challenges with integrated patient-centered care. Many of the interview participants claimed it’s important to move away from fee-for-service payment models and incorporate value-based care in which reimbursement is data-driven and based on high levels of care.

Nonetheless, participants agreed that the HITECH Act led to the widespread adoption of EHR technology in hospitals, physician practices, and ambulatory care settings. The EHR Incentive Programs in particular led to greater implementation of health IT systems due to financial incentives and payment penalties that stimulated healthcare providers to move away from paper-based medical records.

When it comes to meeting the standards set forth in the triple aim of healthcare, interviewed participants stated their concerns with the usability of EHRs along with computerized decision support systems, explaining that these tools were developed in an old base code meant for solely hospital billing purposes. Additionally, many do not feel that current systems are able to achieve true EHR interoperability nor effective health information exchange.

 

“I also think we have done just a God awful job doing clinical data exchange—health information exchange,” one healthcare executive stated during his interview. “So it is just maddening to hear all of these ‘success stories’ about health information exchange when we are really doing a really bad job of it globally or nationally at least. I can’t speak about other countries and so there are different issues there, and just for example many of the health information exchanges will cease to exist because they don’t have a sustainable business model.”

To meet the standards within the triple aim of healthcare, the United Memorial Medical Center in Batavia, New York has worked on identifying and following patients who have pneumonia, obstructive pulmonary disease, and congestive heart failure in order to reduce their high amount of hospitalizations.

 

Some other stories aimed at meeting the triple aim of healthcare objectives from the Healthcare Association of New York State include South Nassau Communities Hospital implementing a “Heart Healthy Bundle” to help heart failure patients effectively transition back into the home and the Rochester Regional Health System’s patient-centered medical home that improves care coordination and communication throughout the medical care continuum.

 

There may need to be greater continuation of developing and improving EHR systems in order to achieve the triple aim of healthcare objectives. Nonetheless, the stories of successful patient care initiatives, better public health achievements, and reductions in cost show that the triple aim of healthcare is achievable.


Via Technical Dr. Inc.
Lava Prasad Kafle's insight:

#TeamGenomics @deerwalkinc #HaveYourSay healthcare triple Aims #whatAreThey There may need to be greater continuation of developing and improving EHR systems in order to achieve the triple aim of healthcare objectives. Nonetheless, the stories of successful patient care initiatives, better public health achievements, and reductions in cost show that the triple aim of healthcare is achievable.

more...
No comment yet.
Rescooped by Lava Prasad Kafle from BIG data, Data Mining, Predictive Modeling, Visualization
Scoop.it!

20 Big Data Repositories You Should Check Out

20 Big Data Repositories You Should Check Out | healthcare reforms and software development | Scoop.it
This is an interesting listing created by Bernard Marr. I would add the following great sources:

DataScienceCentral selection of big data sets - check out the…

Via AnalyticsInnovations
Lava Prasad Kafle's insight:

@bernardmarr This is an interesting #BigDataSets listing created by Bernard Marr. #TeamGenomicsDeerwalkIncUKnewIt: DataScienceCentral selection of big data sets - check out the…

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Indiana Health Information Exchange Names Charles E. Christian as Vice President of Technology and Engagement | EON: Enhanced Online News

Indiana Health Information Exchange Names Charles E. Christian as Vice President of Technology and Engagement | EON: Enhanced Online News | healthcare reforms and software development | Scoop.it
The Indiana Health Information Exchange today announced that Charles E. Christian will join the organization as Vice President of Technology and Engag

Via HealthlinkNY
Lava Prasad Kafle's insight:

@deerwalkinc #GenomicsTeam #DiduKnow The Indiana Health Information Exchange today announced that Charles E. Christian will join the organization as Vice President of Technology and Engagement

more...
Yogesh Kumar's curator insight, May 6, 2015 8:36 AM

Control Your Blood Presser Call-08447359959- http://www.healndeal.com/affiliate/128-3.html

Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

Meaningful use stage 3: Making mHealth tools a necessity? | mHealthNews

Meaningful use stage 3: Making mHealth tools a necessity? | mHealthNews | healthcare reforms and software development | Scoop.it
The newly proposed Stage 3 criteria could give providers the impetus to adopt mobile health technologies.

Via HealthlinkNY
Lava Prasad Kafle's insight:

#TeamGenomics #DidUKNow @deerwalkinc

From www.mhealthnews.com - March 30, 11:32 PM

The newly proposed Stage 3 criteria could give providers the impetus to adopt mobile health technologies

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

How High-Tech Patient Portals Will Revolutionize Health Care

How High-Tech Patient Portals Will Revolutionize Health Care | healthcare reforms and software development | Scoop.it
BOB WACHTER: As the health-care world finally shifts from analog to digital, increasing numbers of patients have access to a patient portal–a site that allows them to schedule appointments, email their physicians, refill medications, and check the...

Via HealthlinkNY
Lava Prasad Kafle's insight:

@deerwalkinc #WeAreOneOfThem As the health-care world finally shifts from analog to digital, increasing numbers of patients have access to a patient portal–a site that allows them to schedule appointments, email their physicians, refill medications, and check the..

more...
No comment yet.
Rescooped by Lava Prasad Kafle from Electronic Health Information Exchange
Scoop.it!

National health information exchange (HIE) cons...

National health information exchange (HIE) cons... | healthcare reforms and software development | Scoop.it
Representatives from approximately 20 health information exchanges (HIEs) nationally have come together to form a national consortium called the Strategic Health Information Exchange Collaborative (SHIEC).

Via HealthlinkNY
Lava Prasad Kafle's insight:

Representatives from approximately 20 health information exchanges (HIEs) nationally have come together to form a national consortium called the Strategic Health Information Exchange Collaborative (SHIEC). #diduknow @deerwalkinc

more...
No comment yet.
Rescooped by Lava Prasad Kafle from #PopulationManagementPortal #BigDataHealthCareReporting
Scoop.it!

How nine out of ten healthcare pages leak private data

A study by a Timothy Libert, a doctoral student at the University of Pennsylvania, has found that nine out of ten visitsto health-related web pages result in data being leaked to third parties like Google, Facebook and Experian:

There is a significant risk to your privacy whenever you visit a health-related web page. An analysis of over 80,000 such web pages shows that nine out of ten visits result in personal health information being leaked to third parties, including online advertisers and data brokers.

What Libert discovered is a widespread repetition of the flaw that the US government's flagship Healthcare.gov website was dragged over the coals for in January.

The sites in question use code from third parties to provide things like advertising, web analytics and social media sharing widgets on their pages. Because of the way those kinds of widgets work, their third party owners can see what pages you're visiting.

The companies supplying the code aren't necessarily seeking information about what you're looking at but they're getting it whether they want it or not.

So if you browse the pages about genital herpes on the highly respected CDC (Centres for Disease Control and Prevention) site you'll also be telling marketing mega-companies Twitter, Facebook and AddThis that you've an interest in genital herpes too.

It happens like this: when your browser fetches a web page, it also fetches any third party code embedded in it directly from the third parties' websites. The requests sent by your browser contain an HTTP header (the annoyingly misspelled 'referer' header) that includes the URL of the page you're looking at.

Since URLs tend to contain useful, human-readable information about what you're reading, those requests can be quite informative.

For example, looking at a CDC page about genital herpes triggers a request to addthis.com like this:

GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com

Referer: http://www.cdc.gov/std/Herpes/default.htm

The fact that embedded code gets URL data like this isn't new - it's part of how the web is designed and, like it or not, some third parties actually rely on it - Twitter uses it to power its Tailored Suggestions feature for example.

What's new, or perhaps what's changed, is that we're becoming more sensitive to the amount of data we all leak about ourselves and, of course, health data is among the most sensitive.

While a single data point such as one visit to one web page on the CDC site doesn't amount to much, the fact is we're parting with a lot of data and sharing it with the same handful of marketing companies.

We do an awful lot of healthcare research online and we tend to concentrate those visits around popular sites.

A 2012 survey by the Pew Research Center found that 72% of internet users say they looked online for health information within the past year. A fact that explains why one of the sites mentioned in the study, WebMD.com, is the 106th most popular website in the USA and ranked 325th in the world.

The study describes the data we share as follows:

...91 percent of health-related web pages initiate HTTP requests to third-parties.  Seventy percent of these requests include information about specific symptoms, treatment, or diseases (AIDS, Cancer, etc.). The vast majority of these requests go to a handful of online advertisers: Google collects user information from 78 percent of pages, comScore 38 percent, and Facebook 31 percent.  Two data brokers, Experian and Acxiom, were also found on thousands of pages.

If we assume that it's possible to imply an individual's recent medical history from the healthcare pages they've browsed over a number of years then, taken together, those innocuous individual page views add up to something very sensitive.

As the study's author puts it:

Personal health information ... has suddenly become the property of private corporations who may sell it to the highest bidder or accidentally misuse it to discriminate against the ill.

There is no indication or suggestion that the companies Limbert named are using the health data we're sharing but they are at least being made unwitting custodians of it and that carries some serious responsibilities.

Although there is nothing in the leaked data that identifies our names or identities, it's quite possible that the companies we're leaking our health data to have them already.

Even if they don't though, we're not in the clear.

Even if Google, Facebook, AddThis, Experian and all the others are at pains to anonymise our data, I wouldn't bet against individuals being identified in stolen or leaked data.

It's surprisingly easy to identify named individuals within data sets that have been deliberately anonymised.

For example, somebody with access to my browsing history could see that I regularly visit Naked Security for long periods of time and that those long periods tend to happen immediately prior to the appearance of articles written by Mark Stockley.

For a longer and more detailed look at this phenomenon, take a look at Paul Ducklin's excellent article 'Just how anonymous are "anonymous" records?'

It's possible to stop this kind of data leak by setting up your browser so it doesn't send referer headers but I wouldn't rely on that because there are other ways to leak data to third parties.

Instead I suggest you use browser plugins like NoScript, Ghostery or the EFF's own Privacy Badger to control which third party sites you have any interaction with at all.

What the study hints at is bigger than that though - what it highlights is that we live in the era of Big Data and we're only just beginning to understand some of the very big implications of small problems that have been under our noses for years.

 


Via Technical Dr. Inc., Lava Kafle
Lava Prasad Kafle's insight:

@deerwalkinc

Instead I suggest you use browser plugins like NoScript, Ghostery or the EFF's own Privacy Badger to control which third party sites you have any interaction with at all.

What the study hints at is bigger than that though - what it highlights is that we live in the era of Big Data and we're only just beginning to understand some of the very big implications of small problems that have been under our noses for years.

more...
Lava Kafle's curator insight, March 3, 2015 5:40 AM

#DidYouKnowThis #HealthCare #Cyber #Security #threats #leaks #vulnerabilities #Mitigation #strategy @deerwalkinc #bigdata #thirdparty