Tag Archives: health

Increasing Speed and Accuracy of Electronic Health Record (EHR) Note Taking

(Imagen 4)

Electronic health records (EHRs) can be a pain in a particular body part. But Tebra and other firms offer ways to automate portions of the record keeping process. And if these automations work, they also increase EHR accuracy.

I’ve previously talked about how an EHR can incorporate a patient identifier, derived from the facial recognition of the patient. This prevents misidentification, which can cause severe problems if the EHR data is applied to the wrong patient.

But how do you populate the rest of the EHR?

According to Tebra, with EHR+.

“Tebra’s EHR+ platform connects care, billing, scheduling, and more. Built-in AI speeds up notes, handles reviews, and automates repetitive admin work.”

Tebra’s AI Note Assist claims to “[t]urn spoken or written words into structured notes,” presumably using natural language processing (NLP) and machine learning specifically trained on medical record keeping.

But always remember to comply with health, privacy, and other relevant laws.

“Before using AI-powered scribe tools, review applicable laws and regulations in your practice’s jurisdiction regarding electronic recordings, AI scribes, and informed consent. Some jurisdictions require verbal or written consent prior to any form of ambient documentation. Check your state board or consult legal counsel for guidance.”

And watch the video.

But Tebra and its competitors face a problem: you can only scream “AI” for so long before your prospects ask, “So what?” 

Bredemarket can create written content for tech marketers that attracts prospects.

Contact Bredemarket.

Stop losing prospects! Use Bredemarket content for tech marketers
Content for tech marketers.

AI-Analyzing Computed Tomography (CT) Scans

From Philips’ announcement of a case study.

“Imagine a radiology department with over one hundred staff members analyzing thousands of CT images daily. Every minute of efficiency gain and workflow improvement means radiologists can spend more time with patients. Several years back, the radiology department at the Hospices Civils de Lyon (HCL) in France began a research collaboration journey with Philips to advance task automation using AI. Many of the algorithms generated in this clinical partnership are now available to radiologists everywhere via Advanced Visualization Workspace….

“‘“We perform many chest CT scans in the hospital. Most patients only need a scan of a specific body area: the neck, thorax, or abdominal. The more specific we can target, the better we are able to minimize the X-ray dose. In our first study, we developed an algorithm to classify the thorax, abdominal, or neck during a thoracic CT scan. This method has helped us raise awareness among radiology technicians to limit exploration to the region of interest only. Reducing the margin could reduce the X-ray dose on average by 20 per cent.’”

An additional result? Tasks that used to take minutes or hours now only take seconds.

For more information, see https://www.philips.com/a-w/about/news/archive/case-studies/co-creating-ai-solutions-that-free-up-time-to-spend-with-patients.html

Make America Hallucinate Again

While some are concentrating on the political aspects of this story, I would like to focus on the technological aspects.

“[Dr. Katherine] Keyes is cited in a paper titled ‘Changes in mental health and substance use among US adolescents during the COVID-19 pandemic,’ which appears on page 52 of the MAHA report and lists JAMA Pediatrics as the journal. A representative for the journal confirmed to ABC News the paper does not exist.”

Quoted from https://abcnews.go.com/Politics/rfk-jrs-maha-report-contained-existent-studies/story?id=122321059

Anybody who has paid attention over the last two years knows EXACTLY what happened.

The word “hallucination” comes to mind.

Figure it out yet?

Someone took a shortcut in researching and/or writing the MAHA paper…something that all the generative AI companies are saying is a perfectly wonderful thing to do. After all, you won’t lose your job to AI…you will lose your job to someone who uses AI’s “help.” Until AI hallucinates and puts organic food dye-free egg whites on your face.

The continued inaccuracies in generative AI-authored writing are not limited to one political movement.

(Imagen 4)

Can Non-productive Weeks Be Productive?

This has been a weird week.

Productivity-wise, I started off on the wrong foot because of pre-scheduled personal appointments on Monday and Tuesday afternoon.

No sweat, I thought, I will make up the time on Wednesday.

Until I fell ill mid-morning Wednesday and spent most of the rest of the day doing nothing.

With limited work yesterday and today.

Which reminded me that the best-laid plans can derail quickly.

But I still completed some critically important tasks…so that’s good.

What is Protected Health Information?

Many laws and regulations impact health information—not just the Health Information Portability and Accountability Act (HIPAA).

But what IS Protected Health Information?

Kirk Nahra and Daniel Solove shared this example in a webinar:

Is “I drink Diet Coke” health information?

  • Maybe it’s not health information at all.
  • Maybe it indicates healthy practices (no sugar).
  • Maybe it indicates unhealthy practices (artificial sweetener use).

The answer isn’t simple.

Now I’m Just Playing with Google Gemini

I asked Imagen 3 to help me illustrate nth party risk management.

Where you are connected with everyone to whom your connections are connected.

But I wanted to illustrate third-party risk management in a clean way. Back when AIDS became a sad feature of our lives in the 1980s, the description of how it spread from person to person could get a little graphic.

April 2025 Update on Bredemarket’s Proposal Services

This post has two purposes:

  • To brag about myself.
  • To let you know how this braggart can help you with your identity, cybersecurity, and technology proposals.

First, the bragging

Let’s start the bragging by announcing that one of Bredemarket’s consulting clients was recently notified of an award by a federal agency.

I won’t name the client or the agency, other than to clarify that the agency is NOT the U.S. Department of Education, the Agency for International Development, the Voice of America, or similar agencies that have taken a beating over the last 2 1/2 months. So the award is fairly safe.

So what do I have to brag about?

To be honest, not much.

Second, the reality

Yes, I made sure that the proposal was compliant and persuasive, that it addressed all the required points, that it went to the correct person, that it stayed within the mandated page and word limits, and that it was delivered before the due date and time.

But if the client had proposed an inferior solution, questionable implementation plan, or unqualified personnel, there would NOT have been an award regardless of whether the text was in 12-point Times New Roman with the appropriate margins.

Like all Bredemarket projects, I collaborated with the client to submit the proposal, which in the end was a winning proposal.

Third, how did I get here?

I’ve told the story before, but I kind of fell into the proposals world in October 1994 when I began consulting for the Proposals Department at a company called Printrak International. After several acquisitions, the company became part of IDEMIA 23 years later.

During my time at Printrak, Motorola, MorphoTrak, and IDEMIA I spent two separate stints in Proposals, primarily focusing on state and local opportunities with various international opportunities thrown in.

Things changed in 2020 when Bredemarket started offering proposal services. With one exception (a State of California healthcare-related proposal), all my proposal work has been at the federal level.

I’ve worked at various proposal maturity levels, ranging from working via SMA in a mature proposal development process, to cases in which I was the sole proposal expert. But the keys always remain the same: work with the client, do great work, and turn the thing in on time.

Fourth, how will YOU get THERE?

If your organization has the need to submit a technology software proposal, perhaps I can help. I can plug into your existing proposals organization, or if necessary I can BE your proposals organization.

If you’d like to talk about it, schedule a free consultation via my “CPA” page (the “P” stands for Proposal) and check the “Proposal services” check box.

https://bredemarket.com/cpa/

(Wildebeest proposal picture from Imagen 3)

The One PII/PHI Data Point No One is Discussing

In a February 2024 discussion of the differences and similarities between personally identifiable information (PII) and protected health information (PHI), I published an exhaustive list of types of PII, some of which are also PHI.

  • Social Security Number. 
  • Passport number.
  • Driver’s license number.
  • Taxpayer identification number.
  • Patient identification number.
  • Financial account number.
  • Credit card number.
  • Personal address.
  • Personal telephone number.
  • Photographic image of a face.
  • X-rays.
  • Fingerprints.
  • Retina scan.
  • Voice signature.
  • Facial geometry.
  • Date of birth.
  • Place of birth.
  • Race.
  • Religion.
  • Geographical indicators.
  • Employment information.
  • Medical information.
  • Education information.
  • Financial information.

Looks complete to you, doesn’t it? Well, it isn’t. To, um, identify the missing bit of information that is both PII and PHI, take a look at this LinkedIn post from Jack Appleby. (Thanks to packaging expert Mark Wilson for bringing this post to my attention.)

“A dream brand just sent me a gift package & invite… but they broke the two most important rules of influencer gifting…

“The package was a ridiculously cool collab hoodie + an invite to an event I’ve wanted to go to since I was just a little kid… but the hoodie is a medium… and I’m an XL… and my name was spelled wrong on the invitation.”

And no, I’m not talking about Jack Appleby’s name.

I’M TALKING ABOUT HIS HOODIE SIZE.

And yes, hoodie size in combination with other information is both PII (personally identifiable information) and PHI (protected health information). If your hoodie size is XXL, but your height is only 5’1”…that has some health implications.

Yet at the same time it’s also vital business information. It’s collected from prospects and new employees at trade shows and during employee onboarding. And as Appleby’s example shows, there are potentially severe consequences if you get it wrong.

But does your favorite compliance framework include specific and explicit clauses addressing hoodie size? I bet it doesn’t. And that could be a huge privacy hole.

(The hoodie in my selfie is from my 2022-2023 employer. And yes I still wear it. But I got rid of my IDEMIA, MorphoTrak, Motorola, and Printrak attire.)

Why Do CPAs (the real ones) Manage SOC 2 Audits?

I’ve been around a ton of compliance frameworks during and after the years I worked at Motorola. 

  • The Capability Maturity Model (CMM), from the days before CMMI came into being.
  • The entire ISO 9000 family.
  • The General Data Protection Regulation (GDPR).
  • The California Consumer Privacy Act (CCPA) and the related California Privacy Rights Act (CPRA).
  • The Health Insurance Portability and Accountability Act (HIPAA).
  • The NIST Cybersecurity Framework (CSF).
  • I’d personally throw the FBI CJIS Security Requirements onto this list.

SOC it to me

There is one compliance framework that is a little different from CMM, ISO, GDPR, and all the others: the System and Organization Controls (SOC) suite of Services

The most widely known member of the suite is SOC 2® – SOC for Service Organizations: Trust Services Criteria. But you also have SOC 1, SOC 3, SOC for Cybersecurity, SOC for Supply Chain, SOC for Steak…whoops, I made that one up because I’m hungry as I write this. But the others are real.

Who runs the SOC suite

But the difference about the SOC suite is that it’s not governed by engineers or scientists or academics.

It’s governed by CPAs.

And for once I’m not talking about content-proposal-analysis experts.

I’m talking about the AICPA, or the Association of International Certified Professional Accountants.

Which begs the question: why are a bunch of bean counters defining compliance frameworks for cybersecurity?

Why CPAs run the SOC suite

Ask Schneider Downs. As an accounting firm, they may have an obvious bias regarding this question. But their answers are convincing.

  • “CPAs are subject matter experts in risk management.” You see, my reference above to “bean counters” was derogatory and simplistic. Accounts need to understand financial data and the underlying risks, including vulnerabilities in cash flow, debt, and revenue. For example, if you’ve ever talked to a CxO, you know that revenue is never guaranteed.
  • “It was a natural progression to go from auditing against financial risk to auditing against cybersecurity risk.” Now this may seem odd on the surface, because you wouldn’t think mad Excel skills will help you detect deepfakes. But ignore the tools for a moment and look at a higher levels. Because of their risk management expertise, they can apply that knowledge to other types of risk, including non-financial ones. As Schneider Downs goes on to say…
  • “CPAs understand internal control concepts and the appropriate evidence required to support the operating effectiveness of controls.” You need financial controls at your company. You aren’t going to let the summer intern sign multi-million dollar checks. In the same way you need to identify and evaluate the internal controls related to the Trust Services Criteria (TSC) associated with SOC 2: security, availability, processing integrity, confidentiality, and privacy.

So that’s why the accountants are running your SOC 2 audit.

And don’t try to cheat when you pay them for the audit.

And one more thing

A few of you may have detected that the phrase “SOC it to me” is derived from a popular catchphrase from the old TV show Rowan & Martin’s Laugh-In.

A phrase that EVERYBODY said.

(Wildebeest accountants from Imagen 3)

Have You Been Falsely Accused of NPE Use? You May Be Entitled To Compensation.

(From imgflip)

Yes, I broke a cardinal rule by placing an undefined acronym in the blog post title.

99% of all readers probably concluded that the “NPE” in the title was some kind of dangerous drug.

And there actually is something called Norpseudoephedrine that uses the acronym NPE. It was discussed in a 1998 study shared by the National Library of Medicine within the National Institutes of Health. (TL;DR: NPE “enhances the analgesic and rate decreasing effects of morphine, but inhibits its discriminative properties.”)

From the National Library of Medicine.

But I wasn’t talking about THAT NPE.

I was talking about the NPEs that are non-person entities. 

But not in the context of attribute-based access control or rivers or robo-docs

I was speaking of using generative artificial intelligence to write text.

My feelings on this have been expressed before, including my belief that generative AI should NEVER write the first draft of any published piece.

A false accusation

A particular freelance copywriter holds similar beliefs, so she was shocked when she received a rejection notice from a company that included the following:

“We try to avoid employing people who use AI for their writing.

“Although you answered ‘No’ to our screening question, the text of your proposal is AI-generated.”

There’s only one teeny problem: the copywriter wrote her proposal herself.

(This post doesn’t name the company who made the false accusation, so if you DON’T want to know who the company is, don’t click on this link.)

Face it. (Yes, I used that word intentionally; I’ve got a business to run.) Some experts—well, self-appointed “experts”—who delve into the paragraph you’re reading right now will conclude that its use of proper grammar, em dashes, the word “delve,” and the Oxford comma PROVE that I didn’t write it. Maybe I’ll add a rocket emoji to help them perpetuate their misinformation. 🚀

Heck, I’ve used the word “delve” for years before ChatGPT became a verb. And now I use it on purpose just to irritate the “experts.”

The ramifications of a false accusation

And the company’s claim about the copywriter’s authorship is not only misinformation.

It’s libel.

I have some questions for the company that falsely accused the copywriter of using generative AI to write her proposal.

  • How did the company conclude that the copywriter did not write her proposal, but used a generative AI tool to write it?
  • What is the measured accuracy of the method employed by the company?
  • Has the copywriter been placed on a blocklist by the company based upon this false accusation?
  • Has the company shared this false accusation with other companies, thus endangering the copywriter’s ability to make a living?

If this raises to the level of personal injury, perhaps an attorney should get involved.

From imgflip.

A final thought

Seriously: if you’re accused of something you didn’t do, push back.

After all, humans who claim to detect AI have not been independently measured regarding their AI detection accuracy.

And AI-powered AI detectors can hallucinate.

So be safe, and take care of yourself, and each other.


Jerry Springer. By Justin Hoch, CC BY 2.0, https://commons.wikimedia.org/w/index.php?curid=16673259.