Deals roundup: Capio acquiring Medocular, Swedish eye health company. - Medical Device Daily

Deals roundup

Capio acquiring Medocular, Swedish eye health company

A Medical Device Daily Staff Report

Capio (Gotenburg, Sweden) has acquired 100% of the shares in Sweden-based Medocular, which specializes in general eye medicine, cataract surgery and treatment of defective-vision disorders, such as short-sightedness.

Medocular has annual sales of slightly more than $6.6 million, with 45 employees. The formal transfer of ownership will take place on Oct. 1. As part of the deal, Capio acquired all of Medoculars operations in Uppsala, Stockholm, Norrkoping, Linkoping, Gothenburg and Malmo, all in Sweden.

Medoculars operations focus primarily on assignments from the public health sector and the company annually carries out approximately 10% of all cataract operations in Sweden. Medocular will become part of Capios Healthcare Nordic business area.

Through Medocular, Capio gains a prominent position within eye health care services in Sweden and a strong platform for international expansion in this field, said Stanley Broden, director of Capios Healthcare Nordic. Rudolph Hahnenberger, president of Medocular, said, As part of the Capio Group, we see major opportunities for the further development of eye health care services in a broader context and for being able to increase availability for patients over the longer term.

In other dealmaking activities:

Exten Industries (San Diego, California) said it finalized its acquisition of all outstanding shares of MultiCell Associates (MCA; Warwick, Rhode Island), and will operate MCA as a wholly owned subsidiary. MCA owns the rights to certain patented technology for engineering human and other mammalian liver cells. These non-tumorigenic cells have applications for drug discovery and toxicological testing and could perform metabolic functions in liver-assist devices. Additionally, the cells have shown the ability to generate very complex proteins that have a variety of therapeutic and research applications. Terms were not disclosed.

HONG KONG: YORK CHOW MEETS SWEDISH HEALTH CHIEFS.(Brief Article) - Info-Prod Research (Middle East)

According to new.gov.hk, Secretary for Health, Welfare & Food Dr York Chow has established networks with Sweden's Ministry of Health & Social Affairs, and gained experience in health and elderly care services. Dr Chow began his two-day visit to Sweden on May 18 to gain experience in elderly care, and care of patients suffering old-age diseases. In Stockholm he visited a community-based primary healthcare facility, a home for people with dementia and a home help service centre for the elderly, to see the services provided by the facilities and understand their role in the country's healthcare services. Dr Chow also had a business lunch with some 40 guests from the Swedish Government and business communities. Dr Chow will visit the Swedish Handicap Institute and meet with the Swedish Minister for Health & Elderly Care Ylva Johansson on May 19.

YORK CHOW MEETS SWEDISH HEALTH CHIEFS - Info-Prod Research (Middle East)

According to new.gov.hk, Secretary for Health, Welfare & Food DrYork Chow has established networks with Sweden's Ministry of Health &Social Affairs, and gained experience in health and elderly careservices. Dr Chow began his two-dayvisit to Sweden on May 18 to gainexperience in elderly care, and care of patients suffering old-agediseases. In Stockholm he visited a community-based primaryhealthcare facility, a home for people with dementia and a home helpservice centre for the elderly, tosee the services provided by thefacilities and understand their role in thecountry's healthcareservices. Dr Chow also had a business lunch with some 40 guests fromthe Swedish Government and business communities. Dr Chow will visitthe Swedish Handicap Institute and meet with the Swedish Minister forHealth & Elderly Care Ylva Johansson on May 19.

Swedish health care company Feelgood Svenska AB posts record EBIT of SEK14.9m.(Financial report) - Nordic Business Report

NORDIC BUSINESS REPORT-16 February 2009-Swedish health care company Feelgood Svenska AB posts record EBIT of SEK14.9m(C)1994-2009 M2 COMMUNICATIONS LTD http://www.m2.com

Swedish health care services provider Feelgood Svenska AB (OMX Stockholm:FEEL) published its year-end figures on Monday (16 February), posting an operating profit (EBIT) of SEK14.9m, as compared to SEK12.9m in 2007.

The net turnover amounted to SEK552.7m, up from SEK474.9m in the previous year.

Earnings per share came to SEK0.13, as compared to SEK0.14 in 2007.

The year 2008 was Feelgod's best to date, with the growth driven by new acquisitions.

Feelgood, headquartered in Stockholm, Sweden, provides health care services to Swedish companies and private consumers. The company has some 750 employees.

One British pound (GBP) is worth approximately 12.16 Swedish kronor (SEK).

Swedish health care company Feelgood Svenska AB posts 1H operating profit of SEK6.9m.(Financial report) - Nordic Business Report

NORDIC BUSINESS REPORT-28 August 2008-Swedish health care company Feelgood Svenska AB posts 1H operating profit of SEK6.9m(C)1994-2008 M2 COMMUNICATIONS LTD http://www.m2.com

Swedish health care services provider Feelgood Svenska AB (OMX Stockholm: FEEL) issued its half-year report on Thursday (28 August), posting an operating profit of SEK6.9m, as compared to SEK8.8m in the first half of 2007.

The decline was due to increased costs.

The net turnover amounted to SEK266.8m, up by 7.8% from SEK247.5m in the first half of last year.

Feelgood, headquartered in Stockholm, Sweden, provides health care services to Swedish companies and private consumers. The company has some 590 employees and reported sales of SEK475m in 2007.

One British pound (GBP) is worth approximately 11.74 Swedish kronor (SEK).

Swedish health care company Feelgood Svenska AB to acquire Haluxa AB. - Nordic Business Report

NORDIC BUSINESS REPORT-19 June 2008-Swedish health care company Feelgood Svenska AB to acquire Haluxa AB(C)1994-2008 M2 COMMUNICATIONS LTD http://www.m2.com

Swedish health care services provider Feelgood Svenska AB (OMX Stockholm: FEEL) said on Thursday (19 June) that it has signed a memorandum of understanding to acquire the health care company Haluxa AB.

The purchase consideration amounts to SEK40m in cash and 20m shares of Feelgood Svenska. Following the transaction Haluxa's shareholders will hold a combined stake of 19% in Feelgood.

Haluxa is expected to achieve a turnover of SEK200m in 2008.

Feelgood, headquartered in Stockholm, Sweden, provides health care services to Swedish companies and private consumers. The company has some 560 employees and reported sales of SEK475m in 2007.

One British pound (GBP) is worth approximately 11.85 Swedish kronor (SEK).

Swedish health information sites could be improved - report.(Brief Article) - Nordic Business Report

NORDIC BUSINESS REPORT-14 May 2002-Swedish health information sites could be improved - report (C)1994-2002 M2 COMMUNICATIONS LTD http://www.m2.com

There is no Swedish-language web site for health information that fulfils all the requirements from the European Union, according to the Swedish National Board of Health and Welfare.

The board has reviewed 35 sites and found that there is much that can be improved. None of the 35 Swedish sites completely fulfils the requirements. The requirement that is the least fulfilled is to inform about the financial side of the site - only five of those reviewed clearly gave information on how the web site was paid for.

The entire review was presented at a recent conference, reported TT, a Swedish news service.

Swedish health care services provider Feelgood Svenska AB expands, acquires Haluxa AB. - Nordic Business Report

NORDIC BUSINESS REPORT-22 August 2008-Swedish health care services provider Feelgood Svenska AB expands, acquires Haluxa AB(C)1994-2008 M2 COMMUNICATIONS LTD http://www.m2.com

Swedish health care services provider Feelgood Svenska AB (OMX Stockholm: FEEL) said on Thursday (21 August) that it has signed a firm agreement to acquire the health care company Haluxa AB.

The purchase price for all shares of Haluxa amounts to SEK37.8m in cash and 20m shares of Feelgood Svenska.

The deal is based on a memorandum of understanding announced initially in June.

The acquisition will strengthen Feelgood Svenska's position as a leading supplier of company health care services, and will expand its staff from the current 590 persons by some 40%. The acquisition will also increase the group turnover by some SEK200m in 2008.

Feelgood, headquartered in Stockholm, Sweden, provides health care services to Swedish companies and private consumers. The company has some 590 employees and reported sales of SEK475m in 2007.

One British pound (GBP) is worth approximately 11.79 Swedish kronor (SEK).

Zip Structure AB posts operating loss of SEK2.36m.(Brief Article) - Nordic Business Report

NORDIC BUSINESS REPORT-27 February 2004-Zip Structure AB posts operating loss of SEK2.36m(C)1994-2004 M2 COMMUNICATIONS LTD http://www.m2.com

The Swedish health services company Zip Structure AB issued its year-end report for 2003 on Friday (27 February), posting an operating loss of SEK2.36m, as compared to a loss of SEK2.17m in 2002.

The net turnover improved from SEK6.85m in 2002 to SEK7.86m in 2003.

Swedish krona (SEK) is worth approximately 0.07 British pounds (GBP).

JCAHO's new credentialing, privileging standards require provider-specific data.(Joint Commission on Accreditation of Healthcare Organizations ) - Hospital Peer Review

JCAHO's new credentialing, privileging standards require provider-specific data

Surveyors will be looking for continuous evaluation

New standards for the credentialing and privileging of practitioners call for a more objective and evidence-based process for monitoring performance. The standards from the Joint Commission on Accreditation of Healthcare Organizations, which are effective Jan. 1, 2007, also require a process for intervening when safety and quality-of-care issues are identified.

'More detailed information will need to be collected on an ongoing basis,' says John Herringer, associate director of JCAHO's standards interpretation group and lead interpreter for medical staff standards.

To comply with the standard, organizations will need to continuously collect additional information about physician performance. 'That will definitely be a challenge,' says Christina W. Giles, CPMSM, MS, president of Medical Staff Solutions, a Nashua, NH- based consulting firm specializing in assessment and development of medical staff organizational structures in the hospital environment. 'In my experience with clients all over the country, currently the weakest link in the credentialing and privileging program is how much information and the type of information that gets collected at reappointment or reprivileging time.'

In general, the Joint Commission wants organizations to start reviewing selected data on an ongoing basis, to determine whether a practitioner can maintain his or her privileges. 'The issue was really that people were doing this every two years, and there wasn't a process to evaluate people on a continuous basis,' says Herringer. 'Organizations are not going to be just looking at the person every two years. They are going to be looking at them continuously.'

Provider-specific data

Organizations will define the criteria to be collected for ongoing professional practice evaluation themselves. The Joint Commission says this may include the following: review of operative and other clinical procedures performed and their outcomes, pattern of blood and pharmaceutical use, requests for tests and procedures, length-of-stay patterns, morbidity and mortality data, and the practitioner's use of consultants. 'But because we use the word 'may,' that indicates that they still have to define it. Organizations can include things other than the examples we give,' says Herringer.

The new requirements will require provider-specific data to be collected, but many hospitals have collected only aggregate physician data to trend performance improvement, says Nancy J. Auer, MD, FACEP, chief medical officer for Swedish Health Services in Seattle.

'Many institutions went this route believing — correctly — that the physicians wouldn't participate in performance improvement activities if they knew they personally were being profiled,' says Auer. 'Data systems are not perfect. It is imperative that physicians work with their institutions to help turn the data into credible information.'

Organizations are supposed to be collecting data on each individual, says Herringer. 'You should always be looking at the provider data. For example, if, on average, antibiotics were prescribed 300 times but Dr. Jones is prescribing them 700 times and has high infection rates because he is over-prescribing, it's pointless to just look at the aggregate,' he says.

In order to get to the aggregate physician data, you need to have the practitioner-specific data anyway, he notes. 'You want to look to see, how is he practicing compared to the rest of his peers for that particular measure?' Herringer says.

What organizations were failing to do is compare the provider-specific data with the aggregate data, says Herringer. 'They always had the data, but they weren't comparing the person to the aggregate. That's why we added that to the standard in 2004. It does come from the performance improvement data, but those are broad categories.'

Depending on what you are measuring, you may or may not have data for every practitioner for a given measure. For example, if you decided you wanted to look at something related to Cesarean sections for operative and other procedures, then you are omitting all the other surgical procedures, so you won't have data for the other types of surgeons.

'We've never said you have to find a measure that relates to every different type of surgical procedure that you could possibly do,' says Herringer. 'You may not have data for every practitioner for that measure. For some practitioners, you really could end up having no data.'

For instance, psychiatrists don't do surgical procedures, or if the medication used in your measure doesn't relate to psychiatry, you won't have any data there. 'It's totally possible that your measures won't relate to certain people. What we're trying to move away from is collecting data about everybody, as opposed to just linking it to the performance improvement measures,' says Herringer.

You're required to define what data you're going to collect for every practitioner, and it must be related to performance improvement measures, and you will look at whatever data you have for that person. 'But you wouldn't necessarily have data for everybody,' says Herringer.

For this situation, organizations can attempt to obtain data from other facilities where the person practices, but data are often protected under peer review statutes. In this case, the organization would obtain additional peer recommendations, and the lack of data might be defined as a trigger for focused review, says Herringer.

'When we're granting privileges, we don't necessarily have data and competencies for every single procedure,' says Kathy Downs, CPMSM, CPCS, CPHQ, director of medical staff services at Paradise Valley Hospital in National City, CA. 'It may be that, for low-volume practitioners in particular, we will have to end up getting data from other hospitals, and that may be difficult.'

Take action on problems

Hospitals also are required to act on what the data are telling them, always with the goal of improving performance. Surveyors will want to see how individual departments have used the information to improve patient care.

'At Swedish, we are revamping our data collection tools to collect physician-specific data,' says Auer. 'This approach is really effective. You can't just wait to provide feedback to physicians at re-credentialing if you want performance to improve.'

For example, the organization had trouble eliminating dangerous abbreviations until data were collected that included the name of the physician and the type of do-not-use abbreviation used. 'We fed this data, in an educational fashion, back to the physicians on a weekly basis,' says Auer. 'Our performance improved dramatically.'

Indicators that will trigger a chart review at Paradise Valley Hospital include unplanned return to the operating room, readmission within 24 hours, a certain amount of blood lost, and unplanned removal of an organ.

After physicians review the patient's chart, any additional questions are sent to a committee for further discussion. 'Sometimes, the physician whose case it is will even be there as a member of the committee and can explain what happened. Or they may send a letter to the physician asking for a written explanation, or they will ask him or her to come to the committee meeting to clarify questions,' says Downs. The committee then determines what further action, if any, needs to be taken.

The organization has been moving toward 'core' privileges for many procedures that physicians can do by virtue of their training, such as appendectomies for general surgeons, as opposed to 'non-core' privileges that require special or additional training such as laparoscopic hernia repair. 'We will just have to be more vigilant with the non-core procedures, especially for those physicians who perform most of their procedures at other facilities,' says Downs. 'It may be difficult to get the needed information from other hospitals.'

JCAHO's credentialing and privileging standards do not reference the concept of core privileges, nor do they suggest or promote a particular format for granting privileges, notes Herringer. However, the following activities would be expected to occur during the credentialing and privileging process for any type of format utilized, he says:

*The core privileges must be clearly and correctly defined to reflect the specific activities and procedures performed at the organization that the majority of the applicable group of practitioners can do.

*There should be a method for the applicant to request only certain items in the core privileges if he or she does not want the full set of core procedures.

*If it is determined that the applicant cannot perform certain activities, then the core privileges must be modified for that applicant, who is then appropriately notified of the modification along with other organization staff. For example, if the core surgical privileges include laser procedures but an applicant is not competent in laser surgery, then the laser privileges are deleted from that applicant's core listing and other appropriate staff in the organization are notified of the modification.

*The organization must evaluate each applicant's education, training, and competence to perform each activity listed in the core privileges. 'It cannot be assumed that every applicant can do everything listed,' says Herringer.

How is competency defined?

Defining competency is up to the individual organization, says Herringer. 'They really have to determine what qualifications they want people to have. It could be they want a training program, a certain volume of activity, or board certification,' he says. 'We don't define it. There are certain rural parts of the country where they couldn't get a board-certified person if they wanted to.'

There is a lot of disagreement about what defines competency among organizations. 'If no charts have fallen out and there have been no complications for surgery, for example, does that indicate competency? Or do they have to perform a certain number of procedures competently to validate that they are competent — or both?' asks Downs.

Currently, the organization's process involves looking at whether any charts have fallen out for review and what the doctors' outcomes are, and also the numbers of procedures performed.

For any organization, the first step in the process is to determine what defines competency. 'While JCAHO has done a great job of incorporating the six core competencies that have been established by the Accreditation Council of Graduate Medical Education [ACGME] and the American Board of Medical Specialties [ABMS], it still leaves us out there not knowing exactly how to do what we need to do,' says Giles. 'I think we will have to zero in and look at outcomes.'

Some hospitals have begun to make some of their outcome information public, but this is usually based more on procedures than practitioners, says Giles. 'So I do think that we have the ability to track the information. It's just a matter of figuring out who is going to collect it, how is it going to be maintained, and how is it going to be presented.'

Medical staff in most hospitals are aware that physician report cards are being developed at all levels of the organization, but there is still some reticence on the part of medical staff and hospitals to actually use that information at reappointment or reprivileging, according to Giles.

'I think the biggest challenge is going to be what type of privileging process are we going to use, so that we know the practitioner is competent to perform what they are asking,' she says. The challenge is getting the doctors to buy into whatever system is used for measurement, says Giles.

'But the advantage there is that the ABMS and some of the others are going to be moving forward in trying to define how they are going to measure it,' says Giles. 'Hopefully we can use some of the same mechanisms.'

Research what all the different American boards of specialties are using, recommends Giles. 'They all have different maintenance of certification programs and there may be some things that can be borrowed from that.'

For example, the ACGME has done a lot of work on the six core competencies and what kind of data they are going to collect and use to measure residents, so some of those ideas can be 'borrowed.'

'I think that hospitals have done a good job of going in and stopping someone if they are totally incompetent. But I also think that sometimes the peer review process takes a little too long to get going,' says Giles.

Many organizations currently lack triggers to take action on a continuous basis. 'You could potentially have two years of problems and then start to take action. Waiting every two years is not necessarily appropriate,' says Herringer. 'You will have to clearly define what triggers performance monitoring. There could be a variety of triggers that say 'We need to watch this guy,' such as a number of complaints, sentinel events, or increased infection rates.'

Change mindset of physicians

As of Jan. 1, 2008, the Joint Commission will require a Focused Professional Practice Evaluation. 'This will be challenging for organizations to implement, and that's why it's been delayed,' says Herringer. 'Criteria need to be defined for when they are going to grant a privilege for a new applicant vs. criteria for an applicant with a documented record of performance at the organization.'

Any practitioner who is totally new to the organization will get a period of focused review, and in addition, any practitioner asking for a new privilege also will be under focused review.

Medical staff will always have to be involved in defining the credentialing and privileging process, including implementation of the Focused Professional Practice Evaluation, since the bylaws have to be approved by both the medical staff and the hospital's governing body.

Depending on what type of performance monitoring is done as a result of triggers identified, members of the medical staff might be involved in that as well.

'They might say that a standby physician is needed for every one of these surgeries, or it might involve certain other physicians reviewing the record and documentation,' says Herringer. 'We don't specifically tell organizations how to monitor them. They have to decide that for themselves.'

The goal of the process is to prove that physicians are competent, not the opposite, according to Giles. 'So what we have to do is change the mindset of the medical staff — instead of looking for the negative, that the whole process is looking for the positive,' she says. 'We have to provide proof that they are doing a good job. So they should be helpful in trying to identify what mechanisms we can use to show that.'

[For more information, contact:

Nancy J. Auer, MD, FACEP, Chief Medical Officer, Swedish Health Services, 747 Broadway, Seattle, WA 98122. Telephone: (206) 386-6071. E-mail: Nancy.Auer@swedish.org.

Kathy Downs, CPMSM, CPCS, CPHQ, Director of Medical Staff Services Paradise Valley Hospital, 2400 E. 4th Street, National City, CA 91950. Telephone: (619) 470-4156. Fax: (619) 472-4502. E-mail: DownsKA@ah.org.

Christina W. Giles, CPMSM, MS, President, Medical Staff Solutions, 32 Wood Street, Nashua, NH 03064. Telephone: (603) 886-0444. Fax: (810) 277-0578. E-mail: chriswg@medicalstaffsolutions.net.]

Calling All Swedish Hospital Babies and Parents. - Health & Medicine Week

Were you or your baby born at Swedish? If so, dust off your photo albums and scan and send in your best baby shots - whether your photographs are from 1910, 1939, 1999 or 2009, Swedish wants to see them (see also Swedish Medical Center).

In honor of its 100th year of non-profit service, Swedish wants to recognize some of its patients through a search for photos of babies born at any birthing center now part of Swedish Health Services, including Swedish Hospital (Swedish/First Hill, Swedish/Ballard and Swedish/Cherry Hill), Doctors Hospital, Seattle General Hospital, Ballard General Hospital, Ballard Community Hospital and Providence Seattle Medical Center.

Since opening its doors in 1910, more than 200,000 babies have been born at Swedish - in fact more babies are born at Swedish each year than at any other medical center in Washington state. Last year alone, there were more than 7,400 babies born at Swedish's First Hill and Ballard campuses.

Keywords: General Health, Health, Hospitals, Swedish Medical Center.

'Major' news of the day while you were away; Weekly Review.(News) - The Seattle Times (Seattle, WA)

Byline: Ron Judd; Seattle Times staff columnist

Mr. Wrap is a little miffed.

Stood there at Sea-Tac for several hours Tuesday, wearing a little black chauffeur's cap and holding up a hand-lettered sign reading, 'AMANDA KNOX.'

Thought she might at least come over and say 'Hi.' But nooo.

In spite of that clear snub, we're glad Amanda is back home safe. And to help ease the transition, we're sending her a detailed chronology of major news events she's missed since leaving her hometown in 2007. Major highlights:

* In 2009, the city threw its former mayor, Greg Nickels, out of office after he decided to battle an epic snowstorm by deploying a fleet of plows equipped with blades tipped by cotton swabs. Since then, the office of mayor has, by all indications, been left vacant.

* The Mariners lost another several hundred games.

* Some rich people with a thing for melted 7UP bottles rammed through the City Council a plan for a Dale Chihuly Outlet Mall / Museum of Self-Aggrandizement. It'll be built in the Seattle Center's Eyesore District, not far from Paul Allen's Experience Music Project, popularly known as The Wreck of the Partridge Family Bus.

* Ground was broken for a new Dick's Drive-In up in Lynnwood.

That's pretty much it.

More historical trending:

Easy Mistake: Raise your hand if you saw the headlines about that 'rat-infested, squid-filled pirate ship' and thought it was a story about an Issaquah-class ferry on the Bremerton run.

Urge To Merge: Swedish Health Services and Providence Health & Services are combining forces. We're now one step away from a single colossus, Group Providish.

The Nation's Grammar Instructors Clearly Not Among Them: 'I apologize to those whom are disappointed in this decision.' -- Partial-Term Alaska Gov. Sarah Palin, R-Sylvan Learning Centers, announcing she won't run for president in 2012.

This Just In: The Boeing 787 reportedly is 11 tons overweight. It's already being asked by major airlines to purchase a second seat in its own coach section.

Duct And Cover: State transportation officials are asking residents what they would do if given 30 minutes to themselves on the Alaskan Way Viaduct. Seems obvious: 1) Place explosive charges. 2) Light fuse. 3) Run like hell.

Are You Ready For Some Stupid? Lost in the hubbub over singer Hank Williams Jr.'s comparison of President Obama to Hitler was this question: Why was Fox News soliciting pearls of political wisdom from Williams in the first place? Apparently regular senior political analyst Charlie Daniels was on vacation.

Let's Be Honest: Anything that gets that idiotic song off the air is a public service.

Bulking Up: Shoppers at Costco reportedly were 'unfazed' by reports of rising store membership fees. Sigh. Rookie mistake, people: If you don't want to be nickel and dimed to death, you should at least act fazed in the presence of news people.

And Finally: A pat on the back to managers at the Port of Seattle, which, when the media circus came to town Tuesday, nimbly shepherded the elephants through the Sea-Tac gates. Now if they could just make arrivals somewhere close to that painless for the rest of us. Ron Judd's column appears each Sunday. He also writes Restless Native columns. Reach him at rjudd@seattletimes.com or 206-464-8280.

Prosser, Kadlec hospitals to share patient record database - Yakima Herald-Republic

PROSSER, Wash. -- Doctors in Richland will soon be able toquickly see medical records of patients from Prosser, cutting downon redundant tests, phone calls and delays.

So promised officials from PMH Medical Center and Kadlec RegionalMedical Center at a public announcement Monday of a partnershipbetween the two hospitals.

The arrangement should have happened sooner, said Julie Petersen,CEO of PMH, formerly known as Prosser Memorial Hospital.

'It's what the patient thinks is already happening,' Petersensaid. 'They're puzzled when we're still faxing things back andforth.'

The partnership is a nonbinding agreement that could pave the wayfor more alliances down the road, including sending Kadlecspecialists to practice a day or two a week in Prosser clinics.

It's not a merger or even a precursor to one, officials said.Prosser is a publicly funded hospital, while Kadlec is a privatenonprofit in Richland where many Prosser patients are referred.

The partnership will allow Prosser to purchase from Kadlec theservices of Epic, a Wisconsin firm that makes electronic medicalrecords software.

Federal mandates require most medical providers, such ashospitals, to make 'meaningful use' of digital records by 2014, apractice most Yakima Valley providers have already embraced.

However, those records still must be transferred among doctors,hospitals and clinics by fax, email or a specially connectednetwork.

The arrangement between Kadlec and Prosser would store one recordfor every patient on a central database for every physician in bothplaces to view and update at any time.

Officials had no timetable in mind and have not negotiated a costto the Prosser hospital. However, it would replace the hospital'scurrent system, which costs about $7,200 per month.

Epic only serves medium-size and large providers, includingSwedish Health Services and Providence Health and Services, whichlast week announced plans to join forces to form the largest healthcare system in the state.

Kadlec is one of the smaller hospitals using Epic, said RandWortman, Kadlec president and CEO.

The arrangement will make it easier for Prosser to transferpatients to Kadlec, where doctors will have even more access to thatpatient's information, Wortman said. Even in the age of technology,that doesn't always happen, especially in the emergency room late atnight.

'We'll frequently repeat studies because we don't know what's inthe records here,' Wortman said.

FORM 8-K: STRYKER FILES CURRENT REPORT - US Fed News Service, Including US State News

WASHINGTON, Dec. 13 -- Stryker Corp., Kalamazoo, Mich., files Form 8-K (current report) with Securities and Exchange Commission on Dec. 10.

State or other jurisdiction of incorporation: Michigan

Material Impairment

On December 6, 2010 Stryker Corporation announced that it has entered into a definitive agreement with Olympus Corporation for the sale of its OP-1 product family, which includes OP-1 Implant, OP-1 Putty, Opgenra and Osigraft, for use in orthopaedic bone applications for $60 million. As a result, the Company will incur a one-time non cash charge of approximately $75 to $80 million (net of income tax benefit) in the fourth quarter to reflect the anticipated loss on the sale of the previously described assets, which will reduce diluted net earnings per share by approximately $0.19 to $0.20. A copy of the press release announcing the agreement is attached hereto as Exhibit 99.1.

Departure of Directors or Certain Officers; Election of Directors; Appointment of Certain Officers;

Compensatory Arrangements of Certain Officers

At the Board of Directors Meeting of Stryker Corporation (the 'Company') held on December 8, 2010, Allan C. Golston was elected to the Board of Directors, effective January 1, 2011.

Mr. Golston serves as President, United States Program for the Bill & Melinda Gates Foundation and is a director for Malt-O-Meal, a privately held breakfast cereal corporation. Mr. Golston had previously been Chief Financial and Administrative Officer for the Bill & Melinda Gates Foundation from 2000 to 2006 and Director, Finance for Swedish Health Services from 1997 to 2000. Mr. Golston holds a master's degree in business from Seattle University and is a Certified Public Accountant.

Mr. Golston will be entitled to the fixed annual fee ($60,000 plus an additional $55,000 if he serves on one or more Committees) that the Company will pay to non-employee directors commencing on January 1, 2011 and will receive the same annual equity award that is granted to all non-employee directors in February 2011. In connection with his appointment to the Company's Board of Directors, the Company will enter into the form of indemnification agreement for directors, a copy of which is filed as Exhibit 10(xiv) to the Company's Annual Report on Form 10-K for the fiscal year ended December 31, 2008, with Mr. Golston.

Financial Statements and Exhibits

(d) Exhibits

99.1 - Press release dated December 6, 2010

Swedish Uses Colon Cancer Live Stream to Fight Disease. - Cancer Weekly

Colorectal cancer doesn't broadcast its presence until it's too late. Swedish Health Services hopes to change that by getting the word out about safe and effective prevention options (see also Colon Cancer).

On Wednesday, March 28, 2012 from 9 a.m. to 12 p.m. (PDT), Swedish physicians and staff will host its first-ever online chat and video stream of a colonoscopy procedure. The stream will be made available online at www.swedish.org/colonlive.

In the United States today, colorectal cancer is the second leading cause of cancer-related deaths for both men and women. It is estimated that 51,000 people will die of the disease this year and 143,000 new cases will be diagnosed.

The American Cancer Society recommends that, upon turning age 50, everyone should get a colonoscopy to prevent colon and rectal cancers. The test is designed to find both early cancer and polyps (growths in your large intestine).

'Right now, only about 60 percent of patients get screened, even though the effectiveness in reducing deaths has been proven,' said Dr. Raman Menon, a colon and rectal surgeon at Swedish. 'Regular testing is a powerful weapon for preventing the onset of the disease. Removing polyps in the colon keeps the cancer from ever evolving into anything dangerous. The disease is easily treatable if found at an early stage.'

'Education is our best, most cost-effective weapon against colorectal cancer,' said Dr. Nicholas Procaccini, a gastroenterologist at Swedish. 'Screening helps people stay well and it saves lives.'

In nine of 10 patients who found their cancers early, their chance for survival in five years is high. Very often these people live a normal life span. If people neglect screening, the cancer can grow and spread without being noticed.

A colonoscopy takes about 30 minutes and is not painful. It is an internal examination of the colon, or large intestine, and rectum. It is done using an instrument called a colonoscope, which has a very small camera attached to a flexible tube that the examiner uses to scope the area. The procedure reviews the entire length of a colon.

As part of Colon Cancer Awareness Month, Drs. Menon and Procaccini will host an online chat and live stream featuring two colonoscopy procedures, one of a male and the other of a female patient. The live stream will be focused around the importance of undergoing routine colonoscopies after age 50 with a focus on advances in colonoscopy procedures.

During the live stream the public will have the chance to communicate with the physicians who performed the procedures and ask questions. The physicians will respond live on camera throughout the program. The dialogue will be focused around the importance of early detection in preventing and treating colon and rectal health issues. Anyone interested may also join the conversation via Twitter by using the hashtag #ColonLive.

Swedish is committed to identifying new ways of communicating to the community to better inform the public and provide important information about relevant health issues. Recently, Dr. Rod Kratz, a colon and rectal surgeon at Swedish, shared his experiences preparing for his first colonoscopy on YouTube. Dr. Kratz underwent his first at age 40 due to potential family history of colon and rectal health issues. His video can be found online here: http://www.youtube.com/watch?v=BVocXp-CYHU.

For more information, or to schedule your own colonoscopy, visit: http://www.swedish.org/colorectal or call 206-386-6600.

Keywords: Oncology.

CITY OF SEATTLE AND SOUND TRANSIT BREAK GROUND ON THE FIRST HILL STREETCAR. - States News Service

SEATTLE, WA -- The following information was released by the city of Seattle:

Today the City of Seattle and Sound Transit, joined by community members from across the city, broke ground on Seattle's newest streetcar line - the First Hill Streetcar. To be constructed by the City with funding provided by Sound Transit, the streetcar line will allow riders to easily travel between neighborhoods on Capitol Hill, First Hill, Yesler Terrace, the Central Area, the Chinatown/International District and Pioneer Square, and better access Link Light rail service. The First Hill Streetcar will be operational by the spring of 2014, connecting thousands of riders daily with the places they live, work and socialize.

'Today's groundbreaking is an important step in the recent momentum to expand rail in our city,' said Mayor Mike McGinn. 'Our updated Transit Master Plan shows that we need to do better to connect Seattle's neighborhoods with high quality transit. And we are doing just that with projects like the First Hill Streetcar and planning to connect our streetcars through Downtown. I thank Sound Transit and City staff for all of their work, and the public for their vision when they voted to approve the Sound Transit 2 measure that makes these projects possible.'

Mayor McGinn, who serves on the Sound Transit Board, was joined by fellow Board members, members of the Seattle City Council and local community leaders in kicking off the construction. The groundbreaking took place at the site of a future streetcar station that will serve Seattle University, Swedish Medical Center, Virginia Mason Medical Center and the growing First Hill residential neighborhood. The stop will be one of 10 stations along a 2.5-mile route that will serve employment centers, educational institutions, entertainment and sports venues, and residential neighborhoods while enhancing access to regional rail service like Link Light rail and Sounder trains.

'The First Hill streetcar will be an important part of our regional transit system, connecting people who live and work throughout King County with outstanding institutions of healthcare and higher education,' said Sound Transit Board member and King County Executive Dow Constantine. 'This line will also provide the foundation for future growth at Yesler Terrace and south Broadway.'

The First Hill Streetcar will connect the current Link Light rail station in the Chinatown/International District with the future rail station on Capitol Hill. The line is being built by the Seattle Department of Transportation (SDOT) in partnership with Sound Transit. Sound Transit had initially planned an underground light rail stop on First Hill but abandoned the idea because of costs and risks associated with a deep station.

'From the moment we concluded building a deep-mined light rail station on First Hill was too risky, I strongly advocated for this streetcar line as a way to provide vital access to and from a regional light rail system that will stretch more than 50 miles by 2023,' said Sound Transit Board member and King County Council member Larry Phillips. 'We made the First Hill Streetcar a top priority in shaping the Sound Transit 2 Plan, and today I couldn't be more thrilled that we are about to watch our dream become a reality.'

The line will be constructed by Stacy and Witbeck, the firm that previously built the City's South Lake Union line, and is estimated to cost $132.8 million.

'Many residents and business owners along the streetcar line, from Pioneer Square to Broadway, have told me that they are eager for operations to begin,' stated Seattle City Councilmember Tom Rasmussen. 'The streetcar is intended to improve transportation and to attract people to visit and shop in our neighborhood business districts.'

Once operational, approximately 3,000 riders each day are expected to use the First Hill line. It will provide service from 5 a.m. to 1 a.m. Monday through Saturday and 7 a.m. to 7 p.m. on Sundays/holidays, running with 10-minute headways during peak/daytime hours. A trip from Pioneer Square to the future Link Light rail station on Capitol Hill is anticipated to take just under 20 minutes.

'For 101 years now, Swedish has recognized the importance of accessible transportation options for our employees, patients and their health,' said Dan Dixon, Vice President of External Affairs, Swedish Health Services. 'The First Hill Streetcar is a brilliant continuance of creative transportation for our city. Elegant, quiet, environmentally friendly - we believe that all of us on First Hill will benefit for a generation from this mass-transit addition to our neighborhood.'

The line's six streetcar vehicles will be made through a partnership between Inekon, a Czech Republic firm, and Pacifica, a Seattle-based manufacturing firm. With Pacifica assembling the vehicles locally, this partnership will provide approximately 20 living-wage manufacturing jobs in Seattle for this project. It also creates the opportunity for streetcar assembly in Seattle for other agencies nationwide, which could provide additional local jobs.

Northwest Kidney Centers launches capital campaign for $5 million comprehensive kidney resource center. - Defense & Aerospace Week

Northwest Kidney Centers has launched a campaign to raise $1.5 million of the $5 million needed to turn its 700 Broadway building into a comprehensive kidney resource center. The center supports the three key areas of the nonprofit's mission - patient care, education and research.

Northwest Kidney Centers, which is celebrating its 50th anniversary as the first dialysis organization in the world - has already raised $1.25 million thanks to early gifts.

A lead gift of $450,000 was made from the estate of John and Susie Morganti, long-time supporters of the organization. PACCAR Inc, a supporter of Northwest Kidney Centers for 46 years, donated $100,000.

'This new comprehensive kidney resource center - unique in the United States - will house an array of patient-focused services,' said Joyce F. Jackson, chief executive and president of Northwest Kidney Centers. 'In addition to an updated community dialysis clinic, the center will house our expanded kidney-specialty pharmacy and a clinical research center for kidney research.'

The building also will include three new conference rooms, an education and training center for new dialysis patients, and a demonstration kitchen to expand teaching and learning opportunities for patients, families, physicians and the community.

The first floor will include a Heritage Gallery showcasing important artifacts that illustrate Northwest Kidney Centers' standing as the first out-of-hospital dialysis provider in the world.

'We want this to be a valuable resource for all of our patients and their families - a place where they can learn about ways to improve their health and manage their disease,' Jackson said.

The new facility benefits people who face the epidemic of chronic kidney disease, which affects one in seven American adults.

The capital campaign is co-chaired by Steve Huebner, partner with KPMG, LLP, and Clint Randolph, retired Boeing senior manager. Campaign cabinet members are Connie Anderson, RN, vice president of clinical operations at Northwest Kidney Centers; Gary Bylund, executive vice president of Kibble & Prentice, Inc.; Deborah Crabbe, attorney with Foster Pepper, PLLC; Dr. Cyrus Cryst, nephrologist/nephrology section head of Virginia Mason Medical Center; Dr. Lisa Florence, director of the Kidney Transplant Program, Swedish Health Services; Gary Houlahan, president of Mutual Materials Co.; Joyce F. Jackson, CEO and president of Northwest Kidney Centers; Dr. Michael Kelly, clinical professor of medicine, Division of Nephrology, Harborview Medical Center; Steve Meyers, senior vice president with RBC Wealth Management; and David Wilde, chief financial officer of TTF Aerospace, LLC.

Anyone wishing more information about donating should contact Northwest Kidney Centers Gift Planning Officer Larry Richards at 206-720-8550 or larry.richards@nwkidney.org.

About Northwest Kidney Centers: In 2012, Northwest Kidney Centers is celebrating 50 years since its founding as the first dialysis organization in the world. The nonprofit provides the majority of dialysis care in King and Clallam counties, educates the public about kidney health, and collaborates with UW Medicine in the Kidney Research Institute. Northwest Kidney Centers' staff of 565 delivers more than 226,000 treatments per year in 14 dialysis centers and almost all of the area's hospitals, as well as supervising more than 200 people who give themselves dialysis at home. Learn more at www.nwkidney.org.

SOURCE Northwest Kidney Centers

Keywords: Investing and Investments.

Providence Health Care and Group Health Cooperative form Physician Organization. - Health & Beauty Close-Up

Providence Health Care and Group Health Cooperative have signed an agreement to form a new jointly owned company that will create a physician organization.

According to a release, this is not a merger or an acquisition. The two entities will form a new limited liability corporation.

'First and foremost, this comprehensive physician organization allows us to better care for our patients,' said Mike Wilson, chief executive of Providence Health Care in Eastern Washington. 'By improving coordination and communication among care givers who utilize the best evidence-based medicine, we will be able to improve quality. At the same time, we will help patients access the right kind of care at the most appropriate time and in the most appropriate setting. The result will be better health outcomes for patients, less duplication, and an overall reduction in cost.'

The new organization will be made up of health care providers from Group Health Physicians, Providence Medical Group and Columbia Medical Associates.

At the center of the integrated physician group are 132 primary care physicians who will serve as the medical home for patients throughout the region.

These physicians will coordinate patient care with care centers and hospitals, including Providence Sacred Heart Medical Center and Children's Hospital and Holy Family Hospital.

The provider organization will initially serve Providence employees and Group Health patients who seek care from providers working at Providence Medical Group, Group Health or Columbia Medical Associates clinics beginning in January 2013.

'Group Health and Providence are equally committed to finding local solutions to fix our broken health system by creating a patient-centered, clinically integrated delivery organization to care more effectively for residents of our community and the surrounding region,' said Kelly Stanford, vice president of market development for Group Health Cooperative. 'By drawing on the strengths and capabilities of both organizations and through new models of payment to providers, our integrated physician organization will achieve three goals enhance patient health, improve the patient care experience, and decrease the overall cost of care,' continues Stanford.

Providence Health Care is a member of Providence Health and Services, a Catholic health care ministry.

The health system is affiliated with Swedish Health Services.

Group Health provides health coverage.

THREE HEALTH INSURERS TO MERGE.(News) - Seattle Post-Intelligencer

First Choice Health Plan of Seattle, which began serving its first members in January, said it is merging into a new company with Health First Partners and Health Washington.

First Choice has about 3,500 insured patients, and Health First Partners has about 4,500. Health Washington is a provider network owned by Swedish Health Services, Multicare Health System, Evergreen Community Healthcare and Stevens Healthcare. Health First Partners is owned by Swedish and Multicare.

``The idea of this consolidation is to reduce overhead and to attain a critical mass in a single company,'' said Gary Gannaway, CEO of First Choice. Gannaway will be CEO of the new company, which probably will be called First Choice.

The Seattle Times Business Newsletter Column. - Knight Ridder/Tribune Business News

By Stephen H. Dunphy, The Seattle Times Knight Ridder/Tribune Business News

Apr. 16--Consumer prices in three big areas of spending are increasing in the Seattle-Tacoma-Bremerton area, according to a monthly report from the Bureau of Labor Statistics. Grocery prices, gasoline and home costs were up in March.

The food-at-home index advanced 0.4 percent in March. Grocery prices were 2.2 percent higher than in March 2003.

Dominated by increasing gasoline prices, the index for energy advanced 3.9 percent in March, and rose 0.4 percent over the year. Gasoline prices were up 6.6 percent in March, but Seattle-area gasoline prices were still 3.7 percent lower than one year ago. The shelter index rose 0.3 percent over the month, and was 0.6 percent above last year's level.

The BLS tracks food, energy and housing each month and does a full consumer-price-index report every other month.

Boat sales in Washington State soared during the first quarter of 2004, according to the Northwest Marine Trade Association, with new-boat sales up 17 percent in units and 25 percent in dollars over the same period in 2003.

King County continued as the top spot for boating sales in Washington, accounting for more than 18 percent of the state's sales during the quarter. Total boats sold (new and used) were up 6percent from the first quarter in 2003.

Boats are selling so well, the association canceled a parking-lot sale scheduled for Factoria Mall during the opening weekend of boating season in early May.

The association began collecting the sales data in July 2002 with the University of Washington Sea Grant program, which uses boat registrations from the Department of Licensing to compile the information.

Hotel-operating results are improving, although this is the slow season for most properties. In January and February, as many as half the hotel rooms in the region were empty on any given night.

Wolfgang Rood Hospitality Consulting found that most areas in the Puget Sound region were up in February compared with February 2003 although the SeaTac area was the exception, reporting lower occupancy.

Downtown Seattle occupancy was up 10.6 percent while Bellevue occupancy increased 2 percent compared with last year. The average daily room rate is showing some signs of improvement, up 2 percent statewide and gaining 3.6 percent in Seattle and 0.5 percent in Bellevue.

The hotel industry has had it tough in the past few years with stagnant occupancy rates and falling average room rentals. The Rood survey is a good one, covering 135 properties in the state representing more than 20,500 rooms.

QUICK HITS: John Rogers, senior vice president and managing director of institutional research for D.A. Davidson, was named one of 10 'Homerun Hitters' by Institutional Investor magazine. Rogers was chosen for his coverage of Portland-based Schnitzer Steel Industries ... China Southern has made it official -- it signed an agreement with Airbus to acquire 15 A320-200 and six A319-100 aircraft from Airbus... Swedish Medical Center's 1101 Madison Tower has won a regional Office Building of the Year award from the Building Owners and Managers Association. Madison Tower was the winner in the medical-office building category for the Pacific Northwest Region. The Seattle property is owned by Swedish Health Services and is managed by Trammell Crow Company.

--Stephen H. Dunphy's columns appear Tuesdays-Fridays and Sundays. Phone: 206-464-2365. Fax: 206-382-8879. E-mail: sdunphy@seattletimes.com.

To see more of The Seattle Times, or to subscribe to the newspaper, go to http://www.seattletimes.com.

(c) 2004, The Seattle Times. Distributed by Knight Ridder/Tribune Business News.

Can Chief Security Officers Protect Data from Prying Eyes?(Brief Article) - Health Data Management

New rules, new laws and new technologies are a few of the reasons why more health/care organizations are likely to hire CSOs.

If a health care organization has a CIO who has a vast knowledge of security issues along with eight arms and the ability to be in 17 different places at once, that organization might not need a chief security officer. That's the conclusion of many in the data security field and a steadily growing number of health care CIOs and CEOs.

Health care needs more CSOs because the job of the CIO has gotten so broad that CIOs no longer can give adequate attention to data security issues, says Diana J.P. McKenzie, partner-in-charge of the health care technology practice at Gordon & Glickson, a law firm in Chicago.

'Being a CIO today is not what it used to be,' McKenzie says. 'There are so many more systems they are managing and so many more processes and people they are directing compared to just two or three years ago. When you get to a certain threshold, you need to create a new division. And CIOs have reached that point with security.'

Health care CIOs are implementing computer-based patient records systems, enterprisewide intranets, electronic data interchange systems, telemedicine programs, data repositories, decision support systems, financial information systems, and much more. Data security is an integral part of every one of those endeavors.

CIOs also have to contend with upcoming health care data security rules from the Department of Health and Human Services. Comprehensive proposed rules were released in August (see September 1998 issue, page 12). Add to that the massive undertaking required to fix the year 2000 problem--the inability of many systems to distinguish '00' in the date field as denoting 2000 and not 1900)--and some CIOs could be overwhelmed with their responsibilities.

All of this adds up to a tremendous opportunity in health care for data security professionals, as more provider and payer organizations consider adding a CSO to their ranks because of these varied pressures.

The time is now

Now more than ever, many experts contend, health care organizations need one person dedicated to the job of protecting health care information as it is created, stored, manipulated and transmitted by hundreds of people every day.

A CSO provides professional advice to the CEO, the board of directors and others on existing and potential security issues, says Martin Nowak, executive director and CEO of the University of Alabama Health System in Birmingham. Nowak created an information security officer position at the hospital in 1993.

'The CSO conducts ongoing policy development in the best interests of the organization, individuals using information systems, and those people, particularly patients, who may be affected by systems,' Nowak says. 'The CSO performs many critical tasks, like serving as a link to the human resources division during the employment and discharge of employees and guiding the institution through Internet access issues and intranet development and usage.'

The CSO ultimately protects data security and ensures data integrity and availability for the organization, he adds.

But some healthcare provider and payer organizations don't see the value of funding the office of a CSO when money is needed for other programs.

'A problem now is that many health care organizations are financially very short, with new regulations being imposed on them and all the pressures from managed care,' McKenzie says. 'Organizations are in some ways justified in trying to hold back on creating this new office.'

But each bad security breach in health care will lead to a swell of interest in hiring CSOs, McKenzie predicts. 'When a security breach happens, executives will bring a CSO on board,' she says.

CSOs have a variety of job responsibilities designed to help health care organizations avoid such damaging security breaches. But the scope of a CSO's job varies from organization to organization.

The CSO position is evolving; it's not like the CIO position, which has certain very specific tasks and functions, McKenzie says.

'The evolution of the CSO in health care is only at its genesis,' she says. 'Their ultimate responsibility is for the security of patient data. But as the position continues to evolve, it will become much greater than that. It will include the confidentiality and security of the employees of the institution. It will extend to having a total understanding of all federal and state legislation, and much more. The CSO has to be aware of many issues, as they ultimately are responsible for creating an institution's security policy.'

The responsibilities of today's health care CSO fall into two main categories: strategic and tactical, says Gary Gray, information security coordinator at Swedish Health Services, an integrated delivery system in Seattle. Gray has been in health care information security for 10 years.

Swedish previously had a security position that was smaller in scope. When Gray took over the position a year ago, management broadened the security chief's responsibilities and altered the reporting structure so Gray would report directly to the vice president of information services.

'In the strategic area, a CSO must align information security with corporate goals, communicate security concerns to management to influence management decisions, and inform and educate the entire executive team so they can make informed decisions,' Gray says.

'In the tactical area, a CSO must lead a security committee, develop and monitor information protection and awareness programs, present an annual report to senior management on the state of the security program and the future vision for information security, coordinate development of security protections, ensure that access control and audit measures are maintained, and more.'

The umbrella mission of a health care CSO is to take care of an organization's information, says Micki Krause, director of information security at PacifiCare Health Systems Inc., a Santa Ana, Calif.-based managed care company with more than four million members in 14 states. Krause took on the job of CSO at PacifiCare in 1995. Although there was a security manager before her, the organization initiated a comprehensive information security program in 1995 that increased the position's responsibilities.

Individual components of the CSO's job, according to Krause, are: establishing policies, procedures and standards; managing systems users' identifications and passwords; ensuring that the proper level of security and control is inherent in all computer systems, applications, networks and external connections to business partners; making sure the organization complies with legal, regulatory and audit requirements; and conducting security education and awareness programs.

Compelling reasons

The need to create and maintain security policies, technological controls and educational programs is becoming more acute, industry observers say. Security professionals and health care CSOs cite a variety of reasons why more provider and payer organizations should hire CSOs.

Information systems security risks are increasing dramatically, and security problems are complex enough that a specialist is required, says Peter Tippett, M.D., president of the International Computer Security Association, Carlisle, Pa.

'Health care understands the need for specialists more than any other industry. After all, if you have a brain tumor, you don't want a heart surgeon operating on you,' Tippett says. 'The major driver for CSOs in all businesses is the fact that complexity and connectivity are increasing so rapidly that, consequently, risk is rapidly increasing.

'The virus risk, for example, is up to several billion dollars a year for North American companies. The cost of viruses per North American company is nearing $1 million. Helping lower that risk and its costs alone would cost-justify the hiring of a CSO.'

The University of Alabama Health System created a CSO position in 1993 on the recommendation of a committee it created to assess security needs, says William M. Miaoulis, information security officer at the hospital since 1993.

'The information security committee, headed by the hospital's assistant chief of staff, concluded that as more data was becoming electronic, security was an increasing priority and the organization needed to properly ensure the protection of patients' rights, patients' privacy and data security,' Miaoulis says.

At CareGroup Inc., an integrated delivery system based in Boston, audits of information systems and manual processes helped management conclude in 1997 that they needed to hire a CSO to spearhead development of heightened security measures. The delivery system created a formal security department, with five staff members working under the CSO.

Often a newfound awareness of potential liability for security breaches drives health care organizations to hire a CSO, says Kate Borten, chief information security officer at CareGroup. She took the newly created post in 1997.

'It usually is an internal or external audit that gets the ball rolling. Audit departments are getting more and more savvy at pointing out security vulnerabilities' Borten says. 'And once a security problem is identified in an audit report, an organization is put on the spot.'

Required resources

When health care organizations decide to hire a CSO, they will have to earmark appropriate funds for a qualified individual. Because the position of CSO is relatively new to health care, there aren't many benchmarks for CEOs or CIOs to follow when putting together a salary package.

The average salary for a CSO in health care is about $75,000, Miaoulis estimates. 'The biggest problem, though, is finding job candidates with health care-specific information security experience,' he adds. 'So you might have to consider people who are not ideal candidates for health care, but nonetheless have excellent security experience. These people are likely to come out of industries such as insurance, banking and energy, where security has had a higher profile.'

Miaoulis has 16 years of experience as an information security professional in various industries. Previously, he worked for six years as information systems auditor with Sonat Inc., a holding company with subsidiaries that include a natural gas pipeline company, an exploration company, an offshore drilling operation and an oil-field services company.

CSOs should make about $80,000 per year, says Hal Tipton, principal of HFT Associates, a Villa Park, Calif.-based health care information security consulting firm. 'But they also will need a staff, the size of which depends on the size of the organization, how much data processing is involved, and the type of computers and networks involved,' Tipton says.

'A CSO will need individuals under him with knowledge of security issues and general issues surrounding mainframe computing, client/server computing, networking, PCs, security awareness and training, contingency and business recovery planning, and more. The number of people he can have to specialize in such matters depends on the size of the organization.'

At minimum, health care organizations need one person dedicated to information security, says Gray of Swedish Health Services. And this specialist should have a broad range of information security expertise.

'Information security is much more than just managing users' IDs and passwords. As a result, the salary range for a CSO runs from $55,000 to $90,000,' Gray says. Yet a health care executive search firm recently informed Gray of a CSO position in a large hospital in the southwest. The firm said the CSO position's salary could go as high as $125,000.

'Whatever the salary,' Gray says, 'between the incredible complexity of technology and the increased use of Internet technologies, organizations would be wise to spend their money on a person with a Certified Information Systems Security Professional credential.'

Certification

The CISSP credential is a popular emblem of expertise among security professionals in health care and other industries. The Shrewsbury, Mass.-based International Information Systems Security Certification Consortium manages the CISSP certification process, in which many health care CSOs place great faith.

An increasing number of health care organizations are represented in the seminars given for people taking the CISSP tests, says Tipton, the consultant, who holds the CISSP credential and assists in the association's certification process.

All CSOs should hold a CISSP, says PacifiCare Health Systems' Krause, who has the credential. 'It is the only credential for information security professionals,' Krause explains. 'It is important that there be a requirement that a CSO in any industry have a basic understanding of the entire body of common security knowledge. Otherwise they can't be effective in their role.'

Unfortunately, too many health care organizations are hiring CSOs who have very little background in security, Gray contends.

'As the complexity of security systems grows, you need someone who understands a broader range of issues--from ethics to legislation to risk management to law enforcement to technology,' he says. 'And the benefit of having someone who is a CISSP is that they have gone through a program and have been tested in areas of expertise. That adds a lot of value to a CSO and the organization for which he or she winds up working.'

Borten, the CSO at CareGroup, does not hold the CISSP certification. However, she and her staff of five are considering pursuing the credentials. 'It takes time and it takes money,' Borten says. 'But I do feel the value of the CISSP credential will really rise tremendously as people realize more and more that information security is truly a niche and there is very specialized expertise involved.'

Reporting structure

When a provider or payer harnesses the specialized expertise of a CSO, the organization must determine where best to place the new executive on the organizational chart.

When CIOs first made waves in health care, they primarily reported to the CFO. That was because most information systems in health care at the time focused on financial matters. Today, as CIOs' responsibilities have expanded, many now report to the COO or CEO.

A similar pattern could be building for CSOs in health care. A relatively new office, many CSOs report to CIOs. This is because many health care executives link security concerns to the increasing presence of information systems. But some health care CSOs report directly to the CEO. And as time goes on, perhaps more CSOs may attain equal status with CIOs and CFOs.

CSOs should report to either the CEO or the CIO, says Miaoulis of the University of Alabama Health System, who reports directly to his CEO.

'CSOs need a working relationship with both officers' he says. 'You need high visibility. And either one of those officers is at a high enough level for the CSO to get the support, weight and credibility needed to do the job.'

The advantage of having the CSO report to the CEO is that it portrays to all employees that the CSO is not just handling information systems tasks, but also managing administrative support for all health care information security, Miaoulis adds.

At CareGroup, Borten has a unique reporting relationship designed to meet her specific needs.

'For significant security issues that come up, I do go to the CIO. For practical purposes, though, since he has so much on his plate, I am not reporting directly to him for most other matters but to one of his direct reports,' she explains. 'But my staff is well-regarded as a specialty group, and when an issue comes up of real significance or potential political or financial impact, I report directly to the CIO.'

A CSO should at a minimum report to the CIO because any security decisions that need to be made will have an effect on the entire organization, says Krause of PacifiCare. 'A CSO needs to report to someone at a level that offers the kind of leverage needed to make security efforts really happen,' she says.

Having the right supervisor can be key to the success or failure of a CSO. So, too, is the information security policy that a CSO must craft. Writing, maintaining and enforcing a thorough security policy is at the heart of a CSO's job (see story, page 56).

One person should not be creating a provider's or payer's information security policy, Miaoulis says.

'It is the job of a CSO to lead the policy-writing process,' he says. 'You first must form a committee and make sure the CSO is in charge. You then gain the support of management for the effort, research all the security issues, draft policies, and, finally, follow your organization's review and approval processes.

'Once you get your policy formalized and approved, you have to educate all users about the policies,' Miaoulis says. 'And you must enforce them. Policies without education and enforcement don't have a lot of value. The value of security policies is `before the fact,' as an educational tool.'

Krause crafted PacifiCare's information security policy based on generally accepted system security principles and best practices. After researching the issues, she built a fundamental outline of the policy and then began filling it in.

'I built the security policy myself, and then I went around and secured buy-in from top business management and the individual department chiefs, namely human resources, legal, internal audit and information systems,' Krause explains.

Some CSOs, including Gray of Swedish Health Services, find a detailed information security policy already in place when they take the job. This doesn't mean, however, that their responsibilities regarding policy writing are completed.

'While there was a policy in place when I arrived, what I had to start doing was bringing that policy up to date and adding to it,' Gray says. 'I would advise CSOs--all of them, not just those with policies already in place--to look at other organizations' policies in the community. Most organizations will share information with you, and I am a big proponent of not reinventing the wheel. Much of the work done by other people in other hospitals can be used to help you create your policy.'

HIPAA mandates

Security policies have become all the more important with the advent of the Health Insurance Portability and Accountability Act of 1996. As mandated by HIPAA, the federal government proposed far-reaching health data security rules in August. They apply to all health care data, whether it's transmitted over any network or never leaves a desktop computer. They apply to all health care provider organizations--from the largest hospital to the smallest clinic. They apply to all health care payer organizations, including HMOs, PPOs, commercial insurers, third-party administrators and self-insured companies.

The security rules do not require health care organizations to use computers to store or transmit data. For information that is stored on computers, the proposed rules require organizations to implement specific administrative, physical safeguard and technical procedures to ensure the security and confidentiality of the data. In most cases, the security standards will supersede contrary provisions of state law governing electronic health information. The rules also require the use of encryption software when transmitting health information over the Internet or other 'open' networks, such as dial-in lines.

The new security requirements will go into effect 26 months after final rules are published. The U.S. Department of Health and Human Services expects to publish final rules late this year or in early 1999. In its proposal, the department warns the health care industry to take the security standards seriously. 'Several accreditation organizations, such as the Electronic Healthcare Network Accreditation Commission, the Joint Commission on Accreditation of Healthcare Organizations and the National Committee for Quality Assurance, indicate that one of their accreditation requirements will be compliance with the HIPAA security and electronic signature (if applicable) standards,' the rules say.

The proposed security regulations are separate from another HIPAA mandate for a national medical information confidentiality policy by February 2000. The security regulations govern the protection of confidentiality by ensuring the security of electronic health information. The confidentiality policy will govern the disclosure of identifiable health information.

Confidentiality law

In late July, the U.S. House passed a 'patients' rights' bill that included a national medical confidentiality policy. But privacy advocates say the confidentiality provisions in the bill, H.R. 4250, are not as tough as those in previously introduced privacy bills and thus don't provide the level of protection originally envisioned for such legislation. HIPAA requires Congress to pass a confidentiality bill by August 1999. If it doesn't, HHS will set such a policy by issuing regulations.

The HIPAA security and confidentiality rules will be important to the future of health data security and CSOs, says Miaoulis of the University of Alabama Health System.

'One of the proposed security rules says that health care organizations must assign responsibility for security to a specific individual or organization,' Miaoulis explains. 'While it doesn't use the term `CSO,' it is an important recommendation that could drive the creation of more CSOs in health care.'

Health care organizations that don't ensure they comply with HIPAA rules and regulations could be in deep trouble, says Tipton, the consultant. 'If a security breach occurs at a hospital and a victim shows that the health care industry has these rules and guidelines and the provider was not following them, that could be the basis for a lawsuit against that provider,' Tipton says.

The almighty dollar

But while more providers and payers are considering adding CSOs to their company rosters, some health care organizations that already have CSOs are eliminating the position.

'My position was eliminated only because the budget does not allow for it,' says Bob Schmidt, former information security director at an integrated delivery system in St. Paul, Minn. The CSO position, created in January 1997, was eliminated in August. 'A CSO is not a money-making position--it is an overhead position.'

The delivery system created the CSO position because it perceived a heightened need to protect patient confidentiality in a climate of ever-changing federal and state laws, JCAHO requirements, and increased data automation, Schmidt says.

'But it's difficult to realize the benefits of the CSO position in the first two to four years,' Schmidt says. 'For example, a hospital normally has `X' number of lawsuits every year. After hiring a CSO, that number might not begin to decrease for a little while, until after new security policies and technologies are in place and have time to prove themselves.'

Top management must show strong support for the CSO and recognize that it might take a few years to demonstrate the value a CSO brings to a health care organization, he adds.

But more often than not, health care executives are beginning to realize the need to have one person in charge of a health care enterprise's information security.

Health care definitely needs more CSOs, says Krause of PacifiCare. 'The information security field is specific enough and broad enough in the things it requires people to understand--technology, human nature, business, and more--that there has to be an individual who is specifically given that responsibility,' Krause says. 'It really is a very full-time responsibility.'

Resources on the Internet

Computer Security Institute

www.gocsi.com/

Gateway to Information Security

www.securityserver.com/

HIPAA Proposed Security Rules

http.//aspe.os.dhhs.gov/admnsimp/index.htm

Information Systems Security Association Inc.

www.issa-intl.org/

International Computer Security Association

www.ncsa.com/

International Information System Security Certification Consortium

www.isc2.org

RELATED ARTICLE: Security policies must be thorough

The cornerstone of the health care chief security officer's job is to carefully craft a meticulous information security policy. For providers and payers alike, information security policies must delineate in great detail how an organization creates, stores and transfers information, whether it is on paper or electronic.

The most important aspect of a security policy is its scope, says Diana J.P. McKenzie, partner-in-charge of the health care technology practice at Gordon & Glickson, a Chicago-based law firm.

'Most of the policies I review simply do not have enough elements in them,' McKenzie says. 'They might cover how staff should give records to patients, but they don't cover all the ways that medical data is transported or communicated within the institution. Or the policies might cover how e-mail is to be used and how it should be safeguarded, but they don't include rules for voice transmission of medical data.'

In general, health care organizations' security policies are not broad enough to encompass the many ways medical data is shared in today's increasingly electronic environment, she adds.

Once a policy has appropriate scope, it must be clearly communicated to all employees, and it must be properly enforced. Health care organizations can get into deep legal waters if all employees are not given ample opportunities to read and understand information security policies, McKenzie says.

'If a policy only appears in the employee manual people receive when they're hired and nothing further is communicated to staff, and if the policy never is updated, it will be all the more difficult for a hospital or clinic to prove it's not liable when a security breach occurs,' McKenzie says. 'If an organization has a good policy in place and everyone knows about it through printed materials and training sessions--and the policy is updated regularly--a health care organization is much better served.'

Accountability

When communicating policies to information systems users and others, CSOs must make it clear that users, through official security policies, will be held accountable for how they handle health care data, says Micki Krause, director of information security at PacifiCare Health Systems Inc., a Santa Ana, Calif.-based managed care company.

'Every user has to understand their role in security,' Krause says. 'Education and awareness programs are key to getting this point across.'

To back that up, CSOs must vigorously enforce security policies, she adds. 'There has to be a very strong level of enforcement, a statement that says something along the lines of, `Failure to comply with the policy will result in' specific penalties, up to and including termination,' Krause says.

But for many in the health data security field, the most important aspect of crafting a security policy is guaranteeing that an organization's management is fully behind the goals and rules of a policy.

Obtaining top management's support is a CSO's No. 1 task, Krause says. 'And that doesn't just mean the CEO's support,' she explains. 'The CSO must gain the backing of management from the CEO all the way down to the line managers who will make sure employees adhere to security policy.'

Top management must sign off on an umbrella security policy that says that the information the organization holds is important and crucial and that its confidentiality and integrity must be maintained, says Hal Tipton, principal of HFT Associates, a Villa Park, Calif.-based health care information security consulting firm.

Other significant points a security policy should cover, Tipton says, include:

* Defining who has access to what data.

* Outlining how remote access to information systems, if offered, will be managed.

* Listing what users can and cannot do with an organization's computing resources.

* Pinpointing measures to be taken to fight computer viruses.

* Saying exactly how the privacy of e-mail will be protected.

RELATED ARTICLE: Issues abound for health care CSOs

Ensuring administrative staff can't use a new enterprisewide network to access confidential patient data. Outfitting e-mail programs with the best encryption systems to safeguard sensitive messages transmitted across the Internet. Guaranteeing that storage rooms for paper files are securely locked. Enforcing a policy that requires all employees to change computer passwords on a regular basis.

Health care chief security officers have a seemingly endless supply of issues to tackle. And though some issues might seem to pale in comparison with others, a CSO will be the first to remind people that even the smallest security breach, left unaddressed, can result in serious damage to patients' lives.

Following is a sampling of opinions from health care CSOs and information security consultants on the most pressing data security problems.

William M. Miaoulis, information security officer, University of Alabama Health System in Birmingham.

'Getting better authentication solutions than today's common password systems is crucial. Passwords have inherent weaknesses. The most serious is their inability to offer nonrepudiation, which is where a CSO can show that someone did something and that person cannot deny they did it. We have a pressing need for a nonrepudiation solution we can easily use until something like biometric technology becomes more affordable. Electronic signatures and digital certificates will be helpful authentication technologies.'

Peter Tippett, M.D., president, International Computer Security Association, Carlisle, Pa.

'Privacy should be protected in health care by `tagging' all health data with the names of every single person who viewed it. Some people believe that we should be highly restrictive with health data. I, on the other hand, think we should liberalize access to it through automated protections. Any patient who wants to see their record should be given immediate access to it. They then would be able to see exactly who has been viewing their data, which, many people don't realize, can total hundreds and hundreds of individuals. Tagging names to data would be like shining a bright light on the industry, which, as security precautions go, works quite well in democratic societies.'

Hal Tipton, principal, HFT Associates, a health care information security consulting firm in Villa Park, Calif.

'For health care organizations that already have established a security department that is handily addressing the critical confidentiality and integrity issues of data security, the year 2000 problem becomes the top concern, no doubt. If you're not year 2000-compliant come the end of next year, that could threaten the availability of online health data and thus cause a lot of problems for your organization.'

Diana J.P. McKenzie, partner-in-charge of the health care technology practice, Gordon & Glickson, a law firm in Chicago.

'Successfully communicating an information security policy and ensuring that policy is large enough in scope are the most important CSO concerns. The manner in which a CSO addresses these matters can either save health care organizations or get them into trouble. If an employee is doing something they shouldn't be doing, and you have a policy broad enough to cover that action and well-communicated to all staff members, then you have what I call an `Exhibit A Defense.' You've got a strategy you can use that makes the organization look less culpable.'

Gary Gray, information security coordinator, Swedish Health Services, Seattle.

SWEDISH PLANS ER, HOSPITAL IN ISSAQUAH.(Business) - Seattle Post-Intelligencer

Byline: BILL VIRGIN P-I reporter

Swedish Health Services yesterday announced a lease for a new emergency room in Issaquah, the first step in a long-term plan to open a new hospital in the Eastside community.

Swedish, which operates three hospitals in Seattle, said the new emergency room could be open by next February.

The emergency room, which will cost between $16 million and $20 million, will be located in an office building owned by the state Department of Natural Resources on Northwest Sammamish Road, across from the entrance to Lake Sammamish State Park.

Swedish can open an emergency room under its existing authorizations, but it needs a state-issued certificate of need in order to open a hospital. Earlier this month, it submitted a letter of intent to the state Department of Health for a $175 million, 175-bed hospital to be built in three phases. An application for a certificate of need can be filed 30 days after the letter of intent, which is good for six months.

Kevin Brown, vice president of the Swedish Physician Division and Eastside project lead, said Swedish is working on its formal application as well as talking to city officials about what services to offer in the hospital. Swedish and the city are also discussing where the hospital might be located. Brown said it won't be at the same place as the freestanding emergency room, but could be nearby.

Swedish said growth on the Eastside and a shortage of specialty and emergency services there prompted it to propose both the emergency room and the hospital. Swedish already operates two primary-care clinics and several specialty clinics on the Eastside, and it says nearly a third of its medical-staff doctors live on the Eastside.

It also says it's the second-largest provider of in-patient hospital services to Eastside residents. Brown said Swedish would like to bring its services closer to those customers rather than expecting them to drive to Seattle. The emergency facility includes plans for classrooms for birthing and other education programs.

Brown said development of the first phase of the hospital, planned for 80 beds, could take as long as seven years.

This wouldn't be the first proposal for a hospital in Issaquah. Bellevue-based Overlake Hospital Medical Center filed a letter of intent in 2001 for a hospital there but allowed it to lapse. In January 2003 Overlake officials presented long-term plans for hospital development to the Issaquah City Council.

Overlake still is interested in a satellite hospital, but has decided to move in phases by developing a medical-services campus in Issaquah, according to spokeswoman Katie McCarthy. In September, members of Overlake's medical staff opened Sound Health Solutions; in December Overlake opened a breast center and a women's center in Issaquah. Construction is nearly complete on an ambulatory surgery center, and the campus also houses pediatric and dental practices.

Janis Sigman, manager of the certificate of need program at the state Department of Health, said the application review usually takes six to nine months.

Once the applicant responds to questions from the department, the application is put under formal review. The public can comment on the application and request a public hearing.

Currently, the only other pending application for a hospital in Washington is Franciscan Health System's proposal for a 112-bed facility in Gig Harbor. A decision is expected in mid-May.

The Washington State Hospital Association counts 97 community general hospitals in the state; 86 have emergency departments.

P-I reporter Bill Virgin

can be reached at 206-448-8319

Multiple standardization teams have Seattle system covered. (Surgical Business). - Healthcare Purchasing News

By early 2000, the product standardization team at Swedish Health Services in Seattle managed to slash supply costs by $1.5 million over three years. Still, administrators wanted even more cuts.

Complicating that tough demand, the two-system, 970-bed Seattle provider was considering a merger with 400-bed, debt-ridden Providence Seattle Medical Center. This was all coming during a period of declining margins.

'You can't control declining reimbursements, so we had to control our own costs,' says Allen Caudle, vice president of supply chain management at Swedish Health. 'We already had been concentrating on labor for three years, so we started a system-wide focus on supplies and purchased services.'

Caudle said the standardization team met just once a month for two hours to review cost and utilization of med-surg supplies only. 'But that's only about one-fourth of what hospitals typically spend on supplies,' he says. 'The team wasn't getting into expensive items such as implants, pharmaceuticals or support services.'

Administrators soon realized they needed outside help. They turned to HealthCare Logistics Services, Westlake Village, CA, a supply chain and materials management consulting firm represented by Midwest division vice president John Siedlinski, who introduced the concept of value analysis teams (VATs) to Swedish Health officials.

The value analysis approach is designed to expand a single product standardization team to several teams comprised of clinical departments and support services. Departmental vice presidents chair the teams and bring together materials managers and other executives to make up the steering committee. That group handles politically sensitive matters like product standardization issues among surgeons, Siedlinski says.

'Traditionally, materials managers led standardization teams, so they didn't have administrative direction. [The teams] were heavy-handed and didn't often look at consolidation of vendors and products and new technology,' he says. 'Value analysis teams have a much broader stroke, in which the O.R. team, for instance, can concentrate on just O.R. items. It's the divide and conquer concept, in which instead of one product team looking at everything, several individual teams study clinical areas and service/maintenance contracts.'

Cost-cutting objectives

After establishing value analysis teams at Swedish Health, hospital officials projected cost reduction goals of 3 percent ($1.8 million) the first year and 5 percent ($3.8 million) the second year from the $59 million nonpharmaceutical purchasing budget of 2000. They accomplished both and, to date, are 5.8 percent below the 2000 budget.

An important move, explained Siedlinski, was terminating the contract between Providence Seattle Medical Center and the Irving, TX-based GPO Novation. This allowed Swedish to continue operating and buying solely as an integrated delivery network.

'We were doing a sporadic job of negotiating contracts that did not include a systematic look at our whole supply chain,' Caudle says. 'I wouldn't say we were an IDN. We weren't that sophisticated, but rather an overworked, demoralized department.'

Since the merger, Caudle now oversees three contract administrators and eight buyers who work for Swedish Health. 'We're getting as good or better contracts than what the GPO was doing for Providence, across the board. It was a big decision for us to get out of the GPO agreement,' he says.

'Providence took advantage of our agreement with Abbott Laboratories for lab supplies, solutions and other items. We combined the hospitals' buying power for better tier pricing,' Siedlinski says.

Another key revision was requiring that all purchases pass through the purchasing department and require that accounts payable approve all invoices before paying any bill.

'If purchasing didn't buy it, accounts payable wouldn't pay for it,' Siedlinski says. 'You can set up VATs, but without policies in place to support materials management, the teams can't do good work.'

As expected, some doctors resisted the standardization plans, insisting that their tried-and-true instruments were preferable for better patient care. In those situations, Siedlinski explains, the steering committee would authorize the team to study the instrument or service in question.

'The team does the math, looks at clinical trials and reads the literature to see if the instrument will save money in the long term,' he says. 'With value analysis teams, we've created a corporate culture over the last 20 months that makes the tough business decisions,' Caudle adds. 'We ask doctors, 'Which would you rather do? Cut labor or cost of supplies?' It's not labor. And when doctors realize that VATs are making decisions, then they want to be a part of them. In addition, I solicit people and say, 'We want to include you. VATs are not an exclusive club. Come on, join and be a part of this process.''

Bring purchasing on board

Jane Cramer, a senior internal consultant at Swedish Health Services, estimates that $27 million in supplies and services never went through purchasing due to departments forging their own contracts. This was before the new purchasing rules were formalized. 'The healthcare supply chain has been behind the times. We needed to control the process much more,' she says.

In support services, the work of the teams saved $150,000 by combining both hospitals' elevator repair and maintenance agreements into one competitive contract. Window washing and plant watering contracts were reviewed and even physician travel expenses came under the microscope, Siedlinski says.

'Physicians did not routinely fly first class, but no one was looking at their flight requests, such as last-minute arrangements. Nothing was too sensitive to look at,' Siedlinski adds.

Overall, Caudle says one of the key indicators of a successful value analysis program is the support of senior management.