Dana Orquiza

Dana Orquiza

It is expected that 10 years from now healthcare will look very different.  This is attributed to multiple factors, such as the Patient Protection and Affordable Care Act (PPACA) and rapidly increasing technology.


As we all know, technology is a double-edged sword.  Information is at our fingertips, and we can purchase items with the push of a button.  However, the flip side is that many of us have become tech dependent to the extent that we don’t know or remember phone numbers, and basic skills such as reading a map has become a lost art.  Our phones are so “smart” that they can tell us how many steps we’re taking, how many calories we’re eating and even provide real-time driving directions.


                        Apple 1                         Apple 2


Changes in healthcare are moving fast, however, technology is moving even faster.  Within a few months of debut, what was once considered new technology becomes outdated.  Some consumers are quick to upgrade to newer models with all the bells and whistles that can make life easier.  We are living in an era of automation and instant gratification.  On the plus side, technology can help patients be more engaged in their healthcare.  For example, population health management is a long-term goal to keep patients healthy and out of the hospital.


Healthcare apps, wearable technology and devices are being developed to help patients manage chronic conditions.  In late May and early June, two companies introduced healthcare technology that may actively engage the general public into actively participating and in their own health maintenance. One company introduced a “data broker that will enable wearable devices to upload information to the cloud,” and a device “designed to power you on your way to better health and a richer more fulfilling life.”


The other company unveiled a cloud platform for storing data and integrating data from other apps.  One product was designed to collect data, such as heart rate, blood glucose, blood pressure, diet and exercise while its counterpart is designed to store data, including those from third-party devices and apps.


These two companies partnered with some heavy healthcare hitters, such as the Mayo Clinic, the University of California, San Francisco (UCSF) and EPIC, a large electronic health record vendor.  The Mayo Clinic app has been designed to flag abnormal values and even contact the hospital regarding abnormal values.  


One of the companies stated that its intent is to provide an easy-to-read dashboard of health and fitness.  As a fitness guru myself, I can appreciate these efforts.  I own a Garmin watch, Fitbit Flex, and use nutrition apps, such as MyFitnessPal.  Both devices keep me motivated to reaching my fitness goals and help maintain my focus on general health.


Risk Management Implications

Within a split second, my excitement over these apps dimmed as I started thinking about the risk management implications.  Although both companies emphatically state that ensuring privacy is paramount, many questions linger.

  • Are these apps medical devices?
  • Does the FDA have enforcement powers over these apps?
  • Has the FDA provided guidance on medical apps?
  • Who owns the data?
  • How will the data be protected?
  • How long will the data remain in the cloud?
  • How exactly will these companies ensure privacy?
  • Too much data and public over-reaction?
  • Inappropriate use and interpretation of the data leading to more medical visits and physician inquiries?
  • Who will regulate the medical apps?
  • How can healthcare risk managers help an organization manage the issues that may arise from these devices and apps?
  • What are the potential liability exposures for clinicians using data from health apps?


The full extent of both companies’ venture into healthcare remains to be seen, however, we are much closer to living like the Jetsons than we think.  Technology that engages patients in their own health by motivating them to make better food choices and exercise has many benefits.


Because of the changing landscape of healthcare, as evidenced by changing healthcare payment model systems, the growth of Accountable Care Organizations (ACOs), and rapidly changing technology, it’s imperative for Risk Management professionals to stay on top of the news and the changes that are occurring at the local and national level.  Furthermore, in order for Risk Management professionals to be successful in the future, we must be nimble and flexible in response to the current transformation of healthcare.



Healthcare Risk Management professionals can help their organizations manage the potential risks associated with healthcare devices and apps through multidisciplinary discussions with Compliance/Privacy, Information Technology, EPIC representatives, Medical Staff, and Nursing, as well as educating physicians and staff on the following:

  • Functionality and design;
  • How the devices and apps are being used by the public;
  • Areas of liability exposure related to how medical professionals use the data and how patient’s direct their data;
  • Guidelines and scripts for educating patients on limitations for referring to or using the data from these apps and devices; and
  • Patient education regarding lack of mechanisms for certifying which apps and devices are useful.


The healthcare app race is on, but similar to the experience of transitioning to electronic health records, only time will tell what risk issues are to be unearthed.  Rather than utilizing a wait-and-see approach, perhaps it’s time to add healthcare apps and devices to your organization’s enterprise risk management assessment.


By Dana Orquiza, RN, BSN, JD

Dana Orquiza is a healthcare risk management professional whose experience includes working as a medical-surgical nurse for over 10 years and as an associate attorney specializing in medical malpractice defense. Dana currently serves as Assistant Vice President of Risk Management of The Risk Authority, and as a director of risk management at Stanford University Medical Center. Her combination of clinical experience and legal expertise is instrumental in providing innovative risk management solutions designed to effectively reduce risk and identify opportunities to increase value.