Fitbit launches two new Bluetooth Smart activity trackers

By: Brian Dolan | Sep 18, 2012        

Tags: | | | | | | | | | |  |

Fitbit Zip Fitbit OneThis week San Francisco-based Fitbit launched two new activity tracking devices: the Fitbit Zip and the Fitbit One, which both connect directly to smartphones via Bluetooth Smart. Legacy Fitbit devices only uploaded information to the Fitbit portal and app when the wearer was nearby a wireless-enabled hub that plugged into the user’s computer via USB, and the new Fitbit devices offer this too for users that do not use Bluetooth 4 compatible devices.

Fitbit Zip offers a new smaller form factor that comes in five different colors, a tiny “tap interface” display, and a replaceable watch battery that will last between four to six months before it needs to be replaced. Fitbit Zip is less expensive than other Fitbit devices and retails for $59.95 on the company’s website. The Zip device tracks steps taken, distance traveled, and calories burned. The device also comes with a small silicone case that clips onto the user’s clothes.

Fitbit One replaces the company’s flagship Ultra device, which it launched almost exactly one year ago, and will retail for $99.95. Fitbit One tracks steps, distance, calories burned, stairs climbed, and how well and long the user sleeps. While Ultra brought the new stairs climbed tracking feature last year, the One brings a new alarm function called Silent Wake that will vibrate the device at a scheduled time to only wake up the wearer. The new device also offers a rain and sweat proof casing, a brighter display for reading outside, a clock and the ability to display motivational messages. The device comes in black or burgundy.

Considering it took some two years for the Ultra to replace the company’s original Fitbit, the one year iteration shows the company’s picking up the pace, especially since this latest launch includes a new less expensive option, too.

Fitbit also announced that it was updating its iPhone and Android apps. Each of the new Fitbit devices will connect to iPhone 4S, the newest iPad, and the soon to launch iPhone 5 via Bluetooth Smart (also known as Bluetooth 5). The devices will synch to these smartphones and tablets automatically without the user having to open up the Fitbit app. Next month the app will also notify users when they are close to achieving set goals and when goals are met.

Another company unveiled a somewhat comparable device and — certainly similarly named device — this week: the Fitbug Air. Fitbug, which was founded in 2005, announced its new Bluetooth 4-enabled activity tracker on the same day as Fitbit launched Zip and One. Fitbug Air retails for $29.99 plus $3.99 a month for access to online coaching services. Like Fitbit’s Zip, the Fitbug Air uses a tiny battery that will keep the device powered for up to six months. Fitbug Air offers three modes for synching activity data with Bluetooth 4 compatible smartphones and tablets, those include, “Push: to sync on demand at the press of a button; Beacon: to set the Air to automatically syncs at regular intervals throughout the day; and Stream: to let the Air to ‘talk’ to your smartphone in real time, so you can view your progress as you walk.” More on Fitbug Air here.

Also of note: At the Apple press conference earlier this month, the company noted that the latest iPod Nano comes preloaded with Nike+ and also has an integrated pedometer. The comments were similar to the ones made last year about the iPod Nano, but showed that Apple continues to push the device as an activity tracker.


Verizon Wireless powers Mollen’s vaccination network at Walmart clinics

By: Neil Versel | Sep 18, 2012        

Tags: | | | | | | | |  |

Google ChromebookA major provider of retail and employer-sponsored immunizations is going wireless, and doing it in a hurry.

Mollen Immunization Clinics took the “big bang” route when it rolled out cellular-enabled Google Chromebook PCs to the more than 4,000 immunization clinics the Scottsdale, Ariz.-company runs at Walmart and Sam’s Club stores nationwide. On Aug. 27, Mollen went live at nearly all of those locations, just in time for the annual rush for flu shots.

In addition to the Walmart properties, Mollen has 1,500 corporate clients with thousands of job sites. The company will be rolling out the technology there next year, according to President Chris Behling.

All of the Chromebooks have built-in cellular antennas on the Verizon Wireless 3G data network. Behling believes the setup also provides better security for protected health information than if Mollen were to tap into existing wired or wireless LANs at its nearly 20,000 sites. “There is one channel for PHI to go through,” he says. Otherwise, the company likely would have to perform HIPAA audits on all those other networks. Keep reading>>

Apple’s iPhone connector change to drive health devices to Bluetooth Smart

By: Brian Dolan | Sep 13, 2012        

Tags: | | | | | |  |

Apple iPhone 5 Lightning Dock ConnectorAt this week’s iPhone 5 announcement, Apple confirmed something of an open secret among those companies that make health peripherals for iOS devices: The longstanding 30-pin connector dock has been swapped out for a new slimmer, redesigned connector dock that Apple calls Lightning.

Of course, an increasing variety of medical devices have received FDA clearance over the past few years to connect to the iPhone (and other iOS devices) via that 30-pin connector dock. Apple is making an adapter available that will help with the transition so 30-pin connector compatible devices will still be able to connect to the newest iOS devices, but as Apple notes in the product page for its adapter, not all devices will be supported.

This hardware change will strongly encourage health device companies to consider a short range wireless connection instead of adopting a proprietary one that only works for Apple’s iPhones, iPads, and iPods. The big winner here will likely be Bluetooth Smart.

Glooko is one mobile health startup that has based its initial efforts in the market on that 30-pin connector. Glooko created a cable that connected iOS devices with some of the most popular glucose meters already on store shelves. In an interview with MobiHealthNews earlier this summer, Glooko’s Chairman and Co-Founder Yogen Dalal said that the company was looking at alternative ways to connect glucose meters to the iPhone and other smartphones. Future versions of the Meter Sync cable might plug into meters at one end, but instead of plugging into the iPhone’s 30-pin connector, they might use Bluetooth Smart instead. Dalal also said the company is looking at the method that mobile payments company Square uses to connect to smartphones — through the phone’s headphone jack.

“There is still a certain amount of interconnect anxiety going around in the industry with the much rumored changes to the iPhone’s connector,” Dalal said in June. “Apple has been encouraging accessory vendors to come in through a wireless connection unless you have to come in through their new 19-pin connector.”

Apple’s announcement this week means more smartphone medical peripherals will cut the cord.

Are HIPAA rules unclear on texting protected health information?

By: Neil Versel | Sep 13, 2012        

Tags: | | | |  |

An ePHI-less text message.

Are vendors of secure text-messaging technology trying to sell people a bridge in Brooklyn, or is there a loophole in the somewhat outdated HIPAA privacy and security regulations that few have taken advantage of? The answer is unclear.

Dr. Michael Koriwchak, an otolaryngologist in Atlanta, raised the question last week on his Wired EMR Practice blog by calling secure texting both expensive and unnecessary. “How do you get a marginal product to sell? Either have the government make people buy it (Meaningful Use) or use marketing sleight of hand to create the illusion of a legal imperative,” Koriwchak writes.

“My inbox has been inundated with ads: ‘Don’t get caught texting [protected health information]! Buy our secure texting product today!” he notes.

Koriwchak says vendors were making their case by relying on a $100,000 settlement the HHS Office for Civil Rights reached with an Arizona cardiology practice that was lax in securing electronic PHI. “The incident giving rise to OCR’s investigation was a report that the physician practice was posting clinical and surgical appointments for its patients on an Internet-based calendar that was publicly accessible. On further investigation, OCR found that Phoenix Cardiac Surgery had implemented few policies and procedures to comply with the HIPAA Privacy and Security Rules, and had limited safeguards in place to protect patients’ electronic protected health information (ePHI),” according to an HHS press release.

Information made public about the case said nothing about text messaging, but Koriwchak writes, “many secure texting vendors have cited this settlement as evidence that the Feds are prosecuting providers for texting PHI.”

The HIPAA privacy and security regulations were written during the Clinton administration and finalized in the early days of the George W. Bush presidency. SMS was around then, but was not widely used in the U.S. CTIA, the wireless industry association, reports that Americans sent 258.2 million texts a month in 2001, a figure that ballooned to 18.7 billion in 2006 and 193.1 billion by the end of 2011.

OCR spokeswoman Rachel Seeger tells MobiHealthNews in an e-mail that HIPAA privacy and security rules “do not expressly prohibit” sending electronic PHI by text or over the Internet—meaning by e-mail—but the security standards “require covered entities to implement policies and procedures to restrict access to, protect the integrity of, and guard against unauthorized access to e-PHI.”

Another section of the security rule lists standards for transmission security and data encryption. “This means that the covered entity must assess its use of open networks, identify the available and appropriate means to protect e-PHI as it is transmitted, select a solution and document the decision,” Seeger explains. “The security rule allows for e-PHI to be sent over an electronic open network as long as it is adequately protected.”

But it may be difficult to determine if SMS networks are adequately protected. “It is widely accepted that every text has at least 3 copies: the sender phone, the receiver phone and one or more copies on the telecom servers involved in the transmission. The first 2 clearly exist. But has anyone verified current practices among telecom providers regarding server storage of text messages?” Koriwchak wonders. “There is no credible source that clearly documents what those practices are. Many providers and IT folks also intuitively believe that text messages can be easily monitored/intercepted remotely.”

Koriwchak referred to a November 2011 directive from the Joint Commission: “No it is not acceptable for physicians or licensed independent practitioners to text orders for patients to the hospital or other healthcare setting. This method provides no ability to verify the identity of the person sending the text and there is no way to keep the original message as validation of what is entered into the medical record.”

This, according to the blogger, does not raise the issue of privacy, which is an integral part of the OCR settlement with Phoenix Cardiac Surgery. “The two issues it does raise, identity verification and documentation in the medical record, are not solved by secure text products,” Koriwchak contends.

He further suggests that the Joint Commission policy should apply to telephone conversations because, Koriwchak says, “the voice of a caller cannot be objectively identified, and voice conversations are not preserved for the record either.”

Koriwchak then says that the federal government has never investigated any provider, payer, clearinghouse or other HIPAA covered entity for texting PHI, “although the secure texting vendors would like you to believe otherwise.” He also claims that there have been zero documented breaches of PHI related to texting.

OCR spokeswoman Seeger says the office “may have had a few complaints in this area.” However, the majority of breaches affecting at least 500 individuals have been due to loss or theft of hard drives, laptops, USB drives and other hardware, according to Seeger. All breaches must be included in annual reports, but any breach involving at least 500 people must be reported within 60 days. (Correction: The original story incorrectly stated that only breaches that affected 500 or more individuals had to be reported to HHS.)

“The few cases we have seen involving hacking highlight the importance of backing up information systems,” Seeger says. She recommends firewalls and encryption at the enterprise level to help prevent unauthorized access to PHI.

FCC finalizes MBAN rule, still must appoint coordinator

By: Neil Versel | Sep 13, 2012        

Tags: | | | | | | |  |

FCCThe Federal Communications Commission has finalized its rule on medical body-area networks (MBANs), officially allocating a portion of the wireless spectrum to wearable sensors.

Bloomberg BNA’s Health IT Law & Industry Report says that the action makes the U.S. the first country in the world to open up spectrum to networks of wireless medical sensors, though MBANs will be the secondary user on airwaves already used for flight testing.

Under the rule, which takes effect Oct. 10, MBAN devices may operate in the range of 2360-2400 megahertz. Communication for flight testing overlaps at 2360-2395 MHz.

“The specific MBAN technology that can be deployed under our revised [Medical Device Radiocommunications Service (MedRadio)] rules promises to enhance patient care as well as to achieve efficiencies that can reduce overall health care costs,” according to the FCC.

“The Commission concludes that there are significant public interest benefits associated with the development and deployment of new MBAN technologies. Existing wired technologies inevitably result in reduced patient mobility and increased difficulty and delay in transporting patients. Caregivers, in turn, can spend inordinate amounts of time managing and arranging monitor cables, as well as gathering patient data.”

While wireless telemetry systems have been allowed in hospitals and clinics for years, MBANs allow for monitoring outside of traditional healthcare settings. “The Commission concludes that an MBAN represents an improvement over traditional medical monitoring devices (both wired and wireless) in several ways, and will reduce the cost, risk and complexity associated with health care. The Commission also concludes that these benefits can be achieved with minimal cost,” the rule says.

MBANs will operate on what the FCC calls its “license-by-rule” framework, meaning that healthcare providers will have to register and coordinate the use of certain wireless equipment. However, this cannot happen until the commission appoints a frequency coordinator to manage such operations.

Monday, one day before the final rule appeared in the Federal Register, medical equipment manufacturers Philips Healthcare Systems and GE Healthcare sent joint comments to the FCC urging the commission to have its MBAN coordination system in place by June 2013. “It is important that the coordinator be fully familiar with the hospital environment and technological propagation mitigation tools so that robust technical solutions can be designed where and when required,” the companies say.

Philips and GE, two companies eager to market their own MBAN technologies, previously teamed up on a joint proposal that largely became the basis for the new rule. As MobiHealthNews previously reported, GE Healthcare described MBANs as kind of a “Facebook for the body.”