How to create a winner marketing plan to your hospital by Dr. Hesham Dabah

Healthcare’s facility directors and top executives who are in charge of the execution of hospitals and health services are confronting a test of how to get their facilities more profitable and make them more productive


The article was first published in Dr. Hesham Dabah’s LinkedIn Pulse page (link below). The article is published here with the authors’ permission.

Acquiring new patients to the practice is the lord of administrative practices,  pulling in more individuals requiring your service is what all health care business administrators should consider at into their daily operating systems.


In a perfect world talking, every single utilized specialist should run in beneficial status , be oriented with the expenses of their workplaces and practices. If not, we need to take an approach to make utilized doctors to move from the comfort zone to the dynamic one.  

Marketing is of course known to have positive benefits for enterprises of all kinds, including health care. It may even be an essential driver for some of the hospital’s prestige services and big revenue generators, such as open heart surgeries and liver transplantation, etc

It may, however, be less well understood that marketing can also be implemented in a way to have a direct influence on the patient choice and hospital branding as well.  

In fact, marketing can be highly effective in this way, contributing to the improved profitability of all services while also increasing market share in the health system and growing referrals to the hospital 

It’s never been an easy process, the Marketing team responsible for that file in hospital, having a hard time competing in the market with other well established hospitals in the nearby neighbors. 

What’s more, the marketing department additionally seeking association’s with different offices, and the middle management managers and supervisors in charge of the productivity of these hospitals, are not completely mindful of the maximum capacity of viable, vital integration of the marketing efforts with other departments in the hospital  to specifically pull in new patients to these specialties . 

However, they know the potential, yet they don’t have the enough knowledge about the how a strategic marketing plan component ! 

Making the challenge even greater is the common scenario of un-specialized hospital marketing departments, which have to support all hospital service lines. Taking an example of the pharmaceutical industry, they realized too early the necessity of developing different lines of marketing teams for different line of production, make it more efficient and easy to follow cost with the results.  

Unfortunately, the hospital managers and top executives overlooked that , using the same old way of thinking and hospital marketing is often at or near the bottom of their list of competing priorities and internal constituencies. A piece of the issue is that the chiefs of other administration lines in the  hospitals have a “louder voice” when seeking resources, but it is expected from the marketing department to come up with results !  

Another thought is that hospital marketing team is usually less capable and non-experienced in branding the doctors in practices and the health service lines. 

Eventually, numerous hospital executives and directors who are in charge today of the day by day hospital operations unwittingly wrong determined by general spending plans of marketing not indicating each service expense. How would you enhance execution without sufficient promoting assets, there is a difference bt. mastery and clear technique! 

  • What would you like to wind up with ? 
  • What’s more, where would you like to go? 

Basically answer these 2 questions and you will discover it is not an advanced science to make sense of your marketing strategy to begin a winner one. 

The first step is to find a common definition of marketing in your hospital setting. For this, marketing should be defined as the process of  communicating the value of your services in-order to increase its profitability. At the same time, this kind of marketing requires identifying, anticipating and satisfying patient expectations.  

Your operation role in  this, marketing strategy ought to be characterized as the procedure of integration of all your administration’s power together to get the results you want. 

To develop your strategic plan for the marketing, simply first apply the The 5 Ps of the marketing techniques to develop your marketing strategy that meets your requirements.

The 5 P’s of Product Marketing

  • Product – In this case, it’s the hospital services being sold.
  • Place – In healthcare, refers to the Hospital facility.
  • Price – Competitive? Expensive? Affordable? We think of that as an end value the patient will receive when pays for it.
  • Promotion – The choices in messaging and communication channels to deliver a clear message to target clients.
  • People – All people in the organization, especially those in direct contact with patients and patient’ families (and other “clients,” including hospitals, doctors, insurers, regulators etc.)

In this way, marketing is more than just exposure of the facility.it’s comprehension of procedures and duties for me and my association.  

I should understand that successful marketing does not just drive business. It also drives reputation and branding to my facility. This is why it is called a marketing strategic plan.

Identify my position in the market

Every situation is unique and should be considered on a case-by-case basis. We need to determine and define our position within the marketplace. 

Clearly, well-identify our value proposition, develop a single statement that will serve as the guiding theme for my efforts. This positioning statement should be clear , memorable, unique and — most of all — TRUE. 

Once positioning is born, the hospital manager and executive should consider many steps to help my marketers to get the results from their work:

  1. Develop my brand.
  2. Be there; on consumers’ comfort zones
  3. Answer all inquiries in no time
  4. Build a happy referral network
  5. Include your physician in your marketing strategy
  6. Hire thousands of agents in your city for free

1 Develop my brand

Be Disctinctive ! 

An effective, consistent branding for healthcare organizations, particularly the private hospitals, is very critical. The organization should have a brand that represents who it is and what it stands for.  It is the sign on your building, the voice on the phone, the words said to patients, the quality of care and the level of service. 

It’s the organization’s personality, presence, reputation,type of chairs, uniform of my team, style and smell when you walk in. It is very useful to think of branding as reputation by style, it’s a part of the overall organization’s brand, print outs and also different from the competitors, and vary from specialty to specialty and even clinic to clinic, but all have something in common which is the line of my organization’s brand. 

Convey a clear and unique message, provide trustworthiness, connect with prospects psychologically, motivate the patient to come again and create loyalty

2 Be there: on consumers’ comfort zones

Go to your target clients when they don’t need you, don’t wait them till they come to you hospital should have a role in people life , a useful one,  present in daily needs and activities, not just banners on buses and yellow boards in building or paid articles in newspapers.  

Be a part of their life, share with them their happy moments , add value to their life , let them come to ask about your promotions and then convert them to loyal customers! make to your hospital a permanent part of their life, not just a one time service utilized by a shopping client,, let them want you, follow you , fall in love with you  and always deliver the right message to them that you are there to meet their needs and always ready to take the extra mile to keep them happy, let them know that you are happy because they have a good health and happiness.  

Always check, do I get the right target people? Did I address the right points? Did I succeed in developing my right branding? Am I Different from competitors? Ask them what could be my next service they need and can’t find anywhere else?

3 Answer all requests in the blink of an eye

Fill the need of the patients to know more about their sickness 

Nowadays, Web advertising is crucial, an unavoidable source of information. And they are expanding utilizing it to settle on their health choices. So, they have questions about their illness and they want answers to feel better about themselves and their conditions.  

In hospital strategic marketing plan , it’s extremely important to have all around well prepared office staff  that can answer questions, no big surprise, I saw one time on an IVF health care facility ” Adam Centers – in Cairo ” utilizing new graduated doctors as a part of the front office to listen precisely to patient inquiries and answer each and every one.  

Staff individuals speak to your image with every connection, they must to be exceptionally very much arranged with my image and convey as a piece of their standard work in each collaboration with patients and their families. 

The object of the strategic marketing campaign is to drive new patient request and reservations, and your front office staff is the individuals who will be doing that, undertaking and making the early introduction of your hospital to the new patients. 

That impression will either fortify or undermine the first presentation testing your delivered message and the interchanges you got from your strategic plan. Business speaking,they will be the person who will turn a checker to a client. PERIOD. 

Promoting, will make prompts you , yet changing over guests into new patient arrangements are of high importance. That is the reason it’s so imperative vital that front office staff are going to play an important role with my marketing team and up-to-speed and arranged to handle the stream either via telephone or face to face in the front office. 

Staff should be prepared to a point of high transformation rate, which will just happen subsequent to giving staff individuals the instruments, training and abilities, including how to empower make a new patient reservation and adherence to a suggested script of answers is the key.   

An extraordinary Client service is the first line of your association, and where you will see results if you invest on them appropriately

4 Build a happy referral network

Build a referral network 

Build trust and associate with the doctors in your city , or go further on the off chance that you have an in number of doctors exceptionally well in their specialties and broaden your affiliations with specialists everywhere throughout the nation.  

This is essentially imperative for your hospital. Business talking , drawing in doctor referrals is one solid reason doctor’s facilities and healthcare organizations have been purchasing little practice offices, bringing new doctors to their network , and one reason why pays rates of doctors hit the sky sometimes.  

But, you got to know that building referral is not a 1-2-3 steps process to follow !  

Because the existing referral arrangement is difficult to break, and new referral relationship is a harder job, require a significant amount of information to collect. Just keep in mind that like any other relations in life, it has peaks and bottoms. Any referral arrangement between the doctor you want to win and a competing hospital , will have a moment of tension or dissatisfaction from time to time, so your consistency and continuous presence with the right offer and solution in front of the doctor you want to attract will allow you to be at the right time to win the game with your competitor.  

You need the help of your doctors in your facility to you build that network system, you can recognize how you will fortify yours to take a part in this procedure either in view of their dedication to your clinic or for whatever other thought process you can include in your marketing strategy. It works and it pays for its expense and this key cooperation can turn into a primary wellspring of your incomes in the event that you do it right.  

A week ago I made a visit to a doctor’s facility that I’ve generally known about, however ever been there, the chairman and the CEO of of that hospital  ” Dar Al Shifa ” in Cairo – Egypt , has shared with me the inpatient log of that day,  incredibly he had patients referred to him from 8 different countries at his 44 ICU bed unit. They all had an open heart surgery in the hospital, all got through his effectively implanted referral system throughout the years.  

You have to measure and estimate the association and union you need to put resources into , then need to create particular, viable strategies to convey properly to plainly set the win to win circumstance anticipated from that connection.  

You can consider likewise the referral offices , not just doctors’ offices. Which happen to have a huge significance now for healthcare business.  

The referral-building should be taken care of with a member team has a lot of perseverance, astounding correspondence , the abilities to follow up continuously , and has a great communication skills. With the right one to do it with the right abilities and character attributes for the assignment you can build a good one

5 Include your physician in your marketing strategy

Use the best people in your organization 

They can be a vital vehicle in your marketing campaign, that incorporates likewise their engagement with your endeavors to help build your referral system with partnership specialists.  

Truth be told, the doctor contact part is so essential to hospital business, you’re extremely well prepared group is your doctors, so utilize them whenever it is possible and appropriate.  

They represent your image with their own fellows outside your work space with their families,and communities. They have the capacity to make you look different from different hospitals ,identify your abilities, style of administration and care and your ways to deal with making the additional move to fulfill a patient and win a good specialist to join your team. 

You can know you succeeded when a well reputable specialist from a competing hospital  comes to you and request to join your team of doctors, at exactly that point you know you are destined for success. PERIOD.  

It’s about persuading and inspiring them without much speaking,they are very smart and they will know whether you want to make their hospital a good one, or you only there to have a huge compensation at the each end of the month.  

For that, you need to make sure that your physician not only know what to say about your efforts , but also well presented and have enough materials to leave behind and always be in the right place at the right time. Put a system to encourage every department to have some medical research to present in medical gathering , shows their accomplishment in meantime if new techniques they have applied in your facility to help more patients live healthy.  

The right materials handled by doctors can have a great impact in the general population and fill the gap of information about it , empower intrigued referrals to come to you and ask how they can utilize your facility services.  

These  materials can be in numerous structures, including business cards with the website address, data analyses,decent flyers,public relations team going with your specialist while he/she present a paper at a medical gathering ,,,and so on

6 Hire thousands of agents in your city

YES, as the old saying says “word of mouth ” 

Your own patient population of your hospital are a treasure, their part is still under-assessed or undiscovered potential, unless a marketer has effectively worked in another industry than health facilities and know how to use.  

Building up a key arrangement for inside advertising to existing patients been of awesome significance in numerous commercial ventures, for example, accommodation , restaurants , time share,credit card providers,,,,etc.  

Unfortunately, most or lets say numerous health care executives did not experience these tremendous commercial ventures of transforming their customers into non paid agents to them without acknowledging they are helping you build your image and making more benefit and just for the expense of pennies.  

Without a doubt numerous patients who need to get some medications still get some information about a decent one , from family members receive medical services frequently.  

If we consider that the overall people who never came to my hospital, they don’t know much about me or what i can do to them.  

In this way, by speaking reliably and keeping a good communication channel with my patients, will be the one who introduces my hospital’ services  to their families and companions.  

Communicating with my patients can be very simple… yet very effective 

Patients promoting methods that we can apply to our marketing strategy can be very simple, as basic as requesting that fulfilled patients refer their companions, sending birthday congrats with some informative print out , short SMS, ask offer some discounts to them that they can pass to anyone they want.  

Much obliged to you for coming to that point and taking the time to read my article that I trust I had the capacity share with you some of my strategies that I tried myself and I know it lives up to expectations flawlessly.  

My last word, it’s never been the marketers alone duty to bring you new business; and on the off chance that you quick to manufacture an unmistakable medicinal services office, you need to construct a good marketing strategy for your hospital, survey commonly with different departments till you totally fulfill with it, afterward demonstrate and help your marketing team to apply your strategic plan  

Furthermore, most importantly to be an enthusiastic to succeed, bar any individual who says it can’t be done, in light of the fact that nothing is impossible in the event that we work right and make enough commitment to do it. 

Thank you. 

Thank you for reaching that point, please feel free to leave a comment , share your thoughts, start a discussion that can broaden our minds or share the article and invite your friends to read

Author
Dr. Hesham Dabah

Healthcare & Hospital expertise – Entrepreneur. Dynamic, confident and professional healthcare leader with strong ability to engage people positively and motivate them to embrace and work toward the vision for the organization
Advertisements

Why Out-of-Hospital Blockchains Matter by Cyrus Maaghul @Pointnurse

Bitcoin and blockchain technology will be game changers too


This article was first published in Mr. Cyrus Maaghul’s LinkedIn Pulse post here . The article is published here with the author’s permission.
 
I bought my first bitcoin in May 2013 while on a vegan retreat in Asheville, North Carolina. Going through the purchase process reminded me of when I first downloaded Mosaic and surfed the net. I thought to myself, “this is going to be a game changer”. It was.


Bitcoin and blockchain technology will be game changers, too.

Bitcoin, its underlying blockchain and evolving peer-to-peer networks with Turing-complete smart contracts such as Ethereum will have a disruptive impact on many industries for years to come. Financial services, payments, supply chain logistics, insurance, and healthcare are just a few that will be disrupted with these new technologies.

Out-of-hospital blockchains

Healthcare will be a primary beneficiary of these new technologies, especially outside of the walls of hospitals.

As more and more health and preventive care is provisioned in virtual environments, at home, in cars, at work, etc, the need for open and accessible tracking, verifying and provisioning of care will become extremely critical for patients, payors, providers, scientists and regulators.

These new out-of-hospital (OOH) blockchains developed in the non-clinical community will set the pace for how patient behavioral and inter-clinic visit vital data is tracked in the future for provider reimbursement, regulatory compliance, safety monitoring and patient adherence.

The blockchain is a near-perfect technology (not necessarily the current implementations) to securely and safely make OOH data easily accessible with relatively minimal privacy and hack risk to all patient stakeholders, including the patient themselves, family, caregivers, clinics, providers, insurance companies and all those with a stake in their patients’ health.

Each and every one of these stakeholders or network peers approved by the patient can easily join OOH blockchains as either nodes or buyer or seller of tokens or payments to gain access to patient data, utilizing a variety of open access methods and smart contracts that store and monitor real-time contractual conditions agreed to by and between various stakeholders.

There will be many OOH blockchains developed to address the myriad of use cases in healthcare, including tracking the development of drugs, doctor and nurses credentialing, real-time population health data analysis and alerts, insurance peer-to-peer risk pooling, telemedicine and home health visit data sharing, decentralized autonomous organizations, verification and audits, and remote device monitoring commonly addressed today under the Internet of Things category.

These open and viable peer-to-peer healthcare blockchains will open the door to new business models in healthcare, including analytics-for-healthcare products and services, flash malpractice insurance and friction-less claims processing hence shorter revenue cycles.

Healthcare insurance claims processing

It is no secret that healthcare claims processing is a nightmare for all parties involved. Reimbursement is opaque, fraud is prevalent, and transactions frequently difficult to reconcile.

For example, home health, a great OOH blockchain example, is possibly one of the greatest sources of fraud in the US healthcare industry today. Smart contracts powered by a blockchain could provide consumers and payors with the means to manage claims in a transparent, immutable and responsive fashion.

Insurance contracts, premium payments and their respective claims could be recorded onto a blockchain and validated by node consensus, preventing fraudulent claims from being processed. Smart contracts could enforce claims triggering payments when due or dispatching specialists, nurses or doctors to follow up with patients when anticipated claims are not recorded by presumptive dates.

Managing “super-utilizers”

The term super-utilizer describes individuals whose complex physical, behavioral and social needs are not well met through the current fragmented health care system.

These individuals go from emergency room to emergency room, to admission and re-admission, in a chaotic and costly manner. Mental health, substance abuse, poverty and education are frequently cited as common characteristics of many but not all in this group. Many researchers and experts postulate how more “community support” and “real-time engagement” is needed to manage this socially isolated population of healthcare super-utilizing consumers.

Smart contracts powered by an OOH blockchain utilizing the bitcoin payment system could be used to create a rewards and incentive system to manage super utilizer behavior.

Behavioral contracts could be developed between payor and patient to trigger rewards denominated in BTC for attending support groups, regularly engaging a telehealth professional, reporting health conditions (possibly at kiosks with bitcoin point-of-care devices), and meeting agreed upon health goals.

Payors would fund reward payouts via efficient BTC accounts established at commercial digital currency exchanges. A smart contract would trigger a reward payment (or loss) when goals are met near real-time to the patient’s public bitcoin address which in turn could be tendered at local participating outlets equipped with BTC point-of-contact devices including community centers, supermarkets and apartment complexes to pay bills, purchase healthy foods and meet rent obligations.

Medical malpractice insurance DAOs

In theory, decentralized autonomous organizations (DAOs) are entities that are self-governing. DAOs on a OOH blockchain could enable trust and provide an immutable record and audit trail of an agreement without a single controlling body.

Doctors and nurse practitioners could collaborate to establish a peer-to-peer malpractice DAO and record each peer’s premium payments and claims on the blockchain. All premiums paid in would create a pool of capital to pay claims.

By combining the blockchain with the peer-to-peer business model, this creates the potential for a near-autonomous self-regulated insurance business model for managing policy and claims. No single entity would control the network. Policyholders could “equally” control the network on a pro-rata basis.

But, these are just a few examples of how bitcoin and blockchain technology will change the face of healthcare in the future.

The blockchain is a new and exciting technology, and we are now just beginning to see both small and large players dip their toes into the water. I personally would discourage any entrepreneur from pursuing the use of blockchain technology inside the walls of clinics and hospitals today, as the those lanes are laden with painful obstacles – the OOH blockchain is your winning lane today

Author
Cyrus Maaghul

Cyrus Maaghul is a thought leader in healthcare, technology, and finance with experience in markets around the globe. He is keenly interested in the blockchain, cryptocurrencies, and healthcare particularly the intersection of physical and behavioral health and provider empowerment

@IFTTT you could in Healthcare by @msharmas


Was reading this article published in a leading newspaper sometime back,

Naturally, I tried thinking of usecases to apply the technology in a Healthcare setting. 

About IFTTT
IFTTT works with a series of simple recipes using channels.  

IFTTT stands for IF this then that

Channels are “connected” apps, like Gmail, Google Calendar, Google Contacts, Twitter and many others supported by IFTTT. You can download IFTTT for android or iOS and start connecting channels to your account.  

Recipes
IFTTT allows you cook up your own recipes. Recipes are composed of this and that. Once you have connected the apps to your IFTTT account, you can start creating recipes. 

“this” in the recipe stands for a Trigger Condition or criteria, much like the IF condition you would create in an excel sheet, or in code.
“that” is the action that would be performed when the Trigger condition is met. Based on this condition being TRUE, IFTTT will execute that Trigger Action.
Lets take an example now, assume you are attending a conference and you would like to keep a list of tweets that you liked, and you want to retweet these out later or incorporate these in a blog. Given this scenario, you could do the following steps in IFTTT

  1. Download the App on your phone and create an account
  2. In the IFTTT app enable the Twitter & Google Drive “channels” by connecting to your Twitter and Google Drive credentials
  3. Once you have connected the channels, lets head over to Create a recipe
  4. Click Create recipe and it will ask you for a Trigger Channel, select Twitter
  5. Next, select the Trigger Conditions from the list of possible options provided by IFTTT based on the channel selected
  6. For our usecase we will select “New Liked Tweet by you” as the Trigger Condition
  7. Next we want IFTTT to save the “Liked” tweet in an excel file, for that we will select the trigger Action channel as Google Drive
  8. And we will select the Trigger Action as “Add row to spreadsheet”
  9. IFTTT will keep adding all the tweets you liked to the spreadsheet that you have selected

IFTTT you consider Healthcare Use cases 
OK, so we now have some understanding and agreement in terms how we are able to very simply, and with no coding, able to create a logic statement and get some work done. In fact you have just “Integrated” two apps and got them to “interoperate”

Lets now assume, IFTTT you could use in Healthcare use cases, What would you do?

What IFTTT offers is a set of features that allows for the end-user to create some of the rules based on their day-to-day circumstances. Lets say a nurse wanted the EHR system to Alert a doctor based on a certain specific parameter, but incorporating that logic would require a “code-change” to be done by the EHR vendor. The process is long-drawn to bring in such changes. 

Instead IFTTT the EHR system can incorporate the ability for the nurse to create her own recipe by providing Channels corresponding to various modules in the EHR system, and also provide the end users Trigger Actions  and Trigger Conditions (pre-defined by the EHR vendor).

Lets consider some of the usecases that can be enabled for an IFTTT type functionality in Healthcare

  • appointment reminders for doctors based on urgency of care
  • reminders to the nurse to change patient medication dosage based on doctors suggestion of lab results
  • pharmacy requisitions based on quantity on hand value defined
  • checking and validating medical actions for medical errors
  • patient discharge process alerts to all departments


IFTTT app allows for the end user to create her own “recipes” and “share” these within the community. And considering every patient’s treatment circumstances are different, clinical teams can setup trigger and action criteria that are active for a particular patient and can be continuously changed based on patient condition. Additionally, it also provides the end-user the ability to make enhancements to the system’s in-built logic by enabling customisation at the user end and instantaneously.

Once the patient gets discharged the clinical staff can have the ability to save all the tasks related to similar disease “patients like” scenario, to be templated for future
 

IFTTT you could Connect Healthcare Devices
Thinking a bit ahead to the future, one could control certain medical devices based on trigger based activities. So imagine, the nurse comes along with the doctor for the ward rounds and she is able to adjust the IV flow based on a doctor’s recommendations

IFTTT patients’ could

Patients too can be allowed to use IFTTT-like functionality by allowing them to create a folder in her google drive that contains all her electronic records emailed to her or her doctor

Patients can also setup reminders for their appointments since their hospital app enables the IFTTT-like functionality.
 
Patients can be sent alert notifications on their wearables or phones, about daily Medication reminders using IoT-based devices that dispense their medications

The power of IFTTT is in the simplicity and custom trigger and action criteria it provides it’s users

While writing the above article I recalled the time I was working in a Healthcare IT Product development company in Bangalore and we were looking to incorporate an Alerts & rules engine into our HIMS product. While defining the requirements for the solution, we had discussions with our end users in terms of how they would like the notifications from the system to be delivered. They all reported “Alert Fatigue” to be a factor in terms of how they went about using the system. They wanted to be able to control what alerts they saw and how they would like to view these alerts. 

An IFTTT-esque functionality incorporated within EHR systems will go long way in helping the end-users “customise” the solution based on their current requirements. They would be able to create focussed alerts based on their daily work. 

Afterall, the workflows in the hospital undergo a constant change and an EHR should be able to allow the end-users to incorporate customised workflow and rules

Author

[tab]
[content title=”About Manish Sharma” icon=”fa-heart”]

Manish Sharma

Founder HCITExpert.com, Digital Health Entrepreneur

Connect with me via any of my Social Media Channels

[/content]
[content title=”Latest Articles”]

[/content] [/tab]

House MD vs Doctor #AI- Who will turn out to be the better by @RoshiniBR


House MD vs Doctor AI- Who will turn out to be the better diagnostician?


Do a google search for “all-inclusive beach holiday” and all you see for the next weeks are advertisements for all-inclusive holidays following the virtual you. Google knows you better than your family or friends- creepy but true! Whether or not we realize it, we have made the decision to donate our data to the virtual world.

Can we put our data to better use – to improve healthcare on a scale unimaginable a decade or two ago?

Artificially intelligent systems in healthcare

AI systems feed on big data. Big data is nothing but a massive amount of data, the sheer size of which makes data analysis a challenge. AI systems are being developed to analyze and recognize meaningful patterns out of this complex data. Of particular significance is deep learning, a branch of AI which attempts to mimic the thinking part of the human brain. Several startups are now attempting to put AI, particularly deep learning to meaningful use in healthcare.

Diagnosing diseases: Clinical diagnosis is essentially a data problem, says founder of Enlitic, a machine learning startup focusing on data-driven medicine. They aim to revolutionize clinical diagnosis by helping physicians to automatically screen for specific diseases using their proprietary technology. Another startup, Deep Genomics, is approaching diagnosis from a genomic perspective. They capitalize on machine learning technology to link genetic variations to diseases. As a cherry on top, a study published as recent as last week reported that AI-enabled automated cancer detection perform as well as approaches that require costly clinician input.

“We think that its no longer necessary for humans to spend time reviewing text reports to determine if cancer is present or not”- author of the study, Shaun Grannis M.D., M.S.


Educating Patients: IBM is teaming up with the American Cancer Society to create an adviser for cancer patients, powered by IBM’s Watson health – health division of its AI brain. It would be designed to provide cancer patients or their caregivers with personalized guidance based on the patient’s particular disease stage and treatment. Watson would sift through countless digital sources like health websites and draw relevant and trustworthy information catering to individual needs. 

Improving clinical trials: Many clinical trials fail because patients fail to take their medications. AiCure is addressing this issue using AI to monitor medication adherence thereby increasing trial success.  They directly monitor patients using artificial intelligence on mobile devices via an app which collects real-time dosing data on a centralized and cloud-based platform. IBM Watson is trying to solve another issue facing clinical trials – enrolling patients. Watson would sift through clinical trial data at Mayo Clinic and in public databases, such as ClinicalTrials.gov. and match patients more accurately and consistently to clinical trial options.

Using Watson’s cognitive computing capabilities, Mayo Clinic can consistently offer more cutting-edge medical options to patients and conclude trials faster”  – Mike Rhodin, senior vice president, IBM Watson Group.


Accelerating drug discovery: Drug discovery is a lengthy, complex, and costly process, rooted with a high degree of uncertainty that a drug will actually succeed. Several machine learning startups are trying to solve this long-standing predicament in pharmaceutical drug development. Berg Health combines systems biology with its proprietary artificial intelligence machine learning analytics program to bring down the time for cancer drug development to almost half. Atomwise’s drug discovery AI platform “learns like a human chemist” using deep learning algorithms and supercomputers.

“Simulating billions of virtual medicines to find potential commercial candidates in weeks? That’s what we call truly transformative.”- Matt Ocko, Managing Partner of Data Collective, a venture firm backing Atomwise


Reducing hospital costs: Readmissions are costly for hospitals as payers are reluctant to reimburse preventable readmissions. Hindsait, an artificial intelligence technology provider, helps identify patients who are nearing the end of their stay and suggests whether keeping them might in fact be more cost effective than risking readmission. It does so by applying AI based data analysis to large health datasets.

These and many more upcoming developments in cognitive computing in healthcare leaves us with the thought – will AI systems perform better diagnosis than out best diagnosticians. Google’s AI program, AlphaGo beating Go world champion and IBM’s Watson beating humans in Jeopardy seems to suggest so.

Note: Interestingly, there were many recent publications that influenced the direction of this article. Application of AI technologies in healthcare is growing with new collaborations being made at this very moment. Interesting times indeed for all those who influence and follow these developments. 

Author
Roshini Beenukumar

Dr. Beenukumar is a molecular biologist turned science writer. During her PhD, she studied how cancer cells behave the way they do by exploring the humble yeast. Currently, she works as a freelance science/technical writer in the Life Sciences industry . She enjoys communicating science to the public and discussing new ideas in the interface of medicine and technology. She spends her spare time getting lost in a book or in nature.

Ransomware Prevention 101 – Expert Tips by Nicola Whiting @CyberGoGiver

Whether you manage your own systems and devices, or rely on third-party hosted systems (i.e. ‘in the cloud’), your Ransomware risk is real, constant and growing….


Below are some key actions, that you can put in place now, to significantly reduce your Ransomware and Cyber Crime risk – they cover prevention, instant response during an attack and recovery

What to do first?


Set up regular data backup procedures – then ensure they happen
Backups are ESSENTIAL in protecting data. If you are successfully attacked with Ransomware your backup is the best, possibly only, option for saving your data and ability to do business. Backups also help you recover from many other forms of damaging malware attacks and even hardware failures. Some Ransomware variants, such as Cryptolocker, will also encrypt files on drives that are mapped. This includes connected cloud file stores, attached network drives and USB thumb drives. Action: Backup often, to an external drive or backup service (one that is not assigned a drive letter) & physically disconnect it from the computer between backups. Make sure the Backups are tested and are usable!

Setup your defences

Cyber Essentials Controls 
CESG spent many years determining which security best practices would remove the most risk. (a Cyber Essentials version of the 80/20 rule!)Following Cyber Essentials guidance can reduce your risk by 80%. In addition to being a great security guide, some Cyber Essentials checks can help to prevent Ransomware. The following is a list of those checks:

  1. Installing the latest software patches and updates can help against known security issues being leveraged by malicious software.
  2. Installing and keeping up to date the latest anti-malware/virus software can ensure that known bad executables, and potentially software behaviours, are stopped.
  3. Disabling auto-run can prevent malicious software being transferred between systems using storage technology such as USB pens.
  4. Do not use Administration-level accounts for day-to-day tasks. As well as being good security practice, this will help restrict the impact of any malware infection.
  5. Access privileges should be used to limit access to resources and systems.
  6. As above, this should also help to restrict the impact of any malware infection.
  7. Firewalls should limit network traffic to only approved source / destinations and service types.
  8. Malware protection, possibly in the form of APT / IPS, can prevent potentially malicious software from calling home or propagating on your systems.

You can check some of these controls using the FREE Risk Assessment Auditing Tool (www.titania.com/risk-assessment-tool). It provides key risk analysis in 21 areas, includes step by step mitigation suggestions and automates some of the manual configuration reviews, needed for Cyber Essentials. 

Automate Defence (when possible)Patch or Update your software 
Keeping your software up to date is a security essential, it significantly reduces your risk. Ransomware authors frequently rely on people running outdated software with known vulnerabilities, which they can exploit to silently get onto your system. If you make a practice of updating your software often it can block their access. (As a triple bonus it also helps defend against other Malware and makes it harder to hack into your systems!). Action: Enable automatic updates, especially on major vendors such as Windows and Adobe.If you can’t auto-update go directly to the software vendor’s website (good practice as Ransomware / Malware creators can disguise Phishing attacks as software update notifications). 

Filter EXEs in email 
If your gateway mail scanner can filter files by extension, you may reduce risk by denying mails sent with “.EXE” files, and “*.*.EXE” files.  Users who then legitimately need to send or receive executable files could use password-protected ZIP files or via secure cloud services. Naturally this is not fool proof and you may want to consider other options (a 7-Zip vulnerability was recently discovered and patched). 

Re-enable showing full file-extensions 
Window’s default behaviour hides known file-extensions. Re-enabling showing full file-extensions will help your team spot & avoid clicking on suspicious files – e.g. those with unexpected “.EXE” (executable) extensions often used by Ransomware. 

Use a reputable security suite and keep it updated 
Ensure you include anti-malware software and a software firewall, they will both help identify threats or suspicious behaviour.  Ransomware developers frequently send out new variants, (to try to avoid detection) multiple layers of protection, will reduce their chances of success. If you run across a Ransomware variant so new that it gets past anti-malware software, it may still be prevented from executing, or be blocked from connecting with its Command and Control server (to receive its encryption instructions) by Software Restriction Policies (SRP) or your firewall… 

Firewalls/Proxies and APT/IPS 
Once something malicious is running inside your network, you do not want it to communicate with the outside. Firewalls should be configured to restrict network traffic going in both directions, not just inbound traffic. Web browsing should also be limited to prevent access to known malicious websites. Internet proxies can be used to help prevent access to malicious content, or user access to websites by content type. Advanced Threat Protection (APT) / Intrusion Prevention Systems (IPS) can also detect and prevent software from accessing or performing potentially malicious activity. 

Windows Policy Updates 
There are a number of Windows group policies that can be deployed to help prevent running malicious code. e.g. The user application data folder is often used by Malware developers, as a location to launch malicious software. 

Software Restriction Policies (SRP) can be used to prevent the execution of software from that folder. Computer Configuration/Policies/Windows Settings/Security Settings/Software Restriction Policies To prevent execution of programs within certain types of files, they can be configured under the following policy tree: 

User Configuration/Windows Settings/Security Settings/Software Restriction Policies 

On the latest versions of Windows you can take this further by configuring AppLocker policies to restrict the execution of software. 

This is a complex subject in its own right and Microsoft has provided lots of details in the following TechNet article: https://technet.microsoft.com/en-us/library/ee619725(v=ws.10).aspx An example would be to configure policies to only permit the execution of signed software.

Train your People

Train your people to detect what “suspicious” looks like and what to do in the event of an attack. Help them by giving sensible policies, “attack reaction” training and showing hidden file-extensions.  

Email Attachments: 
Before opening email attachments, you should first check the emails validity. Potential malicious software is often attached to emails in the hope that someone will open it. The malicious emails can range from very simple and obvious through to sophisticated and less obvious. 

 These are fairly obvious…

Another…

Yet another example…

With emails that have “Invoice Attached” or something similar may be harder for someone in an accounts team to ignore. However, there are simple checks that you can perform to confirm details about the email. If you are unable to confirm any of the details, then try getting in touch with the sender to confirm its validity (do not use any of the contact details supplied in the email – they could be fake). Also check the attachment type, would you normally have an invoice attached as a ZIP or Executable file? 

It is important that everyone is trained on what to look out for in emails. And remember, banks do not send emails asking you to login to your account using a link contained in an email (or they should not). Also, Inland Revenue send information in the post, not via email. Be aware of what you are opening, clicking on and viewing.

What if the worst happens?

You’re in the middle of an attack or your files are being encrypted – what can you do? 

Disconnect from WiFi or unplug from the network immediately
This technique may not always help, but training your people to “immediately disconnect the system and notify IT” if they think they’ve clicked on a malicious attachment, can (if done quickly enough) limit your risk, damage and costs. Depending on the breed of Ransomware this action may cut off communication with the attackers’ server and localize the data encryption to just one machine (which may be far easier to recover from).   

It normally takes some time to encrypt all your files, so even if you’re not quick enough to outpace the malware spread, disconnecting from the network and notifying IT – will give your team valuable response time. It may help to isolate an infection. 

Restore or Recover
If you have System Restore enabled Windows, you might be able to defeat a Ransomware or Malware attacker. However, some versions of Ransomware (e.g. Cryptolocker) may delete the System Restore files, before you can return the system to a known clean state. If that is the case, then your best option would probably be a full restore from a clean back up. (You’ve got a clean backup and tested the procedure already…right?) 

Pay or Don’t Pay?
If you have any other option open to you, my advice would be don’t pay for two main reasons:

  1. You have no guarantee you will get your data back. In many cases the decryption key is never received, it fails to work or only partly decrypts the data.
  2. You’re then a proven “paying customer” which increases your likelihood of future re-targeting!

If you leaning towards paying… 
You can normally do a very quick google search to determine if you have viable option for recovery and often whether the criminals in question have a track history of delivering your data back. Some Ransomware variants such as Cryptolocker & Jigsaw, now have payment timers (after which time the price for your decryption key, or damage, goes up significantly)At time of writing, you could “beat the clock” with Cryptolocker, by setting the BIOS clock back to a time before their 72 hour window was up – resulting in a lower Ransom payment demand. In every case, if you’ve decided to pay, it’s worth quickly investigating your potential actions first… 

One Final Suggestion…. 
For the policies and practices you put in place to remain effective in protecting you and your business they must be enforceable, measurable and consistent. User training on cyber / information security procedures can be made part of your HR on-boarding process and refreshed regularly. For System Settings, firewall rules and policy enforcement, I would recommend using detailed system / configuration auditing tools such as the award winning Nipper Studio and Paws Studio

Useful Links & Free Tools

Cyber Essentials 
(https://www.cyberstreetwise.com/cyberessentials/
Government-backed walk-through on protecting yourself against cyber threats
  
FREE Risk Assessment Auditing Tool 
(https://www.titania.com/risk-assessment-tool
The Risk Assessment Auditing Tool, created by Titania Ltd, automates the auditing of 21 key security risks (such as unpatched software, missing anti-virus updates and poor password enforcement) that would leave your business vulnerable to attack. It will significantly reduce the time of hardening your system against Ransomware attacks. 

Cryptolocker Prevention Kit
(http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit/
Cryptolocker Prevention Kit created by Third Tier to help automate making a Group Policy to disable files running from the App Data and Local App Data folders, as well as disabling executable files from running from the Temp directory of various unzipping utilities.

Author

Nicola Whiting

Communication Strategist, Technology Speaker, Chief Operations Officer, Diving & Kayaking Enthusiast