Tag: Patient Safety

Task force: Effective pain management needs to go beyond medications


A federal task force is calling for a far more individualized approach to pain management in the wake of the opioid epidemic.

In a draft report, the Pain Management Best Practices Inter-Agency Task Force said effective pain management needs to take into account all aspects of a patient including his or her biology, social ties and psychology.

That means looking beyond medications to manage pain, instead of simply finding alternatives to opioids, according to the report. Physical therapy, alternative therapies like acupuncture, activities like yoga and tai chi, and cognitive therapy are all components to be considered in a treatment plan.

“The practice of pain management and the opioid crisis have influenced each other as they have each evolved in response to different influences and pressures,” the task force said in the report.

“It is imperative to strike a balance between ensuring that patients with painful conditions can work with their healthcare providers to develop an integrative pain treatment plan that optimizes function, quality of life and productivity while also ending the devastating effects of opioid misuse.”

The task force, which was convened as part of the Comprehensive Addiction and Recovery Act of 2016, includes providers, patients and government employees. It’s spearheaded by the Department of Health and Human Services, with cooperation from the Department of Defense and the Department of Veterans Affairs.

The report noted that chronic pain is a widespread problem in the U.S., impacting 50 million adults, or 20% of that population. Of those, an estimated 19.6 million experience “high-impact” pain, which interferes with daily life and work activities. That raises the stakes in finding alternatives, according to the task force.

The push for new approaches to pain management must be bolstered by additional research into the “mechanisms” of pain and to establish better guidance for the warning signs of a transition from acute to chronic pain and ways to improve outcomes for patients with chronic pain.

This includes better education for both patients and providers, both on care options and to reduce the stigmas associated with pain and addiction, according to the report. The task force highlights several patient populations that should be focus areas, including children, women, the elderly, Native Americans, active duty soldiers and patients with sickle cell anemia

Clinical teams also need to be trained to more frequently and effectively screen patients for opioid addiction risk and need to be educated on overdose treatments, too—including potentially offering naloxone to any patient who receives an opioid prescription.

In addition to offering several areas to improve or innovate pain treatment, the task force also suggests that Congress mandate a review of the Centers for Disease Control and Prevention’s 2016 guidelines on prescribing opioids to patients with chronic pain.

Interpretations of the CDC’s recommendations and gaps in the suggestions have had “unintended consequences,” according to the report, leading some to misinterpret or misunderstand the guidelines. Updating the guidelines to meet the latest science and to address those gaps is crucial.

“A more even-handed approach would balance addressing opioid overuse with the need to protect the patient-provider relationship by preserving access to medically-necessary drug regimens, and reducing the potential for unintended consequences,” the task force said.

HHS will accept public comments on the report for 90 days.

EHRs Inadequate in Capturing Mental Health Diagnoses

The diagnoses of 27.3 percent of patients with depression and 27.7 percent of patients with bipolar disorder were missing from their primary care electronic health records, a study published in the Journal of the American Medical Informatics Association has found.

These behavioral health patients had an average of three to eight visits during the year both at the EHR site and outside the site. But despite these high numbers, the data from the encounters were underreported.

In the study, researchers from the Department of Population Medicine at Harvard Medical School studied Harvard Pilgrim Health Care patients at Harvard Vanguard Medical Associates who in 2009, who had a depression or bipolar diagnosis. Researchers studied outpatient care visits and calculated the proportion of these visits not found in the EHR.

“In this research, we found the lack of integration, interoperability and exchange in US healthcare resulted in a major EHR missing roughly half of the clinical information,” the authors wrote. “While behavioral healthcare is unique, it’s important to emphasize our findings demonstrate the problem of incomplete clinical data in the EHR is not limited to behavioral care.”

About half of the outpatient care days from insurance claims could not be matched to clinical contacts recorded in the EHR, the report shows. While this data is true for all areas of care, the extent of missing information was greater for behavioral services than for general outpatient.

Furthermore, 89 percent of acute psychiatric services in hospital-based events were missing from the EHR, and 43 percent of all hospital-based events were missing. In contrast, clinical events found in the EHR could be matched to claims 93 to 98 percent of the time.

The study also found there were also high rates of missing EHR data in general for healthcare, both for inpatient and outpatient care. Areas of specialist care were also grossly underrepresented in primary care EHRs.

“Published reports touting the anticipated benefits of the recent rapid adoption of EHRs should be tempered by frank examinations of EHRs as they currently exist,” the authors said. “Individual providers and health system leaders need  to  be  fully  cognizant  of  the  information  gaps  and  disconnects that lie behind the screen.

“Features intended to improve care and  protect  patients  from  harm  may  be  inadequate  in  typical  fragmented health systems, offering false comfort,” they added

NQF Issues Guidance on Measuring Health IT Related Safety Issues

The National Quality Forum (NQF) issued a new report providing a framework for health IT stakeholders to consider the effect of health IT on patient safety and prioritizes key measurement areas.

The use of health IT has introduced new patient safety challenges into the healthcare system, according to NQF, a Washington, D.C.-based non-profit organization, and potential health IT patient safety risks could relate to IT design, use or implementation. Risks to patient safety could include flawed implementation strategies that may result in clinicians circumventing TI safety features, alert fatigue and design flaws that can result in the recording of inaccurate patient information.

NQF convened a committee of 22 health IT and safety experts to address patient safety issues related to the use of health IT. According to a NQF announcement about the 99-page report, the committee recommends that patient safety measures consider these three high-level concepts:

Safe health IT – to ensure that health IT is accessible and usable on demand by all members of a care team and that health IT data are complete, accurate, secure, and protected

Using health IT safely – to ensure that features and functionality are effective, efficient, and implemented as intended; that there are structures, processes, and procedures in place to ensure safety and safe use of health IT; and that there are effective mechanisms to monitor, detect, and report on the safety and safe use of health IT

Improving patient safety – to ensure that health IT is leveraged to reduce patient harm and improve the safety of patient care and enables meaningful and effective patient engagement.

“Identifying patient safety risks associated with use of health IT is foundational to reap the benefits of IT to improve patient care, and all healthcare and health IT stakeholders have a shared responsibility to address these risks,” Hardeep Singh, M.D., chief of the Health Policy, Quality & Informatics Program at the Center for Innovations in Quality, Effectiveness, and Safety based at the Michael E. DeBakey VA Medical Center and Baylor College of Medicine, Houston and also the chair for the NQF committee, said in a statement. “Our recommendations prioritize risk areas and build a strong scientific foundation to advance measurement and improvement of patient safety in this area.”

“With the rapid adoption of health IT across the continuum of care, we must consider the potential impact on patient safety to ensure that this critically important tool is a positive and transformational force for change,” Helen Burstin, M.D., chief scientific officer of NQF, said.

In addition, the committee identified nine key measurement areas for health IT safety—clinical decision support; system interoperability; patient identification; user-centered design and use of testing, evaluation and simulation to promote safety across the health IT lifecycle; system downtime (data availability); feedback and information sharing; use of health IT to facilitate timely and high-quality documentation; patient engagement and health IT-focused risk management infrastructure.

In its announcement about the report, NQF called attention specifically to addressing the safety of tools that help clinicians make decisions about patient care, such as clinical decision support (CDS), as well as the ability of health IT systems to exchange information.

NQF noted that “poorly designed or configured CDS can threaten patient safety, such as when clinicians experience alert fatigue.” The committee recommend in the report that CDS measurement address “the appropriateness and timing of alerts, the appropriateness of clinicians’ responses to those alerts, and the monitoring of CDS content to ensure that it remains useful, clinically relevant, up-to-date, and free of errors.”

And, the NQF committee report also noted that the need for health IT systems to “seamlessly exchange patient data is increasingly important.”

“But many EHRs still are not interoperable, potentially leading to failures in communicating important patient information (such as test results) and delays in treatment. The report suggests that measurement of interoperability could assess whether systems have the ability to communicate and exchange specific types of data and how often diagnostic test results are unavailable when needed,” NQF stated.

The report authors note that the goal of the project is to provide “guidance and direction on priorities related to measurement of health IT safety” and the potential measurement concepts identified in the report are suggested areas for future work and “should not be considered NQF-endorsed measures, nor should they be taken as fully developed measures to be implemented as presented.”

“By identifying some of the highest-priority areas, this report may serve as a basis for future efforts to develop measures that can be incorporated throughout the HIT lifecycle as part of an iterative development process. Measurement based on iterative and continuous learning will successfully inform future HIT quality and safety improvement efforts, including in emerging areas such as improving diagnosis,” the report authors stated.

The report authors also noted that advancing the safety and safe use of HIT “will require stakeholders to share responsibility and accountability for patient safety” and “this may require a substantial cultural shift for the many groups involved in the development and use of HIT systems.”

While health IT innovation is moving at an incredibly fast pace, the report authors note that the changing landscape “offers a significant opportunity to ensure that patient safety considerations are incorporated into all phases of the health IT lifecycle.”

National Patient Identifier May Cut “Silly Waste” in Healthcare

The healthcare industry may be eagerly awaiting the eventual demise of the EHR Incentive Programs, but providers will be disappointed if they think that the end of meaningful use is the end of their health IT troubles.

When the program begins to wind down towards the end of the decade, few organizations will mourn the end of the rigorous check-box mentality and the all-or-nothing attestation processes that have caused so much consternation since the beginning of the less-than-popular program.

Critics have complained that meaningful use rushed the industry into adopting sub-par EHR products, created more data siloes than it prevented, and simply replaced a paper-based mess with an equally problematic morass of digital glitches, dangerous workarounds, and new opportunities to commit a slew of deadly patient safety errors.

But as the EHR Incentive Programs morph into the Merit-Based Incentive Payment System, stakeholders have to put their criticism of the past on hold and start thinking about how to solve the problems that EHR adoption, for better or worse, have left them.

The College of Healthcare Information Management Executives (CHIME) is taking that lesson to heart, the organization’s leadership shared at the 2016 HIMSS Conference and Exhibition in Las Vegas.

Not only are the nation’s healthcare CIOs dedicated to leading their industry into the data-driven future of risk-based contracting, population health management, and big data analytics, but they are aiming to eliminate one of the most critical patient safety and care quality issues facing providers: the lack of a national patient identification strategy.

“I always ask this question: what percentage of the time do you want to be correctly identified when you walk into the hospital?” challenged CHIME President and CEO Russell P. Branzell, FCHIME, CHCIO, during the CIO Forum at HIMSS16.  “How about your loved ones and family members?  Is 99 percent good enough?”

“You don’t want to have a one percent chance of not walking out of the hospital because someone looked at the wrong record,” he told HealthITAnalytics.com.  “That’s just not acceptable to us and our organization, so we’re going to fix it.”

Patient matching and the creation of a national patient identification standard have been issues close to CHIME’s heart for quite some time, and the group has put significant effort into making sure that rule makers, regulators, and industry innovators are devoting enough to tackling the problem.

In 2015, CHIME partnered with XPRIZE CEO Dr. Peter Diamandis to offer a $1 million prize to for a 100 percent accurate patient matching solution.  More than 170 innovators from 15 countries have already signed up to take on the challenge of ensuring that data follows patients accurately, Branzell said, which is one of the foundational competencies required for true health data interoperability.

“As we surveyed members and asked them what was really holding them back from making huge strides with interoperability, safety, quality, and cost cutting, almost universally, the answer was how hard it is to identify the right patient and aggregate their information,” he said.

The fragmentation of the healthcare landscape, coupled with some significant political handicaps that have prevented HHS from developing a national patient identification system, have left patients vulnerable to record mismatches, erroneous duplications, gaps in up-to-date data, and all of the potential safety problems that come with them.

While the 1996 HIPAA rule included a provision that would have created a unique patient identification system, the American public was not ready to embrace the concept – or perhaps simply did not understand the need for it.  Either way, Congress acted in 1999 to defund any governmental actions to create an NPI, and HHS has complied with the order, however reluctantly.

“The government knows it’s the right thing to do, but they are really handcuffed from even working on this,” said Branzell.

But the healthcare environment is drastically different than it was before the turn of the century, and regulators aren’t the only forces at work in a rapidly evolving industry.  CHIME, along with other organizations like AHIMA, WEDI, HIMSS, the Sequoia Project, and MGMA, are forging ahead with patient matching projects that promise a private industry solution to the problem the government isn’t currently able to solve.

“We were really challenged by the ONC and National Coordinator Karen DeSalvo to lead from the field,” Branzell said.  “They said that the private sector can do its own thing if it wants – we don’t always have to do things from a governmental perspective.”

So after considering the challenges, we decided that a patient ID was something that we could really lead from a national perspective,” Branzell continued.  “We figured if we were going to do something, we might as well do something huge, and you don’t get bigger than a national patient identification strategy.”

The $1 million innovation challenge, along with a steady stream of commentary directed towards federal stakeholders, are also part of CHIME’s work to support Chief Information Officers in their changing roles, said Mark Probst, VP and CIO of Intermountain Healthcare and incoming CHIME Board Chairman.

“There are so many exciting and challenging things as we look forward to in 2016,” he said to a room packed with executives from across the country.  “We’re moving beyond the check-the-box meaningful use activities we had in 2015, and we’re moving into a time when the CIO has to take a much more strategic and active role in health IT.”

“We have the opportunity to really leverage health IT to improve lives and bring population health management into the care system.  Our CEOs are looking at population health and membership engagement – things we haven’t traditionally had to do in healthcare but looking forward, these are things we all need to do.”

“We now need to extend what we’re doing and really think how technology is going to be one of the saviors of healthcare in the future,” Probst said.

In order to do that, the industry has to look honestly at the impact of meaningful use, warts and all.  The EHR Incentive Programs may be full of headaches, but healthcare’s digital revolution has also been a catalyst for positive change, Branzell argues.

“It was really impossible to work on patient matching until we got through the meaningful use process, which shone a huge light on the issue,” he said.  “It’s not as if this problem happened because we computerized the records.  It’s been there forever, and it’s been far worse.

“We’ve actually solved part of the problems with digitization.  But what that’s done is put a spotlight on the safety errors and the huge amount of waste that’s occurring right now in our industry.  We’re talking about billions of dollars in waste.  And it’s just silly waste.”

The waste isn’t just financial.  Unfortunately for some patients, poor workflow processes, non-existent data standards, incomplete or out-of-date files, and the occasional complete mismatch of patient information is costing them extra days in the hospital, delayed diagnoses, or even their lives.

Without a streamlined, synchronized methodology for making sure that data and patients travel side-by-side along the care continuum, many of the industry’s other attempts to improve workflow processes and rely on advanced technologies may be for naught.

When asked to assign percentages to the balance between human-centered workflow errors and health IT issues, Branzell just smiled ruefully.  “I would aggregate them,” he said.  “We have a 200 percent problem.”

“There are always going to be process-oriented issues,” he acknowledged.  “And those get magnified when you don’t have technology or workflow solutions.  People will create workarounds.  They skip steps on registration.  They say, ‘Well, there’s the nearest Joe Smith, so I’ll pick him,’ but it’s not the right Joe Smith and all of a sudden, I’ve picked the wrong person, and he happens to be allergic to penicillin but the other one isn’t – and now I’ve killed Joe.”

A national patient identification number would certainly help to lessen the incidence of mistakes originating with error-prone providers, but patients can also be powerful partners when it comes to protecting their own health.

Patient engagement isn’t just about meeting the Stage 2 and Stage 3 meaningful use requirements surrounding patient portal use and secure messaging, now reduced drastically from previous levels.  It’s about truly empowering patients to become full members of their care team: informed consumers with a thirst for knowledge, a keen eye for quality, and no compunction about questioning something that doesn’t quite feel right.

CHIME believes that patient engagement is a critical prerequisite for enacting the large-scale changes required to avert a meltdown of the current healthcare system.

The American healthcare industry is staring down a crisis situation: a rapidly aging and sickening patient population, paired with out-of-control spending, a shortage of qualified physicians, and a disappointing cost-to-quality ratio are putting enormous stress on everyone involved in the care process.

“We really think we only have about five to seven years to radically change healthcare for the US, and maybe even globally,” said Branzell. “And one of the arrows in our quiver that has been missing is how to engage on the patient level.  How could we help health systems do that?”

CHIME believes part of the answer may lie with the increased transparency and data sharing of the OpenNotes initiative.

The wildly successful project, which allows patients to view their entire medical record online, has achieved acceptance and acclaim from patients and providers alike.

A recent study on the outcome of a long-term pilot project found that patients who accessed their data online were more likely to maintain medication adherence, professed higher rates of satisfaction with their care, and felt more in control of their health.

Confident patients may be more likely to point out mistakes to their providers.  But they need to be able to see their documentation in order to discover an out-of-date medication, an inaccurate record of a procedure, or a missing allergy.

As patient access to their data expands, “we’re discovering that there is a very high percentage of errors in medical records,” said Branzell.  “Seventy to eighty percent of the time, a significant error is found in documentation.”

To reduce that statistic, CHIME recently announced a new partnership with OpenNotes that will contribute to the program’s continued expansion.  More than five million patients have OpenNotes access, and that number is set to grow tenfold in the next few years.

“OpenNotes is creating an environment that encourages health systems to share all their information with patients,” Branzell said, and CHIME is excited to help build momentum for the effort.  The partnership, announced last week as part of the Precision Medicine Initiative, will work to increase awareness of the initiative’s opportunities and help providers offer comprehensive data access to their patients.

“Short term, we want to reach 50 million lives,” he said.  “But long-term, we’d like to see this go out to everybody.  Everyone should have the opportunity to see and review their electronic notes and be part of the care process.  This is our major patient engagement initiative.”

By taking a two-pronged approach to patient data transparency and accuracy, CHIME hopes that providers will soon be equipped with all the tools required to accelerate the system-wide decline in patient safety errors.

CHIME is confident that empowering patients with improved data access while simultaneously pushing for a standardized way for providers to stay on the ball will be an effective strategy for slashing waste, boosting quality, and helping healthcare leaders navigate the unpredictable changes in the rules and regulations that govern an industry in a constant state of transition.

Clinical Decision Support Alerts Overwhelming Physicians

EHR clinical decision support systems prove to be somewhat unnecessary in opioid prescriptions, according to a recent  study. In a retrospective chart review study encompassing two years, researchers found that nearly 96 percent of clinical decision alerts for opioids were overridden by physicians.

Clinical decision support systems and computerized physician order entry are two tools frequently used to prevent adverse drug effects, or injuries caused by improper administration of a certain medication.

However, the prescription of fairly common medications, such as opioids, can cause an influx of alerts. The research team hypothesized that this overabundance of alerts could cause alert fatigue, increasing the risk for opioid-related adverse effects.

“[E]lectronic health record vendors are reluctant to modify or turn off medication alerts for fear of exposing themselves to increased liability, resulting in physicians’ being faced with navigating warnings that are too frequent and of minimal clinical significance,” confirmed the research team. “This causes providers to repeatedly override these warnings and disregard the alert message. This “alert fatigue” inherently increases patient risk of adverse drug events.”

However, the research disproved their hypothesis, showing that physicians indeed did override a considerable number of clinical decision support alerts, but they still adequately prevented adverse drug events.

Throughout the study, physicians received 13,719 clinical decision supports for opioid prescriptions, and they overrode a vast majority of the alerts.

Opioid prescription alerts were more likely to be overridden than non-opioid prescription alerts, and duplicate opioid prescription alerts were approximately 1.5 times more likely to be overridden than other prescription alerts.

However, despite the high rate of overridden opioid prescription alerts, patients rarely saw adverse effects from prescription drugs.

The research team found that throughout their two-year study period, nearly 4,581 patients encountered adverse drug effects, and only eight of those were a result of opioid prescription. Furthermore, none of the opioid adverse effects were preventable by the prescription alerts.

Clinical decision alerts were helpful in preventing adverse effects for a small sum of patients. Out of the 46 clinical decision alerts that were not overridden, 38 of them prevented a patient from experiencing an adverse opioid-related event.

“Forty-six alerts were triggered for 38 patients that may have averted an adverse drug event, but none of the observed adverse drug events identified in this study were preventable by the clinical decision support system. This underscores the value of clinical decision support and computerized provider order entry systems in intercepting preventable adverse drug events,” the research team wrote.

Although clinical decision alerts were successful in preventing adverse effects to opioid prescriptions, the researchers found that physicians face an overabundance of alerts. For example, in order to prevent one adverse event, physicians needed to handle over 120 clinical decision alerts.

“However, the consequence of this high sensitivity is low specificity, confirmed by our finding that providers sorted through 4,692 alerts to avert 38 adverse drug events. In other words, to prevent just 1 adverse drug event, providers had to deal with more than 123 unnecessary alerts,” the team confirmed. “Additionally, 98.9% of opioid alerts were not associated with an actual adverse drug event, nor were they thought to have averted one.”

The research team concluded by saying that this research highlights an issue in clinical decision supports, saying that although several adverse drug events were prevented using clinical decision alerts, the systems still sent an overabundance of alerts to physicians, creating a risk for a future mistake.

“However, to prevent those adverse drug events, the clinical decision support system fired 4,692 alerts, and this is where the clinical decision support system is failing: overwhelming providers with unnecessary and clinically inconsequential alerts,” the research team concluded. “It is well established that clinical decision support prevents adverse drug events. It is essential to refine alerting systems to highlight clinically significant alerts and eliminate inconsequential alerts, thereby preventing alert fatigue and maintaining patient safety.”

Systema Software Data Breach: 1.5M+ Medical Records Accessible via AWS

A new data breach to report: Insurance claim data and other highly sensitive information were inadvertently posted on Amazon Web Services after an error was made by a contractor of Systema Software; a Business Associate of a number of HIPAA-covered health insurance providers. Systema Software was responsible for processing claims for a number of U.S insurance companies.

The data exposed in the Systema Software data breach included Social Security numbers, insurance claim information, drug test results, details of medical services provided – and dates of treatment – billing amounts and unique payment and claimant ID numbers. Personal information was also exposed which ties the records to specific individuals. The data also included details of claims that had been approved and rejected by insurance companies, as well as details of how those insurance carriers were expecting to defend certain claims.

The data breach was discovered by tech enthusiast Chris Vickery, who became aware that system dump data was occasionally posted to the cloud via Amazon Web Services. Upon investigation Vickery discovered a huge volume of data that included highly confidential medical records, claim data and even police reports on individuals.

After downloading some of the data, Vickery alerted databreaches.net to the security breach and contacted the companies whose data was included in the files. According to a report posted on the website, Vickery said “There were a minimum of 1.5 million individuals who had personal details exposed, probably 1 million SSNs, more than 5 million financial transactions detailed, over 1000 entities that had data exposed, and hundreds of thousands of injury reports. Not all entities are necessarily clients of the software firm.”

One of the affected clients, which appears to have had its entire database posted online, is the Kansas State Self Insurance Fund. Data from its SIMS database was accessible via AWS, which included the Social Security numbers, names, addresses, and telephone numbers of over a million Kansas residents. A CSAC Excess Insurance Authority (CSAC-EIA) database was also accessible. That database allegedly contained over 570,000 records, which included Social Security numbers, dates of birth, and contact information, in addition to 4.7 million notepad entries and 3 million payment entries dating back to 1987. An unprotected Salt Lake County database was also downloadable via AWS.

According to Vickery, the data included “Tons of financial transaction data. Bank accounts with routing numbers, check numbers, amounts, dates… and not everyone is a client. Any person or company that got paid-out is at least mentioned.”

The Systema Software data breach is not the work of hackers, but appears to have resulted from human error. Systema Software has not explained how the data came to be posted on AWS, although the COO of the software company, Danny Smith, did reply to Vickery’s breach notification via email. He said, “I wanted to let you know that we’ve contacted all of our clients at this point and made them aware of the situation. Again, we’re grateful that it was you who found this exposure and that your intentions are good.”

Vickery also spoke with Smith on the telephone and was allegedly advised that the data were accidently made available online after a contractor made a mistake. Smith sought confirmation from Vickery that the data he downloaded had been secured, and said “Our clients are looking for confirmation that you have not shared their data with anyone else, will not share it, and will delete it.” Vickery said that this was the case and only he had viewed the information. Vickery confirmed he is receiving assistance from the Texas Attorney General to make sure that all traces of the data are securely and permanently deleted from his computer.

There were fears that Vickery was not the only person to have downloaded the data, as any number of individuals could potentially have accessed the information via AWS. Fortunately, however, this does not appear to be the case.

After the Kansas Department of Health and Environment (KDHE) was notified of the Systema Software data breach, it conducted an investigation and determined that the files were no longer accessible online, and only one individual had downloaded the data (Vickery). A statement was issued by KDHE saying “We have worked with our contractor to determine what information was available and to whom it was available. We are confident that all identities remain safe and confidential.”

As a Business Associate of a number of HIPAA-covered entities, Systema Software is likely to be investigated for potential violations of the Health Insurance Portability and Accountability Act (HIPAA). Systema Software is obliged to implement safeguards to prevent the exposure of confidential data, which under the Omnibus Rule, includes taking steps to prevent its contractors from exposing any data provided.

At present, Systema is conducting a thorough investigation into the security breach and will be taking a number of stems to ensure that all data held is appropriately protected in the future. Once the investigation has been completed, the company will be able to determine what, if any, remediation measures will be necessary.