The HealthITBlog

Healthcare Informatics and Technology

HIMSS – day three

I spent the final day working through the second hall of exhibits. The interoperability showcase was very interesting, in particular a demonstration of medical devices interoperating with an EMR: devices that measure patient vitals (blood pressure, pulse, oxygenation), alarms etc, feed their data directly into  the patient’s record in the hospital EMR.

Medical devices reporting data into an EMR

An amazing demo from Palantir, who are conveniently located a few miles from my home, showing how public health data is aggregated, analyzed, sliced and diced; a great tool for epidemiology.  Merge demonstrated a federated view of radiology images in DICOM format sourced from various PACS systems.

HIMSS provides wonderful opportunities to network. I had lunch with a representative of the California Association of Public Hospitals and we discussed opportunities provided by ARRA refunding and California LECs and RECs. I look forward to working further with the CAPH and thank you to my lunch guest. My collaboration with the Clinical Groupware Collaborative (CGC), provided great networking opportunities: I chatted briefly with Adrian Gropper ; per David Kibbe’s suggestion, I met Randall Oates of Soapware, and ended the evening dining out with another CGC member, my mentor, Dr Steven Waldren.

March 3, 2010 Posted by jgershater | Health Information Technology | , , , , | No Comments Yet

HIMSS 2010 – day two

Yesterday I managed more of the exhibit call including Microsoft, Cisco, RelayHealth and several smaller companies.

In the afternoon I attended a very informative career session with advice from HIMSS and Monster.com

I was fortunate to attend the HIMSS dinner in the evening, sponsored by Sentillion, at the High museum of art. I had the opportunity to indulge my love of 18th-19th Century European art and meet many interesting people, including this dancer below:

Jacob leaving the house of Laban

Jacob leaving the house of Laban, Charles Joseph Natoire

March 3, 2010 Posted by jgershater | Health Information Technology | , , | No Comments Yet

Birthdays on the 2nd of March

Read to your child today – thanks to  Dr Seuss

Celebrate freedom for millions freed after decades behind the Soviet iron curtain – thanks to Mikhail Gorbachev

Write a little comment on this entry to your humble author who is spending his birthday away from his family, but will receive their best wishes – thanks to Skype.

March 2, 2010 Posted by jgershater | Personal | , , | 4 Comments

HIMSS 2010 – day one

At the opening reception, Sunday night, I finally met Martin Pellinat CEO of VisionTree, with whom I have had many conversations as I participate in the Clinical Groupware Collaborative (CGC).

Similarly on the first day, I met the team from Resilient Networks, another CGC member company.

Needless to say networking opportunities abound at HIMSS.

Over 900 companies and 30 000 people at one convention took me a few hours to comprehend and absorb. I attended a very informative session on Telehealth and mobile devices; followed by session presented by Kaiser Permanente on patient portals (or tethered PHRs).

The exhibit hall is enormous thus I only managed to visit one quarter of the companies present.

The evening ended with dinner and a concert by Grammy award winner Colbie Caillat at the Georgia aquarium, courtesy of MEDecision.

March 1, 2010 Posted by jgershater | Health Information Technology | , , , , | No Comments Yet

MUMPS anyone?

As a kid I got mumps and stayed home from school with swollen glands;  today there is the MMR vaccination for children fortunate to live in developed countries.

I am not writing about the disease though, rather the programming language used to create electronic medical record software, for example: VISTA and EPIC. This is another assignment from my class, Healthcare Informatics – the University of California, Davis.

If you were writing a new Electronic Medical Record (EMR) software solution today, would you use MUMPS, which is admittedly widely deployed?

Those in favor might argue:

  1. MUMPS is the language used by existing EMR deployments from large established EMR vendors,
  2. The MUMPS database does not waste disk space as it uses sparse arrays and B-trees queries are  faster than indexed relational databases.
  3. MUMPS based EMR systems installed today are stable and reliable.

I posit no, because:

  1. Where would you find MUMPS programmers today? Are new college graduates proficient in MUMPS or JAVA/C++ ?
  2. How would you interface with other EMRs today? Interoperability is the one of the biggest challenges between healthcare systems today and creating a new EMR system based on older non-standards approaches will not result in an interoperable system.
  3. Rather than run a MUMPS based system on large monolithic hardware, a new EMR system could be written on distributed highly available hardware.

Of course there is also the option of not writing your own EMR software,  but rather using a Cloud computing EMR solution from vendors such as  AdvancedMD or (my local favourite) Practice Fusion.

February 28, 2010 Posted by jgershater | Health Information Technology | , , , | No Comments Yet

How to select and deploy an Electronic Medical Record system

This blog entry is a brief summary of readings I have covered as part of my training in healthcare Informatics from the University of California, Davis and is sourced from this paper and this book

The medical practice has to be ready to adopt an EMR and most importantly to recognize that the medical practice is adopting a vision, not just a technology. A vision means the practice will offer better patient care, a more efficient office and improved financials.  The most important role in the implementation of an EMR is a ‘champion’. The role of this champion is to gain buy-in and trust from perhaps reluctant staff in the medical institution, since workflows and business processes will likely change. Users of the new system must have high psychological ownership of the new technology.

Steps in the implementation of an EMR

Information gathering

  • Collect information: Patient data, radiology and lab reports
  • Assess workflows: Appointment scheduling, events during and after a patient visit, unscheduled visits and questions etc
  • Financial impact: Beyond the initial cost of the software are costs for training, maintenance and upgrades.

Selection Phase

Subsequent to information gathering, the medical practice selects an EMR. A few choices: proprietary vendors such as EPIC, Cerner and Eclipsys or  OpenSource alternatives . Both require creating evaluation criteria and extensive RFI/RFP processes by a project steering committee. Furthermore members of the medical practice should visit other practices and view their EMR implementations.

Keys to success

  • People are key to the successful implementation of an EMR. Everyone, clinicians and yes patients, must be aware of the new system to gain buy-in.
  • Workflow will be redesigned
  • A good project plan: just like the rollout of any enterprise software system, a good project plan is required that that clarifies responsibilities, sets objectives, generates tasks, and provides tight control and feedback with ongoing problem solving.

Alternative solution to installing an EMR

Of course a simpler alternative would be to select a hosted SoftwareAsAService (SaaS) offering that requires no in-house software, servers, or expensitve technical support staff.  A SaaS solution that I like and have interacted with over the blogosphere is Practice Fusion. Contrarians might argue that a hosted service is a one-size-fits all solution that does not fit the current practices of a medical practice. I would counter that an in-house system will be expensive to modify to suit a medical practice’s needs.

Hosted or in-house, the medical institution must recognize that their workflows and practices will have to change if they wish to gain the undeniable benefits on an Electronic Medical Record.

Image below courtesy of HIMS Analytics

February 26, 2010 Posted by jgershater | Health Information Technology | , | No Comments Yet

Hospitals and Facebook?

At first thought one would really wonder what connection there is between hospitals and Facebook….

Hospital – a medical institution where sick people are treated from simple outpatient treatment to lengthy stays for chronic illness or recuperation from surgery.

Facebook – probably the second or third most popular Internet destination, boasting 400 million users on the 6th anniversary of its founding.

Per the image below, email is a one-to-many form of communication – think of a tree: one trunk supports many branches and leaves. Facebook, is a many-to-many form of communication, users join groups; users create fan pages even pages belonging to corporations for example, Microsoft. Updates and posts sent by any user to the pages or groups in turn reach all the users in the group.

A hospital can use a social-media site like Facebook, to communicate with its patient community.  An excellent resource for social-media and healthcare is Edward Bennet’s blog, FoundInCache. For example, he lists one thousand hospitals that use social media.

How?

  1. To market the hospital: Yes a hospital is a consumer entity that needs to be sold to patients. Patients do, and should have, a choice of where to get their healthcare. Thus the overall marketing campaign of a hospital should include social-media sites like Facebook.
  2. To solicit feedback: Patients and their family/friends, can openly comment on the quality of care and treatment that a hospital provides.
  3. Online support network for patients: Patients can share treatment options on their maladies and exchange useful tips on what worked and did not. For example, MDAnderson Cancer hospital has several online support options for patients.

February 12, 2010 Posted by jgershater | Health Information Technology | , , | No Comments Yet

Consumer! – shop for medical services….

America consumers are adept at shopping for details when purchasing consumer items for example: a TV set, new vehicle or a piece of furniture. While price is important, consumers also take into account overall quality of service: the vendor’s reputation, after-sales service etc

Medical services are no different. While we may be accustomed to simply visiting the doctor and taking his/her advice and paying the co-payment stipulated by the insurance company, this process is rapidly changing. I provide two personal experiences to illustrate, focusing mostly on price:

1. I recently underwent a root canal treatment. My dentist referred me to an endodontist. Upon arrival at the office I presented them with my insurance card and was told “we are out of your network”, bottom line my co-payment would be 50% or $575 plus $238 for a procedure not covered by insurance at all. Total out of pocket expense: $813.  In pain and sensing the urgency of the matter,  I still managed to phone the dental insurance company,  requested an in-network provider and simply walked three blocks to my new appointment. At this office, my co-payment was 10% and $110 for the uncovered procedure, total out of pocket expense: $188. The endodontist provided a most pleasant and pain-free experience with excellent after-care instructions on how to remain pain-free.

2. Following my MRI experience, which I detailed here, I received a bill for a whopping $500 co-payment. I phoned several MRI clinics in the neighbourhood and was surprised to learn that the identical procedure (I quoted the standard ICD-9 code), was 10%-40% cheaper. My co-payment would have been far less than $500 (I am currently fighting the exhorbitant cost at my clinic quoting neighbouring facilities which charge less).   Lesson learned: shop around, call for price quotes on medical procedures before undergoing any.

Bottom line, It is your body, your health-care, your money:

  • Call around for price quotes and after sales service before undergoing a medical procedure.
  • Get to know your insurance company and in particular the diagnosis code (ICD-9).
  • Provide this number to the medical services provider and you will rapidly get a price quote and know what your total out-of-pocket expense will be.

February 2, 2010 Posted by jgershater | Health Information Technology | , , , | No Comments Yet

Will you entrust the US government or a private entity with your electronic medical records?

The ARRA stimulus bill provides incentives for medical providers to use Electronic Medical Records for storing patient healthcare information. (To read more about Meaningful Use and certified Electronic Medical records, beyond the scope of this posting, please refer to CCHIT). The overarching goal is to allow medical records to be exchanged between health-care providers. A simple example: An employee changes jobs and receives new health insurance, which requires him to use a different healthcare provider. How does he transfer his medical records to that new health-care provider.  Or a soldier is treated in a military hospital, then transferred to the VA and finally to a public/private hospital. How does his/her electronic medical record transfer between the three distinct institutions.

In transferring electronic patient data between institutions:

  • How does American law protect the privacy and security of patient health-care data?
  • Why are Americans hesitant to share medical information electronically?

On Monday January 25th, 2010 a study by the Ponemon institute revealed that Americans distrust the Federal Government or private enterprise to electronically store their health-care data.

Of the 868 Americans surveyed about their views on digitizing and storing health records, only 27% said they would trust a federal agency to store or access the data–the same percentage as those who would trust a technology firm like Google Microsoft or General Electric

Let’s examine how US Federal law protects electronic medical records

Health Insurers and Providers who are covered entities must comply with your right to:

  • Ask to see and get a copy of your health records
  • Have corrections added to your health information
  • Receive a notice that tells you how your health information may be used and shared
  • Decide if you want to give your permission before your health information can be used or shared for certain purposes, such as for marketing
  • Get a report on when and why your health information was shared for certain purposes

Nothing implied about electronic medical records, nor exchange of electronic data and most importantly authenticating the individual who is requesting access to the records. In an electronic medical record system, how can I be certain that Joe Smith is who he claims to be when he logs into the system. Is user-name password sufficient security?

  • In light of the ARRA stimulus bill, the US Department of Health and Human Services (HHS) revised the privacy rule in December 2008. (11 page PDF here). In summary:
  1. Access: Individuals must be provided timely access to their medical data
  2. Disputation/Correction: Individuals must be able to dispute and correct information in their health record, from a simple typo, corruption of digital information in transit  between entities and even medical identity theft.
  3. Openness/Transparency: Individuals must have access to their record and know what is in there and how it is disclosed.
  4. Individual choice: Individuals must be able to choose how data is shared. For example which doctor is allowed to view their record delegating access to another person in case the individual/patient is incapacitated and cannot access their record.
  5. Collection/Use: Individuals have the right to know how their medical data is distributed/used; that data is only used for their care and not distributed beyond the patient’s consent.
  6. Data quality/integrity: Data is secure and not compromised
  7. Accountability/Auditing: An audit trail and legal accountability exists to know who was authenticated and authorized to access an individual’s data.

The word “trust” appears 13 times in the 11 page document, the phrase “trust in electronic exchange of information” appears six times. Clearly the HHS is attempting to gain the public trust in an electronic exchange of health data.

  • The Federal Trade Commission proposed a breach notification rule (50 page PDF) “requiring vendors of personal health records and related entities to notify individuals when the security of their individually identifiable health information is breached.”

So, given the above laws, why does the Ponemon study find Americans so distrustful to store their electronic health data. The study revealed:  Users rated health records as far more sensitive than other information they typically share with Web companies. On a scale from one to seven, medical data received an average rating of 6.64, while credit card information received only a 4.27 and online search records just a 1.86.

I posit that:

  • Internet searches can be reasonably anonymous.  I can search for information from a public computer such as the library or a firewall can transform my computer’s identity (IP address).
  • If my credit card information is compromised I am protected by the credit card company; so much so that credit card companies have sophisticated software that track errant spending patterns and forewarn me. Am I in an obscure overseas country attempting to purchase a $3000 airline ticket?
  • Americans, historically, have a distrust in their government. The Bill of Rights dating back to 1791 protects the individual (for example unreasonable searches).  So why should the government be trusted with personal health information?

The problem is health information potentially reveals personal and important details about an individual: their weight, medications, illnesses, addictions, allergies,  perhaps even sexual preferences. (Interestingly under the US law, patients do not have access to their  psychotherapy notes. See HIPAA rule “You do not have the right to access a provider’s psychotherapy notes.” )

The real problem I believe is what options does a an individual have if their electronic medical record has been compromised? Witness two recent incidents in California where electronic patient information was stolen: UCSF – (600 patients) and Kaiser (15000 patients).

Is the FTC breach rule sufficient?

I think the rule is sufficient, but the ubiquity, and ease of electronic data duplication, makes it difficult to gain the trust of users. If my medical records are stolen, what comfort is the rule? The answer individuals require from electronic medical record vendors is “we will encrypt your data, at rest and in transit.” At rest means data in a database is encrypted; in transit means, that the data as it is transmitted across computer networks. Today, encryption in transit is easily achieved with SSL. Encryption at rest is rare because it is practically difficult to implement. If I encrypt “Joe Smith” as “aS@Pn!”, then how do I search for his record, as I cannot search for “Smith”? How does another, say reporting application, access and present the encrypted data? How do I index a database (group all the “Smith”s together) if the data is encrypted? How can a receiving party in another institution (sharing electronic medical records) decrypt the data? As the UCSF and Kaiser incidents note, unencrypted data was stored on detachable disks and subsequently stolen.

Electronic medical record vendors and the US government have a long way to go to gain public trust.

(This posting is an assignment from my UC Davis Informatics class on telemedicine)

January 28, 2010 Posted by jgershater | Health Information Technology | , , , , | 2 Comments

Should Doctors answer email (from patients) ?

When I attended a HIMSS conference on PHRs last month, (see my writeup in particular item 3.) one of the panelists, Dr Chan, discussed their (tethered PHR) – in particular the ability of patients to email their physician. (I am fortunate to be able to email my doctor). So I asked, Dr Chan, if email did not consume a lot of a Doctor’s time outside of their paid hours at a clinic or even their own practice.  In a similar vein, an author only known as “Amy” commented on an entry in kevinmd.com that Doctors are not paid to answer email and some patients are loathe to pay for the functionality of emailing their doctor.

How does it change a physician’s job, if they establish an email relationship with their patients?

I suggest the following:

  1. The Doctor is not encumbered to answer email immediately. Though we may lead hyperconnected lives with smartphones and wifi, email replies can wait.
  2. Email is not a substitute for an office visit, doctors should not diagnose by email.
  3. Use email for follow up, answering simple questions such as: “Do I take the medication recently prescribed on a full stomach or before eating?

Some responses to the KevinMD blog post, questioned why Doctors should work outside of their normal office hours by answering email. I wonder which professions today are limited to “office hours” ? Email does offer a Doctor the opportunity to answer patient questions asynchronously, meaning when the Doctor wants to, versus a phone call that requires the Doctor to answer immediately.

January 20, 2010 Posted by jgershater | Health Information Technology | , | 2 Comments

« Previous Entries