Sunday, February 13, 2011

NEHTA Releases A Set of Documents Describing Integration of the Health Identifier Service With the HealthSMART Program in Victoria. Not There Yet!

The most interesting to me is this document of the release is this one:

Vic IHI Integration Clinical Risk Assessment Report v1.1

The document is one of a series of specifications and so on produced as part of a IHI Pre-Implementation Project between NEHTA and HealthSMART.

An overview is found here:

Vic IHI Integration Project Deliverable Release Note 1.0

Overall the project is to deliver the following we are told:

“Project deliverables include:

• Business Requirements

• IHI Integration Functional Design

• IHI Clinical Risk Assessment

• IHI Best Practice Guide

• IHI Integration Technical Design

• IHI Integration Solution Architecture.”

Interestingly the IHI Solution Architecture itself was held back for a later release as it was not ready yet (as of 11-02-2011).

As mentioned, I was especially interested to read this document. Interestingly the risks around the use of the CDMS as the source data for the HI Service seem to not get much discussion or review as far as I can tell.

2.2 Clinical Risk Assessment

This document provided an important input to the Vic IHI Integration Design, and much of the design exists to address the risk areas identified. This document was prepared by the project team with input from health service and other staff well versed in evaluating and mitigating clinical risks.

This document is user and clinician focussed, but may also be of interest to designers and architects of health IT systems.

This is the Table of Contents:

Table of Contents

1. Document Overview




2. Introduction

3. Scope

4. Risk Assessment Report Summary






5. Detailed Hazards Assessment and Recommended Controls





6. Appendix: NEHTA Sentry Clinical Safety Risk Assessment Criteria




7. Glossary.

Just a few comments:

First just why is this the first time we have heard of this document?

NEHTA Hazard Assessment Report – Health Identifiers Release 1, v 1.0 , Feb, 2010

Second on page 6 we read:

“A constraint upon this review was that specialist training in NEHTA Clinical Safety Management methodology, and NEHTA Clinical Risk Assessment of Release 3 HI Service functionality was not available at the time of this Risk Assessment. Capacity to participate in Jurisdictional Clinical Safety Management was identified during this project as a gap in NEHTA support. The NHCIOF have subsequently sponsored a Gap Analysis and Clinical Safety Management Model to be delivered by NEHTA in January 2011.”

Translation from bureaucratese - The team were not ready and not trained to undertake the review!

Further on we read:

”The introduction of healthcare identifiers, whilst designed to improve quality and safety in clinical communication and electronic identification of patients to support clinical care can also increase risk of harm to patients.

The Australian Commission on Safety and Quality in Health Care, Report ‘Review of Technology Solutions to Patient Misidentification’ (2008) notes that:

Throughout the healthcare sector, the failure to identify patients correctly and to correlate that information to an intended clinical intervention continues to result in wrong person, wrong site procedures, medication errors, transfusion errors and diagnostic testing errors.

In examining the potential for technology to assist in solving this problem, the Commission’s key finding noted:

· Diligent execution of appropriate process/workflow remains the key aspect of patient identification. Technology is an enabler, not a sole solution.

· To be successful in the long term, implementation implies ubiquitous deployment of the technology throughout the patient journey.

· The importance of formally developed corporate implementation strategies, planning, and process scoping should not be underestimated.”

So this implementation all needs to happen pretty carefully - or some big issues can flow!

Third on page 8 we then read:

The preferred architecture for the IHI capture in the Victorian health service is as an alternate identifier. The local URN will not be replaced in the short term by the IHI in Victorian health services.

This Risk Assessment did not consider the obtaining and use of healthcare identifiers beyond the individual healthcare identifier (IHI), i.e. the scope does not include Provider Healthcare Identifiers, HPI-I and HPI-O.

This leads one to ask just when the system will actually be trusted in use. Not soon would seem to be the answer.

It seems to me the real ‘guts’ of the assessment is here. On Page 10.

4.3 Results Overview

“Assessment of the level of Clinical Risk associated with the introduction and use of the IHI was seen to be mitigated internally for health services through its use in conjunction with a local UR number. The effect of not relying solely on the IHI was that it reduced overall risk levels. Therefore it is important to realise that the ratings noted in the following review would have been assessed as higher in a situation where the IHI is used singularly to identify a patient.

Where the IHI is used singularly at the point of exchange between health services, ie the sending or receiving a patient referral with an IHI, increased checking of patient demographics with the HI Service to verify the IHI has been included in the controls.

There were two key Clinical Hazards reviewed where the clinical risk was assessed as Medium, however only where the IHI is used in conjunction with a local UR number. If the IHI is used in isolation then these Clinical Hazards would result in High risks.

The identified Hazards were:

· Misidentification of the patient associated with an IHI.

· Inability to identify the patient by IHI in a clinical care setting.

The rating of Medium defines that the clinical risk is of moderate severity and that it may create a situation that is serious and potentially life threatening, however the clinical risk may also be avoided/prevented by a Clinician. This level risk requires that stakeholders be notified of the risk as soon as practicable and appropriate mitigating actions agreed.

If the IHI is used singularly these Clinical Hazards would be considered High risk. High Risk signifies major or catastrophic severity risks that create a situation that is inherently and immediately threatening to a patient’s life. The clinical Hazard may results in permanent harm and/or death to a patient. Harm is unlikely to be prevented by a Clinician in these circumstances. This category will also apply to a Clinical Hazard that causes many occurrences of Moderate or Major Severity.”

This really seems to be saying that, at present, relying on the IHI alone is not recommended and hence the decision to go with both the URN and IHI.

If ever there was a case for staged careful implementation of this service this assessment seems to make it pretty strongly.

It also seems to me that developing a PCEHR service to rely on the HI Service, with unproven work practices and flows, until we are sure all the wrinkles of the foundation are fully managed would be very silly indeed. The technology really does not matter unless the HI Service is a real improvement on what is happening now - and it is not obvious that is true.

We won’t even mention that the overall situation of the HealthSMART Program also seems to be under review!



Anonymous said...

Quote: ”The introduction of healthcare identifiers, whilst designed to improve quality and safety in clinical communication and electronic identification of patients to support clinical care can also increase risk of harm to patients."

These people are living in a world of bullshit.

They make a practice of writing ambiguously and tautologically to the point that they say nothing of relevance and if they do say something relevant the message is lost in the confusing writing style which they adopt. Perhaps they have not been taught to write clear English

Take for example the quote above. I had to read it more than once to try and decipher what it meant or, in other words, what I think the writer was trying to say.

In the end I concluded the writer intended to say:

”The introduction of healthcare identifiers is intended to improve quality and safety in clinical communication through the accurate electronic identification of patients. However, healthcare identifiers can also increase risk of harm to patients."

Now that we understand what the writer was trying to say we have a whole new ballpark for discussion with the first two questions to be answered being:

1. In what ways can healthcare identifiers increase the risk of harm to patients?

2. What steps should be taken to guard against that happening?

Anonymous said...

> relying on the IHI alone is not recommended

huh. Under the current legislation, relying on the IHI alone is not possible (not that I'd take a bureaucrat's assessment of risk). In fact, the IHI is pretty much useless. I cannot for the life of think why anyone would bother implementing IHI (other than to feed at the trough). The provider and organisation identifiers may be rather more useful though.

Anonymous said...

Sorry provider and organization identifiers are also useless. Probably even more so as organization identifiers, which are needed for messaging are "voluntary" and provider identifiers are not location specific, and they need to be location specific for real use. It makes the insulation program look like a well-oiled machine.

Hercules said...

In my world - you use identifiers (such as the IHI) to identify RECORDS, you then use your clinical judgement to confirm that the RECORDS apply to the PATIENT.

Exactly the same way as when my secretary occasionally drops the wrong paper file off on my desk, or when my local EMR had two patients with very similar base demographics returned.

The whole practice of medicine is filled with risk. We are professionals who, in a defensible form, make risk assessments constantly. These people at NEHTA seem to be a bunch of amateurs who are so inexperienced that they cover themselves with undue mitigations, bureaucratic mumbo-jumbo, and prevent services which are very much needed (such as the HI Service) from being deployed.

If the HI Service throws up an incorrect match, I'm not going sue NEHTA for negligence. Just as I do now, I'm simply going to say that the RECORDS don't match the PATIENT and we need to find the correct records. If produces matching errors the majority of the time - then there is a problem with the HI Service that needs to be fixed. If it does it 1 time in 50 then big deal, that's better than we have now.

My understanding is that modern master patient index matching services are generally based around a similar group of algorithms, and that matching errors are typically around the 0.5%-1.0% range. (the astute reader will note that I suggested 2% was fine for clinical practice above!). That's good enough for me and my team. If the HI Service has a matching rate that is substantially worse, then I would query how it has been implemented or is being run.

My best guess is that there is something awry in the communications between NEHTA and Medicare and something has been built that doesn't quite match the expectations of the operator.

Dr David More MB, PhD, FACHI said...

Another issue in all this seems to me to be that what we do not have here is a full end to end analysis to work out just what the matching error rate is both in theory and as actually implemented allowing for human frailty and errors.

It seems to me that unless the HI Service does, when actually implemented, offer a real improvement over the status quo we need to consider what fate the whole thing should have (re-design, rework, cancel or whatever).

Of course we will only know the truth about all this when a proper pilot at reasonable scale is undertaken so we can discover what works, what is not working and what difference (positive or negative) the HI Service is making.

Just pressing on and hoping it will all work out seems pretty silly to me!


Anonymous said...

David said "we will only know the truth about all this when a proper pilot at reasonable scale is undertaken so we can discover what works, what is not working and what difference (positive or negative) the HI Service is making."

Medicare, NEHTA and DOHA do not comprehend:
1. what constitutes a proper pilot trial
2. what is meant by reasonable scale.

If they did the AHPRA (Australian Health Practitioners Registration Authority) would not be in the mess it is in with doctors, nurses and others having their registrations canceled because of a whole host of stuff ups that need never have occurred..

Anonymous said...

I cannot believe anyone seriously believed that a 16 digit number could be used by humans to identify and distinguish patients and or their records.

Neuroscience tells us that 5 is about the maximum number of elements that most person can carry in their mind at any one time, so making sense of a 16 digit number is way beyond most people. In fact most people break up a 8 digit phone number into at least two components when reading or speaking.

No, 16 digits are only for computers, hence the need for a human friendly number such as a 5 to 6 digit UR Number.

Anonymous said...

Ahhh - but the UR number which works well throughout the world is not unique in the sense that every hospital has its own set of UR Numbers and it would have been all too hard for the wizz kids to find a way to adapt UR Nos or create unique numbers for every individual. You see, these wizz kids are computer people who talk in bits and bytes and ones and noughts - they are walking binaroids.

A walking binaroid feels comfortable with 16 or even 16000 digit numbers. And because binaroids don't get sick they will never have to go to a hospital so it won't matter if they don't have a number for their record. UR .... urrhh ...

Where else in our lives do we have a 16 digit number to use?

What about a bank account:
BSB+Account Number+Cheque Number
063 105 1007 7655 000277 ---- that's 20 digits
less the cheque number 000277 it's 14 digits.

Note the BSB is a location identifier relating to the bank record. I bet it wasn't developed by one of those nasty little binaroid critters.

Anonymous said...

Where else in the world of health care, in which country, are 16 digit number strings deployed in this way?

Anonymous said...

Probably in the North Pole because Santa Claus has to visit every child in the whole world and a 16 digit numeric 9,999,999,999,999,999 - one thousand thousand million children = one thousand billion children - should be more than enough for a few centuries. Perhaps Santa's helpers are binaroids?

Anonymous said...

In SNOMED - up to 18 digits (15 without the check digits etc). That's 999,999,999,999,999 clinical terms. I wonder how many the average doc actually knows.

Anonymous said...

Three points on HI numbers:

* NEHTA chose ISO/IEC 7812 as the numbering standard for HI. In spite of the flogging this blog loves to give NEHTA, this was a rare case where they used a real standard (and didn't invent one). A variant of the same standard is used for credit card numbers.

* The namespace for the identifier part is actually less than 16 digits - have a look at for how the number is structured.

* The HI numbering standard will not be changing now. Move on.

Anonymous said...

It is still not a number that humans are going to refer to.

It is just a card number that is only safely usable at the machine level.

There will have to be some abstraction of the Individual Account Identification component to make it usable.