Useful and Interesting Health IT Links from the Last Week – 24/08/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

Group to Accredit Data Exchanges

August 18, 2008

The Electronic Healthcare Network Accreditation Commission has started developing an accreditation program for health information exchanges, regional health information organizations and other community-based networking partnerships.

EHNAC is an industry-created organization that accredits health care transactions processors. The criteria attempt to identify quality performance in such areas as privacy and confidentiality, technical performance, customer service, business practices, resources and data security. The group has accreditation programs for claims clearinghouses, value-added networks and financial institutions.

…..

The HIE white paper and additional information is available at ehnac.org.

More here:

http://www.healthdatamanagement.com/news/accreditation26803-1.html?ET=healthdatamanagement:e561:100325a:&st=email&channel=information_exchange

A fuller press release is available at the relevant web-site:

http://www.ehnac.org/content/view/198/1/

The core role is described here:

“Designed for regional health information organizations (RHIOs), community health data/network partnerships and other groups that promote data sharing across multiple, independent stakeholders, the HIE program will assess the privacy policies, security measures, technical performance, business practices and organizational resources of participating entities.”

A white paper is available here:

http://www.ehnac.org/images/stories/downloads/hie_rpt_052208.pdf

This seems to be another area of certification and compliance that may need also to be addressed in Australia

Second we have:

Would PHRs work better than RHIOs?

August 18, 2008

Editor’s Corner

By Anne Zieger

As I went about preparing your issue this week, I stumbled across an interesting news item that I wanted to share with y'all. According to my estimable competitor Healthcare IT News, speakers at a conference on interoperability this week suggested that PHRs, not RHIOs,are the move for building health data networks.One speaker, Vince Kuraitis of Better Health Technologies, predicted that companies will begin to build data exchanges around platforms like Google Health, Microsoft HealthVault and Dossia.

I don't know about you, but this makes a heck of a lot of sense to me.While I hadn't drawn this conclusion on my own, I wish I had, because it fits very well with what I've seen elsewhere in enterprise networking:

a) People see a need to connect information assets.

b) The industry scurries around messing with various standards.

c) Pioneers invest heroic amounts of money in proprietary solutions.

d) The commercial software industry dithers for years, but finally comes up with a development environment that satisfies enough of the people enough of the time.

e) The platforms are packaged in a way that makes it seem easy to serve all constituencies (in this case, behind-the-scenes software architects and IT managers, non-tech leaders and patients).

f) Vendors figure out a way to speak more or less the same language, in this case web standards.

g) Industry adoption centers around leading players, while smaller vendors follow bigger players' leads.

More here:

http://www.fiercehealthit.com/story/would-phrs-work-better-rhios-health-data-exchange/2008-08-18?utm_medium=nl&utm_source=internal&cmp-id=EMC-NL-FHI&dest=FHI

This is an important comment as it shows the fluidity we are seeing in the approaches to handing healthcare information in the 21^st Century. NEHTA needs to follow these trends carefully before its IEHR proposal is potentially totally outdated.

Third we have:

HHS calls for adoption of ICD-10 codes

Nancy Ferris

The Health and Human Services Department has proposed replacing the 30-year-old codes for recording medical diagnoses and billing for treatment with the updated International Classification of Diseases code set by October 2011.

HHS Secretary Mike Leavitt said in a statement that the conversion is essential to development of a Nationwide Health Information Network. HHS officials acknowledged there would be costs for training users and modifying systems, but Leavitt said, “The greatly expanded ICD-10 code sets will enable HHS to fully support quality reporting, pay-for-performance, biosurveillance and other critical activities.”

Besides the ICD-10 Clinical Modification for coding diagnoses and the ICD-10 Procedure Coding System, HHS is proposing that the medical community adopt Version 5010 of the X12 transaction standard and Version D.0 of the National Council for Prescription Drug Programs standard for pharmacy claims by April 2010.

The changes are outlined in proposed regulations published by the Centers for Medicare and Medicaid Services, which will accept comments on the regulations through Oct. 21.

“The American Health Information Management Association is excited to hear the Centers for Medicare and Medicaid Services plans to adopt ICD-10 classification upgrades,” said Linda Kloss, AHIMA’s chief executive officer, in a statement. The association has long advocated conversion to ICD-10 codes, which are widely used in other Western countries.

More here:

http://www.govhealthit.com/online/news/350517-1.html

Staggeringly the ICD-10 was agreed in May 1990 and began being used in 1994. The US is really dragging its feet on this!

See:

http://www.who.int/classifications/icd/en/

More details here:

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20080818/REG/829304226/1029/FREE

ICD-10 upgrade welcomed by IT management group

Fourth we have:

KLAS Researches Momentum of 8 CIS Vendors

KLAS recently published research identifying the Clinical Information System (CIS) vendors that prospective buyers plan to purchase from, which other vendors would be considered in the purchase process, and the strengths and weaknesses of each vendor.

Clinical information systems (CIS) continue to be at the forefront of healthcare information technology, especially among the more complex acute care hospital market. All the major HIT vendors are vying for the provider organizations that have yet to choose a core clinical strategy, as well as those organizations that are looking to replace either outdated or unsatisfactory systems.

KLAS recently published research identifying the vendors that prospective buyers plan to purchase from, as well as which other vendors would be considered in the process. The majority of survey respondents for this study were CIOs. Researchers asked about perceived strengths and weaknesses of vendor systems and what drivers were involved in vendor selection. The goal of this fifth perception study for clinical information systems was to see where the movement was.

Because this was a perception study, vendors did not receive performance-based rankings. Each vendor has positives and negatives, and each vendor’s approach to development may ultimately determine their success or failure. The top three reasons providers mentioned for replacing their CIS were Flexibility/Function, Vendor Commitment/Delivery, and Integration with Ambulatory.

Researchers spoke with healthcare providers to uncover which vendors would be considered, provider purchasing plans, which vendors to avoid, and provider perception scoring. Purchasing plans in this report were a combination of both first-time buyers and those looking to replace. Thirty-nine percent of respondents said that delivery was a main reason to avoid a vendor. KLAS found that twenty-nine percent of those that already have a CIS are looking to purchase.

In 2001, KLAS began monitoring the CIS market. Follow-up studies were conducted in 2003, 2004, 2006, and now in 2008. The 2001 study began with 10 most considered vendors, but not all of them have survived. Vendors qualifying for inclusion in this CIS study are Cerner, Eclipsys, Epic, GE, McKesson, Meditech, QuadraMed, and Siemens.

About KLAS

KLAS is a research firm specializing in monitoring and reporting the performance of healthcare vendors. KLAS’ mission is to improve delivery, by independently measuring vendor performance for the benefit of our healthcare provider partners, consultants, investors, and vendors. Working together with executives from over 4500 hospitals and over 2500 clinics, KLAS delivers timely reports, trends, and statistics, which provide a solid overview of vendor performance in the industry. KLAS measures performance of software, professional services, and medical equipment vendors. For more information, go to www.KLASresearch.com, email marketing@KLASresearch.com, or call 1-800-920-4109 to speak with a KLAS representative.

Source:

http://www.pr-usa.net/index.php?option=com_content&task=view&id=127212&Itemid=31

This is an interesting press release in that it identifies the key clinical information system providers in the USA. (In the very last paragraph)

Fifth we have:

Overstepping the mark

18-Aug-2008

By Dr Rosanna Capolingua

DUE to our special training, doctors have a responsibility to improve and maintain the health of our patients who, either in a vulnerable state of illness or for the maintenance of their health, entrust themselves to medical care.

The doctor-patient relationship is itself a partnership based on mutual respect and collaboration. Within the partnership, both the doctor and the patient have rights as well as responsibilities.

The AMA's code of ethics clearly states that a doctor must maintain accurate, contemporaneous clinical records. The AMA maintains that a patient's right to privacy is paramount. It follows that confidentiality of their medical records is of fundamental importance to the doctor-patient relationship.

Our code is a continuum of professional ethical practice that stretches back to the Hippocratic Oath. It not only acts as a guide in what can be complex circumstances, it also contributes to an expectation over what constitutes ethical behaviour by doctors.

Therefore, it should come as no surprise that the AMA takes very seriously Medicare Australia's intention to increase the number of Medicare audits more than four times -- with 2000 extra audits each year. It is also proposing to have access to medical records as a way to check doctors' claims on the MBS.

Increasing the number of audits themselves is not the problem; it's the way in which Medicare Australia wants them done.

At the moment, patients are in control. Medical records are only provided to a third party with specific consent from the patient. Now following this year's federal budget, the Rudd Government will spend almost $80 million to boost the Medicare compliance audit program, saying that there had to be a balance between patient privacy and protection of public revenue.

More here:

http://www.australiandoctor.com.au/articles/1A/0C05961A.asp

I must say that while typically I find the AMA’s position on most things a little to doctor centric and self serving, and while I recognise the need to be able to make sure there is a minimum level of abuse and fraud of the Medicare system, I am sure there are better ways than just randomly auditing records.

It would be far better if Medicare used BI techniques to identify possible abuse and then have appropriate clinicians, with appropriate privacy regulations, review potentially offending practitioners practices in a manner that protected the public purse and patient privacy. I must say that is what I thought happened now.

See the Professional Services Review Site

http://www.psr.gov.au/

Sixth we have:

Australia: ALRC Report On Australian Privacy Laws

18 August 2008
Article by Richard Smith

On 11 August 2008, the Australian Law Reform Commission (ALRC) published its final report (Report) on its review of privacy laws in Australia.

The Report, titled For your information: Australian Privacy Law and Practice (ALRC 108), is around 2,700 pages long and recommends substantial changes to Australia's existing privacy laws and practices. The recommended changes include:

• Mandatory notification for certain data protection breaches.

• The removal of exemptions in relation to employee records and small business.

• New requirements for cross-border data flows.

• A consistent national framework of privacy legislation.

Background

Privacy in Australia is currently regulated by State, Territory and Commonwealth legislation.

The Federal Privacy Act 1988 (Cth) (Act) establishes and regulates a national scheme for the collection, use, transfer and disclosure of 'personal information' by the private sector and the Federal and ACT Governments. In addition, each State and Territory has their own privacy legislation or administrative regimes (State Legislation). While this primarily regulates State/Territory Governments and agencies and their treatment of personal data, Victoria, NSW and the ACT also have health privacy legislation regulating the private sector.

On 31 January 2006, the Australian Attorney-General requested that the ALRC conduct an inquiry into the extent to which the Act and State Legislation provide an effective framework for the protection of privacy in Australia. The ALRC carried out a substantial review with extensive public and industry consultation considering Australian privacy law and practice as well as trends in other jurisdictions, particularly the USA and Europe. The ALRC Report recommends sweeping reforms to Australian privacy law.

Historically, nearly 80% of the ALRC reports are substantially or partially implemented by the Government. This means that the recommendations have a high likelihood of becoming law and therefore should be carefully considered by business.

If the recommendations of the Report subsequently become law they will have significant consequences for Australian business and how they treat the personal information of and interact with their customers, employees and suppliers. It will also affect the way that Governments and agencies carry out their functions and interact with the public.

Below is a high level summary of some key recommendations of the Report.

All the details are here (free registration):

http://www.mondaq.com/article.asp?articleid=64940&login=true

This is a really useful summary of the parts of the 2700 pages I really did not want to read other than the health related material which still needs to the carefully reviewed. Getting the other 2200 pages down to just 10 is a useful time saver!

Full report is here:

http://www.austlii.edu.au/au/other/alrc/publications/reports/108/

Last we have our slightly technical note for the week:

Death knell looms for IPv4

Too little too late.

Darren Pauli 15/08/2008 15:24:00

The global explosion of technology as the new medium for business could grind to a halt within 18 to 30 months as Internet addresses dry up.

Australia's telecommunications experts say the rapid exhaustion of available IP addresses is comparable to the global food and petrol shortage, but has largely slipped beneath the radar of those outside the coal face of IT.

Asia Pacific Network Information Centre (APNIC) chief scientist Geoff Huston said the organisation will run out of IP addresses to hand out to businesses and Internet Service Providers (ISPs) unless the current Internet layer protocol, Internet Protocol Version 4 (IPv4), is upgraded.

“We have about one and half to two and a half years to change to IPv6 before supply vapourises,” Huston said.

“Nothing has seriously been done about it. There isn't an economic reason for business to invest in [IPv6] because everything is working at the moment.

“My personal view is that we are going to see very lucrative markets for Ipv4 addresses. The world is addicted to it and business will pay almost any price [to get addresses].”

He said the problem is exacerbated by soaring Asia Pacific economies such as China and India which are soaking up addresses faster than developed nations.

Pundits have been screaming from the rooftops about the imminent exhaustion of IPv4 for years; exactly 10 years to the day, according to Huston.

But experts say the attention that the IPv6 cause has previously achieved has been sensationalised by claims that the IPv4 exhaustion will destroy the Internet.

Instead, Huston said, businesses will simply find they cannot get extra addresses. ISPs will be unable to take on new subscribers, businesses will be unable start up Web sites, but the Internet will function as normal.

“It's like running out of phone numbers; the phone book will still be used because everyone with a number will still be active,” Huston said.

More here:

http://www.computerworld.com.au/index.php?id=44197467&eid=-255

This is a bit of a worry – even if a bit alarmist - the time left does not seem long enough!

More next week.

David.

The Commonwealth Fund Gives the US Health System a Fail

There was a really worrying assessment and survey of the US Health System released last week.

Public Views on U.S. Health System Organization: A Call for New Directions

August 7, 2008 | Volume 11

Authors: Sabrina K. H. How, M.P.A., Anthony Shih, M.D., M.P.H., Jennifer Lau, and Cathy Schoen, M.S.

Contact: skh@cmwf.org

Editor(s): Martha Hostetter

Overview

On behalf of The Commonwealth Fund Commission on a High Performance Health System, Harris Interactive surveyed a random sample of 1,004 U.S. adults (age 18 and older) to determine their experiences and perspectives on the organization of the nation's health care system and ways to improve patient care. Eight of 10 respondents agreed that the health system needs either fundamental change or complete rebuilding. Adults' health care experiences underscore the need to organize care systems to ensure timely access, better coordination, and better flow of information among doctors and patients. There is also a need to simplify health insurance administration. There was broad agreement among survey respondents that wider use of health information systems and greater care coordination could improve patient care. The majority of adults say it is very important for the 2008 presidential candidates to seek reforms to address health care quality, access, and costs.

Citation

S. K. H. How, A. Shih, J. Lau, and C. Schoen, Public Views on U.S. Health System Organization: A Call for New Directions, The Commonwealth Fund, August 2008

Report and presentations are available here:

http://www.commonwealthfund.org/publications/publications_show.htm?doc_id=698138

Additionally there was another report also published that explored – in some depth – what could be done about such a dire situation – in this a presidential election year.

Organizing the U.S. Health Care Delivery System for High Performance

August 7, 2008 | Volume 98

Authors: Anthony Shih, M.D., M.P.H., Karen Davis, Ph.D., Stephen Schoenbaum, M.D., M.P.H., Anne Gauthier, M.S., Rachel Nuzum, M.P.H., and Douglas McCarthy, M.B.A.

Editor(s): Martha Hostetter

Overview

This report from The Commonwealth Fund Commission on a High Performance Health System examines fragmentation in our health care delivery system and offers policy recommendations to stimulate greater organization—established mechanisms for working across providers and care settings. Fragmentation fosters frustrating and dangerous patient experiences, especially for patients obtaining care from multiple providers in a variety of settings. It also leads to waste and duplication, hindering providers' ability to deliver high-quality, efficient care. Moreover, our fragmented system rewards high-cost, intensive medical intervention over higher-value primary care, including preventive medicine and the management of chronic illness. The solutions are complex and will require new financial incentives, changes to the regulatory, professional, and educational environments, and support for new infrastructure. But as a nation, we can no longer tolerate the status quo of poor health system performance. Greater organization is a critical step on the path to higher performance.

Full summary, full report and presentations are available here:

http://www.commonwealthfund.org/publications/publications_show.htm?doc_id=698139

Taken together these two reports essentially identify fragmentation of the US health system as its major problem and the lack of technology enabled co-ordination as its biggest barrier to improvement.

Does this sound a little like somewhere rather closer to home? The details are well worth a read. I hope the Health and Hospitals Reform Commission is taking a close look to see what might be relevant to OZ!

David.

Clinical Decision Support – Getting the Focus it Needs.

The following appeared a few days ago.

AMDIS members target clinical decision support

By: Joseph Conn / HITS staff writer

Story posted: August 8, 2008 - 5:59 am EDT

Members of the Association of Medical Directors of Information Systems at their convention last month vowed to take up the challenge of creating a collaborative environment for the gathering and sharing of best practices for clinical decision support, or CDS, drawing on their breadth of experience in the practical application of medical informatics.

For a majority of attendees at the 17th annual AMDIS Physician-Computer Connection Symposium at Ojai, Calif., implementing clinical information systems is no longer their biggest problem, but optimizing CDS tools for use in conjunction with those systems is.

Jerome Osheroff, chief clinical informatics officer with the Ann Arbor, Mich.-based healthcare unit of information broker Thomson Reuters, gave a call to arms, saying that members need to take a leadership role in developing CDS systems, and that's not only because as physician informaticists they are best-positioned to do so. A potential tsunami of outside influences—including pay-for-performance mandates and non payment penalties for medical errors, employer and patient pressures for quantifiable quality improvement gains and accreditation requirements—will force them to have the systems producing clinical and financial results, Osheroff said.

In an interview this week, AMDIS Chairman William Bria said that CDS has been a hot topic on the organization's listserv and work on a white paper "is going extremely well."

"The outpouring of interest in doing a white paper and communicating at the highest levels is overwhelming," Bria said. "I think everybody is willing to tell the story about physician leadership about CDS." He said Harris Stutman, executive director of clinical informatics at MemorialCare health system, Long Beach, Calif., will be heading up the group working on the AMDIS white paper on CDS and the role of the chief medical information officer.

…..

Massachusetts Blue Cross and Blue Shield announced last year it will require hospitals to have computerized physician order-entry systems by 2012 as a condition of participation in its incentive program. But those hospitals will have to battle with what Bria and others have called a "misalignment of incentives" in that they incur the expense of implementing and maintaining a CPOE system with decision-support capabilities, but the financial benefits accrue to the patient and the payer.

"A lot of these hospitals are working on razor-thin margins," he said. "If you implement things that will make people less efficient, even for a little while, you're going to lose money."

Bria said the white paper could be published in 90 days or so.

…..

Osheroff said CDS provides clinicians or patients with clinical knowledge and patient-related information that's been intelligently filtered or presented at appropriate time. There are, he said, five "rights" of CDS:

• Having the right, evidence-based information.
• Having that information delivered to the right person, whether they be a clinician or patient.
• Having the information delivered in the right intervention format, whether it be a paper document, a computer-based alert, an appropriate order set or some other form.
• Having the information delivered through the right communications channel, such as the Internet or mobile phone.
• Having the information at the right point in the workflow.

…..

Osheroff is the editor-in-chief of a new soon-to-be released book, Improving Medication Use and Outcomes with Clinical Decision Support: A Step-By-Step Guide.

…..

The full article is accessible here (after registration)

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20080808/REG/360675982/1029/FREE

This seems to me to be a very important change in perspective and emphasis. To date the transfer of CDS from the expert leading hospital sites has really met with quite mixed success. There is no doubt the need for CDS is very real and that the basic theory is sound. What is now needed is the engineering of solutions that actually work well in the real world of the delivery of clinical care in routine situations.

As acknowledged in this article we are still a way from this situation at present. Given the potential for good in terms of quality of care and patient safety this problem needs to be addressed as a matter of considerable priority!

David.

Health IT and the Care of the Chronically Ill

The following excellent review of this area appeared a few days ago.

Caring for the Chronically Ill

Joseph Goedert, News Editor
Health Data Management, July 1, 2008

Patients with chronic illnesses account for 75% of U.S. health care spending, and that percentage will grow as the population ages, according to an April report from the Dartmouth Institute for Health Policy and Clinical Practice

Within 15 years, 45% of the nation’s population will be elderly, according to a March 2008 report from the Center for Aging Services Technologies, a unit of the American Association of Homes and Services for the Aging in Washington.

Health care organizations, which already are dealing with a shortage of nurses and other clinicians, are devising new ways to use information technology to improve the treatment of chronic medical conditions, aid patients in taking a larger role in managing their conditions and help prevent the onset of chronic diseases. For example:

* Physicians at one Pennsylvania hospital are using electronic health records to target chronically ill patients for interventional treatment.

* An outsourcer of health and wellness services is implementing software to identify patients with chronic diseases or at risk of getting sick.

* An emerging health information exchange in Brooklyn will use the network and personal health records to help manage care of the chronically ill.

* A children’s hospital is using a television in patient rooms to educate patients and their parents on how to manage chronic diseases.

* An organ transplant program in Pennsylvania is speeding treatment for patients with life-threatening chronic conditions by outsourcing some of its records collections functions.

* Three nursing homes in New York are implementing wireless, hands-free communications devices to better coordinate and document care.

* Medicare and a state Medicaid program are testing technologies that provide daily interaction with cardiac patients in their homes, resulting in major drops in hospitalization rates

Providers, however, must overcome formidable obstacles to increased use of I.T. to facilitate chronic care, says Majd Alwan, Ph.D., director at the Center for Aging Services Technologies.

For example, the slow pace of efforts to make health care software truly interoperable is limiting the ability of I.T. advocates in the chronic care field to demonstrate the value of the technology, Alwan contends.

“We see some of the vendors at the table endorsing interoperability, but to get them to adopt standards and implement them is another issue,” he says. “We need providers to leverage their purchasing power to reward vendors.”

And while providers must invest in the technologies, insurers reap most of the cost savings that result from improving the health of the chronically ill, he notes. That may start to change, however, if Medicare decides to give extra payments to providers using I.T. to keep the chronically ill out of the hospital (see story, page 53).

The potential financial benefits of using I.T. to reduce the costs of chronic care are huge. The use of in-home remote patient monitoring technologies alone could save $400 billion annually, according to a March 2008 report from the Deloitte Center for Health Solutions in New York.

“The effective application of in-home technologies leads to increased medication adherence, reduced available post-acute complications, and improved self-care management of chronic conditions,” the report states.

Much more here:

http://www.healthdatamanagement.com/issues/2008_54/26546-1.html

The article goes on to review the impact of EHRs, records management, TV, health information exchange and so on and where it may help.

A useful resource and discussion of what others are doing around the world.

David.

NEHTA is Told to do Much Better by the Commonwealth Privacy Commissioner.

The Privacy Commissioner published the following press release a day or two ago.

http://www.privacy.gov.au/news/media/2008_15_print.html

Media Release: E-health privacy blueprint - robust legislation is needed says Privacy Commissioner

15 August 2008

The Australian Privacy Commissioner, Karen Curtis, has called for legislation for the proposed national Individual Electronic Health Records (IEHR) system.

"The National E-Health Transition Authority (NEHTA) has identified some valuable privacy considerations for the proposed IEHR system," said Ms Curtis.

"The suggestion that individuals should be able to opt-in to an IEHR system is welcome, as this promotes genuine choice.

"It is also important that there is specific legislation for the system to ensure there are robust privacy protections in place."

Ms Curtis' recommendations were made in a submission by her Office in response to NEHTA's Privacy Blueprint, which will feed into a business case NEHTA will deliver to the Council of Australian Governments in late 2008.

Another key point made in the Office's submission was the importance of having "sensitivity labels" in place at the start of the system to restrict access to certain information within the IEHR.

"My Office argues strongly in favour of sensitivity labels being in place at the start of the project," Ms Curtis said.

"This would be of prime importance to, say, a patient who is suffering a sensitive condition, such as a mental or sexual illness.

"The sensitivity label would prevent a healthcare worker in an area unrelated to the patient's illness from accessing this information."

Ms Curtis has also called for individuals to be able to see who has accessed their records through the availability of audit logs.

"This is an important accountability and transparency measure," Ms Curtis said.

The submission is available at http://www.privacy.gov.au/publications/sub_nehta_0808.doc.

----- End Release.

The Executive Summary of the submission makes it quite clear what Ms Curtis thinks is needed by way of change in approach.

Executive summary

1. The Office of the Privacy Commissioner (‘the Office’) supports the development of an individual electronic health record (‘IEHR’) system to enhance the delivery of healthcare through improved sharing of selected health information. In the Office’s view, the assurance that privacy is protected will be a key element of the overall success of such a system.

2. The Office notes its support for the express consent approach to IEHR participation proposed by the National E-Health Transition Authority’s (‘NEHTA’) Privacy Blueprint on the IEHR (‘the Blueprint’). This approach offers important privacy benefits to individuals by ensuring that individuals’ active and express consent is required before they are enrolled in the system. The Office also welcomes individuals being able to consent to specific episodes of care being entered into their IEHR record.

3. While recognising the attention paid to privacy as part of the IEHR system’s development and the constructive approach taken to consent, the Office believes there are some key issues which require further consideration. These issues are:

· the need for enabling legislation for the system

· whether individuals will have sufficient choice as to who may access their IEHR, that is, individual health care workers or entire health care organisations

· whether individuals will be given the choice to limit access to particularly sensitive information by way of a ‘privileged care’ mechanism

· the suggestion that audit records may not be available to individuals and

· the need for further detail on how secondary uses of IEHR information will be managed, particularly with regards to uses beyond medical research.

4. In this submission to NEHTA, the Office provides input on these key privacy issues and other aspects of the IEHR system raised in the Blueprint.

----- End Executive Summary.

Reading the full submission it is clear Ms Curtis is not about to have NEHTA start its proposed IEHR without very robust legislation to protect individual privacy despite an obvious desire on NEHTA’s part to do so.

It is also clear that she rejects the blatant attempt by NEHTA to try to do a system ‘on the cheap’ by leaving out protections and abilities for choice she believes the public are entitled to.

Ms Curtis clearly also notes NEHTA’s proneness to try and operate in secrecy and recommends all the privacy impact assessments be made public – what a great idea!

Most of the rest of the 17 page submission then goes on to point out the number of areas where NEHTA have proposed the easy rather than the ‘privacy protective’ approach.

All in all – when the clear, well researched analysis is taken together with the concerns I expressed six or so weeks ago when the blueprint was released I think a major rethink of this proposed IEHR and how it will really operate is required.

My earlier comments are found here:

http://aushealthit.blogspot.com/2008/07/nehta-privacy-blueprint-for-iehr-how.html

We should all be grateful we have such a clear thinking and independent team looking after our privacy rights as we do at present. More power to them!

NEHTA has to go right back to the drawing board and properly address all the issues raised. I frankly doubt they will be able to do so without some considerable modification of their current proposals. Maybe NEHTA should have consulted a little more carefully privately before developing and publishing such a clearly flawed document and making such inadequate proposals regarding IEHR privacy. If I were a betting man I would not be putting much on ever seeing anything like the presently proposed IEHR actually happen!

All this just demonstrates just how out of touch NEHTA still is with the Health Sector and ordinary health consumers.

Interestingly we have also had the Australian Law Reform Commission weigh into the debate in the last week.

Tougher rules on records urged

Rules on medical records and population-based research may be reformed after a review of privacy laws. Health editor Adam Cresswell reports | August 16, 2008

MEDICAL records contain private information, often touching the most sensitive details of individual patients' lives. Doctors almost invariably guard access to their patients' files like hawks, ensuring only they and, occasionally, other doctors get to look inside.

You don't expect to find files such as these gathering dust in a garage, or dumped in a garbage bin, and especially not strewn over the footpath for any passer-by to see. But legal experts charged with conducting a review of privacy laws were shocked to find all these had really happened.

What's more, it was far from unknown for patients switching to another GP to face a battle to persuade their old GP to forward their records to the new doctor. Even though such records would be crucial to a proper understanding of the patient's history, in many cases the transfer simply did not occur.

And David Weisbrot, president of the Australian Law Reform Commission which conducted the privacy review, says it soon transpired that there was little patients could do to require doctors' co-operation.

In its 1996 ruling Breen v Williams, the High Court unanimously ruled that medical records are owned by the doctor who created them, not by the patient whose health they concern. While patients have access rights to that information, there has been no obligation on doctors to relinquish control to another doctor, or forward copies to another doctor.

That's one of several health-related issues that the ALRC, in the recommendations from its new 2700-page report on privacy laws, says should change.

"We heard a similar story quite often: if a doctor retired or died, or there was a merger or another practice took over the patients, they (patients) would have difficulty getting their records back to take to another doctor," Weisbrot says. "There were even stories of records being found in the rubbish bin, in the doctor's garage or even on the footpath.

Much more here:

http://www.theaustralian.news.com.au/story/0,25197,24182403-23289,00.html

It seems there is considerable alignment between the Privacy Commissioner and the NEHTA is the one out of step.

The Health Information Section of the ALRC report is important reading.

http://www.austlii.edu.au/au/other/alrc/publications/reports/108/

This is the relevant part of the Table of Contents:

Part H - Health Services and Research

60. Regulatory Framework for Health Information

• Introduction
• National consistency
• A separate set of Health Privacy Principles?

61. Electronic Health Information Systems

• Introduction
• Background
• Issues Paper 31
• Discussion Paper proposals
• Medicare and Pharmaceutical Benefits databases

62. The Privacy Act and Health Information

• Introduction
• Definition of ‘health information’
• Definition of ‘health service’
• Agencies and organisations
• Provision of health services
• Consent

63. Privacy (Health Information) Regulations

• Introduction
• Collection of health information
• Use and disclosure of health information
• Access to health information
• Management, funding and monitoring of health services

64. Research: Current Arrangements

• Introduction
• Health and medical research in Australia
• Research and the use of personal information
• Information Privacy Principles
• National Privacy Principles
• Section 95 and 95A Guidelines

65. Research: Recommendations for Reform

• Introduction
• Section 95 and 95A Guidelines
• Research in areas other than health and medical
• Definition of research
• The public interest balance
• Impracticable to seek consent
• Human Research Ethics Committees
• Research exceptions to the model Unified Privacy Principles

66. Research: Databases and Data Linkage

• Introduction
• Establishing databases
• Using and linking information in databases

Enjoy all this – we live in “interesting times”!

David.

Useful and Interesting Health IT Links from the Last Week – 17/08/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

NHS database awaits legal diagnosis

A recent EU court judgment could scupper the £6bn NHS patient database, says Jonn Elledge

Government IT projects have a pretty poor reputation. They turn up late, cost twice as much you expect, and don't work when they arrive. But the NHS looks set to go one better. Legal experts are warning that its £6bn database could actually breach your human rights.

The idea of the database sounds sensible enough. Each patient will have a single record, detailing their medical history, allergies and any medication they're on. Doctors should thus have all the information they need to treat them, whether they're in Plymouth or Penrith.

It's a nice theory, but critics are fretting about data security. Tens of thousands of NHS staff will have access to the database. It would only take a couple of them to create data losses of tabloid headline proportions. "The real test will be whether Leo Blair's vaccination records ever go on," says healthcare IT expert Richard Gunn. "Because 30 seconds later the papers will know whether he had the MMR."

Now campaigners say a judgment from the European Court threatens the entire project. The ruling concerned a Finnish nurse who lost her job after colleagues discovered she was HIV positive. The hospital argued that, by punishing those who'd misused her records, it had done all it could to protect her. Nonsense, the court replied. Instead it demanded measures which "exclude any possibility" of a breach occurring in the first place.

Much more here:

http://www.thefirstpost.co.uk/45094,opinion,recent-eu-court-judgment-could-scupper-the-6bn-nhs-patient-database

This is an interesting, if slightly alarmist analysis, on the possible fate of the UKs proposed Shared EHR. It is important proponents of similar systems watch all this carefully.

Second we have:

SNOMED CT Gets an Upgrade

HDM Breaking News, August 11, 2008

The International Health Terminology Standards Development Organization in Copenhagen, Denmark, has released its second enhancement this year of the SNOMED CT clinical terminology.

The system offers a comprehensive database of standard medical terms and concepts that can be embedded in electronic health records systems.

More here:

http://www.healthdatamanagement.com/news/terminology26766-1.html?ET=healthdatamanagement:e544:100325a:&st=email&channel=systems_integration

The full article offers a listing of the changes.

The full press release is found here:

http://www.ihtsdo.org/news/article/view/snomed-2008-international-release-of-snomed-ctR-now-available/

Third we have:

Even free software has copyrights: judge

August 15, 2008 - 11:14AM

In a crucial win for the free software movement, a US federal appeals court has ruled that even software developers who give away the programming code for their works can sue for copyright infringement if someone misappropriates that material.

The decision by the U.S. Court of Appeals for the Federal Circuit in Washington, D.C., helps clarify a murky area of the law concerning how much control programmers can exert over their intellectual property once it's been released for free into the so-called "open source" software community.

People are free to use that material in their own products, but they must credit the original authors of the programming code and release their modifications into the wild as well, a cycle that's critical for free software to continue improving.

Because the code was given away for free, thorny questions emerge when a violation has been discovered and someone is found to have shoved the code into their own for-profit products without giving anything back, in the form of attribution and disclosure of the alterations they made.

More here:

http://www.theage.com.au/news/biztech/even-free-software-has-copyrights-judge/2008/08/15/1218307187197.html

This is a very good decision in my view as it makes sure that ‘open source’ software cannot be just appropriated without complying with the license under which it is made public. The open source movement is an important balancing force to the commercial software industry and helps keep those interests much more honest and indeed innovative.

Fourth we have:

People Turn to Internet for Health Info When Stakes High, Connection Fast

by Susannah Fox

The Internet is changing the way Americans engage with information, whether they are choosing a president or making health care decisions. Two major drivers for this change are broadband adoption and personal motivation.

First, an update: The Pew Internet Project estimates that between 75% and 80% of Internet users have looked online for health information. We get slightly different results for the size of the e-patient population depending on our survey strategy, but these results are close enough to make us confident we have the right contours of this group. Our estimate is also in line with Harris Interactive's latest data on health information seekers (81% of Internet users; 66% of all adults).

We got the 75% reading in our October-December 2007 national phone survey, which included 2,054 adults ages 18 and older, including 500 cell phone users. In this survey we asked: "Do you ever use the Internet to look for health or medical information?"

In surveys we conducted between 2003-2007 (and plan to repeat in coming months), respondents were prompted with questions about specific health topics, such as diet, drugs or alternative treatments, yielding a consistently higher estimate (80%) for the percentage of Internet users who seek health information online in 2003, 2004 and 2006.

More here:

http://www.ihealthbeat.org/articles/2008/8/12/People-Turn-to-Internet-for-Health-Info-When-Stakes-High-Connection-Fast.aspx?ps=1&authorid=1616

Interesting article showing the importance of broadband in making information – especially health information – available to the public.

Fifth we have:

Cervical cancer vaccine boost

• Nick Miller
• August 11, 2008

MELBOURNE is about to become the centre of efforts to vaccinate young Australian women against cervical cancer, with the opening today of the National Human Papillomavirus Register.

The register will record all HPV vaccinations from councils, schools, GPs and nurses around the country.

Since July last year the vaccine, which protects women against some strains of the virus responsible for most cervical cancer, has been fully subsidised by the Commonwealth for girls and young women.

The register will monitor the success of the vaccination program, and assess its impact on cancer rates. It will also issue reminders to women and girls who have missed part of their three-dose vaccination schedule.

The register shares its Carlton headquarters with the Victorian Cytology Service, which has analysed Pap test results since 1989.

The $23.5 million project has already started collecting data from GPs, and will now start uploading data from state school vaccination programs.

More here:

http://www.theage.com.au/national/cervical-cancer-vaccine-boost-20080810-3t2n.html

This is a good announcement, but one is really forced to wonder why this was not established as the program, rather than a year later?

Sixth we have:

Mainframe here to stay, survey says

IT's planned use for the mainframe as a computing platform continues to grow, BMC survey finds.

Denise Dubie (Network World) 14/08/2008 09:34:00

The future looks bright for the mainframe as a majority of IT managers report they will continue to use the systems for legacy applications and start moving new workloads that could benefit from the mainframe's availability and scalability onto the platform.

In its annual survey of 1,100 mainframe users, management software maker BMC discovered that IT's planned use for the mainframe as a computing platform continues to grow. For instance, 65 percent of respondents said the mainframe platform will continue to grow and attract new workloads in their environment, compared with 52 percent of respondents who said the same in the 2007 survey. Thirty percent said that the mainframe will continue as a viable long-term platform, but restricted to legacy workloads. And 4 percent indicated mainframe users should consider an exit strategy in the next five years. Fewer organizations surveyed this year also plan to eliminate their mainframe environment in the short term. According to BMC's findings, 59 percent of respondents said they would be ridding themselves of the mainframe in less than three years, compared with 74 percent in 2007. Thirty-six percent said they would work toward removing mainframes in three to six years and 6 percent expected to keep mainframes in house for more than six years.

More here:

http://www.computerworld.com.au/index.php?id=24684117&eid=-255

It is fascinating machines of this type continue to prosper 50 plus years after the first ones appeared. The first “real” one – the IBM Model 360 appeared as far back as 1964!

The history of all this is pointed to here:

http://www.beagle-ears.com/lars/engineer/comphist/ibm360.htm

and here:

http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PR360.html

The original announcement with the pictures etc makes fun reading so far down the track.

Last we have our slightly technical note for the week:

Two different views on technical trends for the next few years.

Report: Cloud computing poised for enterprise adoption

Cloud computing, green IT and social-computing platforms will reach broad enterprise adoption in the next few years, Gartner says.

Elizabeth Montalbano (IDG News Service) 12/08/2008 08:32:25

Gartner has named cloud computing, green IT and social-computing platforms among technologies that are poised to reach broad enterprise adoption in the next two to five years.

The report "Hype Cycle for Emerging Technologies, 2008" by Gartner Vice President and Fellow Jackie Fenn and other analysts, also cited video telepresence, which utilizes high-end videoconferencing systems to provide remote conference participants with the feeling that they are in the same room, and microblogging popularized by the Internet application Twitter as being on the brink of widespread adoption among enterprises.

All of these technologies are at the peak of what the report calls their "hype cycle," a term Gartner began using in 1995 to describe the human response to technology -- from overenthusiasm at the beginning, through a period of disillusionment with the technology, to an eventual understanding of the technology's relevance and role in a market or domain.

Gartner uses the hype-cycle assessment to advise IT managers about when they should begin to adopt certain technologies that are getting a lot of attention but whose value to the enterprise is not yet known, according to the report. IT professionals generally have a better understanding of how to implement technologies at the peak of their hype cycle in a few years, once the initial excitement about them dies down.

The impact of technologies that are at the peak of their hype cycle in 2008 will differ depending on the technology, according to the report.

Cloud computing, defined by Gartner as "a style of computing where massively scalable IT-enabled capabilities are delivered 'as a service' to external customers using Internet technologies," in particular should have "transformational impact" on the enterprise, according to the report. This means the technology will change the way the IT industry "looks at user and vendor relationships," Fenn wrote.

More here:

http://www.computerworld.com.au/index.php?id=1561926085&eid=-180

and from Forrester

The future of IT: No big bangs, information everywhere

Posted by Mike Ricciuti

There's plenty of technological innovation headed to the enterprise in the coming years, but don't expect any new game changers on the order of Internet or ERP, according to a new report.

Instead, existing technologies like service-oriented architectures and mobile will combine with component business applications and social networking to form what Forrester Research analyst Bobby Cameron calls "IT everywhere."

Information technology is at the beginning of a "new 16-year cycle of innovation and growth that follows the previous cycle of networked computing for enterprise applications and the Internet," Cameron writes in the report, which debuted on Wednesday.

Cameron identifies several technologies that are already in place but will gather steam in the coming years, such as X Internet--the explosion in RFID and other devices--SOA, business-process management, and mobile.

There will be some new acronyms joining the technology mix: dynamic business applications (and architectures) (DBA) that build on SOA and are far more flexible and easier to adapt than older technologies; master data management (MDM), which seeks to improve the quality of data that businesses use; and information workplace (IW), the notion of delivering information through available technologies.

More here:

http://news.cnet.com/8301-1001_3-10017210-92.html?tag=nl.e433

It is re-assuring that broadly the pundits have similar views as to what will be important!

The impact of ‘cloud computing’ on privacy makes interesting reading.

Cloud computing may 'threaten' privacy

• Saved

August 11, 2008 - 1:38PM

A US military computer science professor has warned that a trend to push software into the "clouds" exacerbates privacy risks as people trust information to the Internet.

Websites routinely capture data that can reveal pictures of users' lives, US military academy professor Greg Conti told an audience at the annual DefCon hackers gathering in Las Vegas.

The danger is being heightened by a growing Internet trend toward "cloud computing," software being offered online with applications hosted on outside computers instead of programs being installed on people's machines.

A common example of the practice is Web-based email services such as those offered by Google and Yahoo.

The world of cloud computing is expanding to include software for documents, accounting, spread sheets, photo editing and more.

"With cloud computer looming on the horizon it is important for us all to think of the privacy threats there as well," Conti said.

"The tool resides with someone else and the data is stored somewhere else. Generally, that is a bad idea."

More here:

http://www.smh.com.au/news/web/cloud-computing-may-threaten-privacy/2008/08/11/1218306734865.html

More next week.

David.