Thursday, May 31, 2007

Moving on Without NEHTA – Some Really Good News!

As is probably well known to readers of this blog by now the Medical Software Industry Association (MSIA) held a round table late last week to try and work out how best it could try to move the e-Health agenda forward.

The forum addressed a range of issues and, from all reports, there was quite lively discussion on a range of matters.

Those interested in press coverage of the event can visit the following two articles from the IT section of last Tuesday’s Australian.

http://australianit.news.com.au/story/0,24897,21810268-15306,00.html

Ill feeling over health forum snub

Karen Dearne | May 29, 2007

FOUR overturned chairs on the podium marked the absence of National E-Health Transition Authority representatives at a Medical Software Industry Association roundtable in Sydney last week.

Leading software developers were stunned to learn that NEHTA had declined to attend, citing late notice, as the event was supposed to be a relationship-building exercise.

NEHTA communications manager Lisa Smith wrote a letter advising that the agenda placed "an emphasis on reviewing NEHTA's activities, so it would have been appropriate to seek our input into the agenda, and confirm our involvement, prior to its public circulation".

Ms Smith said "NEHTA would like to encourage the MSIA to take a positive and collaborative approach", but "given the circumstances, we are not in a position to contribute speakers or attendees at this late stage".

….. (see the site for full article)

And

http://australianit.news.com.au/story/0,24897,21810270-5013040,00.html

Working group on medi-ware

Karen Dearne | May 29, 2007

THE Medical Software Industry Association has formed a working group on messaging systems to overcome interoperability problems.

Health informatics consultant Peter MacIsaac said commercial messaging providers were offering reliable services, but "their systems are based on a range of communications standards and business models".

"Vendors will work on a technical solution so that GPs, specialists, pathology and radiology services and hospitals can contract with one messaging provider and have interoperability with all parties," Dr MacIsaac said.

….. (see the site for full article)

While the first article describes, in graphic detail, the session where some quite passionate criticism regarding the current performance of NEHTA was made (including a small contribution from yours truly) I believe the second piece of news is far more important – despite the fun that was had by almost all with ‘NEHTA bashing’. (Late Update - it seems the May 29 NEHTA Vendor Forum has done little if anything to improve things.)

In a communiqué released after the meeting shows that the vendor community is so sick of the way they are not being led by NEHTA they are moving on their own.

Essentially, for the first time Medical Objects, HealthLink, eClinic and Argus are going to work to ensure that a HL7 message carrying clinical information from one messaging provider can reliably be delivered to users of the other clients – so that – once the work is done – the practitioner will need only one messaging client and all will benefit.

At present the open working group is being sponsored by MSIA, the Health Informatics Society of Australia (HISA) and HL7 Australia. I understand the developers of Medical Director Software (HCN) are also now involved.

The approach to achieving interoperation is via the Integrating the HealthCare Enterprise (IHE) methodology. This approach emphasises the use of current, proven standards and rigorous testing via so called ‘Connectathons’ to ensure connectivity is fully and reliably achieved. I also understand the Australian Healthcare Messaging Laboratory (AHML) will assist in certification of communication safety and reliability.

Initially the scope of the messaging will be pathology and radiology messaging but this can be expected to expand (to cover prescribing and referrals for example) once initial success is achieved.

The planned time frame to achieve a final demonstrable outcome is the August 2008 HISA meeting.

I see this development is wonderfully and unequivocally good news (amidst a range of other more gloomy goings on) and I wish the working group all possible success. Of course it will be vital that the promises made are actually delivered – I hope so..but it won’t be easy!

David.

Monday, May 28, 2007

SA HealthConnect – What are they Thinking?

The SA HealthConnect team held a vendor briefing last for the South Australian Care Planning Project on May 14, 2007.

They have now been asked about the requirements on which their Request For Proposal (RFP or Tender) is based.

“Q - On page 22 of the RFP, it states that the business requirements will be made available to the preferred respondent. Is there any reason why they are not yet available?

A – The functional specification on which the tender was based is now available to all respondents via the HealthConnect SA website http://www.healthconnectsa.org.au/Default.aspx?tabid=84 as is the presentation given at the Industry Briefing Session.

In response the following was made available on the 22nd of May.

The document is titled as follows:

South Australian Health Department

SA HealthConnect Program

High Level Business Requirements for Electronic Care Planning including Decision Support

Supporting the Management of Chronic Disease (Final Report)

Trilogy Information Solutions (International) Pty Ltd. (January 2007)

The document was actually converted to a .pdf format on 16 May, 2007. Just how closely this document resembles the report provided by Trilogy is open to conjecture.

Even more fascinating are the contents of the document.

Early on we learn that the plan for this high level document is as follows:

“1.5 Intended Audience & Next Steps

This document will be reviewed by a small group of stakeholders with an interest in progressing electronic care planning support for chronic disease management in the first instance. The document will be revised following feedback from stakeholders and will form the basis of a more detailed requirements document and information technology procurement for a CPS in the second half of 2006.”

The implication of this is clear, this present document is a draft which has not been fully reviewed by relevant stakeholders and it is not the detailed requirements document that should be available to enable procurement.

A second implication is that this document was completed in the first half of 2006 or even earlier if the following timing is accurate.

According to the requirements GP Management Plans, which are said to be recently introduced are a driver for the Shared Care initiative These were introduced in July 2005 as can be seen at this site:

http://www.adgp.com.au/site/index.cfm?display=5260

Thus, it is more than possible this requirement document is over eighteen months old and I must say this is confirmed by all the references to the National HealthConnect project which is well known to have been placed in the deep freeze almost two years ago now.

It seems pretty clear this document has been hastily retrieved to fill an obvious yawning gap in the RFP that has been issued and that essentially SA HealthConnect, in their haste to spend their money, has not bothered to refine and clarify their thinking as to what they want to procure.

The timing of the development of this document is further confirmed by there being no mention of the NEHTA UHI Initiatives which were announced in August 2006. All that is referred to is the now obsolete HealthConnect Number – whatever that is.

Interestingly the scope of the requirements document also covers all sorts of entities which do not seem to be part of the present RFP. Those missing seem to include:

  • Community Health Providers
  • Aged Care Providers
  • Metropolitan Domiciliary Care
  • Department of Education and Children’s Services
  • Children, Youth & Family Services

It really makes one wonder is this document actually the specification on which the RFP was based?

Lastly it is also of concern are the rather flexible and vague controls that are required for provider access to consumer information. Essentially this part of the specification says we would like proper individual provider access controls but that will probably be too hard so we will provide organisation based access. So much for audit trail based capability to detect abuse of personal consumer information. Searching for consumer details does also not seem to be specified in a way that would now be seen as providing an acceptable level or protection against misuse.

Unless I badly miss the mark the SA HealthConnect project simply have not produced a current specification to match their tender and, when asked, have cast around for the nearest they could find which turns out to be conceptually and technically obsolete compared with their now stated requirements (witness all the NEHTA compliance issues cited in the tender and not mentioned in the requirements etc).

There is little doubt this entire project is a disaster waiting to happen and the SA Health Minister should put an end to this process and insist his staff undertake a proper process and do all the work necessary before issuing such a flawed RFP.

I think I should e-mail this and the previous article to the SA Health Minister to see if some sense can prevail. Maybe some of the SA Health subscribers to the blog (4 at the last count) could maybe let him know of my concerns?

David.

Sunday, May 27, 2007

Useful and Interesting Health IT Links from the Last Week – 27/05/2007

Again, in the last week, I have come across a few reports and news items which are worth passing on. These include first:

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20070521/FREE/70521005/1029/FREE

PHR data overload, legal liability concern docs

By: Andis Robeznieks / HITS staff writer

Story posted: May 21, 2007 - 10:56 am EDT

Part one of a two-part series

Like a recurring dream about having to take a test they didn't study for, some physicians view the idea of patients with electronic personal-health records as their own personal nightmare.

Visions of patients handing over a computer disk containing years' worth of blood-pressure readings taken every four hours along with random recollections of rashes and muscle strains that physicians are required to somehow make sense of and memorize are followed by thoughts of being sued because there was a kernel of important information missed in the deluge.

"That's why folks like me are terrified of personal health records and what patients will bring to us," internist Michael Zaroukian said earlier this year during a panel discussion at the Integrating the Healthcare Enterprise Connectathon, an event that brings electronic medical-record vendors together to solve interoperability problems (and sponsored by the Healthcare Information and Management Systems Society, the Radiological Society of North America and the American College of Cardiology).

While Zaroukian, who is chief medical information officer at Michigan State University, is now backing away from the word "terrified," he still maintains "there are certainly lots of reasons to be concerned."

The reasons for concern that Zaroukian cites include: the accuracy, completeness, usefulness and volume of the records physicians receive from patients; the hours of uncompensated work it will take to slog through them; and the potential for a misdiagnosis if something important was overlooked.
…..

This article raises a large number of the potential concerns from clinicians when a medical record is shared between a range of clinicians and the patient themselves. This discussion needs to carefully reviewed by anyone interested in electronic patient information sharing for lessons that can be learnt before commencing such projects.

Second we have:

http://www.washingtonpost.com/wp-dyn/content/article/2007/05/21/AR2007052101701.html?hpid=topnews

Doctors, Legislators Resist Drugmakers' Prying Eyes

By Christopher Lee
Washington Post Staff Writer
Tuesday, May 22, 2007; A01

Seattle pediatrician Rupin Thakkar's first inkling that the pharmaceutical industry was peering over his shoulder and into his prescription pad came in a letter from a drug representative about the generic drops Thakkar prescribes to treat infectious pinkeye.

In the letter, the salesperson wrote that Thakkar was causing his patients to miss more days of school than they would if he put them on Vigamox, a more expensive brand-name medicine made by Alcon Laboratories.

"My initial thought was 'How does she know what I'm prescribing?' " Thakkar said. "It feels intrusive. . . . I just feel strongly that medical encounters need to be private."

He is not alone. Many doctors object to drugmakers' common practice of contracting with data-mining companies to track exactly which medicines physicians prescribe and in what quantities -- information marketers and salespeople use to fine-tune their efforts. The industry defends the practice as a way of better educating physicians about new drugs.

Now the issue is bubbling up in the political arena. Last year, New Hampshire became the first state to try to curtail the practice, but a federal district judge three weeks ago ruled the law unconstitutional.

…..

This is an issue that has travelled below the radar for a good while and which needs more scrutiny. While the US and Australian approaches to collection of such data differ there are certainly similar data collection and data mining processes happening based on Australian GP prescribing records.

Third we have:

http://public.cq.com/docs/hb/hbnews110-000002509528.html

Medicare May Begin Contacting Inefficient Doctors in Mid-2008

By John Reichard, CQ HealthBeat Editor

The Medicare program has the data and the computer capacity to identify individual doctors who are inefficient compared with their peers and may begin contacting them as soon as mid-2008 to goad them to become more efficient, a top federal official testified Thursday.

“It’s an ambitious goal, but I think we need to set ambitious goals if we’re moving forward in this important reform area,” said Herbert Kuhn, acting deputy administrator for the Centers for Medicare and Medicaid Services.

Kuhn testified at a hearing called by House Ways and Means Health Subcommittee Chairman Pete Stark, D-Calif., to find new ways to control the growth in the volume of office visits, tests and procedures that doctors order for Medicare beneficiaries. There’s widespread agreement that the current method for doing that — cutting payments if volume exceeds a yearly spending target — isn’t working.

…..

This has a bit of the flavour of ‘Big Brother’ about it. Readers will be aware that Medicare Australia is already using similar techniques to identify practitioners who may benefit from ‘counselling’ regarding their approach to medical practice.

Care with the use of such information is clearly important and it seems reasonable that there be reasonable disclosure of what approaches are being adopted.

Medicare Australia provides an report of its compliance program which is found here:

http://www.medicare.gov.au/resources/national_compliance/national_compliance_program_2006-07.pdf

There is also a site for the Professional Service Review Agency which is found here:

http://www.psr.gov.au/

Fourth we have:

http://www.ehiprimarycare.com/comment_and_analysis/index.cfm?ID=218

An independent view

22 May 2007


On one level, it’s a no-brainer that whenever and wherever an NHS patient is taken ill, the clinicians caring for him or her should be able to access crucial information – especially in potentially life-threatening situations. My son, for example, is allergic to penicillin and about to go off to university. If he’s unlucky enough to be rushed to hospital semi-conscious with meningitis, I’d want the doctors involved to learn of his allergy promptly and alter their treatment plan accordingly. The Summary Care Record – a central repository of key data on all patients, derived from our NHS medical records – is designed to address precisely this situation.

But as we all know, there is a major downside to placing personal health information on a central server intended for rapid, easy access in unscheduled care situations. Despite strict data protection legislation in this country and abroad, examples of harm arising from lapses of one sort or another in so-called ‘secure’ information systems are not difficult to find. Nobody is going to refuse you a mortgage for being allergic to penicillin. But what if my son were HIV positive, or taking methadone as part of a drug rehabilitation programme that nobody outside the family knew about? These data items might prove equally crucial to him receiving life-saving treatment in an emergency, but they are private and sensitive in a way that a penicillin allergy isn’t. Potentially stigmatising conditions such as mental health problems, domestic violence, epilepsy or a past termination of pregnancy often map closely to the things a doctor needs to know about when someone gets taken ill unexpectedly.

…..

Professor Trisha Greenhalgh OBE, University College London

The good professor has expertise in evidenced based medicine and her full comments in this opinion piece are well worth a careful review.

The odd thing is that she is working towards a Final Report, to be published in May 2008 (with some interim deliverables planned). The report is to address such issues as

  • What, if anything, do stakeholders value about the Summary Care Record?
  • What exactly are their hopes and fears?
  • And, in what circumstances, the Summary Care Record is a ‘good thing’.

The odd thing about all this is that one would have thought these questions would have been sorted out well before this. I wonder what this review presages?

Lastly we have

http://www.health-itworld.com/newsletters/2007/05/22/tepr-ccr

Health PDF to Link Healthcare Providers

By Neil Versel

May 22, 2007 | DALLAS — After a couple of years of flying under the radar, a data standard known as the Continuity of Care Record (CCR) is starting to prove its worth to healthcare providers as an easy-to-use interoperability tool. And a modified version of the ubiquitous PDF is poised to do the same.

“It could be that the CCR is the only business model that works for a RHIO,” suggested St. Charles, Ill., family physician Stasia Kahn at the 23rd annual Towards the Electronic Patient Record (TEPR) meeting here this week.

Kahn talked about how she and other physicians in the Chicago area are building the foundation for a regional health information organization with the help of the CCR — an XML data set of essential information for when patients move between care settings — and encouraged other practitioners to adopt the standard. “There’s a lot of providers still waiting, and my message to you is there’s no reason to wait any longer,” said Kahn, who called the CCR the only real way to send secure, electronic clinical data from provider to provider right now.

But that may soon change, as a health-specific version of the Portable Document Format, known as PDF-H, is on its way, thanks to a collaboration between PDF inventor Adobe Systems and computer chip-maker Intel, with support from several medical specialty societies.

“Raise your hand if you can open a PDF document on your computer,” instructed Steven Waldren, director of the Center for Health Information Technology of the American Academy of Family Physicians. After pretty much everyone in the room complied, Waldren said, “That’s the use case.”

…..

This is just a fascinating development and – given the scale of the sponsors – it will be interesting indeed to see what, if anything comes from it. The full article provides more details and is, again, worth a read.

See also for more details:

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20070523/FREE/70523004/1029/FREE

HITS @ TEPR: Marrying the CCR, PDF

By: Joseph Conn / HITS staff writer

Story posted: May 23, 2007 - 11:25 am EDT

Other interesting URLs include:

http://www.dmreview.com/editorial/newsletter_article.cfm?articleId=1083057

Electronic Medical Records: Hospitals Harnessing the Power of Service-Oriented Architecture

by Kevin Kelley

Summary: Replacing paper with eletronic medical records could help hospitals define the next generation of SOA applications for the health care industry.

http://www.egovmonitor.com/node/11077

Are all government IT projects doomed to fail?

Date: 22 May 2007 - 10:47

By Eleanor Passmore, Researcher, The Work Foundation

http://www.eweek.com/article2/0,1895,2136105,00.asp

More Work Prescribed for Medical Info Network By Patrick Hoffman

More next week.

David.

Thursday, May 24, 2007

Guest Article on Health IT Privacy in Pulse +IT Issue 4 – May 2007

Visit the website for more information, many free articles, back articles and subscription information.

http://www.pulsemagazine.com.au/

----------

HEALTH INFORMATION PRIVACY: WHAT DO DOCTORS AND PATIENTS WANT AND NEED?

Dr David G More MB, PhD, FACHI

In the last few weeks we have had a number of reminders that management of the privacy of patient records remains a contentious and difficult area.

The first key reminder came in late February 2007 when Paul Feldman, co-chair of the American Health Information Community’s (AHIC) Confidentiality, Privacy and Security Workgroup, submitted his resignation to the interim National Coordinator for Health Information Technology at the Department of Health and Human Services (HHS).

AHIC (which has the same role as the Australian Health Information Council – also rather co-incidentally AHIC) is the peak health IT policy advisory board in the US and provides advice directly to the US Secretary for Health and Human Services (the equivalent of our Federal Health Minister).

In his resignation letter Feldman writes that the workgroup “has not made substantial progress toward the development of comprehensive privacy and security policies that must be at the core of a National Health Information Network (NHIN).”

Given this resignation comes after six meetings and many months of work, the degree of difficulty in reaching a consensus between parties is obvious.

The second reminder came with the April 2007 release of a survey conducted among UK GPs regarding the sharing of clinical records electronically with the UK NHS ‘Spine’ – which is a secure repository of shared electronic patient records which – under appropriate conditions – can be accessed to assist in patient management anywhere in the UK.

In summary the article in the UK Pulse magazine [not affiliated with Pulse+IT] survey found:

• About one-third of physicians said they will allow full sharing of their patient records;

• Four out of 10 physicians say they will opt out completely from the program and allow none of their records to be shared;

• 80% of physicians surveyed still think that sharing electronic health records can threaten patients’ confidentiality, despite a government marketing campaign to promote the IT program; and

• 67% of General Practitioners oppose the implied consent “opt out” model, which has formed the basis for the program to be rolled out.

If what is found in this survey is truly reflective of the views of practitioners, and I have no reason to assume it is not, then the implications for electronic sharing of health records by GPs is profound. What seems to be clear from these results is that a policy approach that makes practitioners feel secure and confident about the control of patient information, both for themselves and as agents for their patients, needs to be evolved.

A third reminder has come as recently as early May 2007 with multiple articles appearing in the E-Health Insider Primary Care - Issue No 116, 2 April 2007 reviewing the difficulties being faced by the UK Connecting for Health Program in getting acceptance for their ‘opt-out’ consent plans for electronic record sharing. More details can be found here:

www.ehiprimarycare.com

It seems to me there is one organisation and advocacy entity in the US that ‘gets it” and that is the Patient Privacy Rights Foundation which is a tiny non-profit entity led by Deborah Peel, an Austin, Texas-based psychiatrist.

As reported on the US Modern Medicine website, her views are as follows:

“Peel’s Patient Privacy Rights Foundation, meanwhile, has become a ubiquitous proponent for privacy controls in the growing debate over patient rights and healthcare data usage. On Tuesday, the Coalition for Patient Privacy, of which the foundation is a member and Peel serves as chairwoman, presented to a meeting of the HHS IT advisory panel, the American Health Information Community, an 11-point list of basic privacy principles. The principles also incorporate the definition of privacy developed by the National Committee on Vital and Health Statistics and presented to HHS Secretary Mike Leavitt last year that states: “Health information privacy is an individual’s right to control the acquisition, uses, or disclosures of his or her identifiable health data.” The principles include using technology to allow patients the right to opt-in or opt-out of electronic systems, giving patients control over access, providing for complete audit trails and allowing patients to segment sensitive information. In a letter to the AHIC over Peel’s name, she wrote, “Technology can create far stronger privacy protections and granular control over access to records than is possible in paper systems.” She called on AHIC to “facilitate the creation of an electronic health system that patients will trust by using ‘smart’ technology to build ironclad privacy protections into system designs up front.” The full article can be found here:

http://tinyurl.com/yuzodm

The core points she makes, and what I think is getting to be the minimum acceptable position, are the following:

1. To have acceptable health information privacy rights it is necessary that the individual control the acquisition, uses, or disclosures of his or her identifiable health data.

2. The principles that need to be implemented include using technology to allow patients the right to opt-in or opt-out of electronic systems, giving patients control over access, providing for complete audit trails, and allowing patients to segment sensitive information.

3. That with proper planning aforethought it is possible to design systems that meet these standards. It is not the lack of capacity to design privacy compliant systems it is the lack of will to do so that is the problem.

4. Clinicians need to keep uppermost in their minds that individuals provide information to them, trusting it will not be abused. If that trust is not honoured, no electronic record sharing system will succeed I believe.

With this said, it is also true that if you explain the purpose behind, and the benefit to be derived from, health information sharing, and make it clear only authorised or de-identified information sharing will occur, the vast majority of the population are comfortable and content. As long as they are asked for consent beforehand, and can opt-out if they choose, resistance melts away. This is especially the case among patients with chronic disease who receive treatment from a range of carers who need to be better co-ordinated than they are now by and large.

Also it needs to be said that the surreptitious sharing of patient information – even if de-identified – is a totally unsatisfactory practice and where it occurs it is to be condemned. The bottom line here is that people like to be asked, and if asked will usually agree. If not asked annoyance soon emerges – think un-invited telemarketing calls!

Public perception of the security of their information is also very important in this regard. The rising incidence of identity theft in the country is lessening the confidence of the public in technology to protect financial information and most people see their medical record as a more private document than their bank statement.

I also believe it is not good enough to take the position that paper and electronic records should be treated identically from a policy, technical and privacy perspective. The goal of record protection may be the same but the methods of implementation are clearly different. You have to try hard to disclose the information in multiple paper records due to their cumbersome nature and size. Not so with electronic records where we have seen tens of thousands of records disclosed with the loss of a single laptop or unencrypted DVD.

It seems to me there needs to be much more acceptance on the part of both system designers and clinicians that maintenance of health information privacy is an ‘elephant in the room’ that can truly derail the best technical approaches to information sharing. GPs, Specialists, Service Providers and Hospitals all need to keep this in mind as we move forward. Of course none of the above diminishes the need for awareness and action on the part of clinicians in their individual practices to also protect all internal records as well – be they paper or electronic. The hiccups with which I opened this article show what happens if you don’t. Once public trust is lost it will be very hard to regain. The bottom line of all this is that any e-health project that fails to get its approach to privacy right greatly increases its risk of failure - it is really that simple. What is needed is clear, so there is just no excuse!

Dr David More is an Independent Health Information Technology consultant and blogger who has been working in the e-Health domain for over twenty years. He is concerned at the lack of clinician and patient focus in much of what is happening in e-Health in Australia.

----------

David.

Tuesday, May 22, 2007

Talk about an Absolute Load of Rubbish!

In the august British Medical Journal of April, 21, 2007 an article entitled LESSON OF THE WEEK: Information technology cannot guarantee patient safety appeared. The article was by Saskia N de Wildt, Ron Verzijden, John N van den Anker, and Matthijs de Hoog and the reference is BMJ 2007; 334: 851-852. (doi: 10.1136/bmj.39104.625903.80)

The article provided commentary on the following case report:

“A 3 month old infant who arrived at the emergency department of a small regional hospital had clinical signs of meningococcal sepsis with petechiae, purpura, and shock. The infant was subsequently transferred to our paediatric intensive care unit. During transfer the patient was given infusions of dobutamine and noradrenaline by the transferring intensivist. The concentrations of 12 drugs that might be needed for infusion during transport had previously been calculated in the intensive care unit by the resident. This had been done by entering the patient’s weight into a preprogrammed PocketExcel sheet for a personal digital assistant (handheld computer).

When the patient arrived at the unit all running drugs were ordered using our electronic patient data management system (a bedside computer application). This system uses the patient’s weight and the desired infusion rate to calculate concentrations of solutions for infusion. However, the concentration of noradrenaline calculated was sevenfold lower than that calculated previously, so that the patient had received a sevenfold higher dose of this drug than intended for at least two hours.”

In simple terms what had happened was that a spreadsheet based drug dosage calculator had been found to have misled a tired resident at 4.00am in the morning. The reason this was possible was that a simple spreadsheet running on a hand held computer was used and the spreadsheet did not have functionality to ensure constants were not overwritten and the child’s weight was entered into the wrong column.

On the basis of this the article concludes – as indicated in the title – that “Information Technology Cannot Guarantee Patient Safety” I could equally validly conclude that amateur spreadsheet authors should not be permitted to program computing tools they did not fully understand or even that doctors should be compelled to use pencil and paper to calculate drug dosage regimens.

William T Stevenson, a Consultant Radiologist of the Royal Lancaster Infirmary LA1 4RP gets it oh so right in a letter to the editor stating:

“Pretty soon we can expect a Lesson of the Week emphasizing that it's a bad idea to remove the wrong kidney.

The point here is that if a bunch of zombies (presumably members of the group who believe that information from the Internet must be reliable, that walking along the street engrossed in a mobile phone is an activity worthy of a sentient being and that counselling and mentoring are good ideas) are permitted to entrust all responsibility for a simple calculation with a potential deadly effect to a calculator, things are apt to go wrong.

It is a truth universally acknowledged that people who operate on hearts know which way the blood goes round; people who wish to inject dangerous drugs are expected to be able to find out how much to inject. They are not permitted to claim "I was never any good with figures"-if that's too tough they need to look for a job in Ethics or something.

You take a piece of paper, round the numbers to integers, get the powers of 10 correct, and get the rough answer. Then see if it's reasonable. Then use the calculator, spreadsheet or supercomputer, if you can't rid yourself of the delusion that the more decimal places the better. Surely the combination of A-levels, years at medical school and MMC can achieve this without pleading that we are helpless victims of those terrible computers.

Isn't the Public entitled to expect that a little thought has gone into 'fail-safing' these systems, in view of the inevitable failure of components? I suggest a little notebook with writing in it. “

For a major, refereed clinical journal to publish such an article just leaves me speechless and plays to the prejudice of the one or two Luddite practitioners who are still out there and seem to be found within the walls of the BMJ editorial offices.

The BMJ and its editors are guilty of the most amazing logical over-reach I have seen in years and are to be condemned for their stupidity.

This said, of course any computer program that is used in clinical care delivery needs to be robustly tested before deployment and the use of facilities such as range-checking and so on are vital – as is usability and safety testing to ensure safe program operation. The lesson here, if there is one, is that any programs used to support clinical care delivery need to be professionally and responsibly evaluated both for clinical and technical safety before deployment. Creation of such tools is not something to be done by enthusiastic but technically limited amateurs who do not appreciate the possible risks they run.

David.

Monday, May 21, 2007

NEHTA – How Far Has it Come?

The Medical Software Industry Association (MSIA) is convening a MSIA Round Table Conference on Tuesday – 22nd May, 2007 in Sydney at the Stamford Plaza Sydney Airport Hotel. Tomorrow, if you are reading this on the day it is being posted!

According to the Pre-Meeting Publicity:

“This is a key opportunity for Federal and State Health agencies, clinicians, academics, standards bodies, and health information professionals to exchange views with the nation’s leading providers of clinical software and health communications systems solutions.

With the increase in government Health Information Management initiatives such as Health On-line, The Medical Software Industry Association (MSIA) has become increasingly active in representing the interests of all healthcare software providers and has negotiated a range of important changes.

This MSIA led Round Table Conference will reflect the MSIA's current standing on these relationships and develop strategies to move towards formalising these relationships with industry organisations and government groups. This is a major opportunity for various bodies to express their concerns and aspirations to a wide audience to create a better understanding of major issues affecting the health sector and the impact upon the industry.

Presentation and discussion forums will include:

1. Communicating with the Software Industry – what has worked?

  • Commonwealth e-health Agencies and Initiative,
  • PBS on-line,
  • Pharmbiz,
  • DoHA,
  • MBF
  • nehta Communication Strategies

2. Interoperability and Messaging – Why is it so Hard?

  • What Standards should be used?
  • Accreditation
  • Making e-Communication more like the Telephone Network

3. nehta – what has been achieved?

  • SNOMED CT – Update & Licensing
  • Medications Terminology
  • Building Blocks and Communication

4. E-Claiming

  • HIC on-line – What next?
  • Is x400 dead?
  • Who is making money?
  • The banks and e-Claiming

5. The Health IT ‘Action Agenda’

  • What is it and what is the potential?
  • What I need to know about it?
  • How will it help me and my business?
  • Current state of play and progress – DoHA presentation

6. The Way Forward and Conclusion”

This sounds like a very useful meeting and it seemed a good opportunity to prepare some thoughts on the question of NEHTA – what has been achieved and to try and form a view as to whether we are headed in the right direction. It is a pity that NEHTA – for their own reasons as I am informed – has chosen not to attend.

I think the answer to the question of what NEHTA has achieved is that "It is too early to tell yet” as the probably apocryphal story suggests was said by the great Chinese revolutionary Chou En-lai when asked for his for his evaluation of the French Revolution.

This said there are two things that can also be said. First , what NEHTA is attempting is no doubt a major complex challenge and second that so far, from the point of view of an external observer, they seem to be going about their brief very incompetently. From where I sit the risk of overall failure looks worryingly high.

What have they and are they doing wrong?

The key things I see as mistakes are:

1. The failure to develop an operational Strategic Plan, Business Case and Implementation Plan to facilitated the delivery of the outcomes sought by Health Ministers in August 2004 when NEHTA was authorized (Based on the Boston Consulting Group work of the same year).

2. The decision to corporatise the NEHTA entity which has removed NEHTA from effective public scrutiny and review and has disengaged the body from many of its public sector clients.

3. The ongoing lack of quality in many of the NEHTA documentary deliverables. Other than the document relating to the adoption of HL7 there have – in the last year – been a series of either useless or incomplete or excessively impractical documents produced with have added minimum value to the Australian E-Health domain. ( A secondary problem is the ‘ex cathedra’ approach to document release).

4. The continuing lack of transparency regarding NEHTA internal decision making with commercial-in-confidence and secrecy being made an art form quite unnecessarily. Given the public policy and standards role NEHTA is meant to play there should be totally open policy development processes and all strategic advice received by NEHTA should be made public for comment and feedback. Equally the NEHTA Board should publish relevant and adequately detailed minutes of the policy aspects of their meetings.

5. The failure to seek proper engagement with the Medical Software Industry.

6. The failure to ensure the boundaries between the roles of DoHA, the Australian Health Information Council, the States and Standards Australia’s IT-14 Committee were well defined and able to be understood so roles and responsibilities were clear.

7. The tokenistic way much of the stakeholder consultation has been undertaken and the almost Joh like “don’t you worry about that” style of management. The privacy consultations undertaken so far are examples of listening at its worst.

8. The obvious “tail wagging the dog” mode of operation seen in the way the NEHTA Executive and the NEHTA Board interact. Given the public sector backgrounds of the Board members if they actually understood what was at stake and enough of what was happening internally within NEHTA to manage it actively I am sure it would be a different, more open, more consultative and much more useful organisation.

9. The failure of the NEHTA Board and Management to recognise there are urgent issues which need to be addressed at both State and Commonwealth levels. The time frames NEHTA is working to are excessively relaxed – especially given the level of resourcing and staff available.

10. The sectional focus – on Public State Hospital Issues and Commonwealth Issues with minimal focus on either the private hospital or private practitioner needs. The lack of a holistic Health System Wide vision and approach is a key failing.

11. The delays that are now becoming obvious in a range of the work program components. The worst apparent examples are in the Benefits Realization , Shared EHR and Medicine Terminology areas.

To date the only successes I can see are the acquisition of the national license for SNOMED CT and the decision to adopt HL7 as a messaging and possibly EHR content Standard. Not much really for the $20+ million NEHTA has cost to date – excluding the money being spent on the UHI projects. Progress on the needed extensions to SNOMED CT before it is useful has been slow and seemingly badly managed if the delays in delivery are anything to go by.

The bottom line is that what NEHTA is trying to do is very badly needed, but the way they are going about it is deeply flawed in my view and the direction needs serious modification.

One can only hope the planned review will get them back on a sensible path.

David.

Sunday, May 20, 2007

Useful and Interesting Health IT Links from the Last Week – 20/05/2007

Again, in the last week I have come across a few reports and news items which are worth passing on. These include first:

http://www.informatics-review.com/

“Improving Information Technology Adoption and Implementation Through the Identification of Appropriate Benefits: Creating IMPROVE-IT

This paper describes the objectives of a collaborative initiative, IMPROVE-IT, that attempts to provide the evidence that increased information technology (IT) capabilities, availability, and use lead directly to improved clinical quality, safety, and effectiveness within the inpatient hospital setting. This collaborative network has defined specific measurement indicators in an attempt to examine the existence, timing, and level of improvements in health outcomes that can be derived from IT investment. These indicators are in three areas: (1) IT costs (which includes both initial and ongoing investment), (2) IT infusion (ie, system availability, adoption, and deployment), and (3) health performance (eg, clinical efficacy, efficiency, quality, and effectiveness).”

The full paper can be found at:

http://www.jmir.org/2007/2/e9

This is a useful contribution which aims to foster careful research on the value contributed by Health IT towards healthcare system quality, safety and efficiency and effectiveness. The lack of a totally compelling integrated evidence set on this matter is a significant blocker of further investment in the area and the initiative is to be encouraged.

It should not be underestimated just how hard this task is and how complex gathering credible data can be in this area.

It would be good of some health service organisations in Australia could contribute to the research.

Second we have:

http://www.kaisernetwork.org/daily_reports/rep_index.cfm?DR_ID=45023

Recent Releases | Issue Brief Examines How Personal Health Record Products Meet Needs of Underserved Minorities

[May 18, 2007]

"Personal Health Records: What Do Underserved Consumers Want?" Mathematica Policy Research: The issue brief describes features of personal health records -- paper- or electronic-based systems to record an individuals health information -- and looks at how those features meet the needs and wants of underserved minorities. According to the brief, based on focus groups conducted with underserved minorities from New Brunswick, N.J., people want PHRs that are portable, secure, private, simple and affordable. Minorities also would pay modest fees to set up and update the PHRs, but they would be reluctant to pay maintenance fees. The brief suggests that PHR developers might need to increase their efforts to assess their products' usability among low-income minorities who might have limited access to computers and low health literacy (MPR release, 5/17).”

The full issue brief can be found here:

http://www.mathematica-mpr.com/publications/pdfs/phrissuebr.pdf

It was interesting that the focus group participants, questioned by the study found that:

  • All favoured a smart card, or other device as large as a credit card, that can be scanned by health providers to obtain their records;
  • All wanted to choose who can access their PHRs, with restricted access to certain individuals and an audit trail to show who accessed the records and why;
  • Most want basic personal health information in their PHRs, including demographic and health insurance information and lists of conditions, medications and allergies; and
  • Many would pay setup fees of up to $30 and update fees of up to $5.

It is worth noting that even in a disadvantaged group there was considerable clarity about the need for the individual to control what happened to their information and that keeping it simple is probably the best way to start.

Third we have:

http://www.commonwealthfund.org/publications/publications_show.htm?doc_id=482678

“Mirror, Mirror on the Wall: An International Update on the Comparative Performance of American Health Care

Overview

Despite having the most costly health system in the world, the United States consistently underperforms on most dimensions of performance, relative to other countries. This report—an update to two earlier editions—includes data from surveys of patients, as well as information from primary care physicians about their medical practices and views of their countries' health systems. Compared with five other nations—Australia, Canada, Germany, New Zealand, the United Kingdom—the U.S. health care system ranks last or next-to-last on five dimensions of a high performance health system: quality, access, efficiency, equity, and healthy lives. The U.S. is the only country in the study without universal health insurance coverage, partly accounting for its poor performance on access, equity, and health outcomes. The inclusion of physician survey data also shows the U.S. lagging in adoption of information technology and use of nurses to improve care coordination for the chronically ill.

Executive Summary

The U.S. health system is the most expensive in the world, but comparative analyses consistently show the United States underperforms relative to other countries on most dimensions of performance. This report, which includes information from primary care physicians about their medical practices and views of their countries' health systems, confirms the patient survey findings discussed in previous editions of Mirror, Mirror. It also includes information on health care outcomes that were featured in the U.S. health system scorecard issued by the Commonwealth Fund Commission on a High Performance Health System.

Among the six nations studied—Australia, Canada, Germany, New Zealand, the United Kingdom, and the United States—the U.S. ranks last, as it did in the 2006 and 2004 editions of Mirror, Mirror. Most troubling, the U.S. fails to achieve better health outcomes than the other countries, and as shown in the earlier editions, the U.S. is last on dimensions of access, patient safety, efficiency, and equity. The 2007 edition includes data from the six countries and incorporates patients' and physicians' survey results on care experiences and ratings on various dimensions of care.

The most notable way the U.S. differs from other countries is the absence of universal health insurance coverage. Other nations ensure the accessibility of care through universal health insurance systems and through better ties between patients and the physician practices that serve as their long-term "medical home." It is not surprising, therefore, that the U.S. substantially underperforms other countries on measures of access to care and equity in health care between populations with above-average and below average incomes.

With the inclusion of physician survey data in the analysis, it is also apparent that the U.S. is lagging in adoption of information technology and national policies that promote quality improvement. The U.S. can learn from what physicians and patients have to say about practices that can lead to better management of chronic conditions and better coordination of care. Information systems in countries like Germany, New Zealand, and the U.K. enhance the ability of physicians to monitor chronic conditions and medication use. These countries also routinely employ non-physician clinicians such as nurses to assist with managing patients with chronic diseases.

The area where the U.S. health care system performs best is preventive care, an area that has been monitored closely for over a decade by managed care plans. Nonetheless, the U.S. scores particularly poorly on its ability to promote healthy lives, and on the provision of care that is safe and coordinated, as well as accessible, efficient, and equitable.

For all countries, responses indicate room for improvement. Yet, the other five countries spend considerably less on health care per person and as a percent of gross domestic product than does the United States. These findings indicate that, from the perspectives of both physicians and patients, the U.S. health care system could do much better in achieving better value for the nation's substantial investment in health.”

This report is available to download from the web-site referenced above.

The slide pack of 130 or so comparative slides which is also available for download from the same site is an invaluable and carefully researched resource.

The report provides useful coverage of the adoption and use of Health IT in the countries analysed and is well work a download and review.

Fourth we have:

http://www.healthcareitnews.com/story.cms?id=7130

Home telemonitoring works, study claims

By Richard Pizzi, Associate Editor

05/10/07


MONTREAL – Home telemonitoring of chronic diseases appears to be a promising approach to patient management, says a team of Canadian scholars who reviewed more than 65 telemonitoring studies in the United States and Europe.

The study, entitled “Systematic Review of Home Telemonitoring for Chronic Diseases: The Evidence Base,” appeared in the May/June 2007 issue of the Journal of the American Medical Informatics Association.

Researchers at the University of Montreal in Quebec, Canada, searched the Medline and Cochrane Library databases for research studies on telemonitoring published between 1990 and 2006. The 65 papers they examined included studies on the home-based management of chronic pulmonary conditions, cardiac diseases, diabetes, and hypertension. Each of the studies employed various information technologies that were used to monitor patients at a distance.

The Canadian scholars, led by Guy Paré of the University of Montreal’s Health Administration department, concluded that home telemonitoring produces accurate and reliable data, empowers patients and influences their attitudes and behaviors, and may improve their medical conditions.

Paré and his colleagues claimed that the magnitude and significance of the effects that telemonitoring has on patients’ conditions still remains inconclusive. Nevertheless, the study’s results suggest that patients will comply with telemonitoring programs and appear to embrace the IT involved. This seemed to be true regardless of a patient’s nationality, socioeconomic status, or age.

…..

The complete article can be read at the URL above.

This is a very interesting systemic review that show the well planned telemonitoring initiatives can make a difference to the outcomes of patient care. Another brick in the wall showing the value of ICT in the health sector.

Lastly we have

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20070514/FREE/70514003/1029/FREE

Peel brings privacy issues 'front and center': profile

By: Joseph Conn / HITS staff writer

Story posted: May 14, 2007 - 8:55 am EDT

Part one of a two-part series:

The telephone rang as Deborah Peel was driving to the airport outside Austin, Texas, a few weeks ago.

It was one of several long-distance calls she'd had that day with someone, though not a patient, who nonetheless was seeking Peel's help and support. For Peel, a physician trained in psychoanalytic psychiatry, her end of the conversation was a blend of delicate probing, empathic listening and full-bore affirmation.

When the phone call ended, Peel smiled, knowing that even though the problem was not yet fully resolved, her caller was in a better place.

"Everybody needs to be listened to," she explained. It's a phrase that isn't on Peel's business cards, but perhaps it should be.

According to Peel, 55, who is winding down her solo psychiatric practice of 30 years, today she's listening to far more patients than have ever been through her Austin office, with its Oriental rug, cloth upholstered couch and four glass-fronted bookcases stuffed with texts, including 23 light-blue volumes of the writings of Sigmund Freud.

…..

This is a useful pair of articles that describe the views of Dr Peel on the requirements for Health Information Privacy that are sought by the American public. The issue of the use of health information in data-mining is currently flying ‘under the radar’ in Australia but I would suggest this is likely to change as awareness of such practices on behalf of Medicare Australia and the Private Health Funds becomes more common.

More next week.

David.

Friday, May 18, 2007

Now Hold on Just A Moment! - Privacy Report Part 2

In the previous article I mentioned that NEHTA had just released a new document entitled “Privacy Blueprint on Unique Healthcare Identifiers - Report on Feedback - Version 1.0 - 14/05/2007”.

A friend of the blog has managed (through considerable diligence) to locate three of the 14 written submissions mentioned in the report and provided detailed comment in the same blog as the first comment. These submissions come from the Office of the Commonwealth Privacy Commissioner (31 Pages), the Australian Privacy Foundation (4 Pages) and the Consumer Health Forum (11 Pages).

These are available on-line and the links to those submissions are as follows:

APF:

http://www.privacy.org.au/Papers/NeHTA_UHI_Blue070313.pdf

OPC:

http://www.privacy.gov.au/publications/subnehtauhi200703_print.html

CHF:

http://www.chf.org.au/Docs/Downloads/430_NeHTA_Privacy_Blueprint_Submission.pdf

Having had a chance to review what these three submissions say, I would suggest it is even more important that all the submissions are made public as it is clear the summary of what was submitted to NEHTA vastly understates the subtlety, number, importance and complexity of what NEHTA has been told.

Readers are asked to download and read for themselves and I am sure they will realise, and agree, just how severely NEHTA’s summary sells the issue very much short.

Given the terrible experience overseas of e-health projects when privacy is not properly addressed NEHTA seems to me to be "burying its head in the sand" over the complexity and difficulty of all this - despite its new found keenness to employ a Privacy Officer.

David.

PS – To answer the question posed in the earlier comment, no, I did not provide a written submission.

D.

Wednesday, May 16, 2007

NEHTA Goes Back to Its Old and Less Desirable Ways.

NEHTA has just released a new document entitled “Privacy Blueprint on Unique Healthcare Identifiers - Report on Feedback - Version 1.0 - 14/05/2007”

The eight page document provides a summary of the fourteen written submissions received during the two-month public consultation period (which began in December 2006) with several bodies requiring an extension until mid-March 2007.

The first and most obvious question is where are the actual submissions? It seems we are not allowed to read them and form our own view as to what are the respondents views. We have to be given a 'pre-digested' and simplified summary. This is of course totally different to the operation of the Access Card Privacy Task Force where all the submissions – even the anonymous ones – are made available on the Department of Human Services web-site. I wonder what NEHTA has to hide?

As for the document itself the following caught my attention:

1. “ It is clear from submissions that the discrete concept of unique healthcare identification is difficult to understand in isolation from other e-health activities (such as the application of identifiers in clinical systems).”

Well clearly I am with the stupid! It seems pretty clear you only have healthcare identification (i.e. the allocation of a unique number or code to an individual person of healthcare provider) so you can apply, look up or use it in some application or system – so precisely how can it be understood in isolation? Blowed if I know.

2. “NEHTA will identify additional avenues and means of communication throughout 2007-08 to ensure wide coverage of key stakeholders for future consultation activities”

I see from this we are going to be consulted and communicated with for the next eighteen months. Seems to me a bit of focus and effort could do what is required in about a quarter of that time!

3. “Many submissions specifically commended and endorsed NEHTA's proactive approach to privacy management and consultation.”

I read this as saying those consulted appreciated being asked – not that they actually agreed with what was proposed.

4. “The connection to the Australian Government's Health and Social Services Access Card was queried by many submissions, some revealing the mistaken belief that there was or should be a formal relationship between the two initiatives.”

This statement comes from Section 3.2 “Overlap of UHI with other initiatives”. It is a great pity this section does not explain its position. All we get, in five short paragraphs, is that many respondents who thought there was or should be a ‘link’ were mistaken. But why were they mistaken? Where is the explanation?

It is clear that both projects are identity management initiatives being undertaken by government, that a key use of the Access Card is to provide access to health services, and that the Access Card will be a more trustworthy identifier than the IHI from NEHTA. So we need to have it explained to our simple minds just why the two ought not be linked – especially now we know the same department – Human Services – will be operating both databases almost certainly. The denial around this is just bizarre. They are clearly parallel projects that aim to do similar things. So why not explain why separate initiatives are needed. Blowed if I know – especially since we also now know that the IHI will almost certainly need its own enabling legislation – just like the Access Card.

5. “NEHTA's view remains that legislative support for the UHI Service will provide the greatest level of legal certainty around meeting consent requirements, and therefore promote trust and confidence.”

Section 3.3 on Consent gives us four paragraphs that say we will need to legislate but it does not say what the terms of the legislation will be. This is about as useful as the legendary 'barnacle on a battleship' and reflects the arrogance of the initial blueprint with its Joh like 'don't you worry about that' type of approach.

As I argue in another article it you don't get consent right in e-health projects you can doom yourself. It is not clear from this document NEHTA understands that.

6. “NEHTA's planned secondary uses consultancy for 2007 will identify principles for assessing secondary uses in both the UHI and Shared EHR and develop a secondary uses framework. NEHTA will examine national and international approaches to secondary uses, which will also inform recommendations on the degree to which secondary uses should be supported by and managed within NEHTA initiatives.”

In section 3.4 we get three paragraphs to cover what was learned from the fourteen submissions.

Essentially the document says we need to do more work.

I would make two points. First it is important to distinguish between the IHI and the associated data. I can conceive of no reason for the actual data record to be the subject of secondary use and second it would seem to me that the UHI itself would be recorded on any record that was to be the subject of secondary processing so it is all that is needed for secondary record linkage. That being the case I struggle to understand just why the IHI record would ever be disclosed external to the IHI service.

The use of the actual UHI identifier for secondary record linkage would of course need to be controlled as other such identifiers presently are under legislation and to required specific authorisation from ethics bodies and the like.

7. “NEHTA was aware of these overarching privacy risks as a result of internal privacy analysis combined with the results of the early-2006 preliminary Privacy Impact Assessment. Knowledge of these particular privacy risks for the UHI Service has informed the development and design of the UHI Service and will continued to be managed through work examining:

· Data security;

· User authentication;

· Audit and access requirements; and

· Governance.”

What this is really talking about is the 'honey pot effect'. Create a database with the demographics of all 16 million citizens and you create a resource every debt collector, thug and violent husband will look forward to be able to access, for a small fee. Access will be provided by the greedy and unprincipled in the healthcare provider community of which we all know there are some. Not many, but enough, to make any privacy assurances largely moot.

NEHTA just hopes no one will notice although it is of concern as they write:

“The remaining principle (informing consumers fully about any privacy breaches) is consistent with NEHTA's position on the need for openness and accountability, however was not specifically considered in the Privacy Blueprint.”

Pity it was not made clear NEHTA will make sure this is implemented – along with compensation for those who are forced to re-locate to escape the violent ex-spouse.

8. “Key issues noted in submissions included:

· The extent of administrator access and healthcare provider organisational access to healthcare individual's unique identifier and associated record;

· The requirement for strict guidelines for access to UHI Service to prevent abuse and the chance of errors in the system;

· The range of data fields on individuals proposed to be collected; and

· The need for a flexible framework dealing with authorised representatives so that the provision of healthcare is not adversely affected by administrative requirements.”

These are all important issues and again we get no answers.

In summary this document is a less than useful re-statement of the problems associated with the introduction of the UHI service which offers no significant answers, insights or progress.

Worse the material on which it is based is not disclosed despite “NEHTA's position on the need for openness and accountability”.

Yet another hastily pushed out useless and obfuscatory document. The imminent review of NEHTA’s usefulness must really have NEHTA worried. And rightly so in my view.

David.

And now some very late news!

Finally NEHTA is hiring a dedicated privacy officer!

“The National E-Health Transition Authority Limited (NEHTA) is advertising for a Privacy Officer. Advertisement is below.

Be part of Healthcare Reform

An exciting opportunity exists for an experienced Privacy Officer to join the Unique Healthcare Identification (UHI) Program - one of the cornerstones of a new e-health framework

• Sydney CBD

• Great development opportunity

The National E-Health Transition Authority Limited (NEHTA) is a not-for-profit company established by the Australian Commonwealth, State and Territory governments to develop better ways of electronically collecting and securely exchanging health information.

NEHTA’s mission is to set the standards, specification and national infrastructure requirements for secure, interoperable electronic health information systems. The Australian State and Territory governments will then adopt these requirements nationally, with the aim of creating a common national approach that will set the foundations for widespread and rapid adoption of e- health across the national health sector.

NEHTA and privacy

From the outset, NEHTA has recognised that privacy is an issue of great concern to Australians – particularly in the health sector. Protection of privacy is fundamental to maintaining consumer confidence and encouraging individuals to participate in e-health initiatives. At the same time, the frameworks must facilitate the best possible outcomes for the improved provision of healthcare and safety in Australia, including better sharing and availability of health information.

NEHTA’s privacy management strategy for the UHI Service is primarily set out in its Privacy Blueprint publication (available on the NEHTA website under Publications). The Privacy Blueprint for the UHI Service provides a framework for identifying and Discussing privacy issues and sets out an action plan for managing privacy risks. Using this approach has ensured that NEHTA has proactively considered its privacy compliance position and promoted a coordinated approach to privacy management.

An exciting opportunity exists....for an experienced Privacy Officer who will be responsible for further developing the UHI Program’s privacy framework and supporting documentation, including policies, procedures and privacy notices, and assisting with the management of key privacy activities, such as the Privacy Impact Assessment (PIA).

For further details about this position, please go to the NEHTA website at www.nehta.gov.au and navigate to the Employment page.

For enquiries please email careers-at-nehta.gov.au.”

Only three years too late and hardly making it clear they know what is public wants is key!

D.

Tuesday, May 15, 2007

SA HealthConnect Opens an Appalling e-Health Tender.

SA HealthConnect are at it again – working hard to squander public money as quickly as possible.

On May 8 the HealthConnect SA Released a Tender Seeking a South Australian Care Planning System (SACPS).

---------

Apology: I am sorry to be posting a lot of detail – but to follow just how bad this tender is it is important to read closely and with the background that can be found at the HealthConnect SA website.

http://www.healthconnectsa.org.au/ - was temporarily unavailable Mon 14 May at 4:47 pm EST. Fixed at time of posting.

For those who want the message without pain the next two or three and last 10 paragraphs will do it!

---------

Essentially the tender says – as I read it – we are seeking to procure a South Australian Care Planning System (SACPS). We are not sure what it should look like and what functionality it will be able to deliver but it has to be implemented and ready to be evaluated by March 2008. It also has to provide a shared care planning record that is web accessible and that can be used by GPs, Specialists and Hospitals (at least). Oh! – and yes - the money runs out on June 30, 2008 and ongoing operation beyond that time is not guaranteed. As an additional complication for you, our humble responder, we want the system to utilise NEHTA services which are not planned to exist until 2009/10 at the earliest.

What the tender goes on to say is – because we are so vague as to what we want and what is likely to be available, either off the shelf or needing to be developed – we want a fixed price bid that we can negotiate around to come up with something we think is suitable. Also, again because of our vagueness, can tender respondents please come up with a range of implementation and delivery options we can choose from.

Clarity around the decision making to decide how many respondents to negotiate and discuss with – and possibly collect intellectual property from for free – is also not provided as best I can tell!

And to make potential tender respondents really comfortable we then read:

“Because of this, the HealthConnect SA Program is seeking partnership with a preferred vendor that:

Demonstrates an innovative approach to this RFP;

Is able to articulate the vision for the goal-state SACPS;

Is committed to delivering or migrating to standards-based solutions;

Shares the financial burden associated with developing standards-based solutions; and

Recognises the commercial value of partnering with HealthConnect SA.

In responding to this RFP, respondents are requested to identify how such a partnership might work, the benefits envisaged by such a partnership and what would be expected of HealthConnect SA in entering into such an arrangement.”

This is code for “we want you to bear a good part of the cost of getting this thing up”!

Even more fun is an earlier part of Section 3.26 as follows:

“The HealthConnect SA Program expects the goal-state SACPS to be at the forefront of a new generation of ICT systems in the Australia health system. The goal-state SACPS will lead on three fronts:

The extent to which enhanced care planning functions will be available to support health care providers across disparate healthcare settings;

The high levels of interoperability that will exist between the SACPS and other key State and National initiatives; and

The adoption and use of standards and migration of the SACPS in line with developments in the NEHTA work program.”

To help the SA HealthConnect workout what they are asking for the responding vendor to provide a “Gap Analysis” identifying the differences between the possible and the fantasy they have in mind but have not clearly articulated.

Forgive me but this is really just nonsense. But it gets worse. Mandatory requirements are provided in Section 32.9.1

Mandatory Requirements

· Financial viability of the Respondent;

· Health Industry Experience of the Respondent;

· Evidence of proven integration experience with HL7;

· A clear vision for their system architecture;

· Evidence of a history of embracing standards;

· Evidence that a satisfactory governance structure is in place between all participants in the response; and

· Demonstrated project management experience.

That's it! – All the rest seems to be optional and to be responded to on a “here is what we can do” basis.

Also of note is that

“The scope of the initial care planning function set will be determined by:

1) The care planning functionality already available in the respondent's proposed products;

2) Any functionality that can be developed within the timeframes for Phase 1; and

3) Affordability.”

This is saying we want as much as you can provide – but if it is going to cost a lot we might want a bit less.

The timetable provided in section 32.5 is also a stunner:

“As such, the following timeframes for the SACPS are envisaged:

Issue of the RFP – Tuesday 8th May 2007;

Deadline for RFP responses Tuesday 12th June 2007;

Evaluation of responses and identification of preferred respondent by Friday 6th July 2007;

Detailed negotiation phase including an agreed scope of work and award of contract by the 17th August 2007 or earlier where possible;

Phase 1 implementation must commence as early as possible in the period between 17th August 2007 through to 31st March 2008 - based on implementing an agreed set of care planning functions. This timeframe is to allow for as much operational use of the SACPS by participating providers and consumers prior to a project evaluation occurring;

A project evaluation some time between March and June 2008;

Formal support mechanisms commencing July 1st 2008 under the business model agreed during the negotiation phase; and

Phase 2 – Further functionality scoped and rolled-out post July 1st 2008, subject to securing ongoing funding.”

This says you have from August 2007 until March 2008 to have something going (7-8 Months) before it will be evaluated and a decision made as to whether funding will continue from elsewhere.

What is more amazing is that nowhere is it stated how many practices, specialists, hospitals and so on are to be connected, using the system etc for the evaluation to take place.

Lastly we have the costing. The responder is asked to provide the following cost breakdown:

Implementation

Base Package Licence Costs

Gap Analysis Costs

Software Customisation / Modification Costs

Third Party Software Costs

Base Software Package Maintenance Costs

Training Costs

(identify training courses and their number)

Other Costs / Alternative Costs

(provide a breakdown of costs)

Project Management Costs

Implementation Costs

Interface Development Costs

(including testing and commissioning)

Data Conversion / Migration Costs

(including acceptance testing costs and conversion process)

Documentation Costs

Travel Expenses

Total Implementation Costs

Ongoing Recurrent Costs

Hosted Service Costs

Software Maintenance / Support

Interface Maintenance / Support

Third Party Maintenance / Support

Other Costs / Alternative Costs

(Provide a breakdown of costs)

Total Ongoing Recurrent Costs

Total Project Costs

These costs are not required for just the initial first year but for the next seven years!

So any provider who tenders is meant to provide an unknown scope of solution, reaching an unknown number of users, in a strategic vacuum with undefined functionality, but provide fixed costings for the next seven years.

There is also another and more subtle issue with all this. The tender makes a great fuss about all the NEHTA directions and standards but fails to really recognise the need to use HL7 in the list of Standards to be complied with and does not mention CDA R2 as a record format – rather than the older and virtually unusable, in my view, CIP standards. It would seem vital that at the moment of issue any tender issued by SA Health would be totally up-to-date on NEHTA directions given it is a core member. One really wonders just how much input NEHTA has had in shaping all this?

Also of interest are the following:

1. Just what approach is being taken to manage patient expectations regarding the privacy of patients – a key factor in the success of all Shared EHR initiatives. While the tender says those involved in the procurement will conform to the Health Department's Code of Fair Information Practice, just what will happen to patient information is not stated.

Regular readers will recall we have yet to hear just how privacy compliant OACIS is in South Australia. I have asked twice and the silence has been deafening!

2. Just how a design of the SACPS will ultimately be made conformant to final NEHTA Shared EHR requirements given they are presently not at all well defined. The amount of re-work required must be impossible to estimate and cost at this time

3. The prospective providers are not asked to address a Migration Strategy from the current OzDocOnline Trial to their solution. Is it assumed all that data will be lost or is the outcome of the tender less uncertain than it may appear?

4. This tender is weeks late in its release – originally promised for March 2007 – that is part of the reason the timelines are so silly. The writers can’t project manage and now the providers have to suffer and evaluation has to be truncated..what a joke!

This really is the most laughable public Health IT tender I have ever seen and I have seen some bad ones. Anyone who spends any time to respond to this rubbish is out of their mind I believe and deserve all the pain they get..and it will be a great deal.

What should be done is easy:

1. This tender should be withdrawn before anyone spends money responding to it.

2. The review of the Care Planning Trial needs to be completed and the lessons learnt.

3. Working with clinicians and users a real set of functional and requirements needs to be developed.

4. A new tender with all the appropriate attributes, reasonable timelines and clarity of purpose should then be released after review by NEHTA and DoHA.

As always it seems we have plenty of money to waste getting it wrong, but are not prepared to spend a little more money and take a little more time to get it right!

Someone needs to put a stop to this – and soon! (NEHTA maybe)?

David.