Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"


H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Tuesday, September 30, 2008

The Rest Of the Health IT News for 29-09-2008.

It has been another of those weeks when just too much interesting stuff has been announced. The following are some pointers and brief comments on a few others that caught my eye.

First we have.

SCR consent model changes

18 Sep 2008

The NHS Care Records Board will today confirm that patients will be asked for permission to share their record at each clinical encounter.

In a much-anticipated move, the board has acted on the recommendations of the May 2008 UCL report on the first primary care trusts to adopt the Summary Care Record.

Patients will still have to opt out of having a record created, but “consent to view” will become an integral part of using the SCR, the board agreed yesterday.

Dr Gillian Braunold, clinical director for the SCR and HealthSpace said the new consent model considerably simplifies that used in the five early adopter PCTs.

More here:


This is important as it moves the UK to the appropriate ‘opt-in’ consent model.

Second we have.

Health System Leaders Fight Resistance to PHR Adoption

by Kate Ackerman, iHealthBeat Editor

Health systems nationwide are in varying stages of implementing personal health record applications. The thought is that the technology can provide clinicians with a gold mine of data that will be helpful in improving both efficiency and care quality, while providing consumers with the tools necessary to take a more active role in their health care. Despite the benefits, resistance remains.

At a Project HealthDesign conference in Washington, D.C., last week, health system leaders discussed their efforts to ease concerns and ultimately make PHRs a staple of their health care systems.

More here:


A review of the state of play with some useful links:

Third we have.

iSoft India gives shape to world's largest health project

BANGALORE: Healthcare software provider iSoft on Thursday said that its Indian R&D team is developing a solution what it described as the world’s largest civilian IT healthcare project.

The Lorenzo software application, which will link nearly two-thirds of the hospitals in the United Kingdom, will also be launched in Europe, Australia and Germany in November, iSoft executive chairman & CEO Gary Cohen said at the opening of the company’s global product development centre here.

iSoft was acquired by Australia’s IBA Health Group in 2007. Hospitals will also be connected to general practitioners, allowing patients in the UK to get themselves treated at any clinic in the country without the need for re-entering data. The solution can be extended to any part of the world, managing director S Govind said.
More here:


and here:


and here:


Good to see plans are progressing – I wonder why this did not get an ASX Announcement? (Would seem to be a material step forward – and yes I have a few IBA Shares).

Fourth we have.

Doctors and the DEA

Proposed rules that would let doctors electronically prescribe controlled substances could raise the security bar in ways that frustrate health care providers

BY John Moore

Published on September 26, 2008

E-prescribing is in a bit of a bind. The practice is caught between a federal directive that aims to encourage adoption and another that serves to inhibit use.

On the promotional side, the e-prescribing provision of the recently passed Medicare bill provides incentives for doctors to use the technology for Medicare patients and a financial punishment for those who don’t. Doctors who adopt e-prescribing get a 2 percent bonus in 2009 and 2010; those who don’t use the technology face fee reductions.

On the other hand, the Drug Enforcement Administration prohibits e-prescribing of controlled substances. That restriction applies to about 10 percent of all prescriptions by DEA’s reckoning. The upshot is that physicians who use e-prescribing must also maintain a paper-and-fax-based system for controlled substances. At best, that dual system is inconvenient, and at worst, it is an impediment to the adoption of e-prescribing.

A lot more here:


The break out box is most telling.

A two-factor pitfall

The Drug Enforcement Administration’s proposed rules for e-prescribing call for two-factor authentication as a core security measure.

Richard Mackey, vice president of consulting at SystemExperts, said the method must be thoughtfully adopted to be effective.

“Many organizations want to have the feeling of security that comes from deploying two-factor authentication,” Mackey said. “But the security of a system is completely dependent on how well that [authentication] was integrated into the application.”

For example, organizations might let users bypass two-factor authentication through a weaker entry point, Mackey said. The goal might be to allow users into a system when they don’t have security tokens with them. But in that case, “it’s not clear they have provided any security,” he said.

Some related material here:


PBMs To DEA: E-Script Rule Flawed

I hope the NEHTA National Authentication Service for Health Project has thought carefully about the workflow implications of their two factor ID plans. Could be a really serious issue I believe!

Fifth we have.

Dutch EPR rollout on track

26 Sep 2008

The Dutch national electronic patient record project is progressing slowly, but steadily. Sixty five doctors have been connected to the infrastructure so far. By the end of the year, this number will increase to 200.

“We are confident that we can stick to our goal and have all 8,000 GPs using the national electronic patient record by the end of 2009,” said Reina Kloosterman, head of health and social issues at the Dutch embassy in Berlin. She gave an update on the project at a regional eHealth event organised by the industry association IHK in Berlin.

Kloosterman said two factors were critical for the success of the project. First of all, doctors would have to be connected to the infrastructure efficiently and without putting too much financial burden on them. And second, the public would need to be informed about the EPR and privacy issues would need to be addressed.

The EPR in the Netherlands will be a virtual EPR. The medical data will remain physically where it originates: it is not stored on a central server. This means that the IT systems of the doctors involved have to be brought online in a way that makes EPR-relevant data accessible 24/7.

More here:


Good to see the Dutch are moving forward as well!

Sixth we have:

MedVirginia Completed Successful NHIN Demonstration at AHIC

Last update: 9:31 a.m. EDT Sept. 25, 2008

RICHMOND, Va., Sep 25, 2008 (BUSINESS WIRE) -- MedVirginia successfully participated in the live demonstration of the Nationwide Health Information Network (NHIN) Trial Implementation at the AHIC meeting in Washington, DC this week. During the event, MedVirginia and other health information exchanges established live connectivity with the Dept. of Defense, Veterans Affairs, Social Security Administration, and other health systems.

Michael Matthews, CEO of MedVirginia stated, "This was an historic day for our nation's health care system. This significant milestone proved that disparate health systems across the U.S. can securely connect and exchange health information in order to enhance the quality, safety and cost-effectiveness of healthcare to patients across geographic and organizational boundaries."

MedVirginia participated in several demonstrations, including the "Wounded Warrior" scenario. This demonstration showed how members of the armed services who receive care from military, veterans and civilian health care providers can have their health history accessible at any point in the care continuum. Another scenario showed how the Social Security disability determination process could be greatly accelerated via online access to claimant's medical records vs. the traditional paper method.

More here:


Again we see how, incrementally progress is being made in developing the US NHIN.

Last we have.

Science panel calls for EMRs tailored for disaster response

Kathryn Foxhall

A federal panel will soon recommend that field usability be a primary goal for an electronic medical record system now in development for use in federal disaster response efforts.

The National Biodefense Science Board (NBSB) voted Sept. 23 in support of recommendations that the EMR system be integrated with future patient-tracking and medical resource availability systems and that it be interoperable with other EMR systems to the greatest degree possible.

The board also said the National Disaster Medical System (NDMS), which is developing the EMR, should take the lead in defining the minimal patient dataset required. The board plans to send its recommendations to the Health and Human Services Department soon.

More here:


Another area I am not sure we have a plan in place for to address. Certainly worth some thought!

All in all lots going on.


Monday, September 29, 2008

Canada Infoway Defines its Health IT Standards.

Canada Health Infoway released the following a few days ago.


Infoway Standards Collaborative releases catalogue of health informatics standards

September 22, 2008, Toronto, ON - Health informatics professionals can now access the latest standards, available in the Standards Collaborative Guide & Standards Catalogue. The free catalogue is Canada's first reference tool on electronic health record (EHR) standards.

"Pan-Canadian health information standards are a critical building block to establishing an interoperable electronic health record system to benefit all Canadians," said Dennis Giokas, Chief Technology Officer, Canada Health Infoway (Infoway). "The Standards Collaborative Guide & Standards Catalogue is an information reference tool for understanding the fundamentals of standards and their function in day-to-day health care interactions."

The Standards Collaborative Guide & Standards Catalogue is a key reference source that provides a listing of the pan-Canadian health information standards, their status and business functions. The guide also highlights the benefits for the EHR, including integrating health informatics systems in large health service delivery settings and in health regions. It also defines the standards approval process and outlines Infoway Standards Collaborative services.

Access a copy of Infoway's Standards Collaborative Guide & Standards Catalogue by visiting the Resource Centre. For more information, or for a hard copy of the publication, contact the Infoway Standards Collaborative InfoDesk toll-free at 1-877-595-3417 or email standards@infoway-inforoute.ca.

Launched in 2006, the Infoway Standards Collaborative is a Canada-wide coordination function created to support and sustain health information standards in Canada. As one of Infoway's target investment areas, more than 20 standards projects have been completed or are underway, with a total investment in standards development to date of $33 million. In addition, Infoway has dedicated another $20 million to date for the support and maintenance of the standards for Canada. The investment includes support for standards life cycle-based services to vendors, service delivery organizations and jurisdictions, and for liaising with International Standards Development Organizations.

Canada Health Infoway is an independent, not-for-profit organization funded by the federal government. Infoway jointly invests with every province and territory to accelerate the development and adoption of electronic health record projects in Canada. Fully respecting patient confidentiality, these secure systems will provide clinicians and patients with the information they need to better support safe care decisions and manage their own health. Accessing this vital information quickly will help foster a more modern and sustainable health care system for all Canadians.

--- End Release.

This is a very useful release as it shows where Canada is up to in its Health IT Standards efforts and provides some useful ideas about how Australia could consider moving forward. At the centre of that Canada is doing is the Infoway Standards Collaborative.

More detail on this is provided here:


The key parts are as follows:

“Launched in 2006, the Standards Collaborative is a new Canada-wide coordination function created to support and sustain health information standards in Canada. Hosted at Infoway, the Standards Collaborative will be responsible for the implementation support, education, conformance, and maintenance for electronic health records (EHR) standards currently being developed by Infoway. The Standards Collaborative will also encompass several standards initiatives formerly managed by the Canadian Institute for Health Information.(CIHI), including the Partnership for Health Information Standards, Canada's participation in DICOM (Digital Imaging and Communications in Medicine) and, in conjunction with the Standards Council of Canada (SCC), the secretariat to the Canadian Advisory Committee to ISO/TC 215.

Standards collaboration is an integral element of and a key requirement for the establishment of a pan-Canadian interoperable EHR. In addition to the new responsibilities outlined above, Infoway will continue to support the Standards Collaborative Process to establish pan-Canadian EHR health information standards.

Our Standards Collaborative forums support communication and exchange among various communities interested in health care and health care informatics deliberation and consensus building on standards.”

What I find utterly refreshing is the absence of the need for anything vaguely like our authoritarian NEHTA and a commitment to developing the collaboration of all relevant stakeholders in getting the pan-Canadian standards in place.

On the basis of the catalogue released (a more than worthwhile download) Canada is moving forward very well, knows what she is doing and has addressed the issues of standards sustainability with proper stakeholder involvement. Also by going down this sort of path Canada is assured of ongoing expert involvement in the future.

A model to be closely studied I believe.


Sunday, September 28, 2008

Useful and Interesting Health IT Links from the Last Week – 28/09/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

Three Things Different About Stark’s HIT Bill

Kathryn Mackenzie, for HealthLeaders Media, September 23, 2008

Less than two weeks before the end of the Congressional session, House Ways and Means Health Subcommittee Chair Pete Stark (D-CA) has introduced a bill meant to encourage nationwide adoption of electronic health records. Though the bill builds on the proposed PRO(TECH)T Act, introduced earlier this year by the Energy and Commerce Committee and already under House consideration, it differs in three significant areas, says Robert Tennant, senior policy advisor at the Medical Group Management Association's government affairs office in Washington, D.C.

1. Financial incentives

The bill calls for Medicare payment reductions should the provider not move to an EHR by 2016. In its current state the bill doesn't specify the amount of the proposed penalties, but Tennant says he expects the number will be firmed up in the regulatory phase. Conversely, doctors who choose to use an approved EHR system would be eligible for up to $40,000 over five years in Medicare incentive payments. Hospitals could receive several million dollars in incentives. "The other bills out there don't have near the type of financial incentives as this one. We don't like to see payments be reduced, but we do like incentives, so we'll see what happens. It's a bit of stick and carrot approach," says Tennant.

So, which is more effective—the carrot or stick? Tennant says that will be hard to gauge. "These systems are far more complicated to integrate into a practice than just buying a CD and installing it. It changes the entire workflow, how medicine is practiced, and how the business is operated. It takes years to go from the starting process to full implementation. There has got to be some recognition that it is not as easy as some folks believe it to be," he says. Far more effective and enticing to providers than incentives or penalties, he says would be an open source framework with a single set of standards that can be made available to all providers. This brings us to the second main difference in Stark's Health-e Information Technology Act of 2008 compared to the PRO(TECH)T Act.

Much more here:


This is a reminder that the US Congress is well aware of the importance of Health IT and is doing what it can to increase EHR adoption and use. There have been a number of efforts on this in the past – one can only hope this attempt will succeed.

Second we have:

Electronic medical records a step closer

By Nicholas Timmins, Public Policy Editor

Published: September 19 2008 05:31 | Last updated: September 19 2008 05:31

A national electronic record of patients’ health looks finally on the cards – five years late – after the NHS IT programme on Thursday changed the way patients will give their consent to the system.

Providing a brief, summary electronic patient record has been a key driver for the £12bn ($22bn) NHS IT programme, which will create a detailed, local electronic record as well as the shorter one available nationally, providing doctors with recent medical history, medications and allergies in an emergency or out of hours.

Tony Blair, then prime minister, declared as long ago as 1997 that the electronic record would mean that “if you live in Birmingham and have an accident while you are, for example, in Bradford, it should be possible for your records to be instantly available to the doctors treating you”.

Development of electronic records, however, has been devilled by a long and bitter dispute, chiefly with general practitioners, over whether patients should explicitly give consent to having such a record – a more complex, lengthy and costly approach – or whether they should be presumed to give consent with the right to opt out – the approach that the IT programme originally backed.

More here:


Just a reminder that the UK NHS is steadily moving forward and learning as they go along what will work in terms of public assurance as to who and when can access their health records. It is also a clear reminder as to just how long all this can take – so we here in Australia really need to get started sooner rather than later with a coherent plan!

Third we have:

Medical waste, documents found in reserve

By Tory Shepherd

September 23, 2008 02:21am

Article from the Advertised

DANGEROUS medical waste and confidential patient documents were yesterday discovered scattered in a council reserve where children play.

In a shocking breach of privacy and public safety, a syringe, soiled bandages, surgical gloves and other used medical goods lay in Camdover Reserve, behind a medical centre on Honeypot Rd at Huntfield Heights in Adelaide.

The Advertiser also found blood test results and prescriptions with patients' names, addresses and phone numbers on them.

The rubbish had apparently been blown out of an open skip bin and across the reserve and nearby streets.

The doctor's name on the papers was Dr Chinwemma Flora Onyeizugbo from the Hackham Medical Centre.

Australian Medical Association state president Dr Peter Ford said the incident breached laws governing the proper disposal of medical waste.

"That's unacceptable. It certainly warrants scrutiny," he said, adding there were strict procedures for the proper disposal of syringes and medical waste with which doctors must comply.

More here:


The second breach to hit the press in a fortnight – see last week’s news blog. It is important that doctors and practice managers do better than this!

Fourth we have:

Hospitals get a 'phantom wards' warning

  • Julia Medew
  • September 22, 2008

VICTORIAN hospitals have been warned not to admit emergency patients to "phantom wards" or falsify data to secure funding, despite Health Minister Daniel Andrews' insistence that these practices do not exist.

A Department of Human Services bulletin sent to hospitals last week warned that data supplied was "expected to represent an accurate picture of health service activity".

"This data is used for funding, policy making, performance monitoring or used to meet DHS' own reporting obligations to state and Australian governments, the media and the public," the directive said.

It also said patients in emergency departments must not be reported as being in observational medicine units — wards allegedly used to manipulate hospital computer systems to meet benchmarks for funding.

The bulletin, which warns hospitals that their data may be audited, comes after the Australasian College for Emergency Medicine recently claimed Victorian hospitals were manipulating data, admitting patients to "virtual wards", and inconsistently measuring waiting times to meet Government benchmarks for bonus payments.

A survey of 19 emergency department directors by the college found almost 40% of them had been "admitting" patients when they were still in waiting rooms, corridors or on trolleys.

The "virtual wards" were used purely for "creative accounting" to receive funding and avoid "performance watch", the doctors said.

More here:


While one can adopt a purist ‘tut tut’ approach to news like this – I think it is more important to ask just what is causing people to undertake such deception. The answer must me excessive pressure and strain on those working in the system – and such directions from Ministers should be rather more focussed on working out how to fix the problem..not suppress it.

Fifth we have:

IBM threatens to leave standards bodies

Jeremy Kirk (IDG News Service) 24/09/2008 08:30:00

IBM would like to see loopholes that allow dominant companies to abuse standards processes closed.IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.

IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.

IBM published a new set of guidelines it plans to follow, which include encouraging standards bodies to have rules to protect their decisions from "undue influence," a clear reference to competitor Microsoft.

IBM would like to see loopholes that allow dominant companies to abuse standards processes closed, said Bob Sutor, vice president of open source and standards. Leaving a standards organization for a lack of reforms would be a "last resort," he said.

"We see this very much as a positive, constructive policy for how we hope to engage," Sutor said.

IBM was one of the most vocal opponents of a file format created by Microsoft and approved by the International Organization for Standardization (ISO) as an international standard earlier this year.

Part of the specification, called Office Open XML, is used in Microsoft's latest Office 2007 productivity suite but has yet to be fully implemented by either Microsoft or other software vendors. OOXML is a rival to OpenDocument Format (ODF), also an international standard used in office suites such as OpenOffice.org and StarOffice.

Much more here:


This is a much more important article that it appears on the surface. For the e-Health sector it is vital that we have standards for interoperability and communication that are technically as good as possible and totally free from commercial interest. At the level of the International Standards Organisation it seems to me that while politics and commercial interests will always defend their positions those involved should do what they can to simply pursue technical quality and implementability and nothing else!

Last we have the slightly more technical article for the week:

How IT could have prevented the financial meltdown

The tools are largely there, but not the visibility needed for regulators and banks to catch problems early

Ephraim Schwartz (InfoWorld) 25/09/2008 09:05:00

In the coming weeks the feds and the surviving financial services institutions will have the daunting task of unraveling all the securitized loans and other instruments that are hiding the toxic investments. But does the technology exist to do that? And if so, could it have been used to prevent the bad debt from hitting the fan in the first place?

The fact is that despite government regulations like Sarbanes-Oxley, there is little visibility mandated by current regulations into the origination of loans and how they are broken up, resold, and resold again.

To cite the classic example of how we got into this mess, consumers were given 100-percent-plus variable mortgages without any security. Not only could those mortgages be sold to other banks, but they could be divided into five, ten, or twenty tranches -- financialese for slices -- and resold to five to ten different organizations, making it difficult to track who was involved and who ended up taking the risk.

Theoretically, the financial service providers were clear on the risks of each type of loan and had a way to gauge whether they had enough liquidity -- cash and other easily sold assets -- available if the riskier loans went south. But a New York Times report indicates that in fact many financial institutions gamed their analytics to favor positive scenarios over negative ones in order to justify keeping less money in reserves should the risky loan blow up. "A large number of buyers of these kinds of instruments really didn't care about the value. They just wanted to flip it. A lot of people just didn't want to know," concurs says Josh Greenbaum, principal at Enterprise Applications Consulting.

Much more here:


Had to have one reference to the world as we know it ending! It seems there are some techniques available that might have helped clarify just who owns what and who owes what to whom!

More next week.


Thursday, September 25, 2008

The US Makes Progress in Health IT Privacy – But More to Do!

The US Government Accountability Office issues the following release and associated report a few days ago. At the same time I received an announcement of a Health IT privacy conference that is planned for Brisbane late in the year.

Health Information Technology: HHS Has Taken Important Steps to Address Privacy Principles and Challenges, Although More Work Remains

GAO-08-1138 September 17, 2008

Highlights Page (PDF) Full Report (PDF, 23 pages) Accessible Text Recommendations (HTML)


Although advances in information technology (IT) can improve the quality and other aspects of health care, the electronic storage and exchange of personal health information introduces risks to the privacy of that information. In January 2007, GAO reported on the status of efforts by the Department of Health and Human Services (HHS) to ensure the privacy of personal health information exchanged within a nationwide health information network. GAO recommended that HHS define and implement an overall privacy approach for protecting that information. For this report, GAO was asked to provide an update on HHS's efforts to address the January 2007 recommendation. To do so, GAO analyzed relevant HHS documents that described the department's privacy-related health IT activities.

Since GAO's January 2007 report on protecting the privacy of electronic personal health information, the department has taken steps to address the recommendation that it develop an overall privacy approach that included (1) identifying milestones and assigning responsibility for integrating the outcomes of its privacy-related initiatives, (2) ensuring that key privacy principles are fully addressed, and (3) addressing key challenges associated with the nationwide exchange of health information. In this regard, the department has fulfilled the first part of GAO's recommendation, and it has taken important steps in addressing the two other parts. The HHS Office of the National Coordinator for Health IT has continued to develop and implement health IT initiatives related to nationwide health information exchange. These initiatives include activities that are intended to address key privacy principles and challenges. For example: (1) The Healthcare Information Technology Standards Panel defined standards for implementing security features in systems that process personal health information. (2) The Certification Commission for Healthcare Information Technology defined certification criteria that include privacy protections for both outpatient and inpatient electronic health records. (3) Initiatives aimed at the state level have convened stakeholders to identify and propose solutions for addressing challenges faced by health information exchange organizations in protecting the privacy of electronic health information. In addition, the office has identified milestones and the entity responsible for integrating the outcomes of its privacy-related initiatives, as recommended. Further, the Secretary released a federal health IT strategic plan in June 2008 that includes privacy and security objectives along with strategies and target dates for achieving them. Nevertheless, while these steps contribute to an overall privacy approach, they have fallen short of fully implementing GAO's recommendation. In particular, HHS's privacy approach does not include a defined process for assessing and prioritizing the many privacy-related initiatives to ensure that key privacy principles and challenges will be fully and adequately addressed. As a result, stakeholders may lack the overall policies and guidance needed to assist them in their efforts to ensure that privacy protection measures are consistently built into health IT programs and applications. Moreover, the department may miss an opportunity to establish the high degree of public confidence and trust needed to help ensure the success of a nationwide health information network.


Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Implemented" or "Not implemented" based on our follow up work.




Valerie C. Melvin

Government Accountability Office: Information Technology

(202) 512-6304

Recommendations for Executive Action

Recommendation: To ensure that key privacy principles and challenges are fully and adequately addressed, the Secretary of Health and Human Services should direct the National Coordinator for Health IT to include in the department's overall privacy approach a process for assessing and prioritizing its many privacy-related initiatives and the needs of stakeholders.

Agency Affected: Department of Health and Human Services

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

----- End Release.

Link is found here:


The last paragraph of the summary is the most important. Here the GAO makes it quite clear the US Federal Health Department has not developed a co-ordinating process for ensuring privacy is properly protected and the Health Information Network program moves forward and that there is only one chance to get this right. Once the public loose trust in the way health information is shared it will be very hard to win it back.

I agree 100% with theses points (the need for a defined process and the risk of failure) and we need to build this understanding into all our plans as well! NEHTA has been a good deal less than forthcoming about its processes to date. I do hope the planned HISA conference helps flush out what the plans really are and make a contribution to improvement if required!

Here is the background I received on it.

Begin Announcement. ----

Australia is on the verge of substantial changes to the laws governing health privacy. The Australian Law Reform Commission’s report is now with parliament and new laws and regulations will soon be developed as a consequence of this submission. These changes will have a significant impact on the way healthcare professionals work with health information of all kinds and could significantly impact the way healthcare is delivered in some situations.

It is now time to understand how to prepare for these changes and also to provide leadership and feedback to the government as they draft the laws and subsequent privacy regulations that will be derived from this report.

These are the deliverables of the Health Privacy Futures conference. The program has an outstanding lineup of health privacy leaders, with a deep and practical understanding of the Australian healthcare environment. I have attached a conference brochure which outlines the provisional conference program and featured speakers.

You can find out more about the conference, or you can register for this event, by going to the Health Privacy Futures website at www.healthprivacy.org.au. There are substantial discounts for Early Bird Registration which will end on October 8.

End Announcement.----

Those interested should consider attending.


Wednesday, September 24, 2008

Cloud Computing and Health Information Privacy.

With the ABC program on Cloud Computing last week I have been alerted to the potential uses and abuses of this approach in the broad. Others seem to have also noticed as the following appeared a few days ago.

Cloud computing puts your health data at risk

By Stuart J. Johnston

The advent of "in the cloud" medical records services, such as Microsoft HealthVault and Google Health, promises an explosion in the storage of personal health-care information online.

But these services pose sticky privacy questions — unless you know how to protect your personal medical records.

A promise of safer personal health data

Your private health information is migrating wholesale onto the public network with the advent of online health-care records stored in massive data centers around the world.

While the services aim to make it easier for consumers to access and manage their personal health information, the ready availability of this data also makes it much easier and less expensive for insurers to put your medical history under the microscope.

Surprised? You shouldn't be. You voluntarily grant access to that sensitive information every time you sign a waiver so that your health insurer can decide whether to pay for a doctor's visit, a prescription, or an expensive medical test.

What's more, most of the gathering and collating of this information is legal. In fact, the number of companies that have access to this information runs into the millions, say privacy advocates.

As recently as last year, only 1% to 3% of U.S. consumers had electronic versions of their health records, according to market research firm Health Industry Insights, an IDC company.

That is about to change.

The fact that two of the biggest players in the emerging world of cloud computing services — Microsoft and Google — are jumping into that arena with both feet will likely accelerate the shift to online medical records.

Microsoft kicked off the beta test of its HealthVault service almost a year ago, while Google announced its Google Health service last February and launched a beta in May. While both services are still in beta, each company has partnered with large health-care providers for pilot tests: Microsoft with Kaiser Permanente and Google with the Cleveland Clinic.

Much more (including suggestions as to what to do about the threat) here:


This is a useful discussion of the issues – albeit from a slightly American perspective – and needs to be browsed by all those contemplating the future of PHRs and how they may be best delivered. From the ‘cloud’ may not be the ideal way.

The ABC talk and transcript on the topic is still available here:


The .mp3 file will only be available for a couple more weeks so grab it now if you want to listen.


Tuesday, September 23, 2008

Patient Consent in Health Information Exchange – A Discussion Paper

The New York eHealth Collaborative has produced an interesting discussion document on patient consent in health information exchange.

Comments Sought on How Patient Consent Will Work in Electronic Exchange

Draft recommendations released this week by the New York eHealth Collaborative (NYeC) describe how patient consent should be obtained before a patient’s health information is exchanged electronically between entities participating in a regional health information organization (RHIO). The recommendations are part of a draft white paper released for public comment, developed by NYeC’s privacy and security workgroup.

NYeC is a public-private health information technology (HIT) stakeholder group aimed at developing consensus on key HIT policies and collaborating on state on regional HIT implementation efforts. The NYeC workgroups develop policies, technical standards, and operational guidance for health IT projects in New York and the Statewide Health Information Network for New York (SHIN-NY).

The NYeC privacy and security workgroup paper asserts that given state law regarding disclosure of certain health information, “affirmative consent from the patient to exchange health information via SHIN-NY governed by a RHIO is required under existing state law for non-emergency treatment.”

The full release is found here:


The report is found here:


Given that after addressing privacy issues this topic is of critical importance it is timely that this paper appear.

What I found particularly insightful was the following from page 3 of the 59 page report.

“In pursuing its health IT investment program, New York is cognizant that its success will not only be measured by technical, financial and clinical achievements, but also by the policies governing the exchange, measurement and reporting of personal health information as well as accountability mechanisms ensuring adherence to such policies. In fact, establishing public trust with respect to the privacy and security of health information is the single most important goal of New York’s health IT investment program.

In pursuing this goal, New York benefits from policy thinking developed by several important projects that have addressed privacy and security, including: the Markle Foundation’s Connecting for Health initiative; the California Healthcare Foundation’s policy briefs on privacy and consumer attitudes and policy forums; studies performed by such organizations as the American Health Information Management Association (AHIMA), eHealth Initiative, Healthcare Information Management Systems Society (HIMSS), National Alliance for Health Information Technology (NAHIT), the Health Information Security and Privacy Collaborative (HISPC); and the Certification Commission on Healthcare Information Technology’s (CCHIT). New York’s investment program builds on the collective foundation of these policy efforts while seeking to go one step further. Because New York is setting policy in the context of live implementations and is doing so through a statewide public-private collaborative model, there is a unique opportunity to stress-test new concepts that to date have largely been considered in either much smaller settings, on a theoretical basis, or in connection with proprietary or narrow technological approaches. Hopefully, New York’s experience will provide all stakeholders a richer understanding of what works and what does not, and will help to inform and shape emerging state and national policy.

As I have often noted, again we find privacy and consent issues being recognised as a ‘rate limiting step’ in the development of Health Information Networks.

This document is really more that a discussion of consent – covering as it does what almost amounts to a NY Health IT Network Strategy. (It is funded at $200M so it is pretty serious stuff!). It has clearly been carefully considered and researched.

Recommended reading.


Monday, September 22, 2008

The Future of the PHR Reviewed and Explored.

News of another valuable contribution from the RWJ Foundation arrived a few days ago.

New Frontiers in Personal Health Records A Report Out from Project HealthDesign and Forum on Next-Generation PHRs


On September 17th, Project HealthDesign hosted more than 200 guests for a day long event that showcased personal health record (PHR) applications created by program’s nine multidisciplinary grantee teams from across the United States. In addition to highlighting what Project HealthDesign teams have learned in the process of developing these PHR tools, the forum featured panels and discussions with leading health IT pioneers, policymakers and industry experts.

A technical team headed by Walter Sujansky of Sujansky & Associates LLC, also introduced a set of functional requirements and technical specifications that allow different PHR applications to securely share medical and other information, with the consumer controlling who has access to what information.

Project HealthDesign is a $5 million national program of the Robert Wood Johnson Foundation (RWJF) with additional funding from the California Healthcare Foundation that is revolutionizing the purpose and potential of electronic PHRs. Each team created applications that help move the perception of PHRs from static repositories of health information to dynamic, tailored applications that allow people to easily and actively manage their health as they go about their daily lives. The project also ensured that these PHR tools can readily share common technical functions and operate on a common technology platform.

To read the event press release visit (link to release posted in the news archives section located under resources. The release is attached for posting)

To view Project HealthDesign grantee project information and visual stories visit http://www.projecthealthdesign.org/projects

View a webcast of New Frontiers in Personal Health Records: A Report Out from Project HealthDesign and Forum on Next-Generation PHRs at http://www.rwjf.org/goto/healthdesign2008 (live September 21) or here:


To read event blog posts from the Project HealthDesign blog visit http://projecthealthdesign.typepad.com/

Link to site.


The work being done is also given coverage in Health Data Management.

PHR Researchers Unveil Prototypes

Nine research teams have developed prototypes of technologies to support personal health records following 18 months of research. The prototypes range from a medication management system to help children with cystic fibrosis manage their disease to a “conversational assistant” that helps people with congestive heart failure manage their health from home.

The effort is supported by Project HealthDesign, a $5 million program of the Robert Wood Johnson Foundation. Over the next several months, the Project HealthDesign teams will publish details about their findings and attempt to extend the use of their applications to the clinical practices connected to their institutions. The projects include:

* A team at Vanderbilt University designed a PHR application to help children with cystic fibrosis play a larger role in self-care. Team members developed a device that can be incorporated into a stuffed animal or cell phone to work with the PHR to help children take the right medications at the right times, alert parents and caregivers if doses are missed and manage refills.

* The University of Rochester team designed a prototype system that uses a “conversational assistant” to provide congestive heart failure patients with a “daily check-up.” Through voice-activated questions and responses or text-typed chat, patients share information relevant to their condition. The computer interprets that input to provide personalized recommendations based on established guidelines and collects longitudinal data to share with the patients and their care providers.

* Stanford University and Art Center College of Design designed a set of multimedia PHR tools to help adolescents with chronic illness communicate with their providers and others about their health.

* T.R.U.E Research Foundation designed a PHR to help people with diabetes understand and track their self-care.

Plenty more here:


It is well worth exploring all this to see the range of ideas that are emerging as people progressively understand just where PHR technology may fit and the places it may make a difference.


Sunday, September 21, 2008

Useful and Interesting Health IT Links from the Last Week – 21/09/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on. Interestingly an all Australian set of reports this week!

These include first:

Investigation into medical files

Posted Fri Sep 12, 2008 7:11pm AEST

A federal government office will investigate the management of disused medical files in South Australia after concerns were raised about a large number of private medical records at a rented home in Adelaide.

The former doctor who lives at the house is mentally ill and is about to move out of the house.

The landlord is unsure what to do with the files that are likely to be left behind.

It is the second case of its kind in recent years and the issue has been referred to the federal privacy commissioner.

More here:


Yet again those paper records cause a problem. It seems clear that these paper records need to be secured and each patient be informed as to the fact a record exists so if they select a new GP the record can be forwarded to them for their GPs use.

Second we have:

Rush to build personal e-health records risky

Karen Dearne | September 16, 2008

LOCAL software developers clamouring to build personal e-health records risk creating new silos of unconnected patient information, warns Neil Jordan, Microsoft's managing director of worldwide health.

While progress on a national e-health record system has stalled, Jordan says he is slightly concerned "that everyone I've spoken to here wants to build a personal health record (PHR)".

"That's okay, but don't build them all separately or you will end up with the same problem you currently have with e-health records - they're in a whole load of silos," he says.

"There's never going to be one personal health record in a country the size of Australia, because a diabetic is going to need something quite different from someone who is obsessed with fitness and does lots of monitoring while working out."

With most personal health records now held in GPs' computers, Jordan says the person "who is ultimately funding GPs is going to benefit by putting such a platform in place".

More here:


I could not agree more with the headline – while being a little alarmed at the lack of understanding of the Australian Health IT world made apparent by the fly-in Microsoft expert in his remarks. Fortunately it is only a few weeks until the National e-Health Strategy being developed by Deloittes will be handed to Government and hopefully such silos will be one of the first issues addressed!

Third we have:

HealthSmart boss resigns

Renai LeMay, ZDNet.com.au

17 September 2008 08:52 PM

The public servant in charge of Victoria's mammoth HealthSmart electronic health initiative has resigned for what the state's health department today said were personal reasons.

Fiona Wilson had led the troubled project since mid-2003 in her capacity as the director of the Office of Health Information Systems within the Victorian Department of Human Services. However a spokesperson for the department told ZDNet.com.au tonight that Wilson had grown weary of the regular commute from Auckland where her partner resided.

More here:


It is a pity to see yet another senior e-Health player decide to leave the field. While I have, and have expressed, strong reservations about the strategy adopted by HealthSmart, there is no doubt this was an effort of serious intent with the right objectives in upgrading the Health IT in Victorian public hospitals. Maybe a mid-course review and possible correction at the time of this leadership change could smooth the path to ultimate success.

Fourth we have:

Prescriptions to go digital in the coming year

Thursday, 11 September 2008

DESPITE financial disagreements between project partners and a government delay in announcing research findings, e-scripting will be available to GPs as early as next June, says the project’s main promoter.

Australian software company Fred Health’s e-script plan, which will allow general practitioners to send prescriptions to pharmacists over the internet, stalled when their joint development partners put the project on hold.

Amid ongoing uncertainty over the government’s interest in the technology and without any clear financial security plan, GP software vendor Health Communications Network and pharmacy software vendor Corum withdrew from the original JV project, dubbed ScriptX.

However Fred Health chief executive Paul Naismith is optimistic the new JV, eRx Script Exchange, with New Zealand-based software company Simpl and the Health and Human Services division of Microsoft, will be available as early as June next year.

“The original ScriptX proposal had different partners who felt the proposal at this stage was too large a risk for them. We felt differently so we reformed it and set out to deliver electronic scripts with eRx the way ScriptX had intended,” he said.

“It’s our current project plan to be delivering e-scripts by mid next year, certainly within the next 9-10 months.”

More here:


Additional coverage is here:

Private e-scrips to launch

Karen Dearne | September 16, 2008

PHARMACIST Paul Naismith is taking a punt on launching a privately-owned electronic prescribing project, ahead of the release of a KPMG review on options being considered by the federal Government.

Mr Naismith, chief executive of pharmacy IT supplier Fred Health, said improving "basic safety" by reducing medication errors was too important to delay.

Fred Health and the newly established eRX Script Exchange are wholly owned subsidiaries of PCA Nu Systems, in turn controlled by parties associated with the Pharmacy Guild.

A Health Department spokeswoman said a range of approaches to e-prescribing were being explored, and the private proposal supported by the Pharmacy Guild "had been looked at". "The KPMG report is being considered as part of broader activities in progressing e-prescribing within Australia," she said.

Full, in depth, article here:


Bluntly there is no way this project should be allowed to proceed. It is my view the central infrastructure for e-prescribing should be Government controlled and regulated (I have no problem with the service delivery being outsourced). The service should be run for the benefit of consumers, doctors and pharmacists, not as a profit making project for commercial interests and such vested interests as the Pharmacy Guild.

Fifth we have:

Cloud computing may draw government action

U.S. government policy makers will soon focus on the privacy, security and other implications of cloud computing, some experts say.

Grant Gross (IDG News Service) 15/09/2008 09:17:00

Cloud computing will soon become an area of hot debate in Washington, D.C., with policy makers debating issues such as the privacy and security of data in the cloud, a panel of tech experts said Friday.

There are "huge challenges" facing policy makers in the next year or two as cloud computing becomes increasingly popular, said Mike Nelson, visiting professor for the Center for Communication, Culture and Technology at Georgetown University and a former tech policy advisor for U.S. President Bill Clinton.

Among the major policy issues to be worked out: Who owns the data that consumers store on the network? Should law enforcement agencies have easier access to personal information in the cloud than data on a personal computer? Do government procurement regulations need to change to allow agencies to embrace cloud computing?

Cloud computing is "as important as the Web was 15 years ago," said Nelson, speaking at a Google forum on the policy implications of hosted applications and services. "We don't have any idea of how important it is, and we don't really have any clue as to how it's going to be used."

Despite the growing number of people using cloud services such as hosted e-mail and online photo storage, many consumers don't understand the privacy and security implications, said Ari Schwartz, vice president and chief operating officer of the Center for Democracy and Technology, an advocacy group focused on online privacy and civil rights. So far, U.S. courts have generally ruled that private data stored in the cloud doesn't enjoy the same level of protection from law enforcement searches that data stored on a personal computer does, he said.

More here:


This issue is a real sleeper. I believe when people realise just how much of their personal information is out there ‘in the cloud’ there may indeed be some pressure for regulation. This is, of course, even more so once private health information is involved as with MS Vault and the Google PHR.

Last we have the slightly more technical article for the week:

SOA deployments: What actually works

After several years of hype, the results of SOA efforts have been a mixed bag. SOA expert explains how to get SOA right

Dave Linthicum (InfoWorld) 17/09/2008 08:46:00

SOA may have seemed the savior of bad software architecture and poor development project planning, but the reality is that it's a complex and difficult venture. Thus, the number of failed SOA projects is about equal to the successful ones. In other words, you have a 50 percent chance of failing, and the odds of failure are even greater if you work within a larger Global 2000 organization or within the government.

But key patterns are emerging from the successful SOA efforts, patterns that can help you determine whether your SOA is a failure or a success.

The most important lesson from these patterns is that SOA is as much about old-school IT disciplines as it is about new, inventive technology. Moreover, it's about changing an organization from the people down to the technology, driving a systemic and valuable change. The patterns of success likewise follow that change from the people on down to the technology.

Much more here:


This is a useful review showing that for Service Orientated Architecture initiatives to succeed you need to get the basics right. The failure rate in large projects is worrying – especially with the commitment we seem to have from NEHTA to use this approach pretty much exclusively in what are looking like very big projects.

Last a brief happy birthday for the Integrated Circuit (IC)

Integrated circuit turns 50

September 14, 2008

The computer chip industry on Friday celebrated the 50th birthday of the integrated circuit, a breakthrough that set the stage for the internet and the digital age.

A half-century ago a young engineer named Jack Kilby first demonstrated an integrated circuit he designed while working through the summer at his Texas Instruments job because he didn't have enough vacation time for a holiday.

More here:


More next week.


Thursday, September 18, 2008

A Big Week for Patient Quality Reporting in the USA.

There has been a lot of movement in definition of quality standards supported by health IT in the last week it seems.

First we have this.

Federal Register: August 29, 2008 (Volume 73, Number 169)

Agency for Healthcare Research and Quality
Common Formats for Patient Safety Data Collection and Event  Reporting
AGENCY: Agency for Healthcare Research and Quality (AHRQ), DHHS.
ACTION: Notice of Availability--Common Formats for Safety Data  Collection and Event Reporting.
SUMMARY: The Patient Safety and Quality Improvement Act of 2005  (Patient Safety Act) provides for the formation of Patient Safety  Organizations (PSOs), which would collect and analyze confidential  information reported by healthcare providers. The Patient Safety Act  (at 42 U.S.C. 299b-23) authorizes the collection of this information in  a standardized manner, as explained in the related Notice of Proposed  Rulemaking published in the Federal Register on February 12, 2008: 73  FR 8112-8183. 
As requested by the Secretary of DHHS, AHRQ has  coordinated the development of a set of common definitions and  reporting formats (Common Formats) which would facilitate the voluntary  collection of patient safety data and reporting of this information to  PSOs. The purpose of this notice is to announce the initial release of  the Common Formats, Version 0.1 Beta, and the process for development  of future versions.
DATES: Ongoing public input.
ADDRESSES: The Common Formats can be accessed electronically at the  following Web site of the Department of Health and Human Services: 
E-mail: psoc@ahrq.hhs.gov.
The full text is available here:


and then there is this:


Structural measures help create system of high-quality, patient-centered care by sharing and managing information electronically

Washington, DC - To improve quality and efficiency and reduce errors and unnecessary treatments across the healthcare system, the National Quality Forum (NQF) has endorsed nine new national voluntary consensus standards for health information technology (HIT) in the areas of electronic prescribing, electronic health record (EHR) interoperability, care management, quality registries, and the medical home. These HIT structural measures are intended to help providers assess the efficiency and standardization of current HIT systems and identify areas where additional HIT tools can be used.

Adoption of HIT by clinicians has been shown to reduce medical errors by increasing access to information thereby improving response times to abnormal results, eliminating repetitive testing and providing clinical decision-support tools to facilitate evidence-based care.

Evidence has shown a decrease in medication errors by up to 20 percent and a decrease in per admission costs by more than 12 percent when clinicians use HIT.

“If we hope to achieve high-quality, patient-centered care, we need interoperable HIT that can help us share information electronically and track patients throughout the delivery system – all of which can reduce errors and overuse and increase measurement across the continuum of care,” said NQF President and CEO Janet Corrigan. “These newly endorsed measures can provide important information on effective use of health IT for both early adopters of HIT and those who are just beginning to implement HIT systems.”

Blackford Middleton, MD, director of clinical informatics research and development at Partner HealthCare System in Massachusetts, and Joel Slackman, MS, managing director of the Blue Cross Blue Shield Association, co-chaired NQF’s steering committee on HIT structural measures.

“NQF-endorsed HIT structural measures will help the practice of medicine move forward with the adoption of information technology in healthcare,” said Middleton. “This allows us to better understand how widely healthcare information technology is being used in care delivery, and is a critical first step toward transforming healthcare.”


Electronic prescribing improves quality by reducing legibility errors, providing interactions and dosing alerts, and reducing costs by comparing equally effective alternative medications. The two e-prescribing measures endorsed by NQF encourage the adoption of either a stand-alone e-prescribing tool for providers without EHR systems or the enhanced use of e-prescribing within an EHR for early adopters of HIT.

Electronic prescribing measures endorsed by NQF were developed by Quality Insights of Pennsylvania (QIP) and the New York Department of Health and Mental Hygiene.

Interoperability of EHRs

The interoperability of electronic health records –EHRs that can share information between clinics, offices, and laboratories – improves quality by increasing timely, efficient, evidence-based care. NQF endorsed two measures to increase adoption of interoperable EHRs: the first measures adoption of an EHR to manage clinical data within a practice, the second measures receipt of clinical data such as external laboratory results into an EHR. NQF aligned these measures with Certification Commission for Health Care Information Technology (CCHIT) recommended EHR- certification criteria whenever possible.

Measures for the interoperability of EHRs endorsed by NQF were developed by the Centers for Medicare & Medicaid Services (CMS) and QIP.

Care Management

Electronic care management tools improve quality by improving patient-centered care that is coordinated and evidence-based. Too often information about patients falls through cracks in the delivery system.

Both of the care management structural measures endorsed by NQF measure the use of HIT to identify specific patients in need of care, track their preferences and laboratory results, and assist the clinician in providing evidence-based care according to national guidelines using automated alerts and reminders. To measure care management across and between settings, the first measures HIT used during a patient- clinician visit and the second measures clinical results between visits.

These care management measures endorsed by NQF were developed by CMS and QIP.

Quality Registries

Sharing information through electronic quality registries allows for increased care coordination by tracking patients in need of care throughout the delivery system and giving feedback to providers. Registries also assist in data collection on the safety and effectiveness of care to guide quality improvement efforts. The two structural measures for quality registries endorsed by NQF assess clinician participation in quality registries at the local, statewide, and national levels.

These measures endorsed by NQF were developed by CMS.

Medical Home

The medical home is a broad model of primary care that aims to improve quality by providing coordinated, effective, continuous, patient-centered care. Many of the measures endorsed by NQF in this set of HIT structural measures assess technology tools that are central for creating a medical home that is patient-centered and drives toward coordinated care.

NQF has endorsed a Medical Home System Survey that will allow clinicians to assess whether their practices are functioning as a medical home by providing ongoing, coordinated, and patient-centered care. The survey specifically includes measurement of key HIT functionalities, such as the use of electronic-based charting tools to organize clinical information, the use of tracking tests and referrals, and the adoption and implementation of evidence-based guidelines.

The Medical Home System Survey endorsed by NQF was developed by the National Committee for Quality Assurance (NCQA).

The full release and details of the requirements are here:


I see this activity as the next step beyond the basic standards setting processes. What is happening here is the definition of how information that is being collected can be used to guide operational improvement and safety – which is, after all, what we are all working towards.
It will be an important activity of whatever flows from the National E-Health Strategy that these issues are addressed as soon as basic e-Health capabilities are developed.