Just an occasional post when I come upon a few interesting reports that are worth a download. This week we have a few.
First we have:
New Best Practice Report on Post Implementation Released
MTC/NEHI engaged CSC (formerly the First Consulting Group) to conduct a national survey of hospitals facing the operational challenges of newly implemented CPOE systems. The specific issues that are covered include:
- Ongoing Support
- Optimizing CPOE
- Ongoing Management of Order Sets and CDS
- CPOE and Medication Reconciliation
- Downtime Procedures
The report includes a combination of onsite and telephone interviews with community hospitals that have a large number of physicians using CPOE. The report will be released in early February and distributed to all Massachusetts hospitals and available on our website at www.masstech.org/ehealth.
Access the full report is here:
This is a useful review of lessons learnt on the operational issues faced in CPOE Implementation. Very useful indeed.
Second we have:
It occurs to me all this misses a rather important point, namely that Personal Health Record software is not really an application.
It’s more like an operating system.
A PHR has to do many different things for many people. It must be able to take in data cleanly and seamlessly, sometimes automatically. That requires interfaces with hospital records, and with a host of consumer devices. It may also require taking input from alternative therapists, like chiropractors.
Full article here:
The paper, "How to Select an Electronic Health Record System the Healthcare Professionals Can Use," is available at usercentric.com.
Third we have:
February 3, 2009
The American Health Information Management Association is calling for establishment of a National Health Data Stewardship Entity. Supporting the exchange of health information, the entity would promote standards for uniform and consistent data.
"This NHDSE would coordinate the bodies that support the life cycle and collection of data exchanged over electronic and other health information exchange systems and the data stored in a variety of repositories or registries," according to a statement from Chicago-based AHIMA.
For the complete AHIMA statement, which covers principals and guidelines; data access, use and control; and recommendations, click here.
A useful working document that should help consideration of similar matters here in OZ.
Fourth we have:
Ontario’s eHealth Strategy
On February 5, 2009, eHealth Ontario published Ontario’s three year eHealth Strategy. It is a working draft created by eHealth Ontario’s leadership and Board of Directors with input from the healthcare sector.
From February 5-19, we invite you to provide feedback to the Strategy, which will be used to finalize the plan that will:
- Guide investments and operations during the Strategy time frame of 2009-2012
- Enable/fulfill the government’s strategic healthcare priorities
- Provide a framework for measuring and reporting progress and results
Download the Draft Strategy here:
A very useful document – note the similarity to many aspect of the Deloittes Strategy. The lessons learnt section – pages 6-10 – is well done and spot on!
Fifth we have:
04 Feb 2009
ENISA, the EU agency and responsible for assessing Europe’s digital security, has published a position paper highlighting problems with current and planned European electronic ID card schemes.
ENISA (The European Network and Information Security Agency), based in Heraklion, Crete, describes itself as Europe’s centre of expertise for information security, with the mission of ‘defending the future’. The centre operates as a hub for exchange of information and best practices in the field of Information Security.
The new EHISA paper gives the first overview of the differences between privacy features in eID cards across Europe.
There are currently ten national electronic ID card schemes already in use across the EU, with thirteen more in the pipeline.
Electronic ID cards and health smart cards form a key part of the e-health initiatives in European countries including Germany, Austria and France.
The report can be found here:
It is useful to have a discussion of card security and privacy protection for these cards given the level of penetration of these cards around the world.
Sixth we have:
HIPAA Privacy Rule Fails to Adequately Protect Patient Privacy and Hampers
Health Research; A New Approach to Privacy Protection Is Needed in Research
WASHINGTON -- The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule does not adequately protect the privacy of people's personal health information and hinders important health research discoveries, concludes a new report from the Institute of Medicine.
Congress should authorize the development of an entirely new approach to protecting personal health information in research, separate from the HIPAA Privacy Rule, said the committee that wrote the report. This new approach should apply privacy, data security, and accountability standards uniformly to information used in all health-related research regardless of who funds or conducts the research.
If policymakers decide to continue relying on the current rule to protect privacy in health research, the committee recommends a series of changes to improve the rule and the guidance that the U.S. Department of Health and Human Services (HHS) gives on how to comply with it.
In addition, the report urges all institutions conducting health research to strengthen their data protection. Security breaches are a growing problem for health information databases. Among the measures that should be taken, encryption should be required for all laptops, flash drives, and other portable media containing such data given the potential for these items to be lost or stolen.
The committee's recommendations recognize the valuable societal benefits that both ethically conducted health research and privacy protections provide. Without such research, society would lose the benefit of new therapies, improved diagnostics, and more effective ways to prevent illness and deliver care. Privacy helps protect individuals from harm, such as discrimination and identity theft, and permits research and public health activities to be carried out in ways that preserve their dignity.
"We believe there is synergy between the goals of safeguarding privacy and enhancing health research and that it is critically important to our nation's health to strengthen privacy protections and still facilitate research," said committee chair Lawrence O. Gostin, professor of law and director, O'Neill Institute for National and Global Health Law, Georgetown University Law Center, Washington, D.C. "Our recommendations aim to boost regulations and practices that effectively protect personally identifiable health information, while changing provisions of the HIPAA Privacy Rule or its interpretations that have proved to be ineffective."
The HIPAA Privacy Rule regulates what uses and disclosures of personally identifiable health information are permitted by health plans, health care providers, and other entities covered by the regulation. The goal is to ensure that individuals' health information is properly protected while allowing the flow of data needed to promote high-quality health care and health-related research.
However, the HIPAA Privacy Rule is difficult to reconcile with other federal regulations governing research involving people and their personally identifiable information. Moreover, organizations that collect and use health data vary greatly in how they interpret and follow the rule, and the rule does not apply uniformly to all health research. The committee's review of published reports, testimony from patient and privacy advocates and the health research community, and other sources of information led it to conclude that the way the rule is currently interpreted does not adequately protect privacy and impedes important health research.
HHS and other federal agencies should develop a new approach to regulation that focuses on best practices in privacy, security, and transparency, the report says. The new framework should facilitate use of health data in which personally identifiable information is removed and should provide legal sanctions against unauthorized re-identification of individuals. It should provide ethical oversight of research in which use of personally identifiable information without individual consent is necessary. This oversight could be accomplished by local ethical review boards that assess proposed projects on a case-by-case basis, or institutions could be certified at the federal level to carry out this kind of research, having proved they have policies and practices in place to protect data privacy and ensure security.
If the current HIPAA Privacy Rule continues to be the means for safeguarding privacy in health-related research, the committee recommended several ways to revise the rule and its guidance on compliance. For example, HHS should make it clear that people can grant permission in advance that samples or data collected from them for one research project can be used in future research. And the agency should simplify and clarify the criteria for making decisions about waiving requirements to obtain permission from every patient whose personal health information will be used in study.
The study was sponsored by the U.S. Department of Health and Human Services, Robert Wood Johnson Foundation, American Cancer Society, American Heart Association/American Stroke Association, American Society for Clinical Oncology, Burroughs Wellcome Fund, and C-Change. Established in 1970 under the charter of the National Academy of Sciences, the Institute of Medicine provides independent, objective, evidence-based advice to policymakers, health professionals, the private sector, and the public. The National Academy of Sciences, National Academy of Engineering, Institute of Medicine, and National Research Council make up the National Academies. A committee roster follows.
Pre-publication copies of Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research are available from the National Academies Press; tel. 202-334-3313 or 1-800-624-6242 or on the Internet at http://www.nap.edu. Additional information on the report can be found at http://www.iom.edu/hipaa. Reporters may obtain a copy from the Office of News and Public Information (contacts listed above).
The report information is found here:
A free summary of the 300 page report is found here:
Well worth a browse.
Last we have a useful link to a range of EU Reports on e-Health.
This page will get you started.
All sorts of interesting material to browse.
Here is a list of the most recent
2009-02 Study report eHealth in Action - Good Practice in European Countries
2009-01 Project report Semantic Interoperability for Better Health and Safer Healthcare
2008-12 Conference ICT-BIO 2008 Report
2008-12 Conference WHIT2008 EC Procurement workshop report
2008-11 Communication Telemedicine for the benefit of patient, healthcare systems and society
All these reports and associated materials are worth a close look.