It is my view that what is presently going on with the Commonwealth Department of Health and Ageing (DoHA), NEHTA and various other actors at present sets new standards for incompetence and stupidity for an organisation whose track-record in the e-health domain was always abysmal.
A few days ago DoHA announced the new Practice Incentive Program (PIP) rules that are to become operational in July 2009. This program has been in operation for about a decade and has been a major part of the incentive program used by DoHA to improve computerisation and computer use within General Practice. To date incentive payments (which can be up to $50,000 per annum for large practices) have been tied to GPs installing and using desktop computers for record keeping and prescription printing and for ensuring appropriate security etc for the installed PCs and networks.
The GP has always been in control of the decision of what to do and when to do it – based on an awareness of the availability of the payments and typically the funds provided have gone a long way towards offsetting any additional costs incurred by the GP.
Recognising that we are now in mid March 2009 and things have moved quite quickly. This is the letter sent to GP software manufacturers and others on March, 6 2009.
Practice Incentives Program – eHealth Incentive Secure Messaging Requirement
I am writing to you regarding the new Practice Incentives Program (PIP) eHealth Incentive that will commence in August 2009. The incentive will aim to encourage practices to keep up to date with the latest developments in eHealth (see guidelines at Attachment A).
The secure messaging element of the incentive has been developed in consultation with the National E-Health Transition Authority (NEHTA), and aligns with the directions set out in the Australian Government’s National eHealth Strategy.
Practice eligibility for the PIP eHealth Incentive will require confirmation that the practice has established a secure messaging capability utilising a product that complies with NEHTA specifications for secure messaging. It is in regard to this requirement that we wish to provide further details to industry members.
To confirm eligibility a practice will simply need to check the specific PIP link on the NEHTA website to ascertain whether their software supplier is listed as an eligible supplier. Practices have until 31 July 2009 to comply with the secure messaging requirement. (Practices must comply with the other 2 elements of the PIP eHealth Incentive by 30 April 2009).
In order for a vendor to ensure their product(s) are listed as PIP eHealth eligible we require suppliers to submit a statement of commitment to NEHTA. This statement of commitment simply represents a commitment by the supplier:
- to participate in the consultation process that will ultimately lead to secure messaging specifications and compliance timelines agreed between NEHTA and industry. Commitment to participate in the consultation process includes through a supplier’s representative organisation such as the Medical Software Industry Association (MSIA); and
- to comply with the specifications and implementation timelines mutually and progressively agreed by NEHTA and industry.
We are aware of concerns that suppliers may have in making such a commitment. In response, a strong and clear consultative process between NEHTA and industry and a specifications development plan will be mapped in consultation with MSIA. Implementation timeframes will be determined by NEHTA and industry consultations as they progress specification development.
These arrangements will ensure NEHTA and industry work collaboratively over the next two years and represent a supported transition process towards collaborative development of secure messaging specification requirements.
As a further demonstration of the Government’s and NEHTA’s commitment to work collaboratively with industry as it progresses its eHealth agenda, NEHTA will submit secure messaging specifications arising from industry consultations to the Standards Australia
IT-014 Committee for establishment as Australian standards.
To ensure customers are eligible for the PIP eHealth Incentive a supplier needs to:
- Complete the statement of commitment at Attachment B;
- Submit the statement of commitment to NEHTA.
Practices will be advised that, to determine their eligibility for the eHealth incentive, they need to check the NEHTA website to see if their supplier is listed. The list will be available at www.nehta.gov.au/pip-vendors. (Note that practices have until 31 July to meet this requirement providing adequate time for suppliers to ensure their inclusion on the NEHTA website).
For the purposes of Medicare auditing of the PIP eHealth incentive, auditors will simply need to check the practice software product against the products listed on the NEHTA website.
NEHTA has established a specific PIP link (www.nehta.gov.au/pip) on its website which provides further information for industry. A draft communication and consultative activity schedule, developed in collaboration with MSIA, is provided at this web-link. A firm collaborative consultation plan and product roadmap will subsequently be developed in consultation with industry and posted on the web-link.
The Department of Health and Ageing and NEHTA look forward to working collaboratively with the medical software industry in pursuing this significant strategy that will contribute to the goals of the National eHealth Strategy.
Should you have any further questions please do not hesitate to contact NEHTA at
1300 901 001.
Acting Assistant Secretary
Primary and Ambulatory Care Division
6 March 2009
The total ePIP incentive has 3 components. These are – quoting from the information brochure:
----- Begin Quote
To be eligible for the PIP eHealth Incentive, practices must:
1. have a secure messaging capability, which is provided by an eligible supplier;
2. have (or have applied for) a location/site Public Key Infrastructure (PKI) certificate for the practice and each practice branch, and ensure that each medical practitioner from the practice has (or has applied for) an individual PKI certificate; and
3. provide practitioners from the practice with access to a range of key electronic clinical resources.
These requirements are explained in more detail below.
Requirement 1 – Secure messaging capability
In order to meet this requirement, practices must have a secure messaging capability that will allow patient clinical and medical information to be securely exchanged where possible.
The secure messaging capability may be provided as a direct extension to the practice management system, or indirectly via a separate messaging system.
The secure messaging capability must be provided by an eligible supplier. Practices will need to visit
the NEHTA website at www.nehta.gov.au/pip-vendors to find out if the supplier of either their practice management system or their messaging service is an eligible supplier for the purpose of the PIP eHealth Incentive.
Requirement 2 – PKI certificates for the practice and each practitioner
PKI is a combination of policies, procedures and technology that allows health providers to transfer information and images between computers safely and securely. Sending files using PKI means that only the intended recipient is able to read the file and providers can use PKI to electronically sign documents prior to sending.
NEHTA has endorsed PKI as the Australian standard for authentication in eHealth. PKI delivers the high level of security necessary and appropriate for transferring sensitive personal health information within the health sector. It is the same technology already used by practices to securely send claims to Medicare Australia electronically.
The use of PKI certificates is essential to ensure secure information exchange and to enable future developments in eHealth.
Location/site PKI certificates can be used by the practice for activities such as claiming and receiving test results. Individual PKI certificates will enable practitioners to electronically send referrals, and participate in electronic prescribing and electronic pathology ordering with the use of electronic signatures as these systems become available.
In order to meet this requirement, practices must have (or have applied for) a location/site PKI certificate. Practices with additional practice branches are required to have (or have applied for) a separate location/site PKI certificate for each practice branch.
Each medical practitioner working at the practice must also have (or have applied for) an individual PKI certificate. Locums are exempt from this requirement.
The PKI certificates should be used to securely send and/or receive information via the practice’s messaging system where possible. Location/site and individual PKI certificates are available at no cost from Medicare Australia.
Practices will be considered to have met this requirement once they have applied to Medicare Australia for PKI certificates. Practices do not need to wait until they have actually received their certificates to begin qualifying for payments through the eHealth Incentive.
To maintain compliance with Requirement 2, new practitioners who do not already have a PKI certificate must apply to Medicare Australia for an individual PKI certificate within 14 calendar days of joining the practice.
Requirement 3 – Access to key electronic clinical resources
In order to meet this requirement, practices must provide all medical practitioners from the practice with access to the current editions of a range of key electronic clinical resources to improve the quality of prescribing, support quality care, and enhance health outcomes.
The practice must provide practitioners from the practice with access to:
• at least one key electronic clinical resource from each of the categories in Table 1 below (minimum) of 3 resources in total); and
• at least three resources from any of the categories in Table 2 below.
The resources must be available on the computer desktop in the consulting room either on the hard drive, as a CD-ROM, or as a direct link to a website. Practitioners from the practice must be able to explain how they access and use the key electronic clinical resources.
Note: Resources included as part of the practice’s management system may not necessarily be the current edition. To meet Requirement 3, practices must provide access to the current edition of each electronic clinical resource. Where possible, practices may wish to provide access to resources as a direct link to a website to ensure that practitioners are accessing the most up-to-date information available.
Table 1: Key Electronic Clinical Resources
1. Concise, evidence-based guide to recommendations about patient management that covers all common disorders seen in general practice (latest edition)
2. Formulary of medicines available in Australia that provides comparative drug information reflective of contemporary Australian general practice and is independent of pharmaceutical company involvement (latest edition)
Australian Medicines Handbook
3. Evidence-based guide to preventive activities in general practice which is relevant to the Australian population (latest edition)
RACGP: Guidelines for Preventive Activities in General Practice (known as the Red Book)
Table 2: Other Electronic Clinical Resources
Journal of evidence-based clinical care
Bandolier; Clinical Evidence
Clinical resources (latest editions)
Immunisation: Myths and Realities; The Australian Immunisation Handbook; Assessing Fitness to Drive
Regulatory resources (latest editions)
Medicare Benefits Schedule (MBS); Pharmaceutical Benefits Schedule (PBS)
---- End Quote
So just what do we have here?
We have an incentive payment of up to $12,500 per quarter to be paid to practices who have these ‘three boxes ticked’.
The amazing thing is that the only way the GP can access the payment is to have their GP Computer System provider sign a rather Orwellian “Statement of Commitment” with the secure messaging standards which NEHTA has yet to actually develop – let alone actually have running live and operational in a way that the NEHTA planned approach can be shown to work.
This is genuinely bizarre in my view and puts the GP (who wants the money) in the position of pushing the Software Provider to sign a totally rubbery, totally ill defined agreement to work with NEHTA to develop some messaging standards which at some time in the future will go to Standards Australia (SA) for balloting and acceptance as an Australian Standard. (I wonder how much SA is across all this?)
There is no funding for the Software Provider to undertake this work or then implement whatever comes out of this process. The Software Provider wears the risk and cost and only once it is all working might they be able to recoup some cash flow – 2 or more years down the track. How many small to medium size software providers are going to be keen to play this sort of game. Not many I suspect.
We also have a just nonsensical situation where we are creating a messaging enabled GP client (after a few year) but the information sources (path labs, pharmacies, specialists and hospitals) have no real obligation to use the message capability – rather than sticking to the ones that are already in place via Medical Objects, most Pathology Providers and so!
Of course, specialists could, as a group, also use secure messaging and should be part of the e-Health world but this is not how the DoHA Primary Care Branch sees it!
Note also – rather than providing full information portals for consumers and clinicians (as recommended in the Deloittes Strategy) the plan from DoHA has practices doing their own information sourcing – what a joke! We continue to fail to really address professional information availability in Australian clinical practice and it is really very sad in my view.
Finally it is crucial to recognise that this ePIP program will cost tens of millions of dollars each year and that, given the delay in standards availability etc, a large amount of that money will just be wasted – when it could be spent on better things, such as, for example, the knowledge portals mentioned above.
There are also a legion of technical problems which at present are unresolved with this proposal and the interaction of this initiative with the NEHTA IHI and NASH initiatives.
The most useful current web site for further information on all this can be found here:
In summary this is a hasty, ill thought out and expensive initiative which has been very poorly planned and is clearly being rushed on in response to DoHA and Ministerial pressure when neither NEHTA or the Medical Software Industry Association (MSIA – www.msia.com.au) has had anything like reasonable notice or time to think how the actual messaging and clinical outcomes could be optimised.
In the background we have the www.erx.com.au project – which also has a secure messaging component - setting up to provide yet another form of secure messaging from GPs and specialists to pharmacists.
We are winding up with expensive e-Health spaghetti here and it is not good enough! DoHA are really setting new higher bars for making a mess of any hopes for e-Health in Australia.