Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Wednesday, March 10, 2010

First Reporting of Senate Enquiry on the NEHTA / Medicare HI Service.

The following has just been published.

NSW first for health identifiers

  • Karen Dearne
  • From: Australian IT
  • March 10, 2010 4:55PM

NSW public hospital patients will be guinea pigs for the countrywide rollout of healthcare identifiers, with an estimated 4.5 million people signed onto the new system by the state within 18 months.

National E-Health Transition Authority chief executive Peter Fleming told a Senate inquiry into the Healthcare Identifiers (HI) Bill that - once the legislation and as yet undisclosed regulatory controls are passed by Parliament - up to 6 million Australians could have Medicare-assigned unique patient numbers, intended to support clinician access to personal health information, within that timeframe.

NSW Health is spearheading NEHTA's work on linking some 20 separate hospital-issued health identifiers to the new unique personal identifiers, off the back of an upgrade of current radiology information and picture archiving and communications systems.

Existing medical imaging and radiology systems are considered to hold the cleanest data.

The department is presently seeking a supplier for a statewide central storage and retrieval facility to support these systems, together with a new patient registry and matching system, an enterprise service bus to solve interoperability issues, and a capacity to integrate messaging with patient administration systems.

Under the HI Bill, all Australians using private or public health services will be assigned an identifier by Medicare over time, but the speed of uptake by private practitioners and hospitals will depend on their IT systems having the capability to "populate" internal records with the national number.

Much more here:

http://www.theaustralian.com.au/australian-it/nsw-first-for-health-identifiers/story-e6frgakx-1225839264934

This is an evolving story. I will be reading the transcripts and seeing where this all goes over the next week till be hear the outcomes of the Senate Enquiry.

Enjoy.

David.

Weekly Australian Health IT Links - 10-03-2010.

Here are a few I have come across this week.

Note: Each link is followed by a title and a paragraph or two. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or payment.

General Comment:

There is little doubt the big news of the week is the release of the Rudd Plan for the Australian Health System.

Lots of information is found here:

http://aushealthit.blogspot.com/2010/03/brave-new-health-system-for-australia.html

and here:

http://aushealthit.blogspot.com/2010/03/at-quick-look-we-need-great-deal-more.html

Having now considered the coverage and the document it seems to me that while what is proposed is still unacceptably vague and incomplete and that substantial implementation risks exist at both the political level ( a few states are not seeming all that convinced at present) and actual practical issues that are not easily addressed.

I am concerned this may turn out to be a real mess, but will hold off on any formed view until we see all the details.

Second the Senate Enquiry on the HI Service has been great fun and the Senate Hansard make very interesting reading.

Go here to read the program and transcripts:

http://www.aph.gov.au/senate/committee/clac_ctte/healthcare_identifier/hearings/index.htm

-----

http://www.theaustralian.com.au/news/opinion/rudds-first-steps-to-a-healthier-network/story-e6frg6zo-1225837498979

Rudd's first steps to a healthier network

THE final report of the National Health and Hospitals Reform Commission last year was a blueprint for substantial reform of the health system that is long overdue and vital if we are to meet healthcare needs.

The government's response needs to be big, bold and far-reaching. It has to spark and re-energise. It has to call to action. Kevin Rudd's National Health and Hospitals Network announcement this week meets those expectations.

It reflects very strongly the NHHRC's recommendations for public hospitals funding. Our recommendations were a product of hundreds of consultations across the country with front-line health workers and people who use the health system. The policy is also a product of the concerns raised in the 100 or so consultations conducted by the government, several of which I attended.

-----

http://www.smh.com.au/nsw/thousands-receive-bank-statements-of-strangers-20100306-ppne.html

Thousands receive bank statements of strangers

RACHEL BROWNE

March 7, 2010

SYDNEY teacher Lisa Grando does not know the person whose St George Bank statement she received last week. However, she knows they have a taste for Nando's, KFC and McDonald's, and frequent the Blacktown Workers Club.

She knows who employs them and how much they earn. She can also see they are getting regular payments from Centrelink and she was privy to other details. Mrs Grando was one of 42,000 St George Bank customers who were inadvertently sent incorrect statements last week.

-----

http://www.smh.com.au/digital-life/computers/mindreading-computers-could-save-your-life-20100305-pmeq.html

Mind-reading computers could 'save your life'

March 5, 2010 - 9:41AM

Devices allowing people to write letters or play pinball using just the power of their brains have become a major draw at the world's biggest high-tech fair.

Huge crowds at the CeBIT fair gathered round a man sitting at a pinball table, wearing a cap covered in electrodes attached to his head, who controlled the flippers with great proficiency without using hands.

-----

http://www.nehta.gov.au/media-centre/nehta-news/612-software-test-facility-launched-for-hi-service

Software test facility launched for HI Service

1 March 2010. A new software testing environment for the national Healthcare Identifier Service was officially launched today.

The facility is managed by Medicare Australia, which has been contracted by NEHTA to operate the HI Service for an initial two year period.

It will assist early adopters in the commercial software market to build and test connection with the national HI Service ahead of legislation, currently before Federal Parliament, that will allow the service to operate.

-----

http://www.apo.org.au/research/review-health-technology-assessment-australia

Review of health technology assessment in Australia

Read the full text

HTML Review of health technology assessment in Australia

03 March 2010This report recommends improvements in the way new health technologies, procedures and services are assessed for public and private funding in Australia.

-----

http://www.abc.net.au/news/stories/2010/03/02/2834702.htm

Medicare privacy breaches 'only the beginning'

By Carly Laird for PM

Updated Tue Mar 2, 2010 9:56pm AEDT

Revelations that Medicare employees are being investigated for spying on customers' personal information have renewed fears from privacy advocates that healthcare staff cannot be trusted.

As the Federal Government works to bring in a national identity scheme for patients, around 400 cases have emerged of unauthorised snooping on people's private records over the past four years.

Medicare says it has implemented privacy controls and that the number of cases of snooping has been getting smaller, however it is not known who or how far the information was allowed to spread.

The agency has given few details of how the snooping was allowed to occur and no one from Medicare was available to speak to PM this afternoon.

-----

http://www.smh.com.au/technology/technology-news/many-germans-happy-to-shoulder-chips-20100302-pgcx.html

Many Germans happy to shoulder chips

March 3, 2010

HANOVER: It sounds like something from a science-fiction film, but one in four Germans would be happy to have a microchip implanted in their body if they derived benefits from it.

The survey, conducted by the German IT industry lobby group BITKOM, was intended to show how the division between real life and the virtual world is increasingly shrinking.

In all, 23 per cent of about 1000 respondents said they would be prepared to have a chip inserted under their skin ''for certain benefits''.

-----

http://www.theage.com.au/technology/states-computers-put-a-40m-byte-on-tax-dollar-20100302-pgff.html

State's computers put a $40m byte on tax dollar

RAFAEL EPSTEIN

March 3, 2010

THE Brumby government's poor management of the state's computers is wasting tens of millions of taxpayer dollars each year and causing greenhouse gases to be spewed out unnecessarily, according to its own technology experts.

A confidential report leaked to The Age warns that the many separate public service IT systems waste up to $40 million a year, producing ''high levels of unnecessary duplication, complexity and cost … and the true cost … is not understood or managed''.

The report reveals that the state's IT sector soaks up $1.65 billion a year, or 4-5 per cent of the state's entire budget, and says that for more than seven years the government has been unable to merge its poorly connected information systems.

Stamped ''Cabinet-in-confidence'', the report says $16 million could be saved by reducing the number of separate government computer banks.

----

http://www.ehealtheurope.net/news/5685/dutch_hospital_deploys_lorenzo_r3.5

Dutch hospital deploys Lorenzo R3.5

01 Mar 2010

ISoft has completed the implementation of Lorenzo 3.5 across all surgical departments at St Jansdal Hospital in the Netherlands.

The hospital went live with the latest release of the system last week following an 19 month implementation project to become the first Lorenzo site in the Netherlands.

The system, which is referred to as “Lorenzo clinicals” is similar to the Lorenzo Regional Care system being implemented in the UK under the National Programme for IT but is not built to the specifications.

The release provides the hospital with the functionality for patient management, results reporting, requesting and advanced clinical data capture for 96 nurses and ten surgeons.

------

http://www.computerweekly.com/blogs/tony_collins/2010/03/isoft-was-not-willing-to-give.html

iSoft was "not willing" to give up Lorenzo rights in CSC talks

Gary Cohen, CEO of iSoft, shines a light (below) on iSoft's negotiations with CSC in December 2009.

CSC has contracts worth about £3bn with NHS Connecting for Health and the Department of Health to deliver systems to the NHS as part of the NHS IT scheme, NPfIT.

CSC's main subcontractor is iSoft whose delayed NPfIT Lorenzo electronic patient record system is due to be installed at NHS trusts across England, outside of the London area and the south.

In December 2009, iSoft re-negotiated its contract with CSC.

-----

http://www.prnewswire.com/news-releases/lumetra-pso-joins-forces-with-isoft-solutions-85809542.html

Lumetra PSO Joins Forces With iSOFT Solutions

Delivering expertise with incident management software and healthcare quality and safety services to help reduce costs and risks.

SAN FRANCISCO, March 1 /PRNewswire-USNewswire/ -- The Lumetra Patient Safety Organization (LPSO), a federally listed component PSO, announced today a strategic partnership with Australia's iSOFT Group Limited (iSOFT), a world leader in health information technology, including incident management software. Under the agreement, Lumetra PSO will use, distribute and support iSOFT's AIMS incident management software to provide comprehensive solutions for healthcare providers and Patient Safety Organizations who want to reduce the complexity and cost of their patient safety and risk management programs.

In making the announcement, the CEO of Lumetra Healthcare Solutions, Linda M. Sawyer, Ph.D., RN, stated, "With our software and services approach to improving patient safety, Lumetra PSO offers reporting of data, analysis of issues and the formulation of corrective action plans that meet the needs of healthcare organizations and their providers in reducing costs incurred by adverse events. The combination of our world-class service with iSOFT's AIMS software will provide unparalleled solutions for organizations committed to improving their patient safety efforts."

-----

http://www.itwire.com/it-industry-news/market/37234-isoft-takes-on-us-market-following-acquisition

iSOFT takes on US market following acquisition

Healthcare solutions provider, iSOFT, is to enter the US market, announcing the move at this week’s HIMSS health IT conference in Atlanta and revealing what it says is a suite of “innovative solutions” which it will initially offer in the American market.

iSOFT, which is based in the UK, became part of the Australian-based IBA Health Group following a merger in October 2007, and the company now claims to be the largest healthcare information technology company outside the US.

-----

http://www.computerworld.com.au/article/337850/govt_refers_healthcare_identifiers_bill_senate_standing_committee/?eid=-255

Govt refers Healthcare Identifiers Bill to Senate Standing Committee

Greater input on individual healthcare indentifiers (IHI) sought

The Federal Government has referred its the Healthcare Identifiers Bill to the Senate Standing Committee on Community Affairs in an effort to gain greater input on the legislation from the Australian community.

The Bill allows for a unique 16 digit number to be created for every health care provider and every Australian resident enrolled in the Medicare Australia or Department of Veterans' Affairs programs.

-----

http://www.smh.com.au/business/telstra-very-concerned-about-nbn-legislation-20100302-pe5c.html

Telstra 'very concerned' about NBN legislation

March 2, 2010 - 10:04AM

Draft laws for the government’s national broadband network company NBN Co could create a retailer rather than a wholesale network provider, Telstra says.

The legislation states NBN Co is to be a wholesale-only company but it gives the communications minister significant powers of discretion to allow it to conduct retail services.

In a letter to shareholders today, Telstra said the draft legislation had for the first time raised the prospect of NBN Co becoming a government-funded retailer, not just a wholesale network provider.

-----

http://www.theaustralian.com.au/australian-it/medicare-privacy-breaches-shake-heathcare-identifier-legislation/story-e6frgakx-1225835812144

Medicare privacy breaches shake heathcare identifier legislation

REVELATIONS that Medicare Australia has investigated 1058 employees for possible unauthorised access to client records in the past three years may rock a Senate inquiry into the controversial Healthcare Identifiers Bill.

The bill has been dogged by concerns over patient privacy raised by consumer health, privacy and technology advocates.

Australian IT uncovered evidence that 948 staff out of a total 5887 employees were being tracked via an Unauthorised Access database as at June 30, 2009 for apparently snooping among client files without a valid reason.

-----

http://www.mja.com.au/public/issues/192_05_010310/mcn11157_fm.html

Clinical-quality registries: their role in quality improvement

John J McNeil, Sue M Evans, Niall P Johnson and Peter A Cameron

MJA 2010; 192 (5): 244-245

Registries can provide sound data needed by clinicians and organisations to improve patient safety and quality of care

In June 2009, the National Health and Hospitals Reform Commission released its report proposing an agenda to transform the Australian health system.1 A critical element of this agenda is improved monitoring of service delivery and outcomes of care.

Clinical-quality registries are an important development in monitoring and benchmarking quality of clinical care. Registries systematically and uniformly collect information from people who undergo a procedure, are diagnosed with a disease or use a health care resource. They are particularly appropriate for monitoring and benchmarking processes and outcomes of care where there is known variation and where poor performance results in high additional cost (eg, renal transplantation) or poor quality of life. Before outcomes are benchmarked, data must be statistically adjusted to isolate quality of care from prognostic factors that are beyond the influence of clinicians. Variables such as age and clinical comorbidities are typically included in risk-adjustment models.

Note: Access only on subscription etc.

-----

http://www.smh.com.au/opinion/society-and-culture/italy-risks-internet-stone-age-with-trial-of-google-executives-20100228-pb4u.html

Italy risks internet Stone Age with trial of Google executives

ANN WOOLNER

March 1, 2010

Distracted while thinking how to begin this column, I clicked on an email from a friend. She had sent me a YouTube video in which a tidy cylindrical shape on a shoulder strap unrolled to become a computer.

Almost every day, someone sends a YouTube clip or invites me to join them in Facebook or LinkedIn or something called Friendster.

When trying to find a way to contact a possible source last week, I Googled him and found he had Twitter but no listed phone number or email address. Maybe I should drop the curmudgeonly attitude and sign up myself.

-----

http://www.smh.com.au/opinion/society-and-culture/sorry-lara-we-have-no-right-to-privacy-20100305-posp.html

Sorry Lara, we have no right to privacy

JESSICA LAKE

March 6, 2010

SO LARA Bingle, famous for her appearance in the 2006 Tourism Australia campaign ''So where the bloody hell are you?'' plans to sue footballer Brendan Fevola for disseminating a nude photo of her taken in the shower several years ago. Public comment shows little sympathy for her plight and even less appreciation of the legal and ethical issues involved, which is not surprising as Australia lags behind the rest of the world in dealing with the multiple offences made possible by modern visual technology.

Max Markson, Bingle's manager, explained that her lawyers had decided to pursue Fevola for defamation, misuse of her image and breach of privacy. But only the first of these is recognised by Australian courts. Most people would, perhaps, be surprised to learn that there is no ''right to privacy'' in Australia, although the general idea of ''privacy'' is protected by a handful of other laws, including trespass, nuisance, breach of confidence, stalking, defamation and assault. We have a Privacy Commissioner, but as that office oversees only the compliance of organisations with specific regulatory regimes, it's not much help to Bingle.

-----

Enjoy!

David.

Some Informed Comments on the Rudd / Roxon Health Reform Program.

The following appeared today.

Rudd reform will not end the blame game, say health experts

MARK METHERELL HEALTH CORRESPONDENT

March 10, 2010

THE health reform blueprint will not end blame-shifting between state and federal governments and may leave many hospitals in dire straits, two authorities on health warn.

The $50 billion reform package ''is largely spin'', said John Deeble, the co-architect of Medicare.

David Penington, who headed the Hawke government's national AIDS task force, said that contrary to the reform document's claim to end the federal-state blame game, ''there is huge potential for blame-shifting''.

The pair, who published their views in articles in the electronic version of the Medical Journal of Australia yesterday, have also rejected the proposal for local hospital networks, built around central funding of one principal and several smaller hospitals.

Dr Deeble described the networks as ''absurdly small''. Professor Penington said that along with the funding changes, the local network plan would leave many hospitals in ''dire straits''.

More here:

This article draws on the following two papers from the Medical Journal of Australia.

Viewpoint

Prime Minister Rudd’s plan for reforming Australian public hospitals

David G Penington.

eMJA - Rapid Online Publication 9 March 2010.

http://www.mja.com.au/public/rop/penington/pen10243_fm.html

Reforming Australian health care: the first instalment

John S Deeble.

eMJA - Rapid Online Publication 9 March 2010.

http://www.mja.com.au/public/rop/deeble/dee10245_fm.html

I have to say the following line grabbed by attention.

''Will all this reduce the blame game? Of course not. This policy document is full of it,'' Dr Deeble said.

Both are well worth a read and are freely available on the MJA site.

David.

Tuesday, March 09, 2010

The Australian Privacy Foundation and Others Weigh in on the Health Identifier Service.

The following appeared in The Australian the day before yesterday.

Numbers game a threat to privacy: healthcare identifier number

  • OPINION: Juanita Fernando
  • From: The Australian
  • March 06, 2010 12:00AM

WE'RE told that from July 1 the federal government will issue every citizen with a cradle-to-grave healthcare identifier number. By virtue of this new numbering program, more than half a million health workers will routinely use and disclose the HI and linked information gathered from many sources. This proposal creates extensive risks to privacy.

The HI is a 16-digit identity number that's linked to your Medicare number. It's like a virtual key to your personal and health information. A healthcare provider individual will use the Medicare number to access data stored about you.

You may wonder what that information will be. So does the Australian Privacy Foundation. Since 1987 it's been the country's leading public interest advocacy organisation, focusing specifically on privacy.

The APF has made many attempts to communicate with the National E-Health Transition Authority and the Department of Health and Ageing on the succession of e-health initiatives during the past few years. However, both agencies have avoided engagement with privacy advocates. Contrary to their claims, consultation with consumer advocacy groups about the HI scheme has emphatically not taken place.

At the moment, the HI will be linked to your name, birth date and address, unless more details, such as order of birth, are required to make a positive identification. Patients and consumers will need to identify themselves by verifying the information when visiting or telephoning a health service, or perhaps a Medicare office.

The first time many patients discover the HI will be at the GP's reception desk when their identity is checked.

The HI system -- as described in the Healthcare Identifiers Bill 2010 and Healthcare Identifiers (Consequential Amendments) Bill 2010 before parliament -- is self-defeating.

That's because it could facilitate medical error as clinicians depend on a potentially unreliable number to ensure a patient's identity for health care. That's the direct opposite of government assertions about the HI's capacity to make people well.

Under clauses 18 and 23 of the bill, from July 1 consumers will have to work through a third-party service operator, Medicare, to access the personal information linked to their HI, presenting yet another point at which sensitive personal data may leak.

As reported this week in The Australian, documents published by the Office of the Privacy Commissioner show several hundred Medicare staff were suspected of unauthorised access to patient records in 2008 and 2009. The HI scheme will extend the number of people with access to such information by more than half a million.

The HI database will be the most accurate and up-to-date list of the names and former names, dates of birth, addresses and former addresses, and birth order -- including that of twins, triplets and so forth -- of Australians.

But the lack of real-life, large-scale trials of the system before implementation means that we can't measure or control the impact of growing levels of medical identity theft and other information breaches on the database.

There's nothing in the HI bills that requires a record to be kept of each time a service provider makes a disclosure of a healthcare identifier. The bills don't specify security obligations for anyone storing or in possession of an HI or associated personal information.

Electronic systems will always require human input. But if something goes wrong, those devising the system will be indemnified.

This despite the fact that no data set is absolutely clean. No information system is completely secure. Errors will creep into the national database linked to one's HI, if indeed they aren't already present. It's essential that the HI bills be amended to ensure that, from the outset, consumers can check their personal data. Even if penalties for misusing patient information are available, they'll be completely ineffective if consumers don't know what's stored.

.....

Juanita Fernando is the academic convener, BMedSc (Hons), medicine, nursing and health sciences at Monash University; she is on the health subcommittee of the Australian Privacy Foundation and a councillor with the Australasian College of Health Informatics.

More here:

http://www.theaustralian.com.au/news/health-science/numbers-game-a-threat-to-privacy-healthcare-identifier-number/story-e6frg8y6-1225837146124

There is more available on the APF’s views here:

http://www.privacy.org.au/Papers/HI-Senate-100304.pdf

and here:

http://www.privacy.org.au/Papers/HId_Bill-100107.pdf

It is worth noting the APFs views as they are very vigilant on such matters.

I find it interesting that the Office of the Victorian Privacy Commissioner raises a number of major concerns.

Her concerns on data quality of the core data being used to create the IHI I find useful.

See here:

https://senate.aph.gov.au/submissions/comittees/viewdocument.aspx?id=b10ad8c8-90b3-4fba-b8e5-7dfe0b17d16a

Whereas the Office of the Federal Privacy Commissioner seems to be ‘relaxed and comfortable’

See here:

https://senate.aph.gov.au/submissions/comittees/viewdocument.aspx?id=aa9c83ad-6d7a-4a1e-84c9-40189008ccf6

I do have to say however that allocation of $500,000 for two years to monitor a program of this scale and complexity would seem to be a little fatuous. With on-costs etc that is only 4-5 people to keep an eye on a system which concerns all of us!

The case for not undertaking decent scale piloting and testing I see as utterly unarguable. (And it now seems NEHTA agrees – thank heavens!)

David.

Live Blog: Peter Fleming of NEHTA in Front of the Senate Community Affairs Committee.

The session ran from about 3:30 to 4:40pm March 9, 2010.

The speakers were Mr Fleming and Dr Mukesh Hailerwal.

It now seems reality has crept in. NEHTA now admits that there will be a set of ‘initial implementation projects’ of various components of the system (read pilots) for the first 18 months and that when these are run – they will then be brought together and re-tested as a whole before any national roll-out is undertaken.

It really is a pity we have not been provided with this level of honesty well before this.

We also learn that NEHTA is still hopeful they will get to create an Personal Controlled Individual Electronic Health Record for those who want one. Good to see they now say it will be opt-in rather than opt-out.

All in all very interesting. It did seem there were a lot of questions from the Opposition Senators. One really wonders if they are minded to pass this legislation at this point?

David.

Dr Horst Herb Reviews the Revised NSW Health Implementation of Cerner’s Firstnet.

I will let Horst tell the story for himself – which appeared a little while ago today on the GPCG_TALK mailing list.

Horst has given me specific permission to republish this saying:

On Tue, Mar 9, 2010 at 1:26 PM, David More wrote:

“Hi Horst,

Happy to post your account on the blog. That might get some attention. There are a lot of influential readers I understand from the feedback I get.”

Thanks.

Anything that might contribute to positive change is welcome – the status quo is not acceptable

Horst

----- End Message

For those who don’t know Horst is a resident polymath on the General Practice Computing Group e-mail list being a GP in Dorrigo as well as being a very experienced system designer and implementer among other things.

Take it away Horst:

[GPCG_TALK] Cerner software - the saga continues –

From: Horst Herb

To: General Practice Computing Group Talk

I was offered AUD 400 to sit for an hour in a teleconference and see the improvements in Cerner's Firstnet software for rural hospitals, and -silly me- I accepted.

So I sat and watched.

And I left very, very angry.

In essence, they tried to convince somebody who has been using a Microwave oven for the past decade that the best way forward is to buy their (most expensive) two flint stones, because then you can bang them together, light some fire, and eventually cook on it. Actually, the analogy is wrong, because flint stones can be very useful in the right circumstances.

In detail:

at the time of entering a progress note, the doctor cannot

- browse, add or modify allergies

- browse, add or modify past history

- browse past consultations

- browse or request test results

- browse or manage medications

(in fact, the concept of medication is still alien to that software it seems) etc without leaving the data entry screen (and potentially losing all data entered so far if he leaves the screen the wrong way), navigating a complex menu that makes Homer's odyssey look like an easy travel guide for nursing home patients, and then eventually find the way back to the data entry screen.

The number of mouse clicks required to perform even the simplest tasks remains legion, and the screens remain cluttered with (to the clinician) useless administrative details while utterly neglecting the needs of the clinician.

The presentation of data (e.g. vital signs) remains in a form where it is very difficult to find what is actually relevant (even to those who are familiar with the format of the information presented in) .

This software is not just extremely poorly designed (in fact I cannot recall any clinical software I have seen in 20 years in multiple countries that was anywhere near as bad) and time wasting - it is dangerous to patients because it makes information access needlessly difficult and confusing.

It saddened me to witness that they failed to improve anything in a meaningful and significant way after so much time spent after the initial assessment, and it maddens me that they refuse to take advice on board from those who KNOW what the requirements are because they actually do the work AND have experience with other (much better) implementations.

We VMOs at Dorrigo Hospital refuse to work with that software and we fail to see any realistic way forward given the time they wasted between the last presentation and today without producing any MEANINGFUL changes. I learned that the doctor from Bellingen Hospital who was meant to watch left disgusted even earlier than I did, so I suppose the verdict there remains the same too.

Horst.

----- End Message.

I pass this on without comment other than to say it seems this software is just not suited for small hospitals in small towns. There really needs to be an alternative to the one size fits all approach!

David.

Monday, March 08, 2010

NEHTA Promises the Future - We Will See If They Deliver Quite Soon Now!

It seems NEHTA is well and truly into the propaganda channel it has been pushing lately, based on the spin plan most of us have now seen.

This will be all you need to see to realise just how oversold this is all being in the short or even medium term. Pity some more basic and important issues can’t get addressed first. The systems that will use all this information are yet to be modified and I hear NEHTA is being very slow in providing the information needed by the software providers.

See for yourself.



Anyone who thinks this is all going to happen before 2013 is dreaming I reckon and with Medicare Australia’s implementation and planning skills – probably never. We need to walk before we run, and painting this sort of prospective Utopia does not set expectations at a reasonable level I believe.

The Senate Enquiry tomorrow has one role as far as I am concerned. That is to have Medicare Australia / NEHTA actually demonstrate they actually know what they are doing with a project of this scale. Thus far the evidence is pretty scant. Medicare Australia’s implementation record in the sector is pretty spotty and NEHTA has not been seen to deliver any significant project (except possibly SNOMED CT) in the last 5 years that I can detect.

David.

AusHealthIT Man Poll Number 11 – Results - 08 March, 2010

The question was:

Should The Health Identifier Service Legislation Pass in its Present Form?

Absolutely

- 6 (16%)

Probably

- 5 (13%)

Probably Not

- 8 (22%)

No Way

- 17 (47%)

Votes 36.

Comment:

Looks like about 70% say legislation should not pass in the present form. I am surprised at the figure given so many of us think a proper, well designed and executed HI Service would not be a bad thing.

I think the Government approach and the huge implementation risk has spooked the horses!

Thanks again to all who voted.

David.

A Show You Won’t Want to Miss! Our Democracy in Action!

Tomorrow we have a live broadcast from the Senate Community Affairs Committee as it reviews and considers the Health Identifiers Bill 2010.

When: 9/03/2010 3:30 PM - 9:30 PM AEDT

What:

Senate Standing Legislation Committee: Community Affairs Committee (R4299 Healthcare Identifiers Bill 2010)

Where: (HMS 9)

By clicking on the link you are taken to a page where you can select video and audio feeds.

I understand NEHTA’s Peter Fleming kicks off proceedings at 3:30pm.

If the embedded link does not work go here:

http://webcast.aph.gov.au/livebroadcasting/annualview.aspx?eventtype=Committee&eventdate=8/03/2010

Note there is also session on Wednesday Afternoon.

Enjoy!

David.

It Seems Some Facts Are Rather Easily Forgotten. The Medicare Card is not a Trustworthy Token.

I am sure at least some readers will be amazed that it is now almost exactly four years since I posted the first blog.

As I type on 6 March 2010 it seems fitting to repost the first post to see how I have gone:

Health IT Introduction

The intent for this blog is to provide commentary, feedback and information on the e-health activity, processes, industry, politics and governance in Australia.

The aim is to provide clarity and transparency for all involved as to what is going on, who is doing what with whom and what is driving what is happening.

Enjoy

David

Posted by Dr David More MB, PhD, FACHI at Sunday, March 05, 2006 0 comments

I will leave it to others to say what they think but I think I have stuck pretty closely to the goals I set out with.

Certainly the readership has continued to grow as you can track from the little counter on the left of the main text.

Since the blog started there have been over 142,000 visits to the site with in excess of 240,000 page views.

As I was looking at the first few entries this one struck me.

Thursday, March 09, 2006

Card Confusion and Mis-Identity

The main news today is the revelation from the Sydney Daily Telegraph of the scope of the rorting and the degree of fraud and identity fakery going on with the current Australian Medicare card.

To quote the article:

"A STAGGERING 500,000 Medicare cards have been lost or stolen in the past 12 months, with some being used to create fake identities and make fraudulent benefit claims.

In a bid to tackle identity fraud, Human Services Minister Joe Hockey called for a photo of the holder to be included on Medicare cards, which currently only contain a person's name and Medicare number.

Criminals are using the lost or stolen cards to set up fake identities, open bank accounts and claim Medicare benefits and prescription medicine subsidies that they are not entitled to."

What is clear here is that the system simply lacks the robustness required, and to be made fit for purpose (i.e. to prevent fraud and to permit accurate identification of individuals) a large investment will be required.

Recently a UK expert suggested that the total cost of identifying each citizen reliably with appropriate biometrics is of the order of $250 per individual. Even if it is just 1/2 this we are talking billions of dollars and with the loss rates of the Medicare card - huge ongoing replacement and renewal costs.

One hopes the business case for taking on this expenditure is sound - and that all the parts of government involved in identification schemes (Health, Human Services, Attorney General and Immigration) are co-ordinating their activity to minimise waste and to preserve privacy.

David

----- End Extract.

Sadly the links no longer work but there is a lot of information on the reliability of the Medicare Card to be found here:

http://www.efa.org.au/Publish/efasubm-dhstf-regist-200704.html

Now while I am sure things have improved the fact that the card is apparently as unreliable as it is must be a cause for concern.

“The Discussion paper states:

"Similarly there needs to be greater information provided about the encryption of signatures so as to minimise the security risks associated with copying of signatures from lost or stolen cards.

This is especially relevant to lost or stolen Medicare cards (some 500,000 each year); especially as such cards figure in something like one-half of all cases of identity fraud. Current Medicare cards, of course, do not carry either a photograph or a signature."

Section 5.

The following I have to say – from the same document fair took my breath away.

4.1(d) Use of Medicare Cards to establish bank accounts etc

"At present, if you lose your Medicare card, it is very easy for someone to take that and use it to claim benefits in your name. They can even use it as proof of identity to establish such things as bank accounts in order to perpetrate identity theft." (DHS Supp Subm)

The Medicare Card is what the AFP call a 'breeder document' since it can be used to produce higher forms of identity documentation. (DHS Supp Subm)

Drivers licences and birth certificates are also breeder documents and that is why the Attorney-General's Department is developing the Document Verification Service, to enable breeder documents to be verified with the document issuer.

Moreover, it appears that the existing Medicare card will not be able to be used as a breeder document, nor as an EOI document, after December 2007, at least not in the banking/financial services industry. As a result of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), the existing 100 Point ID check system (under which Medicare cards are worth 25 points) will cease to exist.

New Rules made pursuant to s229 of AML/CTF Act[40] were issued by AUSTRAC[41] on 30 March 2007 and will come into effect from December 2007. The Rules include safe harbour provisions detailing the types of evidence of ID documents which financial institutions may use in order to be covered by the safe harbour protection. Medicare cards are not included in list of acceptable identification documents (see Clause 4.2.11) and also do not meet the definitions of the various types of acceptable ID documents.

Hence, the ability to use a forged or stolen/lost Medicare card to open bank accounts etc will apparently cease from December 2007, whether or not it is replaced by an Access Card. In addition, use as a breeder document is likely to be significantly reduced if other sector organisations continue the practice of referring to financial sector rules in deciding which types of identification documents they will accept.

----- End Extract.

So the Card is OK to act as a key for Health Identifiers but NOT OK to set up and access bank accounts. Priorities seem to be a bit confused here!

I wish I had remembered all this when I was doing my submission to the Senate.

David.

Sunday, March 07, 2010

Guest Point of View – Dr Sam Heard of Ocean Informatics.

Can we have an organic and evolutionary EHR?

In Karen Dearne’s article “Compromised confidentiality: national health care identity numbers” in The Weekend Australian on Saturday February 13th she addresses some of the privacy issues and likelihood of uptake of a government sponsored national health record in Australia. Ms Dearne echoes concerns expressed by many about the inappropriate use of national identifier numbers and questions whether current health record approaches are suitable for the new e-Health environment. Her approach is fundamentally conservative, and with good cause. Achieving the sort of health outcomes hoped for through the use of computers has largely eluded even massively funded national programs such as the UK’s ‘Connecting for Health’ and Canada’s ‘Infoway’. Some have dubbed these programs as the ‘place where the rubber hits the sky’. Perhaps our recent and current governments should be congratulated for not bowing to industry pressure and spending money on major ‘top-down’ programs of this kind. Imagine if the government took this approach to banking or electronic initiatives in law.

The axiom “Information is power” probably drives much of the scramble for ownership of the new shared electronic health record. Governments around the world want to be recognised for realising the benefits. The promise of this technology includes less healthcare accidents, less repeated steps in care, less investigations, more appropriate treatment, more accountability and so on. There is clearly a perceived commercial opportunity too as telcos, insurance companies, pharmacies and companies like IBM, Microsoft, and Google also want in. But let’s consider some of the barriers, because these are considerable.

Electronic health records are collections of information which are designed primarily to provide an historical account of care received, to defend a health professional’s actions and to assist a group (sometimes a team) of health professionals to work effectively together. It has been proven that it is safe for the vast majority of people to view their own health records and is also likely to lead to more accurate records. All forms of records, such as legal and banking, benefit from scrutiny in much the same way. Beyond this, the impact of personal access to health records is largely unchartered; there is a lot to learn.

Having our personal information stored somewhere on the internet should make us concerned: it is immediately more available and information can be copied very quickly if unauthorised access is gained. The current rate of electronic fraud in banking may be acceptable (or manageable) for that industry as, on the whole, there is a clear incentive to replace what is stolen and the resources are available. Health care is not as straightforward; information is complex, highly personal and can be used against that person’s interests both commercially and politically. Confidentiality is far harder to assess in cyberspace; information can be used without consent and without any recourse. For instance, if you remove your date of birth (e.g. 1965) from Facebook it will not prevent you from getting advertisements like “Are you 45? “ What can you say or do?

It is attractive ideologically and politically to ensure people are in control of their own health records but it is not clear exactly what this means. The most sensible idea that arises from this is for people to give access to care teams rather than individuals. Logically it might be a hospital at times, with access control then being managed within that institution for the information that has been shared. Electronic health records are living things that need to be maintained to be useful and to provide an accurate view of the person’s health and health care. Information will become out of date or be proved wrong. Aggregated records may not be consistent. For example, a diagnosis made by a pathologist (e.g. ductal carcinoma in situ) will be different from statements made to patients (e.g. pre-cancerous changes in the breast). A person having a ‘fear of having cancer’ must be differentiated from one ‘having cancer’. Some web-based health records downloaded from clinics in the USA have had entries that expressed the concern of clinicians reinterpreted as meaning the person actually had that condition. This is a cause for concern. Who is going to maintain these records to ensure they are coherent and to help patients achieve maximum benefit? It is certain that those with this duty will need considerable clinical knowledge and skill to do this efficiently and effectively.

For the benefits of electronic health records to be maximised there must be a focus on the ability to share information between authorised health care providers, the patients (clients or consumers) and, where appropriate, their carers or guardians. Ideally this information should be able to be processed by receiving software used in different settings. But it is more complex than that. These days patients are able to measure their own blood pressure or blood sugar using quality devices and good techniques. These measurements are amongst the most useful to assist management and demonstrate that it will be increasingly important that people are able to contribute to their own records.

The negotiations that led to electronic downloading of music and the success of the iPod were arduous and protracted. Likewise, a framework for effective electronic health records will take time and commitment. The electronic health record that will provide real benefit will be a sophisticated technology that supports clinicians and allows others to contribute. But it will not be a free-for-all and if it does not support the health care providers adequately another solution will have to appear. But where to start? Do we need evolution or revolution?

If government and software companies cannot get this off the ground then it is necessary to look elsewhere. Consumers can support this development and it will have to meet their needs, but instigation requires leadership of a different kind. In this case clinical leadership is probably ideal. The reason health records exist, after all, is to help clinicians deliver health care. If clinicians are to lead the e-Health evolution in Australia then general practice is the ideal champion. GPs are paid for by patients and subsidised by the federal government. They can act independently of other stakeholders and the solution can be national.

Connecting general practitioners with each other may be the ideal starting point. GPs have an electronic longitudinal record for many patients already and one that is organised to support preventative care and management of chronic disease. As people move around the country they like to take their records with them, taking them from their previous to their new GP. This is still done largely by printing on paper, photocopying or faxing. The real point is that there is an established need and process for doing this. Thus, the sharing of electronic health records could begin in a way that follows these current norms. Such sharing could then be extended to specialists and hospitals as appropriate ways and means are found. It won’t take long. At present this is not possible (although the Department of Health and Aging has agreed to fund such an initiative in the past) because the power of software companies has prohibited the collaboration required to make it possible. Shared records also require an agreed format for the health record. The openEHR specifications (www.openehr.org) were designed specifically for this purpose and can be seen as the MP3 for health information. However, these specifications do not, as yet, have industry backing despite government uptake and interest in countries such as Sweden, Slovakia and Brazil.

What to share? The answer is – it depends. It depends on the need of the recipient and the wishes of the person being referred. If someone is referred to a physiotherapist by a GP it may be quite a limited subset. If an elderly person is transferred from a hospital to an aged care facility there will be key information to share and it is likely to include the last time the person used their bowels. Impacted faeces are no fun for the person or their carers. If a person moves from one general practice to another it will be the entire record. If a person is admitted to hospital it may be all their recent records and a comprehensive summary. If it is a record at a sexual health centre the norm will be for this information to remain on site although some people will understand why certain information may be required elsewhere.

Where to store it? A general practice shared record would allow people to keep their record in a repository where they can access it and where they can provide access to others. This would not require unique identifiers as subscription to a service (like email) provides a means of generating a unique identifier for that service. Some may choose to keep all or part of their EHR on their person with a backup somewhere safe.

A general practice based shared electronic health record would simplify things a great deal and start with key players who are doing this already – the people and their general practitioners. Such an approach would require public funding initially although the billion dollars Ms Dearne mentions seems a little excessive.

Sam Heard

Comment: I think there are some interesting and provocative ideas here. Comments are most welcome.

David.

Saturday, March 06, 2010

My Submission to the Senate on the HI Service – Final Version as Given to Senate and Some Comments.

The following is what I submitted late on the 4th of March – and it has now been published on the Senate Web Site.

----- Begin Submission

Submission to the Senate Standing Committee on Community Affairs.

Topic: Enquiry into the Healthcare Identifiers Bill 2010 and Healthcare Identifiers (Consequential Amendments) Bill 2010

Submission Author:

Dr David G More BSc, MB, BS, PhD, FFARACS, FCICM, FACHI.

Author’s Background. The author of this submission is an experienced specialist clinician who has been working in the field of e-Health for over 20 years. I have undertaken major consulting and advisory work for many private and public sector organisations including both DoHA and NEHTA.

General Points on the Bills.

First without seeing the associated regulations it is impossible for the Senate committee to know what we are actually going to wind up with as a final implemented system. As the Late US President Ronald Regan put it "Trust but Verify" The Senate should insist in seeing at least the proposed draft regulations.

Second the Bills are being treated in isolation from the larger e-Health agenda for which there is at present no effective leadership, organisation or governance as recommended in the 2008 National E- Health Strategy which was developed for the Australian Health Ministers Council (AHMC) by Deloittes and subsequently agreed. To be undertaking legislation and implementation with this gap not addressed is, as Sir Humphrey would say ‘exceptionally courageous’ or maybe his worst grade – that of ‘politically suicidal’.

Third to not be undertaking small and large scale pilot implementations before a nationwide rollout is, in my view just foolhardy and just nonsensical. No responsible organisation just switches on a national system of this scale without a lot of operational testing etc. The whole project poses massive risk from an organisation that has been found wanting in other much less complex implementations. (e.g. Medicare Easyclaims). Internationally and at a State level in Australia there have been very many difficulties with many such projects and very few obvious successes.

Fourth it would seem to be quite strange to be passing legislation for the HI Service without being clear what comes next. A COAG proposal is being developed by Department of Health Ageing for a fuller E-Health approach at the time of this submission but is still secret. The time for legislation is when that fuller agenda is public and has been debated by stakeholders.

Fifth there is no evidence there will be wide-spread use of the HI Service until there are some arrangements put in place to ensure they have their reasonable time and costs rebated in some form. I am informed NEHTA has approached their Board on this matter – but in absence of this approval the entire Health Identifier Service risks being an expensive white elephant

Sixth it now seems there are some issues surrounding the behaviour of Medicare Australia staff in regard to the handling of personal information.

The following report appeared on March 2, 2010 and raises significant issues in my view.

Medicare snoops caught by secret database

MORE than one in six Medicare Australia employees is suspected of having spied on confidential client records in the past financial year.

In a statutory personal information digest submitted to the federal Privacy Commissioner, Medicare reports 948 staff members out of a total of 5887 employees were being tracked on an unauthorised access database as at June 30 last year.

This was up from the 750 employees under surveillance at the end of June 2008.

That same year, Medicare set up a "high-profile individual" database with records belonging to 250 people -- apparently as a honeypot for snoops. The purpose was said to be "to assist with identifying unauthorised access to information" held in agency systems by tracking staffers who sought to look at the medical history of famous Australians.

Apart from Medicare card numbers, names and addresses, healthcare provider details and benefit summaries, sensitive data includes medical and financial information.

Unlike other agencies such as Centrelink, Medicare does not disclose privacy breach statistics in its annual reports.

The full article is found here:

http://www.theaustralian.com.au/news/nation/medicare-snoops-caught-by-secret-database/story-e6frg6nf-1225835818328

Clearly such staff cannot be trusted to manage the even more sensitive information that is planned to be held in the Electronic Record System being proposed by Medicare Australia and NEHTA.

Seventh, while the HI System does not provide for the look up of patient name and address information it can, by returning an identifier when queried with a name, date of birth and address, confirm the validity of a name and address pair which may assist in unwanted tracking down of individuals who would rather avoid this happening (e.g. domestic violence victims)

I have written more about this topic here:

http://aushealthit.blogspot.com/2010/03/there-might-be-major-hole-in-design-of.html

Second last the lack of any ability on the part of citizen to being opt-out of being numbered by the HI Service should they choose is problematic. The rest of the world has largely agreed that ‘opt-in’ approaches work best in e-Health despite some recognised difficulties and the case has never been made that I have seen as to why Australia should not adopt best practice.

Last, while there is no doubt there would be major benefit from a smooth running efficient National Identifier System the costs of ongoing delivery and maintenance (recording births, deaths, address changes and so on for some 22 million souls) are not addressed and may be very considerable. Other options exist for addressing Health Identification but these have never been explored and there has never been a business case developed .

All the above points ignore the various risks to privacy and identity protection which I am sure others will provide detailed submissions upon.

In summary it is my professional opinion that the community is entitled to be presented with legislation that takes a far more holistic view of the way e-Health systems and services are to be delivered to Australians and addresses clearly and systematically all the possible risks that are associated with the implementation of large complex systems as well as providing an optimal framework for governance, leadership, privacy protection and engagement with the caring professions and consumers who are going to be required to use these systems.

The present proposed legislation is deeply inadequate and there are major implementation risks with the project overall which I do not believe have been treated frankly by the enthusiasts for this Bill in its present form. I find it concerning that there are a number or organisations who are not specialists in e-Health who are lobbying for passage of the bill, without any apparent in depth understanding of the risks this project runs, unless the plans for its delivery are dramatically improved.

Finally I have to point out that we have had at least a lost decade of (essentially no) progress in e-Health. We are presently at a cusp and if the right path is not chosen and implemented it will be another decade before e-Health realises its promise in Australia. Right now I do not believe we are on the right path and that the risks of expensive failure are very high indeed.

Dr David G More.

----- End Submission.

Thinking about all this after having read the submissions there are one or two points that hit me.

First there are a lot of proponents of passing the legislation and then fixing up any issues that arise later. To them all I can say is that they are remarkably naive. This is the one chance to make sure limits are set and the system will actually work as claimed.

Second there seems to be an assumption that the way in which the identifier is extracted from the Medicare Australia CDMS will make it error free and totally fit for purpose. Believe that and you are into seeing the ‘winged pigs’. Without some substantial live testing we just have no idea.

Third I can see the legislation passed because the risks and implications are just not understood. It will be sad if that is the case and we all wind up trying to recover from an untested mess.

Fourth it is clear the implementation and project risks are well recognised by all but the loudest of proponents. It is vital the Senate take some considered steps to mitigate and mange these.

David.