Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Sunday, October 01, 2006

Privacy Issues Related to the Proposed Access Card.

The following is a very draft discussion paper I and a few colleagues have been working on for the Privacy Assessment of the proposed Commonwealth Access Card. All the views have been developed my me and are NOT ACHI policy at this point in any way at all. I would be interested in any comments any reader may have.

David.

Privacy Issues and Facts Related to the Proposed Access Card.

Discussion Draft – October 1, 2006

Background to the Submission.

The Commonwealth Government is planning to introduce a smartcard based Access Card which will be used as proof of identity for all adult individuals who wish to access services provided by the Commonwealth Department of Human Services. Among other things use of the card will be necessary to obtain payments from both Medicare and Centrelink.

The card is intended to replace 17 health and social services cards, including the Medicare card, health care cards and veteran cards.

Because of concerns regarding the possible impact on individual’s privacy the Professor Alan Fels AO has been asked to chair the Access Card Consumer and Privacy Task Force to address consumer and privacy issues related to development of the health and social services access card by Minister for Human Services Mr Joe Hockey.

The Australian College of Health Informatics (ACHI)

The Australian College of Health Informatics is Australia's peak health informatics professional body. As such the College is concerned that information technology be effectively and successfully implemented in support of healthcare service delivery.

Because of this core interest, and ACHI’s recognition that lack of trust in the ability of information technology to manage private information correctly and securely on the part of the populace could risk successful Health IT implementations, ACHI has an interest in ensuring that the implementation of the Access Card addresses patient privacy appropriately.

ACHI’s View on the Overall Access Card Proposal.

ACHI has no firm view on the policy correctness of the introduction of the Access Card (and the large and complex technology infrastructure needed to support it) as it is presently proposed.

ACHI does however note that a project of this scale does carry very significant implementation risks, due to both its scale and complexity, which will need to be very carefully managed if the current estimates off costs, benefits and timelines are to be met.

Additionally ACHI does have concern that the Access Card is not as voluntary, in a practical sense, as Government has stated. The inability to access Medicare, Centrelink and similar benefits would place significant cost on most citizens who chooses not to have the Access Card. For those with major medical expenses or those on Centrelink income support it is essentially compulsory in all but name. This point is raised because the virtually compulsory nature of the Access Card has significant privacy implications as will be explored below.

Note: This submission assumes that only identification data will be held on the Access Card. The issues that arise if the card functionality extends beyond this (i.e. the card becomes a partial electronic health record) are very complex and would require more detailed review (covering data segmentation on the smartcard, currency of information, primary and secondary data use, emergency, de-identification, pseudonymisation and so on) and are beyond the scope of the Access Card as we presently understand it.

Comments on Privacy Aspects of the proposed Access Card

The Australian College of Health Informatics (ACHI) would like to offer the following for consideration in regard to possible privacy issues surrounding the proposed access card.

1. ACHI is a strong supporter of the Australian National Privacy Principles as a framework for consideration of privacy issues but also believes that Identifiable Personal Health Information requires protection and handling beyond what is offered in the NPP because of the potential sensitivity of such information.

This point has been recognised by the existence of specific legislation in both the Commonwealth and a number of State Jurisdictions specially focussed on preservation of Health Information Privacy and Confidentiality.

The complexity and sensitivity of the issue can be appreciated by recognising that the National Health Privacy Code, whose development was begun in by Health Ministers in 2000 has yet (in October 2006) to be finalised, and that the only evidence of this work being undertaken in now not on the DoHA web site but in the National Archive.

The lack of agreement on this code would argue for care in the storage of Health Information on the Access Card or its attendant backup repository systems until this code is finalised.

2. ACHI is of the view that unless the possible privacy issues surrounding the proposed Access Card are carefully and rigorously framed and developed, and that public opinion is satisfied with the privacy management outcomes developed, there will be substantial public resistance to the adoption and use of the Card.

3. ACHI believes that the threats to personal privacy from electronic records and paper based records are sufficiently different as to require separate consideration, despite the similarity of the objectives to be met with each type of record. As an example 10000 paper records require a major logistic effort to steal whereas 10000 complete electronic patient records could easily be stolen on a 25gm USB Key.

ACHI also recognises that there are also efficiency and process advantages possible with well designed identity management systems. It would be of great value to the health sector if a trusted and privacy enhancing identifier were available to support Electronic Health Record initiatives.

4. ACHI understands the importance of accurate identification of individuals for both patient safety as well as fraud control and is concerned that any system that is devised has sufficient safeguards and protections to ensure extremely low risk of mis-identification. ACHI also recognises that any identification system is only as robust and reliable as its weakest link and that the processes around enrolling, maintaining and securing the identity information held must be very reliable indeed. This means that any temptation to cut cost corners that lead to compromise of the integrity of the system need to be strenuously resisted.

ACHI also recognises that healthcare, unlike other industries must also be flexible in it's direct communication with individuals and be able to reflect the name/s by which the individual is comfortable (preferred name). In this context the issues of identification become more complex than in other environments,. Accuracy must 'vie' with human requirements as well as the need for identification in emergency.

5. ACHI is concerned about the proliferating array of individual person identification systems and believes there should be rationalisation of all these different efforts to minimise cost and maximise data quality. (i.e. the NEHTA identifier and access control initiatives, Minister Abbott’s Health Smartcard, the Access / Smartcard Initiative, Passport ID, the Document Verification System for Attorney General's and Medicare / Centrelink's current ID systems.). The impact of the intersection of these various systems in the future is very hard to predict and may be very damaging to public confidence and trust.

6. ACHI supports the apparent current direction to restrict the information content on the Access Card to just that required for identification to minimise scope creep and the potential abuse of other data which may be held on the card. The scope creep in the uses of the Canadian SIN and the US SSN should be taken as a serious warning as to the risks of permitting un-authorised use of strong individual identifiers and should be specifically legislated against.

7. ACHI believes that it should be recognised that as the Access Card provides access to all Government Benefits (including Medicare and Centrelink Payments) it is, for all practical purposes, a compulsory Identity Card, despite Government claims to the contrary. ACHI would like careful consideration to be given to provision of some granularity in requirement for use of identity in certain circumstances. Simple denial of access without the use of the Access Card may impose unreasonable additional costs on some small segments of the community.

8. ACHI is concerned that there are a significant number of people in the community who, quite legitimately, feel they need multiple “functional” identities to avoid discrimination or persecution and to obtain a degree of peace of mind regarding their access to care. An example of this is the patient with a potentially stigmatising disease (e.g. HIV/AIDS, an STD or mental illness etc) who wishes to preserve their confidentiality regarding that illness while being able to access ordinary care locally.

Unless two “practical” identities are possible the individual is unable to be confident their very sensitive information will only be disclosed when they want it disclosed. (There is good evidence of significant prejudice and persecution when such material is involuntarily released to make these concerns more than reasonable, as does the potential choice individuals may make to not seek necessary care.) ACHI believes development of an approach to meet the needs of such individuals with regard to their avoiding discrimination and prejudice needs to be carefully considered, while recognising the inherent difficulties this poses.

Consultation with the bodies representing those living with HIV / AIDS, Hepatitis C, Mental Illness and Genetic Risk is vital before the operational and privacy frameworks are finalised.

9. ACHI believes that prior to implementation there should be a comprehensive privacy impact assessment, as recommended by the Privacy Commissioner, in her office's submission. This will ensure the whole (including the Access Card, supporting systems and potential uses) , current, proposal gets a fully detailed privacy review. We would also like to see the complete KPMG Business Case for the Access Card be released for public scrutiny, review and comment before the Access Card is finally given the go-ahead. Such release would clarify a range of aspects of the Government’s business case for the Access Card which are presently unclear.

10. ACHI believes there must be legislative controls to ensure all forms of record linking and secondary use based on the Access Card identifier(s) is fully transparent and subject to careful privacy review.

11. ACHI believes there must be legislative controls to ensure the production of the Access Card will never be required by any entity other than the appropriate Government Agencies. (Strict prohibition of use of Access Card for video hire etc).

12. ACHI believes, as does the Privacy Commissioner, that there must be very tight controls on the use of the Access Card identifier for data-linkage and data-mining purposes. Given the Access Card database will be a virtual repository of identification for 16 million Australians it is clear there will be temptations by some agencies to use the Access Card system for linkages which the public would find highly problematic from a privacy perspective. The governance structures set up to manage the overall system must be robust enough to ensure such any use is strictly regulated and in the individual as well as national interest before being approved. (The approach taken to separate Medicare and PBS data is a useful model in this regard).

13. ACHI is concerned that the IT Infrastructure that will be required to support the Access Card will ultimately require a very considerable and quite high risk project be undertaken. The quality of the management of the security and privacy controls built into the system will be vital to the overall project success.

14. ACHI understands the importance of identification in the e-Health environment and would be interested to understand whether the Public Health Sector could reasonably leverage the work undertaken with the Access Card to assist the effectiveness of E-Health implementations which are in the interest of both patients and their carers.

Friday, September 29, 2006

The Access Card Could be Really Expensive, Costly and Delayed!

In the last few weeks a general theme that has been emerging in E-Health Commentary, both here and overseas, has been the increasingly clear recognition that very large national IT projects have a habit of running well over time and budget, sometimes to quite amazing levels, and that, conversely locally driven and managed projects seem to be able to deliver increasingly successfully.

Witness the problems in the UN NHS Connecting for Health Programme which have come to light recently both in the choice of both lead contractor (Accenture) and key software provider (iSoft). It seems both these organisations have yet to fully disclose just how bad the losses and outcomes will be for the UK.

Hard on this news we now find another major project in a different country is similarly apparently running off the rails. The following release from Ovum (The Global ICT advisor) says it all.

“http://www.ovum.com/news/euronews.asp?id=4907

Update on the German electronic health card: more costs, more delays...

Hot on the heels of further delays to the introduction of the electronic health card, comes news of much higher costs than previously expected. An independent cost-benefit analysis produced by Booz Allen Hamilton and commissioned by Gematik, the company in charge of the implementation and the running of the project, concluded that costs are likely to be around €3.9bn rather than €1.4bn previously expected, and could be as high as €7bn. And this sum doesn't include the €585m cost of issuing of the cards.

Taking into account the five-year introduction phase, overall cost is estimated at €5.2bn, which will exceed expected savings of €4.4bn by €800m.

Comment: Gematik's management board is still digesting Booz Allen Hamilton's analysis and is not ready to comment on its results. However, it is certain that the e-health card will go ahead, since its introduction is integral to the German code of social law.

However, the question arises: why is Gematik commissioning a cost-benefit analysis now, in the middle of the project? Before the project began, an initial study determined costs of around 1.4bn versus annual savings of €1.7bn, which sounded promising.

The German government's plans are regarded as the most ambitious telematics project in Europe currently under way. Though other countries such as the UK, France, and Italy are engaged in related projects, their scale in terms of functionality and number of users are smaller. The high complexity of the e-health card, involving 80 million insured citizens, 123,000 general practitioners, 65,000 dentists, 2,200 hospitals, 21,000 pharmacies and 270 health insurance companies, makes it a very large challenge. And the communication, or rather the lack of it, between the involved parties is causing delays in the execution of the project.

We are still a couple of years away before all 80 million insurants are due to have their e-health cards. Gematik has been issuing specifications of the necessary equipment and is testing its market suitability. No tests with patient have started yet, but they will begin in two states this autumn and will be extended to six other sates in 2007. In every step of this long-drawn process, specifications will be altered and adapted to arising problems.

This is a prestigious undertaking for the German government. Its success is not only important for its own standing, but would act as a showpiece for the German IT industry and help it win similar projects in other countries which are currently looking at introducing such a system. Every time one breaks new ground, unforeseen difficulties can arise. But given the many challenges that this project has had to face so far, this news will give more ammunition to its critics.”

The scale and reach of this project obviously has some parallels to the planned Joe Hockey Access Card, indeed while Germany is obviously a larger country, the scope of the Australian project appears to be broader.

A few points deserve to be especially highlighted.

First, even at the half way point, it seems the project will cost rather than save money. Over five years the net loss is presently estimated to be $A1.36 Billion (at today’s exchange rate. It leaves one to wonder just how credible the huge benefits identified in the KPMG report actually are. ($A3.0 Billion in benefits over ten years seems just a trifle optimistic!)

Second the total cost of the project must certainly give some pause for thought!. The current planned cost of the German card is estimated at €5.2 Billion ($A8.84 Billion). Given, on a population basis Germany is about four times the size of Australia this suggests a realistic cost for the Australian Access card (not assuming the Germans get any economies of scale) is $A2.2 Billion. The suggested budget of $A1.1 Billion would look to be a good deal short of what will finally be needed.

Third it seems clear the current Access Card time frame (System implemented by 2008 or 2009 at the latest) seems very, very ambitious indeed based on the German experience.

Fourth it is very clear that the Access Card implementation needs to be very carefully phased and piloted so that all the technical, change management and privacy issues are fully understood and solved on a small scale before a large scale rollout is attempted.

One is forced to the conclude that unless the Australian Access Card team are much smarter than the Germans (unlikely since this is their second generation health card implementation) or we are at serious risk of having a very under-funded, delayed and loss making Access Card implementation which carries all the risks of a very large and very complex IT implementation in the public sector.

It might be a very good idea to have Booze Allen Hamilton (who reviewed the German implementation) review thoroughly the Australian plans, and assure all concerned that all the known issues have been addressed, before we get stuck with a real loser.

David.

Wednesday, September 27, 2006

iSoft and CCHIT – What’s the Link?

A key theme in any discussion of e-health is how to foster adoption and use of Health Information Technology (Health IT). In the last few days a few reports have come together to remind me that this issue is not being addressed in a reasonable way in Australia, but that at least some hopeful signs are emerging elsewhere.

Firstly we have had the reports of the last few days, from both The Australian and e-Health Insider in the UK, of the apparently continuing problems about iSoft plc’s contracts and viability both here and in the UK. The essential messages seem to be that there were some distortions of the selection process by which iSoft has been engaged and not enough scrutiny of the future plans the company said it was assured of delivering in now well past time-frames. This is bad news both for the company and its customers despite all public announcements to the contrary.

On the good news side we have the news announced yesterday regarding the Certification Commission for Healthcare Information Technology (CCHIT) release of the most recent drafts of its functional and interoperability criteria both for ambulatory and inpatient systems.

The mission for CCHIT is to “accelerate the adoption of health information technology by creating an efficient, credible and sustainable product certification program.” These specification are evolving in a studied, obviously competent and purposeful way towards a vision of really excellent, clinically sound and valuable systems which, as they are certified, purchased and implemented, will make a real difference to the quality and safety of the US Healthcare System.

How are these two items linked? I would suggest they are linked through the lack of a national Health IT certification process in Australia than has permitted purchases by State hospital systems of software of poor quality that, it appears, lacks a future. We have seen issues in hospital software selection, cited here, in Tasmania, Victoria, NSW and Queensland (who are still being sued by a disappointed vendor as far as I know).

As far as ambulatory care systems are concerned we also have a situation where both functionality and interoperability between different system providers is hardly assured (to say the least).

CCHIT works by taking only the approved and fully implemented and tested standards, merging them with the priorities of the American Health Information Community and developing a functional and interoperability requirements that are required for certification. They also signal their direction well in advance to give the vendors time to develop what is required that they may not have at a particular point in time.

Having the CCHIT does two important things. Firstly it provides system developers with a clear set of system requirements and objectives. Secondly it provides system purchasers with an assurance, if they stick with the approved products, they will be purchasing competent systems that are being developed to meet real clinical and operational needs, and which have a future.

What is needed, to avoid further unwise purchases both in the private and public sectors, is for NEHTA to rapidly move to replicate the role the CCHIT is playing and for the Commonwealth to ensure there is a clear plan and clear strategic guidance as to the directions e-health needs to move in. This inevitably means resurrecting and funding an Australian Health Information Council like entity and charging it to provide the big picture directional guidance to both NEHTA’s certification arm and the software development community.

Very useful documentation already exists and could be swiftly tailored to meet Australian requirements. The time to get such certification and strategic direction setting capability in place is now to avoid further waste and “spinning of wheels” and to give the software providers confidence to invest for the benefit of all.

It will be the development of strategically and clinically valuable systems by commercially viable and confident software providers that will make Health IT adoption easier and be one further step to a better and safer healthcare system.

David.

Saturday, September 23, 2006

Electronic Prescribing – What is Needed to Move Forward?

Both in the USA and in the UK there are major efforts underway to increase the amount of prescribing done electronically. Additionally, as reported a little while ago in an article here, the Commonwealth is moving to ensure that by early next year there will be no regulatory or legislative barriers to introduction of E-prescribing (EP) in Australia.

The reason adoption is sought is that it is now very good evidence that EP has the capacity to substantially reduce the frequency of Adverse Drug Events (ADEs) and that if this is achieved considerable human suffering and cost can be avoided.

The objective of EP is to deliver to the dispensing pharmacist a prescription from the prescriber that is error free and which can then be dispensed in an error free fashion to the patient. Subsidiary objectives may include maximising the use of generic medication, where appropriate (to also reduce treatment costs), and assisting the pharmacist with accurate and timely claiming of the costs of medication from either the Pharmaceutical Benefits Scheme or the patient depending on the circumstances.

Analysis of the prescribing process identifies three distinct phases (plus financial settlement and inventory management which will not be discussed further as these are simple business processes which are already quite highly automated and well understood.)

Phase 1 is Prescription Creation.

Prescription creation can be done electronically in a number of ways. The simplest is to use a computer to capture the patient details, and then from a data base of available preparations select the appropriate medications and package size and print out a form ready for manual signing. This is now quite widely done and offers the benefit of providing the pharmacist a legible prescription from which to work to dispense. This approach is grossly sub-optimal in 2006 as there is no error prevention or decision support contained in this basic model and the risk of errors in re-entry of the medication information in the dispenser’s system is real and demonstrable, despite the legibility.

The much to be preferred option is that the clinical encounter which is to result in an EP should be documented in an Electronic Health Record for that patient that will contain a range of relevant information to assist with the quality of the prescribing. The system ideally will have a list of the patients active diagnoses, the patients current problem, current regular medication (and ideally complementary substances taken) and basic physiological and other information such as height, weight, age, renal function and so on as well as such things as known allergies etc.

With this information available, and with access to tools such as the electronic Therapeutic Guidelines, as the prescription is developed the clinician not only is alerted to possible interactions and other contra-indications but can easily confirm the appropriateness of the therapy proposed. The literature evidence that well designed systems with these capabilities save lives and money is now unequivocal (see article on this site from a month or so ago).

Such EHR based systems are really the basic client the prescribing clinicians should be using in 2006, especially as the requirements for such systems and what is needed for utility and interoperation is well understood.

Phase 2 is Prescription Transport.

In essence once the quality prescription is created there are two possibilities for . Firstly the prescription can be printed out and given to the patient to present for dispensing or, if legally acceptable, a secure token, containing the prescription, can be given to the patient to be used by the dispenser’s system.

The simplest way of linking the prescriber and dispensing computers I believe is to have the prescribing system write a two dimensional barcode onto the printed prescription. Such barcodes can hold the full written information on the prescription and can be scanned into the dispensing system is less than a second or so. The dispensing system then displays the medications to be dispensed for checking and one the pharmacist is satisfied the dispensing and label printing is completed. The prescription is then marked as having been dispensed and if repeats are authorised the necessary paper work is created. This process benefits the patient (accurate communication with pharmacist) and the pharmacist (avoids the need for data entry). Fraud is prevented by using appropriate encryption of the information stored on the barcode to ensure the clear-text contents of the prescription matches the barcode.

The second approach would be to electronically transmit the prescription directly from the prescriber to the dispenser. This is done in the USA to an increasing extent. In Australia community pharmacy is very concerned that direct transmission might give the prescriber too much commercial influence and so the Pharmacy Guild is totally opposed to any proposal of this sort – despite its obvious attraction in a technical sense.

It seems likely that this problem is best overcome by the creation of a national “store and forward” EP Network. The patient presents at the pharmacy of their choice and provides the paper script or a token and the full prescription is then pulled down from the network. (The 2 dimensional barcode seems simpler and cheaper I must say)

This would seem likely to involve a greater cost than simple point to point messaging of barcoding and it would seem reasonable that any additional costs be bourn by the pharmacists as a whole.

A network of this sort would also have major privacy and security implications, as it creates a large database of essentially every prescription in the country, and may need to be very carefully thought through. Secondary use of this data may however provide some useful and clinically relevant information.

Phase 3 is Prescription Dispensing.

Community pharmacy has been using pharmacy systems for dispensing for many years and once an electronic copy of the prescription is available within the pharmacists computer dispensing and labelling can proceed as usual. The advantage for the pharmacist is avoiding any data entry and any possibility of error in the prescription assessment process. Of course the wrong pack can still be picked off the shelf but this is known to be very rare indeed in the presence of a clearly legible prescription.

Before concluding it is important to realise this article has oversimplified a number of aspects of EP. The medication terminologies to be used in prescription communication are still to be standardised and are important as is some remaining work on other aspects of EP Standards, not to say the excellent work has already been done via the MediConnect Trials, flawed though they were in their final implementations.

Standards Australia have already published work covering the use of HL7 messaging to transfer prescription information the it is important this work is progressed and utilized.

Essentially there a major community benefits to flow from a considered and comprehensive implementation of EP in Australia, there are very few significant barriers remaining to its progress. The work needs to be proceed as soon as possible under the agreed standards frameworks.

What is needed now is the availability of effective, quality EP client systems which provide reliable, consistent and safe decision support and the definition of the technical approach(s) to be adopted the get the prescription from the clinician to the pharmacist.

David.

Monday, September 18, 2006

A Brief for the Australian National Audit Office regarding E-Health

Reflecting on yesterday’s commentary it occurred to me that it may be useful to offer some suggestions as to the rocks the Australian National Audit Office should look under in developing a performance review of Australian E-Health.

In broad terms Performance Audits (Which is the type of audit I feel is needed in e-health) address the following:

1. The existence of, and the suitability of the Information and Communications Technology Strategy that has been or is being implemented.

2. The practicality, quality, project management skills and resource availability applied to ensure successful implementation the project plans.

3. The quality and insight of the Risk Management Plans associated with the project.

4. The business case for implementation of the ICT Strategy being implemented.

5. The outcome of the project in terms of service improvements, financial savings or other relevant evaluation criteria.

6. The degree to which lessons learnt during the project have been disseminated to ensure minimum repetition of mistakes and financial waste.

7. The closeness of the actual delivery of the project and its expected outcomes to those identified in the strategy, planning and business case documentation.

It seems to me that the implementation of e-health, both at a national and state level, has been littered with a range of major projects which have not met expectation (for timing and delivery) and for which there has been very little evaluation made public to foster organisational learning.

First among these must be the HealthConnect initiative. To date there has been a minimum of transparency as to both costs and benefits for this whole program. Despite repeated claims that the notional $128M project is on track and on budget there seems to be very little to show for these funds. A hard look is clearly warranted.

It may be that what is actually required with respect to HealthConnect is a review, in detail, of each of the pilots and implementations as well as the overall strategy. Most important will be to understand what benefits, if any, have been delivered in terms of improved patient care and patient safety.

Second it seems there needs to be an audit of the performance of the governance structures surrounding e-health in Australia. It is no secret that since 1995 there have been a number of reports into the area.

These have included the 1995 Health Communications Network Report, the 1997 House of Representatives Report, the 1998 NOIE Reports such as the 1998/9 Unstoppable Rise of E-Health Report, the 1999 Health On-Line Report, the July 2000 Report to Health Ministers of the National Electronic Health Record Task Force and the 2004 Boston Consulting Group E-Health review at least. In parallel there have also been a range of State Health Department Reports. To date these reports have led to a range of trials which are admitted to have not resulted in any significant national implementation. After all this time the National E-Health Transition Authority has the view that “the momentum for e-health is rising and that the stage is set for Governments to consider a national system of electronic health records". Dr Ian Reineke (CEO, NEHTA - As of April 2006). ANAO really needs to investigate what has gone wrong for over a decade and what is needed to fix things. The opportunity cost of a wasted decade must be assumed to be massive.

Thirdly it has been suggested by Mr Abbott (Federal Health Minister) that the Commonwealth has invested close to $1.0 Billion over the last decade in provision of such programs as the Practice Incentive Program and Broadband for Health. Both these were aimed at improving GP computing. An public audit of the outcomes, learnings and benefits of this expenditure is clearly overdue.

Fourth it seems delivery of benefits from Supply Chain Reform are coming much more slowly than they could or should for the Health Sector. Careful review of the issues here could be very valuable and save real money.

Lastly a strong case can be made for a review of the range of identity and identification programs being sponsored by the Commonwealth which are clearly needing to be rationalised. The importance of the requirements of the Health Sector in this area cannot be underestimated.

Someone needs to be asking just how the NEHTA IHI and IPI initiatives, Minister Abbott’s Health Smartcard, the Access / Smartcard Initiative, Passport ID, the Document Verification System for Attorney General's and Medicare / Centrelink's current ID systems are to be co-ordinated and managed for both efficiency and cost effectiveness.

While not the responsibility of ANAO (but rather the state equivalents) there seems little doubt the procurement processes of Health IT in NSW Health, the Victorian HealthSmart Project, the continuing delays in Queensland Health’s IT implementations and the use of scanned records in Tasmania could all stand careful audit scrutiny.

Clearly there is lots to be done. Let’s hope some one will take up the torch and get all this back on the rails.

What score out of ten do you think these various initiatives would achieve if fairly audited?

David.

Sunday, September 17, 2006

Is it Time to have the Auditor General Review E-Health?

Last week Government Health IT in the US published an article entitled “HHS needs focus despite health IT progress, GAO says

The article said, in part, that:

“The Department of Health and Human Services has made progress in its efforts to promote the use of health information technology, but it still lacks the detailed plans, milestones and performance measures necessary to meet President Bush’s goal for electronic health records, according to a recent Government Accountability Office report.

The report cites as positive developments the Certification Commission for Healthcare IT’s recently defined parameters for certifying ambulatory electronic health records and the group’s certification of several dozen vendors’ products.

It also pointed to the 90 interoperability standards selected for tools such as electronic health records and the proposed functional requirements for a nationwide health information network.

However, the report states that although HHS has set those objectives and developed high-level strategies for accomplishing its goals, it still hasn’t defined the kinds of plans and measures it will use to meet those goals.”
It went on to say that:

“Last year, GAO told Congress that federal agencies still faced many challenges in their efforts to improve the public health infrastructure, including integrating current initiatives into a national health IT strategy and adopting consistent standards for interoperability.”

And the GAO concluded without there being clear plans and time lines in place “ it’s unclear how the government will achieve Bush’s goal of widespread adoption of interoperable electronic health records by 2014.”

Reading this, I wondered to myself has our equivalent of the GAO, the Australian National Audit Office (ANAO) ever reviewed Health IT in Australia, and if so what was concluded.

The short answer to that question would appear to be no, although there was an audit of the internal information technology within the Commonwealth Department of Health and Aging in 2002/3. There is also no audit of e-Health planned in the 2006/7 fiscal year.

As far as the States are concerned – I became quite excited to find an e-Health Audit report in NSW – only to discover the e-Health referred to was purely supply chain and not clinical e-health. At least, however, the Auditor in NSW has heard of the term! (The basic conclusion of the audit was that implementation and benefits were proving very slow to be realised).

With this background it seems to me the time has truly come for such an exercise to begin and for the work to be scheduled ASAP. Why? Essentially because a clear impartial view of the activities of the Commonwealth and State Governments and of the relevant Departments and Agencies and their successes and failures would surely provide a base of information on which to improve the likelihood of success with future investments.

There have been hundreds of millions of dollars spent by the Commonwealth and States on Health IT since 1999 and there has been no public accounting, at least that I am aware of, of what we the public have got for our money and what lessons have been learnt that need to be applied to the planned forward investments which are likely over the next decade to amount to at least a billion dollars according to the Commonwealth and NEHTA.

The Productivity Commission last year expressed a degree of unease about the Commonwealth plans for HealthConnect and the apparent lack of progress. The validity of these concerns has become even more obvious since that report.

As taxpayers we deserve to know what has been going on and who is to be held accountable for the apparent lack of progress and waste of money.

The time has surely come!

David.

Saturday, September 16, 2006

NSW Health’s Dirty Little Health IT Secret Revealed

In the last few days I have become aware of a paper on the feasibility of implementing CPOE (termed Electronic prescribing decision support (EPDS) in the paper) in a NSW Hospital. The reference and abstract for the paper are as follows:

Bomba David and Land Tim : The feasibility of implementing an electronic prescribing decision support system: a case study of an Australian public hospital. Aust Health Rev. 2006 Aug;30(3):380-8

Centre for Health Service Development, University of Wollongong, Northfields Ave, Wollongong, NSW 2522, Australia. bomba@uow.edu.au

Medication errors are common in public hospitals, with the majority at the prescribing stage of the medication pathway. Electronic prescribing decision support (EPDS) is a rules-based computer system that can be used by clinicians to warn against such errors to improve patient safety and support staff workflows. Despite its apparent advantages, this technology has not been widely adopted in Australian public hospitals for inpatient prescribing. A case study using Sauer's (1993) Triangle of Dependencies Model was conducted in 2003 into the feasibility of implementing an EPDS system at an Australian public hospital in New South Wales. It was found not feasible to implement an EPDS at the hospital studied due to the legacy patient administration system, low availability of information technology on the wards, differing stakeholder views, legislation, and the Independent Pricing and Regulatory Tribunal of NSW report recommendations. A statewide standard was preferred, with an agreed specification framework identifying basic core data items and functions that an EPDS must meet which can then be used by area health services to: (i) choose a solution which best meets their contextual needs; and (ii) engage vendors to tender for building an open source (non-proprietary) system based on the specification framework.

PMID: 16879097 [PubMed - indexed for MEDLINE]

I must say this is a quite astonishing paper. I offer absolutely no criticism of the work of the two authors or the project participants and indeed I am grateful to them for their honest and insightful reporting of the situation of Health IT in a large NSW public hospital. (The paper indicates the hospital has 146 medical staff, 25 nursing unit managers and 15 pharmacists on staff so we are clearly being told about a hospital with at least 15-20 wards and probably 400 or more beds).

On this basis, and the source of the paper, it seems clear the hospital is The Wollongong Hospital.

In promoting itself to potential junior medical staff the Hospital states:

“About Wollongong Hospital

Working in the Illawarra offers good pay, a great lifestyle and a highly supportive work environment. The Illawarra is highly regarded by Junior Medical Officers (JMOs) as a centre of excellence for postgraduate medical training. Many choose to return to us to do their further specialty training.

As part of South Eastern Sydney Illawarra Area Health Service we are a major provider of public health services to the people of the Illawarra and Shoalhaven region (341,058 people).

Our service provision includes a range of specialist medical services including trauma, intensive care, surgery, medicine, maternity and paediatrics, and cancer care to people living south of the Sydney Metropolitan area and in the Shoalhaven region.

Cutting-edge technology and comprehensive healthcare services are two driving forces in our Health Service. Wollongong Hospital is the optimal size (450 beds) to provide stimulating opportunities for learning, research and development in a cooperative, friendly and supportive environment.

Comprehensive Pathology, Medical Imaging and Para-Medical departments serve the Wollongong, Port Kembla, Shellharbour and Shoalhaven hospitals.”

The claim of “Cutting-edge technology” is clearly a small exaggeration at the very least!

What is revealed in the paper is the utterly inadequate investment in information technology infrastructure that has occurred leaving the hospital with a core patient management system that does not record even the most basic of patient clinical information (allergies, weight and height etc) and which was almost certainly developed in the late 1980’s. (The legacy system is probably the legendary HosPAS developed around then by the Computer Division of the NSW Health Department based on a system that was older still. That it is still in use is a testament to a major determination to avoid change or upgrade for almost 20 years, despite the system's deficiencies.)

Additionally one is left with images of staff crowding around the limited number of available terminals and the use of group staff sign-on’s which ensures access to any data held in hospital system can be seen by virtually everyone who wants to see it, with no audit trails which will identify who it was that was browsing the potentially sensitive data.

Review of the most recent Annual Report (2004/5) for the Area covering the hospital shows that work to establish the new area wide Patient Administration System (PAS) and universal identifier is underway with an expect completion date of the end of 2006. That was the good news! The bad news is the PAS is being sourced from the increasingly likely to fail iSoft. Not only does this mean the possibility of fully integrated clinical and patient management systems is off the agenda for another few years as Lorenzo (the iSoft Clinical System) will not be available until 2008, but that progress may be even slower as the iSoft PAS is replaced with a system that has a future and ongoing support.

Had the 2003 Independent Pricing and Regulatory Tribunal of NSW report recommendations for statewide systems been adopted this potentially major problem could have been avoided and almost certainly some useful clinical systems would arrive much earlier.

As the paper rightly points out CPOE can have a major impact on patient and prescribing safety, so much so that increasingly it is being seen as a core indicator of hospital quality and safety. It seems there is neither the will or the funds to address such issues in the Illawarra. Who actually cares that Hospitals are not maximising patient safety? Only the patients I guess. Certainly not the Health bureaucrats in North Sydney who have persistently underfunded e-Health in NSW for at least the last 15 years.

All in all a useful insight into how bad things really are in the clinical trenches in NSW.

David.

Thursday, September 14, 2006

Call For Sightings - Have you Seen HealthConnect in Action?

In last Tuesday's Australian, this blog's report of the demise of the Australian Health Information Council (AHIC) was confirmed. It is clear that AHIC is not presently operational and its chairman has resigned. Better news from the article was that meetings were underway to get together a new AHIC, to press on with the clearly vital work.

In the same article,the Health Department (via Kay McNiece, spokeswoman for Health Minister Tony Abbott )stated:

"The 2006-07 HealthConnect budget is $31.5 million," she said. "The funds will be used for the National E-Health Transition Authority's baseline work program, the implementation with Tasmania, South Australia and the Northern Territory taking priority, and program running costs."

This seems to be a quite large sum of money for something that has seemed to be going nowhere and the question arises what are we actually getting for this money?

My suspicion is that the vast bulk of the funds is going to operate NEHTA and that virtually nothing at all is being spent on HealthConnect.

I wonder, can any readers of the blog who are aware of any HealthConnect branded activity actually happening please let us all know?

The simplest thing to do is e-mail to the address given on the "how to contact me" link at the top of the blog!

This will allow us all to know if HealthConnect is really alive or on its last and terminal gasp! I will report back with what I discover in a week or so. Of course any other "comments, corrections, clarifications, and c*ckups" (as Crikey.com would have it) as well as tips about anything I have missed (good or bad) in the e-Health space would be more than welcome!

It's your blog..use it!

David.