Again, in the last week, I have come across a few reports and news items which are worth passing on.
These include first:
http://www.australianit.news.com.au/story/0,24897,22435327-15306,00.html
Karen Dearne | September 18, 2007
POLICY makers will have to abandon their technology-neutral approach to privacy laws in order to tackle the epidemic of identity theft, a leading technology industry body warns.
"To date, ministers and bureaucrats have avoided getting into the risky area of picking winners in technology," said Stephen Wilson, chair of the Australian Electrical and Electronic Manufacturer's Association (AEEMA) information security forum.
"This is why we've traditionally had a light-touch regime, but the things we're grappling with now around privacy, identity theft and cybercrime are so difficult we're going to have to take a greater interest in technology.
"That means someone needs to be acknowledging the strengths and weaknesses of different and competing technologies. We're seeing a change of climate around that." The concept of technology neutrality - which meant legislation was drafted to apply to the handling of information in any context - was past its use-by date, Mr Wilson said.
"It's a good legal philosophy, but when it comes down to codes of practice and standards for government and banking services, indifference to the technology at the coalface is really dangerous," he said. Mr Wilson said AEEMA would welcome a "real debate" on the technological implications for privacy and cybercrime as part of the Australian Law Reform Commission's preparation of final recommendations on reform of the federal Privacy Act.
…..( see the URL above for full article)
This is a useful article for two reasons. First for pointing out how new and different technologies is challenging the concept of ‘technologically neutral’ laws. I hope NEHTA is taking notice of these comments – as in the past it has insisted technological neutrality is required as a policy position.
Second the article provides an easily digested summary of the changes the Australian Law Reform Commission is proposing.
Second we have:
http://www.zdnet.com.au/news/security/soa/Access-card-to-go-ahead-despite-backlash-Govt/0,130061744,339282005,00.htm
Jeanne-Vida Douglas, ZDNet Australia
19 September 2007 04:43 PM
Opposition parties and privacy groups are warning that Australians may still be forced to carry the government's controversial Access Card should the Liberal Party win upcoming federal election.
Plans to rush the legislation through earlier this year were put on hold in August following public scrutiny of a draft proposal on the Access Card legislation released in late June. According to Minister for Human Services Senator Chris Ellison, over 60 submissions regarding the proposed legislation were received by the relevant Senate Committee, some of which have been published on the departmental Web site.
…..( see the URL above for full article)
This is a useful summary of the current state of the Access Card Program. The diversity of views is well worth reviewing for those who have an interest in this area.
It is certain no further discussion will happen on all this until after the election.
Third we have:
http://www.australiandoctor.com.au/articles/5c/0c05015c.asp
| 19-Sep-2007 | | |
|
Guest editorial by Professor Jane Gunn
ABOUT six weeks ago my first patient for the day leapt from her chair when I called her name and zoomed into my room in a desperate effort to escape her own skin. She usually sees another doctor in our practice, but she could not wait — she was “going out of her mind”.
She ripped off her loose-fitting tracksuit top to reveal her concern. About 72 hours before her visit she had started taking a medication for a musculoskeletal complaint; now she was covered from neck to ankles with an angry, confluent, papular urticaria.
It was one of the most florid reactions I had ever seen. It was a cold Melbourne morning and she was like a red-hot radiator. I apologised for my cold hands — she said she wished they were ice blocks. We agreed the drug prescribed did not suit her (she had already stopped taking it once she had put two and two together) and promptly instituted a management plan that was successful within 48 hours.
All of this was managed in about 10 minutes. It then took me another 15 minutes to report the reaction to the Therapeutic Goods Administration. Despite my absolute belief that the ‘blue card’ was within arm’s length, I could not find it (familiar?). This brought back my frustrations with our adverse drug reaction reporting process.
But today has been a milestone in my general practice career — I have finally registered with the TGA to report suspected adverse drug reactions online.
I had tried to register online on two previous occasions, but just gave up. The first time, the whole system crashed. I was so behind with seeing patients, and once again unable to find a blue card, that I gave the patient the number of the Consumer Hotline to report the reaction — they were only too happy to oblige. The second time, I completed the ‘one-off’ version of online reporting for non-registered users, filling in every detail (even the patient’s weight). Supposedly I was to receive confirmation that my report had been successful — that never came and I wonder if my report was ever received.
…..( see the URL above for full article)
While it is commendable that the good professor has enrolled to report adverse events sadly the editorial misses the point that if we had an appropriate e-Health infrastructure and a more comprehensive implementation of EHR’s in clinical practice it would be possible to do a much better job of being proactive in identifying adverse drug reactions and medicines which are causing unexpected side effects.
In an edition of Health Affairs earlier this year the concept of “Rapid Learning” is articulated and its value in such areas is made clear. This collection of articles is available here:
http://content.healthaffairs.org/cgi/content/full/hlthaff.26.2.w107/DC2
A valuable introduction to this concept is found in the URL cited here which was previously provided on the blog:
Just a short note to let everyone who has a moment on the weekend that the Robert Wood Johnson Foundation has posted a fabulous presentation on their web site entitled “Can Health IT Enhance the Pace and Power of Research? The Case for Rapid Learning Systems” dated Jan 23, 2007. The URL is:
http://www.rwjf.org/newsroom/activitydetail.jsp?id=10195&type=3
Those involved in the roughly one hour presentation are described as follows:
“Carolyn Clancy, director of the Agency for Healthcare Research and Quality joins national technology experts, including David Eddy and Lynn Etheredge, to showcase ways in which EHRs are making rapid advances in diabetes and cancer care, how rapid-learning capabilities will help accelerate personalized health care, and how, through rapid learning, doctors will do a much better job of advising patients. Also featured are John R. Lumpkin, M.D., M.P.H., RWJF senior vice president and director of the Health Care group and Joel Kupersmith, M.D., Chief Research & Development Officer, Veterans Health Administration. (HHS Secretary Michael O. Leavitt, originally scheduled, is unable to attend.)”
This is a very serious cast and this presentation is by far the best way to gain an initial appreciation of the key contents of the Health Affairs special issue on Rapid Learning Health IT and its implications.
I would highly commend this to all readers of my blog.
David.
Fourth we have:
http://www.fcw.com/article103788-09-17-07-Web
BY Nancy Ferris
Published on Sept. 17, 2007
Hackers can access many e-health records and modify them unbeknownst to the software’s legitimate users, according to a new study by an organization concerned about EHR vulnerabilities.
The E-Health Vulnerability Reporting Program (EHVRP), a nonprofit organization formed in 2006, issued a summary of its findings after a 15-month study assessing the security risks associated with EHR systems.
It found that a low level of hacking skills would suffice to get into a system, retrieve data and make changes, such as altering medication dosages or deleting records.
The good news: The “risk of vulnerability exploitation can be dramatically reduced when vulnerabilities are known and appropriate security controls are in place,” the report’s executive summary states.
For the most part, EHR systems are no more vulnerable to hackers than other kinds of application software used in other industries, the report states. However, medical software users are less aware of vulnerabilities and are spending less on IT security as a portion of their revenues, the study found.
It recommended that EHR software vendors do more testing of their systems’ security and disclose to customers any vulnerabilities they find. Vendors' remediation of vulnerabilities often takes too long, it added.
…..( see the URL above for full article)
See the URL below for full Summary report
http://www.ehvrp.org/images/eHealth_Vulnerability_Reporting_Program_Executive_Briefing_September_2007.pdf
It is clear more work needs to be done by all involved – this is a useful summary of potential vulnerabilities.
Lastly we have:
http://seattlepi.nwsource.com/local/332591_docemail21.html
Secure connections offer access to medical records, test results
By CHERIE BLACK
P-I REPORTER
For the past year, Roy Peacock has been having an e-mail relationship with his doctor.
First it was just a casual hello to get acquainted. Then, after a couple of visits to his doctor's office, Peacock, a minister at Preston Baptist Church in Preston, began receiving e-mails about his blood-test results, encouragement as he waited for other results and changes to his blood pressure medication as his diet and exercise habits lowered his numbers.
"He is very quick at responding, and it's always by the end of the same business day," Peacock said about e-mailing his Group Health physician, Dr. Eric Seaver. "It would have cost me how much to go in and see him every time?"
As rising medical costs and long waits in doctors' offices concern patients, medical systems are looking for ways to make health care more affordable and convenient. Providing e-mail access for patients is a logical step, many say.
But if it's such a no-brainer, why isn't everybody doing it?
Cost and privacy concerns, for the most part, say local health care providers, many of whom are moving toward implementing e-mail access as part of a switch to electronic medical records.
....( see the URL above for full article)
Just a reminder that e-mail is an invaluable tool for doctors to communicate with their patients. While thought is needed about how to safely deploy and charge for such communication – to ignore the need is becoming rather like King Canute!
All in all an interesting start to the week!
More next week.
David.