Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Wednesday, July 09, 2008

Software Errors Can Kill – We Need to Recognise the Issue!

The following article appeared a few days ago.

Flaws in medical coding can kill

Spread of computers creates new dangers, FDA officials warn

| Sun reporter

June 30, 2008

WASHINGTON - After a routine piece of medical equipment started mysteriously killing hospital patients a few years ago, the federal government turned to a small team of its software experts in suburban Maryland for help.

The team's discovery - a flaw in a computer code that caused a drug pump to administer heavy overdoses - led to a recall, warnings and rewriting of the equipment's software. The discovery also illustrated a new threat behind some lifesaving medical devices.

Microprocessors run everything from patient monitors to artificial pancreases, and potential software flaws are a growing concern. A product might not malfunction because it was poorly designed or badly made - the traditional suspects - but because the computer code running it includes a mistake. The impact of that glitch can be increasingly serious because the latest automation is removing the doctors and nurses who watched for machine mix-ups.

"The world of technology is allowing us to do things we never thought possible, and it's largely a great advance," said Larry G. Kessler, who directs the Food and Drug Administration Office of Science and Engineering Laboratories, which oversees the team of software sleuths at White Oak in Montgomery County. "Where it gets to be scary is, we used to have more human intervention. With software doing more now, we need to have a lower tolerance for mistakes."

Of 23 recalls last year that the FDA classified as life-threatening, three involved faulty software.

Manufacturers test and inspect the software on their products, such as dialysis systems and patient monitors, before putting devices on the market. But they've been slow to follow the FDA in adopting new forensic technology because it is costly and still evolving, industry officials say. As a result, FDA software specialists are amassing evidence to show companies the value of the new testing. Meanwhile, traditional software checks, while good at detecting some flaws, are not thorough enough to find every mistake, according to computer scientists.

"If architects worked this way, they'd only be able to find flaws by building a building and then watching it fall down," said Paul Anderson, vice president of engineering at GrammaTech, which has sold forensic software technology to the FDA and medical device companies.

Finding a killer buried in a medical device's source code is not straightforward detective work. The directions for an implantable defibrillator might run over 100,000 lines - as long as War and Peace - and cover a multitude of possible actions that could take a decade for the device to run through. Fitzgerald's team of investigators doesn't have that kind of time, especially when patients are dying.

Much more here:

http://www.baltimoresun.com/news/health/bal-te.fda30jun30,0,912831.story

This is a really important article in my view as it reminds us just how potentially dangerous it can be to assume the operational software in both devices and indeed in clinical systems can be – and how hard it can be to discover just what the problem is.

The application of techniques used to check the software that controls space rockets – static analysis – seem like just the right thing to do. It seems to be likely it will not be long before this and other techniques become mandatory for all new devices and systems. That may not be a bad thing!

David.

Tuesday, July 08, 2008

NEHTA Privacy Blueprint for the IEHR – How Much Progress Does it Reveal?

In this article I review the Privacy Aspects of the recently released document.

The document can be found here:

http://www.nehta.gov.au/index.php?option=com_docman&task=cat_view&gid=-1&Itemid=139

There are a few positive points to be made about this document.

First, it does appear to have headings that cover all the major issues.

Second , it has been developed with the input of a range of people – according to Appendices F & G – that I know to understand most of not all of the issues.

Third it is clearly written and nicely comprehensible to non-specialists in the privacy / EHR domain.

So far, so good – so what is wrong?

A few things as I see it.

1. Given the importance of this topic – a document at even this high level has been a very long time coming. The initial material is now close to two years old.

2. Much of the analysis found in this document was available 3 years ago – having been developed by Clayton Utz in January 2005 for the HealthConnect Program. I can’t see this present document advances the state of play much at all. (Sadly these documents have all been pulled down off the web by the re-vamp of the Commonwealth Health Department web site following the Labour victory. If you want a copy for your files let me know. The full 3 documents are about 1.4 Megs as .pdf files)

3. It is not clear why, if there are Draft Privacy Impact Statements that have already been developed, that these are not also made available for discussion and review.

4.NEHTA is seeming very uncertain on the way forward with most of the major issues – while I recognise this is a consultation paper one would have liked clarity as to just what NEHTA is proposing in each area.

5. NEHTA seems on a number of topics to be rather too concerned about cost and/or technical difficulty rather than ensuring public confidence.

Overall I think we are quickly reaching a point where NEHTA needs to say, clearly, what is exactly proposed, what the cost and functionality tradeoffs are why they want to go down specific paths. This is the document that should attract the detailed comment – not this rather short and rather less than decisive effort.

Of course all this assumes one thinks the IEHR concept is a good one. Until vastly more detail – including costs, real benefits, provider engagement strategies, data quality strategies, timelines, technologies, security approaches, private sector interface approaches and strategies and implementation phasing and delivery are provided we and COAG run a real risk of buying a ‘pig in a poke’. We must not let that happen without vastly more information – provided before COAG meets – not after!

David.

Monday, July 07, 2008

Post 500 = NEHTA’s Individual Electronic Health Records System – A Really Scary Proposal!

As mentioned late last week NEHTA has just released the Privacy Blueprint for the Individual Electronic Health Record.

The document can be found here:

http://www.nehta.gov.au/index.php?option=com_docman&task=cat_view&gid=-1&Itemid=139

In this blog I want to explore the nature of the IEHR proposal. In a later blog I plan to consider the privacy related aspects of this document.

This is covered in pages 4-9 of the document.

The first thing to note is that the IEHR proposal is a slightly elaborated Shared EHR proposal as developed by HealthConnect between 2002 and 2005 – until the sudden defunding in July 2005. To quote a footnote.

“A national approach to an Individual Electronic Health Records system is also referred to as “IEHR” throughout this document. The IEHR was previously known as the Shared Electronic Health Record (SEHR).

Elsewhere it is made clear that the IEHR is to be an IEHR Service (which presumably someone – Government, Medicare Australia, an IEHR Agency or the Private Sector maybe – will provide) and that all those who have an Individual Health Identifier will be able to enrol in the service.

Just as in the HealthConnect Business Architecture Version 1.0 (16/10/2003) there are initial health profiles and event summaries. (So much for dramatic progress over the last 5 years!)

The present plan calls for an IEHR to be made up of:

1. A Summary Health Profile.

The contents of this are planned to be:

Allergies, Alerts and Adverse Reactions: Known susceptibilities from past history or investigations and other risk factors;

Current Medications and Ceased Medications: Current and recent treatment regimes as well as medications that may have been ceased. With each medication the indication for prescribing should be recorded and when medications are ceased, the reason for ceasing should also be captured (e.g. an adverse event, the medication wasn’t effective, etc);

Problems and Diagnosis: Active or persistent disorders as well as covering things that significantly affect the certainty of an asserted finding;

Family and Social History: Presence or absence of family and social history relevant to the ongoing care of the individual, as provided by the individual;

Immunisations: An individual’s history of immunisation;

Implanted Devices: Presence of implanted devices such as pacing wires, joint prostheses and medication implants;

Screening Results: Findings from screenings undertaken, the last date and outcome of PAP Smears, Mammograms;

Key Physiological Measurements: Height, Weight, BMI;

  • Planned Activities: A description of activities that should be performed. This may include care plans for certain individuals; and
  • Procedures: Histories of recent procedures and past procedures that may be relevant to or compromise long term health.

2. Event Summaries

These will be of individual clinical encounters – e.g. an admission, a lab result or whatever.

3. A Supported Self Managed Care Record.

Here the individual can record their observations, comments etc.

Sensibly have a record will be at the discretion of the individual and it will be possible to de-activate a record if desired.

It is also claimed there will be excellent governance and control arrangements to ensure proper consumer protection and privacy etc.

With the exception of point 3 the HealthConnect Business Architecture V1.9 covered most of this is December 2004.

However, even though this NEHTA proposal has been a long time coming (it has been worked on since 2005 to my certain knowledge) we see little that addresses the core problems that are associated with a centralised Shared EHR.

I have explored these in depth in the past here:

http://aushealthit.blogspot.com/2008/04/few-of-wrinkles-of-shared-electronic.html

and here:

http://aushealthit.blogspot.com/2007/12/i-wonder-if-nehta-has-plan-b-or-should.html

and here:

http://aushealthit.blogspot.com/2007/12/nehta-is-planning-ill-conceived-e.html

among others.

We also now learn that at the end of the year (and not early in 2008 as initially suggested) will a business case to develop this IEHR Service be submitted.

What to say? The number of problems with all this are huge! Among the key issues are deciding what information goes and does not go to the shared record, how to cover gaps in the record when a specialist (or a nurse practitioner) does not use an EHR, how to persuade anyone to contribute to the shared record, how to have trustworthy data quality within the record, who owns the shared record and so on.

What I fear will happen will be some unworked through business case proposal will be submitted, enthusiastically adopted by Ministers who do not know better (why do you think anyone who knows about all this has been excluded from recent consultatory meetings?) and the difficulties and complexities that I have been writing about for years will then emerge as they have in the UK Shared Care Record Approach. (The UK have spent billions on their centralised system only to face huge resistance from clinicians and all sorts of issues in getting ‘data fit for sharing’!)

I believe the centralised, shared EHR is a fundamentally flawed architecture. The funds would be better spent upgrading GP and Specialist Clinical Computer Systems and getting clinical messaging working between the health sector actors. Once that is working – as in places like Denmark – then maybe consider some centralised emergency data storages of critical data as a second step.

Remember doing an IEHR of the sort NEHTA are planning will cost billions of dollars – I am not sure there is the stomach for such investment right now – and neither should there be given what could be done with considerably less.

The National E-Health Strategy needs to define a more bottom up locally driven approach to e-Health that will facilitate incremental, progressive transition towards a National Health Information Network and not towards a centralised IEHR. It is by no means clear that this IEHR initiative should be expending a cent until the National E-Health Strategy is finalised and agreed. This whole – very expensive – effort could turn out to be a total waste of time and money. Indeed I think it will!

I look forward to their report in a month or two. Maybe it will put a stop this NEHTA silliness and fondness for the dangerously grand project.

David.

PS:

This is the 500th Post to the Blog…thanks to all those who read. Please comment as often as possible as this adds vastly to the value of the blog for me and others!

We now have had over 50,000 visits to the site (80,000+ page views) since March 2006!

D.

Sunday, July 06, 2008

Useful and Interesting Health IT Links from the Last Week – 06/07/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

Electronic antibiotic stewardship—reduced consumption of broad-spectrum antibiotics using a computerized antimicrobial approval system in a hospital setting

K. L. Buising1,2,*,{dagger}, K. A. Thursky1,2,{dagger}, M. B. Robertson3, J. F. Black1,4, A. C. Street1,2, M. J. Richards1,2 and G. V. Brown1,2,4

1 Victorian Infectious Diseases Service, The Royal Melbourne Hospital, Parkville, Vic. 3050, Australia 2 Department of Medicine, Centre for Clinical Research Excellence in Infectious Diseases, University of Melbourne, Parkville, Vic. 3050, Australia 3 Clinical Pharmacology and Therapeutics Department, The Royal Melbourne Hospital, Parkville, Vic. 3050, Australia 4 The Nossal Institute for Global Health, University of Melbourne, Parkville, Vic. 3010, Australia

Objectives: Antibiotic stewardship is important, but the ideal strategy for providing stewardship in a hospital setting is unknown. A practical, sustainable and transferable strategy is needed. This study evaluates the impact of a novel computerized antimicrobial approval system on antibiotic-prescribing behaviour in a hospital. Effects on drug consumption, antibiotic resistance patterns of local bacteria and patient outcomes were monitored.

Methods: The study was conducted at a tertiary referral teaching hospital in Melbourne, Australia. The system was deployed in January 2005 and guided the use of 28 restricted antimicrobials. Data were collected over 7 years: 5 years before and 2 years after deployment. Uptake of the system was evaluated using an in-built audit trail. Drug utilization was prospectively monitored using pharmacy data (as defined daily doses per 1000 bed-days) and analysed via time-series analysis with segmental linear regression. Antibiograms of local bacteria were prospectively evaluated. In-hospital mortality and length of stay for patients with Gram-negative bacteraemia were also reported.

Results: Between 250 and 300 approvals were registered per month during 2006. The gradients in the use of third- and fourth-generation cephalosporins (+0.52, –0.05, –0.39; P <> glycopeptides (+0.27, –0.53; P = 0.09), carbapenems (+0.12, –0.24; P = 0.21), aminoglycosides (+0.15, –0.27; P <>P = 0.08) all fell after deployment, while extended-spectrum penicillin use increased. Trends in increased susceptibility of Staphylococcus aureus to methicillin and improved susceptibility of Pseudomonas spp. to many antibiotics were observed. No increase in adverse outcomes for patients with Gram-negative bacteraemia was observed.

Conclusions: The system was successfully adopted and significant changes in antimicrobial usage were demonstrated.

More here:

http://dx.doi.org/10.1093/jac/dkn218

or

http://jac.oxfordjournals.org/cgi/content/abstract/dkn218v1

This is a nice demonstration of how a focussed decision support system can improve the quality of prescribing (and reduce costs almost certainly) while having no negative impact on the clinical outcomes. Antibiotic selection in very sick patients is always a matter for the experts and having a supportive expert system makes very good sense.

Second we have:

ID theft hits $1bn: ABS

Karen Dearne | July 01, 2008

AUSTRALIANS lost almost $1 billion to fraud and scams last year, according to the Australian Bureau of Statistics' first survey of personal fraud.

More than 800,000 fell victim in some way to at least one instance of fraud, representing 5 per cent of the population aged 15 and older. Of those, 453,100 lost money, incurring a combined financial loss of $977 million. The median loss was $450.

Identity fraud accounted for 499,500 victims, with 77 per cent of these reporting fraudulent transactions on their credit or bank cards.

All victims of credit or bank card fraud incurred a financial loss: 25 per cent lost less than $100; 26 per cent lost between $101 and $500; and 3 per cent lost more than $10,000.

The remaining 23 per cent suffered identity theft, involving unauthorised use of their personal details. These people reported forged documents had been used to conduct business, open accounts or take out loans illegally in their name.

More here:

http://www.australianit.news.com.au/story/0,24897,23952995-15306,00.html

These figures seem very high I must say – but on the basis that they are close to reality one has to wonder why there is not more public concern. The impact of this level of fraud on trust of systems (be they banking systems or e-Health systems) must be significant and not helpful I fear.

Third we have:

Victoria's health software ready

Monday, June 30, 2008; Posted: 06:48 PM

Jun 30, 2008 (The Australian Financial Review - ABIX via COMTEX) -- Victoria's Department of Human Services is about to implement new software for the management of patient medical information in the state's hospitals. The rollout is part of the $A360m HealthSmart project.

More here:

http://www.tradingmarkets.com/.site/news/Stock%20News/1725320/

The full article is available here:

http://www.misaustralia.com/viewer.aspx?EDP://20080701000020849516&magsection=news-headlines-home&portal=_misnews&section=news&title=Victoria%27s+health+software+ready

This is a very optimistic read on the progress of HealthSmart. One can only hope it turns out the the adoption of the clinical solutions do actually progress rapidly. I for one am happy to watch and wait to see actually implementation and go-lives occur.

Fourth we have:

Mobile phone a 'life-saver'

Louisa Hearn
June 30, 2008

Most of us would dial triple 0 for help in a life and death situation. Now our mobiles can also issue life-saving CPR instructions thanks to a new animated download launched by the Red Cross on Sunday.

The technology, jointly developed Tasmanian company Multi-Ed Medical and mobile networking giant Ericsson, is an animated program with an audio voiceover that gives a detailed overview of steps required for CPR.

Available through any Australian mobile phone service, the animation will can be viewed on any handset capable of displaying 176 x 144 pixel video content in the 3GPP file format.

More here

http://www.smh.com.au/news/technology/mobile-phone-a-lifesaver/2008/06/29/1214677836696.html

The instructions are downloadable:

“The CPR animation costs $3 and can be purchased directly from the Red Cross website or by texting 'CPR' to 19 951 515.”

It is always good to see innovative use of new technology. I think it should be downloaded before the event – hardly would like to be texting for instructions with the collapsed patient in front of me! I am not sure availability should not be funded nationally so it is free for all those with appropriate mobiles.

Fifth we have:

Flying doctors spend $2.7m on bush health records

Suzanne Tindal, ZDNet.com.au

30 June 2008 03:57 PM

The Royal Flying Doctor Service (RFDS) has entered into a five-year AU$2.7m contract with IBA Health to create a standardised system for its electronic health records.

The new system will help the Service's health professionals with its 12,000 annual clinical appointments across regional Australia.

Clinicians will be able to remotely access a patient's medical history, including allergies, immunisation records and current medications, via the internet-based system, and update the information during check-ups.

In time, it is hoped the system will also be accessible in aircraft. The RFDS Queensland operations are already using Telstra Next G to achieve this.

Some areas the RFDS visits don't have internet access. For these places, the RFDS will work together with IBA to develop a customised system which will allow "briefcasing" of medical records — taking files that are needed on laptops and synchronising them with the system when the clinician again has an internet connection.

More here:

http://www.zdnet.com.au/news/software/soa/Flying-doctors-spend-2-7m-on-bush-health-records/0,130061733,339290194,00.htm

This looks like a very useful ‘shared record’ initiative. I hope someone has planned evaluations of the clinical impact as part of the implementation. The devil I am sure will be in the detail of which information is shared, how privacy and confidentiality is handled and so on.

A detail press release is here:

http://www.ibahealth.com/html/isoft_to_provide_emr_for_royal_flying_doctor_service.cfm

iSOFT to provide EMR for Royal Flying Doctor Service

It is interesting to note this project was an initiative of the previous Government in election mode!

Flying Doctors to access medical records

October 3, 2007 - 2:47PM

The Royal Flying Doctor Service (RFDS) will have ready access to the medical records of more than 750,000 residents in remote Australia under a new project backed by the federal government.

Communications Minister Helen Coonan said the federal government would provide $2.7 million towards the eHealth for Remote Australia project.

The project will give RFDS and other authorised health professionals mobile access to medical histories, allergy, immunisation, current medications and other health information, Senator Coonan said.

"The funding will enable health professionals from the RFDS to provide better health care for people in rural and remote Australia," Senator Coonan said.

"The RFDS will have the right information available for the right person, in the right place at the right time to enable assessment to be made during flight and preparations to be made on the ground to receive the patient."

More here

http://www.theage.com.au/news/National/Flying-Doctors-to-access-medical-records/2007/10/03/1191091175189.html

Sixth we have:

Students slice into virtual patients

Nick Miller

June 30, 2008

A WORLD-FIRST surgery simulator, invented by the CSIRO and Melbourne University, allows medical students to practice operations with unprecedented realism.

The simulator lets students "feel" bone and flesh under their virtual drill while using force-feedback pens. It also enables them to see the operation through a 3-D microscope showing a live, animated model of the anatomy they are operating on.

"There have been other computer simulators, but when it's just a mouse melting away the bone you don't feel part of it, you don't get that true connection," said Professor Stephen O'Leary, a senior surgeon at the Royal Victorian Eye and Ear Hospital, who worked to develop the machine. "This brings engagement and realism to the process."

It was also valuable, he said, to be able to stop and "rewind" an operation to show a student what went wrong. It was a great learning tool that would save time and hone the skills of Australia's trainee surgeons, he said. In the future it could even be programmed with scans from an individual patient, so a surgeon could practice before an operation.

More here:

http://www.smh.com.au/news/science/students-slice-into-virtual-patients/2008/06/29/1214677854975.html

This sounds like fantastic stuff. Good to see such expertise exists in Australia and is being used to do such important stuff. Operating on the middle-ear – which the simulator trains for – is very difficult and the chance of permanent damage is high. Maximum preparation before approaching the real patient is a very good thing.

Last we have our slightly technical note for the week:

A requiem for Windows XP

We remember the pros, and a few cons, of the most popular version of Windows to date

InfoWorld staff (InfoWorld) 02/07/2008 08:07:30

Despite an outpouring of demand -- including more than 210,000 people who signed InfoWorld's "Save XP" petition, Microsoft held firm and Monday discontinued sales of XP in most cases. So, we bid adieu to Windows XP.

Sure, any copies of XP in use will continue to run, so the venerable operating system isn't leaving us entirely. And enterprises, small businesses, and some consumers will still be able to install XP as a "downgrade" to Windows Vista Business or Ultimate. And until February 1, 2009, system builders will be able to install XP on "white box" PCs they assemble, which also ironically includes Apple Macs that are bundled with Parallels Desktop or VMware Fusion by resellers such as MacMall and CDW. Finally, low-cost, low-power desktops and laptops such as the Asus Eee PC can ship with Windows XP until 2010.

But it is the end of an era nonetheless.

In response to XP's passing, several InfoWorld editors and contributors shared their memories of XP.

More here:

http://www.computerworld.com.au/index.php?id=1065455962&eid=-255

We all resist change and I must say the transition to Vista is hardly transparent and a number of aspects of Vista are just plain annoying. However, it does do all that XP does – and more – with greater – if not perfect – safety and reliability. Sadly this is all as the cost of needing massively increased resources in terms of memory etc. A simpler, cleaner and less flashy Vista would have been more satisfactory from my perspective – so I plan to stick to the familiar XP for as long as it is supported – which is at least the next 4-5 years.

By then there will be a better Vista (whatever it is called) and a better MacOS I am sure!

More next week.

David.

Thursday, July 03, 2008

NEHTA Exposes What it Is Up To – By Accident?

The following lit up the RSS Feed this afternoon.

http://www.nehta.gov.au/index.php?option=com_docman&task=cat_view&gid=-1&Itemid=139

Privacy Blueprint released today!

The Privacy Blueprint for the Individual Electronic Health Record has been released for comment.

Excited – I went off to the site

What' New

This section only lists NEHTA's most recent publications.

To view all of NEHTA's publications, All Publications.

General

Privacy Blueprint for the Individual Electronic Health Record new!

Hits 5

Published 03/07/2008

Details & Feedback

Download

Now guess what! The document is also an explanation of the proposal for the IEHR as well as details of the Privacy Proposals.

Figures 2 and 3 of this document are invaluable in understanding just how NEHTA is thinking on the Shared EHR. This is vital stuff for discussion and review – and feedback to NEHTA!

At a quick scan it really looks to me as just the 2005 HealthConnect with an associated Personal Health Record. I wonder will the Council of Australian Government consider all this without vastly more input from all the interested stakeholders

Please go for it and review closely and comment! I will review and discuss the privacy content next week if I get a chance.

David.

Wednesday, July 02, 2008

A Useful Policy Brief on Health Information Privacy and Security.

The following appeared a few days ago.

Policy Post 14.9, June 24, 2008

A Briefing On Public Policy Issues Affecting Civil Liberties Online from The Center For Democracy and Technology

Privacy and Security Principles for Health Information Technology

(1) CDT Calls for the Adoption of a Comprehensive Privacy and Security Framework for Health Information Technology

(2) Basics Required in any Health Information Technology Policy

(3) CDT's Suggested Implementation

A lot more here:

http://www.cdt.org/publications/policyposts/2008/9

The document addresses the three areas listed above.

Most useful from a very useful document are these two sections.

First is the set of Core Privacy Principles from Markle.

Privacy and security policies should incorporate "fair information practices" (FIPs) such as those outlined in the Markle Foundation's Connecting for Health initiative:

  • Openness and Transparency: A general policy of openness should be enforced for any new developments, practices, and policies with respect to personal data. Individuals should be able to know what information exists about them, who has access to it, and where it is stored.
  • Purpose Specification and Minimization: Patients should be made aware of the purpose for data collection at the time the data are collected. The data should not be used for any other purpose without first notifying the patient.
  • Collection Limitation: Personal health information should only be collected for specified purposes and should be obtained by lawful and fair means - and where possible, with the knowledge or consent of the data subject.
  • Use Limitation: Personal data should not be disclosed, made available, or otherwise used for purposes other than those specified.
  • Individual Participation and Control: Individuals should be able to obtain from each entity that controls personal health data, information about whether or not the entity has data relating to them. As well, individuals should have the right to have the data communicated to them in a timely and reasonable manner. Finally, individuals should be able to challenge data relating to them, and have it rectified, completed, or amended.
  • Data Integrity and Quality: All personal data collected should be relevant to the purposes for which they are to be used and should be accurate, complete, and current.
  • Security Safeguards and Controls: Personal data should be protected by reasonable security safeguards against such risks as loss, unauthorized access, destruction, use, modification, or disclosure.
  • Accountability and Oversight: Entities in control of personal health data must be held accountable for implementing these information practices.
  • Remedies: Legal and financial remedies must exist to address any security breaches or privacy violations.

Second is a list of issues the US Congress (and our Government) should consider when developing a new Privacy and Security Framework.

The list includes:

  • The appropriate role for patient consent for different e-health activities.
  • The ability of consumers to have information about when, where, and how their Personal Health Information (PHI) is accessed, used, disclosed, and stored.
  • The right of individuals to view all PHI that is collected about them and be able to correct or remove data that is not timely, accurate, relevant, or complete.
  • Limits on the collection, use, disclosure, and retention of PHI.
  • Requirements with respect to data quality.
  • Reasonable security safeguards given advances in affordable security technology.
  • Use of PHI for marketing.
  • Other secondary uses (or "reuses") of health information.
  • Responsibilities of "downstream" users of PHI.
  • Accountability for complying with rules and policies governing access, use, disclosure, enforcement, and remedies for privacy violations or security breaches.
  • Uses and safeguards for de-identified information.

They then go on to make the very valid point that a ‘one size fits all’ approach to all users of health information is not good enough and that those using differing data sets should have different responsibilities and accountabilities.

All is all a useful contribution indeed!

David.

Tuesday, July 01, 2008

It is Not Clear Federal Health Minister Nicola Roxon Knows What She is Doing!

I am not sure if the readers of this blog have appreciated yet just what a fundamental change in our Primary Health Care delivery system is being proposed by the new Health Minister. While I have no strong feelings about the proposals I think it is vital they be carefully thought through.

In Australia, the UK, Canada and NZ at present primary care doctors have a very substantial ‘access control’ or gatekeeper function to the rest of the services provided by the health system (especially specialist care, investigations, non-urgent hospital care and allied health services especially). The objective of this approach is to try and ensure ant presenting clinical issue receives an appropriate clinical diagnosis and assessment before the patient is sent on for additional care. Overall the system seems to work pretty well although it is easy to identify occasions when medical involvement in accessing of care may be seen as un-necessary (e.g. physio for minor sports injuries and even –as is done overseas, the management of normal pregnancy).

However, with the gradual reduction in the number of GPs – especially outside the major metropolitan areas – clearly access to GP care for diagnosis and referral has become more difficult – and in some situations borders on the impossible.

What to do – to improve access and to reduce waiting to access care? Options include the use of more practice nurses, development of upgraded nurse practitioners, more use of midwives, train more GPs or dilution of the ‘gate-keeper’ function among others (e.g. super clinics etc).

In deciding what to do we need to be very sure we do not ‘throw the baby out with the bath water’. It is of note that, just as we are having this discussion we see in the USA there is an increasing view of the importance of that function.

AHIP Lists Medical Home Principles

The board of America’s Health Insurance Plans, the trade association for health insurers, has endorsed core principles for development of the “medical home” model, including liberal use of information technologies.

Under the medical home model, physician practices are redesigned to be more functional and workflow-friendly, and new processes are developed to focus on quality, safety and alternative reimbursement methods. The care model also calls for adoption of electronic health records, e-prescribing, clinical decision support, secure messaging and Web portal software to facilitate coordination of care among various providers.

More here:

http://www.healthdatamanagement.com/news/medical_home26529-1.html?ET=healthdatamanagement:e489:100325a:&st=email&portal=group_practices

Details of the principles can be found here:

http://www.ahip.org/content/default.aspx?bc=31|44|23691

The third paragraph makes it clear what is intended as ideal with an emphasis on holistic care delivery and a long term co-ordination of care role – supported by technology and allied health staff.

The associated press release makes the emphasis clear

“The patient-centered medical home would replace episodic care with a sustained relationship between patient and physician. This approach redesigns the care delivery model by assessing the level of illness or disease based on sound medical evidence; promoting coordination of care; and improving accountability for outcomes, patient experience, and utilization of services.

While there is current market experimentation going on to determine the appropriate structure for a medical home, the AHIP Board collaborated with other stakeholders to advance a model that focuses on the following:

  • Practice redesign so care is delivered in response to a patient’s needs and preferences;
  • Clear criteria for patient participation;
  • Adoption of health information technology to facilitate evidence-based integrated care;
  • Accountability;
  • Engaging and educating consumers and improving personal responsibility and behavior;
  • Structuring payment to align with measurable improvements; and
  • Pilot testing before moving forward with reformed payment models or practice redesign.”

Now the AHIP is not some fringe group – their tag line is “Providing Health Benefits for Over 200 Million Americans.”!

With the US having been the archetypal example of a ‘gatekeeper-less’ health system one is forced to wonder if they know something the Minister has not yet caught up with?

I am not sure what the right answer is in all this but I am sure I don’t want a system that is working quite well changed without very careful consideration of all the options – including the use of more Health IT – and I certainly don’t want change triggered because of the current stridency of the AMA. That would be very sad!

If we change all these roles and responsibilities we need to be sure it will be for the better.

David.

Monday, June 30, 2008

Could NEHTA Have Been Done Better and Cheaper?

The following article appeared last week.

HITSP works on communication, inside and out

By: Joseph Conn / HITS staff writer

Story posted: June 25, 2008 - 5:59 am EDT

The federally supported Healthcare Information Technology Standards Panel (HITSP) has come up with a plan to improve its own internal communications as well as to educate members of the broader healthcare community about its work to promote healthcare IT interoperability.

The 43-page plan was presented and accepted Monday during a meeting of the HITSP by its education, communication and outreach committee. The HITSP was created in 2005 by the American National Standards Institute under a $3.3 million contract with HHS to develop a process to select and recommend appropriate healthcare IT standards.

"The measure of our success is not just harmonizing the standards, it's actual implementation," said HITSP Chairman John Halamka in a telephone interview after the meeting. "You want all systems to be plug and play. You want e-prescribing to be universal."

To do that, Halamka said, will require educating everyone in the healthcare community about HITSP and the availability of the HITSP-vetted standards. And in doing that, "You can't overcommunicate," he said.

Work on the education, communication and outreach plan in February, said its chairman, Walter Suarez, president and chief executive officer of the Institute for HIPAA/HIT Education and Research, Alexandria, Va. According to the plan, the committee "anticipated building a multidimensional package of tools and recognizes that significant maintenance will be required to keep these resources up-to-date."

The tools will include one- and two-page fact sheets on the HITSP process and interoperability specifications, slightly longer issue briefs, lists of frequently asked questions that will be kept current and amended in response to reader input, all of which will be published online. The plan also calls for the issuing of news releases as needed and the writing of articles and, possibly, columns for industry publications. The group also contemplates creating a speakers bureau and library of PowerPoint presentations on specific topics such as the use of HITSP harmonized standards in medication management.

In addition, the plan calls for the development of various case studies of interoperability success stories presented either in print, audio or video format and maintaining "a significant presence" at industry events such as trade shows and annual meetings of member organizations.

One key order of business, the plan's authors recognized, will be overcoming the incomprehensibility of the patois of standards development organizations for many people in segments of the plan's target audience who are not IT geeks, particularly patients, government officials and healthcare organization leaders outside of IT. "The single biggest challenge is the need to translate what we do from what we call 'HITSP speak' to a description and a presentation that is simplified and is provided at a level of language that can be understood by nontechnical people," Suarez said. "If I'm a CEO, HITSP speak is not going to cut it for me. It really requires a translation from the technical world to the nontechnical audience, because the nontechnical people are the ones that make the decisions of either creating the products that are HITSP-compatible or compliant and buying those products.

More here

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20080625/REG/528301340/1029/FREE

A visit to the HITSP Web site is very worthwhile.

It can be found at www.hitsp.org

Before commenting it is sensible to provide a description of what HITSP does. To quote:

HITSP Background

In the fall of 2005, the U.S. Department of Health and Human Services' Office of the National Coordinator for Health Information Technology (ONC) awarded multiple contracts to advance President Bush's vision for widespread adoption of interoperable electronic health records (EHRs) within ten (10) years. The contracts targeted the creation of processes to harmonize standards, certify EHR applications, develop nationwide health information network prototypes and recommend necessary changes to standardized diverse security and privacy policies.

The American National Standards Institute (ANSI), in cooperation with strategic partners HIMSS, Booz Allen Hamilton, and Advanced Technology Institute, was selected to administer the standards harmonization initiative. The resulting collaborative, known as the Healthcare Information Technology Standards Panel (HITSP), brings together experts from across the healthcare community - from consumers to doctors, nurses, and hospitals; from those who develop healthcare IT products to those who use them; and from the government agencies who monitor the U.S. healthcare system to those organizations who actually write the standards.

The Panel's objectives are to:

  • serve and establish a cooperative partnership between the public and private sectors to achieve a widely accepted and useful set of standards that will enable and support widespread interoperability among healthcare software applications in a Nationwide Health Information Network for the United States.
  • harmonize relevant standards in the healthcare industry to enable and advance interoperability of healthcare applications, and the interchange of healthcare data, to assure accurate use, access, privacy and security, both for supporting the delivery of care and public health.

Most telling is this FAQ response:

“Who can join the HITSP?

The HITSP reaches across the stakeholder community and facilitates the broadest possible participation of all affected parties. Membership on the Panel is open to groups within any of four major categories: standards development organizations (SDOs), non-SDO stakeholder organizations, government bodies and consumer groups.”

Two other facts are useful to be aware of. First the HITSP has its priorities set by the American Health Information Community which is the peak HIT advisory body chaired by the equivalent of the Federal Health Minister and having a wide variety of government, industry, health informatics and consumer representation.

The membership is found here:

http://www.dhhs.gov/healthit/community/members/

It includes all sorts of heavy hitters including the Chairman of Intel and the Vice-Chairman of Wal Mart!

Second the CCHIT (often mentioned in this blog) works with HITSP to ensure products are certified to meets HITSP standards.

Now, while HITSP has not had a totally criticism free of successful run over the last three years much has been achieved and it seems that the internal mid course review will only make what is a good effort even better.

The emphasis, from the get go, on full and broad consultation and involvement makes a refreshing contrast to the situation in OZ.

HITSP is doing much of what NEHTA is doing and more in some ways. Maybe NEHTA 2 (which must come soon) could look a little more like HITSP. It could really help I think!

David.