Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Thursday, April 25, 2013

Look After Your Patient’s Electronic Health Information Effectively Or Suffer The Consequences.

The following is a draft short article for a Health Magazine - Comments welcome.
-----
It is quite clear, and very well known, that individuals who entrust their private information to clinicians and organisations have a high level of expectation regarding the protection of the privacy and security of that information. Individuals and organisations that do not meet those expectations can expect to suffer substantial reputational if not associated financial damage.
In the last few months there have been a few incidents that have served to remind both practitioners and hospitals that it is important to really careful with their patient’s private health information.
One spectacular health related recent breach was when a Queensland general practice had its patient records accessed and then encrypted by a foreign hacker and then was asked for a ransom to give back the information. It was a bad few days that followed as the practice suddenly had to revert to paper records as sadly - and incompetently - the practice lacked a recent backup of their patient data. [1] According to Medical Observer the Queensland Police were aware of 11 similar attacks on practices in 2012. [2]
On the broader front we have a recent report from the Commonwealth Privacy Commissioner indicating that there were 46 breach notifications in 2011-2012 - and this figure was reached without there being any current legislation requiring breach reporting. Organisations as large as Sony, Telstra and Dell Australia have all recently been investigated by the Commissioner for significant breaches.[3]
Usefully there has been a recent survey of  patient attitudes and expectations for health information security and privacy. I published a blog with links to reports that summarised attitudes to electronic health record security in both the US and the UK. On the safe assumption that the Australian public would have similar views we can be pretty confident that well over 80% of the population have high expectations for security of their information - especially if the information held contained details of illnesses and conditions which may result in prejudice and discrimination as a result of disclosure. [4]
With that background it is important to realise that there are a range of responsibilities that holders of health information have - noting that the same principles apply to both hospitals and office based practices. First and key they have a responsibility to ensure that health information is not accessed by those who should not have access and also that the same information is indeed accessible to those who have a genuine need for access. Second they have a responsibility to preserve the existence and integrity of the information so that the information is available when needed by an authorised individual and that it is not in any way altered or corrupted (this means that there must be regularly tested backups made of all sensitive patient information and that this must also be protected). Third there is a responsibility when information is being transferred or shared that the path by which it is shared is similarly reliable and secure (Lost backup tapes, disks and laptops where unencrypted information is found account for many of the breaches where thousands of individuals are affected).
In recent years provision of technology solutions that meet there broad principles has been made increasingly difficult by some technology trends. The first and most important is that most holdings in health information are no longer functionally isolated due to the pervasive intrusion of internet connectivity. Back when such holdings were held on standalone computers with no network connectivity securing the information was considerably simpler that it is now. It was clear where the information was held, who controlled it and access could be managed with a high degree of rigor. Further complexity has emerged in the last few years with the location of at least some information becoming very blurred as the use of ‘cloud computing’ techniques (which reduce the cost of computer processing and storage) widens and more and more information is stored in the nebulous and location non-specific cloud. Additionally with the widening use of internet enabled portable devices (phones and tablets) the locations from which information is accessed are vastly increasing in number and making information and access security that much harder. Both cloud computing and the wider deployment of mobile devices are seen as making the health information security challenge harder. [5]
If we accept that it is the responsibility of all health care providers to properly protect and secure health information from breach and unauthorised leakage then there are a few questions that then arise. I will address these in turn.
Health Information Risks.
The first is to understand how and why health information is / can be compromised. Recognising that compromise of electronic information is surprisingly common  (and causes real costs [6]) is a first step. To quote a recent article:
“According to Australia's Computer Emergency Response Team (CERT) 2012 Cyber Crime and Security Survey Report in February, 20 per cent of Australian businesses were the subject of hacking or other cyber-attacks last year.
The most serious involved the use of malicious software including ransomware and scareware, which extort payments for the return of data; trojan or rootkit malware, which lodge in the company's systems to steal information; theft or breach of confidential information; and denial-of-service (DoS) attacks.” [7]
Although detailed statistical breakdowns are not available for Australia there is considerable evidence that - other than malicious hacking as described above that many breaches are due to insider misbehaviour and stupidity (loosing unencrypted information on laptops or having passwords on Post-It Notes beside the computer) and occasionally just bad luck (couriers loosing backup tapes etc.)
In terms of information loss there is little doubt the biggie is to not have a properly developed information backup program which includes regular testing of the backup systems to ensure the backed up information is actually recoverable! Second to this is to not have a reasonably recent backup genuinely off-site to protect against theft, fire, flood and the like. It is worth noting the adequate backups is a useful defence against many woes from equipment failure to computer virus infection etc.
Compromise Prevention Best Practice.
The second is to consider what might be done by an organisation to prevent such compromise happening in the first place. Here is a list of the major points.
1. Accept that there is a ‘clear and present’ danger and risk of digital information loss, compromise or  breach.
2. Develop a plan to address risk. At the very least this plan should cover ongoing staff / user awareness and education, the regular audit of all digital assets,  policies for access and use of both fixed and mobile devices, password and other access control policies and so on.
A recent article quoted Brad  Marden,  Australian Federal Police acting manager for cyber crime operations as suggesting the following specifics for inclusion in any plan which he suggested would prevent 85% of breaches.[8]
“1. Application whitelisting
Application whitelisting helps prevent malicious software and other unauthorised programs from running. The whitelist is a list of specific applications that are permitted to run on a given system.
2. Patch, patch, patch (applications and operating systems)
Patch applications such as PDF readers, Microsoft Office, Java, Flash Player, web browsers and operating systems as soon as patches for known security holes are released.
"A lot of data breaches occur on systems that are not protected, and not up-to-date," says Sean Kopelke, director of security and compliance solutions at Symantec.
3. Passwords and privileges
Minimise the number of users with administrative privileges. Also, check the identity of visiting technicians and change passwords when they leave.
4. Develop information policies
You should treat information in the same way on each platform or device, says Kopelke. "It sounds simple, but implement policies around securing information, not the devices. It is irrelevant where information is stored; the policy on how it is protected should be the same."
5. Educate staff
Often the weakest security link is the human link. Educate staff about how to handle confidential information. Teach them how to assess whether someone who rings asking for information is legitimate and to suspect all emails, links and attachments.
6. Rethink social media
The AFP goes a step further and recommends implementing policies banning employees from accessing social media sites at work, as these sites can allow malware to infiltrate company systems. Many security companies, however, recommend mitigating this risk with specialist applications and security modules to accommodate social media in the workplace.
7. Report
As far as security breaches go, Marden finds it strange that organisations don't report cyber compromises, but they do report burglaries. Australia does not have mandatory breach disclosure laws as is the case in the US.”

Not mentioned here - but also certainly worth considering is the issue of Data Breach Insurance which is increasingly available and makes some sense if handling sensitive information.
Legislative and Ethical Requirements.
The third is to understand clearly just what is required by best practice and legislation.
As indicated above there is a clear expectation on behalf of the public that their health information will be kept both secure and private. In response to the public requirement for information privacy - with respect to all sorts of personal information (financial, health etc.) there has been a range of legislation passed over the years.
At the time of writing Australian legislation is in a state of flux with some major changes to the foundational Commonwealth Privacy Act (1998) having been passed last year (2012) and legislated to comes into effect in March 2014.[7] The modifications harmonise the Privacy Principles, widen the scope of organisations covered by the act, change a range of credit reporting laws and also toughens the enforcement regime.
There is a dedicated web page covering the changes which can be found here:
The biggest change that is relevant to the health sector is the change from the National Privacy Principles to a new set of unified Australian Privacy Principles (APP) which happens in March 2014. Health Information Privacy being a little different there are some specific use cases defined where health information can appropriately be collected, used and disclosed. All those involved in handling health information (in any form both paper and electronic) would be well advised to review present and future obligations. The general web site is found here:
The Commonwealth Privacy Commissioner (who is a key part of the Office of the Australian Information Commissioner (OAIC) also has a role in the administration and enforcement of the special legislation which was developed to cover the privacy aspects of the Health Identifier Service and the Personally Controlled Electronic Health Record (PCEHR) where there are some quite strict rules for breaches and significant penalties available.
Sadly, of recent time there would appear to have been major staff losses within the Office of the Privacy Commissioner so there are some doubts as to just how effective the enforcement regime will be going forward.
The ethical situation when handling sensitive private information …..
Information Sources.
Lastly it is important for organisations to know where  help be sourced?
The key resource provided by Government to manage cyber-attacks and infiltration is, at present, CERT (Computer Emergency Response Team)  Australia. They provide a useful web site here:
In due course CERT Australia is to become part of an expanded Australian Cyber Security Centre which was announced by the Prime Minister in January 2013. [9]
There is guidance available on how information compromise and leakage should be addressed found at this link - which is part of the Office of the Australian Information Commissioner.
Additional information which might assist smaller organisations in preparation and prevention of issues related to information security (especially medical practices)  is available from the Royal Australian College of General Practice (RACGP) web site. The following link provides a very useful set of freely available resources:
These three sites will provide a useful start for any organisation wishing to assess their current and desirable future state in securing the sensitive information they hold.
In summary patients expect their private health information to be managed securely and appropriately in the context of current and future legislative privacy and information protection requirements. To not pay proper attention to these issues invites both reputational and financial damage - to say nothing of the potential damage to patients.
Finally, this headline from Wired Magazine puts the risk in clear perspective - it is not a matter of if but when!

World’s Health Data Patiently Awaits Inevitable Hack

See here for the article.
The next step is yours!
References.
-----
David.

Wednesday, April 24, 2013

ANZAC Day Holiday - 2013

There will be no post tomorrow in honour of ANZAC Day.

Lest We Forget.

Back on Friday.

David

AusHealthIT Poll Number 164 – Results – 24th April, 2013.

The question was:

Who Do You Think The NEHRS / PCEHR Program Is Aimed At Benefiting Most Through Providing A Government Operated National Patient Information Repository?

Patients 11% (5)
Clinicians 0% (0)
Government 61% (28)
None Of The Above 22% (10)
I Have No Idea 7% (3)
Total votes: 46
Looks like about 60+% feel this is really a government focussed and not clinician or patient focussed project.
I would love to hear from those who said none of the above as to what their answer was?
Again, many thanks to those that voted!
David.

Tuesday, April 23, 2013

It Looks Like The DoHA CIO Is Confirming The View Of Recent Poll Responders Regarding the Value Of the PCEHR.

The following appeared a little while ago.

Govt unlikely to meet e-health sign-up target

Data already delivering insights.

The Government will likely struggle to meet its target of 500,000 registrants for the personally controlled electronic health record (PCEHR) by June, after it was revealed only 109,000 Australians had registered in the last nine months. 
The system, launched last July, has been plagued with issues, including with its online registration system and availability for general practitioners.
Speaking today at a conference on big data in health, Department of Health & Ageing chief information and knowledge officer Paul Madden encouraged attendees to sign up to the program.
He said the $628 million e-health records project had the ability to change the game for health, with significant flow-through data from the records already being gathered.
So far, Madden said, the e-health records of the 109,000 people already registered had delivered 5.4 million Medicare records, 2.9 million pharmaceutical benefits claims, 16,600 immunisation registrations for children over the age of seven, and 23,000 organ donor records.
Only two hospitals are currently uploading discharge summaries to the system. All public hospitals were expected to be doing so by July, Madden said.
More here:
Mr Madden seemed to confirm my view as to what the NEHRS was actually for (Administrative and Departmental Purposes) with the comment that “significant flow-through data from the records already being gathered.”
Interestingly he suggested all public hospitals will be uploading discharge summaries to the NEHRS by July  (without specifying a year). I wonder to all those hospitals know they will be doing this in only a little over two months’ time. Equally I wonder what steps have been taken to have the data quality of these summaries improve beyond the state of those typically produced by interns and what will happen in those public hospitals who do not have full time resident staff.
I look forward to being proven wrong but I preserve some healthy scepticism on that specific claim!
David.

Monday, April 22, 2013

Weekly Australian Health IT Links – 22nd April, 2013.

Here are a few I have come across the last week or so.
Note: Each link is followed by a title and a few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.

General Comment

Quite an interesting week with news that a company called IMS is paying pharmacists to provide information from their computers on the prescribing habits of GPs in order to market more effectively to them. This is wrong at just so many levels it is really rotten!
Other than that we have all the old favourites (Qld Health, ePIP, PCEHR and so on) with the odd new slant.
One health issue that may have slipped under the radar is the relatively imminent (June 30) change in the funding model of hospitals that relies on a level of IT that is probably not in place. This might result in another pretty big mess blowing up before the election.

Activity-based health funding stoush brewing in Liberal states

Joanna Heath

Liberal-led states are heading for a fresh stoush with the federal government on public hospitals as new statistics show funding from state governments far outstripping Canberra’s contributions.

The National Partnership Agreement on Hospital and Health Workforce Reform, struck in 2008 to assist states and territories in the transition to former Prime Minister Kevin Rudd’s National Health Reform Agreement, is due to expire on June 30 .

The $1.4 billion funding deal will be replaced with an activity-based health funding system, where federal funds are allocated on the basis of demand. Federal Health Minister Tanya Plibersek has said the earlier deal was a one-off and will not be renewed.

A report released by the Australian Institute of Health and Welfare on ­Friday showed state governments provided 52 per cent of funding for public hospitals in 2010-11, compared to 37 per cent from the federal government. The proportion of federal government funding has fallen since 2008-9 .

-----
Definitely one to keep an eye on.
-----

Govt unlikely to meet e-health sign-up target

Data already delivering insights.

The Government will likely struggle to meet its target of 500,000 registrants for the personally controlled electronic health record (PCEHR) by June, after it was revealed only 109,000 Australians had registered in the last nine months. 
The system, launched last July, has been plagued with issues, including with its online registration system and availability for general practitioners.
Speaking today at a conference on big data in health, Department of Health & Ageing chief information and knowledge officer Paul Madden encouraged attendees to sign up to the program.
-----

75% Medical Director customers have upgraded and are eligible for the PCEHR

More than 75% Medical Director Customers have upgraded and are eligible for the PCEHR ePIP incentive due on the 1st of May 2013.
“As part of the government’s ePIP incentives program, practices stand to receive up to $50,000 per practice. The final requirement which is due on the 1st of May 2013 means practices must use a compliant software (version) for accessing the PCEHR and creating and posting Shared Health Summaries  (and when available Event Summaries) and apply to participate in the eHealth system by applying for a HPI-O.
-----

Doctor-shoppers adopting new scams

12 April, 2013 Kate Cowling
Doctor-shoppers are faking hospital discharge summaries and enlisting friends to impersonate GPs in desperate attempts to secure opioids, a prominent GP warns.
The faked summaries are “very good quality” and barely differ from a real discharge letter, according to Medicare Local chair and Sydney GP Dr Harry Nespolon, who raised the alarm last week.
He said the letters, sometimes written on hospital stationary, had replaced prescriptions as scammers’ method of choice, particularly since computerised scripts have made replication difficult.
-----

Pharmacists slammed for selling script data

18 April, 2013 Antonio Bradley
Pharmacists are selling doctors' names, contact details and prescribing histories to a business that sources marketing data for pharmaceutical companies.
The news has emerged as doctors across Australia begin receiving letters from IMS Health, announcing the launch of a new service where it passes on prescribing data to "clients", including pharmaceutical companies.
The RACGP is so concerned that it is seeking advice on whether the practice is legal.
A copy of the letter obtained by Australian Doctor states: "IMS has contractual arrangements in place with pharmacies for the transfer to IMS from the pharmacies of certain information, including potentially data about you.
This information is collected by the pharmacies in the course of fulfilling patient prescriptions."
-----

Data selling poses ethical questions

19 April, 2013 Nick O'Donoghue  
Pharmacists are being urged to remember their obligations under the Privacy Act and the PSA’s Code of Ethics following reports that some are selling data relating GP prescribing patterns.
Grant Kardachi, PSA national president, expressed concerns that pharmacists could fall foul of the law by providing information to IMS Health for a new service passing on prescribing data to "clients", including pharmaceutical companies, as reported by Pharmacy News.
“At PSA we are concerned that passing on any data would breach Australian Privacy Laws as well as breaching our Code of Ethics,” he said.
-----

Pharmacists under fire for selling doctors' details

Date April 20, 2013

Amy Corderoy

Health Editor, Sydney Morning Herald

Pharmacists are selling information about doctors' prescribing habits and their contact details to private companies, in a potential breach of ethical standards health experts say puts patients at risk.
Doctors and consumer groups have condemned the sale of information about prescribing patterns, saying it could be used by drug companies to inappropriately influence the drugs given to patients.
Pharmacy Board of Australia chairman Stephen Marty said the board's code of conduct said patients and clients had a right to expect information about them would be held in confidence.
-----
Looks like the NEHTA @eHealthAus budget didn't cover the tour bus in the end
(Fun Picture)
-----

Patient engagement and the PCEHR, have we got the balance right?

Imagine you have brought your car to a workshop for a service. It’s an innovative workshop, so when the mechanic is finished with your car, he uploads the service information to a customer-friendly cloud system which you can access via your computer or mobile device. So far so good.
But… in this system customers are also able to shield entries off. Let’s say you don’t want a certain repair on your file because it was the result of an accident, so you make it invisible for anyone else but you. As a result, the next mechanic who works on your car is unaware that he’s missing information, and may do unnecessary work or worse, make mistakes.
-----

Payroll staff face axe

Date April 19, 2013 - 12:01AM

Bridie Jabour

Almost 150 Queensland Health payroll staff positions have been cut this financial year and the voluntary redundancies could continue until hundreds more are gone.
Almost 100 full time equivalent positions were cut from the health payroll offices across the state before Christmas and 40.67 full-time equivalent positions will go by June 30 in a round of voluntary redundancies.
The latest round of cuts will reduce Queensland Health payroll staff to 832 full-time equivalent positions, with Health Minister Lawrence Springborg blaming the size on the raft of staff who had to be hired to handle the bungled IT system.
-----

Royal District Nursing Service picks up international Outstanding ‘ICT’ Innovation award

Today in Singapore, executives from the RDNS (Royal District Nursing Service) accepted the "Outstanding ICT Innovation" award in front of 300 international delegates to the 4th Ageing Asia Investment Forum.
The award recognised the RDNS telehealth project, which allows a community nurse to make a ‘virtual visit’ to a patient at home via a video hookup to supervise medication, check some vital signs such as blood pressure and do a visual health check.
-----

Public seeks privacy in gov's big data strategy

Final big data paper coming in June or July
Australia’s national big data strategy should have “privacy by design” as a guiding principle, according to comments received by the Australian Government Information Management Office (AGIMO).
AGIMO just closed its three-week consultation period to collect feedback from industry and the public on a big data issues paper released last month. AGIMO is reviewing the comments and plans to release a final big data strategy in June or July this year.
“The overwhelming majority of the responses were positive and constructive,” AGIMO wrote in a blog post. “This input is now being carefully considered and will guide the development of a Big Data Strategy.”
-----
16 April 2013, 1.40pm AEST

Who’s afraid of the bad, big data? You might want to read this

Rob Livingstone
Fellow of the Faculty of Engineering and Information Technology at University of Technology, Sydney
Privacy and technology go together like music and dance: it’s only when both work well together that the magic happens. But what about privacy in the age of big data, an era in which your every move has been recorded somewhere in the digital world through your electronic transactions?
Does the fact we’re churning out ever greater volumes of data mean we are safe, by virtue of pack anonymity, or are we at risk of serious violations of the individual’s privacy rights?
Your personal digital footprint – that indelible record of your every interaction in the electronic world – is just a tiny drop in the ever increasing sea of global data.
-----

Twitter could improve your health

16th Apr 2013
IT’S usually considered the bane of workplace productivity but Twitter may have genuine preventive health benefits when it comes to heart disease, a Sydney University study has found.
The study of 15 health-focused Twitter accounts, nine professional organisations and six medical journals found that, through their “inherent networking” reach, social media sites such as Twitter could enhance education, awareness and overall management of cardiovascular disease.
“The popularity and rise of Twitter has made it a readily available, free, and user-friendly tool to disseminate information rapidly to a diverse audience, for example, to engage health professionals and heart attack survivors," the paper’s lead author Sydney University Associate Professor Julie Redfern said.
-----

Twitter’s health potential revealed: study

16 April, 2013 AAP
Twitter could be the future of heart disease prevention programs, according to a new Australian study.
The fast and far-reaching way that information spreads through the social network has the potential to save lives through education about the illness, researchers at the University of Sydney have concluded.
Their study examined the activity of 15 health-focused Twitter accounts, which together covered more than one million followers, nine professional organisations and six medical journals.
-----

Michael Georgeff & Stan Goldstein: Vital connections

THE basic structures through which health care is delivered in Australia are much the same now as they were in the 1970s.
Yet, over the same period, the health care burden has shifted massively from acute conditions requiring rescue care to long-term chronic conditions requiring preventive and longitudinal care. The sustainability of the health care system is under strain from an ageing population with a health workforce struggling to meet the growing demand.
The health care system cannot continue in this form. Greater, more effective collaboration among teams of health care providers and their patients has been promoted as key to its survival.
-----

NEHTA continues to drive Supply Chain uptake

19 April 2013. With almost 300,000 uniquely identified products on NEHTA's National Product Catalogue, the next stage toward eProcurement is increasing the use of unique identifiers of locations in the supply chain.
The importance of expanding the network of Global Location Numbers to all suppliers and buyers in healthcare is critical for providing the tools to ensure delivery of the right products to the right client at the right time to the right place and for the right price. This ensures that all parties have the ability to benefit from efficiencies, cost savings and enhanced productivity and in turn continuity of care to their clients. To help achieve this NEHTA has released its Global Location Number Uptake Strategy.
NEHTA is also working closely with the small to medium enterprise (SME) market to drive supply chain uptake.
-----

New Message Implementation Guidelines for healthcare supply chain

15 April 2013. The NEHTA eProcurement Solution is a standards based national approach for business-to-business (BRB) electronic trading across Australian healthcare organisations.
NEHTA has developed a standardised set of eProcurement messages leveraging both GS1’s global eMessaging standard GS1 XML and the Australian Standard AS 5023.
-----

Vibrating fork fights the battle of the bulge

18th Apr 2013
AAP  
AN ELECTRONIC fork that vibrates when you eat too fast has gone on sale in the US, with its French inventors claiming it can help combat obesity and digestive issues.
Those who contribute at least $86 on the crowd funding website Kickstarter will get a HAPIfork, which comes in blue, green and pink, ahead of its planned general release to consumers in the US and Europe later this year.
"While our product is still a prototype, we're thrilled by the global response so far," said Fabrice Boutain, founder of the product's California-based developer HAPILABS, in a statement.
-----

Secure healthcare analytics in the cloud

Summary: If you want a quick, deep briefing on secure healthcare analytics in the cloud, you probably can't do better than this.
By Denise Amrich for ZDNet Health | April 18, 2013 -- 14:56 GMT (00:56 AEST)
As the IT industry moves more and more resources into the cloud, one of the fastest-growing segments of IT — healthcare — will likely take advantage of the rapidly scalable, metered capabilities that the cloud offers.
While all IT operations are concerned with security, healthcare has particular security requirements as governed by the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH). Recent rulings have also extended medical security responsibilities beyond just the healthcare providers to those business partners who provide services to healthcare providers.
-----

Wristband taking pulse of what's Up in daily life

AWBONE is having a second crack at producing a hi-tech wearable wristband that monitors movement and sleep, and helps a user meet predefined health goals.
The first wristband in 2011, while innovative, was a disaster. Bracelets bricked and there were reported incidents of batteries failing to recharge. It led to recalls and Jawbone returned to the drawing board.
Now Jawbone has upped-the-ante with version 2 of the Up, with a water-resistant wristband I have been trialling -- even showering with -- without technical glitches so far.
The revamped Up goes on sale here late this month in three sizes and eight colours -- four colours will be available initially. But now it has to compete with rival devices such as the Fitbit Ultra, Nike+ FuelBand, and Basis Fitness Watch. It's a crowded market compared to 2011.
-----

Seven top cyber safety measures for business

Date April 17, 2013 - 9:28AM

Cynthia Karena

One in five Australian businesses suffered an electronic breach or cyber attack in 2012. Most report an average of two attacks a year. Companies put their own ability to effectively secure their organisation at 4.5 out of 10. Australia is now 21st in the most attacked nations list, up from 24th.
Statistics on the lack of business cyber security and increase in cyber attacks abound. It's no wonder experts continue to warn that poor security practices can compromise company finances and put commercial and customer information in the wrong hands.
According to Australia's Computer Emergency Response Team (CERT) 2012 Cyber Crime and Security Survey Report in February, 20 per cent of Australian businesses were the subject of hacking or other cyber-attacks last year.
-----

Datix partners with PowerHealth to meet growing demand for patient safety in Australia and New Zealand

Wednesday 10 April 2013
Datix has partnered with Australian software vendor PowerHealth Solutions to distribute patient safety software in Australia and New Zealand, to meet the growing demand for patient safety in this region. 
Healthcare is a high-risk industry with 1 in 10 hospital patients in developed countries being unintentionally harmed while receiving care*. The Datix patient safety system enables hospitals to understand their organisational risk by integrating and analysing information from key information systems. Armed with this information, hospitals can identify and take action on specific priorities such as infection control, safe surgery, and healthcare waste management.
-----

Sub-atomic computer bit a quantum leap

SYDNEY scientists have developed a "manufacturable" building block for a quantum computer, suggesting computers of incomprehensible power could be a decade or so away.
The new ‘qubit’ – the quantum equivalent of a conventional computing bit – is encased in a silicon chip. This gives it a massive advantage over rival technologies, which are contained in vacuum chambers.
Nature abhors a vacuum but manufacturers love silicon, which is used ubiquitously in computers and mobile phones and has 60 years and trillions of dollars of investment behind it.
-----

Google Glass tech specs revealed

Date April 17, 2013
  • About one day of battery life
  • 16 GB of usable storage
  • 5-megapixel camera, 720p HD video
Google has released technical specifications for its wearable computing device, Google Glass, and will begin shipping early editions of the smartglasses to app developers this week.
I always thought I'd be typing for the rest of my life. 
Eric Schmidt, Google chairman
Google, which is planning to step up its challenge to Apple and other smartphone makers, said Glass devices will feature about a day of battery life and an HD display "the equivalent of a 25-inch high definition screen from eight feet away".
-----

Scientists discover three Goldilocks planets

Date April 20, 2013

Los Angeles

NASA scientists said the Kepler mission had confirmed finding three planets, slightly larger than Earth, orbiting in their stars' so-called habitable zones - the ''Goldilocks'' region where temperatures are not too hot and not too cold.
Researchers don't know for sure but the planets' sizes and proximity to their stars mean that they could be rocky and could have liquid water - two attributes thought necessary for a planet to harbour life.
What is certain, the scientists said during a news conference on Thursday, is that the discoveries mark yet another step forward in the space agency's quest to find an Earth-size planet in a star's habitable zone.
-----
Enjoy!
David.

TV Program Alert - Health Minister and Shadow On ABC1 Q & A Tonight.

Q & A  (ABC1 Tonight (22/04/2013) at 9.35 pm and on iView).
Health Debate: The show has both Tanya Plibersek, Minister for Health and Peter Dutton, Shadow Minister for Health debating the issues.
It is understood that Peter Dutton would be the new Health Minister should there be a change of government in September. 
Go to http://www.abc.net.au/tv/qanda/  to put your question if you wish.

A few good ones on e-Health would be fun!
Enjoy!
David.

Sunday, April 21, 2013

Here Is An Example Of Just How Messed Up E-Health Governance And Standards Setting Actually Is In Australia. Heaven Help Us.

The following e-mail was widely circulated among the Australian Health IT Standards Community  last week. (Note ETP stands for Electronic Transfer of Prescriptions and ATS Australian Technical Standard)
From: Vincent McCauley
Sent: Thursday, April 18, 2013 5:59 AM
To - IT-14 Participating Members and Others
Subject: RE: Electronic Transfer of Prescriptions ATSs - IHE Australia votes NO to publication - objections and reasons follow
Dear IT14 Members,
We have been asked to approve the ETP ATS X 6 specifications with one week notice.
For the majority of IT14 members who have not seen these documents previously, that involves review of more than 1200 pages developed over 2 years.
This is unreasonable haste especially given that ETP is a high risk eHealth area and that the ATS's do not directly leverage existing implementations or international work.
To help assess this request for publication the following may be useful.
1. Has the process and does the specification comply with Australian International standards obligations and good standards practice?
Australia is a signatory to the World Trade Organisation Technical Barriers to Trade agreement – see:
The following extracts are relevant to Standards development and the current conduct of Standards Australia with respect to IT14 and IT14-6-4:
“Government officials of parties to the dispute shall not serve on a technical expert group. Members of technical expert groups shall serve in their individual capacities and not as government representatives, nor as representatives of any organization. Governments or organizations shall therefore not give them instructions with regard to matters before a technical expert group.”
This requirement was regularly not observed by NeHTA, DoHA and DHS/Medicare officers at the IT14-6-4 ETP meetings.
Government officials overrode consensus technical positions on the basis of "policy". This issue was raised by the committee and Chair with the Standards Australia management but resulted in no action.
“Members shall ensure that technical regulations are not prepared, adopted or applied with a view to or with the effect of creating unnecessary obstacles to international trade.”
Adoption of the proposed ETP specification will mean that standards based ETP products developed in the majority of the world will not be able to be used in Australia
“Where technical regulations are required and relevant international standards exist or their completion is imminent, Members shall use them, or the relevant parts of them, as a basis for their technical regulations except when such international standards or relevant parts would be an ineffective or inappropriate means for the fulfilment of the legitimate objectives pursued, for instance because of fundamental climatic or geographical factors or fundamental technological problems.”
The Co-chair of IT14-6-4 has regularly participated for some years in the IHE Pharmacy committee, made excellent contributions and the IHE ETP content specifications have subsequently incorporated Australian requirements. The IHE CDA documents for prescription and dispense are mature international standards first published by IHE International in 2010. These specifications and the associated exchange mechanism, have been widely implemented. IHE is a full International Standards Development Organisation, member of the Standards JIC and liaison A member of ISO TC215.
Despite requests by IT14-6-4, no documentation has been provided describing why the international standard could not be adopted or at worst, adapted.
“With a view to harmonizing technical regulations on as wide a basis as possible, Members shall play a full part, within the limits of their resources, in the preparation by appropriate international standardizing bodies of international standards for products for which they either have adopted, or expect to adopt, technical regulations”
Australia has fulfilled this obligation but this resource commitment over a considerable time will be discarded by continuing with a local specification rather than adopting an international one. It calls into question the rationale for international standards development participation.
2. The IT14-6-4 committee spent considerable time preparing an impact statement which highlighted a number of serious issues with these specifications. The issues raised remain unaddressed.
This impact statement should be provided to IT14 to aid in considering whether the impact of these ATS's will result in net benefit which is a requirement for any new Standards Australia publication.
3. Is it safe?
The IT14-6-4 committee requested a clinical safety report from NeHTA but this has not been provided.
Is any information on test implementations available?
3. Is it necessary?
No justification for this work was provided in the initial project proposal statement provided by NeHTA.
Most sections of this mandatory documentation in the SA standards development process were blank.
The project proposal statement was not seen by the Committee for many months and when provided led to the Committee's work on a full impact statement.
The current ETP infrastructure is well-proven and now provides all significant functionality that was used as the justification for a new standards specification.
The impact statement discusses this in detail and was intended by the IT14-6-4 committee to be made available to IT14.
4. Is it competitive with other standards?
There is an existing HL7 V2 Australian Standard for ETP which has been implemented as part of the current ETP infrastructure.
There is an existing IHE ETP standard which would operate with our national PCEHR architecture and has been implemented across Europe.
5. Is it aligned with other similar National specifications?
The specification for both content and transport is different to that in the MEDView project which is to become the national medication repository.
The content is also different to the CDA dispense document being developed for upload to the PCEHR.
A motion in IT14-6-4 to separate content and transport/storage specifications was not permitted to be voted on by the technical Committee.
These issues require discussion and answers.
Given the timeframe allowed for consideration, IHE Australia will vote "Objection" until such time as further information and documentation is provided and an appropriate discussion forum takes place to consider process and other issues with this critical set of ATSs.
Regards
Vince
Dr Vincent McCauley
Chair, IHE Australia
Member IT14-6-4
----- End E-Mail.
That someone of the proven capacity and competence of Dr McCauley feels it necessary to “object” in such clear terms to both the process and content of a draft ATS to me reflects a wider problem. That is that there are simply utterly inadequate governance processes for the leadership and rational development of e-Health in Australia.
Let me be utterly clear in saying that until this broad issue is properly resolved we are going to see more and more a failure to achieve the objectives e-Health sets for itself.
Anyone who has been involved in e-Health in the last few years will be aware of the attempts by NEHTA and DoHA to railroad and subvert the consensus model of E-Health Standards setting with ‘Tiger Teams’ , committee stacking and the like and the effects that has had on the morale and commitment of the volunteers who contribute to what used to be working process. Ultimately this has led to a good number of valuable members being sidelined or just giving up in disgust.
This e-mail is just the tip of a festering governance iceberg and a boil which needs lancing. Without some real efforts restore / initiate proper governance  and to re-empower the Standards Australia volunteers and put the clinical and technical experts back in charge (rather than the politically driven bureaucrats) of our Standards processes I predict little real progress for the foreseeable future.
David.