Quote Of The Year

Timeless Quotes - Sadly The Late Paul Shetler - "Its not Your Health Record it's a Government Record Of Your Health Information"

or

H. L. Mencken - "For every complex problem there is an answer that is clear, simple, and wrong."

Tuesday, January 30, 2007

Have you Noticed Your Control of Your Personal Private Information is Vanishing?

In this article I am going to suggest that the race to maximise Government intrusion in citizens lives is presently being comprehensively won by the UK (with its multi-biometric compulsory national ID Card). Even worse, in the last day or so we learn from e-Health Insider that the UK Government wants to move to link many of its databases to simplify administration and reduce errors – to ensure not a single move you make goes unrecorded!.

The US is presently managing to come second in my view with the vagaries of the US Health Insurance Portability and Accountability Act (HIPAA) permitting large amounts of identified health information to move between service providers and payers with essentially no control on the part of the individual, almost daily leaks of identified information on the web or from mislaid lap-top computers and recently discovered privacy invasions such as warrantless wiretaps and covert house searches on the basis of perceived protection of “National Security”.

Sadly, however, we also now have our own Governments working out how best it can catch up and minimise the number of barriers that exist to a complete individually detailed dossier being built on all of us.

In previous articles I have made the point that it seems to me that unless citizens are certain private health and, possibly more important, genetic information can be safely confided to healthcare providers, with essentially no risk of disclosure, virtually all efforts in the e-health domain will be put at risk. Simply put citizens will not confide in organisations and individuals they do not feel they can trust.

The lack of trust that exists in the community has been made clear by two recent events.

On January 21, 2007 the Australian Privacy Foundation announced the 2006 Orwells which are awarded for the worst privacy intrusions of the year. The awards went to the following – as reported in their press release:

“The ‘Orwells’ as they are known around the world after the author of ‘1984’, have been awarded for privacy intrusions including:

electronic health records without consent, leading BBA judge Dr Roger Magnusson to warn that “[this] could threaten public trust in what could be an immensely valuable tool for improving both individual and population health"

• negligent disclosure of international financial transactions to US authorities

• the ‘access card’ – in reality a national identity card

• a business that uses GPS units to track junk mail deliverers

‘reverse search’ phone directories, outflanking their supposed prohibition

• insensitive collection of sexual health data in a university research study

• federal legislation that turns thousands of private sector employees into government snoops

• call centre nurses interrogating employees about sick leave


Commenting on the overall awards, BBA judge Laura Sigal said “The more our information is available to the prying eyes of government and corporate interests, the less freedom we enjoy."

It is of note that violations in the Health Sector featured so prominently and that the first listed (HealtheLink) was noted as having just the risk I have identified in earlier blog articles.

The second event has been the release of an initial batch of comments regarding the exposure draft of the Human Services (Enhanced Service Delivery) Bill 2007 just a few days ago. The Office of Access Card received over 120 submissions responding to the draft bill.

It is interesting that the Access Card was nominated for the People’s Choice Award Orwell.

Big Brother Award judge Dean Wilson felt this well-deserved for the: “relentless campaign of disinformation and doublespeak surrounding the Access Card project.”

On the basis of the submissions made so far it would seem the campaign has not satisfied the concerns of virtually all interest groups, except those with something to sell to Government.

Among those who offered many criticisms were all the ‘usual suspects’ who have had long standing concerns about the whole project (The Privacy Foundation, EFA etc) but also some much less aligned entities such as the AMA, the Privacy Taskforce set up by the Access Card program and even the Office of the Commonwealth Privacy Commissioner (OCPC).

Among the major concerns raised were (besides the near universal condemnation of having a truncated consultation period over the Christmas / New Year period):

1. The drafting of the Bill has left a lot of important, highly privacy sensitive issues, up to the discretion of the bureaucrats without providing firm legislative direction as to how things are to be done.

2. The Bill says the citizen owns the physical Access Card but the Data held is owned by the Commonwealth. It is totally unclear just how anyone is assisted by that.

3. The fact that Medicare payments require use of the Access Card meant that for all practical purposes virtually everyone would need a card and that it really is a de-facto National ID Card.

4. The lack of strength in the wording of the draft Bill that the card was not to be an ID Card. As it stands it says “It is not an object of this Act that access cards be used as national identity cards”, rather than something like “It is an object of this Act to ensure that the Access Card is not used as and does not become a national identity card.”

5. The apparently expanding (and unannounced until now) amount of information to be displayed on the front of the card (title, Date of Birth, Place of Birth etc) which is turning it more and more into an ID Card.

6. The lack of appeal mechanisms from Government decisions in a number of areas.

7. The apparent inability of citizens to block access to address information to protect themselves from harassment, stalking, attack and so on.

8. The apparent liability of a clinician who asks whether they can have your Access Card to access your (voluntary) health information to huge fines and gaol.

9. An apparent lack of clarity on the retention policy regarding identity documents which are provided to achieve registration. Not deleting them would create an unprecedented database on most of Australia’s citizens which has not existed previously.

10. Apparent conflict between the Draft Bill and current practice as to what age an Access Card can be issued to an individual.

11. Total failure to appreciate delivery of services that are to be reimbursed but which need to be provided anonymously (e.g STD services, HIV Testing etc) for the protection of the individuals privacy and to ensure treatment is sought.

There are obviously many more details that could be discussed but from this list it is clear to me that the proposed legislation is deeply flawed and needs to be re-thought based on a much narrower expectation of what the card is to do (i.e. provide access to services) and not what it may morph into unless more clearly defined (i.e. a National ID Card).

All these issues are, of course, separate from the concerns of those who fear all this numbering and identifying the Australian citizenry is simply an unwarranted and dangerous intrusion into individual’s rights to personal privacy and autonomy. We in Australia are ever so lucky to have both the Access Card Project and NEHTA busily working away to allocate us all a range of apparently un-co-ordinated identifiers! Frankly it is a farce.

It seems to me the concerns of entities such as the OCPC, the AMA and the Access Card Privacy Task Force should be taken exceptionally seriously and if they are not fully addressed by alterations to the proposed Bill the public should be more than a little concerned.

Without being apocalyptic about it there is a real sense that some core Australian freedoms are under threat with this present draft. There is also a real risk that the vulnerable and the infirm will fall through the cracks and suffer disproportionately if all their possible problems are not fully and sensitively addressed.

David.

Sunday, January 28, 2007

Archetypes, Standards and All That Jazz – Part 2.

Well it has been an interesting week since I published my short article on archetypes. Sadly the conversation has gone on in a number of places (for quite sensible reasons) but it is hard to form an overview – much less try to distil what I have learnt and heard from all the discussion.

Before reading further I suggest those interested visit the openEHR site and review the “aus health it” thread, starting at the 21 January, 2007 entry. It can be found at:
http://www.openehr.org/advice/openehr-clinical/maillist.html

Initially, for some reason my e-mail is deferred and then rejected at the site (since I am not a registered member) so following some of the conversation can be a little difficult.

The following points summarise my conclusions on all this and the more general Health environment. They are based on private e-mails, the list above and the blog content and comments.

For some reason the topic is quite a 'hot button'. Despite that, all I am really saying is that I believe there are sufficient uncertainties regarding the successful deployment of archetypes to mean more work is required before ISO ballots and standardisation are undertaken. I must say I did not expect the idea to be quite so controversial (the article received four times the usual number of page views in less than two days).

1. Despite concerns regarding interoperability and so on, there is no doubt that there exist a number of commercial providers who offer very usable hospital and ambulatory care systems. In the hospital arena one only needs to think of EPIC, Cerner, McKesson, MiSys, IBA Health and a range of others. In the ambulatory care environment the Certification Commission for Healthcare Information Technology (CCHIT) (www.cchit.org) has certified a range of Ambulatory Systems (over 30 at last count) ensuring quite rich functionality is also available in that sector. This, when combined with experience in Australia, the UK and Scandinavia, makes it quite clear some reasonable level of ambulatory practice automation is more than feasible.

Incrementally more difficult certification criteria, year on year, as applied in the US, will ensure both functionality and interoperability improve over time for both ambulatory and hospital systems. The very recent announcements from Healthcare Information Technology Standards Panel (HITSP) (www.ansi.org/hitsp), as well as the January 2007 IHE Connectathon, only confirms a quite rapid march towards both improving functionality as well as practical, standards based interoperability.

The problem is not that these systems do not work to improve both safety and efficiency but that as yet they are not widely implemented. This bears repeating, the problem is not system capability but the level of deployment.

2. There have been very considerable successes achieved in the Health Sector with messaging technologies including EDIFACT and HL7 V2.x. To date – in the messaging arena - HL7 V3.0 and EN13606 are still in the process of development and tools and implementations are by no means common.

I do not believe standardisation is appropriate for these and other development technologies at this time and feel the Draft Standard for Trial Use (DSTU) approach is preferable by far, until such time as proven, demonstrable, properly scaled, implementations are available.

Use of a DSTU style of progress provides developers and implementers with clear directional guidance and allows progress to be made while preserving flexibility ;more so if the outcomes are less than ideal for modifications to be made.

This being said I do appreciate a “chicken or egg” argument, especially a point made regarding the failure of commercial use and investment until something becomes a Standard. However I believe the OMG / W3C / DSTU approach requiring implementation before finalisation is still to be preferred

3. The transfer (or communication) of a partial or complete Electronic Health Record (EHR) from one system to another system of a different origin, while preserving both the information and the meaning and context of the patient data is a non-trivial task. Even so, it is still an important and very useful objective. The effort to enable communications of patient information between just two providers in the GP2GP program in UK makes it abundantly clear that this is a non-trivial task. Further, as noted above, more general standards in this area are still under development.

4. At another level again there are a number of attempts to develop approaches which will ultimately lead to a standardised way of storing and retrieving longitudinal EHR information which may have been captured over a patient's lifetime. Clearly, for this to be made to work it is crucial to create a methodology that associates clinical observations and activity with its meaning unambiguously, and to be able to reliably document clinical encounters using a consistent approach that does not change over the life of the record.

It is also intended that different implementations of the standardised approach should be able to reliably and safely understand, interpret, process and fully utilise a clinical record from another system – providing so called 'semantic interoperation' if done correctly. Both the openEHR project(www.openehr.org) and HL7 V3.0 (www.hl7.org) aim to achieve this (with minor variations as to scope).

Both approaches have adopted what is called 'two layer' modelling where a basic reference data model is supported by a descriptive mechanism (called an archetype or template) which defines the information content and how it is represented. The outcome of this approach is that as many archetypes as are needed (to represent and describe the information required in a clinical record) can be developed separate from the basic data model which defines the EHR's overall framework. A requirement for this approach to work is that as well as knowing the basic data model, each system must utilise a common set of archetypes or templates to attach the clinical meaning and values to the data.

It is worth noting that the open MRS (Medical Record System) (www.openMRS.org) also implements a two layer concept based model. This system has been used successfully to create purpose-built systems for managing limited clinical domains (such as HIV in Africa). To date I am not aware of any significant production systems based on the other architectures (although I am assured they are coming soon!).

5. It is now becoming clear that the efforts of ONCHIT in the US are bearing considerable fruit (see http://www.dhhs.gov/healthit/), as I believe are those of the UK's Connecting for Health Program (see http://www.connectingforhealth.nhs.uk/)to say nothing of a range of private sector initiatives (Kaiser Permanente Health Connect for example and the ONCHIT trials of prototypes for the US National Health Information Network). This work is really starting to get there, looks to be picking up pace, and is likely, overtime, to simply and pragmatically move forward gathering major benefits while exploiting the proven (and not the experimental) already available Standards. I know where I will be looking for the evidence of real impacts on people's lives and indeed where much of it can be found (see last paragraph).

Sadly, the strategy free zone we call NEHTA is slipping further behind, as best as can be determined, due to a the lack of committed government support and the usual problems associated with herding the fractious States into any coherence.

Where this leaves me is with a quite clear view that very useful Health IT systems are available today and that a dual approach of supporting appropriate and promising R&D needs to be blended with dramatically more energetic investment and deployment of systems which are already known to work and for which the evidence as to their value is quite unarguable.

My priority is, with so much benefit possible and so many lives able to be saved by simply “getting on with it” I think it is vital there is as much more energy focussed on dissemination of what works today than there is on the development of the hoped for 2009 model for Health IT.

This view is very much confirmed by the Health Affairs Online Theme Issue On Rapid Learning Through Health IT referred to in my blog article of the 27th January 2007. The gap between what we are doing today and the good that is possible is huge and must be addressed at a gallop not a dawdle.

David.

Saturday, January 27, 2007

A Must Read Contribution from Health Affairs

As a service to those who are not on the Health Affairs mailing list I pass on the following alert.

For the next week or so the articles will be accessible from the URL below. Enjoy and learn!

Health Affairs Online Theme Issue On Rapid Learning Through Health IT

Today Health Affairs has published online a set of papers that discuss using electronic data to advance knowledge. Data gathered in electronic health records on the experience of millions of patients have the potential to dramatically accelerate clinical research and provide the nation with timely, urgently needed knowledge about the value of new medical technologies, researchers report. You can access the set of papers at:

http://content.healthaffairs.org/cgi/content/full/hlthaff.26.2.w107/DC2

Highlights include:

Lynn Etheredge on what a rapid-learning system would look like and how we might get there.

David Eddy on how mathematical modeling can assist in medical decision making.

Sean Tunis et al. on the federal government’s unique position to generate information.

Joel Kupersmith et al. on the VHA’s electronic health records system.

Paul Wallace on integrated health IT at Kaiser Permanente.

Walter Stewart et al. on tools to help physicians bridge the gap between the knowledge they posses and the knowledge they do not.

Plus Perspectives from a wide range of system stakeholders.

This is important material that adds powerfully to the business case for the expanded implementation of Health IT both here and in the USA.

David.

Wednesday, January 24, 2007

Evidence Based Health IT – What a Good Idea!

In what was almost a throw away line commenting on the recent discussion regarding archetypes Dr Tim Churches of NSW Health offered the following remark.

"My view is that the practice of health informatics needs, desperately, to become evidence-based, otherwise we will continue to see hundreds of millions or billions of dollars being poured into the deployment of health information systems based on what is in the sales brochure, or based on tender responses, which tend to be just more elaborate versions of the sales brochures."

Now, while I may disagree that the only current driver of Health IT deployments are sales brochures I find the broad sentiment most compelling. Tim is right in suggesting that the decisions regarding adoption and use of Health IT should be on much the same basis as we seek to consider and manage other Health interventions (drugs, treatment protocols, medical devices and so on).

This led me to consider what such Evidence Based Health Care IT may look like. What follows are my initial thoughts on how the idea could be actualised.

First it would be necessary to decide on the type of evidence that was being sought and in what domain the decisions would be assessed. The health sector has many years experience in the design and execution of clinical trials and there does not seem to me to be any intrinsic reason why such an approach would not be useful.

One can easily envisage trials comparing manual methods of practice with computer supported approaches as well as trials comparing computer systems with varying levels of sophistication in terms of user interfaces, functionality and decision support capability.

An issue which would need to be carefully considered is how, in a trial situation, the quality of the system is distinguished from the skill of the user and possibly patient related factors. We need to recognise that Health IT is much more an enabler of service delivery rather than a provider of services per se and this fact would need to be reflected in the trial design.

Second it would seem reasonable to use the typical types of trial endpoints for evaluation of clinically relevant systems – perhaps modified and controlled in different ways as appropriate. The use of endpoints, such as clinical outcomes, also has the advantage of taking a holistic view of an intervention and not seeing a Health IT intervention purely as a technical exercise – but also as something that involves the patient and the clinician as well as the technology.

Of course it is possible that in some situations there will be the need to consider intermediate outcomes rather than direct impact on morbidity or mortality when considering, for example, differing decision support systems aimed at improving specific clinician behaviours.

Third there is obviously a place for technical trials of different technical approaches to clinical problems evaluated on both technical as well as clinical criteria. In the same vein one would also want, in some circumstances, to ensure parameters such as cost, impact on workflow or efficiency and so on were evaluated as a component of an overall assessment.

Fourth as experience grows one would see, hopefully the emergence of multi centre trials of particular generic interventions and development of appropriate strategies for the conduct of systematic reviews of important interventions. Later expertise would also be encouraged to develop in cost benefit assessments of the different interventions using criteria rather more closely modelled on the Pharmaceutical Benefits Review Committee than what is done by the Therapeutics Good Administration where the focus is more on safety rather then efficacy and clinical outcomes.

Fifth it is important to consider how best the human side of Health IT deployment and use can be researched and practical trials conducted to come up with the best ways to manage system selection, clinician resistance to change, workflow alterations and so on.

Sixth one could consider the establishment of a Cochrane Collaboration like clearing house to make widely available the outcomes of both sponsored research, systematic reviews and so on – as well as Health IT guidelines to assist organisations move forward with an evidence based Health IT Agenda

Last it might make some sense to have at least some research that looks back on failures and disasters (something much beloved of IT project managers) to come up with evidence based guidelines on what tends not to work in the process of selection and deployment of apparently well considered Health IT interventions and systems.

I recognise that it could be said that what is being suggested is little more than what is classically referred to as Health Technology Assessment (HTA). I would suggest the focus on the deployments of, and the evaluation and trial of Health IT against clinical objectives using an experimental model moves a good deal beyond traditional HTA.

Overall, I can see there could be a case built for establishing an academic centre for the development, evaluation and implementation of Evidence Based Health IT.

What do others think? A good idea?

David.

Sunday, January 21, 2007

Archetypically Stupid!

Recently (December 1, 2006) the Health Informatics Technical Committee of the International Standards Organisation (ISO) released a draft Standard entitled Health informatics — Electronic health record communication — Part 2: Part 2: Archetype interchange specification. The closing date for comments is in March, 2007.

The draft document is on its way through the various ISO and CEN processes towards being approved as one of the five parts of the TC 215 Standard on Electronic Record Communication. (pr13606).

Overall the Standard – if approved - aims to define how extracts of patient records can be safely and reliably moved between two EHR systems which are compliant with the Standard once approved.

Key to the success of the approach being adopted is the use of an information construct called an Archetype which defines how clinical content within the record is to be laid out and interpreted.

Without going into too much detail an example of how the Archetype is intended to be used can be better understood as follows.

Assume we wish to place a patient’s blood pressure into an Electronic Health Record (EHR).

In the context of a defined and identified individual patient, an identified healthcare provider (the observer) and the date and time of the observation, it is possible to use an Archetype which has the concept name of ‘blood pressure’. This permits recording of the systolic and diastolic blood pressure values along with associated information (e.g. is this blood pressure part of an assessment for postural hypotension where body position is important or is this blood pressure measured with a described cuff size, etc). Given the detail that may be needed to handle electronic measurements, continuous or 24 hour measurements and so on, the possible complexity becomes obvious if a single archetype is required to handle the concept of ‘blood pressure’. (I guess the response from proponents of Archetypes would most likely be that this would be handled by higher level assemblages of Archetypes, but clearly the downside of this approach is the ultimate number of Archetypes needed).

All the actual data entered is intended to be stored, along with the patient and Archetype identifying information, in an EHR system that can access, when requested, the Archetype ‘framework’ into which the recorded values have been placed. This allows the re-creation of the ‘whole’ of the observation, as needed, in any compliant system. An individual patient record can of course be made up of many data elements (described and constrained by many different Archetypes) to build up a fuller and more complex EHR record.

The benefit claimed for this approach is that any computer system which can locate and ‘interpret’ the correct Archetype can accurately re-present and re-use the EHR information (i.e. provide semantic interoperability between EHR systems). The importance of finding the correct Archetype to utilise becomes obvious here as using a different version of an Archetype, or the wrong Archetype, could be very problematic. This has a range of obvious consequences around the need for effective naming and version control conventions.

Why am I bothering to comment on this somewhat obscure standards balloting event?

The answer is that I simply do not believe use of Archetypes is ready for ‘prime-time’, especially as a global standard, until a vast amount more work is done.

My specific concerns are as follows:

1. The draft standard admits it is unclear how many Archetypes are needed for a successful general purpose EHR and the amount of work needed to create them.

To quote:

Archetype Repositories

“The range of archetypes required within a shared EHR community will depend upon its range of clinical activities. The total set needed on a national basis is presently unknown, but there might eventually be several thousand archetypes globally. The ideal sources of knowledge for developing such archetype definitions will be clinical guidelines, care pathways, scientific publications and other embodiments of best practice. However, “de facto” sources of agreed clinical data structures might also include:

• the data schemata (models) of existing clinical systems;
• the lay-out of computer screen forms used by these systems for data entry and for the display of analyses performed;
• data-entry templates, pop-up lists and look-up tables used by these systems;
• shared-care data sets, messages and reports used locally and nationally;
• the structure of forms used for the documentation of clinical consultations or summaries within paper records;
• health information used in secondary data collections;
• the pre-coordinated terms in terminology systems.

Despite this list of de facto ways in which clinical data structures are currently represented, these formats are very rarely interoperable. The use of standardised archetypes provides an interoperable way of representing and sharing these specifications, in support of consistent (good quality) health care record-keeping and the semantic interoperability of shared EHRs.

In the longer term, it is anticipated that the involvement of national health services, academic organisations and professional bodies in the development of archetypes will enable this approach to contribute to the pursuit of quality evidence-based clinical practice. In the future regional or national public domain libraries of archetype definitions might be accessed via the Internet, and downloaded for local use within EHR systems.”

What is clear here is that not only do we not know how many are needed, but that no-one knows, and more importantly the needed Archetypes do not exist anywhere on the planet!

If one considers the number of diagnostic tests, types of observations and so on that exist I believe “several thousand” is just hopeful guesswork. Of course who is going to develop and pay for all the work required is a separate question.

2. The writers of the quotation above seem to me to be conceiving Archetypes at a level (clinical guidelines and the like) above where Archetype development and definition is needed (i.e. at the level of individual observations and investigations). Only once these basics are developed and stable can construction of the more advanced information constructs and uses begin.

3. It is also obvious that without a global reference source for Archetypes (as well as global governance mechanisms and the required technical, development and managerial infrastructure) the stated goal of sharable, interoperable EHR extracts is little more than a pipe dream. This reference source does not exist and is unlikely to anytime soon. The prospect of local divergent Archetype repositories dotted all around the world, resulting in all sorts of interoperation difficulties, is too horrible to contemplate.

4. There is no reference implementation of a system deploying even a slightly comprehensive set of Archetypes to prove the conceptual and performance capability of Archetype based systems. There seems to me to be little doubt that scalability of Archetype services could be a significant issue.

5. There seems to be some evangelical thrust on the part of Standards Australia (and possibly NEHTA) to spread the use of Archetypes globally (as a special pestilential and mind befuddling treat for the rest of the world) when the local investment in their development and deployment has been minimal, to say the least. If they really think Archetypes are such a great idea putting ‘the money where their mouths are’ would be a good idea!

6. The literature supporting the contemporary use of Archetypes in the draft standard comprises a total of four citations predominantly by only two people.

7. The HL7 Template Special Interest Group is still working (as of October 2006) to resolve how CEN Archetypes and HL7 Templates can be harmonised in ways that make them interoperable whilst recognising that many of the conceptual and operational problems with Archetypes exist just as significantly in the HL7 Template proposals.

8. It seems to me there are much more basic and important things to be standardised before attacking a problem of this complexity which has not been applied or asked for by the real world. Getting basic clinical information available at local points of care reliably and improving care-coordination with the simplest of care records would be a very good start rather than developing this misguided, over-engineered and over-complex standard which I doubt will be seriously considered by more than 50 people and which I suspect will never be actually implemented as intended by its creators. To posit adoption of this Standard without describing the governance, provisioning and funding of the necessary Archetype sever infrastructure is naïve in the extreme.

To be creating 150+ page specification documents on the basis of what seems to be a conceptually ‘good idea’ and to then, without proven reference implementations, launch such documents on an unsuspecting world is downright dangerous.It is likely to hamper more useful and important e-Health developments globally, as an overly complex mess is sorted out – if that is possible.

It is really time for the proponents of Archetypes to ‘put up or shut up’. This is way to serious to just allow this proposed standard to wander though the approval processes without some very hard questions being asked.

Until reference implementations exist and are working and harmonisation with other standards (HL7 etc) is finalised and demonstrable all involved really need a ‘cold shower’ as our politicians are so keen on saying.

David.

Thursday, January 18, 2007

NEHTA and Secure Messaging – Comments Round Two.

Late last Thursday (11 Jan, 2007) Andrew Shrosbree who is the Technical Architect of ArgusConnect Pty Ltd (http://www.argusconnect.com.au) chose to comment on a request from Tom Bowden (Our First Guest Blogger) in the GP_TALK e-mail list for comments on the technical usability and quality of NEHTA’s document “Technical Architecture for Implementing Services Concepts and Patterns Version 1.0 – 21 December 2006 For Comment.”

Given ArgusConnect’s emerging role in the e-Health Secure Messaging environment in Australia, and the fact that ArgusConnect is being used by a number of GPs and Specialists all over the country, I asked Andrew if I could reproduce the essence of his comments in this blog for the interest of my readers who may not see the e-mail list. He agreed.

The following is the message Andrew submitted:

“Dear Tom

I want to second your request for an assessment by people in our industry of NEHTA's latest specification for secure messaging.

Having reviewed “Technical Architecture for Implementing Services Concepts... "I concur with David More's assessment. The most appropriate phrase from David's blog is "obvious and self evident". To paraphrase my last comments on this list regarding NEHTA's progress, WHERE'S the MEAT?

NEHTA's efforts are not much good to us until they start addressing genuine implementation issues. At the NEHTA conference we were promised code examples and prototypes for the Web Service interfaces, yet instead all we get is more verbiage telling us what we already know. I don't need another lecture about why we should be using this technology, or what a service is. What I'd like to see is some working pieces of code. I don't deny the need for rigour and clear definition of concepts, but when are they going to move along?

My favourite piece of verbiage in the specification is "Information can be modelled and represented in many different ways. This technical pattern recommends that information can be represented using the XML infoset and encoded using the syntax of XML. It also recommends the use of XML Schema to describe those XML documents"

Really? Such language reminds me of Jimmy Carter explaining sagely that "Inflation is caused by many strange and complicated things interacting in strange and complex ways". Um, thanks Jimmy. Anyone else? Anyone?

One concern I do have concerning the content of the specification is the frequent reference to how "the GP Program" will directly access IHI and HPI services. This fails to acknowledge how messaging is actually performed - by third party communication providers, not by the clinical software vendors. If NEHTA is assuming that vendors can be relied on to implement all this stuff then somebody is living in a different universe.

Message providers have been using Web Services for quite a while now (haven't we?) and we may as well continue as usual: forging ahead while we wait for NEHTA to come up with something tangible for us to use as a benchmark against what we have out there, already working in the field.

Finally, I don't quite agree that the specification forms a "roadblock" or in any way impedes progress. Irrelevancy is, well, irrelevant. Nothing it proposes is controversial, wrong, or particularly onerous. Perhaps the development team at NEHTA is run by somebody who worked previously at Foxtel. We are being fed reruns instead of anything new.

I'd like something more for my subscription fee.

Andrew”

It seems from this and the earlier comments from Tom Bowden that there is a soundly based belief that NEHTA is failing to provide the leadership, guidance and impetus for which it was created and for which it has had a reasonable period of time to 'get its act together'.

While it is personally gratifying to have one's judgement of the value of this aspect of NEHTA's work validated by its most obvious customers and stakeholders it is quite unacceptable that, after issuing documents covering the NEHTA desired Technical Architecture of Secure Messaging on 02 Feb, 2006, the industry and the potential users of such services have to wait for a release document which contains little improvement of value.

That NEHTA can work for almost a calendar year and make such little progress does not bode at all well for the other projects for which we have yet to see some deliverables.

The opportunity costs of NEHTA's failure to make any substantial progress is very large and the Australian public deserve a great deal better.

It would not surprise me if NEHTA’s lack of progress actually emerged as an issue in the upcoming Federal Elections.

David.

Tuesday, January 16, 2007

AusHealthIT's First Guest Blogger Article!

After a recent article reflecting on the recent NEHTA release of an outline of the technical specifications for secure messaging I was approached by Mr Tom Bowden, the CEO of HealthLink – asking if he could provide a comment in the form of his view as to a sensible 'roadmap' for secure health messaging in Australia.

I thought this was a very good use of the blog and so readily agreed. The article I have been forwarded is reproduced below.

Before handing over to Tom can I also say that Dr Ian Colclough has also been hard at work and has written a comprehensive comment to the earlier post (8 January, 2007) on “Why Implementation Matters”. I commend this also for your careful review. Just click on the comments tag at the bottom of the article.

With that said – over to Tom Bowden.

David.

A Connected Health Sector
– However Can We Get There From Here? –

Imagine a health sector in which nearly all of a General Practice's clinical and administrative communications are electronic. Doctors provide better patient care and they spend nearly an hour less per day on administration. Cutting through the paper-war makes the profession much more financially rewarding and enjoyable. With a universal communications framework available, the government can readily develop and implement national vaccination and screening systems, prepare for pandemics and possible bio-terrorism and speed up implementation of much-needed sector reforms.

Unfortunately if you are a GP in Australia, imagining the above scenario will be close as you get to achieving it in the near future. Australia's track-record in health sector automation (e-health) is among the worst in the developed world. Using another approach, Holland, New Zealand, and some of the Scandinavian countries have almost entirely connected their primary-care sectors. While they haven't solved every problem known to mankind, their family doctors' routine clinical and administrative communication is now all electronic. For example, in New Zealand a doctor is more than three times as likely to use an electronic service to perform a routine task as his or her Australian counterpart


Why is Australia's health system so substantially lacking in this important respect?

The answer is perhaps not one that you would expect; nevertheless, it is quite a simple one. In countries with well developed communications systems, automation of pathology services has been the initial platform upon which a wide range of electronic services has been built. Because of the large volume of information flowing between general practices and laboratories, automation of pathology messaging provides the best opportunity to initiate electronic communications. Beginning with pathology result delivery, a number of countries, including Holland, Denmark, New Zealand and to a lesser extent Canada have been able to build extremely useful standards-based e-health frameworks. These countries have used the opportunity to learn about and implement standards-based communications systems and to build the capacity of the practice and patient management systems that they link. In Australia however, the major pathology companies developed their own individual non standards-based systems for delivering pathology results.

Unfortunately the emergence of the Pathology Information Transfer (PIT) result delivery format as a de-facto standard has severely hampered adoption of internationally supported messaging standards within the Australian health sector. While Australia has a small number of half-hearted implementations of Health Level Seven (HL7), there has been nothing like the uptake of secure messaging seen in other countries. For instance, we now have a range of incompatible HL7 pathology report delivery implementations; approximately one for each major laboratory group.

By far the majority of results are still delivered using the PIT format. As well as being a proprietary, non standards-based message format, a PIT message is unable to be usefully incorporated within an electronic medical record (EMR). A PIT message can only be displayed in its entirety and stored as an object. By contrast, separate data elements of each HL7 message can potentially be incorporated into the EMR of the recipient, which permits the monitoring and display of trends, alerts the clinician to developing problems and significantly enriches the patient's medical record.

Without a reasonable base-level of standardisation in use in the Australian health sector, there is little opportunity to add further standards-based types of communication. The lack of activity has meant that there is a shortage of expertise in communications standards use and thus great difficulty implementing standards compliant services. Furthermore, Practice Management System applications vendors have gained little or no understanding of how to implement communications related capabilities within their application software and thus build better, more useful systems and richer EMRs that are capable of utilising the incoming clinical data.

The really sad thing is that Australia has already spent huge amounts of effort and money developing many of the standards, support services, systems and capabilities needed to do the job. The basic tools to enable there to be a connected health sector do exist; they are just not being used properly.

Unfortunately, instead of drawing upon and utilising pre-existing effort, the National e-Health Transition Agency (NEHTA) is using very little of the immense amount of work that was already underway prior to its formation. NEHTA's wish to start with a clean slate is in some ways understandable given some of the structural difficulties that met them. However, based upon the present rate of progress, it is likely to be some years before we see any implementable results.


Strategic Options

Clearly there has to be a better way of achieving useful results, so let us look at the broad strategic options. Around the world the health sector connectivity issue is being tackled using three contrasting approaches;

1. Implement a nationally funded state-run infrastructure, as is happening in the United Kingdom. This is typically expensive, slow and controversial as a nationally implemented 'one size fits all' communications system is imposed upon the sector.

2. Take a hands off approach, fund development of a few standards and hope that the sector will work together to make things happen. This has been the approach used in the Australian health sector for the past twelve years, since the commencement of electronic communications here. Judging by the results, it has clearly failed and should be discontinued. This approach provides too much opportunity for interested parties to drive the agenda to meet their own individual profit objectives, rather than strive for the good of the sector as a whole.

3. Work in partnership with specialised system integrators and service providers to implement international standards and champion the cause of connectivity. This is the approach that has worked very successfully in Scandinavia and New Zealand where small, specialised service organisations are given government backing and modest financial incentives to ensure that automation actually occurs.

Option Three is the approach most likely to succeed. Highly effective sector integration of the kind enjoyed by other countries will occur when a clear course of action is agreed upon and the task given to organisations whose success is based upon achievement of successful integration outcomes.

Action Is Urgently Needed

To get results I believe NEHTA needs to:

1. Recognise and involve sector participants.

Foster the establishment of an integration community. Encourage the participation of sector players in whose interest it is to make the transition from paper-based to electronic processes, such as Divisions of General Practice, specialised system integrators, practice management system vendors, and industry associations. All of these parties need to work together - not be kept at arms length - to get results.

2. Implement what we already have, properly.

Properly implement existing core HL7 messaging standards (AS 4700.2 and AS4700.6). These are the core messaging standards required to automate 40-60% of all general practice messaging. These internationally recognised, proven standards presently exist in Australia, but they are not properly implemented. The current quality of integration poses significant risks to patients. Industry bodies should be encouraged to demand fully certified implementation.

3. Define ONE standard for each purpose and rigorously enforce it.

Ensure rigorous policing of standardisation to prevent proliferation of different non-standard formats. The Australian Healthcare Messaging Laboratory (AHML) exists to certify all messages. All software organisations and industry players should be required to obtain AHML certification. Immediately, AHML should lead the process of making all laboratories use a common implementation of HL7 (AS 4700.2).

4. (Re)Engage and fully support a single national authentication framework.

Agree upon and implement an easy to use, dependable national authentication framework. This is critical for success. The Australian Health e-Signature Authority (HESA) was set up specifically for this purpose; NEHTA has however not embraced what HESA has done. HESA has since been merged with Medicare Australia. Further work needs to be done with HESA to ensure that the HESA certificates etc are easier to implement and support. (Much has already been done to improve the usability of HESA certificates but this work has since been mothballed.)

5. Tie payment to certified use of standards.

Tie funding policy to the communications strategy. It is important that the payment incentives to all health sector players, especially GPs, hospitals and laboratories, are tied to certified use of communications and security standards. International experience shows that tying payment of incentives to outcomes is an extremely successful way of implementing new communication systems.

6. Focus on achieving simple and measurable steps in the context of a practical, consultative National e-Health Plan.

Ensure that we succeed in walking before we try to run. Beginning with simple readily implementable formats and standards that will deliver day-to-day benefits is key to building momentum. In the health IT integration business success breeds success.

7. Set ambitious but achievable targets and ensure they are met.

Tackle the project in a down-to-earth, business-like manner. Set aggressive adoption targets. Reward participants for hitting milestones with incentive payments, tax-breaks or whatever else will motivate them. Provide disincentives to parties that are dragging the chain.

Conclusion

It's all about setting firm, clear targets and providing the leadership - and incentives - to ensure that targets are met.

At present a number of key influencers have a clear incentive to maintain control of proprietary communications frameworks and thus protect their referral streams and income.

To get real results, this must be turned around. Those parties who can and will help the sector make the transition from paper-based to electronic communications should be supported and where appropriate provided with incentives to do so.

Those who stand in the way of true sector integration need to be reined in and either provided with incentives to change, or prevented from continuing to obstruct progress.

Swift, decisive action in line with the above recommended steps could see Australian GPs, the wider health sector and ultimately the Australian public enjoying the benefits of proper health sector automation within 3 to 6 months.

Let's do what we can to make that happen.

Statement re Potential Conflict of Interest

Tom Bowden is CEO of HealthLink Ltd, an integration services provider operating in Australia, New Zealand and Canada.

Sunday, January 14, 2007

How Many Times Does This Sort of Thing Need to Happen?

If ever there was going to be an independent report that would focus NEHTA’s mind on the need to change direction this is it!

Last week the following article (selected quotes below) appeared in the Toronto Star. The full article can be found at the following URL:

http://www.thestar.com/Business/article/168761

Report slams e-health agency

“Smart Systems is not offering good value to taxpayers, consultancy says”
.....

The agency responsible for Ontario's electronic health infrastructure is poorly regarded in the health-care community, lacks strategic direction, and has not been held properly accountable by Queen's Park, according to an operational review conducted by Deloitte Consulting.

"Given the increased urgency for substantive progress with e-health in Ontario, an aggressive agency-turnaround plan is required," concludes the 100-page report, the outcome of an internal review launched a year ago by Health Minister George Smitherman.”
…..

“The agency, which employs more than 300 people, was created in 2002 and has since received $458 million from Ontario taxpayers as part of its mandate to electronically link and support the province's 150,000 health-care providers.”

…..

“Among the review's findings:

• There has been "little or no meaningful progress" with the creation of an emergency health record for Ontarians, though it was recognized there was "ambiguity" with the agency's role in this area.
• The network designed to link health-care providers is "below standard" when it comes to practices for monitoring performance and security.
• Assessing the agency's performance versus the government's expectations is difficult because "well-defined expectations, deliverables and measurable performance targets have not been established and documented by the ministry for SSHA."
• The Smart Systems' secure email service has fallen well short of expectations, as only a third of the 60,000 accounts that have been installed are being used.
• Though the agency is expected to host sensitive health information, "privacy policies are incomplete and not widely understood" and "many of the procedures necessary to provide guidance and direction have not been developed or are in draft form." In certain instances, "processes are ad hoc, undefined or undocumented."
• Security of patient information was also questioned, as Deloitte said it wasn't clear who was responsible for defining and implementing security controls and technologies. "As a result, sensitive information may not be protected consistently throughout its lifecycle."

A copy of the full report can be downloaded from:

http://www.ssha.on.ca/operationalreview/index.asp

All in all it would be difficult to say the money has been well spent so far.

The Smart Systems for Health Agency (SSHA) was intended to be a provider of connectivity services and standards for the health sector in Ontario, Canada – the largest province in the country with a population of a little over 13 million.

The mandate which the Agency was given in 2002/3 covered the following:

“The mandate at the time highlighted six products to support the priority initiatives identified within the SSHA regulation:

−Managing the private network;

−Providing a secure messaging service and online directories;

−Security infrastructure;

−Physical facilities;

−Voluntary emergency health record;

−Data and technology standards.”

A little later (2004/5) a role in application delivery for the sector was added. All the while the SSHA has been “pursuing a long-term goal of creating a voluntary EHR to allow health care professionals to access patients’ lifetime health histories. To achieve this goal, EHRs will need to connect many sources of information as well as currently independent applications and databases. Establishing electronic connections to allow information from different sources, applications and databases to be shared is the focus of SSHA’s efforts at this time.”

The parallels with NEHTA’s present role and activities are quite uncanny.

The five recommendations from Deloittes to the Ontario Health Ministry (among a large number of internally focussed recommendations) make it clear just what the key problems have been:

• “Finalize and approve the Ontario e-Health Strategy
• Strengthen e-Health program management
• Establish enabling legislation/regulation for SSHA
• Strengthen e-Health privacy policy
• Enhance communication and collaboration between MOHTLC and SSHA”

Essentially a secure messaging environment and a technical infrastructure has been created in the absence of an e-Health Strategy, implementation plan, privacy policy and effective communication with the key clients. Additionally the core role of the SSHA in servicing the health sector has been lost – along with over $A500 million it would seem.

Just how similar does all this seem to the way NEHTA is proceeding at present (developing infrastructure in a strategic vacuum and the like) and how different is the outcome likely to be unless a Deloitte like review is undertaken as a matter of some considerable urgency?

I do see light at the end of this tunnel and it is that of an oncoming train!

David.