In last Tuesday's Australian, this blog's report of the demise of the Australian Health Information Council (AHIC) was confirmed. It is clear that AHIC is not presently operational and its chairman has resigned. Better news from the article was that meetings were underway to get together a new AHIC, to press on with the clearly vital work.
In the same article,the Health Department (via Kay McNiece, spokeswoman for Health Minister Tony Abbott )stated:
"The 2006-07 HealthConnect budget is $31.5 million," she said. "The funds will be used for the National E-Health Transition Authority's baseline work program, the implementation with Tasmania, South Australia and the Northern Territory taking priority, and program running costs."
This seems to be a quite large sum of money for something that has seemed to be going nowhere and the question arises what are we actually getting for this money?
My suspicion is that the vast bulk of the funds is going to operate NEHTA and that virtually nothing at all is being spent on HealthConnect.
I wonder, can any readers of the blog who are aware of any HealthConnect branded activity actually happening please let us all know?
The simplest thing to do is e-mail to the address given on the "how to contact me" link at the top of the blog!
This will allow us all to know if HealthConnect is really alive or on its last and terminal gasp! I will report back with what I discover in a week or so. Of course any other "comments, corrections, clarifications, and c*ckups" (as Crikey.com would have it) as well as tips about anything I have missed (good or bad) in the e-Health space would be more than welcome!
It's your blog..use it!
David.
Thursday, September 14, 2006
Sunday, September 10, 2006
The Electronic Medical Record you Have When you Don’t Have One!
A week or so ago the following release caught my eye. One more acute hospital, I thought, has taken the sensible step of moving to a computerised patient record. The release read as follows:
Lara Giddings, MHA
Minister for Health and Human Services
Thursday, 24 August 2006
________________________________________
PATIENTS BENEFIT AS RHH RECORDS ‘GO DIGITAL'
The Royal Hobart Hospital has become one of the first hospitals in Australia to store patient medical records through a new computerised digital system, Health and Human Services Minister Lara Giddings announced today.
Officially launching the new Digital Medical Record (DMR) system, Ms Giddings said the new system would bring major benefits for the Royal, clinicians, nurses, other health care professionals and, most importantly, patients.
Ms Giddings said the move from a manual, paper-based way of managing many thousands of patient records to an on-screen system, was historic.
“The new Digital Medical Record system allows patient information to be scanned, stored, managed and viewed on-screen for the first time,” Ms Giddings said.
“The new digital service, which has cost just over $1 million, means that patient information will be more manageable, accessible and secure.
“And the system will allow more timely retrieval of vital information and will be more efficient.”
Ms Giddings said that health care had the dubious honour of being the world’s largest consumer of paper.
“At the RHH alone, it is estimated that the manual system of keeping patients’ medical documents has gobbled up some 5.5 kilometres of storage space,” Ms Giddings said.
“That secure storage space has been growing at around 100-300 metres per year, and is now very close to capacity.
“The new Digital Medical Record system is an exciting initiative that will prevent the Royal being swamped by paper.
“The project will free up more space at the Royal and eliminate the need to store additional patient records off-site – a very expensive option and a logistical nightmare if they need to be retrieved in a hurry.”
From the beginning of last month, all new patient information has been recorded on the Digital Medical Record, rather than being filed as paper form medical histories.
“The new system enables fast and secure multiple user access for all RHH staff involved in providing direct patient care,” Ms Giddings said.
“The DMR allows clinical information to be available on-line and wherever the patient is located, and there is instant access for those treating staff needing a patient’s medical record.
“The system has been designed from the ground up to link into existing clinical work practices.
“The system is safe and secure. There are three forms of backup including archival tape - stored off-campus in a secure facility - a backup server and a contingency system in the event of power and network loss.”
Ms Giddings said the hospital’s network was world class, and the project had enabled the establishment of state-of-the-art, secure wireless networking to almost all wards.
The hospital’s sophisticated scanning equipment is capable of scanning 60,000 pages a day.
“It puts us in a stronger position in what is becoming an increasingly technological and information driven industry.
“Going digital provides the RHH with a firm foundation on which the hospital can build towards fully electronic patient health records.
“And into the future, the advantages of the new digital system may not be confined to the Royal alone.
“The system has been developed as a single, Statewide system, but it only contains RHH patient data at present.
“However, because of its link with the Tasmania-wide patient identification system, it has the potential to act as the cornerstone of a secure, fully integrated health record for everyone.
“The possible benefits in terms of improved continuity and quality of care are immense,” Ms Giddings said.”
Oh dear, oh dear I was wrong! A close reading of the release reveals no such thing! What has been done is that the hospital has bought a large optical images scanner and all the paper that constitutes the patient medical record will be scanned into an image data base, presumably keyed on the patient’s medical record number.
Given that it would make no sense to be scanning paper records while they were in use during an hospital admission, given the impact on work processes of taking the papers away to be scanned as care was being delivered, it is clear the scanning occurs after the patient leaves the clinic or is discharged.
So what we actually have for the $1.0Million is an image archive of non-current records which can be accessed to assist current care. The key problem with this is that there are now two sources of information. Firstly the current paper record and accessible via the computer the “old patient notes”. How often these will actually be accessed is likely to be quite low – given that any current information will inevitably be transcribed into the current record for easy and quick access. The frequency with which older records are accessed after an initial review or admission is vanishing low in my experience.
Another issue with scanning the paper record is the lack of ease of access to the various components of the record when it is presented as a collection of images – even if there is some attempt to provide some structure to the record through the use of sectional tabs and the like. At the end of the day what the scanned record comprises is an image stream which must be searched largely sequentially.
Additionally, to make such an image stream at all useful, it is important to attach electronic descriptions (known as meta-data) to each image. The process of doing this requires manual human reading of the scanned image and then entry of appropriate descriptions and searching information. Clearly the amount of metadata that will be entered will be quite limited for each image given the number of images being scanned each day and the available work force to code the images. Search and retrieval of details and other useful information will thus be very limited indeed.
Purchase of this system, I understand, has been driven by the need not to accumulate more paper, given the storage constraints existing in the hospital and a desire not to spend the money that would be required on what could be termed a “real” electronic health record within a hospital information system.
This decision making is blinkered in the extreme and is to be condemned. This system is little more than an electronic document archive and offers very few, if any, of the advantages and benefits of a real integrated Hospital Information System.
There are Australian companies, such as IBA Ltd, who can offer a highly searchable, functional, workable and useable Hospital Information Systems which would offer a much greater cost / benefit ratio to the Royal Hobart Hospital than this misguided installation. Additionally there are US providers, such as Cerner, who also have installations in Australia who can also assist.
There must be a reason that virtually no significant hospital in the world, if any, have adopted a system like this as their record system. These is! It is a really, really bad idea for 2006. Indeed it was a bad idea in 1986 and every year since!
One hopes that Tasmania Health will see the error of their ways and resolve to provide proper electronic health records to their clinician sooner rather than later, rather than extending this inappropriate technology further into the Tasmanian Hospital System.
David.
Lara Giddings, MHA
Minister for Health and Human Services
Thursday, 24 August 2006
________________________________________
PATIENTS BENEFIT AS RHH RECORDS ‘GO DIGITAL'
The Royal Hobart Hospital has become one of the first hospitals in Australia to store patient medical records through a new computerised digital system, Health and Human Services Minister Lara Giddings announced today.
Officially launching the new Digital Medical Record (DMR) system, Ms Giddings said the new system would bring major benefits for the Royal, clinicians, nurses, other health care professionals and, most importantly, patients.
Ms Giddings said the move from a manual, paper-based way of managing many thousands of patient records to an on-screen system, was historic.
“The new Digital Medical Record system allows patient information to be scanned, stored, managed and viewed on-screen for the first time,” Ms Giddings said.
“The new digital service, which has cost just over $1 million, means that patient information will be more manageable, accessible and secure.
“And the system will allow more timely retrieval of vital information and will be more efficient.”
Ms Giddings said that health care had the dubious honour of being the world’s largest consumer of paper.
“At the RHH alone, it is estimated that the manual system of keeping patients’ medical documents has gobbled up some 5.5 kilometres of storage space,” Ms Giddings said.
“That secure storage space has been growing at around 100-300 metres per year, and is now very close to capacity.
“The new Digital Medical Record system is an exciting initiative that will prevent the Royal being swamped by paper.
“The project will free up more space at the Royal and eliminate the need to store additional patient records off-site – a very expensive option and a logistical nightmare if they need to be retrieved in a hurry.”
From the beginning of last month, all new patient information has been recorded on the Digital Medical Record, rather than being filed as paper form medical histories.
“The new system enables fast and secure multiple user access for all RHH staff involved in providing direct patient care,” Ms Giddings said.
“The DMR allows clinical information to be available on-line and wherever the patient is located, and there is instant access for those treating staff needing a patient’s medical record.
“The system has been designed from the ground up to link into existing clinical work practices.
“The system is safe and secure. There are three forms of backup including archival tape - stored off-campus in a secure facility - a backup server and a contingency system in the event of power and network loss.”
Ms Giddings said the hospital’s network was world class, and the project had enabled the establishment of state-of-the-art, secure wireless networking to almost all wards.
The hospital’s sophisticated scanning equipment is capable of scanning 60,000 pages a day.
“It puts us in a stronger position in what is becoming an increasingly technological and information driven industry.
“Going digital provides the RHH with a firm foundation on which the hospital can build towards fully electronic patient health records.
“And into the future, the advantages of the new digital system may not be confined to the Royal alone.
“The system has been developed as a single, Statewide system, but it only contains RHH patient data at present.
“However, because of its link with the Tasmania-wide patient identification system, it has the potential to act as the cornerstone of a secure, fully integrated health record for everyone.
“The possible benefits in terms of improved continuity and quality of care are immense,” Ms Giddings said.”
Oh dear, oh dear I was wrong! A close reading of the release reveals no such thing! What has been done is that the hospital has bought a large optical images scanner and all the paper that constitutes the patient medical record will be scanned into an image data base, presumably keyed on the patient’s medical record number.
Given that it would make no sense to be scanning paper records while they were in use during an hospital admission, given the impact on work processes of taking the papers away to be scanned as care was being delivered, it is clear the scanning occurs after the patient leaves the clinic or is discharged.
So what we actually have for the $1.0Million is an image archive of non-current records which can be accessed to assist current care. The key problem with this is that there are now two sources of information. Firstly the current paper record and accessible via the computer the “old patient notes”. How often these will actually be accessed is likely to be quite low – given that any current information will inevitably be transcribed into the current record for easy and quick access. The frequency with which older records are accessed after an initial review or admission is vanishing low in my experience.
Another issue with scanning the paper record is the lack of ease of access to the various components of the record when it is presented as a collection of images – even if there is some attempt to provide some structure to the record through the use of sectional tabs and the like. At the end of the day what the scanned record comprises is an image stream which must be searched largely sequentially.
Additionally, to make such an image stream at all useful, it is important to attach electronic descriptions (known as meta-data) to each image. The process of doing this requires manual human reading of the scanned image and then entry of appropriate descriptions and searching information. Clearly the amount of metadata that will be entered will be quite limited for each image given the number of images being scanned each day and the available work force to code the images. Search and retrieval of details and other useful information will thus be very limited indeed.
Purchase of this system, I understand, has been driven by the need not to accumulate more paper, given the storage constraints existing in the hospital and a desire not to spend the money that would be required on what could be termed a “real” electronic health record within a hospital information system.
This decision making is blinkered in the extreme and is to be condemned. This system is little more than an electronic document archive and offers very few, if any, of the advantages and benefits of a real integrated Hospital Information System.
There are Australian companies, such as IBA Ltd, who can offer a highly searchable, functional, workable and useable Hospital Information Systems which would offer a much greater cost / benefit ratio to the Royal Hobart Hospital than this misguided installation. Additionally there are US providers, such as Cerner, who also have installations in Australia who can also assist.
There must be a reason that virtually no significant hospital in the world, if any, have adopted a system like this as their record system. These is! It is a really, really bad idea for 2006. Indeed it was a bad idea in 1986 and every year since!
One hopes that Tasmania Health will see the error of their ways and resolve to provide proper electronic health records to their clinician sooner rather than later, rather than extending this inappropriate technology further into the Tasmanian Hospital System.
David.
Wednesday, September 06, 2006
Has the Peak e-Health Strategy Council in Australia (AHIC) Vanished Unannounced?
Writing earlier this year on the demise of HealthConnect as it was initially planned in an article in New Matilda in early 2006 I noted in passing
“There are other worrying portents of the Commonwealth Government vacating the e-health space. Firstly, the formal role of the Australian Health Information Council (AHIC) to undertake national e-health planning was withdrawn after the AHMAC meeting in late 2005.”
What I wrote seems to be truer than I could have imagined.
AHIC was initially set up by Health Ministers in July 2003. AHIC, it was said “works closely with the National Health Information Group in to increase the effectiveness of IT investment in the health sector.”
After little practical outcome from the Council after two years, it was reviewed by the Australian Government (in secret it would seem as there was no public report I am aware of ever announced or released) and its role was changed.
The new role was described as follows:
“The revised operating arrangements for AHIC are based on an independent review of the Council commissioned by the Australian Government. These arrangements will enable AHIC to focus on providing strategic advice to Health Ministers about the more effective and efficient use of information management and information communications technology (IM&ICT) in the health sector.”
At the same time as this was done (November 2005) all references to a proposed National E-Health Strategy disappeared from the AHIC web-site. I am told that despite twelve months consultation and work by the AHIC secretariat the strategy produced was so bad as to not be appropriate for release and so the whole idea of developing a National E-Health Strategy was abandoned. Since that time administrative transfers, changes and resignations have ensured that any expertise and skills in the e-health domain that may have existed have been largely dissipated.
It now seems that the last rites have been administered to the last representative Australian e-Health peak body – with the web site (www.ahic.org.au or www.ahic.gov.au) now having disappeared as of the time of writing (6th September, 2006).
The days of open consultative development of e-Health Policy in Australia would now seem to be over given we now have nothing other than private discussions determining the Heath Ministers decisions and NEHTA having advisory groups whose membership seems to be a state secret.
It seems unaccountable bureaucracy rules! All in all a sad day.
David.
“There are other worrying portents of the Commonwealth Government vacating the e-health space. Firstly, the formal role of the Australian Health Information Council (AHIC) to undertake national e-health planning was withdrawn after the AHMAC meeting in late 2005.”
What I wrote seems to be truer than I could have imagined.
AHIC was initially set up by Health Ministers in July 2003. AHIC, it was said “works closely with the National Health Information Group in to increase the effectiveness of IT investment in the health sector.”
After little practical outcome from the Council after two years, it was reviewed by the Australian Government (in secret it would seem as there was no public report I am aware of ever announced or released) and its role was changed.
The new role was described as follows:
“The revised operating arrangements for AHIC are based on an independent review of the Council commissioned by the Australian Government. These arrangements will enable AHIC to focus on providing strategic advice to Health Ministers about the more effective and efficient use of information management and information communications technology (IM&ICT) in the health sector.”
At the same time as this was done (November 2005) all references to a proposed National E-Health Strategy disappeared from the AHIC web-site. I am told that despite twelve months consultation and work by the AHIC secretariat the strategy produced was so bad as to not be appropriate for release and so the whole idea of developing a National E-Health Strategy was abandoned. Since that time administrative transfers, changes and resignations have ensured that any expertise and skills in the e-health domain that may have existed have been largely dissipated.
It now seems that the last rites have been administered to the last representative Australian e-Health peak body – with the web site (www.ahic.org.au or www.ahic.gov.au) now having disappeared as of the time of writing (6th September, 2006).
The days of open consultative development of e-Health Policy in Australia would now seem to be over given we now have nothing other than private discussions determining the Heath Ministers decisions and NEHTA having advisory groups whose membership seems to be a state secret.
It seems unaccountable bureaucracy rules! All in all a sad day.
David.
Saturday, September 02, 2006
What’s the Secret? - Political Comments – Part 2.
A few months ago I discovered your humble correspondent had made a minute contribution to the Smartcard debate by providing a quote that permitted the Labor Party Spokesman on the Smartcard Project to ask a question, with notice, of Minister Joe Hockey regarding the costs of the project.
The question and the responses are as follows:
Mr Kelvin Thomson asked the Minister for Human Services, in writing, on 14 June 2006:
(1) Is the estimated cost of $100 million to register Australians for the Smartcard, attributed to consultant Dr David More in The Australian on 13 June 2006, accurate; if not, what is the correct sum.
(2) Does the $1.1 billion allocated for the Smartcard project in the 2006 Budget include a sum for Smartcard registration; if so, what sum has been allocated for that purpose.
(3) Is the estimated cost of $100 million to provide the Smartcard cards, attributed to consultant Dr David More in The Australian on 13 June 2006, accurate; if not, what is the correct sum.
(4) Does the $1.1 billion allocated for the Smartcard project in the 2006 Budget include a sum for provision of the Smartcard cards; if so, what sum has been allocated for that purpose.
(5) Is there an intention to allow private businesses use of Smartcard infrastructure.
(6) Has he, or the Smartcard Taskforce, received advice to the effect that the creation of a more valuable, single proof of identity instrument will increase the appeal and practice of identity theft.
(7) Does he, or the Smartcard Taskforce, plan to endow department or agency staff with the power to (a) confiscate and/or (b) deactivate a Smartcard; if so, (i) who will have that power, and (ii) will the exercise of that power be subject to appeal by the cardholder.
Mr Hockey—The answer to the honourable member’s question is as follows:
(1) The cost of establishing the access card system is $1.09 billion over four years. For commercial reasons, detailed information regarding costs, including the cost of registering Australians for the Health and Social Services (HSS) access card is not publicly available.
(2) Yes, the cost of $1.09 billion over four years to introduce the HSS access card includes funding for the registration of Australians for the access card. However, as noted in the response to question (1), information regarding the estimated cost of registration is not publicly available.
(3) See response to question (1).
(4) See response to question (2).
(5) The Government does not intend to build all Smartcard infrastructure such as cards, readers and microchips. This is not core government business. Therefore it is obvious that the private sector will need to service its equipment.
(6) Advice that the introduction of the HSS access card will increase the appeal and practice of identity theft has not been received by the Minister for Human Services, the Smart Technologies and Services Taskforce or the Access Card Consumer and Privacy Taskforce.
Indeed, as the KPMG Health and Social Services Smart Card Initiative, Volume 1: Business Case notes:
“KPMG considers that greater trust in the overall system will be strengthened by consumers being confident that their card cannot be used by someone else. Having a photograph on the card and all the other securities in place, in our view, is likely to strengthen that confidence.” (Public Extract, Page 18).
(7) The abilities of staff from the Department of Human Services or its agencies to confiscate or deactivate access cards is not yet determined, this will be the subject of detailed design work and the advice of the Lead Advisor and Chief Technology
Architect.
To prepare this answer it has taken approximately 2 hours and 21 minutes at an estimated cost of $137."
I would suggest you would have to score this answer 2/10 for provision of useful information and 9/10 for stonewalling.
What amazes me is why a breakdown at the level of enrolment costs and smartcard costs could not be provided. Details that might compromise the tendering process for the cards it is reasonable to withhold until such tendering is complete and pricing is determined, but providing estimates to the nearest 10-20 million (as the Government must have to provide the precise total cost of $1.09billion over 4 years) seems secretive in the extreme. It is, after all, a lot of public money and it would seem reasonable for the public to know a little more than just to total cost.
The response to question 5 is really bizarre. The Government would be not be expected to build any of the equipment involved – given there is not even a microchip fabrication plant in the country and it simply has neither the staff or capability to manufacture such products. But this was not the question. The question asked sought to understand if any Government infrastructure would be accessible or usable by the private sector i.e. if a new Government network is to be built to support Smartcard services will be private sector be able to use it.
The answer reveals a very poor understanding on the part of the public servant who drafted the response as to just what was being asked and what the implications were.
In fact, what is virtually certain, is that either a beefed up Medicare Australia network will be used or the private sector will provision the Access Card requirements for a fee which will most likely be transaction or usage based. The cards and readers will simply be purchased or leased commercially on behalf of the Government.
The response to question 6 is equally unsatisfactory. The question was going to the issue of the robustness of the identity services to be implemented to prevent identity fraud. Clearly what was needed in the answer were the reasons how the new card would reduce ID theft and evidence that backed that assertion. It should be noted that systems such as the Access Card are only as robust as their weakest link and the events of the last week or two surrounding the security of Government tax and Centrelink records make it clear where one potentially major weakness lies.
All in all an opportunity wasted for the Government to re-assure the public regarding the Access Card, its costs, its security and its workings.
David.
The question and the responses are as follows:
Mr Kelvin Thomson asked the Minister for Human Services, in writing, on 14 June 2006:
(1) Is the estimated cost of $100 million to register Australians for the Smartcard, attributed to consultant Dr David More in The Australian on 13 June 2006, accurate; if not, what is the correct sum.
(2) Does the $1.1 billion allocated for the Smartcard project in the 2006 Budget include a sum for Smartcard registration; if so, what sum has been allocated for that purpose.
(3) Is the estimated cost of $100 million to provide the Smartcard cards, attributed to consultant Dr David More in The Australian on 13 June 2006, accurate; if not, what is the correct sum.
(4) Does the $1.1 billion allocated for the Smartcard project in the 2006 Budget include a sum for provision of the Smartcard cards; if so, what sum has been allocated for that purpose.
(5) Is there an intention to allow private businesses use of Smartcard infrastructure.
(6) Has he, or the Smartcard Taskforce, received advice to the effect that the creation of a more valuable, single proof of identity instrument will increase the appeal and practice of identity theft.
(7) Does he, or the Smartcard Taskforce, plan to endow department or agency staff with the power to (a) confiscate and/or (b) deactivate a Smartcard; if so, (i) who will have that power, and (ii) will the exercise of that power be subject to appeal by the cardholder.
Mr Hockey—The answer to the honourable member’s question is as follows:
(1) The cost of establishing the access card system is $1.09 billion over four years. For commercial reasons, detailed information regarding costs, including the cost of registering Australians for the Health and Social Services (HSS) access card is not publicly available.
(2) Yes, the cost of $1.09 billion over four years to introduce the HSS access card includes funding for the registration of Australians for the access card. However, as noted in the response to question (1), information regarding the estimated cost of registration is not publicly available.
(3) See response to question (1).
(4) See response to question (2).
(5) The Government does not intend to build all Smartcard infrastructure such as cards, readers and microchips. This is not core government business. Therefore it is obvious that the private sector will need to service its equipment.
(6) Advice that the introduction of the HSS access card will increase the appeal and practice of identity theft has not been received by the Minister for Human Services, the Smart Technologies and Services Taskforce or the Access Card Consumer and Privacy Taskforce.
Indeed, as the KPMG Health and Social Services Smart Card Initiative, Volume 1: Business Case notes:
“KPMG considers that greater trust in the overall system will be strengthened by consumers being confident that their card cannot be used by someone else. Having a photograph on the card and all the other securities in place, in our view, is likely to strengthen that confidence.” (Public Extract, Page 18).
(7) The abilities of staff from the Department of Human Services or its agencies to confiscate or deactivate access cards is not yet determined, this will be the subject of detailed design work and the advice of the Lead Advisor and Chief Technology
Architect.
To prepare this answer it has taken approximately 2 hours and 21 minutes at an estimated cost of $137."
I would suggest you would have to score this answer 2/10 for provision of useful information and 9/10 for stonewalling.
What amazes me is why a breakdown at the level of enrolment costs and smartcard costs could not be provided. Details that might compromise the tendering process for the cards it is reasonable to withhold until such tendering is complete and pricing is determined, but providing estimates to the nearest 10-20 million (as the Government must have to provide the precise total cost of $1.09billion over 4 years) seems secretive in the extreme. It is, after all, a lot of public money and it would seem reasonable for the public to know a little more than just to total cost.
The response to question 5 is really bizarre. The Government would be not be expected to build any of the equipment involved – given there is not even a microchip fabrication plant in the country and it simply has neither the staff or capability to manufacture such products. But this was not the question. The question asked sought to understand if any Government infrastructure would be accessible or usable by the private sector i.e. if a new Government network is to be built to support Smartcard services will be private sector be able to use it.
The answer reveals a very poor understanding on the part of the public servant who drafted the response as to just what was being asked and what the implications were.
In fact, what is virtually certain, is that either a beefed up Medicare Australia network will be used or the private sector will provision the Access Card requirements for a fee which will most likely be transaction or usage based. The cards and readers will simply be purchased or leased commercially on behalf of the Government.
The response to question 6 is equally unsatisfactory. The question was going to the issue of the robustness of the identity services to be implemented to prevent identity fraud. Clearly what was needed in the answer were the reasons how the new card would reduce ID theft and evidence that backed that assertion. It should be noted that systems such as the Access Card are only as robust as their weakest link and the events of the last week or two surrounding the security of Government tax and Centrelink records make it clear where one potentially major weakness lies.
All in all an opportunity wasted for the Government to re-assure the public regarding the Access Card, its costs, its security and its workings.
David.
The e-Health Fiasco in Australia Is Now Recognised – What Should be Done?
Finally at least one side of politics has recognised there is a major problem with the Australian e-health strategy (or lack of it) and has pointed out the “waste and mismanagement” that has been bedevilling the area for years.
The following is the Sydney Morning Herald’s report of the Opposition Spokeswoman for Health.
http://www.smh.com.au/news/National/National-health-record-system-stalled/2006/08/29/1156816880858.html
“National health record system 'stalled'
August 29, 2006 - 1:29PM
The government has wasted hundreds of millions of dollars in stalled and failed attempts to introduce a national electronic health record system, Labor says.
Opposition health spokeswoman Julia Gillard said on Tuesday it was widely considered that using information technology to integrate patients health records could help prevent over-referrals, over-prescribing and minimise medical mistakes.
But the government had scrapped the Medicare Smart Card and its new proposed $1.1 billion Smartcard would not provide access to patient medical records, Ms Gillard said.
The much-lauded e-health records system HealthConnect no longer existed as a program and had all but disappeared, she said.
"Recent developments suggest that our national e-health strategy has not only stalled, but is dangerously close to being considered an expensive failure," Ms Gillard said in a speech to the Australian College of Health Services Executives in Adelaide.
HealthConnect - a national health information network designed to integrate patient records from hospitals, doctor surgeries, nursing homes, medical laboratories and pharmacies - was launched in 2000 with claims it could reduce accidental mishaps in treatment by as much as 30 per cent.
But Ms Gillard said "just a handful" of small HealthConnect initiatives were currently running in some states.
"And there do not appear to be any reports about what we have learned from those projects, how they might be further extended or why they succeeded or failed," she said.
"In terms of a coordinated national initiative, we are not much further advanced in this area than we were back in April 1999.
"The problem is that hundreds of millions of dollars have been spent on programs launched with much fanfare and then allowed to die."
Ms Gillard said changing the health care management and delivery system was not an easy task, but the government had missed some opportunities and made some obvious mistakes.
She said states and territories have started their own e-health efforts, raising fears of a fragmented and disconnected system.
Australia now had to face the reality that a national e-health system was at least a decade off, Ms Gillard said.
"To fix the problem we will need a national, collaborative approach and strong national leadership," she said.
Health Minister Tony Abbott in 2003 said the health system would be in "systemic paralysis" if a smart card carrying an individual's medical history was not available within five years.
But the federal government said the HealthConnect project was on track and a major agreement had been made at the most recent Council of Australian Governments (COAG) meeting.”
Ms Gillard made a number of points which were, in my view, absolutely spot on.
These key ones were:
1. “To fix the problem we will need a national, collaborative approach and strong national leadership.”
2. “In terms of a coordinated national initiative, we are not much further advanced in this area than we were back in April 1999.”
3. “The government has wasted hundreds of millions of dollars in stalled and failed attempts to introduce a national electronic health record system.”
The Government’s response to this considered and utterly accurate assessment of the current e-health state of play was that the most recent COAG meeting “had agreed to have a work schedule in place by 2009, a "considerable" step involving consensus about protocols and terminology had been taken with the provision of “an additional $130 million to be invested in the National E-Health Transition Authority, the body responsible for developing the electronic records”.
It also made the utterly ludicrous claim that “HealthConnect is still operational and on track and we are learning some very valuable lessons from the trials that have been going on in Tasmania and the Northern Territory”. This is a barefaced untruth as has been widely reported and thoroughly documented, if in no other place, in this blog. The development of HealthConnect has been totally downscaled and essentially defunded.
The sole element of the minister’s comments I can agree with is that “the minister has expressed his frustration with how slow things are moving, but it is very complicated, and it's moving ahead”.
I would suggest that it is time to say that the HealthConnect centralised model for e-health service delivery has failed in Australia and that what is needed is a radical re-think of approach.
This is implicitly recognised in the timeframes now being talked of by NEHTA for delivery of the Shared EHR Concept of Operations and Version 2.0 of the Interoperability Framework (Both now apparently due some time in 2007).
Evidence would seem to be emerging globally that centralised approaches bring with them high cost, high risk and excessive complexity. Witness the problems being experienced in the UK NHS Connecting for Health Program.
Equally it is now becoming clear that there are models for regional health information sharing that are becoming both technically as well as financially viable. Witness the successes seen in Scandinavia and in some of the nascent Regional Health Information Organisations in the USA.
As I have argued previously there are e-health projects that can make a difference, are affordable and which offer considerable benefit for both clinicians and their patients that could be undertaken in Australia. These include provision of effective General Practice and Specialist Practitioner computerisation, the automation of Acute and Long Term Hospitals, the computerised support of pharmacy, radiology and laboratory practice and the introduction of a common interoperable form of secure health messaging.
That would be a major two to three year agenda that could be sponsored and delivered by either side of national politics with enough will, understanding and determination. One can only hope that both Ms Gillard and Mr Abbott can recognise the value of such an approach – as well as the lower political risk to themselves personally, and move towards having NEHTA adopt such an approach, while possibly continuing some of the important long term infrastructure work they have in their work plan. To just do the latter, without the former, delays benefits to all Australians and carries a high risk of virtually total failure with the associated need to start again in 2010 or so. A quite unacceptable outcome.
David.
The following is the Sydney Morning Herald’s report of the Opposition Spokeswoman for Health.
http://www.smh.com.au/news/National/National-health-record-system-stalled/2006/08/29/1156816880858.html
“National health record system 'stalled'
August 29, 2006 - 1:29PM
The government has wasted hundreds of millions of dollars in stalled and failed attempts to introduce a national electronic health record system, Labor says.
Opposition health spokeswoman Julia Gillard said on Tuesday it was widely considered that using information technology to integrate patients health records could help prevent over-referrals, over-prescribing and minimise medical mistakes.
But the government had scrapped the Medicare Smart Card and its new proposed $1.1 billion Smartcard would not provide access to patient medical records, Ms Gillard said.
The much-lauded e-health records system HealthConnect no longer existed as a program and had all but disappeared, she said.
"Recent developments suggest that our national e-health strategy has not only stalled, but is dangerously close to being considered an expensive failure," Ms Gillard said in a speech to the Australian College of Health Services Executives in Adelaide.
HealthConnect - a national health information network designed to integrate patient records from hospitals, doctor surgeries, nursing homes, medical laboratories and pharmacies - was launched in 2000 with claims it could reduce accidental mishaps in treatment by as much as 30 per cent.
But Ms Gillard said "just a handful" of small HealthConnect initiatives were currently running in some states.
"And there do not appear to be any reports about what we have learned from those projects, how they might be further extended or why they succeeded or failed," she said.
"In terms of a coordinated national initiative, we are not much further advanced in this area than we were back in April 1999.
"The problem is that hundreds of millions of dollars have been spent on programs launched with much fanfare and then allowed to die."
Ms Gillard said changing the health care management and delivery system was not an easy task, but the government had missed some opportunities and made some obvious mistakes.
She said states and territories have started their own e-health efforts, raising fears of a fragmented and disconnected system.
Australia now had to face the reality that a national e-health system was at least a decade off, Ms Gillard said.
"To fix the problem we will need a national, collaborative approach and strong national leadership," she said.
Health Minister Tony Abbott in 2003 said the health system would be in "systemic paralysis" if a smart card carrying an individual's medical history was not available within five years.
But the federal government said the HealthConnect project was on track and a major agreement had been made at the most recent Council of Australian Governments (COAG) meeting.”
Ms Gillard made a number of points which were, in my view, absolutely spot on.
These key ones were:
1. “To fix the problem we will need a national, collaborative approach and strong national leadership.”
2. “In terms of a coordinated national initiative, we are not much further advanced in this area than we were back in April 1999.”
3. “The government has wasted hundreds of millions of dollars in stalled and failed attempts to introduce a national electronic health record system.”
The Government’s response to this considered and utterly accurate assessment of the current e-health state of play was that the most recent COAG meeting “had agreed to have a work schedule in place by 2009, a "considerable" step involving consensus about protocols and terminology had been taken with the provision of “an additional $130 million to be invested in the National E-Health Transition Authority, the body responsible for developing the electronic records”.
It also made the utterly ludicrous claim that “HealthConnect is still operational and on track and we are learning some very valuable lessons from the trials that have been going on in Tasmania and the Northern Territory”. This is a barefaced untruth as has been widely reported and thoroughly documented, if in no other place, in this blog. The development of HealthConnect has been totally downscaled and essentially defunded.
The sole element of the minister’s comments I can agree with is that “the minister has expressed his frustration with how slow things are moving, but it is very complicated, and it's moving ahead”.
I would suggest that it is time to say that the HealthConnect centralised model for e-health service delivery has failed in Australia and that what is needed is a radical re-think of approach.
This is implicitly recognised in the timeframes now being talked of by NEHTA for delivery of the Shared EHR Concept of Operations and Version 2.0 of the Interoperability Framework (Both now apparently due some time in 2007).
Evidence would seem to be emerging globally that centralised approaches bring with them high cost, high risk and excessive complexity. Witness the problems being experienced in the UK NHS Connecting for Health Program.
Equally it is now becoming clear that there are models for regional health information sharing that are becoming both technically as well as financially viable. Witness the successes seen in Scandinavia and in some of the nascent Regional Health Information Organisations in the USA.
As I have argued previously there are e-health projects that can make a difference, are affordable and which offer considerable benefit for both clinicians and their patients that could be undertaken in Australia. These include provision of effective General Practice and Specialist Practitioner computerisation, the automation of Acute and Long Term Hospitals, the computerised support of pharmacy, radiology and laboratory practice and the introduction of a common interoperable form of secure health messaging.
That would be a major two to three year agenda that could be sponsored and delivered by either side of national politics with enough will, understanding and determination. One can only hope that both Ms Gillard and Mr Abbott can recognise the value of such an approach – as well as the lower political risk to themselves personally, and move towards having NEHTA adopt such an approach, while possibly continuing some of the important long term infrastructure work they have in their work plan. To just do the latter, without the former, delays benefits to all Australians and carries a high risk of virtually total failure with the associated need to start again in 2010 or so. A quite unacceptable outcome.
David.
Tuesday, August 29, 2006
iSoft – A Problem for More than the NHS!
In November 2005, I had the opportunity to review, in some considerable detail, the Hospital Information System which was being offered to an international client as a solution to provide advanced computer services for a three hundred bed tertiary private hospital.
It was clear at that time that the iSoft Lorenzo software suite was little more than ‘foilware’. The system was a concocted blend of old and new components, was obviously un-integrated and lacked any common utility in its user interface.
Needless to say I recommended that no further engagement be had with iSoft and that alternative providers of the necessary HIS software be considered.
The following headlines from the London Financial Times over the last week say it all!
Isoft receives bid approaches
Isoft, the beleaguered software supplier to the £6.2bn National Health Service IT project in the UK, has received several informal approaches from both private equity firms and trade rivals.
Isoft refinances after posting £343.8m loss
Isoft, the troubled healthcare software company being investigated by the FSA for issuing potentially misleading statements, has reported a full year pre-tax loss of £343.8m.
Isoft duo present a catalogue of horrors
For the two men charged with delivering one of the most eagerly awaited earnings statements of the year, Isoft's John Weston and Gavin James appeared remarkably fresh...
Questions linger over plan to build electronic patient record
Ministers and officials yesterday breathed a collective sigh of relief that iSoft, one of the principal suppliers to the National Health Service's £12bn computer..
There is one crucial lesson to be learnt from this. That is that buying software futures is a fool’s game, especially with complex systems like a HIS. If you can’t see, touch and feel the software operating live in at least 2-3 reference sites, exactly as you need it to operate, then to make any purchase is folly!
In the Australian today Karen Dearne makes the point there are potential Australian implications.
“Health group's fall may hit here
Karen Dearne
August 29, 2006
TROUBLED health software developer iSoft's shock loss of almost £400 million last year has destabilised Britain's £10 billion ($24.9 billion) Connecting for Health IT program and may hit local projects, including Victoria's $323 million HealthSmart.
While iSoft clutched a straw offered by its British bankers, the company faces investigations by financial regulators, problems with current implementations and questions over the long-promised Lorenzo web-based product.
The debacle has grabbed front-page attention in Britain, with reports that iSoft's three founders have become millionaires while the company's market value has plummeted from more than £1 billion at its peak to just £97 million.
Reports say the late Roger Dickens (iSoft chairman until late 2003), sold shares worth about £10 million; former chief executive Patrick Cryne received about £40 million; and Stephen Graham, currently suspended, about £30 million.
Former chief executive Tim Whiston resigned in June, reportedly with a golden handshake. The release of iSoft's results ended months of speculation over alleged accounting irregularities that saw its share price fall 90 per cent to just 40p last week.”
It looks to me that iSoft’s failure is inevitable, given the comments made a week or so ago in the audit of their progress in delivery of Lorenzo that they “lacked a credible plan” for its delivery any time in the next few years.
Additionally, there is no point holding obsolete software in escrow. All that does is provide a false sense of security that something can be done when iSoft fails. All that can be done with the escrowed software is maybe fix the occasional critical ‘bug’ while buying time to identify new software to replace the now doomed iSoft system.
Those in NSW and Victoria who have purchased iSoft software on the basis of future promises have clearly let their respective health systems down very badly and should consider their ongoing roles in their present positions. This is a huge mess both here and in the UK. Those in both the UK and Australia affected by this have my sympathy, but they should have known better.
David.
It was clear at that time that the iSoft Lorenzo software suite was little more than ‘foilware’. The system was a concocted blend of old and new components, was obviously un-integrated and lacked any common utility in its user interface.
Needless to say I recommended that no further engagement be had with iSoft and that alternative providers of the necessary HIS software be considered.
The following headlines from the London Financial Times over the last week say it all!
Isoft receives bid approaches
Isoft, the beleaguered software supplier to the £6.2bn National Health Service IT project in the UK, has received several informal approaches from both private equity firms and trade rivals.
Isoft refinances after posting £343.8m loss
Isoft, the troubled healthcare software company being investigated by the FSA for issuing potentially misleading statements, has reported a full year pre-tax loss of £343.8m.
Isoft duo present a catalogue of horrors
For the two men charged with delivering one of the most eagerly awaited earnings statements of the year, Isoft's John Weston and Gavin James appeared remarkably fresh...
Questions linger over plan to build electronic patient record
Ministers and officials yesterday breathed a collective sigh of relief that iSoft, one of the principal suppliers to the National Health Service's £12bn computer..
There is one crucial lesson to be learnt from this. That is that buying software futures is a fool’s game, especially with complex systems like a HIS. If you can’t see, touch and feel the software operating live in at least 2-3 reference sites, exactly as you need it to operate, then to make any purchase is folly!
In the Australian today Karen Dearne makes the point there are potential Australian implications.
“Health group's fall may hit here
Karen Dearne
August 29, 2006
TROUBLED health software developer iSoft's shock loss of almost £400 million last year has destabilised Britain's £10 billion ($24.9 billion) Connecting for Health IT program and may hit local projects, including Victoria's $323 million HealthSmart.
While iSoft clutched a straw offered by its British bankers, the company faces investigations by financial regulators, problems with current implementations and questions over the long-promised Lorenzo web-based product.
The debacle has grabbed front-page attention in Britain, with reports that iSoft's three founders have become millionaires while the company's market value has plummeted from more than £1 billion at its peak to just £97 million.
Reports say the late Roger Dickens (iSoft chairman until late 2003), sold shares worth about £10 million; former chief executive Patrick Cryne received about £40 million; and Stephen Graham, currently suspended, about £30 million.
Former chief executive Tim Whiston resigned in June, reportedly with a golden handshake. The release of iSoft's results ended months of speculation over alleged accounting irregularities that saw its share price fall 90 per cent to just 40p last week.”
It looks to me that iSoft’s failure is inevitable, given the comments made a week or so ago in the audit of their progress in delivery of Lorenzo that they “lacked a credible plan” for its delivery any time in the next few years.
Additionally, there is no point holding obsolete software in escrow. All that does is provide a false sense of security that something can be done when iSoft fails. All that can be done with the escrowed software is maybe fix the occasional critical ‘bug’ while buying time to identify new software to replace the now doomed iSoft system.
Those in NSW and Victoria who have purchased iSoft software on the basis of future promises have clearly let their respective health systems down very badly and should consider their ongoing roles in their present positions. This is a huge mess both here and in the UK. Those in both the UK and Australia affected by this have my sympathy, but they should have known better.
David.
The Perfect Storm Intensifies!
Just when you thought it would not get much worse, it has. Added to the litany of computer assisted privacy violations perpetrated by Government custodians of “your personal information” we now find yet another and separate agency involved in more poor behaviour.
As Ben Woodhead reports in today’s Australian:
“Tax office sacks 'spies'
Ben Woodhead
August 29, 2006
A SECOND government agency has been forced to sack staff for spying on client records, with the Australian Taxation Office taking action against 27 workers for breaches of privacy.
The tax office took action against 24 employees over inappropriate access to taxpayer files last financial year, with another three cases detected this year.
ATO first assistant commissioner for people and place, Anne Ellison, said 12 of the staff caught spying last year resigned on the spot. Four were sacked, two were fined and six had their salaries reduced or were demoted.
Two were ultimately prosecuted for breaches of the Tax Administration Act, with one sentenced to community service and the other fined."
The article then goes on to point out that there is considerable suspicion that leaked tax details of a range of celebrities may be linked to these unauthorised intrusions and searches.
Even more alarming are the comments from “Medicare Australia spokesman Peter Sexton said that agency had also had talks with Centrelink as part of a review of its privacy systems.
"We have engaged a consultant to review a number of our processes including audit logging, access profiles and risk assessments," Dr Sexton said. "There is swift disciplinary or legal action taken whenever a case of fraud or unauthorised access is detected."
This confirms what we already knew. Right now the security of your Medicare records (among others) is inadequate. Why else would consultants be asked to help and sort things out?
The points made in the earlier article are just confirmed. Public trust is on the way down and the effect of these ongoing problems not only confirms their right to be concerned but enhances it!
One has to ask why it is only now, with all these reviews having been underway for the last years, do we know what has been and continues to go on. The present system is clearly just not working.
If the public confidence in electronic health records is not going to be destroyed it seems time that a few of the senior managers of these “sticky beaks” who browse and leak information need to be faced with the ultimate disciplinary sanction and terminated. Maybe, then, we would see the cultural change that is so obviously required.
David
As Ben Woodhead reports in today’s Australian:
“Tax office sacks 'spies'
Ben Woodhead
August 29, 2006
A SECOND government agency has been forced to sack staff for spying on client records, with the Australian Taxation Office taking action against 27 workers for breaches of privacy.
The tax office took action against 24 employees over inappropriate access to taxpayer files last financial year, with another three cases detected this year.
ATO first assistant commissioner for people and place, Anne Ellison, said 12 of the staff caught spying last year resigned on the spot. Four were sacked, two were fined and six had their salaries reduced or were demoted.
Two were ultimately prosecuted for breaches of the Tax Administration Act, with one sentenced to community service and the other fined."
The article then goes on to point out that there is considerable suspicion that leaked tax details of a range of celebrities may be linked to these unauthorised intrusions and searches.
Even more alarming are the comments from “Medicare Australia spokesman Peter Sexton said that agency had also had talks with Centrelink as part of a review of its privacy systems.
"We have engaged a consultant to review a number of our processes including audit logging, access profiles and risk assessments," Dr Sexton said. "There is swift disciplinary or legal action taken whenever a case of fraud or unauthorised access is detected."
This confirms what we already knew. Right now the security of your Medicare records (among others) is inadequate. Why else would consultants be asked to help and sort things out?
The points made in the earlier article are just confirmed. Public trust is on the way down and the effect of these ongoing problems not only confirms their right to be concerned but enhances it!
One has to ask why it is only now, with all these reviews having been underway for the last years, do we know what has been and continues to go on. The present system is clearly just not working.
If the public confidence in electronic health records is not going to be destroyed it seems time that a few of the senior managers of these “sticky beaks” who browse and leak information need to be faced with the ultimate disciplinary sanction and terminated. Maybe, then, we would see the cultural change that is so obviously required.
David
Saturday, August 26, 2006
Is Australian E-Health Facing a Perfect Storm?
Reference to Wikipedia describes a “Perfect Storm” as follows:
“The phrase perfect storm refers to a simultaneous occurrence of events which, taken individually, would be far less powerful than the result of their chance combination. Such occurrences are, by their very nature, rare, and so even a slight change in any one event contributing to a ‘perfect storm’ would be sufficient to lessen the overall power of the final event.”
In this short article I am suggesting that the future of e-Health may be facing just such a storm. Why? Because it seems there are a number of forces and events coalescing to greatly damage the progress of the implementation of e-Health nationally.
Firstly we have the revelations that following a two year investigation (one wonders why it took that long) some six hundred Centrelink staff have been found browsing Centrelink client records inappropriately – despite there being clear warnings to all stuff that such activity will be dealt with very harshly (over 100 apparently no longer work for the organisation).
It seems this is not the first incidence of such behaviour among public servants – with a major breach, rather worryingly, having occurred at the Commonwealth Child Support Agency a year or so back.
Secondly we have all sorts of incidents being reported from all over the world where patient details are being accidentally provided to third parties through everything from stolen laptops to web-based accidental patient information publication.
The most recent was reported a few days ago.
“Laptop computer with home-care patient data stolen in Michigan
Beaumont Home Care on Tuesday asked the public to help it recover a laptop computer filled with three years worth of personal patient information that was stolen with an employee's car.
Beaumont said the information was encrypted and password-protected and is related only to home-health patients. Beaumont Hospital inpatients’ or outpatients' information was not included and centralized registration and medical records of Beaumont are not at risk. But the laptop belonged to a new employee who had stored the ID access code and password with the computer.
Home-care staff use laptop computers to document patient care. The stolen information included patients' names, addresses, birth dates and Social Security numbers. Medical- insurance and personal-health information was also included. Home-care patients have been apprised of the theft and Beaumont is arranging enrollment in a credit-reporting service as well, the Royal Oak, Mich.-based system said in a news release.
"We are taking aggressive measures to protect their personal and health information and to lessen the impact of the computer theft on them," said Chris Hengstebeck, security director at Beaumont in Troy, Mich. The hospital system is offering a reward for the recovery of the Dell Latitude D-400 laptop, serial No. 5MZ1F61, WBH Tag No. 218242.
Crain's Detroit Business”
Note that this problem would simply not have arisen without the records being computerised.
Third we have Minister Hockey, the minister for Centrelink, claiming the information held for the proposed Commonwealth Services Access SmartCard will be handled differently. How much credibility can such a claim have in the public’s mind?
Fourth we have NEHTA suggesting that the basis of its privacy approach is to be technologically agnostic. As I wrote a few months ago,
“talk of privacy neutrality is naïve. It is critically necessary to distinguish between conceptual privacy neutrality and practical (or privacy as it is actually implemented) neutrality. Preserving the privacy of a patient’s written record is a very different thing from preserving the privacy of a patient’s record when stored, typically with hundreds of others, in a computer system. The threats from leakage and exposure are different as are the methods of auditing access and use. These differences must be clearly recognised and effectively addressed. An example is the ease with which 10,000 records can be stolen on a USB key compared with the same ‘truck-requiring’ effort with paper records.”
The essence of my concern in all this is that unless public trust is manifestly justified, through leaks of sensitive personal information being made extraordinarily rare or non-existent, implementation of e-health technology and solutions will be effectively blocked by security and privacy concerns before it can even get underway.
It is up to those working, not only in health, but those handling all sorts of personally identifiable information (e.g. banks, insurance companies, diagnostic laboratories, police etc) to understand clearly that while mistakes will always happen, it requires a computer to really make a massive series of mistakes. In the wrong hands computer data-bases can disclose vast amounts of sensitive information far more quickly and efficiently than any paper based system can!
The key message is simple. To prevent there being great difficulty with the adoption of e-health technology and solutions, great care has to be taken to address, not only the technical, but also the cultural, human and organisational issues that permit un-authorised disclosure of private information. It is a problem for all of us!
David.
“The phrase perfect storm refers to a simultaneous occurrence of events which, taken individually, would be far less powerful than the result of their chance combination. Such occurrences are, by their very nature, rare, and so even a slight change in any one event contributing to a ‘perfect storm’ would be sufficient to lessen the overall power of the final event.”
In this short article I am suggesting that the future of e-Health may be facing just such a storm. Why? Because it seems there are a number of forces and events coalescing to greatly damage the progress of the implementation of e-Health nationally.
Firstly we have the revelations that following a two year investigation (one wonders why it took that long) some six hundred Centrelink staff have been found browsing Centrelink client records inappropriately – despite there being clear warnings to all stuff that such activity will be dealt with very harshly (over 100 apparently no longer work for the organisation).
It seems this is not the first incidence of such behaviour among public servants – with a major breach, rather worryingly, having occurred at the Commonwealth Child Support Agency a year or so back.
Secondly we have all sorts of incidents being reported from all over the world where patient details are being accidentally provided to third parties through everything from stolen laptops to web-based accidental patient information publication.
The most recent was reported a few days ago.
“Laptop computer with home-care patient data stolen in Michigan
Beaumont Home Care on Tuesday asked the public to help it recover a laptop computer filled with three years worth of personal patient information that was stolen with an employee's car.
Beaumont said the information was encrypted and password-protected and is related only to home-health patients. Beaumont Hospital inpatients’ or outpatients' information was not included and centralized registration and medical records of Beaumont are not at risk. But the laptop belonged to a new employee who had stored the ID access code and password with the computer.
Home-care staff use laptop computers to document patient care. The stolen information included patients' names, addresses, birth dates and Social Security numbers. Medical- insurance and personal-health information was also included. Home-care patients have been apprised of the theft and Beaumont is arranging enrollment in a credit-reporting service as well, the Royal Oak, Mich.-based system said in a news release.
"We are taking aggressive measures to protect their personal and health information and to lessen the impact of the computer theft on them," said Chris Hengstebeck, security director at Beaumont in Troy, Mich. The hospital system is offering a reward for the recovery of the Dell Latitude D-400 laptop, serial No. 5MZ1F61, WBH Tag No. 218242.
Crain's Detroit Business”
Note that this problem would simply not have arisen without the records being computerised.
Third we have Minister Hockey, the minister for Centrelink, claiming the information held for the proposed Commonwealth Services Access SmartCard will be handled differently. How much credibility can such a claim have in the public’s mind?
Fourth we have NEHTA suggesting that the basis of its privacy approach is to be technologically agnostic. As I wrote a few months ago,
“talk of privacy neutrality is naïve. It is critically necessary to distinguish between conceptual privacy neutrality and practical (or privacy as it is actually implemented) neutrality. Preserving the privacy of a patient’s written record is a very different thing from preserving the privacy of a patient’s record when stored, typically with hundreds of others, in a computer system. The threats from leakage and exposure are different as are the methods of auditing access and use. These differences must be clearly recognised and effectively addressed. An example is the ease with which 10,000 records can be stolen on a USB key compared with the same ‘truck-requiring’ effort with paper records.”
The essence of my concern in all this is that unless public trust is manifestly justified, through leaks of sensitive personal information being made extraordinarily rare or non-existent, implementation of e-health technology and solutions will be effectively blocked by security and privacy concerns before it can even get underway.
It is up to those working, not only in health, but those handling all sorts of personally identifiable information (e.g. banks, insurance companies, diagnostic laboratories, police etc) to understand clearly that while mistakes will always happen, it requires a computer to really make a massive series of mistakes. In the wrong hands computer data-bases can disclose vast amounts of sensitive information far more quickly and efficiently than any paper based system can!
The key message is simple. To prevent there being great difficulty with the adoption of e-health technology and solutions, great care has to be taken to address, not only the technical, but also the cultural, human and organisational issues that permit un-authorised disclosure of private information. It is a problem for all of us!
David.
Subscribe to:
Posts (Atom)