UK NHS – A Summary of Commentary and Discussion over the Last Week.

While seldom out of the Health IT news world wide – the following series of articles provide a major update on what is going on and how successful the project is at present. It is fair to say the report card is ‘mixed’ at best. Could do better seems to be a useful summary.

The following offer a useful summary.

http://www.govhealthit.com/blogs/archives/ghitnotebook/2007/09/uk_report_refle.asp

UK Report Reflects Success, Doubts Over e-Health

September 14, 2007

Recent stories here in the US have talked about how the push for adoption of electronic health records has slowed, at least temporarily, while doctors and patients evaluate their worth. The general consensus seems to be that, long term at least, there's no doubt about their value but that users need to be convinced again why they should invest in them now.

That's not an uncommon scenario. Look at the adoption curve of most new technology products that aren't called iPod or iPhone and you'll see a flattening or even a dip after the early adopter phase. The expectation is that people will start putting money into EHRs again once the returns on that investment become clearer.

The experience that the UK has been having in building an electronic patient record infrastructure is instructive in that regard. While in many ways the centralized, government-led health system in the UK is completely different from the market-led system in the US, nevertheless the influences at the local level and on the individual for adoption of EHRs and EPRs are similar.

A report this week from a UK parliamentary committee flatly states that there's no longer any doubt that EPRs have huge potential in terms of the benefits they can provide for patients and health systems overall, but that how and when they will be delivered in the UK is still very much in doubt.

….. (see URL above for full article)

The report cited above is an important read – as is the report cited below.

http://www.e-health-insider.com/news/3019/wanless_warns_npfit_risking_nhs_modernisation

Wanless warns NPfIT risking NHS modernisation

11 Sep 2007

In a review of NHS modernisation efforts Sir Derek Wanless has criticised the slow progress of the National Programme for IT (NPfIT) and called for an audit of the programme to ensure it supports wider health service modernisation.

The report warns that considerable challenges lie ahead in modernising NHS IT systems and says there is "continuing debate over the feasibility of some current NPfIT plans".

With limited progress on its core objectives, and the lack of a clear measurable business case against which savings can be measured it says that Connecting for Health, the agency responsible for NPfIT, appears to be being allowed to follow "a high-cost, high-risk strategy that cannot be supported by a business case". Concerns are also expressed about the future impact of the monopolistic contracts awarded by the agency.

The report analyses the progress of NPfIT within the wider context of NHS modernisation and investments made and finds the programme wanting in key areas, particularly enabling productivity gains within the service. It observes that NPfIT has largely occurred in the absence of any published or measurable business case.

Despite receiving very significant investment since 2002 Wanless says the programme has so far largely failed to deliver. "The extent to which the NHS will benefit from these investments remains unclear."

….. (see URL above for full article)

Link

King's Fund: Our Future Health Secured? (.pdf)

http://www.e-health-insider.com/news/3023/nhs_ict_spend_set_to_hit_%C2%A32.9bn

NHS ICT spend set to hit £2.9bn

12 Sep 2007

The total spend on Information and Communications Technology in the NHS is set to hit £2.9bn in 2007/8 according to figures contained in a new report on NHS investment for the King's Fund.

Our Future Health Secured, authored by ex-NatWest boss Sir Derek Wanless, states that ICT spending in the NHS, combining both local and central spend, is set to almost triple from an estimated figure of £1bn in 2002 to £2.9bn by the end of 2007/8.

"Actual ICT spending in England is estimated to have increased from £1bn in 2002/3 to £2.3bn in 2005/6. In 2006/7, the planned increase in ICT spending is set to rise by 25 per cent to just under £2.9bn," says the report quoting figures supplied by NHS Connecting for Health.

The King's Fund report, which comes five years after Sir Derek published a review into future long term funding of the NHS, says that actual spending on ICT in the NHS was slower to pick up than originally envisaged, but has since exceeded the recommendations he made five years ago.

….. (see URL above for full article)

Following are three further perspectives on the Parliamentary Report mentioned above.

http://www.theregister.co.uk/2007/09/13/e-health_progress_report/

MPs criticise e-health record progress

By Kablenet

Published Thursday 13th September 2007 15:36 GMT

The Electronic Patient Record project needs better planning, more consultation and a new timetable, say MPs.

A report from the Commons Health Select Committee on the e-patient record - a key project in the 10-year NHS national programme for IT - highlights a series of problems with the management, security and timescale of the scheme.

The role of Connecting for Health (CfH), the agency responsible for the national IT programme, needs to be increasingly modified. It needs more focus on setting and monitoring national technical standards, if the development of the e-patient record is to be successful, claims the report, published on 13 September 2007.

"Professionally developed datasets and agreed approaches to the structure and content of detailed records are urgently needed for each of the main clinical specialties and for use in a range of different care settings," the report says.

The MPs called on CfH to work with the royal colleges and other professional groups to identify the information standards that will be required within their specialty area to develop consensus-based clinical information standards.

The e-patient record scheme will have two separate systems: a national summary care record (SCR), containing basic information; and a detailed care record (DCR) of more comprehensive information.

….. (see URL above for full article)

This article was originally published at Kablenet (http://www.kablenet.com/kd.nsf/FrontpageRSS/AB08D8052D588E35802573550038ECDC!OpenDocument).

http://www.contractoruk.com/news/003447.html

NHS IT system 'maximises' security risk

The current architecture of a showpiece NHS IT system “maximises” the risk of patients’ confidential details being leaked, stolen or breached.

Rather than minimising the security risk, the Spine provides “both a bigger target and a larger number points of attack” than if the NHS used a group of smaller systems.

Plans for the future of the Summary Care Records, a single database of patient data accessible by all NHS staff nationwide, will also make the system “more difficult to use.”

Delivering these damning verdicts on the system, due to store the data of 50m patients, the Commons Health Select Committee called for all staff with access to be security trained.

Security applications for healthcare systems provided by IT contractors, such as BT, should be independently evaluated, with the results to be made public.

The committee said such measures would install confidence in the £12bn computerisation of the NHS, and reduce the risk of security breaches, which are “problematic” and “challenging”.

….. (see URL above for full article)

http://www.ehiprimarycare.com/news/3028/confusion_surrounds_summary_care_record

Confusion surrounds Summary Care Record

14 Sep 2007

Indecision about the Summary Care Record has led to confusion about its content and purpose, according to a report from MPs.

The Health Committee has heavily criticised both the Department of Health and Connecting for Health for confusion about what will be included in the SCR and what the record will be used for.

In their enquiry into the NHS Care Records Service the Committee took evidence from a variety of Connecting for Health representatives on the SCR but claimed that officials gave different answers on different occasions to questions.

The report said the Committee supported the aim of introducing a nationally available summary record but deplored the “delays and continuing indecision about its content."

The report added: “The Committee was told at various times that the SCR will be used for the delivery of unscheduled care, for the care of patients with long-term conditions, and to exchange information between primary and secondary care. It is little wonder that patient groups expressed confusion about the purpose and content of the SCR.”

….. (see URL above for full article)

All in all a useful collection of reading about the progress of the largest public health IT project in the world.

David.

Getting Major Health IT Projects Right Is not Easy!

Everyone would agree that the track record of major Health IT projects is not a glorious saga of inevitable success and great outcomes. Indeed it often feels that quite the reverse is true.

I came upon this article the other day and was impressed by the pragmatism and common sense of the authors.

http://www.hhnmag.com/hhnmag_app/jsp/printer_friendly.jsp?dcrPath=HHNMAG/Article/data/09SEP2007/070911HHN_Online_Kropf&domain=HHNMAG

Making Information Technology Work
By Roger Kropf and Guy Scalzi
To ensure that an information technology project is a success, health care leaders must first define the benefits, then manage the project and realize its benefits.

How do you define a successful information technology (IT) project in your organization? Most of us could probably agree with “on time, on budget and used productively by the intended staff.” But this happy occurrence is much rarer than it should be in health care.

One organization enjoying success of this kind is University Hospitals (UH), a multihospital system with headquarters in Cleveland (www.uhhospitals.org). A few years ago, UH instituted changes in IT governance and project management that have substantially increased the percentage of IT projects that are on time and on budget—from 50 percent to 90 percent.

Among the changes at UH was involving health care managers in IT projects from beginning to end. Managers at UH, and at any organization, must perform three major tasks to obtain value from investments in IT: define the benefits, manage the project and realize the benefits.

…. (see URL above for full article)

The approach outlined in the full article seems to me to be very sound and I commend a reading of the full article to all blog readers.

The authors have clearly done all this many times. Here are their very brief biographies.

Roger Kropf, Ph.D., is a professor in the health policy and management program at New York University’s Robert F. Wagner Graduate School of Public Service in New York City.

Guy Scalzi, M.B.A., is executive vice president of Veloz Global Solutions, headquartered in Mountain View, Calif.

The authors have recently published a book, Making Information Technology Work: Maximizing the Benefits for Health Care Organizations, available from AHA Press.

I would have to say – and I have no interest of any sort in the book – that this may be a very useful read for many Health CIO’s

David.

Stranger Things Have Happened!

The following really caught my attention as I was browsing for e-Health material last week!

http://www.nationalreviewofmedicine.com/issue/2007/09_30/4_policy_politics_16.html

ELECTION COVERAGE

Canada's largest province heads to the polls

Healthcare issues omnipresent as Ontario election date approaches

By Graham Lanktree

Some have said the October 10 Ontario election is in large part a referendum on the current Liberal government's record managing the province's giant healthcare budget. With its large population, huge territory to administer and its ever-rising healthcare expenses, Ontario's campaign debate has thus far proven them right. Many of the most important battles between the three major parties have been waged over the sustainability of healthcare spending.

….. (See the URL for the full article)

This was only mildly interesting for someone on the other side of the world until I noticed the following paragraph further on in the article.

“Ontario's progress on e-health records (EHR) is well behind that of Alberta, BC and PEI, but the Liberals are still aiming for universal EHR coverage by 2014. The Conservatives make similar promises and say they will immediately take advantage of the federal funding for e-health programs the Liberals have missed out on.”

Good heavens – politicians on both sides wanting to spend on e-Health! How enlighted.

A little further research came across the following from the Opposition Leader.

http://www.newswire.ca/en/releases/archive/September2007/08/c6840.html

Tory to invest $8.5 billion in health funding

TORONTO, Sept. 8 /CNW/ - Progressive Conservative Party Leader John Tory today pledged to infuse Ontario's health care system with much needed funds,while improving results for taxpayers.

"When it comes to better planning for better health care, one thing matters most: results. We must ensure that the funding is in place to achieve these results," said Tory. "It all starts with a commitment to universal, publicly funded health care - that is guaranteed to grow."

Tory was in Toronto today to tour the Toronto East General Hospital.

Speaking outside the hospital, Tory said he will significantly increase health care investments so that by the last year of a PC Government, annual funding will be $8.5 billion more than it is today.

Tory's plan ensures that there are resources available to serve our aging population, our communities and our families. Key investments include:

• $540 million over four years to support the implementation of electronic health records;

• $400 million in new annual investments by 2011-2012 to recruit and retain doctors and nurses;

• $100 million for new investments in long-term care, including capital renewal and increased food allowances;

• $100 million for mental health initiatives with a focus on children and Aboriginal communities; and

• $100 million to accelerate improvements in home care services, allowing more people the dignity of staying in their own home while reducing the strain on our hospitals and long-term care facilities.

Tory also committed that a PC government would provide additional growth funding for ommunities where health care services are increasingly strained because of a rapidly growing population.

"Instead of empty promises and wasteful spending, we will invest more in health care - to reduce wait times, improve service in underserved areas, and ensure that more Ontarians have access to a family doctor. For a stronger health care system, leadership matters."

What joy – the e-Health promise is at the top of the agenda!

I wonder can we “make it so” (Sorry Captain Picard) for the upcoming Australian election!

David.

Useful and Interesting Health IT Links from the Last Week – 16/09/2007

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

http://www.news.com.au/story/0,23599,22404849-2,00.html

Bar codes for patients to stop medical bungles

By Janelle Miles

September 12, 2007 07:37am

Article from: The Courier Mail

• Patients to be stamped with barcodes
• 31 wrong operations performed last year
• Patient misidentification main problem

HOSPITAL patients in Queensland are to be stamped with bar codes in a move to prevent operations being performed on the wrong body parts.

Last financial year 31 mistaken procedures were performed, including three cases of the wrong tooth extracted and two operations on the incorrect part of patients' spines.

In another instance, a person's left tonsil was removed in error and a separate patient had botox injected into the wrong body part.

Queensland Health's Patient Safety Centre senior director John Wakefield presented the figures to a Royal Australasian College of Surgeons state meeting near Cairns.

…..( see the URL above for full article)

This is very good to see. I must say I have always been a bar coding enthusiast in the right circumstances and in the right application. It is a cheap and effective technology that make a major contribution is all sorts of situations.

Second we have:

http://www.boston.com/yourlife/health/other/articles/2007/09/10/eyes_shift_from_patient_to_keyboard/

Eyes shift from patient to keyboard

By Dr. Michael Hochman | September 10, 2007

When I began my residency last year at the Cambridge Health Alliance, I was thrilled to discover that I would be using a computerized medical record system. Computerized medical records - which are now used by about half of Massachusetts physicians and a growing number of doctors nationwide - are truly revolutionizing medicine, allowing doctors to chart patient information more safely, effectively, and legibly than ever.

Although the computerized system has proven to be a huge help, I have confronted an unexpected challenge: Despite repositioning the computer in every imaginable way, I often find myself making more eye contact with the screen than I do with my patients. It is simply more difficult to face a patient while typing than while writing.

When I ask my patients whether the presence of the computer bothers them, most are understanding (though one pugnacious older lady told me that my face looks better from the side anyway).

…..( see the URL above for full article)

This is a useful article to remind people that it is important to consider the patient when using a computer to record clinical details. It is all too easy to slip into a total focus on the computer and leave the patient ‘up in the air’.

The solutions suggested in the full article are all worth careful consideration.

Third we have:

http://news.com.com/Microsoft+Better+software+can+prevent+medical+mishaps/2100-1012-6206849.html?part=dht&tag=nl.e433

Microsoft: Better software can prevent medical mishaps

By Ina Fried
http://news.com.com/Microsoft+Better+software+can+prevent+medical+mishaps/2100-1012_3-6206849.html

Story last modified Mon Sep 10 12:49:40 PDT 2007

Inside a business, software with a good user interface can improve productivity. Inside a hospital, it can save lives.

That's the premise behind a new collaboration between Microsoft and Britain's National Health System that seeks to develop a common design for clinical software. Microsoft isn't trying to prescribe the entire software design, but is proposing some commonality in terms of where on a screen medications are listed and what types of information about the drug are listed.

"It is kind of like when you get into a car," said Tim Smokoff, general manager of Microsoft's health care unit. "Every dashboard looks different, but they are all kind of the same."

By standardizing on a common way to display medical data, Microsoft hopes the industry can make a dent in the 600,000 errors that take place in U.S. hospitals each year, many of them from medication mix-ups.

…..( see the URL above for full article)

This is interesting as it shows the UK NPfIT and Microsoft are working to optimise the quality and safety of the user interface systems in use in the UK National Health Service. It will be fascinating to watch, as the NPfIT implementation progresses, to see any quality evaluations of the effect of an improved user-interface on overall system operation and clinical outcomes.

Fourth we have:

http://govhealthit.com/article103607-09-10-07-Print

On the bleeding edge

Busy emergency rooms are vital sources of leadership and ideas for the health information exchange movement

BY Nancy Ferris
Published on Sept. 10, 2007
If you’re looking for doctors who are enthusiastic about health information technology, you often need look no further than hospital emergency rooms.

Physicians who specialize in emergency medicine are disproportionately represented in the ranks of local and national health IT leaders. Examples include:

• Dr. Brian Keaton, president of the American College of Emergency Physicians and an emergency medicine physician in Akron, Ohio, leads the Northeast Ohio Regional Health Information Organization (RHIO).
• Dr. Edward Barthell, executive vice president of strategy and clinical affairs at Infinity HealthCare in Wisconsin and a practicing emergency medicine physician, is a founder of the Wisconsin Health Information Exchange (HIE).
• Dr. John Halamka, an emergency medicine physician at Beth Israel Deaconess Medical Center in Boston, is chief information officer at Harvard Medical School and chairman of the Healthcare IT Standards Panel chartered by the federal government.
• Dr. Craig Feied and Dr. Mark Smith, emergency medicine physicians at Washington Hospital Center, were among the creators of the Azyxxi software that Microsoft acquired for its foray into health IT.

In addition to such physicians’ prominence among health IT leaders, emergency departments are often the starting point for RHIOs and other projects that involve sharing all or part of patients’ records.

....( see the URL above for full article)

This is a useful extended article that is worth a browse outlining the place of ER computing in the overall Health IT initiaitive.

Lastly we have:

http://www.e-health-insider.com/news/3019/wanless_warns_npfit_risking_nhs_modernisation

Wanless warns NPfIT risking NHS modernisation

11 Sep 2007

In a review of NHS modernisation efforts Sir Derek Wanless has criticised the slow progress of the National Programme for IT (NPfIT) and called for an audit of the programme to ensure it supports wider health service modernisation.

The report warns that considerable challenges lie ahead in modernising NHS IT systems and says there is "continuing debate over the feasibility of some current NPfIT plans".

With limited progress on its core objectives, and the lack of a clear measurable business case against which savings can be measured it says that Connecting for Health, the agency responsible for NPfIT, appears to be being allowed to follow "a high-cost, high-risk strategy that cannot be supported by a business case". Concerns are also expressed about the future impact of the monopolistic contracts awarded by the agency.

The report analyses the progress of NPfIT within the wider context of NHS modernisation and investments made and finds the programme wanting in key areas, particularly enabling productivity gains within the service. It observes that NPfIT has largely occurred in the absence of any published or measurable business case.

Despite receiving very significant investment since 2002 Wanless says the programme has so far largely failed to deliver. "The extent to which the NHS will benefit from these investments remains unclear."

In the King's Fund commissioned report Sir Derek provides a progress report on the government's progress on NHS modernisation. In 2002 he carried out a strategic review of the health service, for the then chancellor Gordon Brown, which was instrumental in making the case for a 50% increase in NHS spending.

The 2002 review identified better use of information and communication technology (ICT) as key to potential productivity and health gains. In his progress report Sir Derek says these productivity improvements have not been achieved.

....( see the URL above for full article)

The report is found here : King's Fund: Our Future Health Secured? (PDF)

This article and the associated report is a reminder – if one is needed – that Health IT should be serving the needs of the health system. The IT can’t and must not be an end in itself.

All in all an interesting start to the week!

More next week.

David.

The Australian Law Reform Commission Releases a Few Important Suggestions!

The following press release appeared a few days ago.

http://www.alrc.gov.au/media/2007/mr1207_privacy.html

Media release

Australian Law Reform Commission

Wednesday 12 September 2007

ALRC proposes overhaul of ‘complex and costly’ privacy laws

The Australian Law Reform Commission (ALRC) today released a blueprint with 301 proposals for overhauling Australia’s complex and costly privacy laws and practices.

Releasing Discussion Paper 72, Review of Australian Privacy Law, ALRC President Prof David Weisbrot said it was the product of the largest public consultation process in ALRC history: “We have received over 300 submissions and held over 170 meetings to date, including with business, consumers, young people, health officials, technology experts and privacy advocates and regulators.

“The clearest message from the community is that we must streamline our unnecessarily complex system. The federal Privacy Act sets out different principles for private organisations and for government agencies. On top of that, each state and territory has its own privacy laws or guidelines and some also have separate laws on health privacy.

“The ALRC is proposing there be a single set of privacy principles for information-handling across all sectors, and all levels of government. This will make it easier and less expensive for organisations to comply, and much more simple for people to understand their rights.

“The protection of personal information stored or processed overseas, as is now routine, is another serious concern. The ALRC wants to ensure that such information has at least the same level of protection as is provided domestically. We propose that a government agency or company that transfers personal information overseas without consent should remain accountable for any breach of privacy that occurs as a result of the transfer”, Prof Weisbrot said.

Commissioner in charge of the Inquiry, Prof Les McCrimmon, said that the ALRC also is proposing a new system of data breach notification: “There is currently no requirement to notify individuals when there has been unauthorised access to their information, such as when lists of credit card details are inadvertently published. Where there is a real risk of serious harm to individuals, we say they must be notified.”

Professor McCrimmon said that the ALRC also proposes the removal of the exemption for political parties from the Privacy Act. “Political parties and MPs should be required to take the same level of care when handling personal information as any other agency or organisation.”

Other key proposals include:
• introducing a new statutory cause of action where an individual’s reasonable expectation of privacy has been breached;
• abolishing the fee for ‘silent’ telephone numbers;
• expanding the enforcement powers of the Privacy Commissioner;
• imposing civil penalties for serious breaches of the Act; and
• introducing a more comprehensive system of credit reporting.

Review of Australian Privacy Law is available at no cost from the ALRC website, www.alrc.gov.au. The ALRC is seeking community feedback on these proposals before a final report and recommendations are completed in March 2008. Submissions close on 7 December 2007.

---- End Release.

An overview of the recommendations can be found at the following URL:

http://www.austlii.edu.au/au/other/alrc/publications/dp/72/overview.pdf

The full document is available as a series of .pdf files and can be accessed here.

Of interest specifically to the readers of the blog is the health section. This is to be found at the following URL:

http://www.austlii.edu.au/au/other/alrc/publications/dp/72/73.pdf

The conclusions and proposals make for an interesting read.

-----

ALRC’s view

56.106 In the ALRC’s view, the collection of health information into electronic health information systems does not require specific legislative control if the Privacy Act is updated and amended as proposed in this Discussion Paper. The collection of health information into electronic records and the use of electronic systems to share health information among health service providers treating an individual do not raise new or unique issues. The proposed UPPs and the Privacy (Health Information) Regulations are intended to be technology neutral and would satisfactorily regulate the handling of electronic health information.

56.107 However, the establishment of a national UHI scheme or a national SEHR scheme would require specific enabling legislation. The ALRC recognises the significant potential benefits to healthcare quality and safety that the establishment of such schemes may deliver. The schemes will work effectively, however, only if there is a sufficient degree of public trust and public confidence in the schemes and their administration. Further, national developments of such importance involving the establishment and use of unique identifiers for all Australians and the development of a national approach to SEHRs should be subject to public debate and parliamentary scrutiny.

56.108 The ALRC agrees with NEHTA that enabling legislation should deal with those issues that fall outside existing privacy regulation. Such enabling legislation should nominate or establish an agency or organisation with clear responsibility for managing the systems, including the personal information in the systems. There should be clear lines of accountability. The legislation should set out the permitted and prohibited uses of UHIs and sanctions for misuse. Moreover, the legislation should make absolutely clear that certain safeguards are fundamental; for example, that it is not necessary to use a UHI to access health care.

56.109 The systems should remain subject to the Privacy Act and the proposed UPPs as amended by the proposed Privacy (Health Information) Regulations. For example, health information generally should only be collected for inclusion in an SEHR with consent. That information should only be used or disclosed for the purpose it was collected or a directly related secondary purpose where the individual would reasonably expect the agency or organisation to use or disclose the information for that purpose.

56.110 Under the proposed ‘Identifiers’ principle, it would be necessary to set out in regulations those agencies and organisations allowed to adopt, use and disclose UHIs, and the circumstances in which it was lawful for those agencies and organisations to adopt, use or disclose a UHI.

56.111 Exceptions in the UPPs and the regulations would apply so that, for example, it would be possible to use or disclose an individual’s health information held in an SEHR if the agency or organisation reasonably believed that the use or disclosure was necessary to lessen or prevent a serious threat to an individual’s life, health or safety or public health or public safety.

56.112 The proposals in Chapter 4 are aimed at achieving national consistency in privacy regulation and, in particular, one set of privacy principles applying across the private sector, and the federal, state and territory public sectors. Any legislation establishing the UHI and SEHR schemes also should apply nationally to ensure consistency between the public and private sectors and across all jurisdictions.

Proposal 56–5 The national Unique Healthcare Identifiers (UHIs) scheme and the national Shared Electronic Health Records (SEHR) scheme should be established under specific enabling legislation. The legislation should address information privacy issues, such as:

(a) the nomination of an agency or organisation with clear responsibility for managing the respective systems, including the personal information contained in the systems;

(b) the eligibility criteria, rights and requirements for participation in the UHI scheme and the SEHR scheme by health consumers and health service providers, including consent requirements;

(c) permitted and prohibited uses and linkages of the personal information held in the systems;

(d) permitted and prohibited uses of UHIs and sanctions in relation to misuse; and

(e) safeguards in relation to the use of UHIs; for example, that it is not necessary to use a UHI in order to access health services.

I have to say that the discussion and proposal looks very sound to me – especially the part suggesting that common principles apply fully across both private and public sector.

I also agree that new identity services of the type proposed by NEHTA need to be protected by specific and robust legislation.

All in all and excellent start.

David.

It is a Dangerous World Out There!

Last week the Australian Institute of Criminology released a very interesting report reviewing the possibilities for criminal abuse of the national technology infrastructure.

The release goes as follows:

http://www.aic.gov.au/media/2007/20070905.html

New crimes in a technology-enabled environment

• Media Release, no. 2007/07
• 5 September 2007

Serious concerns exist about the ways in which new technologies are likely to be misused in the years to come.

Today, Dr Toni Makkai, Director of the Australian Institute of Criminology, released two publications looking at the future environment in which Australians will use information and communications technologies and how this environment will provide opportunities for illegality and infringement of current regulatory controls. The reports are 'Future directions in technology-enabled crime: 2007-09', the most recent publication in the AIC's Research and public policy series, and 'The future of technology-enabled crime in Australia', number 341 in the Trends & issues in crime and criminal justice series.

The reports identify developments that may facilitate technology-based crime. These include:

• globalisation and the emergence of new economics
• increased widespread use of broadband services and mobile and wireless technologies
• increased use of electronic payment systems
• changes in government use of technology to allow the public to conduct transactions securely, including participation in democracy.

The most likely areas in which opportunities for illegality may arise include fraud, identity-related crime, computer viruses and malicious code, theft of information, dissemination of objectionable material online, and risks of organised crime and terrorism.

The burden of protection against misuse of the technology has largely fallen onto individual users because public agencies have a limited role to play in the prevention of technology-enabled crimes and manufacturers have often failed to develop systems to protect users fully prior to releasing new products. The design of the personal computer and the global adoption of the internet have been largely in the hands of private sector forces with less focus on security than on functionality.

At present there is limited capacity in law enforcement to investigate a high volume of technology-enabled crimes. The reports suggest strategies that could reduce the risk of exposure to these crimes. These include:

• industry developing more secure hardware and software
• increased sharing of information between public and private sectors
• use of police taskforces to respond to particularly complex technology-enabled crimes
• the threat of prosecution and punishment, particularly where substantial penalties can be imposed, and publicity given to successful prosecutions
• sharing of information and intelligence across jurisdictional borders, both within Australia and internationally.

The reports highlight the need for legislative reforms to address the emergence of these crimes. Areas in which reform is needed include:

• capacity to deal with criminal complicity - an increase in instances of individuals acting jointly in the commission of a crime
• greater uniformity in legislation across jurisdictions because of the likelihood of multiple jurisdictions being involved
• development of new admissibility of evidence procedures to counter the new and sophisticated defences to charges that will be developed
• new punishments will need to be explored, such as forfeiture of computers and restriction-of-use orders, that may be more effective in deterring crime than traditional punishments.

Funding for this research was provided by the Australian High Tech Crime Centre.

…..( see the URL above for full article)

The full report can be found here:

This is a very useful report as it makes clear just how complex the e-commerce environment actually is and the range of potential difficulties that will be encountered as such systems are implemented. The implications for e-health implementations are obvious. This article explores just one of these:

http://abc.net.au/news/stories/2007/09/06/2025409.htm?section=justin

National access cards a target for hackers: report

A new report warns that new technologies such as the Federal Government's proposed health and welfare access card could be targeted by cyber criminals.

The study says there are serious concerns about the way in which new computer technologies could be infiltrated by criminals or even terrorists.

The Australian Institute of Criminology report suggests the proposed government access card and e-passports could become targets.

The institute says areas of concern include fraud, identity and information theft, and risks of organised crime and terrorism.

…..( see the URL above for full article)

This short article identifies some major implications for e-health and the Access Card.

The following article also shows just how in-secure the present Medicare Card is.

http://www.smh.com.au/news/National/Access-card-more-secure-than-Medicare/2007/09/06/1188783404068.html

Access card 'more secure than Medicare'

September 6, 2007 - 5:34PM

The controversial access card will be more secure than the current Medicare system, the federal government says, despite new reports showing it could be targeted by cyber criminals.

The access card is intended to replace the Medicare card and up to 16 other benefit cards, streamlining access to a wide range of government health and welfare services.

There have been ongoing concerns about the privacy implications of the new card and a new report from the Australian Institute of Criminology warns the card could be targeted by cyber criminals.

The study details concerns about how computer technologies could be infiltrated by criminals or even terrorists.

But Human Services Minister Chris Ellison says the new card will be significantly more secure than the current Medicare system.

"The access card will replace the existing Medicare card, which figures in 70 per cent of serious and organised crime identity investigations and 50 per cent of all fraud investigations," a spokesman for Senator Ellison told AAP.

…..( see the URL above for full article).

This combination of these facts makes it vital that there is improvement in the controls of issuance and cancellation of the present cards, and a careful review of how best to upgrade the security of identification of Medicare clients .

Finally, as it is inevitable that virtually all e-Health initiatives will involve the use of the national e-commerce infrastructure this report should be carefully reviewed by all those involved in e-Health.

David.

Can the Medicare Smartcard Make a Comeback? And Should It?

In a crazy – as we now know – rush of blood to the head Minister Abbott announced a Medicare Smartcard in July 2004. Could have been because an election was due – and was held on October 9, 2004 – and not much had happened e-health wise during the electoral term.

http://www.health.gov.au/internet/ministers/publishing.nsf/Content/health-mediarel-yr2004-ta-abb123.htm?OpenDocument&yr=2004&mth=7

28 July 2004
ABB123/04

Medicare smartcard launched

The new Medicare smartcard was launched in Launceston today.

The Medicare smartcard will give people access to their organ donor records, childhood immunisation records, Medicare safety net status and PBS expenditure data as well as provide access to standard Medicare services in the normal way.

The smartcard will operate in conjunction with HealthConnect - a secure, IT-based integrated health record which will give treating health professionals access to information about procedures, treatments and tests (with patient permission) and which will give patients more control over their health records.

Registration for the new smartcard begins in Tasmania today. Later this year, kiosks equipped with smartcard readers will be available in all Tasmanian Medicare offices. Within 18 months, should they wish, Tasmanians will be able to access their health records from home via a secure internet link.

Registration for the Medicare smartcard will flag an individual’s future participation in HealthConnect. Patients who do not wish to be part of HealthConnect can continue to use their existing Medicare cards and access medical services and Medicare rebates in the normal way.

The Medicare smartcard is the latest demonstration of the Government's commitment to using better information to deliver better quality health services.

About 3600 hospital deaths per year are attributed, in part, to inadequate health information. At least some of those deaths could be avoided if treating health professionals had better access to their patients' records. As well, patients could be spared large numbers of duplicated tests and procedures.

Tasmanians who want to register for the Medicare smartcard can visit their local Medicare office. They will need to take evidence-of-identity documents along with them.

Tasmanians wanting more information about Medicare smartcard can phone 1300 850 155 or visit their local Medicare office.
- end Release.

The idea had a long gestation as can be seen from the following note that “The idea of medical smartcards was first flagged in 1992, but it drew flak from privacy groups, which compared it to the controversial 1980s Australia Card proposal.”

As can be seen from the above release there was a level of expectation set that yet to be even partly delivered – as we all wait for the next election announcement!

Later, of course the whole idea was quietly canned – and of course the Access Card Project – “Medicare Smartcard on Steroids” was initiated.

http://www.australianit.news.com.au/story/0,24897,19298551-15306,00.html

Health smartcard fizzles

Karen Dearne | May 30, 2006

THE Medicare smartcard launched in Tasmania two years ago has been quietly scrapped, a Senate estimates hearing has been told.

More than $4.5 million was spent on developing the card, which featured a microchip with far greater data capacity than the magnetic strips on current Medicare cards.

Federal Health Minister Tony Abbott launched the smartcard in Launceston in 2004 as part of the now stalled HealthConnect electronic patient record program. It is understood only 1 per cent of eligible Tasmanians expressed interest in registering for the card.

….. (see URL above for full article)

Now we have the Access Card on probably permanent hold and we have the admission that the old Medicare Card one of the tools of choice for ID Fraudsters.

http://www.smh.com.au/news/National/Access-card-more-secure-than-Medicare/2007/09/06/1188783404068.html

Access card 'more secure than Medicare'

September 6, 2007 - 5:34PM

The controversial access card will be more secure than the current Medicare system, the federal government says, despite new reports showing it could be targeted by cyber criminals.

The access card is intended to replace the Medicare card and up to 16 other benefit cards, streamlining access to a wide range of government health and welfare services.

There have been ongoing concerns about the privacy implications of the new card and a new report from the Australian Institute of Criminology warns the card could be targeted by cyber criminals.

The study details concerns about how computer technologies could be infiltrated by criminals or even terrorists.

But Human Services Minister Chris Ellison says the new card will be significantly more secure than the current Medicare system.

"The access card will replace the existing Medicare card, which figures in 70 per cent of serious and organised crime identity investigations and 50 per cent of all fraud investigations," a spokesman for Senator Ellison told AAP.

….. (see URL above for full article)

All this started me thinking about the steady progress that now seems to be underway in Germany – and a number of other countries – using Health Related Smartcards. See the following for details:

http://www.ehealtheurope.net/news/2963/german_smartcard_rollout_brought_forward

German smartcard rollout brought forward

17 Aug 2007

In a surprise move, the German health IT agency Gematik has accelerated the schedule of the German national smartcard project to April 2008.

The nationwide rollout of smartcards for all citizens will now start in the second quarter of 2008. “It could easily be finished by the end of 2009”, says Michael Martinet, head of IT at Germany’s second largest health insurance company 'DAK'.

The decision was taken by the board of directors of Gematik earlier this week. It was not made public until yesterday, though, when state secretary Klaus-Theo Schröder of the national ministry of health announced the new accelerated timetable.

Among the directors of the Gematik are the heads of two medical associations, the head of the national hospital association 'DKG', and the heads of the associations of insurance companies.

The German smartcard project is ultimately planned as an online system. Patients will go to their doctor and identify themselves with their smartcard, the ''elektronische Gesundheitskarte' (electronic health insurance card).

The doctor will then be able to store electronic prescriptions, personal medical data, referrals and discharge letters within a server-based network. To do so, he will use a second smartcard, the “health professional card”.

….. (see URL above for full article)

And for a fuller review of what is happening in Germany go here.

All this got me to start thinking – may be if we in Australia were to adopt the German approach we could use a Health Smartcard (with none of the contentious ID Card like features) to do for health what the NEHTA UHI and the Access Card would do if they ever get going.

This would all fit nicely with what Medicare Australia probably would like to do with e-prescribing and a Patient Health Record. Better still it could all be totally voluntary for the first few years till everyone was happy it worked as desired and public concerns were fully allayed. We know there would be considerable adoption among those who are frequent users of the health system – so the card would get used first where it would make most difference.

We could have pretty secure ID, a basic shared record held by the patient and readable only when the patient authorised it and all sorts of other basic capabilities at reasonable cost and hopefully little public contention through a fully voluntary strategy.

There are even International Standards in place on for such Health Smartcards.

I must be missing something – it really can’t be this easy to get this far, can it?

David.

The AMA Essentially Ignores E-Health Policy for the Election – But You Would Expect That Wouldn’t You!

Late last week the Australian Medical Association published the following release:

http://www.ama.com.au/web.nsf/doc/WEEN-76RAWF

AMA Announces Health Policy Priorities - Key Health Issues for the 2007 Federal Election

AMA President, Dr Rosanna Capolingua, today released Key Health Issues for the 2007 Federal Election, a summary of the major health issues that the AMA considers will win or lose votes at the upcoming election.

The document will be sent to all MPs and Senators and to the media to be used as a primary reference when assessing the health policy announcements of the major parties during the campaign.

Dr Capolingua said the document was not a comprehensive overview of the health system but a ‘highlights package’ that will allow people to focus on practical solutions in areas of the system that are failing all or some Australians.

“Health is without doubt a priority election issue,” Dr Capolingua said.

“Australia has a good health system by world standards, but it is not providing equal access for all Australians to high quality health care and services.

“It is failing to meet current demand and it is not sufficiently funded or resourced to meet the future needs of an ageing population.

“Now is the time to invest – and invest substantially and strategically – in the future health of our nation and our people.

“The AMA calls on the major parties to promise to deliver this much-needed health investment in the election campaign.”

Key Health Issues for the 2007 Federal Election sets out practical policy recommendations under 18 headings, including Indigenous health, public hospitals, aged care, rural health, nutrition and obesity, Medicare, global warming, alcohol, smoking, and private health.

The AMA also provides warnings about the future of medical training, doctor substitution agendas, and flawed plans for the national registration of health professionals.

Election material – T shirts, mugs and caps – carrying the slogan ‘CHOOSE HEALTH’ will be distributed to support the AMA’s election document, urging people to choose health as an issue that will determine the way they vote at the election.

To view a copy of the AMA Key Health Issues for the 2007 Federal Election document, follow the link.

Date released: 09/06/2007

A review of the full document locates three mentions of technology related matters.

First – when discussing Rural Health the AMA says the following:

“There must be investment in telemedicine technology and services.” There is also a vague reference to the need for modern technology.

“Modern facilities and equipment are essential to a viable health care environment. Without the latest technology, rural patients cannot benefit from improved surgical techniques or improved methods of care. They may face longer recovery periods or may not have the same quality of outcome as they would have if they lived in the city.”

Second when discussing Aged Care the AMA recommends”

“The Government needs to fund programs that will put computers in aged care facilities for the use of attending doctors for patient records and prescribing

Ultimately these computer systems need to be connected to the GPs’ rooms and GP clinical software systems for patient records and also to pharmacies for prescribing and medication management. A further $116 million over three years should be allocated for the introduction of improved clinical management and prescribing systems in residential aged care and to support the training and maintenance of such systems. There needs to be a strong involvement of the medical profession in the rollout of this program.”

Third the AMA devotes a whole section to EasyClaim.

Essentially they say they think the system is under-developed, un-integrated with clinical software and slow at present.

They want the following:

“The Government needs to commit to working with the medical profession to make the Easyclaim system reach the maximum level of efficiency so it is quick, reliable and integrated.

The Government needs to acknowledge it will make considerable savings by transferring this work to doctors, and that doctors should be reimbursed a transaction fee for each claim processed under Easyclaim.”

It seems to me there are some major gaps in the AMA approach

First, by focussing on IT in Aged care they seem to be suggesting all is well in the world as far as GP and specialist practice is concerned. This is hardly reality.

Second, while rightly emphasising the importance of prevention of illness and pro-active care there is no mention of the potentially crucially important role of electronic clinical decision support. A very large oversight.

Third there is no mention of the importance to achieving better co-ordination of care – which Health IT is uniquely able to assist with.

Forth there is no mention of the place of Health IT in enabling reform of health services delivery.

It is clear this is a document developed by the leaders of “Medical Lobby” to maximise and protect their sectional interests and to maximise their income. What we have here is an attempt to leverage public concern regarding the performance of the health sector into more funds which will largely find their way into medical pockets and ongoing opposition to the major structural reform and work-force adjustments that are needed for a sustainable health system.

Another missed opportunity.

David.