The Certification Commission for Health IT (CCHIT) moves Forward Apace.

The CCHIT has been having a busy week in the news. First we have.

CCHIT Quantifies EHR Incentives

September 25, 2008

At least 50 hospital organizations have launched programs to partially subsidize the cost of electronic health records for physicians as permitted under federal regulations announced in 2006, a new study shows.

…..

The Chicago-based Certification Commission for Healthcare Information Technology, which conducted the study, also determined that another 40 incentive programs have been introduced by government agencies, insurance companies, employer coalitions and public-private partnerships. Of these, half explicitly call for the use of records software certified by the commission.

…..

Together, the 90 programs have the potential of offering at least $700 million in funding for EHR costs, according to the “CCHIT Incentive Index” study. Some $150 million of that total is from a Medicare demonstration project that will provide payments to 1,200 practices using certified EHRs.

…..

The full article is found here:

http://www.healthdatamanagement.com/news/electronic_medical_records_EMRs_EHRs26998-1.html?ET=healthdatamanagement:e619:100325a:&st=email&channel=electronic_health_records

More details of the findings are here:

http://ehrdecisions.com/incentive-programs/

Next we have.

CCHIT to certify e-prescribing systems in 2009

By: Matthew DoBias / HITS staff writer

Story posted: September 25, 2008 - 5:59 am EDT

The Certification Commission for Healthcare Information Technology this week said it would begin to certify stand-alone electronic-prescribing systems next year, though a set of standards has yet to be developed.

CCHIT board members agreed to the initiative on Sept. 23, saying it would launch a program by July 2009 after a public comment period and a demonstration project.

Stand-alone e-prescribing systems are used to send and receive prescription data from doctors’ offices to pharmacies. They often do not include an electronic health-record component.

More here:

http://www.modernhealthcare.com/apps/pbcs.dll/article?AID=/20080925/REG/309259997/1029/FREE

This is all good stuff and shows how e-Health can be fostered when there is an honest broker around to ensure the quality of systems that physicians need to invest in. While we are doing pretty well in the GP area we still have a long way to go with the specialists and a Commission of this sort could help give clinicians the confidence to invest. NEHTA should have been doing this for ages but just simply did not think it had any role in assisting private practice based e-health. Pretty dumb in my view.

On another small matter – what focus do you think NEHTA is getting from its chairman given he has just become Chair of the Australian Stock Exchange as the financial world implodes? Bigger ‘fish to fry’ I suspect!

David.

US State Governors Demand Action on Health IT

A new report on Health IT directions from US State Governors was released recently. Here is some of the coverage.

State Alliance calls for state action on healthcare IT

By Bernie Monegain, Editor 09/23/08

The State Alliance for e-Health, made up of governors and state officials from across the country, is calling on states to support e-prescribing and address medical privacy and security issues in order to boost healthcare IT.

Healthcare IT and health information exchange are tools of transformation that could lead to improved care as well as savings, the alliance asserts in a 60-page report released Tuesday called "Accelerating Progress - Using Health Information Technology and Electronic Health Information Exchange to Improve Care."

…..

Privacy and security rank No. 2 on the alliance's list of recommendations for state action.

The top recommendation is to provide leadership and support for e-health efforts in each state, especially on e-prescribing.

The others are:

• Promote the use of standards-based, interoperable technology;
• Streamline the licensure process to enable cross-state e-health;
• Engage consumers to use HIT in managing their health and healthcare; and
• Develop workforce capacity to support electronic HIE efforts.

…..

The alliance contends that health information technology and health information exchange are tools of transformation that could lead to improved care as well as savings.

The report notes that the use of IT and data exchange may also result in:

• Higher quality care through adherence to treatment protocols and guidelines;
• Reduction in adverse drug events;
• Fewer duplicative treatments and tests;
• Administrative efficiencies through decreased paperwork;
• Improved coordination of treatment through timely access to health information;
• Early detection of infectious disease outbreaks around the country;
• Disease management tracking; and
• Improved research capabilities.

Full article is found here:

http://www.healthcareitnews.com/story.cms?id=10013

Further coverage is found here:

State Officials Push E-Prescribing

September 24, 2008

The State Alliance for eHealth has issued its inaugural report, emphasizing the importance of electronic prescribing as a first step toward broader use of information technology in health care. An initiative of the National Governor’s Association, the alliance comprises a variety of state officials, including governors, legislators, attorneys general and commissioners.

“The State Alliance believes that, at this time, the highest priority should be given to e-prescribing and the privacy and security of health information” the report states.

“E-prescribing is critically important to the advancement of e-health. Although the necessary infrastructure and standards for e-prescribing exist across the nation, the rate of adoption has been slow. The State Alliance recognizes e-prescribing as a gateway to other advances in e-health. Therefore, the State Alliance calls on states to lead these efforts and take action to drive adoption of e-prescribing.”

More here:

http://www.healthdatamanagement.com/news/e-prescribing26997-1.html?ET=healthdatamanagement:e619:100325a:&st=email&channel=policies_regulation

To read the full report, “Accelerating Progress: Using Health Information Technology and Electronic Health Information Exchange to Improve Care,” click here.

The Headings of the recommendations tell the story the Governors want to pursue (in addition to e-prescribing).

Calling States to Action: Recommendations from the State Alliance for e-Health

Recommendation 1: Provide Leadership and Support for E-Health Efforts

Recommendation 2: Address Health Information Privacy and Security

Recommendation 3: Promote Interoperable Technology

Recommendation 4: Streamline the Licensure Process to Enable Cross-State E-Health

Recommendation 5: Engage Consumers to Use HIT and HIE in Managing Their Health and Health Care

Recommendation 6: Develop Workforce and Agency Capacity to Support Electronic HIE Efforts

Essentially this document is a National E-Health Strategy for the US and as such is well worth a browse as there is much here that is quite relevant to Australia in terms of thinking, priorities and frameworks. Would be amazing to see our hopeless premiers do something half as useful but I sure will not hold my breath!

David.

The Rest Of the Health IT News for 29-09-2008.

It has been another of those weeks when just too much interesting stuff has been announced. The following are some pointers and brief comments on a few others that caught my eye.

First we have.

SCR consent model changes

18 Sep 2008

The NHS Care Records Board will today confirm that patients will be asked for permission to share their record at each clinical encounter.

In a much-anticipated move, the board has acted on the recommendations of the May 2008 UCL report on the first primary care trusts to adopt the Summary Care Record.

Patients will still have to opt out of having a record created, but “consent to view” will become an integral part of using the SCR, the board agreed yesterday.

Dr Gillian Braunold, clinical director for the SCR and HealthSpace said the new consent model considerably simplifies that used in the five early adopter PCTs.

More here:

http://www.ehiprimarycare.com/news/4157/scr_consent_model_changes

This is important as it moves the UK to the appropriate ‘opt-in’ consent model.

Second we have.

Health System Leaders Fight Resistance to PHR Adoption

by Kate Ackerman, iHealthBeat Editor

Health systems nationwide are in varying stages of implementing personal health record applications. The thought is that the technology can provide clinicians with a gold mine of data that will be helpful in improving both efficiency and care quality, while providing consumers with the tools necessary to take a more active role in their health care. Despite the benefits, resistance remains.

At a Project HealthDesign conference in Washington, D.C., last week, health system leaders discussed their efforts to ease concerns and ultimately make PHRs a staple of their health care systems.

More here:

http://www.ihealthbeat.org/Features/2008/Health-System-Leaders-Fight-Resistance-to-PHR-Adoption.aspx

A review of the state of play with some useful links:

• Project HealthDesign
• Partners' Clinical Informatics Research and Development
• Kaiser Permanente's My Health Manager
• University Hospitals and Health Systems

Third we have.

iSoft India gives shape to world's largest health project

BANGALORE: Healthcare software provider iSoft on Thursday said that its Indian R&D team is developing a solution what it described as the world’s largest civilian IT healthcare project.

The Lorenzo software application, which will link nearly two-thirds of the hospitals in the United Kingdom, will also be launched in Europe, Australia and Germany in November, iSoft executive chairman & CEO Gary Cohen said at the opening of the company’s global product development centre here.

iSoft was acquired by Australia’s IBA Health Group in 2007. Hospitals will also be connected to general practitioners, allowing patients in the UK to get themselves treated at any clinic in the country without the need for re-entering data. The solution can be extended to any part of the world, managing director S Govind said.
More here:

http://economictimes.indiatimes.com/News/News_By_Industry/Healthcare__Biotech/Healthcare/iSoft_India_gives_shape_to_worlds_largest_health_project/articleshow/3528533.cms

and here:

http://www.itexaminer.com/isoft-opens-door-to-double-capacity.aspx

and here:

http://www.itexaminer.com/health-care-not-a-political-problem-in-india.aspx

Good to see plans are progressing – I wonder why this did not get an ASX Announcement? (Would seem to be a material step forward – and yes I have a few IBA Shares).

Fourth we have.

Doctors and the DEA

Proposed rules that would let doctors electronically prescribe controlled substances could raise the security bar in ways that frustrate health care providers

BY John Moore

Published on September 26, 2008

E-prescribing is in a bit of a bind. The practice is caught between a federal directive that aims to encourage adoption and another that serves to inhibit use.

On the promotional side, the e-prescribing provision of the recently passed Medicare bill provides incentives for doctors to use the technology for Medicare patients and a financial punishment for those who don’t. Doctors who adopt e-prescribing get a 2 percent bonus in 2009 and 2010; those who don’t use the technology face fee reductions.

On the other hand, the Drug Enforcement Administration prohibits e-prescribing of controlled substances. That restriction applies to about 10 percent of all prescriptions by DEA’s reckoning. The upshot is that physicians who use e-prescribing must also maintain a paper-and-fax-based system for controlled substances. At best, that dual system is inconvenient, and at worst, it is an impediment to the adoption of e-prescribing.

A lot more here:

http://www.govhealthit.com/print/4_21/features/350569-1.html?GHITNLsecurity=yes

The break out box is most telling.

A two-factor pitfall

The Drug Enforcement Administration’s proposed rules for e-prescribing call for two-factor authentication as a core security measure.

Richard Mackey, vice president of consulting at SystemExperts, said the method must be thoughtfully adopted to be effective.

“Many organizations want to have the feeling of security that comes from deploying two-factor authentication,” Mackey said. “But the security of a system is completely dependent on how well that [authentication] was integrated into the application.”

For example, organizations might let users bypass two-factor authentication through a weaker entry point, Mackey said. The goal might be to allow users into a system when they don’t have security tokens with them. But in that case, “it’s not clear they have provided any security,” he said.

Some related material here:

http://www.healthdatamanagement.com/news/DEA27005-1.html?ET=healthdatamanagement:e620:100325a:&st=email&channel=policies_regulation

PBMs To DEA: E-Script Rule Flawed

September 26, 2008

I hope the NEHTA National Authentication Service for Health Project has thought carefully about the workflow implications of their two factor ID plans. Could be a really serious issue I believe!

Fifth we have.

Dutch EPR rollout on track

26 Sep 2008

The Dutch national electronic patient record project is progressing slowly, but steadily. Sixty five doctors have been connected to the infrastructure so far. By the end of the year, this number will increase to 200.

“We are confident that we can stick to our goal and have all 8,000 GPs using the national electronic patient record by the end of 2009,” said Reina Kloosterman, head of health and social issues at the Dutch embassy in Berlin. She gave an update on the project at a regional eHealth event organised by the industry association IHK in Berlin.

Kloosterman said two factors were critical for the success of the project. First of all, doctors would have to be connected to the infrastructure efficiently and without putting too much financial burden on them. And second, the public would need to be informed about the EPR and privacy issues would need to be addressed.

The EPR in the Netherlands will be a virtual EPR. The medical data will remain physically where it originates: it is not stored on a central server. This means that the IT systems of the doctors involved have to be brought online in a way that makes EPR-relevant data accessible 24/7.

More here:

http://www.ehealtheurope.net/news/4182/dutch_epr_rollout_on_track

Good to see the Dutch are moving forward as well!

Sixth we have:

MedVirginia Completed Successful NHIN Demonstration at AHIC

Last update: 9:31 a.m. EDT Sept. 25, 2008

RICHMOND, Va., Sep 25, 2008 (BUSINESS WIRE) -- MedVirginia successfully participated in the live demonstration of the Nationwide Health Information Network (NHIN) Trial Implementation at the AHIC meeting in Washington, DC this week. During the event, MedVirginia and other health information exchanges established live connectivity with the Dept. of Defense, Veterans Affairs, Social Security Administration, and other health systems.

Michael Matthews, CEO of MedVirginia stated, "This was an historic day for our nation's health care system. This significant milestone proved that disparate health systems across the U.S. can securely connect and exchange health information in order to enhance the quality, safety and cost-effectiveness of healthcare to patients across geographic and organizational boundaries."

MedVirginia participated in several demonstrations, including the "Wounded Warrior" scenario. This demonstration showed how members of the armed services who receive care from military, veterans and civilian health care providers can have their health history accessible at any point in the care continuum. Another scenario showed how the Social Security disability determination process could be greatly accelerated via online access to claimant's medical records vs. the traditional paper method.

More here:

http://www.marketwatch.com/news/story/medvirginia-completed-successful-nhin-demonstration/story.aspx?guid={F2B7F07E-4225-4B53-A4C9-C3750AA87C9B}&dist=hppr

Again we see how, incrementally progress is being made in developing the US NHIN.

Last we have.

Science panel calls for EMRs tailored for disaster response

Kathryn Foxhall

A federal panel will soon recommend that field usability be a primary goal for an electronic medical record system now in development for use in federal disaster response efforts.

The National Biodefense Science Board (NBSB) voted Sept. 23 in support of recommendations that the EMR system be integrated with future patient-tracking and medical resource availability systems and that it be interoperable with other EMR systems to the greatest degree possible.

The board also said the National Disaster Medical System (NDMS), which is developing the EMR, should take the lead in defining the minimal patient dataset required. The board plans to send its recommendations to the Health and Human Services Department soon.

More here:

http://www.govhealthit.com/online/news/350592-1.html

Another area I am not sure we have a plan in place for to address. Certainly worth some thought!

All in all lots going on.

David.

Canada Infoway Defines its Health IT Standards.

Canada Health Infoway released the following a few days ago.

http://www.infoway-inforoute.ca/en/News-Events/InTheNews_long.aspx?UID=342

Infoway Standards Collaborative releases catalogue of health informatics standards

September 22, 2008, Toronto, ON - Health informatics professionals can now access the latest standards, available in the Standards Collaborative Guide & Standards Catalogue. The free catalogue is Canada's first reference tool on electronic health record (EHR) standards.

"Pan-Canadian health information standards are a critical building block to establishing an interoperable electronic health record system to benefit all Canadians," said Dennis Giokas, Chief Technology Officer, Canada Health Infoway (Infoway). "The Standards Collaborative Guide & Standards Catalogue is an information reference tool for understanding the fundamentals of standards and their function in day-to-day health care interactions."

The Standards Collaborative Guide & Standards Catalogue is a key reference source that provides a listing of the pan-Canadian health information standards, their status and business functions. The guide also highlights the benefits for the EHR, including integrating health informatics systems in large health service delivery settings and in health regions. It also defines the standards approval process and outlines Infoway Standards Collaborative services.

Access a copy of Infoway's Standards Collaborative Guide & Standards Catalogue by visiting the Resource Centre. For more information, or for a hard copy of the publication, contact the Infoway Standards Collaborative InfoDesk toll-free at 1-877-595-3417 or email standards@infoway-inforoute.ca.

Launched in 2006, the Infoway Standards Collaborative is a Canada-wide coordination function created to support and sustain health information standards in Canada. As one of Infoway's target investment areas, more than 20 standards projects have been completed or are underway, with a total investment in standards development to date of $33 million. In addition, Infoway has dedicated another $20 million to date for the support and maintenance of the standards for Canada. The investment includes support for standards life cycle-based services to vendors, service delivery organizations and jurisdictions, and for liaising with International Standards Development Organizations.

Canada Health Infoway is an independent, not-for-profit organization funded by the federal government. Infoway jointly invests with every province and territory to accelerate the development and adoption of electronic health record projects in Canada. Fully respecting patient confidentiality, these secure systems will provide clinicians and patients with the information they need to better support safe care decisions and manage their own health. Accessing this vital information quickly will help foster a more modern and sustainable health care system for all Canadians.

--- End Release.

This is a very useful release as it shows where Canada is up to in its Health IT Standards efforts and provides some useful ideas about how Australia could consider moving forward. At the centre of that Canada is doing is the Infoway Standards Collaborative.

More detail on this is provided here:

http://www.infoway-inforoute.ca/en/WhatWeDo/SCOverview.aspx

The key parts are as follows:

“Launched in 2006, the Standards Collaborative is a new Canada-wide coordination function created to support and sustain health information standards in Canada. Hosted at Infoway, the Standards Collaborative will be responsible for the implementation support, education, conformance, and maintenance for electronic health records (EHR) standards currently being developed by Infoway. The Standards Collaborative will also encompass several standards initiatives formerly managed by the Canadian Institute for Health Information.(CIHI), including the Partnership for Health Information Standards, Canada's participation in DICOM (Digital Imaging and Communications in Medicine) and, in conjunction with the Standards Council of Canada (SCC), the secretariat to the Canadian Advisory Committee to ISO/TC 215.

Standards collaboration is an integral element of and a key requirement for the establishment of a pan-Canadian interoperable EHR. In addition to the new responsibilities outlined above, Infoway will continue to support the Standards Collaborative Process to establish pan-Canadian EHR health information standards.

Our Standards Collaborative forums support communication and exchange among various communities interested in health care and health care informatics deliberation and consensus building on standards.”

What I find utterly refreshing is the absence of the need for anything vaguely like our authoritarian NEHTA and a commitment to developing the collaboration of all relevant stakeholders in getting the pan-Canadian standards in place.

On the basis of the catalogue released (a more than worthwhile download) Canada is moving forward very well, knows what she is doing and has addressed the issues of standards sustainability with proper stakeholder involvement. Also by going down this sort of path Canada is assured of ongoing expert involvement in the future.

A model to be closely studied I believe.

David.

Useful and Interesting Health IT Links from the Last Week – 28/09/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

Three Things Different About Stark’s HIT Bill

Kathryn Mackenzie, for HealthLeaders Media, September 23, 2008

Less than two weeks before the end of the Congressional session, House Ways and Means Health Subcommittee Chair Pete Stark (D-CA) has introduced a bill meant to encourage nationwide adoption of electronic health records. Though the bill builds on the proposed PRO(TECH)T Act, introduced earlier this year by the Energy and Commerce Committee and already under House consideration, it differs in three significant areas, says Robert Tennant, senior policy advisor at the Medical Group Management Association's government affairs office in Washington, D.C.

1. Financial incentives

The bill calls for Medicare payment reductions should the provider not move to an EHR by 2016. In its current state the bill doesn't specify the amount of the proposed penalties, but Tennant says he expects the number will be firmed up in the regulatory phase. Conversely, doctors who choose to use an approved EHR system would be eligible for up to $40,000 over five years in Medicare incentive payments. Hospitals could receive several million dollars in incentives. "The other bills out there don't have near the type of financial incentives as this one. We don't like to see payments be reduced, but we do like incentives, so we'll see what happens. It's a bit of stick and carrot approach," says Tennant.

So, which is more effective—the carrot or stick? Tennant says that will be hard to gauge. "These systems are far more complicated to integrate into a practice than just buying a CD and installing it. It changes the entire workflow, how medicine is practiced, and how the business is operated. It takes years to go from the starting process to full implementation. There has got to be some recognition that it is not as easy as some folks believe it to be," he says. Far more effective and enticing to providers than incentives or penalties, he says would be an open source framework with a single set of standards that can be made available to all providers. This brings us to the second main difference in Stark's Health-e Information Technology Act of 2008 compared to the PRO(TECH)T Act.

Much more here:

http://www.healthleadersmedia.com/content/219611/topic/WS_HLM2_TEC/Three-Things-Different-About-Starks-HIT-Bill.html

This is a reminder that the US Congress is well aware of the importance of Health IT and is doing what it can to increase EHR adoption and use. There have been a number of efforts on this in the past – one can only hope this attempt will succeed.

Second we have:

Electronic medical records a step closer

By Nicholas Timmins, Public Policy Editor

Published: September 19 2008 05:31 | Last updated: September 19 2008 05:31

A national electronic record of patients’ health looks finally on the cards – five years late – after the NHS IT programme on Thursday changed the way patients will give their consent to the system.

Providing a brief, summary electronic patient record has been a key driver for the £12bn ($22bn) NHS IT programme, which will create a detailed, local electronic record as well as the shorter one available nationally, providing doctors with recent medical history, medications and allergies in an emergency or out of hours.

Tony Blair, then prime minister, declared as long ago as 1997 that the electronic record would mean that “if you live in Birmingham and have an accident while you are, for example, in Bradford, it should be possible for your records to be instantly available to the doctors treating you”.

Development of electronic records, however, has been devilled by a long and bitter dispute, chiefly with general practitioners, over whether patients should explicitly give consent to having such a record – a more complex, lengthy and costly approach – or whether they should be presumed to give consent with the right to opt out – the approach that the IT programme originally backed.

More here:

http://www.ft.com/cms/s/0/ff2823e8-85d0-11dd-a1ac-0000779fd18c.html?nclick_check=1

Just a reminder that the UK NHS is steadily moving forward and learning as they go along what will work in terms of public assurance as to who and when can access their health records. It is also a clear reminder as to just how long all this can take – so we here in Australia really need to get started sooner rather than later with a coherent plan!

Third we have:

Medical waste, documents found in reserve

By Tory Shepherd

September 23, 2008 02:21am

Article from the Advertised

DANGEROUS medical waste and confidential patient documents were yesterday discovered scattered in a council reserve where children play.

In a shocking breach of privacy and public safety, a syringe, soiled bandages, surgical gloves and other used medical goods lay in Camdover Reserve, behind a medical centre on Honeypot Rd at Huntfield Heights in Adelaide.

The Advertiser also found blood test results and prescriptions with patients' names, addresses and phone numbers on them.

The rubbish had apparently been blown out of an open skip bin and across the reserve and nearby streets.

The doctor's name on the papers was Dr Chinwemma Flora Onyeizugbo from the Hackham Medical Centre.

Australian Medical Association state president Dr Peter Ford said the incident breached laws governing the proper disposal of medical waste.

"That's unacceptable. It certainly warrants scrutiny," he said, adding there were strict procedures for the proper disposal of syringes and medical waste with which doctors must comply.

More here:

http://www.news.com.au/story/0,23599,24388405-1246,00.html

The second breach to hit the press in a fortnight – see last week’s news blog. It is important that doctors and practice managers do better than this!

Fourth we have:

Hospitals get a 'phantom wards' warning

• Julia Medew
• September 22, 2008

VICTORIAN hospitals have been warned not to admit emergency patients to "phantom wards" or falsify data to secure funding, despite Health Minister Daniel Andrews' insistence that these practices do not exist.

A Department of Human Services bulletin sent to hospitals last week warned that data supplied was "expected to represent an accurate picture of health service activity".

"This data is used for funding, policy making, performance monitoring or used to meet DHS' own reporting obligations to state and Australian governments, the media and the public," the directive said.

It also said patients in emergency departments must not be reported as being in observational medicine units — wards allegedly used to manipulate hospital computer systems to meet benchmarks for funding.

The bulletin, which warns hospitals that their data may be audited, comes after the Australasian College for Emergency Medicine recently claimed Victorian hospitals were manipulating data, admitting patients to "virtual wards", and inconsistently measuring waiting times to meet Government benchmarks for bonus payments.

A survey of 19 emergency department directors by the college found almost 40% of them had been "admitting" patients when they were still in waiting rooms, corridors or on trolleys.

The "virtual wards" were used purely for "creative accounting" to receive funding and avoid "performance watch", the doctors said.

More here:

http://www.theage.com.au/national/hospitals-get-a-phantom-wards-warning-20080921-4l0g.html

While one can adopt a purist ‘tut tut’ approach to news like this – I think it is more important to ask just what is causing people to undertake such deception. The answer must me excessive pressure and strain on those working in the system – and such directions from Ministers should be rather more focussed on working out how to fix the problem..not suppress it.

Fifth we have:

IBM threatens to leave standards bodies

Jeremy Kirk (IDG News Service) 24/09/2008 08:30:00

IBM would like to see loopholes that allow dominant companies to abuse standards processes closed.IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.

IBM is threatening to leave organizations that set standards for software interoperability because of concerns that their processes are not always fair.

IBM published a new set of guidelines it plans to follow, which include encouraging standards bodies to have rules to protect their decisions from "undue influence," a clear reference to competitor Microsoft.

IBM would like to see loopholes that allow dominant companies to abuse standards processes closed, said Bob Sutor, vice president of open source and standards. Leaving a standards organization for a lack of reforms would be a "last resort," he said.

"We see this very much as a positive, constructive policy for how we hope to engage," Sutor said.

IBM was one of the most vocal opponents of a file format created by Microsoft and approved by the International Organization for Standardization (ISO) as an international standard earlier this year.

Part of the specification, called Office Open XML, is used in Microsoft's latest Office 2007 productivity suite but has yet to be fully implemented by either Microsoft or other software vendors. OOXML is a rival to OpenDocument Format (ODF), also an international standard used in office suites such as OpenOffice.org and StarOffice.

Much more here:

http://www.computerworld.com.au/index.php?id=543099586&eid=-255

This is a much more important article that it appears on the surface. For the e-Health sector it is vital that we have standards for interoperability and communication that are technically as good as possible and totally free from commercial interest. At the level of the International Standards Organisation it seems to me that while politics and commercial interests will always defend their positions those involved should do what they can to simply pursue technical quality and implementability and nothing else!

Last we have the slightly more technical article for the week:

How IT could have prevented the financial meltdown

The tools are largely there, but not the visibility needed for regulators and banks to catch problems early

Ephraim Schwartz (InfoWorld) 25/09/2008 09:05:00

In the coming weeks the feds and the surviving financial services institutions will have the daunting task of unraveling all the securitized loans and other instruments that are hiding the toxic investments. But does the technology exist to do that? And if so, could it have been used to prevent the bad debt from hitting the fan in the first place?

The fact is that despite government regulations like Sarbanes-Oxley, there is little visibility mandated by current regulations into the origination of loans and how they are broken up, resold, and resold again.

To cite the classic example of how we got into this mess, consumers were given 100-percent-plus variable mortgages without any security. Not only could those mortgages be sold to other banks, but they could be divided into five, ten, or twenty tranches -- financialese for slices -- and resold to five to ten different organizations, making it difficult to track who was involved and who ended up taking the risk.

Theoretically, the financial service providers were clear on the risks of each type of loan and had a way to gauge whether they had enough liquidity -- cash and other easily sold assets -- available if the riskier loans went south. But a New York Times report indicates that in fact many financial institutions gamed their analytics to favor positive scenarios over negative ones in order to justify keeping less money in reserves should the risky loan blow up. "A large number of buyers of these kinds of instruments really didn't care about the value. They just wanted to flip it. A lot of people just didn't want to know," concurs says Josh Greenbaum, principal at Enterprise Applications Consulting.

Much more here:

http://www.computerworld.com.au/index.php?id=944462607&eid=-255

Had to have one reference to the world as we know it ending! It seems there are some techniques available that might have helped clarify just who owns what and who owes what to whom!

More next week.

David.

The US Makes Progress in Health IT Privacy – But More to Do!

The US Government Accountability Office issues the following release and associated report a few days ago. At the same time I received an announcement of a Health IT privacy conference that is planned for Brisbane late in the year.

Health Information Technology: HHS Has Taken Important Steps to Address Privacy Principles and Challenges, Although More Work Remains

GAO-08-1138 September 17, 2008

Highlights Page (PDF) Full Report (PDF, 23 pages) Accessible Text Recommendations (HTML)

Summary

Although advances in information technology (IT) can improve the quality and other aspects of health care, the electronic storage and exchange of personal health information introduces risks to the privacy of that information. In January 2007, GAO reported on the status of efforts by the Department of Health and Human Services (HHS) to ensure the privacy of personal health information exchanged within a nationwide health information network. GAO recommended that HHS define and implement an overall privacy approach for protecting that information. For this report, GAO was asked to provide an update on HHS's efforts to address the January 2007 recommendation. To do so, GAO analyzed relevant HHS documents that described the department's privacy-related health IT activities.

Since GAO's January 2007 report on protecting the privacy of electronic personal health information, the department has taken steps to address the recommendation that it develop an overall privacy approach that included (1) identifying milestones and assigning responsibility for integrating the outcomes of its privacy-related initiatives, (2) ensuring that key privacy principles are fully addressed, and (3) addressing key challenges associated with the nationwide exchange of health information. In this regard, the department has fulfilled the first part of GAO's recommendation, and it has taken important steps in addressing the two other parts. The HHS Office of the National Coordinator for Health IT has continued to develop and implement health IT initiatives related to nationwide health information exchange. These initiatives include activities that are intended to address key privacy principles and challenges. For example: (1) The Healthcare Information Technology Standards Panel defined standards for implementing security features in systems that process personal health information. (2) The Certification Commission for Healthcare Information Technology defined certification criteria that include privacy protections for both outpatient and inpatient electronic health records. (3) Initiatives aimed at the state level have convened stakeholders to identify and propose solutions for addressing challenges faced by health information exchange organizations in protecting the privacy of electronic health information. In addition, the office has identified milestones and the entity responsible for integrating the outcomes of its privacy-related initiatives, as recommended. Further, the Secretary released a federal health IT strategic plan in June 2008 that includes privacy and security objectives along with strategies and target dates for achieving them. Nevertheless, while these steps contribute to an overall privacy approach, they have fallen short of fully implementing GAO's recommendation. In particular, HHS's privacy approach does not include a defined process for assessing and prioritizing the many privacy-related initiatives to ensure that key privacy principles and challenges will be fully and adequately addressed. As a result, stakeholders may lack the overall policies and guidance needed to assist them in their efforts to ensure that privacy protection measures are consistently built into health IT programs and applications. Moreover, the department may miss an opportunity to establish the high degree of public confidence and trust needed to help ensure the success of a nationwide health information network.

Recommendations

Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Implemented" or "Not implemented" based on our follow up work.

Director:

Team:

Phone:

Valerie C. Melvin

Government Accountability Office: Information Technology

(202) 512-6304

Recommendations for Executive Action

Recommendation: To ensure that key privacy principles and challenges are fully and adequately addressed, the Secretary of Health and Human Services should direct the National Coordinator for Health IT to include in the department's overall privacy approach a process for assessing and prioritizing its many privacy-related initiatives and the needs of stakeholders.

Agency Affected: Department of Health and Human Services

Status: In process

Comments: When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

----- End Release.

Link is found here:

http://www.gao.gov/products/GAO-08-1138

The last paragraph of the summary is the most important. Here the GAO makes it quite clear the US Federal Health Department has not developed a co-ordinating process for ensuring privacy is properly protected and the Health Information Network program moves forward and that there is only one chance to get this right. Once the public loose trust in the way health information is shared it will be very hard to win it back.

I agree 100% with theses points (the need for a defined process and the risk of failure) and we need to build this understanding into all our plans as well! NEHTA has been a good deal less than forthcoming about its processes to date. I do hope the planned HISA conference helps flush out what the plans really are and make a contribution to improvement if required!

Here is the background I received on it.

Begin Announcement. ----

Australia is on the verge of substantial changes to the laws governing health privacy. The Australian Law Reform Commission’s report is now with parliament and new laws and regulations will soon be developed as a consequence of this submission. These changes will have a significant impact on the way healthcare professionals work with health information of all kinds and could significantly impact the way healthcare is delivered in some situations.

It is now time to understand how to prepare for these changes and also to provide leadership and feedback to the government as they draft the laws and subsequent privacy regulations that will be derived from this report.

These are the deliverables of the Health Privacy Futures conference. The program has an outstanding lineup of health privacy leaders, with a deep and practical understanding of the Australian healthcare environment. I have attached a conference brochure which outlines the provisional conference program and featured speakers.

You can find out more about the conference, or you can register for this event, by going to the Health Privacy Futures website at www.healthprivacy.org.au. There are substantial discounts for Early Bird Registration which will end on October 8.

End Announcement.----

Those interested should consider attending.

David.

Cloud Computing and Health Information Privacy.

With the ABC program on Cloud Computing last week I have been alerted to the potential uses and abuses of this approach in the broad. Others seem to have also noticed as the following appeared a few days ago.

Cloud computing puts your health data at risk

By Stuart J. Johnston

The advent of "in the cloud" medical records services, such as Microsoft HealthVault and Google Health, promises an explosion in the storage of personal health-care information online.

But these services pose sticky privacy questions — unless you know how to protect your personal medical records.

A promise of safer personal health data

Your private health information is migrating wholesale onto the public network with the advent of online health-care records stored in massive data centers around the world.

While the services aim to make it easier for consumers to access and manage their personal health information, the ready availability of this data also makes it much easier and less expensive for insurers to put your medical history under the microscope.

Surprised? You shouldn't be. You voluntarily grant access to that sensitive information every time you sign a waiver so that your health insurer can decide whether to pay for a doctor's visit, a prescription, or an expensive medical test.

What's more, most of the gathering and collating of this information is legal. In fact, the number of companies that have access to this information runs into the millions, say privacy advocates.

As recently as last year, only 1% to 3% of U.S. consumers had electronic versions of their health records, according to market research firm Health Industry Insights, an IDC company.

That is about to change.

The fact that two of the biggest players in the emerging world of cloud computing services — Microsoft and Google — are jumping into that arena with both feet will likely accelerate the shift to online medical records.

Microsoft kicked off the beta test of its HealthVault service almost a year ago, while Google announced its Google Health service last February and launched a beta in May. While both services are still in beta, each company has partnered with large health-care providers for pilot tests: Microsoft with Kaiser Permanente and Google with the Cleveland Clinic.

Much more (including suggestions as to what to do about the threat) here:

http://windowssecrets.com/2008/09/18/03-Cloud-computing-puts-your-health-data-at-risk

This is a useful discussion of the issues – albeit from a slightly American perspective – and needs to be browsed by all those contemplating the future of PHRs and how they may be best delivered. From the ‘cloud’ may not be the ideal way.

The ABC talk and transcript on the topic is still available here:

http://www.abc.net.au/rn/backgroundbriefing/stories/2008/2359128.htm

The .mp3 file will only be available for a couple more weeks so grab it now if you want to listen.

David.

Patient Consent in Health Information Exchange – A Discussion Paper

The New York eHealth Collaborative has produced an interesting discussion document on patient consent in health information exchange.

Comments Sought on How Patient Consent Will Work in Electronic Exchange

Draft recommendations released this week by the New York eHealth Collaborative (NYeC) describe how patient consent should be obtained before a patient’s health information is exchanged electronically between entities participating in a regional health information organization (RHIO). The recommendations are part of a draft white paper released for public comment, developed by NYeC’s privacy and security workgroup.

NYeC is a public-private health information technology (HIT) stakeholder group aimed at developing consensus on key HIT policies and collaborating on state on regional HIT implementation efforts. The NYeC workgroups develop policies, technical standards, and operational guidance for health IT projects in New York and the Statewide Health Information Network for New York (SHIN-NY).

The NYeC privacy and security workgroup paper asserts that given state law regarding disclosure of certain health information, “affirmative consent from the patient to exchange health information via SHIN-NY governed by a RHIO is required under existing state law for non-emergency treatment.”

The full release is found here:

http://www.hanys.org/news/index.cfm?storyid=537

The report is found here:

http://www.nyehealth.org/files/File_Repository16/pdf/Consent_White_Paper_Public_Comment.pdf

Given that after addressing privacy issues this topic is of critical importance it is timely that this paper appear.

What I found particularly insightful was the following from page 3 of the 59 page report.

“In pursuing its health IT investment program, New York is cognizant that its success will not only be measured by technical, financial and clinical achievements, but also by the policies governing the exchange, measurement and reporting of personal health information as well as accountability mechanisms ensuring adherence to such policies. In fact, establishing public trust with respect to the privacy and security of health information is the single most important goal of New York’s health IT investment program.

In pursuing this goal, New York benefits from policy thinking developed by several important projects that have addressed privacy and security, including: the Markle Foundation’s Connecting for Health initiative; the California Healthcare Foundation’s policy briefs on privacy and consumer attitudes and policy forums; studies performed by such organizations as the American Health Information Management Association (AHIMA), eHealth Initiative, Healthcare Information Management Systems Society (HIMSS), National Alliance for Health Information Technology (NAHIT), the Health Information Security and Privacy Collaborative (HISPC); and the Certification Commission on Healthcare Information Technology’s (CCHIT). New York’s investment program builds on the collective foundation of these policy efforts while seeking to go one step further. Because New York is setting policy in the context of live implementations and is doing so through a statewide public-private collaborative model, there is a unique opportunity to stress-test new concepts that to date have largely been considered in either much smaller settings, on a theoretical basis, or in connection with proprietary or narrow technological approaches. Hopefully, New York’s experience will provide all stakeholders a richer understanding of what works and what does not, and will help to inform and shape emerging state and national policy.

As I have often noted, again we find privacy and consent issues being recognised as a ‘rate limiting step’ in the development of Health Information Networks.

This document is really more that a discussion of consent – covering as it does what almost amounts to a NY Health IT Network Strategy. (It is funded at $200M so it is pretty serious stuff!). It has clearly been carefully considered and researched.

Recommended reading.

David.