Medical Identity Theft – A Worry for OZ?

This topic has been attracting increasing comment in the US recently.

First we have a review from iHealthBeat.

Scope, Future of Medical Identity Theft Examined

by George Lauer, iHealthBeat Features Editor

Pervasive, profound changes in health IT promise all kinds of new possibilities for all kinds of people -- patients, clinicians, policymakers, insurers … and criminals.

Stealing and cashing in on medical identities is the "theft of the future," according to Kirk Ogrosky, deputy chief for health care fraud in the Department of Justice's criminal division.

"If they do it intelligently, they're probably not going to be detected," Ogrosky said, adding, "We have to figure out how to use technology to at least keep up with criminals and maybe even get ahead."

Ogrosky was one of more than a dozen panelists at a day-long town hall meeting on medical identity theft last week hosted by HHS' Office of the National Coordinator for Health IT. More than 500 signed up to participate in the meeting either in person or online -- a measure of the health care industry's attempt to get its arms around a potentially significant but so far largely unknown problem.

"This is an emerging issue. We really are in the awareness phase," said Jodi Daniel, ONC's director of policy and research. "We hope meetings and dialogue like this will help us get out in front of what could become a huge issue," she said.

Two Kinds of Theft

Most medical identity theft falls into one of two broad categories:

• "One-off" crimes in which an individual's medical identity, including health insurance, is co-opted by another individual with or without consent; and
• Systemic theft in which medical identities are stolen in large numbers and used to bill for services never delivered.

Both types of theft were represented at the town hall meeting.

Nicole Robinson of Maryland learned in 2000 that a woman in Texas had stolen her identity and run up numerous medical and dental bills. The Texas woman was arrested, but the issue is not resolved. Now, eight years later, the real Nicole Robinson still is not sure what is and isn't accurate in her medical records.

"Because of privacy rules governing health care, I can't actually look at and clear my own records," Robinson said.

Harry Rhodes, director of practice leadership for the American Health Information Management Association, said accuracy in patient records should be paramount.
"The value of data integrity far outweighs any other issue," Rhodes said, adding, "It's certainly of greater value than locking up the record tight and not letting the patient see it."

Marcy Wilder, a lawyer who specializes in health information law at Washington, D.C., law firm Hogan & Hartson, said there simply aren't good solutions for victims of medical identity theft.

"There are very clear-cut steps you can take to protect your financial identity, but there are not clear steps yet to protect your medical identity. In the future as health IT is more widely adopted and gets better, that may change. But right now, there just aren't any good answers," Wilder said.

Ogrosky gave sobering examples of systemic fraud, most dealing with Medicare billing.

"In Dade County -- the Miami area -- Medicare identities are worth about $25 to $50 a name," Ogrosky said. He told a tale of a woman working in a cardiac clinic who stole hundreds of Medicare identities using a thumb drive. She sold the data to others who set up a phony clinic fitting non-existent patients with expensive prosthetic limbs and orthotics.

"They billed Medicare for about $400 million, and CMS paid about $100 million," Ogrosky said.

Lots more (including links) here:

http://www.ihealthbeat.org/Features/2008/Scope-Future-of-Medical-Identity-Theft-Examined.aspx

And we have more here:

ONC tackles medical identity theft

By Diana Manos, Senior Editor 10/17/08

Leaders and stakeholders gathered this week to discuss medical identity theft and how the federal government could lead a campaign to prevent it.

In a town hall meeting sponsored by the Department of Health and Human Services' Office of the National Coordinator for Health IT (ONC), experts explained how statistics are scarce on the extent of the problem –in part because most often the crime is committed by company insiders and goes unreported.

Others explained how medical identity theft can have devastating effects on victims.

According to Linda Foley, founder of Identity Theft Resource Center, victims of medical identity theft want a clean record, but there aren't many answers for how to help them. Sometimes the thief mixes their information with another patient's, making the clean-up particularly difficult.

Some doctors have begun taking photos to include in patient records, Foley said.

Pam Dixon, executive director of the World Privacy Forum, said the loss to a patient from a single incident of medical identity theft can range from $2,000 to $250,000.

Dixon urged any federal campaigns to prevent medical theft to include input from victims who understand the complexities of the damage and what it takes to help victims through the process.

Gary Cantrell, from the HHS Office of the Inspector General, said victims can pay $800 to $5,000 out-of-pocket on bills racked up via medical identity theft to prevent further damage to their credit ratings. They report the crime to several agencies, but wonder if the case has been dropped through the cracks.

"We need to help the consumer and have a plan of action to reassure them that something is being done," Cantrell said.

More here:

http://www.healthcareitnews.com/story.cms?id=10216

It seems to me that while this is likely to be less of a problem here than in the USA – mainly because we have so many less funders of care and because Medicare Australia is involved in so many transactions – that getting away with this sort of fraud would be a good deal trickier than in the US and probably not as profitable.

That said it is important to be alert to the possibility and to make sure any systems that are put in place make it has hard as possible for such fraud to occur.

David.

UK Develops Standards for Health Information That is Used in Care Delivery

The following article appeared a few days ago.

Standards set for the structure of medical records

23 Oct 2008

Profession-wide standards for medical records in hospitals have been agreed for the first time.

The standards, developed by the Royal College of Physicians and NHS Connecting for Health, and backed by the Academy of Medical Royal Colleges, set out the structure of the clinical content doctors should record on admission, at handover, at out of hours handover and at discharge.

A spokesperson for CfH said it is working closely with suppliers to ensure the standards are built into their systems.

She added: "Implementation of the new record keeping standards is being managed according to requirements of local programmes. The records will first be incorporated into paper pro-formas, before being introduced into electronic records.

"The new standards are also being incorporated into the design of Cerner and Lorenzo. We are currently working with suppliers to draw up plans for implementation of the standards in acute trusts across the country."

Professor John Williams, director of the RCP Health Informatics Unit, also told E-Health Insider that incorporating the standards into electronic records would depend on the work CfH does with suppliers. But he expects the standards to be in use in every hospital in paper format over the next year.

“There isn’t a specific timescale for this to happen, and we haven’t been didactic, but I would like to see the structured proformas in use over the next year. We hope that they will be part of the training of junior doctors as they join; so the first milestone will be the next intake of house officers,” he said.

CfH and the RCP say the standards will improve safety by standardising the information held on patients during their hospital stay, reducing the likelihood of mistakes and of information being missing at admission, handover and discharge.

They should also mean that clinical information in electronic records should only need to be recorded once, improving efficiency and saving time. And they should simplify the implementation of new clinical information systems, as they can all be built to the same structure standards.

Much more here:

http://www.e-health-insider.com/news/4262/standards_set_for_the_structure_of_medical_records

Also from E-Health Insider there is some commentary by two experts on what the standards mean.

Getting records up to standard

22 Oct 2008

In the latest column from NHS Connecting for Health, chief clinical officer Professor Michael Thick is joined by Professor Iain Carpenter, associate director for records standards in the Health Informatics Unit at the Royal College of Physicians. They jointly talk about the standards the two organisations have just released for patient records.

Standardising the format of patient records is key to improving patient safety. The recent Health Informatics Review highlighted the importance of improving information standards across the NHS, and the need for clinicians to have the right patient information, at the right time, to deliver better, safer care.

Now, for the first time, profession-wide standards for patient records have been developed in a project co-ordinated by the Royal College of Physicians in partnership with NHS Connecting for Health and agreed by the Academy of Medical Royal Colleges.

The standards, officially launched yesterday, are intended to improve safety by standardising the information held on patients throughout their stay in hospital, reducing the likelihood of mistakes and missing information at admission, handover and discharge.

When it comes to electronic patient records, the main challenge now is to work closely with suppliers on the technical requirements which will bring these standards to bear on them.

More here:

http://www.e-health-insider.com/comment_and_analysis/355/getting_records_up_to_standard

The details are found on the Royal College of Physicians Web Site.

http://www.rcplondon.ac.uk/clinical-standards/hiu/medical-records/Pages/Overview.aspx

The most important documents are found on this page:

http://www.rcplondon.ac.uk/clinical-standards/hiu/medical-records/Pages/clinicians-guides.aspx

Clinicians guides to medical record standards

Based on the work of the Health Informatics Unit, the Digital Information Policy Directorate of the Department of Health and NHS Connecting for Health has published a two part guide for clinicians on the standards for the structure and content of medical records.

Part one provides the background and context of the development of the standards.

A Clinicians Guide to Record Standards - Part 1: Why standardise the structure and content of medical records? (PDF 603KB)

Part two provides the standard headings and definitions of the hospital Admission Records, and Handover and Discharge Communications.

A Clinicians Guide to Record Standards - Part 2 : Standards for the structure and content of medical records and communications when patients are admitted to hospital. (PDF 379KB)

There are also other pages with generic guides and templates covering various important processes.

This is clearly sensible and pragmatic work that nicely prepares the way for information which is presently un-standardised and held on paper to be migrated to the world of the EHR.

At first glance they seem to strike a reasonable balance between depth and clinical utility – something I have to say some similar efforts from NEHTA in Australia over the last few years did not achieve. (It is clear, and obvious, that these standards were developed by clinicians and agreed with them – rather than by ivory tower academics as seemed to be the case in much of NEHTA’s work).

These standards should be closely reviewed by Australian Health IT planners and all interested clinicians.

David.

A Really Silly Question for the 600th Post - Who Beat NEHTA to Its Name?

I came upon this the other day and could not resist!

New England History Teachers' Association

-----

Organized in 1897, the NEHTA is the oldest professional organization dedicated to the promotion of history education in the United States.

Publisher of The New England Journal of History

Publisher of The NEHTA Newsletter and Forum

Host of the annual NEHTA Fall Conference

-----

Thank you for attending our Fall Conference for 2008

Teaching the 1950's and the 1960's

Friday, October 10, 2008

-----

New Features!

Historical Thinking, visit the NEHTA President's Blog.

Please visit our Publications page for links to our newsletter.

Excerpt from the report of NEHTA's first annual meeing in 1887!

Excerpt from the report of the 1898 spring meeting

Call for old journals!! See our Announcements page for further information, events of interest, and more.

copyright 2005-08
updated: Oct. 2008

The full site is found here:

http://www.nehta.net/

Oh and yes this is the 600^th post since March 2006.

David.

Unique Patient Identifiers – Well Worth the Effort it Seems!

The RAND Corporation released an important Report this week.

Creating Unique Health ID Numbers Would Facilitate Improved Health Care Quality and Efficiency

Creating a unique patient identification number for every person in the United States would facilitate a reduction in medical errors, simplify the use of electronic medical records, increase overall efficiency and help protect patient privacy, according to a new RAND Corporation study.

Although creating such an identification system could cost as much as $11 billion, the effort would likely return even more in benefits to the nation's health care system, according to researchers from RAND Health.

"Establishing a system of unique patient identification numbers would help the nation to enjoy the full benefits of electronic medical records and improve the quality of medical care," said Richard Hillestad, the study's lead author and a senior principal researcher at RAND, a nonprofit research organization. "The alternative is to rely on a system that produces too many errors and puts patients' privacy at risk."

Federal legislation passed over a decade ago supported the creation of a unique patient identifier system, but privacy and security concerns have stalled efforts to put the proposal into use.

As adoption of health information technology expands nationally and more patient records are computerized, there have been increasing calls to create a system that would make it easier to retrieve records across varying systems such as those used by doctors and hospitals.

RAND researchers examined the costs of creating a unique patient identification system, compared the error rates of such a system and its alternatives, and examined the operational advances and disadvantages of the technology.

The RAND study concluded that one of the primary benefits created by broad adoption of unique patient identifiers would be to eliminate record errors, and help reduce repetitive and unneeded care.

In the absence of unique patient identifiers, most health systems use a technique known as statistical matching that retrieves a patient's medical record by searching for attributes such as name, birth date, address, gender, medical record numbers, and all or part of a person's Social Security Number.

Reviewing past research studies, RAND researchers estimated that statistical matching returns incomplete medical records about 8 percent of the time and exposes patients to privacy risks because a large amount of personal information is exposed to computer systems during a search.

The study also concluded that many of the privacy concerns related to a unique patient identification system could be addressed through the creation and enforcement of laws that severely punish those who misuse information retrieved with a health ID number.

"Our research suggests that it's easier to safeguard patient privacy with a records system that makes use of a unique health ID rather than a system that uses statistical matching," Hillestad said.

One way to deal with privacy concerns might be to allow to people to voluntarily enroll in a unique patient identification system, researchers say. Such an approach would allow a unique health identifier system to demonstrate that it can be used without compromising patient privacy and can be more accurate than current statistical matching systems.

Some proposals have suggested using patients' Social Security Numbers as a medical identifier. But the RAND study found Social Security Numbers are a poor option because they are so widely used and they pose risks of identity theft.

A genuine unique patient identification system would be more secure because it could include safeguards such as check codes that allow numbers to be easily screened for input errors. Such check codes are mathematical combinations of the other digits in the number and are commonly used in other digital IDs such as those in the product bar codes scanned at checkout counters.

Support for the study was provided by a consortium of health information technology companies. They include Cerner Corporation, CPSI, Intel, IBM, Microsoft, MISYS, Oracle and Siemens.

The study, "Identity Crisis: An Examination of the Costs and Benefits of a Unique Patient Identifier for the U.S. Health Care System," is available at www.rand.org. Other authors of the report are James H. Bigelow, Basit Chaudhry, Paul Dreyer, Michael D. Greenberg, Robin C. Meili, M. Susan Ridgely, Jeff Rothenberg and Roger Taylor.

RAND Health, a division of the RAND Corporation, is the nation's largest independent health policy research program, with a broad research portfolio that focuses on quality, costs and health services delivery, among other topics.

Learn More

Full Document

Research Brief

Health and Health Care Research Area

E-mail sign up

About the RAND Corporation

The RAND Corporation is a nonprofit research organization providing objective analysis and effective solutions that address the challenges facing the public and private sectors around the world.

----- End Release

The release is found here:

http://www.rand.org/news/press/2008/10/20/

Note: The report was sponsored by the following companies:

Cerner Corporation, CPSI, Intel, IBM, Microsoft, MISYS, Oracle, and Siemens.

The financial implications are pretty big!

“A one-time cost of $1.5 to $11.1 billion for a UPI, to remove the systemic errors in health-records retrieval, is small by comparison with the value a potential efficiency savings of $77 billion per year at the 90-percent level of adoption (with additional safety and health values that could double these benefits) that previous studies estimated for connected Electronic Health Record (EHR) systems.”

See the following site:

http://www.rand.org/pubs/monographs/MG753/

There has been a lot of coverage of the report. The LA Times is typical.

Your own health ID number

3:57 PM, October 20, 2008

It's been a decade since federal legislation called for the creation of a unique patient identifier -- a number carried by each American linking patients to their individual health records -- but concerns about privacy and security, reported way back in the July 21, 1998, Los Angeles Times, have stalled efforts to put the proposal into use.

Concerns still exist, but it may be an idea whose time has come, according to a Rand Corp. study released online today. It turns out that the compromise fashioned to adhere to the 1996 Health Insurance Portability and Accountability Act mandating the creation of a system to accurately identify patients has resulted in a system in which privacy is at risk, while not doing enough to prevent errors.

Short of a new system with a new number for everyone, most hospitals and health systems instead rely on what's called statistical matching, based on multiple personal attributes, such as name, address, birth date, gender and Social Security number, to accurately match a given patient with his or her MRI results, blood records or medical history.

That's why, when you call your insurance company, the representative might think nothing of asking, "What's your soch?" -- translation: social security number. The statistical matching system now in use is more likely than a new unique patient identifier system to result in errors, repetitive tests and unnecessary care. Rand researchers, led by senior principal researcher Richard Hillestad, found that the system now in place returns incomplete medical records about 8% of the time and exposes patients to privacy risks because of the large amount of personal information needed to do a search.

More here:

http://latimesblogs.latimes.com/booster_shots/2008/10/your-own-health.html

If confirmation was needed then here we have it! Investment in a national health identifier is clearly a sensible thing to do and NEHTA needs to get on with it – while ensuring the privacy and security issues are solved through relevant legislative and management process actions.

David

Commonwealth Health Department Secretary Insults Health IT Professionals!

Sometimes you really have to wonder just who some people think they are!

E-health is on its way

Karen Dearne | October 28, 2008

HEALTH Department secretary Jane Halton says work on basic e-health standards is nearing completion.

Ms Halton told a Senate Estimates committee that the "nerd-relevant things which the public do not have any interest in but which are needed to make the system workable" were now getting "pretty close".

The Health Department was working towards the first version of a universal health record, which would be available in the short to mid-term.

See rest of the short article here:

http://www.australianit.news.com.au/story/0,24897,24561094-15306,00.html

These comments are just outrageous and show a total lack of insight into, and a pretty much total ignorance of, e-Health. The work is nowhere near done and if she does not know that she is not fit to hold here present position in my view.

I don’t see why any senior bureaucrat thinks it is OK to describe Health IT professionals as nerds.

This is really very sad and bodes ill for any progress in the sector with leadership of this appalling quality.

David.

Note: the Australian IT website has now been updated - and the insults to those working in the Health IT field as 'nerds and propeller heads' just keep coming.

A serious pox on her ignorant house!

D.

Done Right, GP Computing Can Really Make a Difference!

The following release from the University of Nottingham appeared a little while ago.

Primary care records improve public health information

Tue, 07 Oct 2008 16:17:00 GMT

PA 240/08

Gaining a fuller and more accurate picture of trends in the most important disease risk factors is now possible, thanks to a project between the NHS Information Centre and QResearch®.

The Public Health Indicators summary reports on trends in obesity, smoking, blood pressure, cholesterol and ethnicity using anonymous data taken from the health records of more than four million patients.

QResearch, a not-for-profit partnership between The University of Nottingham and leading primary care system supplier EMIS, uses data which extends back 17 years. Using the QResearch database, information can be collected on a larger scale and broken down on a localised basis, unlike the Health Survey for England (HSfE).

The findings of the first summary include:

• 80 per cent of registered patients aged 16+ had smoking information recorded in the last five years with 22 per cent recorded as smokers. Whilst the proportion of patients who smoke has declined over the past five years, there is still a significant gradient between affluent and deprived areas.

• Smoking rates are more than twice as high in deprived areas compared with affluent areas and this information could be used to target smoking cessation programmes to those at highest risk who have most to gain from smoking cessation interventions.

• 58 per cent of registered patients aged 16+ had had their body mass index (BMI) recorded in the last five years and 26 per cent were shown to be obese (BMI greater than 30). Levels of obesity continue to rise and are highest in the North and Wales and lowest in London and the South.

• More patients now have cholesterol measurements recorded on their routine electronic health records. This data, together with other routinely collected data such as age, sex, smoking, body mass index, can be used to estimate cardiovascular risk. This information could be used to target patients with preventative measures, such as lifestyle advice and cholesterol lowering treatments.

QResearch project leader, Professor Julia Hippisley-Cox of The University of Nottingham, said: “The Public Health Indicator data can be used to identify patterns and wider health trends so that resources can be targeted to patients with the greatest need to help avoid further widening health inequalities.

“With input coming directly from GPs spread throughout the country, it is much easier to analyse patterns and trends. This makes it a potentially powerful tool in understanding public health issues.”

Access to the summary data underpinning this report is also available through the QResearch website (www.qresearch.org). This will enable anyone involved in public health to access the information, develop health programmes and set targets.

Dr David Stables, Clinical Director of EMIS and a Director of QResearch, said: “The database is designed to show results in a number of different ways and identify patterns, whether across the whole population or specifics related to gender or age.

“Projects like this are only possible with the contribution from EMIS practices who provide the data on a basis that maintains patient confidentiality.”

— Ends —

Notes to editors: The project is jointly funded by the Department of Health and the NHS Information Centre.

The full report can be found at:

http://www.ic.nhs.uk/webfiles/publications/A%20summary%20of%20public%20health%20indicators%20using%20electronic%20data%20from%20primary%20care.pdf

QResearch is one of the world's largest primary care databases, containing anonymised data from 11 million patients across the UK. New data is uploaded each night from the 551 EMIS general practices that participate in the project. The data is available for research to benefit public healthcare. Visit: www.qresearch.org

EMIS is the UK's leading supplier of IT systems to GPs, providing the software that holds the medical records for 39 million NHS patients nationwide. Around 56 per cent of GPs in the UK currently use EMIS software. www.emis-online.com

The release is found on-line here:

http://communications.nottingham.ac.uk/News/Article/Primary-care-records-improve-public-health-information.html

The work being done by QResearch is really a great thing. That a database exits that is monitoring the health of 11 million people and tracking their use of health services, medicines and so on while recording what problems they are suffering is a phenomenal tool for public health surveillance and research – as well as in roles such as monitoring drug safety and so on.

Those that had the vision to get this done ‘deserve to be congratulated’! There is little doubt all the British public are better off and better informed as a result of this work.

David.

Useful and Interesting Health IT Links from the Last Week – 26/10/2008

Again, in the last week, I have come across a few reports and news items which are worth passing on.

These include first:

Why Technology Projects Fail

Another useful site on Why Technology Projects Fail has been recently brought to my attention.

The site is found here:

http://calleam.com/WTPF/

A useful summary of the views offered is found here:

http://calleam.com/WTPF/wp-content/uploads/articles/Whatmakes.pdf

The site and the paper are well worth a close read.

Second we have:

Lorenzo stalled at Morecombe Bay

21 Oct 2008

The latest deadline for the implementation of Lorenzo at University Hospitals of Morecambe Bay NHS Trust has passed and there is currently no go-live date.

Health minister Ben Bradshaw indicated that Morecambe Bay would become the first large NHS hospital to use the first version of iSoft’s Lorenzo electronic patient record by the end of the summer.

However, there is no published timetable for the key National Programme for IT in the NHS software to go live in its first acute reference site. The software is eventually due to be used across three-fifths of the English NHS.

The latest delays to the first version of Lorenzo will inevitably push back the planned schedule for adding key clinical functionality to the software in three further releases, under a programme known as Penfield. This, in turn, raises doubts over the achievability of the current 2012 completion date for Lorenzo.

Bradshaw told the House of Commons this spring that, after lengthy delays, the Lorenzo software would go live at three pilot sites, including Morecambe Bay, by the end of the summer. The other two sites are South Birmingham Primary Care Trust and Bradford and Airedale Teaching Primary Care Trust.

More here:

http://www.e-health-insider.com/news/4252/lorenzo_stalled_at_morecombe_bay

Just a short update on the progress being made with ISoft’s Lorenzo. We can only hope the system will soon go live so confidence can be returned to those hoping Lorenzo will be a success over the next 2-3 years. The article provides a useful overview of present plans for Lorenzo which readers will recall was recently selected to be installed in a new high tech hospital in Sydney (MU Private).

Third we have:

Roxon lost in e-health maze?

Karen Dearne | October 22, 2008

THE word e-health is yet to pass federal Health Minister Nicola Roxon's lips but the fact she is looking at healthcare that works across different parts of the system means that she has to get there soon.

For some months now, industry observers have been anxiously waiting for federal Health Minister Nicola Roxon to mention e-health

For some months now, industry observers have been anxiously waiting for Ms Roxon to mention e-health in one of her many - well-received - speeches on health sector reform. They point out that her plans rely on having a robust and reliable health IT infrastructure that presently doesn't exist.

Much more here:

http://www.australianit.news.com.au/story/0,24897,24535256-5013046,00.html

Just to suggest the site is worth a return visit to browse the comments that the article elicited. Some sensible comments and one or two really silly ones – as always.

Fourth we have:

Data breach hits 80% of local companies: survey

Karen Dearne | October 22, 2008

ALMOST 80 per cent of local organisations have experienced a data breach in the past five years, with a further 40 per cent reporting between six and 20 known breaches during the period, according to Symantec's first Australian data loss survey.

As well, 59 per cent of businesses surveyed suspected they had suffered undetected data breaches, but were unable to identify what information had left the organisation, or how.

Symantec Australia managing director Craig Scroggie said the results show that talk about data loss is "not just hype, but a real and present challenge that organisations manage on a daily basis".

Mr Scroggie said he fell victim to a data breach when a local restaurant accidentally mailed out its entire customer database, including credit card details, as an attachment to an email dining offer.

"I have 3499 new friends who each know as much about me as I know about them," he told a press briefing in Sydney.

The restaurant suffered considerable financial loss in notifying customers about the exposure, remediating the situation through assistance with monitoring for possible fraud, and damage to reputation.

The survey is the first to try to put a figure on costs related to local data breaches, with 34 per cent of respondents saying an average breach cost around $5000, while 14 per cent reported costs between $100,000 and $999,999, and 7 per cent reporting costs over $1 million.

But Symantec manager Steve Martin said $5000 would only cover the cost of replacing a lost or stolen laptop, and did not take into account the financial costs associated with loss of confidential financial or customer information, or proprietary business data.

Much more here:

http://www.australianit.news.com.au/story/0,24897,24530567-15306,00.html

While it is always possible that a security software provider might ‘guild the lily’ as to the severity of the problem it seems clear there are issues which all small businesses (including medical practices) need to be aware of and make sure they have covered.

Fifth we have:

Hospital computer overhaul under fire

• Nick Miller
• October 22, 2008

A NEW report has attacked the slow progress and vague budget of a $360 million overhaul of Victoria's hospital computer systems, raising fresh doubts over the State Government's ability to handle major projects.

A parliamentary committee found there was no clear timeline or funding for about a third of the HealthSMART project. Its report queried whether hospitals would ever get clinical systems intended to reduce medical errors, reduce the number and cost of pathology and radiology tests, and reduce delays in patient discharge.

The State Opposition called the finding a big embarrassment to the Government.

The Government denied yesterday that the program was over budget, but admitted it did not know when some HealthSMART systems would be up and running.

HealthSMART's aim was to improve patient care, reduce technical costs and ease the administrative burden on hospitals. It was initially intended to be finished in 2007.

More here:

http://www.theage.com.au/national/hospital-computer-overhaul-under-fire-20081021-55jp.html

I wonder whether this report is on-line somewhere as a quick search does not find it. Clearly the problems seem to be continuing but I am sure there would be lessons we could all learn from the details.

Last we have the slightly more technical article for the week:

OpenOffice.org 3.0 scores strong first week

Three million copies of open-source office suite downloaded, group says

Eric Lai (Computerworld) 22/10/2008 07:07:00

OpenOffice.org 3.0 was downloaded 3 million times in its first week, with about 80 percent of the downloads by Windows users, an official with the group said in a blog post on Monday.

The successful introduction of the open source office suite came despite the group's download servers being temporarily overwhelmed by demand for the new software last week.

Only 221,000 downloads by Linux users were recorded, leading John McCreesh, head of marketing for OpenOffice.org, to suggest a massive undercount. McCreesh said 90 percent of Linux users traditionally receive OpenOffice.org updates straight from their Linux distribution's vendor, which would explain the relatively low Linux count.

Many non-English versions of OpenOffice.org are also distributed by alternate Web sites, and OpenOffice.org is still widely distributed via free CD-ROMs in magazines, said McCreesh.

With the undercount included, OpenOffice.org 3.0 may already be installed on up to 5 million computers worldwide, McCreesh said in a blog post.

OpenOffice.org's goal of winning 40 percent of the office software market by 2010 "doesn't seem as ambitious today as it did four years ago," said McCreesh.

More here:

http://www.linuxworld.com.au/index.php?id=516906953&eid=-50

Just a reminder that the justification for staying with MS Office is just that little bit less. With zero cost and no ribbon – there are certainly some who will see this new version as a really good deal!

More next week.

David.

Hospital Provision of Electronic Health Records for Physicians.

This interesting report appeared a few days ago.

Hospitals slow to subsidize physician EMRs, study says

Story posted: September 18, 2008 - 5:59 am EDT

Because of the burden of other ongoing hospital information technology projects, budget limitations and lack of physician interest, hospitals are not significantly taking advantage of the relaxation of federal physician self-referral and anti-kickback regulations to subsidize physician purchases of electronic medical-record systems, according to a Robert Wood Johnson Foundation-funded study released today by the Washington-based Center for Studying Health System Change.

In the study of 24 hospitals in 12 representative metropolitan areas, only seven reported pursuing a strategy to provide financial or other support for physicians to purchase EMRs, with four saying they had began implementing or had implementation scheduled in the near future. The other 17 hospitals were said to be in various stages of planning and evaluation with no action expected to be taken this year.

…..

The two main factors identified for motivating hospitals to support physician EMR adoption were quality and efficiency improvement and "aligning physicians more closely with the hospital," the report said. "From a loyalty perspective, if you have physicians tied in where your labs and your X-rays (are located) and all those flow easily into their records, it will make it less likely they’ll take their business across the street," was a common sentiment, the report said.

Full report here:

http://modernphysician.com/apps/pbcs.dll/article?AID=/20080918/MODERNPHYSICIAN/309189965/-1/mptodaysnews

The actual full report is also available online

Despite Regulatory Changes, Hospitals Cautious in Helping Physicians Purchase Electronic Medical Records

Issue Brief No. 123

September 2008

Joy M. Grossman, Genna Cohen

While hospitals are evaluating strategies to help physicians purchase electronic medical records (EMRs) following recent federal regulatory changes, they are proceeding cautiously, according to findings from the Center for Studying Health System Change’s (HSC) 2007 site visits to 12 nationally representative metropolitan communities. Hospital strategies to aid physician EMR adoption include offering direct financial subsidies, extending the hospital’s ambulatory EMR vendor discounts and providing technical support. Two key factors driving hospital interest in supporting physician EMR adoption are improving the quality and efficiency of care and aligning physicians more closely with the hospital. A few hospitals have begun small-scale, phased rollouts of subsidized EMRs, but the burden of other hospital information technology projects, budget limitations and lack of physician interest are among the factors impeding hospital action. While it is too early to assess whether the regulatory changes will spur greater physician EMR adoption, the outcome will depend both on hospitals’ willingness to provide support and physicians’ acceptance of hospital assistance.

Full report is here:

http://www.hschange.org/CONTENT/1015/?PRINT=1

I find it interesting that there has not been more take up with the efforts the US legislature has taken to encourage EHR adoption. I suspect there may be a set of issues around the quality of systems funded and the risk of loss of independence that may be playing a part here.

It seems direct incentives for actual computer use, as we have done in Australia, is a better approach on the basis of these findings.

David.