So there’s no real element of surprise here by John Sung Kim’s pleading in TechCrunch re ‘integrating into legacy systems’ and the troubles his own startup DoctorBase encountered in what he tactfully puts ‘political and technical hurdles’ encountered. But then the velvet gloves come off about EHRs and their less-than-scrupulous idea of ‘partnerships’. (more…)
This week’s priceless quote:
“A lot of the response was, ‘We live in a cornfield in the middle of Minnesota,’” he said. “’Who wants to hurt us? Who can even find us here?’”–Jim Nelms, Mayo Clinic’s first chief information security officer,
We know where you are and what you do! The precarious state of healthcare data security at facilities and with insurers, plus increased external threats from hacking has been getting noticed by Congress–when you see it in POLITICO, you know finally it’s made it into the Rotunda. It was over the horizon late last summer with the FBI alert and legislators in high dudgeon over the Community Health Systems China hack [TTA 22 Aug 14]. It’s a roof that leaks, that costs a lot to fix, doesn’t have immediate benefit (cost avoidance never does) but when it does leak it’s disastrous.
This article rounds up much of what these pages have pointed out for several years, including the Ponemon Institute/IBM study from earlier this week, the Chinese/Russian connections behind Big Hacks not only for selling data, but also IP [TTA 26 Aug 14] and how decidedly easy it is to hack devices and equipment [TTA 10 May 14]. Acknowledgement that healthcare data security is about 20 years behind finance and defense deserves a ‘hooray!’, but when you realize that on average only 3 percent of HIT spend is on security when it should be a minimum of 10 percent (HIMSS) or higher…yet the choice may be better security or uncompensated patient care particularly in rural areas, what will it be for many healthcare organizations?
The article also doesn’t go far enough in the devil’s dilemma–that the Federal Government with Medicare, HITECH, meaningful use, rural telehealth and programs like Medicare Shared Savings demand more and more data tracking, sharing and response mechanisms, stretching HIT 15 ways from sundown. At the cutely named Health Datapalooza presently going on in Washington DC, data sharing is It for Quality Care, or else. Yet the costs to smaller healthcare providers to prevent that ER readmission scenario through new care models such as PCMHs and ACOs is stunning. And the consequences may be more consolidated, less available healthcare. We are already seeing merger rumors in the insurer area and scaledowns/shutdowns/buyouts of community health organizations including smaller hospitals and clinics. Also iHealthBeat.
DARPA to the rescue? The folks who brought you the Internet may develop a solution, but it won’t be tomorrow or even the day after. The Brandeis Program is a several stage project over 4.5 years to determine how “to enable information systems that would allow individuals, enterprises and U.S. government agencies to keep personal and/or proprietary information private.” It discards the current methodology of filtering data (de-identification) or trusting third-parties to secure. Armed With Science FedBizOpps has the broad agency announcement in addition to vendor solicitation information.
The report issued today by the influential Robert Wood Johnson Foundation (RWJF), ‘Data for Health: Learning What Works’ advocates a fresh approach to health data through greater education on the value/importance of sharing PHI, improved security and privacy safeguards and investing in community data infrastructure. If the above quote and the first two items sound contradictory, perhaps they are, but current ‘strict’ privacy regulations (that’s you, HIPAA), data siloing and the current state of the art in security aren’t stemming Hackermania (or sheer bad data hygiene and security procedures). Based on three key themes, the RWJF is recommending a suite of actions (see below) to build what they term a ‘Culture of Health. All of which, from the 10,000 foot view, seem achievable. The need–and importantly, the perception of need–to integrate the rising quantity of data from all these devices, pry it out of its silos (elaborated upon earlier this week in ‘Set that disease data free!), analyze it and make it meaningful plus shareable to people and their doctors/clinicians keeps building. (‘Meaningful’ here is not to be confused with the HITECH Act’s Meaningful Use.)
But who will take the lead? Who will do the work? Will the HIT structure, infrastructure and very importantly, the legal framework follow? We wonder if there is enough demand and bandwidth in the current challenged system. Release. RWJF ‘Data for Health’ page with links to study PDF, executive summary which adds details to the recommendations below, more.
In 2009, the US Congress enacted the HITECH Act, as part of a much broader recovery measure (ARRA or ‘the stimulus’), authorizing the Department of Health and Human Services (HHS) to spend up to $35 billion to expand health IT and create a network of interoperable EHRs. Key to this goal of interoperability and seamless sharing of patient information among healthcare providers was achieving stages of ‘meaningful use’ (MU) with these EHRs in practice, to achieve the oft-cited ‘Triple Aim‘ of improved population health, better individual care, delivered at lower per capita cost. Financial incentives through Medicaid and Medicare EHR programs were delivered through multiple stages of MU benchmarks for hospitals and practices in implementing EHRs, information exchange, e-prescribing, converting patient records, security, patient communication and access (PHRs).
Five years on, $28 billion of that $35 billion has been spent–and real progress towards interoperability remains off in the distance. This Editor has previously noted the boomlet in workarounds for patient records like Syapse and OpenNotes. Yet even the progress made with state data exchanges (e.g. New York’s SHIN-NY) has come at a high cost–an estimated $500 million, yet only 25 percent are financially stable, according to a RAND December 2014 study. (more…)
Neil Versel in his personal blog Meaningful HIT News notes meaningful lapses in accuracy and good communications taste from two reputable companies targeted to US medical professionals. DrChrono is a mobile ambulatory EHR tweeting about ‘cashing in’ on the HITECH Act–the program that rewards practices for achieving stages of Meaningful Use with EHRs. Sermo is a physician social networking platform that has staged a contest called ‘The Pro Football Injury Challenge’ where one will go ‘head-to-head’ with other doctors in ‘making predictions about how injuries will affect pro athletes this season.’ This Editor felt in her comments below the article that this promotion’s communication crossed the line into, on the usual two-second read, a message that it is OK to ‘play for glory’ and win prizes out of players’ real pain, injury and career disaster–a misbegotten effort to gamify real-world medical situations ostensibly for learning. Yes, both have sound messages at the core, but how they were communicated…regrettable. Both DrChrono and Sermo are nominated for ‘Blue Blazes’ because, to paraphrase Neil, ‘what are their marketers thinking?’ What do you think? And this Editor would be more than open to comments from representatives of these two companies. DrChrono and Sermo, what are you thinking?
ATA 2013’s final ‘industry executive session’, presented at the late hour when most attendees are daydreaming about a comfy chair and a solid drink, tackled one of the thornier underlying questions beleaguering health tech: return on investment (ROI). Providers want hard numbers, but even that definition is…indefinite. Is it data? Is it outcomes? Is it savings? Is it reduction in spending? For two systems or populations, it can be reducing 30-day same cause readmissions for one provider or improved outcomes in home care for another, and the results are not analogous nor even cause-and-effect. As Eric Wicklund from mHIMSS put it, “that’s the challenge, and it was the primary focus of this year’s ATA conference. The pilots are gone, the possibilities and proposals are old. It’s time to target the telemedicine and mHealth programs that are working and to explain why they are…” As GlobalMed’s Roger Downey less delicately put it, “It’s like pinning Jell-O to a wall”–but getting specific as to what should be done in the market helps. Not quite as blithe as the headline. ROI? To some of the industry’s top vendors, that’s just three letters.
Of course, EHR implementation continues to be the Rodney Dangerfield of health tech, with HITECH Act ‘Meaningful Use’ interoperability goals and patient platforms only spottily achieved despite years of generous past, present and future incentive payments. Yet one ATA presenter seriously advocated the addition of telehealth/telemedicine to MU standards, recommended that Health and Human Services become the authority and to add panels for Federal standards and policy in telemedicine as there are for health IT. Adding telehealth and telemedicine to the MU scramble will surely speed implementation ;-) (See above) Why not MU for telemedicine? (HealthcareITNews)