Syndicate content
All
Influential
News and Views

ADVANCE Perspective: HIM

December-14-2011

10:39
As the economy continues to squeeze donors, a recent report conducted by Campbell Rinker showed disturbing results-that nearly 7 in 10 Americans say they will give more sparingly to charities in the coming months. As a result, people are looking for other...(read more)

December-12-2011

13:10
(Editor's note: This guest blog was submitted by Life Coach Teri Johnson. She is a writer, speaker and personal growth expert who is the founder and President of Keeping it Personal. Here she provides tips for surviving less than perfect holidays.) For...(read more)

December-1-2011

13:05
The American Health Information Management Association (AHIMA) proudly announced that the National Commission for Certifying Agencies (NCCA) granted accreditation to AHIMA's Certified Coding Specialist (CCS) and Certified Coding Specialist-Physician-based...(read more)

November-30-2011

11:22
(Editor's note: This guest blog is written by M. Christine Kalish MBA, CMPE, Executive Consultant, Beacon Partners.) Recently the American Medical Association (AMA) passed a resolution at their 2011 Interim Meeting, mandating the group to "vigorously...(read more)

November-29-2011

8:53
(Editor's note: This blog was written by Scott Warner, author of the "Stepwise Success" column for ADVANCE for Medical Laboratory Professionals . He has been a hospital laboratory generalist for more than 30 years and manager since 1998.) According to...(read more)

November-23-2011

14:53
The Association of Health Information Outsourcing Services (AHIOS), an organization committed to promoting excellence in the handling and dissemination of confidential, patient-identifiable information, held its annual meeting in Salt Lake City, Utah,...(read more)
Blog url: 
http://advanceweb.com
All
Technical
MedTech and Devices

Medicine and Technology [part of HCPLive]

January-17-2012

22:59
The ePharma Consumer® study found that 42 percent of online adults agree that pharmaceutical companies should be involved in online health communities for consumers.


January-17-2012

22:22
Do you know how to monitor where your staff may be in terms of resistance or support for a new Electronic Health Records (EHR) system? Learn about the processes to ensure they have proper tools, training and support.


January-11-2012

17:46
To get the New Year off to a healthy start, the Office of the National Coordinator for Health Information Technology (ONC) is launching the Healthy New Year Video Challenge, the first in a series of video challenges.


January-10-2012

21:15
AMA Insurance Agency Inc., recently announced its “Take a Trip with Timmy Global Health” contest. Two winners will be selected to spend 2-3 weeks with US and developing world medical professionals working to expand access to quality healthcare in Guatemala, Ecuador, or the Dominican Republic.


January-10-2012

7:01
Get ready for the HIMSS (Healthcare Information and Management Systems Society) annual conference where attendees will learn about topics like Meaningful Use, HITECH, HIE, standards, interoperability and more.


January-9-2012

7:01
In the New Year, save some time out of your busy schedule. Here are 3 simple tips from Doximity physicians that can help you do that.


All
MedTech and Devices

Healthcare & Technology

January-4-2012

8:54

CalendarLink: Thoughts on the Year Ahead

John Halamka presents his ideas about the major issues for 2012..

ICD10 - John predicts 25% of IT capacity will be consumed by ICD10 this year. Not good...

Meaningful Use Stage 2 including inpatient clinical documentation - now this is exciting. Potential criteria will likely include improvements to clinical records that improve care coordination and communication between providers. John suggested use of templates and social-networking like group documentation.   

ACO Planning - The reform changes for ACOs will include focus on prevention and wellness. New business intelligence (BI) and clinical decision support (CDS) capabilities will be helpful in meeting these goals.

Compliance - Compliance issues will include "conflict of interest tracking, learning management systems for compliance education, and enhanced revenue cycle systems that provide decision support."

Security - yes, the past year had a long list of data breaches, malware, and mobile devices so security of PHI must be improved, particularly if we intend to move clinical decision support to the bedside or engage in Health Information Exchanges.



January-3-2012

10:15

BinocularsLink: A New Year's Forecast For The Health Care Bill

NPR topics presents a summary of the impact to the Affordable Care Act in a discussion between Audie Cornish and Noam Levey of the Los Angeles Times.

 

 


HSGLogo Looking for best of breed HIPAA Training?

To stay current on the HITECH Act and its quickly changing regulatory scheme visit the HITECH Survival Guide website and/or sign up for our free monthly compliance newsletter. Also, check out our FREE EHR Checklist.

If you need tools that will help with your compliance initiatives then check out the HSG Store. Do you need an Internet Lawyer with HITECH /HIPAA experience?

 


December-29-2011

9:46

Link: Usability and Successful EHR Meaningful Use

Recently the ONC posted on the Health IT Buzz Blog about the "challenges providers face in achieving Meaningful Use of electronic health records (EHRs)."

The concept of "useability" has long been known in other industries where new technology or applications enter the workplace. Some time ago I wrote about usability of health IT, however I expanded the definition to include a few more "E-bilities" as shown in the following graphic contained in the post: Part 4 of The Value of the Internet for Improving Healthcare.

This is the last post in the series and it focuses on capabilities, or "e-bilities" of technology to improve healthcare. Regardless of the mode of use (e.g. email or internet), technology must be easy to use, secure, reliable, and accessible.

E-bilities

For the past year, the SHARPC-Project 1 has focused on making use of technology easier for clinicians. One ONC staff member, Jacob Reider, MD had some interesting comments that focused on "The User Experience." His comments spanned the continuum of User Experience with a framework for how tools and/or applications can/should evolve.

Quotefirebrick

 

Functional (it does what it is claimed to do)
Reliable (it works consistently)
Usable (it works in a way that is consistent with the user’s expectations)
Meaningful (it does something important or valuable)
Pleasurable (it is enjoyable to use)

So, I will end with one thought. Even if the system meets "Useability" standards for clinicians, achieving quality health data analytics still requires that accurate, timely and quality data is entered into the EHR avoiding the Garbage In-Garbage Out phenomenon. 



December-27-2011

15:35

KeysLink: 8 Key issues for population health management in 2012

This article in Healthcare IT News caught my eye. A white paper written by the Care Continuum Alliance described significant market movement toward accountability and value driven healthcare outcomes as a result of collaborative models, such as ACOs. However, there are 8 key issues that could affect population health management in 2012:

  1. Accountable care and the Medicare Shared Savings program
  2. Consumer use of mobile and eHealth technologies
  3. Reducing avoidable hospital readmissions in Medicare
  4. Quality improvement in Medicare advantage
  5. Opportunities to support insourced programs
  6. Improving care coordination for dual eligibles
  7. Federal support for prevention and wellness
  8. Development of ACA health insurance exchanges

Each of these items contains a plethora of complex issues that will require agreement, alignment, and cooperation between distinct parties. In order to simplify my thoughts on this topic, I offer the following.

Accountable care and collaborative models certainly provide the opportunity with electronic records to capture and disseminate research and/or de-identified clinical data for surveillance. The link to "accountability" also provides the impetus to develop predictive analytics, a personal favorite.

It is well known that mobile technology, including smart phones, are changing the nature of "computer use" and internet access. According to the article the author stated that "a patient-centered, consumer-empowered, pull-rather-than-push model will dominate, with social media in a position of importance."

Reducing re-admissions? Well, we should already be doing this, unfortunately the quality of healthcare in certain situations, or the variable factors in a patient's condition and care makes this a tough goal to reach all the time. However, Medicare tracking is looking a 3 conditions - heart failure, acute myocardial infarction and pneumonia.

Finally, the other items tout the value of competitive forces in healthcare resulting from support of "insourced programs," development of health insurance exchanges in 2014, and the single idea that is near and dear to a nurse - support for prevention and wellness!

Prevention and wellness has not been a priority for most clinicians due to its non-reimbursable status. Let's hope that changes. Since the Prevention and Public Health Fund is under discussion, Medicare added annual wellness visits and expanded coverage of obesity and cardiovascular disease prevention services.

2012 brings a year of great change and challenge. Best wishes to all for a safe, happy, and prosperous new year!

 


December-14-2011

14:52

As clinicians, do we ever wonder how excellent patient care can be achieved? Do we become too involved in our deadlines, our tasks, or our own needs and lack the time to reflect and to improve? It is certainly an issue in today's healthcare environment as the delivery of care changes in the path to Meaningful Use...

Well, I watched this video today, posted by Brian Ahier. It is an epic portrait of how one individual came up with an idea that would provide quality care/experience to customers.

Click this link to watch the video - a moving and heart-felt story.

The Simple Truths of Service: Inspired by Johnny the Bagger 

May you have a Happy and Safe Holiday Season!


December-10-2011

8:48

The HIPAA Survival Guide's Privacy Rule Under HITECH Webinar will help get you up to speed on how the HITECH Act has impacted the HIPAA Privacy Rule and how marketplace trends are impacting it as well. The webinar will walk you through the Privacy Rule and discuss the effect that the HITECH Act has had under three major sections: 1) uses and disclosures of PHI contained in sections §164.502 through §164.514; 2) the Patient's Bill of Rights contained in sections §164.520 through §164.528; and 3) the Administrative Requirements contained in Section §164.530.

Date: December 13, 2011. 

Time: 2:00 to 3:30 EST. 

To register CLICK HERE

 


HSGLogo Looking for best of breed HIPAA Training?

To stay current on the HITECH Act and its quickly changing regulatory scheme visit the HITECH Survival Guide website and/or sign up for our free monthly compliance newsletter. Also, check out our FREE EHR Checklist.

If you need tools that will help with your compliance initiatives then check out the HSG Store. Are you for an Internet Lawyer with HITECH /HIPAA experience? 


All
MedTech and Devices

healthTech.accordingtome.com

April-29-2010

18:08

I just have three things to say. First of all, the word is pronounced PRE-scription not PER-scription.

Secondly, if we’re talking medicinal, you want to know something that is broken in the health care system? I’ll tell you: pharmacies. What value does a pharmacist add? None. They can be immediately replaced by vending machines and websites (thx, Zach.) I can read my own labels, thank you very much.

Finally, why are many non-addictive medications by prescription anyway? Here’s an example: ibuprofen. You can buy OTC ibuprofen, and they usually come in 200mg tablets. 200mg doesn’t do anything useful, so what do people do? They take 4-8 of them. If you go to a doctor with a bad headache, they’ll prescribe you ibuprofen in 800mg tablets. I’m sorry Mom, but that’s retarded. Ibuprofen doesn’t need to be by prescription. Here’s another: Liptor. Lipitor is used for reducing cholesterol. “But wait,” Mr. Wily protests, “what if a user bought Lipitor and decided to take more than the label suggested? That would be bad.” Indeed, but the side effects of Lipitor are headache and muscle soreness, hardly cause for alarm. On the other hand, too much of lots of OTC drugs can be harmful as well. For example, excessive Tylenol can hurt your liver, but Tylenol isn’t by prescription. Why?

While I’m at it, doctors themselves are close to obsolete. The Internet is making elite bearers of information unnecessary. When I last went to the doctor for a checkup, he GOOGLED a symptom during our visit. GOOGLED. I can google. Thanks for charging me for your web surfing.

That’s all.

January-26-2010

11:42

What’s wrong with Medicine today?

Let’s design the most inefficient, error-prone, hackable system for transmitting medical information.

We’ll start by having persons with notorious handwriting, doctors, scribble in code onto a piece of paper.

Then, the afflicted person (the patient) jams that paper into their pants’ pocket and carries it down to a non-doctor (a pharmacy tech), who attempts to decipher the information and enter it into the computer.

If it’s a new pharmacy or a new doctor, they have NO IDEA what you’ve been prescribed before, or what you’re currently taking.

Why, why, why?

October-10-2007

11:58

clooney.jpgActor George Clooney was admitted last month to the the Palisades Medical Center after a motorcycle accident. The temptation to look at Mr. Clooney’s medical file was just too much a couple dozen unauthorized employees to withstand. 27 people looked. 27 people are now suspended for a month without pay according to CNN.com. Sadly, the impetus for the investigation was not that they viewed Clooney’s records without cause, but that they leaked information to the press… HIPAA, it’s got (some) teeth now.

October-4-2007

15:45

microsoft-black.jpgMicrosoft, the megalithic, oft-hated vendor of  only marginally-useful software, announced today in the Wall Street Journal that it would be offering free personal health records on the Web via its HealthVault system. Why *anyone* would trust the likes of Microsoft with their health information is beyond my comprehension. Still, proving once again that CEOs continue to make technology decisions instead of CIOs, Microsoft managed to signup an impressive roster of partners, including: American Heart Association, Johnson & Johnson LifeScan, NewYork-Presbyterian Hospital, the Mayo Clinic and MedStar Health, a network of seven hospitals in the Baltimore-Washington region.

On the upside, they did get the permissions model right, “Its privacy controls, the company said, are set entirely by the individual, including what information goes in and who gets to see it.” That said, the WSJ article goes on to mention that the data, stripped of some identifiers, will be data mined by third parties.

The news of this launch prompted a Slashdot reader to quip, “[this brings a] whole new meaning [to the blue screen of death.]

Would you trust Microsoft with your personal medical information?!?

September-22-2007

13:21

index.gifIt’s no secret that many doctors are, if not technophobic, at least VERY SLOW to implement new technologies. To wit, according to the report called “Health Information Technology in the United States: The Information Base for Progress,” only one in four doctors (24.9 percent) use EHRs to improve how they deliver care to patients.1 Fortunately, our Luddite physician friends are being joined by Gen X’ers, who, having grown up with computers, are not afraid to break out of the restraints of paper forms and charts.

One of these early adopters is Jay Parkinson, MD, MPH (from Penn State and Johns Hopkins.) Jay is an EMR-enabled, private physician practicing in Brooklyn. Jay prefers to “e-visit [his patients] by video chat, IM and Email for problems that don’t require an actual face-to-face visit. It’s the future of cost-effective medicine.” All of that, plus two home/work visits a year for $500.00. Jay also gives out his cellphone to his patients.

Can you video conference with your doctor?

1. http://answers.google.com/answers/threadview?id=785923

August-23-2007

17:50

happy.gif Recently a number of websites have been offering “real age” calculators which, upon asking a number of health/lifestyle questions, attempt to predict how long you will live. The difference between how long you are going to live and how long people live on average determines your “real age.” If, for example, you are a heavy smoker with a family history of heart disease, you might have been born 28 years ago, but your real age could be closer to 35. As a measure of its popularity, even Oprah and her ilk have been jumping on the real age bandwagon.

These real age calculators are not without their faults however.

  1. No (or little) research is offered to substantiate their healthcare calculations
  2. The numbers are frequently a little *too* clean (what are the chances that all bad things raise your real age by EXACTLY 1 year?)
  3. No distinction is made between elements you can and cannot control
  4. At the end of the survey, no action items are provided to allow the user to alter their Real Age. After all, unless you can glean some ACTIONABLE INTELLIGENCE from the results, these calculators are ultimately of little utility.

After seeing the calculator at http://www.poodwaddle.com/realage.htm, I spent a few hours reverse engineering it. healthtech’s real age calculator is an attempt to rectify the aforementioned deficits.

  1. Based on XML: see the real age XML now: download and modify the XML as new scientific studies are released. add your own questions, etc.
  2. Open Source: download the Real Age code and run it yourself
  3. Better health summary at the end (action checklist)
  4. Items are distinguished as controllable or not

RemedyMD’s tagline is “Better Data, Better Decisions, Better Outcomes,” and you might be tempted to think that better data leads automatically to better decisions, but that is not always the case. More often, it is the application of intelligent analytic algorithms (predictive informatics, if you will) which transforms the raw data into actionable information. A lot of EHR systems collect medical history, for example, but how many of them process that information to produce actionable knowledge?

What is your Real Age?!?

Blog url: 
http://healthtech.accordingtome.com
All
MedTech and Devices

eHealthRisk

January-4-2008

7:39
The US-based Electronic Privacy Information Centre and the UK-based Privacy International have released a comprehensive report on the state of privacy around the world. How solid are your privacy rights?

If you live in the US or UK you are in the same class as those living in Malaysia, Russia and China. People living in Greece, Romania (go figure, given where Romania was a couple of decades ago), and Canada fair the best, though Canada's ranking slipped two levels from "Significant protections and safeguards" to "Some safeguards but weakened protections". Among the other findings:
The study is well worth a look.

January-3-2008

7:53
One of the business risks that come up time and time again in discussions about eHealth is the supply of people knowledgeable about both IT and health care. It seems that there are lots of one or the other, but few who understand both dimensions of a very complex business. Yet there is little effort being applied to increasing the pool of talent needed to address the demand for skilled human resources.

There are a number of university and college programs across the country (link here for a survey of HI programs across Canada published by the Waterloo Institute for Health Informatics Research (WIHIR), but they graduate relatively few health IT practitioners... certainly not enough to fill the demand.

COACH, Canada's Health Informatics Association, has recently published a list of core competencies needed by Health Informatics Professionals (unfortunately its only available to COACH members), but again, there is no strategy to provide educational opportunities for those who need it.

The Healthcare Information Management and Systems Society (HIMSS) has recently implemented a certification program (Certified Professional in Healthcare Information and Management Systems (CPHIMS)) that is taking us in the right direction.

The University of Waterloo's Health Informatics Bootcamp program developed and delivered by WIHIR is highly recommended because it addresses a critical need to quickly educate health care and IT professionals on the intricacies of health informatics.

If we are to succeed in driving out eHealth at the pace promoted by politicians and their instruments such as Canada Health Infoway (and other national equivalents), more investment is needed in the educational programs necessary to develop a competent health informatics workforce.

January-2-2008

8:38
After a hiatus of a couple of months, I'm finally back to eHealthRisk. I have two announcements for those who are interested:
  1. Starting today I have taken on the position of President of the Canadian Health Information Technology Trade Association (CHITTA), the health care division of the Information Technology Association of Canada (ITAC). This will get me back into the game following my year long sabbatical studying all dimensions of eHealth risk.
  2. The Waterloo Institute for Health Informatics Research has posted the next series of eHealthRisk Workshops. New this year is the eHealth Information Security Workshop whose inaugural run will be from March 26 to 28, 2008 at the University of Waterloo.
And my New Year's resolution... To religiously apply myself to this eHealthRisk Blog.

Brendan

November-21-2007

8:30
Canada Health Infoway, Health Canada and the Privacy Commissioner of Canada commissioned and have published a comprehensive survey of Canadian attitudes towards Electronic Health Records and Privacy titled Electronic Health Information and Privacy Survey: What Canadians Think - 2007.

From the Press Release:

Almost nine in 10 Canadians (88 per cent) support the development of EHRs -- a five per cent increase since 2003. Other findings include:
  • 31 per cent of respondents reported they had experience with an electronic health record during an interaction with the health care system. When asked to how the EHR system compared to the paper system in terms of overall effectiveness for the health care system, an overwhelming majority (89 per cent) said the electronic system was better.
  • 87 per cent of Canadians believe electronic health records will make diagnosis quicker and more accurate, while 82 per cent believe they will reduce prescription errors and 84 per cent would like to be able to access their own medical records online.
  • Canadians want to ensure that privacy and security safeguards are in place to protect their health information. 77 per cent would like audit trails that document access to their health information. 74 per cent want strong penalties for unauthorized access. 66 per cent of Canadians want clear privacy policies to protect their health information. In the event of a security breach, 7 in 10 want to be informed and would like procedures in place to respond to such breaches.
  • Those who have had experience with an electronic health record showed an even stronger support for privacy and security safeguards.
  • A majority of Canadians (55 per cent) would like to be able to hide or mask sensitive information contained in their record.
  • While the poll shows strong support (84 per cent) for using anonymous information from electronic records for health research, this support drops dramatically if personal details are not removed from the record (50 per cent).

November-15-2007

4:57
Alberta's Privacy Commissioner, Frank Work, is the second Canadian privacy commissioner to demand the encryption of personal health information on laptop computers following the theft of four laptop computers from a Capital Health facility. From the OIPC press release:

"The investigation outlines the following steps that must be taken to protect health information stored on a mobile device in order to meet requirements of the HIA:
  • There must be policies and procedures that users are aware of and educated on that guide proper use of the device,
  • Reasonable steps must be taken to physically secure the device,
  • There must be a business need to store health information on the device,
  • The device must be password protected, and
  • Health information stored on the device must be protected by properly implemented encryption."

October-29-2007

7:32
US Privacy Guru Alan Westin has recently undertaken a study on behalf of the US Institute of Medicine on public attitudes concerning privacy and health research. Modern Healthcare Online has published a two part article on his findings (for part 1 click here - for part 2 click here). From the article:
"The good news for the research community is, despite a plethora of media reports on privacy and security breaches in the healthcare industry, most people still respect the aims of researchers and are willing to support their work.

The bad news is, perhaps because of these highly publicized privacy failures, people need more assurance than in the past that their healthcare information will be protected and, particularly, not end up being misused in ways that could hurt them. This new reality will necessitate some consciousness-raising on the part of researchers, who historically have seen themselves as the guys in white hats who should be above suspicion, according to Westin."

Blog url: 
http://www.ehealthrisk.blogspot.com/
All
Technical

A Scanner Brightly

December-8-2010

12:46
This article was written by Jodi Smith of HealthInsuranceQuotes.org, an online resource for those seeking the best health insurance quotes. HMO, PPO, POS… Huh? If you look at these commonly used acronyms and are completely clueless as to what they … Continue reading

October-26-2010

20:16
Back in 2002 I was asked to make a hospital-level report card for a couple dozen hospitals in New York on some Pneumonia measures. Seemed like a fun project, and it went off without a hitch. Since then I have … Continue reading

May-12-2010

9:43
My boss – Dr Anthony Shih – is co-author of the chapter “Achieving the Vision: Payment Reform” in the recently published book “Partners in Health”, available in Hardcover and Kindle. Partners in Health: How Physicians and Hospitals can be Accountable … Continue reading

May-3-2010

10:04
As many of you already know, health care transparency evangelist Paul Levy, CEO of BIDMC in Boston, is having a bit of of trouble with his professional life apparently colliding with his personal life. Details are unknown, but include an inappropriate relationship with a subordinate. Mr Levy apologised to his staff via e-mail for his lapse in judgement, and little else is known. Continue reading

March-24-2010

8:40
ATLANTA, Georgia, March 19, 2010 (LifeSiteNews.com) – A new poll reveals that President Barack Obama’s health care reform may push as many as a third of the nation’s practicing doctors into shuttering their offices and getting out of the medical … Continue reading

March-22-2010

12:12
I received a link this morning to a cutesy video wherein Doctor Marshall advocates for Congress to come visit a hospital on a field trip and truly learn what’s broken in health care. Obviously, a day late for me, but … Continue reading
Blog url: 
http://ascannerbrightly.blogspot.com
All
Technical
MedTech and Devices

IT for Healthcare

May-30-2007

10:12

We were included in a nice article on EMR consulting and it's impact on adoption.

Waldren says it often becomes a quandary for physicians           because they don’t have the financial resources or desire to pay           for expert advice, but they are reluctant to start the process of EMR           adoption due to fears that the wrong decisions will be made. “You           need to show value, and you need to build trust. Those are the two things           consultants have to answer for,” Waldren emphasizes. “I           do see some uptake [with EMR consultants], but I also see that they           have a difficult marketing challenge ahead of them [with physicians].”

That pretty much encapsulates both the article and our feelings on the subject.  But do click through so you can read my quotes!

March-16-2007

12:39

Buzz is growing for Sermo, an online information sharing community "developed by physicians, for physicians."  Check it out.

Welcome to the only online community where physicians around the nation exchange the latest medical insights with each other and improve patient outcomes - 24/7.

Link

March-16-2007

12:36

We've posted on Practice Fusion before here and the feedback we've heard was that using "de-identified" patient data to subsidize a free EHR was going to be a serious problem.  Practice Fusion just announced a partnership with Google wherein the web-based application will still be delivered for free but now it will be subsidized by advertisements that come up based on keywords in the patients' records.  No word as to whether the initial model has been scrapped or if this new concept is complementary.  One thing's for certain, it still raises the hackles of privacy advocates.

"It still comes down to the fact the company is using people's sensitive, personal information for profit," said Allison Knight, staff attorney for the Electronic Privacy Information Center in Washington.

Link

March-15-2007

9:49

We've seen much debate in the past on security and patient privacy.  Here's a brief reminder that (as we've argued) security is an ongoing process and not a one time fix.

“There’s nothing in security that you can do once,” says Kate Borten, president of the Marblehead Group, a consulting firm in Marblehead, Mass. “Risk assessment never stops. This is supposed to be ongoing.”

Everyone benefits when organizations focus on putting policies in place that make it more difficult to steal (or lose) sensitive data.

March-14-2007

11:04

FierceHealthcare.com posts on a recent survey of "550 randomly chosen general internists" that suggests that primary care physicians agree in principle that physicians should be rewarded for a high level of care but are not happy with the current P4P schemes.

While most PCPs felt that physicians should be rewarded for providing high quality care--provided that the measurements were accurate--less than one-third felt that current measures would do the trick. A majority (66 percent) felt that health plans and the government were unlikely to exert the effort to make such measures accurate. Roughly eight out of ten worried that pay for performance schemes would force doctors to avoid high-risk patients--or even kick such patients out of their practices.

Link

March-14-2007

10:45

Tim Gee at Medical Connectivity Consulting reviews the latest entry on the medical tablet scene.

Did I mention it has a 12 hour battery life? Wow, I'm impressed. We have yet to reach perfection, but this device comes close for a clinician carried use model. This is a very, dare I say, sexy device.

Unfortunately the target market is physicians. There are several large institutions that could spring for a device like this, but nothing like a majority of the hospital market. Another bit of a miss is targeting EMR applications - actual EMR adoption is quite a bit behind all the hype - although the early adopters will probably be the large institutions who might actually buy something like this for their physicians (places like Kaiser, Cleveland Clinic, Mayo and large university teaching hospitals come to mind).

Link

Blog url: 
http://calyxllc.typepad.com
All
Influential
Technical
MedTech and Devices

Health Care Law Blog

January-3-2012

10:31
The West Virginia Health Care Authority has announced the 2012 certificate of need capital expenditure minimum threshold of $2,916,104. The new threshold is effective beginning January 1, 2012. The threshold is used as a part of the analysis by health care providers who must determine whether or not a certificate of need is required for a proposed project or health care acquisition. 

Pursuant to W.Va. Code 16-2D-2(h) and (s), the Authority is required to adjust the expenditure minimum annually and publish an update of the amount on or before December 31 of each year. The expenditure minimum adjustment isbased on the DRI inflation index published in the Global Insight DRI/WEFA Health Care Cost Review. The DRI inflation index as of December 31, 2011 is 2.9%.

December-23-2011

8:40

Happy Holidays to my clients, health care and lawyer colleagues, and other readers of the 
Health Care Law Blog
 I appreciate your continued support and hope that 2012 
will be as exciting and wonderful as this past year.
See you in 2012! 


In years past I have sent out our standard Flaherty Sensabaugh Bonasso PLLC holiday card to thank my clients for trusting our firm with their business and my colleagues for all they do for me throughout the year. Instead, this year I decided to go GREEN and red by sending out an e-greeting and
do a holiday blog post with our firm's holiday greeting card.
We all play an important role in maintaining the environment.Thanks!

November-24-2011

9:41
The Engage with Grace Project is an effort to raise awareness of the importance of end of life care planning and discussing your wishes with your family and friends.

Dr. Bryan Vartabedian captures the simplicity of the project in his post, "It began with a simple idea: Create a tool to get people talking. Their tool is a slide with five questions designed to initiate dialog about our end-of-life preferences."  Take time during the Thanksgiving weekend to "occupy the dinner table" with your family and friends. Discuss the 5 questions below and share your thoughts and feelings.
 
This is my 4th year participating in the Engage With Grace Project. What prompted me to start participating? It was having the opportunity to watch Alexander Drane tell Za's story at the 2008 Health 2.0 Conference. Her story personally connected as I shared in my 2008 blog post.

West Virginia is often negatively portrayed nationally at the bottom or top in national health rankings. However, it is great to see West Virginia leading the way on end of life care planning. 49% of West Virginians have filled out at least one advance directive -- the highest among all states reporting these statistics. However, this statistic shows how few of us actually take the time and effort to document our wishes. More than 1/2 of the population have left these difficult decisions to be made by their family and health care providers. This statistic shows the importance of the Engage With Grace message.

For West Virginia readers who want to learn more about end of life care check out the resources provided by the West Virginia Center for End of Life Care. There is valuable information for health care professionals to "Why and how to have end-of-life discussions with your patients", "Accessing Decision Making Capacity", and POST (Physicians Order for Scope of Treatment) Forms.  The website also provides FAQs, educational videos, and forms, including the standard West Virginia Advanced Directive Forms.

West Virginia is also creating the e-Directive Registry in conjunction with the West Virginia Health Information Network (WVHIN), West Virginia's health information exchange (HIE). The e-registry will store advance directive forms, Physicians Orders for Scope of Treatment forms, and do not resuscitate cards. The registry will allow treating health care providers to access the stored information 24/7 from around the state through the WVHIN. Most importantly, the registry will be accessible by you and I as health care consumers to verify the accuracy of our wishes. 

Following is the 2011 blog post by the Engage With Grace Team -- Occupy With Grace. Help spread the word this Thanksgiving weekend by telling your end of life care story and posting the message below. You can get the HTML to post here.
 
Occupy With Grace
 
Once again, this Thanksgiving we are grateful to all the people who keep this mission alive day after day: to ensure that each and every one of us understands, communicates, and has honored their end of life wishes.
Seems almost more fitting than usual this year, the year of making change happen. 2011 gave us the Arab Spring, people on the ground using social media to organize a real political revolution. And now, love it or hate it - it's the Occupy Wall Street movement that's got people talking.
Smart people (like our good friend Susannah Fox) have made the point that unlike those political and economic movements, our mission isn't an issue we need to raise our fists about - it's an issue we have the luxury of being able to hold hands about.
occupy_with_grace_logo
It's a mission that's driven by all the personal stories we've heard of people who've seen their loved ones suffer unnecessarily at the end of their lives.

It's driven by that ripping-off-the-band-aid feeling of relief you get when you've finally broached the subject of end of life wishes with your family, free from the burden of just not knowing what they'd want for themselves, and knowing you could advocate for these wishes if your loved one weren't able to speak up for themselves.

And it's driven by knowing that this is a conversation that needs to happen early, and often. One of the greatest gifts you can give the ones you love is making sure you're all on the same page. In the words of the amazing Atul Gawande, you only die once! Die the way you want. Make sure your loved ones get that same gift. And there is a way to engage in this topic with grace!

Here are the five questions, read them, consider them, answer them (you can securely save your answers at the Engage with Grace site), share your answers with your loved ones. It doesn't matter what your answers are, it just matters that you know them for yourself, and for your loved ones. And they for you.

theoneslide

We all know the power of a group that decides to assemble. In fact, we recently spent an amazing couple days with the members of the Coalition to Transform Advanced Care, or C-TAC, working together to channel so much of the extraordinary work that organizations are already doing to improve the quality of care for our country's sickest and most vulnerable.

Noted journalist Eleanor Clift gave an amazing talk, finding a way to weave humor and joy into her telling of the story she shared in this Health Affairs article. She elegantly sums up (as only she can) the reason that we have this blog rally every year:
For too many physicians, that conversation is hard to have, and families, too, are reluctant to initiate a discussion about what Mom or Dad might want until they're in a crisis, which isn't the best time to make these kinds of decisions. Ideally, that conversation should begin at the kitchen table with family members, rather than in a doctor's office.
It's a conversation you need to have wherever and whenever you can, and the more people you can rope into it, the better! Make this conversation a part of your Thanksgiving weekend, there will be a right moment, you just might not realize how right it was until you begin the conversation.
This is a time to be inspired, informed - to tackle our challenges in real, substantive, and scalable ways. Participating in this blog rally is just one small, yet huge, way that we can each keep that fire burning in our bellies, long after the turkey dinner is gone.
Wishing you and yours a happy and healthy holiday season. Let's Engage with Grace together.

To learn more please go to www.engagewithgrace.org.This post was developed by Alexandra Drane and the Engage With Grace team.

November-9-2011

6:39
Today the Office for Civil Right (OCR) announced details of a pilot program to perform up to 150 audits of covered entities to assess privacy and security compliance under HIPAA. OCR will be conducting the audits between November 2011 and December 2012.

The days of waiting for HIPAA privacy and security enforcement activities are over. The announcement of these planned audits will get the attention of health care providers who have failed to focus on HIPAA privacy and security compliance efforts. The announcement will remind all health care providers to maintain an active, current HIPAA privacy and security compliance program.

OCR provides more detail on the audit program on the OCR HIPAA Audit Program page, including this description of the program objectives:
The audit program serves as a new part of OCR’s health information privacy and security compliance program. OCR will use the audit program to assess HIPAA compliance efforts by a range of covered entities, Audits present a new opportunity to examine mechanisms for compliance, identify best practices and discover risks and vulnerabilities that may not have come to light through OCR’s ongoing complaint investigations and compliance reviews. OCR will broadly share best practices gleaned through the audit process and guidance targeted to observed compliance challenges via this web site and other outreach portals.
The OCR HIPAA Audit Program page also provides detail on when the audits will begin, who will be audited, how the audit process will work, and what will happen after the audit. The information indicates that they will select a broad range of covered entities for the first round of audits and that business associates will be included in future audits.

OCR provides the graphic below to help describe how the audits will be performed. Covered entities will be selected, notified, and asked to provide documentation of privacy and security compliance efforts within 10 business days. An onsite visit will occur and interviews will be performed. A draft report will be provided to the covered entity and there will be a procedure for the covered entity to discuss the areas of concern raised in the audit and describe any corrective action they may implement.

July-8-2011

15:08
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that the University of California at Los Angeles Health System which includes UCLA Ronald Reagan Medical Center, UCLA Santa Monica Medical Center, and Orthopedic Hospital, Resnick Neuropsychiatric Hospital, and the Faculty Practice Group of UCLA (UCLAHS) has agreed to settle potential violations under the HIPAA Privacy and Security Rules for $865,500. Read the OCR press release.

The settlement highlights that hospitals, physicians, and other covered entities must understand the importance of monitoring the level of access workforce members have to medical and health information. Covered entities must have policies and procedures in place and educate workforce members about only accessing records for necessary and permissible purposes. This settlement resulted from an investigation by OCR after certain celebrity/VIP patients at the UCLA facilities complained that hospital staff, including unauthorized physicians, had inappropriately accessed their health and medical information.

UCLAHS agreed to a Corrective Action Plan for a period of three years under the terms of the Resolution Agreement. The Corrective Action Plan requires UCLAHS to review/update its current HIPAA policies and procedures, conduct follow up workforce training, monitor compliance and submit a monitoring plan, and submit an implementation report and annual reports to OCR. of can be found attached to the Resolution Agreement.

The Resolution Agreement described the events that occurred that lead to the settlement as follows:
On June 5, 2009 and June 30, 2009, HHS began investigations of two separate complaints alleging that the Covered Entity was in violation of the Privacy and/or Security Rules. The investigations indicated that the following conduct occurred (“Covered Conduct”):
(i) During the period from August 31, 2005 to November 16, 2005, numerous Covered Entity workforce members repeatedly and without a permissible reason examined the electronic protected health information of Covered Entity patients, and during the period from January 31, 2008 to February 2, 2008, numerous Covered Entity workforce members repeatedly and without a permissible reason examined the electronic protected health information of a Covered Entity patient.

(ii) During the period 2005-2008, a workforce member of Covered Entity employed in the office of the Director of Nursing repeatedly and without a permissible reason examined the electronic protected health information of many patients.

(iii) During the period 2005-2008, Covered Entity did not provide and/or did not document the provision of necessary and appropriate Privacy and/or Security Rule training for all members of its workforce to carry out their function within the Covered Entity.

(iv) During the period 2005-2008, Covered Entity failed to apply appropriate sanctions and/or document sanctions on workforce members who impermissibly examined electronic protected health information.

(v) During the period from 2005-2009, Covered Entity failed to implement security measures sufficient to reduce the risks of impermissible access to electronic protected health information by unauthorized users to a reasonable and appropriate level.
 More information and background can be found in the iHealthBeat article, UCLA Health System Agrees to Pay $865K over Privacy Breaches, including a link to a statement on the settlement issued by UCLH Health System.

July-6-2011

19:49
Today the United States Court of Appeals for the 4th Circuit affirmed a ruling by the district court in West Virginia which sustained a disallowance of federal funding by the Centers for Medicare & Medicaid Services (CMS) against the West Virginia Medicaid Program.

The 4th Circuit Decision in West Virginia Department of Health and Human Resources, Bureau for Medical Services vs. Kathleen Sebelius, et al. ruled that CMS acted within its authority when it withheld from the West Virginia Department of Health and Human Resources, Bureau of Medical Services, West Virginia'a Medicaid Program (DHHR) approximately $634,000 (which was reduced to approximately $446,000)in Medicaid funding, which represented it share of overpayment made to providers as a result of Dey, Inc., a pharmaceutical company, alleged fraud. CMS notified DHHR of the disallowance after Dey entered into an $850,000 settlement of claims brought by the West Virginia Attorney General on behalf of West Virginia under West Virginia's Consumer Credit and Protection Act.

The disallowance by CMS was calculated by multiplying the state's estimated damages allocable to Medicaid, approximately 67% by the settlement amount adn then multiplied this figure by West Virginia's FMAP rate of 78.14% to arrive at the $446,000 amount. The HHS Department of Appeals Board concluded that this allocation methodology was reasonable.

I have only done an initial review of the decision and won't go into the merits of the arguments at this time. Read the full decision for a more complete understanding of the decision and check out today's article in the Charleston Daily Mail.
Blog url: 
http://healthcarebloglaw.blogspot.com/
All
MedTech and Devices

Medical Connectivity

January-4-2012

12:37

I received several items in my email regarding different organizations’ proclamations for 2012.  Most of them predict that 2012 will be the year for mHealth to ‘break-out.’  Here are 5 examples:

  1. HIMSS 2012 is focusing on mHealth with several sessions and will have a kiosk on the vendor floor which features speakers on the mobile aspect of healthcare
  2. AAMI has published in their IT World column a synopsis of mHealth (requires login credentials)
  3. Here in Europe, the Mobile World Congress, Barcelona Feb 2012, sponsored by the GSM Association, has a track devoted to mHealth (filter for Mobile Health), a day of demonstrations and a specific plan on embedded mobile medical functionality.
  4. Additionally, the FDA has come out with draft guidance and has promised final guidance regarding mobile medical apps.  The European Commission has entered into an MOU with the HHS to work together on the regulatory aspects of healthcare.  I wouldn’t be surprised if they come out with similar regulatory guidance regarding mHealth as that promulgated by the FDA.
  5. Lastly, from a market perspective, “The mobile health market has a year-over-year growth rate of around 17% since 2010 and is estimated to be worth $2.1 billion at the end of 2011. The report also said the mobile health market is expected to grow …. nearly 22% from 2012 to 2014.”

One might ask, what is mHealth?  It has many different definitions and from a product offering perspective could range from texting information on a mobile phone to a provider and/or specifying a provider geographical location to a patient to bi-directional interaction with a medical device to/from an electronic medical record application via mobile phone or telecommunications frequencies (or the medical device could be embedded with the mobile telecommunication appliance).  As with the traditional Healthcare industry, as one progresses up the interaction functionality chain, the design and interoperability gets more complex.  Most of the latest news items I read about successful mHealth applications describe the ‘easier’ applications:  texting, scheduling, location, etc.  There is still growth and development in the marketplace for interactive medical-device integrated/connected products.  Additionally, from a market perspective, most of the current product offerings are proprietary in nature and vertically integrated.

Mobile telecommunication vendors are keenly interested in providing for the healthcare market.  They are closely watching as well as working to influence the regulatory environment.  From a provider perspective, this means adding another large player to the mix.  You may already provide some internal mobile telecommunications support, but providing healthcare monitoring over that infrastructure changes the rules of the game.  In addition, the mobile telecommunications market plays to the consumer market, which has faster turnaround times, and higher customer expectations.  The consumer market expects the ability to smoothly transition service when changing a ‘product provider.’  In addition, with social media, the pressures are higher; witness the recent policy and product turnaround of Verizon to a charge for customers using a specific billing mechanism.  The healthcare provider is not used to this type of oversight or pressure yet.

Down in the healthcare provider trenches, testing remote monitoring and the use of mobile telecommunications offerings continues.  Here in Europe there are two larger projects that are interested in demonstrating the efficacy of remote monitoring.  One, the Whole System Demonstrator based in England and their National Health System (NHS),  has just published its preliminary results.  Another, Renewing Health, is based on a nine European country pilot for remote monitoring of chronic diseases. In the case of the Whole System Demonstrator, initial results have been very positive for the clinical outcomes regarding the use of remote monitoring models for chronic disease management with a “15% reduction in A&E visits, a 20% reduction in emergency admissions, a 14% reduction in elective admissions, a 14% reduction in bed days and an 8% reduction in tariff costs” along with a “45% reduction in mortality rates.”

Renewing Health is still in its trial period, however, the initial technical results have been published.  A basic summary of the technical aspects of the nine solutions follows:

  1. All pilots sites used proprietary solutions,
  2. The most widely used standards were protocol and telecommunication standards, but even with some of those standards, there were issues with product development and rol-lout.  This has resulted in some technology system re-design as well increased expenditure on patient education.
  3. Moreover, the market has dealt some variables, by either not continuing distribution of a mobile phone model or changing the implementation of a medical device transport protocol.  Additionally, intermittent wireless coverage and/or limited bandwidth for a teleconferencing function have led to design changes or required infrastructure upgrades.
  4. The market has a dearth of standards-based products for purchase.  In Europe this is complicated by language requirements (most of the countries have healthcare systems which specify that products be purchased which have markings and documentation in their national language – this is for ease of use as well as cultural preservation goals).
  5. Another big issue is system ergonomics with respect to patient cohort.  Mobile phones with small screens and small input interfaces (small mobile phone keyboards) don’t work well with more elderly patients.

This project will be ongoing until 2013 and at the end the results are hoped to strengthen the hypothesis that well designed remote monitoring programs for chronic disease management is as or more effective than care delivered in the traditional manner.  There should also be some interesting results from a technical perspective.  The market is slowly moving towards providing more standards-based products, however, for the purposes of this project, timing did not allow more adoption of those types of products.

So, with all of the activity described above what should healthcare providers do?  I suggest the following:

  1. Keep current on the mobile telecommunications arena both in product offerings and regulatory oversight.  With the MDDS and the draft mobile medical apps guidance, the FDA has signaled they will be interested in regulating some aspects of healthcare delivery.   If you as a healthcare provider adopt mHealth solutions, this will increase the complexity of providing and servicing/maintaining healthcare products from the provider.  You control your enterprise, but as the information goes outside the enterprise to the shared infrastructures, you lose that control.  Therefore, you may not be able to guarantee the types of performance or response that may be the norm within your enterprise.  Agreements with the third party infrastructure entities will become paramount to ensure good performance and in the end good relationships with your customers:  the patients and clinicians.  Moreover, in light of the recent FDA guidance, understanding the infrastructure path of your mHealth solutions so that you meet any regulatory burden will become even more important as you embark outside of your enterprise.
  2. Consider specifying standards for data and communication across each interface (example: Continua Guidelines, IHE-PCD) in your acquisition documents.  As with traditional medical device connectivity in your enterprise, the more you can decouple the medical device choice from the other parts of a connectivity solution, the more flexibility you have to make decisions based on the quality of the different parts of the system.  In the future, this may avert having to redesign, augment and/or replace the whole system from medical device to electronic medical record application due to a technology refresh of one of the manufacturers in the system.
  3. Providers are under a lot of pressure to control healthcare costs in all parts of the world.  As remote monitoring pilot results become more prevalent, it will be expected that providers adopt some of these mobile health solutions.  Timing of your adoption will become very important as this is a fast moving train.  The product cycles for mHealth can be 6 months to 1 year.  This is much faster than your usual IT infrastructure refresh cycle which is already faster than your medical device/technology refresh cycle.  Although many of the traditional medical device companies are migrating to a software based solution and a refresh cycle similar to that in the IT industry, they may not be as ready for the mHealth refresh frequency cycle.  This may slow down in the US and Europe due to more regulatory oversight, however, the development outside those areas of the world does not have as much regulatory oversight, so some of the more interesting products may be developed outside of the geographical areas we’ve become accustomed to in the US and Europe.  If you have a ‘wandering clinician’ or patient, they may be the one who introduces or demands a specific functionality to your enterprise from their wanderings.
  4. If your mHealth solution implementation is successful, be prepared to expand.  It is estimated that 80% of healthcare costs are borne by 20% of the population and most of this is due to the management of chronic diseases.    Remember, as with most endeavors, more is demanded of you once you succeed.

So is 2012 the year of mHealth?  Perhaps.  If anything, it will be another exciting year for mobile technology and the convergence of the consumer and healthcare industries.  It will be bumpy, but in the end, it should be better for the consumer who usually also happens to be the patient.

Bridget A. Moorman, CCE, is president of BMoorman Consulting, LLC, providing consulting to healthcare providers, standards promulgation organizations and medical device and information technology companies regarding their medical device integration strategies.  She can be reached via email  or at her website.

Share

December-18-2011

15:15

A recent Class I recall (not pictured) of a medical monitor with a hospital network connected central station stimulates some generalities about software, “fixes”, and connectivity. (Class I recalls are defined by the FDA as  a situation in which there is a reasonable probability that the use of, or exposure to, a violative product will cause serious adverse health consequences or death.)

The use of the product in question was given as:

  • a networked solution system used to monitor a patient’s vital signs and therapy, control alarms, review Web-based diagnostic images, and access patient records. The number of monitored vital signs can be increased or decreased based on the patient’s needs

Curiously only one customer was identified as having received the product, or at least this particular version of the product. While the manufacturer and product in question is a matter of public record, and available at the link, I chose not to include it here because my objective is not to repeat the recall information, but to suggest the reasons for the recall, an associated labeling issue, and offer some general lessons.

The reason given for the recall had two seemingly separate parts. The first is that “The weight-based drug dosage calculation may indicate incorrect recommended values, including a drug dosage up to ten times the indicated dosage”. This sounds like a software problem yet the fix was not to “upgrade” the software but to suggest a workaround. (I love the term upgrade to when applied to fixing something that doesn’t actually work!)  According to the FDA the firm’s letter stated that “users should enter the patient’s weight by way of the admin/demographics screen to ensure the drug dosage is calculated as intended.” (I did not find the firm’s letter on its website, but it might be one of those hidden page situations since I did find, with a struggle, two other recalls, though using the search term “recall” produced no results). Again speculating, the workaround sounds like a user dependent way to do something that was supposed to happen automatically. At least part of the value of automation is largely diminished, and opportunities for use error increased, when such additional demands are placed on the user.

The second reason given for the recall was that there may be a 5-10 second delay between the electrocardiogram and blood pressure curves (waveforms) at the central station.   This is an interesting technical issue that may be related to software and/or communication protocols. In either case it illustrates that multiple data streams may only be useful if they are properly timed stamped, and then properly aligned at the receiver. Out-of-sync data when subsequently processed either by eye, or automatically, can give erroneous and misleading results that might appear to be correct, i.e. the results could be in the category of erroneous but believable.

For one or both reasons the FDA found that, “This product may cause serious adverse health consequences, including death.” Yet it should be noted that this was a voluntary recall, as most recalls are, despite the fact that people who surely know better reported this as “FDA recalls…”

The FDA announcement goes on to say that the company pointed out that the instructions for use state that: ”For primary monitoring and diagnosis of bedside patients, use the bedside monitor. Use the…Central Station only for remote assessment of a patient’s status.” This sentence seems to be illustrative of the fundamental problem of remote information receivers and integrators that carry a disclaimer that in sum says that you shouldn’t rely on them. But isn’t the ability to rely on it exactly why you bought it? Moreover, promotional materials available on the web do not appear to echo this disclaimer. For example it is stated that ”Applications…enhance patient care management by providing rapid assessment, decision support and clinical reporting.” Does that sound like it isn’t for primary diagnosis? Or does “Data accessible from the…Central Station includes real-time waveforms” sound like those waveforms shouldn’t be used for primary monitoring? For one more example it is said that “arrhythmia events are detected with an unprecedented degree of accuracy.” Accuracy is certainly a good thing, but detecting arrhythmias at the central station when only the beside monitor is to be used for “primary monitoring and diagnosis” appears to be less than highly useful.

Furthermore the statement that the central station is only for remote assessment seems both definitional and contradictory. It is obviously for remote assessment–because it is a central station and thus remote! But then what does “assessment of the patient’s status” mean if not monitoring and diagnosis?

The disclaimer game has been addressed in these pages before. Here it seems to involve a product that is being marketed, sold and bought for exactly the reasons that the manufacturer is saying it shouldn’t be used. I didn’t spot the disclaimer language in any of the promotional materials, but maybe it is there somewhere.

So, we have here an apparent example of software driven miscalculations, network transported data that is not time synchornized, and a reminder not to use the central station for primary assessment. Important examples to remember as we charge ahead with software driven networked solutions.

[The products in the photo with this post above are not associated with the recall discussed, and are for illustrative purposes only.]

William Hyman is Professor Emeritus of the Department of Biomedical Engineering at Texas A&M University. He recently retired and has moved to New York City where he continues his professional activities.

Share

November-9-2011

18:57

The   issue of the EHR relative to safety and effectiveness has again made the news with the November 7, 2011 pre-publication (and downloadable) release of an Institute of Medicine report on EHR safety, commissioned by the U.S. Department of Health and Human Services (HHS). This report expands the discussion beyond the EHR (used henceforth for both EHR and EMR) to include other related electronic information tools collectively called health IT.

Health IT Risks

The potential for health IT to improve both the quality and efficiency of medical care has been much noted to include more complete and timely records, ready exchange of information between providers, clinical decision support, and in turn a reduction in errors associated with the quality and availability of patient information. Efficiencies may arise from electronic capture of data which would eliminate manual entry, and time savings in accessing and reviewing patient information, and perhaps in passing information to third party payers. Additional public health value might accrue from the enhanced searchability of electronic records with respects to trends, treatments and outcomes. These benefits assume well designed, user friendly, compatible systems not withstanding that the U.S. model is to allow for numerous independent products that may or may not be able to exchange information nor display it in a consistent manner. Not surprisingly the report notes that the IT imperative will likely not be fruitful without associated attention to the people and the clinical system they work in.

However there is also the potential for health IT to add to, rather then reduce complexity; misplace, lose or garble patient information, and to provide clinical decision support that is incorrect or unreliable. Thus health IT itself has risks that the IOM found have not yet been adequately addressed or monitored. The IOM also cites the lack of an effective health IT problem reporting system compounded by contractual language that may actually impede such reporting. In addition some vendors include disclaimers as to their responsibilities even for software defects and errors. The latter suggests the all purpose liability disclaimer language: “Notice-this product may be badly designed and therefore not suitable for its intended purpose.” Alternatively one could try: “Due to software defects the information in this EHR may or may not be complete and/or may not pertain to  the patient of interest. Do not use this information for medical treatment”. The value of such disclaimers will no doubt be tested.

Of course it is not only coding defects that can make heath IT less than effective. The well established issue of usability, or user friendliness, lives on, as does interoperability, training and workflow design. In this regard it might be noted that user friendly features such as pull down menus also facilitate quick but erroneous entries. Thus while an IT product might be theoretically capable of being used properly and effectively, whether it will achieve that goal in the real environment of use, when used by real people, is a separate matter. In this regard when faced with use issues and adverse events vendors will want to say that their product could have provided the correct functionality if only it had been used correctly–and don’t forget our disclaimer. The counter argument is that it was badly designed to the degree that “correct” use was predictably not likely to consistently occur. There are many anecdotes in this regard. A favorite of mine was an order entry system to which was added a physical sticky note on the monitor that read “Do not press Enter to Enter”.

Actual health IT hazards are at least in part separate from the questions of privacy, hacking and other mischief.

It must also be remembered that quantitative data (e.g. lab results and other medical device data), or reasonably well standardized data (e.g. images) are potentially much easier to capture, transmit and display than narrative information. The selection and arrangement of information on a display can also be a significant challenge with respect to density, utility and how many pages the clinician has to look at to get all the information needed–and you can’t spread those pages out. There is also a significant issue with the lack of standardization of “look and feel” factors. In this regard it must be remembered that clinicians of various types, working in multiple environments, might see multiple systems during even a single day. This is analogous to the reality of nurse use of infusion pumps. Ask the nurse if they know how to use an infusion pump and they will most likely say yes (and be insulted). But then ask them if they know how to use a particular infusion pump and they might say, no, I’ve never seen one of those before. In this regard a health IT application may be plug-and play, but that isn’t the same as plug-and-effectively-use.

IOM Report Recommendations

The report has several specific recommendations:

  • A comprehensive effort to asses safety and risk
  • Vendors should support the free exchange of information about health IT experiences and issues and not prohibit sharing of such information, including details (e.g., screenshots) related to patient safety
  • HHS should make comparative user experiences publicly available
  • A new Health IT Safety Council should be funded by HHS to evaluate criteria for assessing and monitoring the safe use of health IT and its ability to enhance safety
  • The registration and listing of products from all vendors
  • Specification of the quality and risk management process requirements that health IT vendors must adopt, with a particular focus on human factors, safety culture, and usability
  • Establishment of a mechanism for both vendors and users to report health IT related deaths, serious injuries, or unsafe conditions
  • Establishment of an independent federal entity for investigating patient safety deaths, serious injuries,or potentially unsafe conditions associated with health IT
  • Regular monitoring and reporting of health IT safety by HHS, and the FDA should be charged with developing applicable regulations
  • HHS should support usability research

Readers familiar with the FDA regulation of medical devices will recognize many of these items as standard fare. These include registration and listing, quality systems, and problem reporting. However since the FDA has not asserted that EHRs are medical devices, and the IOM elected not to make that specific recommendation.

Record-type health IT products remain in a regulatory vacuum–except with respect to acquisition funding subject to the meaningful use requirements. In this regard the report includes a dissenting statement from Richard Cook, MD (director of the Cognitive Technologies Laboratory at the University of Chicago) who asserts that health IT products should not only be declared to be medical devices, but that they should be Class III, the most stringently regulated device classification. In this regard he includes the following quote: “Medical and diagnostic devices have produced a therapeutic revolution, but in doing so they have also become more complex and less easily understood by those who use them. When well designed, well made, and properly used they support and lengthen life. If poorly designed, poorly made, and improperly used they can threaten and impair it.” While this quote could appear in nearly any one of the posts here, it actually dates to 1976 as part of President Gerald Ford’s signing statement for the Medical Device Amendments that ushered in the modern era of medical device regulation. While these amendments are often thought of as the beginning of  FDA medical device regulation, such regulation actually stems from the 1930′s. What did start in 1976 was before-marketing restraints as opposed to the FDA’s prior post market authority. (And no, 1976 is not ancient history. Some of us actually remember it.)

Health IT is caught in the corn maze of promise vs usability and hazards. With quality design and thoughtful implementation the exit may be found before nightfall. Without it someone is going to have to call 911.

William Hyman is Professor Emeritus of the Department of Biomedical Engineering at Texas A&M University. He recently retired and has moved to New York City where he continues his professional activities.

Share

October-27-2011

15:48

A recent NY Times article reported that hotel Wi-Fi capacity was again being challenged, this time by iPads and other tablets, or more specifically, tablet users.  The Times notes that these users may have a smart phone and laptop going at the same time they are sucking up streaming video. The high bandwidth demand of these devices, or more specifically, their uses,  is said to be reducing download speeds back to the good old days of dial-up connections. A likely solution will be a tiered charge structure, similar to the newest cellular data plans, with the result that you can waste bandwidth if you don’t care what it costs.  A more general report on current and future wireless demand versus capacity has been produced by the Global Information Industry Center at the University of California San Diego. A less foreboding report on medical uses of Wi-Fi has been produced by the Wi-Fi alliance.

Smart phones have a prior history of  overwhelming cell phone networks, such that in dense environments someone can’t make a phone call because too many other people are watching reality show reruns and bad movies. Now some cellular devices have been looking at switching to Wi-Fi when it is available, as explained here. This leads to the conflict ridden situation of cellular wanting to use Wi-Fi to solve its capacity problems at the same time that Wi-Fi is being over loaded by other devices.   Cellular resistant building structures, which are increasing, also can create a desire to shift to Wi-Fi.

Now think about hospitals. Tablets are surely making inroads here as well, along with smart phones and in house wireless VoIP. Medical devices are also increasingly wireless as has been noted in these pages before here and here. There is also the smart phone wireless app arena (which may or may not be regulated medical devices) as discussed here and here.

Certainly the public access side of a hospital’s wireless network can be limited and segregated. However prioritizing between multiple medical applications is far more challenging both clinically and technically. It must also be remembered of course that lost medical data or lack of clinical telephony can be life threatening, as opposed to merely annoying.

In this demanding arena few wireless medical systems are at least initially tested in a fully functioning environment. Yet there is a vast difference between whether the wireless capability (as well as the wired) is able to function when tested alone, and whether it is capable of functioning around the clock and throughout the year in an actual hospital when static and when roaming. In the latter case when roaming across access points, drop-outs may result in data loss and may not respond well when access is restored. While the link may recover critical information such as which patient is involved may not be available.

In addition it may be possible to add one wireless application today that works in the current environment, but which may not work when the next one or ten or 100 other wireless applications are added later, and perhaps not much later. In this regard vendor assurance, if ever fully believable, cannot be accepted outside the context of the wireless system and devices  currently deployed. (By way of bad analogy, such an assurance are like a car salesperson telling you that with this car you won’t have to worry about highway traffic.)

In this regard the effective hospital application has been summarized as requiring  ”assurance” which includes coverage, signal strength, capacity, and certainty. The “utility” analogy is often used here, i.e. the wireless service  should operate in the background and  be something I don’t ever have to think about, just give me more and more wireless devices and they will all play nicely together. (Those who have been through electrical blackouts and brownouts may have a different perspective than others on the reassurance provided by the utility analogy.)

It is clear that wireless and wired capacity have to both be actively controlled and monitored. Besides being totally logical, this is consistent with IEC 80001 (discussed here) which addresses hospital network risk management. This active control requires a centralized coordinator who has the authority, knowledge and system resources to not allow any new wireless application to be deployed without specific consent based on appropriately rigorous tests. There must also be complete  inventory of all approved wireless users so there is a record of who is using the system. New systems or upgrade designs must also take capacity seriously (see here for example).

Certainly wireless, using Wi-Fi or otherwise, offers advantages in health care, although perhaps not, wireless will need to be limited to those applications that really need it. In any case, capacity is a challenge that is likely to get worse before it gets better.

Pictured above are Philips’ Intelliview Cableless Measurements wireless SpO2 sensors that use the same ISM band frequencies as Wi-Fi. This photo was taken at the Philips booth at HIMSS 2010 with their permission.

William Hyman is Professor Emeritus of the Department of Biomedical Engineering at Texas A&M University. He recently retired and has moved to New York City where he continues his professional activities.

Share

August-19-2011

16:08

Today I was contacted by a social media marketing firm working for a major MDDS vendor with an offer to contribute content that’s on topic for this site (that last part is important). I’m interested, and I imagine a lot of this blog’s readers will be too. As I will likely take them up on their offer, I want everyone to understand that there’s not any favoritism that plays into who gets to post on this site. So, the following describes the ground rules, the benefits of contributing, and issues an open invitation to contribute posts.

We’ve been fortunate to have a number of terrific contributing authors over the years, and some of them have written posts that continue to be popular to this day. On the About This Site page is a long standing open invitation to anyone who wants to climb up on the soap box and spout off contribute to the conversation about medical device connectivity. I’ve also made contributing author offers personally to many folks on both the provider and vendor sides of the table. There are so many people who have incredible knowledge and experience to share. And most of these people don’t have the time or inclination to create their own blog. Now you have an outlet.

Increasingly companies are adopting social media policies that establish ground rules for employees posting to blogs, Twitter, Facebook, etc. Besides benefiting your employer, contributing posts also benefits the writer personally with increased awareness and respect among your peers. Contributors also get an author’s bio like this one for current contributor, William Hyman:

William Hyman is Professor Emeritus of the Department of Biomedical Engineering at Texas A&M University. He recently retired and has moved to New York City where he continues his professional activities.

Writers that want to remain anonymous can do so, to a degree. You can be anonymous like the blogger Tim at HIStalk. He doesn’t disclose his identity on his site, but he is not legally anonymous. This means that you can chose to not disclose who you are (or your employer), but if I’m legally compelled to disclose your identity I will. Some employers will appreciate this kind of anonymity because there’s little chance the writer’s opinions will be associated with the employer. Of course many employers, especially the smart ones, will want that employee-employer association to be known so that all the insight and intelligence the contributor demonstrates in their posts will rub off on them!

In the connectivity segment of the market, there are a lot of new entrants and many established companies flying under the radar of broad market awareness. Contributing blog posts about your experience or perspective (nothing too commercial please) is a great way to establish credibility and get the word out. The most effective use of blogging is engaging in a long term conversation with your readers. Most of my consulting business comes from this blog, in addition to the usual word of mouth and repeat projects. You put your content out in the blog, and readers come back with questions and requests for help with problems, advice, referrals to fill new positions, you name it. And I can’t tell you how rewarding it is to meet people at customer sites or events who are readers of this blog.

Unlike a magazine article, press release or white paper, contributing to a blog is typically not a one shot deal. A series of blog posts that address a body of topics or frames an issue gets read when it’s published – and after that – via search engine queries (that’s why it’s important to identify and use the right key words in your blog posts). Ideally, potential contributors will look at this as an extended conversation, or at least a series of posts that will span several months, if not indefinitely. Individual contributions are welcome, but they will have to be particularly thought provoking, entertaining and/or informative.

Why contribute posts to this site? Well, the site gets about 300 unique visits per day (less on weekends) and has  hundreds of subscribers to the RSS feed (the funny orange square icon on the right). Readership is evenly split between providers and manufacturers. As a contributor you will get access to the sites statistics where you can see how many times your post is accessed and by who (or at least their IP address or domain name).

So, if you’re interested in contributing, let me know. And if you’re a reader, here’s your chance to leave some feedback – what would you like to read more or less of on this site?

As an aside, if you’re interested in the blogs and news sites that I read, keep an eye on the Connectologist’s Shared Items box in the right hand bar. This is a list of shared items from my Google Reader. If you’ve got a blog or news site to suggest to me or your fellow readers, leave it in a comment to this post.

[Flickr photo of Selma by Netzanette]

Share

August-17-2011

13:01

The fact that connectivity, and perhaps wireless connectivity in particular, allows for hacking for mischief, theft, politics, social protest and other forms and varying degrees of evil should surely come as no surprise. In turn, that a wireless medical device might be hackable should be somewhere on the mind of developers, users, and regulators. Thus the report from the recent Black Hat conference that someone hacked an insulin infusion pump, and in so doing was then able to alter its settings, should also not be particularly shocking, but should serve as yet another reminder, that security associated with connectivity has been and continues to be an issue, as was addressed by Tim back in 2006.

The report in this instance came from Jay Radcliffe who hacked his own insulin delivery equipment. In this instance the hacking avenue was the wireless remote that was part of the device. Perhaps the idea that a wireless remote could be emulated is even at the ultra low end of surprise.  More generally, the multiple discussions of this report (e.g. here and here) have suggested that the technology being used by at least some medical device manufacturers does not offer an adequate array of security safeguards. Or the manufacturers haven’t fully utilized what is available in terms of alternate hardware, or they havn’t fully utilized the security features that were available even in the hardware that they were using.

Not surprisingly medical device manufacturers have downplayed the risks of hacking. The manufacturer of the pump in question, Medtronic, responded through a diabetes oriented web site, but apparently not through an actual press release of its own. The responses included that Medtronic does take device security seriously (would you expect them to say otherwise?), and that no real-life events have ever reported. Of course a problem with the later is that stealth hacking, as opposed to announced hacking, could cause harm while going unreported. This is to not say they have, but only to note that “reported” is a limiting case.

Medtronic is quoted further as saying “Our job is to incorporate information security measures into our designs, vigilantly monitor potential threats and to always be proactively finding ways to make our devices more secure for you. That is what we have done and what we will continue to do.”

A curious post in response to this expected response from Medtronic was “Security violations are caused by sloppy implementation. The systems themselves are very secure.”  I’m not sure how much better that is supposed to make us feel. Equally curious was that this response referenced RSA as a security authority, with other posters then pointing out that RSA was itself hacked.

Hypothetically (that means I made up the following) assorted glitches and could-not-duplicate service events could be the result of hacking, i.e. if the hacker hacked, and then stopped hacking, whatever the effect of the hacking was could well stop also, and therefore be un-findable. Which reminds me of a hospital wireless interference anecdote I heard about bursts of interference, almost always during the night, and almost always for one or two minutes. The culprit was an old leaky microwave being used in quick mode. And why only at night? Because the cafeteria was closed then and therefore the microwave was a primary food resource.

The bottom line is that security is an ongoing issue that must be rigorously addressed by manufacturers, and in turn by the FDA who has to at least ask the what-have-you-done-about-connectivity-security, and insist on a firm answer. Further, I will ask the question that I asked about the challenges of hospital networking at an AAMI session last June in San Antonio. My question was, “Is the problem getting easier or harder?” The answer was a laugh.

[Thumbnail photo above (used with permission) shows the various sites used to inject insulin over a period of time - one month if I recall correctly. In the lower right corner is the Medtronic insulin pump dangling from a tube. - Ed.]

William Hyman is Professor Emeritus of the Department of Biomedical Engineering at Texas A&M University. He recently retired and has moved to New York City where he continues his professional activities.

Share

Blog url: 
http://medicalconnectivity.com

Follow Us: