A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. Rob and I, who co-authored this post, have worked in many industries as analysts. Nowhere, in our collective experience, have we seen such a thing. Manufacturers, retailers, financial institutions, etc. would never think of relinquishing their data to their enterprise software vendor of choice.
It confounds us as to why healthcare organizations let their vendors of choice get away with this and frankly, in this day of increasing concerns about patient privacy, why is this practice allowed in the first place?
The Office of the National Coordinator for Health Information Technology (ONC) released a report this summer defining EHR contract terms and lending some advice on what should and should not be in your EHR vendor’s contract.
The ONC recommendations are good but incomplete and come from a legal perspective.
As we approach the 3-5 year anniversary of the beginning of the upsurge in EHR purchasing via the HITECH Act, cracks are beginning to show. Roughly a third of healthcare organizations are now looking to replace their EHR. To assist HCO clients we wrote an article published in our recent October Monthly Update for CAS clients expanding on some of the points made by the ONC, and adding a few more critical considerations for HCOs trying to lower EHR costs and reduce risk.
The one item in many EHR contracts that is most troubling is the notion the patient data HCOs enter into their EHR is becomes the property in whole, or in-part, of the EHR vendor.
It’s Your Data. Act Like it.
Prior to the internet-age the concept that any data input into software either on the desktop, on-premise or in the cloud (AKA hosted or time sharing) was not owned entirely by the users was unheard of. But with the emergence of search engines and social media, the rights to data have slowly eroded away from the user in favor of the software/service provider.
Facebook is notorious for making subtle changes to its data privacy agreements that raise the ire of privacy rights advocates.
Continue reading “Whose Data Is It Anyway?”
Filed Under: Tech, THCB
Tagged: business of healthcare, Chilmark Research, Data, EHR, EHR vendors, John Moore, Privacy, Robert Tholomeier
Nov 20, 2013
Chicago Cubs fans of a certain vintage will never forget broadcaster Harry Carey’s signature line, “Holy cow!” Some have speculated that the exclamation may have originated in Hinduism, one of the world’s major religions, whose adherents worldwide number approximately one billion. Hindus regard cows as maternal, caring figures, symbols of selfless giving in the form of milk, curds, butter, and other important products.
One of the most important figures in the faith, Krishna, is said to have been a cowherd, and one of his names, Govinda, means protector of cows. In short, cows are sacred to Hindus, and their slaughter is banned in virtually all Indian states.
Medicine, too, has its sacred cows, which are well known to physicians, nurses, and patients visited by medical teams on their hospital rounds. In this case, the cow is not an animal but a machine. In particular, it is the computer on wheels, or COW, a contraption that usually consists of a laptop computer mounted on a height-adjustable pole with a rolling base. It is used to enter, store and retrieve medical information, including patients’ diagnoses, vital signs, medications, and laboratory results, as well as to record new orders.
As the team moves from room to room and floor to floor, the COW is pushed right along. The COW is often treated with a degree of deference seemingly bordering on reverence. For one thing, people in hallways and patients’ rooms are constantly making way for the COW. As an expensive and essential piece of equipment, it is handled gingerly. Often only the senior member of the medical team or his or her lieutenant touches the COW.
Others know that they have said something important when they see the chief keyboarding the information into the COW. Sometimes it plays an almost oracular role. When questions arise to which no one knows the answer, such as the date of a patient’s admission or the time course of a fever, they often consult the COW. Just as cows wandering the streets of Indian cities often obstruct traffic, so healthcare’s COWS can and often do get in the way of good medicine. Continue reading “Should We Sacrifice Medicine’s Sacred COW?”
Filed Under: Tech
Tagged: computer on wheels (COW), Data, doctor/ patient relationship, EHR, HIT, Patients, philosophy, practice of medicine, Providers, Richard Gunderman
Oct 14, 2013
Everyone who knows my writing can attest that I neither pull punches nor play politics. It may distress people, and hopefully it won’t harbinger my demise. But as CEO of a young firm bringing overdue innovations to the Fire and Emergency Medical Services industry, there are only four groups to whom I am duty-bound: our partner-clients, their patients, our team members, and our investors (in no specific order). To remain mum on topics that could affect the physical or financial health and wellbeing of any of these parties would be a disservice.
When I was in the magazine business, I often used the phrase “Respect the medium.” The meaning was simple: when every industry player surfing the waves of innovation is trying something new, how many are asking whether the form is appropriate to the intended function? What changes need to be made to magazine’s font so its text can be read clearly on a small, backlit screen? What interactivity can be embedded into a digitally delivered? How will the user’s experience change when network access is down? (In February 2012, I wrote about these topics for Electronic Design Magazine.)
Failure to ask these questions is often the downfall of the delivery method: either the medium changes or its use declines; rarely do customers acclimate. In the publishing world, if your readers ignore you, you go away—no lasting harm or foul. Not so in healthcare or public safety. Especially during emergencies, if a product fails to work as intended—or to work at all—it can mean lost productivity, mountainous legal fees, brain death, or loss of life, limb and property.
Healthcare IT offers outsized benefits to Emergency Response teams, which depend on speed, ease of training and use, data accuracy, and interoperability. But the stakes of failure or disruption are so high that one can say there are few areas of development with a more desperate need for criticism.
Continue reading “Why Badly Designed iPad Apps Put Patients at Risk: EMS and ePCR”
Filed Under: Tech, THCB
Tagged: Beyond Lucid Technologies, Data, emergency response, EMS technology, HIT, iPad, Jonathon Feit, Patients, Tech
Oct 8, 2013
As Washington remains deadlocked on the implementation of the Affordable Care Act, the US government’s shutdown has resulted in the furlough of nearly 70% of the Centers for Disease Control‘s (CDC’s) workforce. CDC Director Tom Frieden recently shared his thoughts in a tweet. We agree whole-heartedly. Although it’s all too easy to take the CDC staff for granted, they are the frontline sentinels (and the gold standard) for monitoring disease outbreaks. Their ramp-down could have serious public health consequences.
We are particularly concerned about the apparent temporary discontinuation of the CDC’s flu surveillance program, which normally provides weekly reports on flu activity. Although flu season typically begins in late fall, outbreaks have occurred earlier in previous years. In 2009, flu cases started accumulating in late summer/early fall. And given the potential for unique variants, such as the swine or avian flu, every season is unpredictable, making the need for regular CDC flu reports essential. We therefore hope to see the CDC restored to full capacity as soon as possible.
In the meantime, we would like to help by sharing data we have on communicable diseases, starting with the flu.
Because the athenahealth database is built on a single-instance, cloud-based architecture, we have the ability to report data in real time. As we have described in earlier posts, the physicians we serve are dispersed around the country with good statistical representation across practice types and sizes.
To get a read on influenza vaccination rates so far this season, we looked at more than two million patients who visited a primary care provider between August 1 and September 28, 2013 (Figure 1). We did not include data on vaccinations provided at retail clinics, schools or workplaces.
This year’s rates are trending in parallel to rates over the last four years, and slightly below those of the 2012-2013 season. However, immunizations accelerate when the CDC, and consequently the media, announce disease outbreaks and mount public awareness campaigns.
Continue reading “With CDC Seasonal Flu Data Unavailable, An Electronic Medical Record Offers a Glimpse of Early Activity Levels”
Filed Under: Tech, THCB
Tagged: athenahealth, CDC, Data, flu, Iyue Sung, public health
Oct 4, 2013
The U.S. government shutdown continues to claim victims.
The latest is HealthIT.gov, the website designed to help doctors and hospitals make the transition to electronic and make better use of health information technology – a key component of Obamacare’s drive to transform healthcare.
The Health Information Technology Office of the National Coordinator posted a brief announcement on the site informing visitors to HealthIT.gov that “information … may not be up to date, transactions submitted via the website may not be processed and the agency may not be able to respond to inquiries until appropriations have been enacted.”
Officials also sent a tweet saying that the ONC regrets to inform us that while the shutdown continues it will “not tweet or respond to tweets.”
This struck THCBist as slightly odd.
After all, if you’re looking for an inexpensive way to communicate with the public in a pinch, Twitter seems like the perfect choice. We get that government websites are ridiculously expensive things to run. Blogs are considerably cheaper. Operating a Twitter account — on the other hand — is almost free. Our brains were flooded with scenarios. How much could the ONC possibly be spending on Twitter? And for that matter, didn’t the Department of Defense originally invent the Internet to allow for emergency communication during times of national crisis? Doesn’t a fiscal insurrection by cranky Republicans qualify?
Fallout for the National Health IT Program
While federal officials have issued repeated assurances that the shutdown will not impact the Obamacare rollout, it does look as though there will be a fairly serious impact on the administration’s health IT program. If HHS sticks to script, only 4 of 184 ONC employees will remain on duty during the shutdown. That makes it sound like activities are going to have to be scaled back just a bit.
If you’re counting on getting an incentive payment from the government for participation in the electronic medical records program, you may be in trouble — at least until the stalemate is settled. Although ONC has not yet made an official statement, presumably because the aforementioned Twitter channel has been disabled, leaving the agency unable to speak to or otherwise communicate with the public, going by the available information in the thirteen-page contingency plan drafted by strategists at HHS, it is unclear where the money will come from.
This could be bad news for electronic medical records vendors counting on the incentive program to drive sales as the Obamacare rollout gets officially underway.
Continue reading “Washington In Crisis: ONC Announces That It Will Not Tweet Or Respond to Tweets During Shutdown”
Filed Under: Tech, THCB
Tagged: Data, EHR, government shutdown, HHS, HIPAA, HIT, ONC, public health messaging, THCBist, The Affordable Care Act
Oct 1, 2013
Is hospital consolidation creating new efficiencies or does it give health care providers clout over health care insurers? A well-publicized study published in Health Affairs last year by Robert Berenson, Paul Ginsburg, et. al said the latter: hospital consolidation has resulted in “growing provider market clout.”
The Berenson study’s key conclusion is that growing hospital clout has resulted in insurers not aggressively containing their claims payments, a view that will stun every patient who has had a health insurance company deny coverage for a procedure, prescription or preferred health care provider.
Because the Berenson study’s finding are counterintuitive to consumer experience, and because they have been widely discussed in publications ranging from Forbes to National Journal, the Center for Regulatory Effectiveness, a regulatory watchdog with extensive experience in analyzing federal health policies, undertook an analysis to see if the study complied with the Data Quality Act (DQA).
The DQA, administered by the White House Office of Management and Budget (OMB), sets standards for virtually all data disseminated by the agencies. Under the DQA, agencies may not use or rely on data in federal work products (reports, regulations) which don’t comply OMB’s government-wide Data Quality standards. Thus, unless the Health Affairs study complies with federal Data Quality standards, it is useless to Executive Branch policy officials.
The primary data source cited by the Berenson study as the basis for their conclusions regarding trends in relative clout between hospitals and health insurers is a well-respected, longitudinal tracking study which included interviews with heath care leaders from insurance companies, hospitals, and academia. The health care interviews, however, were only conducted in a single year following a change in longitudinal study’s methodology.
Continue reading “Understanding the Hospital Consolidation Numbers: The Centrality of Data Quality”
Filed Under: THCB
Tagged: Bruce Levinson, Center for Regulatory Effectiveness (CRE), Data, hospital consolidation, Hospitals, Insurers, MLR, Physicians, Robert Berenson, Too Big to Fail
Sep 17, 2013
Recently officials at Oregon Health Sciences University discovered that residents in several departments were storing patient information on Google Drive, and had been doing so for the past two years. They treated this discovery as a breach of privacy and notified 3000 patients about the incident.
While I don’t condone the storage of patient information on unapproved services like Gmail or Google Drive, this incident pretty much highlights the sorry state of information systems within the hospital and the unfulfilled need by physicians for tools that facilitate workflow and patient care.
It says something that the Oregon residents felt compelled to take such a drastic action. I don’t know what punishment – if any – those responsible were given by administrators for their “crimes.” I’ll leave it to readers to make up their own minds about the wisdom of the unauthorized workaround and the appropriateness of any punishment. But I do know that the message the incident sends is a very clear one.
We’re screwing this up. There is really no earthly reason why it should be any more difficult to share a patient record than it is to share a Word doc, a Powerpoint or yes, even a cloud-based Google Drive spreadsheet.
Why the Breach Happened
What’s going on here? Let’s say I admit a patient to the hospital. Our friend was hospitalized here just last month, and like many patients, he has dementia or is poorly educated, and does not know the names of the medications he takes. Unfortunately, I don’t have the ability to see what he takes or how he was treated during the prior admission because the records in the computer are there for documentation’s sake and don’t contain any meaningful information. This is clearly a problem for me.
Therefore I will spend time calling outside facilities to gather information and repeat several tests and imaging procedures.
Medical care has become a team sport, and residents have developed systems for keeping track of their patients and communicating to other physicians. It takes some time to think about and process each patient that comes in, to consolidate all the information. Ultimately, I need to boil that information down to a five-minute description on the patient, their problems, the status of their current admission, and what needs to happen before they go home. We do this in the form of a signout document.
Figure: The signout document has four to five columns and includes the To Do list for each patient.
The EMR does not have a good way to store information in this format, and additionally I have no way of editing this in real-time to communicate with my
coworkers what still needs to be done. That’s why residents were storing their signouts in Google Drive.
What providers need here is simple data management. We need to store and access this list from different computers. We need the ability to enter a subset of those data using a custom form, and the ability to print subsets of those data to create a To Do lists, rounding sheets, or progress notes. Continue reading “What the Recent Data Breach Says About the State of Health IT”
Filed Under: Tech, THCB
Tagged: Data, David Do, HIT, OHSU, Privacy
Aug 11, 2013
I love interactive data visualization (#dataviz). It is one of the things that I definitely wanted to explore when I came out to the Bay Area on sabbatical, because I believe that it has great potential for helping both patients and clinicians with diabetes management. The sheer volume of numbers available for this disease is overwhelming; we need #dataviz tools that can help us achieve greater understanding and make actionable clinical decisions to improve health.
This is what we usually see in clinic: numbers written down on a piece of paper.
Yes there are computer systems that link to blood glucose meters, but there are a number of complexities with the downloading of blood sugar numbers in clinic (which deserves an entire blog post sometime in the future).
You can see there is some visual analysis and annotation that we do perform, albeit primitive. The circles represent high blood sugars (>150 mg/dl)and the triangles represent low blood sugars (<70 mg/dl). This is almost better than the cave painters don’t you think?
But even the minority of patients who download their BS to the computer, are viewing dashboards like this.
Pie charts, need I say more? I can extract some useful insights from these charts, which improve over the previous one I showed, but a few things strike me: (1) some of the scatter plots overlay weeks of data, which I don’t find helpful because you can’t tell how BS on a given day are responding and relate them to life events; (2) some visualizations show a lot of numbers in many of the sections, and it just becomes onerous to go through them and find trends; (3) many provide statistics (area under the curve, MAD%) which I think only a minority of families and children really understand; (4) although some of the software programs do provide interactivity and let you see the data at different time scales (day, week, month), if you change to a different view, you are stuck trying to remember in your head what you saw on a previous screen because you can’t see the multiple levels at once; (4) finally, I find that the user interface and design could use major improvement.
Continue reading “#Dataviz + #Design + #Diabetes: The Beginning”
Filed Under: Tech
Tagged: Data, Design, Diabetes, Joyce Lee, mHealth
Jun 14, 2013
As my head reels at the implications of the IRS scandal mushrooming in Washington, the IRS’s recently disclosed ability to access e-mails without warrant, the intricacy of the NSA PRISM wiretap techniques that includes their ability to acquire tech firms’ digital data, and even the Justice Department’s ability to secretly acquire telephone toll records from the Associated Press, I wonder (as a doctor) what all this means for the privacy protections afforded by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in our new era of mandated electronic medical records. Are such privacy protections credible at all?
It doesn’t seem so.
Now it seems everyone’s health data is just as vulnerable to federal review as their Google search data. This is not a small issue. We have already seen that discovering “leaks” of personal health information has produced some very handsome rewards for the feds, so it is not beyond reason to think that HIPAA might also be a funding tool for our government health care administration disguised as a beneficent effort to protect the health care data of our populace.
But even more concerning is the role the IRS scandal has for America’s health care system. After all, the Affordable Care Act is ultimately funded by the IRS by administering some 47 tax provisions. These include the right to levy a penalty against businesses and individuals who don’t provide or acquire insurance and determining how to distribute annual subsidies to 18 million people who make less than $45,000 a year and thus qualify for subsidies in buying health coverage. In addition, the agency will collect taxes on medical devices and a surtax on people making more than $200,000 a year, as well as conducting compliance audits of tax-exempt hospitals.
Continue reading “The IRS Scandal: Implications for HIPAA and the Affordable Care Act”
Filed Under: OP-ED, THCB
Tagged: Data, Dr. Wes, HIPAA, IRS, NSA, Patient privacy, Patients
Jun 11, 2013
Health reform activists and privacy mavens have been at loggerheads for years. Those touting health reform complain that an oversensitivity to privacy risks would hold back progress in treatments. Running in parallel but in the opposite direction, the privacy side argues that current policies are endangering patients and that the current rush to electronic records and health information exchange can make things worse.
It’s time to get past these arguments and find a common ground on which to institute policies that benefit patients. Luckily, the moment is here where we can do so. The common concern these two camps have for giving patients power and control can drive technological and policy solutions.
Deborah Peel, a psychiatrist who founded Patient Privacy Rights, has been excoriated by data use advocates for ill-considered claims and statements in the past. But her engagement with technology experts has grown over the years, and given the appointment of a Chief Technology Officer, Adrian Gropper, who is a leading blogger on this site, PPR is making real contributions to the discussion of appropriate technologies.
PPR has also held three Health Privacy Summits in Washington, DC, at the Georgetown Law Center, just a few blocks from the Capitol building. Although Congressional aides haven’t found their way to these conferences as we hoped (I am on the conference’s planning committee), they do draw a wide range of state and federal administrators along with technologists, lawyers, academics, patient advocates, and health care industry analysts. The most recent summit, held on June 5 and 6, found some ways to move forward on the data sharing vs. privacy stand-off in such areas as patient repositories, consent, anonymization, and data segmentation. It also highlighted how difficult these tasks are.
Continue reading “What Do Patients Really Think? A Report From the Third Annual Health Privacy Summit”
Filed Under: THCB, The Insider's Guide To Health Care
Tagged: Andy Oram, Data, Deborah Peel, e-patients, Health Care Reform, Health Privacy Summit, Patient Privacy Rights
Jun 11, 2013