The Food and Drug Administration has spent decades refining its processes for approving drugs and devices (and is still refining them), so what would happen if they extended their scope to the exploding health software industry?
The FDA, and its parent organization, the Department of Health and Human Services, are facing an unpleasant and politically difficult choice.
Sticking regulatory fences into the fertile plains of software development and low-cost devices will arouse its untamed denizens, who are already lobbying Congress to warn the FDA about overreaching. But to abandon the field is to leave patients and regular consumers unprotected. This is the context in which the Food and Drug Administration, the Office of National Coordinator, after consultation with outside stakeholders, released a recent report on Health IT.
I myself was encouraged by the report. It brings together a number of initiatives that have received little attention and, just by publicizing the issues, places us one step closer to a quality program. Particular aspects that pleased me are:
- The suggestion that quality programs should start to look at electronic health records (p. 8). EHRs have been certified by various bodies, but usually just to check off boxes and declare that the systems comply with regulations–neither the quality of their user interfaces nor the quality of their implementations have been questioned. Reportedly, the FDA considered “safety and quality standards” for electronic health records in 2010 but couldn’t get them adopted. It also checks certain forms of clinical decision support, but only if they are built into a regulated device. The current HHS report refers back to aspirational documents such as a Health Information Technology Patient Safety Action & Surveillance Plan and a set of guidelines on the safety of EHRs.
- A call for transparent reporting and sharing of errors, including the removal of “disincentives to transparent reporting”–i.e., legal threats by vendors (p. 25). Error reporting is clearly a part of the “environment of learning and continual improvement” I mentioned earlier. A regulation subgroup stated the need most starkly: “It is essential to improve adverse events reporting, and to enable timely and broader public access to safety and performance data.” Vague talk of a Health IT Safety Center (p. 4, pp. 14-15) unfortunately seems to stop with education, lacking enforcement. I distinctly disagree with the assessment of two commentators who compared the Health IT Safety Center to the National Transportation Safety Board and assigned it some potential power. However, I will ask ONC and FDA for clarification.
- A recognition that software is part of a larger workflow and social system, that designing it to meet people’s needs is important, and that all stakeholders should have both a say in software development and a responsibility to use it properly.
Don’t imagine that the FDA is unused to regulating software. For quite some time they have instituted practices for the software used in some medical devices , and have tried to keep them up-to-date.
A waterfall-like process of risk assessment and testing called computer system validation has long been required for pharma and devices.
Continue reading “Health IT: The Coming Regulation”
Filed Under: Tech, THCB
Tagged: Andy Oram, Device software, EHR vendors, FDA, FDA regulations, HHS, HIT, Medical Devices, Patient Safety, software errors
Apr 14, 2014
Three related columns in HealthcareITNews caught my attention recently.
The headlines pretty much say it all:
1. Satisfaction with HIE solutions drops.
2. Vendors missing boat on HIE needs.
3. CommonWell names 3 biggest HIE hurdles.
Over the years, I’ve written more than a few HealthBlog posts on the topic of health information exchange (HIE) and why I feel so strongly that most of the initiatives currently underway are missing their mark.
As I’ve stated before, during my worldwide travels I haven’t yet come across a country that has accomplished a truly national, interoperable, bi-directional, fully functional HIE.
Those few countries that come close are more like a large American city or small state in size, perhaps mirroring some of the moderately successful regional or state-wide exchanges currently operating in America. Over the years I’ve also watched implosions of national HIE attempts in several countries that have failed miserably despite billions of dollars being spent on the efforts.
Reading each of the articles referenced above, I once again reach the conclusion that what I have been evangelizing as a better model for HIEs still rings true.
Continue reading “Cracking the Code on Health Information Exchange. Is It Time to Wipe the Slate Clean and Start Anew?”
Filed Under: Tech
Tagged: Bill Crounse, EHR vendors, EHRs, health information exchange, HealthVault, HIT, Tech
Apr 6, 2014
Many years before the creation of Healthcare.gov, President Obama embraced data analytics during his early years in the Senate.
In 2006, he and senator Tom Coburn (R-Okla.) successfully sponsored the Federal Funding Accountability and Transparency Act, which resulted in creation of usaspending .gov, “a significant tool that makes it much easier to hold elected officials accountable for the way taxpayer money is spent“.
A History of Failed Federal IT Projects
A considerable amount of taxpayer money is spent on federal IT projects, but in contrast to the aspirations of Obama in his early years in the Senate, it is not spent responsibly.
According to the Standish Group report, from 2003 to 2012 only 6% of the federal IT projects with over 10 million dollars of labor cost were successful.
52% of them were either delayed, went over budget or did not meet user expectations. The remaining 41% of the IT projects were abandoned or started from scratch. Perhaps most troubling is that healthcare.gov is just a one example among many.
Continue reading “Healthcare.gov and the History of Failed IT Projects”
Filed Under: Tech, THCB
Tagged: Accenture, CGI, Deloitte, federal contracting, Healthcare.gov, HIT, Niam Yaraghi, Transparency
Apr 3, 2014
At HIMSS 2014, the health information technology’s (HIT) largest annual confab, the bestest-best news we heard from a policy perspective, and maybe even an industry perspective, was the Centers for Medicare & Medicaid Services’ (CMS) dual announcement that there will be no further delays for either Meaningful Use Stage 2 (MU-2) or ICD-10.
Perhaps we should have immediately directed our gaze skyward in search of the second shoe preparing to drop.
As it turns out, CMS de facto back-doored an MU-2 delay by issuing broad “hardship” exemptions from scheduled MU-2 penalties. To wit: any provider whose health IT vendor is unprepared to meet MU-2 deadlines, established lo these many months ago, is eligible for a “hardship” exemption.
Few would disagree with the notion that it’s unproductive to criticize policy without offering constructive ideas to fix the underlying problems.
Here, the underlying problem is easy to define: it is in point of irrefutable fact fundamentally unfair to penalize care providers for their vendors’ failings—especially when the very government proposing to penalize them put its seal of approval on the vendors’ foreheads to begin with.
CMS’s move to exempt providers from those penalties is correctly motivated, but it seeks to ease the provider pain without addressing its cause.
Instead of issuing a blanket exemption for use of unprepared vendors, CMS should:
- Waive penalties only for those providers who take steps to replace their inferior technologies with systems that can meet the demands of the 21st century’s information economy;
- Publish lists of health IT vendors whose systems are the basis for a hardship exemption, along with an accounting of how many of those 21 billion dollars have been paid to subsidize those vendors’ products; and
- Immediately initiate a reevaluation of the MU certification of any vendor whose products form the basis for a hardship exemption.
This proposal might seem bold, but if we’re truly looking to advance health care through the application and use of EHR, then what I’ve outlined above simply represents necessary and sound public policy. Current practice rewards vendors whose products are falling short by perpetuating subsidies for those products.
The federal government should stop paying doctors to implement health IT that cannot meet the standards of the program under which the payments are issued. That’s just a no-brainer.
An EHR should not be a federally-subsidized “hardship.”
Continue reading “Congratulations, Doctor, On Your Federally-Subsidized “Hardship””
Filed Under: Tech, THCB
Tagged: CMS, Dan Haley, EHR, EHR vendors, Hardship Exemption, HIMSS 2014, HIT, Meaningful Use Stage 2, Providers
Mar 13, 2014
Matthew Holt sat down with CareCloud President and CEO Albert Santalo to discuss the latest news from the Miami-based cloud practice management and EHR services provider. CareCloud got started in 2009 and since then has raised $55 million in angel and private venture funding and grown to 270 employees.
Currently, about 5,000 doctors use CareCloud for their practice management services with about a quarter of those doctors also using the CareCloud EHR. Santalo expects that number to grow to about 12,000 by the end of the year, explaining in three points why he thinks the market is primed for CareCloud’s cloud-based, integrated practice management and EHR system.
While Santalo’s grin says more than his answer when asked about a potential IPO, he shares some interesting thoughts on practice consolidation, meaningful use requirements, and the cloud in in-patient settings in this interview recorded at HIMSS last month.
Filed Under: Health 2.0
Tagged: Albert Santalo, Carecloud, Health 2.0, HIT, Kim Krueger, Matthew Holt
Mar 10, 2014
The photo says it all.
The green notebook and pen represent the latest and greatest health IT innovations used by the hospital nurse to record my wife’s health information in the hours before her surgery to re-attach a fully torn Achilles tendon.
(Apologies for the cheeky intro and to my wife and anyone else for any HIPAA violations I may have committed in the capturing of this image).
It’s not that the hospital does not have an electronic health record.
They do – from a vendor widely considered a leader in the industry: Meditech. Same goes with the physician practice where she receives all her care and where her surgeon and primary care doctor are based.
They too have an EHR from another leading vendor: NextGen.
The problem? These systems are not connected. Thus, confirming the not so surprising news that health data interoperability has yet to make its debut in our corner of the NYC burbs.
Fortunately for my wife, she is well on her way to recovery (a bit more reluctant to juggle a soccer ball with her son in airport passenger lounges, but nevertheless feeling much better…and mobile). By everyone’s estimation – hers, mine, friends who suffered the same injury and friends who happen to be doctors – she received high quality care.
What’s more, we feel the overall patient experience at our physician practice and the hospital was quite good. That said, I cannot help but ask myself a series of ‘what ifs?’
What if…we forgot to mention a medication she was taking and there was a bad reaction with medication they administered as part of the surgery or afterwards?
What if… the anesthesiologist or surgeon couldn’t read the nurse’s handwriting?
What if the next time we go to the hospital, it is a visit to the emergency room and the attending clinicians have no ability to pull any of my family’s health records and we are not exactly thinking clearly enough to recall details related to medical history?
Continue reading “What A Green Three Ring Binder Says About the State of Meaningful Use and Health Information Exchange”
Filed Under: Uncategorized
Tagged: EHR, health information exchange, HIMSS 2014, HIT, Meaningful Use Stage 2, Rob Cronin
Feb 24, 2014
One of the most critical issues facing our healthcare system is the fact that the IT systems we’ve put in place have not yet led to a more connected, intelligent approach to patient care.
While we have made notable headway toward interoperability through health information exchange solutions, we must dramatically accelerate our progress to support the transition to value-based care and realize our full potential as an industry.
With this vision in mind, McKesson, Cerner and other leading healthcare IT companies announced the CommonWell Health Alliance last year at HIMSS13. Members of the Alliance are united by a shared commitment to develop a core set of interoperability services and standards that will enable patient data to be shared securely across care settings and electronic health record (EHR) platforms.
In the twelve months since, tremendous progress has been made in making this aspiration a reality. CommonWell is running robust initial projects and collaborating with a myriad of practices. We’re also continuing to expand with new members who share our ideal of the trusted exchange of patient data, regardless of vendor, system, or setting.
Now, the Alliance is welcoming its first pharmacy member in CVS Caremark. This is a watershed event for several reasons.
CVS Caremark is one of the nation’s largest retail pharmacy chains and pharmacy benefit management companies. Few organizations in any segment of healthcare have more access to patient data and more trusted influence.
But CVS Caremark’s role in driving innovation in our healthcare system, and its importance to the goal of interoperability, is vital for other reasons.
Continue reading “CVS Caremark Enters CommonWell”
Filed Under: OP-ED, THCB
Tagged: CommonWell Health Alliance, CVS Caremark, HIMSS 2014, HIT, Interoperability, John Hammergren, McKesson
Feb 24, 2014
Today, ONC released a report on patient matching practices and to the casual reader it will look like a byzantine subject. It’s not.
You should care about patient matching, and you will.
It impacts your ability to coordinate care, purchase life and disability insurance, and maybe even your job. Through ID theft, it also impacts your safety and security. Patient matching’s most significant impact, however, could be to your pocketbook as it’s being used to fix prices and reduce competition in a high deductible insurance system that makes families subject up to $12,700 of out-of-pocket expenses every year.
Patient matching is the healthcare cousin of NSA surveillance.
Health IT’s watershed is when people finally realize that hospital privacy and security practices are unfair and we begin to demand consent, data minimization and transparency for our most intimate information. The practices suggested by Patient Privacy Rights are relatively simple and obvious and will be discussed toward the end of this article.
Health IT tries to be different from other IT sectors. There are many reasons for this, few of them are good reasons. Health IT practices are dictated by HIPAA, where the rest of IT is either FTC or the Fair Credit Reporting Act. Healthcare is mostly paid by third-party insurance and so the risks of fraud are different than in traditional markets.
Healthcare is delivered by strictly licensed professionals regulated differently than the institutions that purchase the Health IT. These are the major reasons for healthcare IT exceptionalism but they are not a good excuse for bad privacy and security practices, so this is about to change.
Health IT privacy and security are in tatters, and nowhere is it more evident than the “patient matching” discussion. Although HIPAA has some significant security features, it also eliminated a patient’s right to consent and Fair Information Practice.
Continue reading “What You Need to Know About Patient Matching and Your Privacy and What You Can Do About It”
Filed Under: THCB
Tagged: Adrian Gropper, cyber attacks, HIPAA, HIT, ONC, patient matching, Privacy
Feb 21, 2014
If you are a CEO or COO of a health care organization, and your IT people have been trying to get your attention, it’s time to have a serious sit-down with them.
If they haven’t been trying to get your attention, it’s time to have an more serious sit-down with them, complete with charts and graphs and arrows on fip charts.
Here’s why: Remember in November it was revealed that the Target retail chain’s computer systems were compromised? Some 70 million names, home addresses and phone numbers were stolen (pretty good raw material for identity theft) and 40 million credit card numbers.
It has turned out since then that some two dozen other companies, including Neiman-Marcus, the Michael’s arts-and-crafts chain and the White Lodging Services hotel management firm, have been hacked in similar ways, with the attackers software sitting in the companies’ servers, credit card machines and cash registers often for months before they were detected, sucking down every transaction, every bit of data moved about.
Hey wait, you say, I have every confidence in our computer security. Why we passed a security audit just recently.
Heh. So did Target — just before they discovered the break-in. They got a clean bill of health, and the auditors failed to find the malware installed on every server, every credit card terminal, every cash register.
Why? Because the attackers have gotten way more sophisticated, and they used new techniques and methods of entry. You can now buy ready-made hacking software designed to do this on the Internet for less than $1000.
Here’s the kicker: Target has security guards at the doors, it has those beeper tags on small high-value items so you can’t sneak them out without paying for them, it has burglar alarms — but the perps in the biggest heist in the company’s history entered through the thermostat.
Got that? The thermostat.
Continue reading “Why Healthcare Should Be Worried About the Target Cyber Attacks”
Filed Under: Tech, THCB
Tagged: cyber attacks, HIT, information security, Joe Flower, Target
Feb 11, 2014
2014 will see wide-scale production and exchange of Consolidated CDA documents among healthcare providers. Indeed, live production of C-CDAs is already underway for anyone using a Meaningful Use 2014 certified EHR.
C-CDA documents fuel several aspects of meaningful use, including transitions of care and patient-facing download and transmission.
This impending deluge of documents represents a huge potential for interoperability, but it also presents substantial technical challenges.
We forecast these challenges with unusual confidence because of what we learned during the SMART C-CDA Collaborative, an eight-month project conducted with 22 EHR and HIT vendors.
Our effort included analyzing vendor C-CDA documents, scoring them with a C-CDA scorecard tool we developed, and reviewing our results through customized one-on-one sessions with 11 of the vendors.
The problems we uncovered arose for a number of reasons, including:
Filed Under: THCB
Tagged: clinical document exchange, David Kreda, EHR, HIT, Joshua Mandel, Meaningful Use Stage 2, ONC, open data, SMART C-CDA Collaborative, SMART platform
Feb 11, 2014