A Healthcare IT Primer

HalamkaNow that Healthcare IT is part of the stimulus and newsworthy, I
receive many questions from reporters 
about the fundamentals of healthcare IT. Here's a primer with the Top 10 questions and answers:

1. Can you define EHR, EMR, PHR and PM in simple terms?

Electronic Medical Record – An electronic record of health-related information on an individual that can be created, gathered, managed, and consulted by
authorized clinicians and staff within one health care organization.

Health Record – An electronic record of health-related information on
an individual that conforms to nationally recognized interoperability
standards and that can be created, managed, and consulted by authorized
clinicians and staff, across more than one health care organization.

Health Record – An electronic record of health-related information on
an individual that conforms to nationally recognized interoperability
standards and that can be drawn from multiple sources while being
managed, shared, and controlled by the individual.

Management – An application used to manage the physician business
operations including scheduling, registration, and billing …

2. How large is the unserved market for HIT?

are 800,000 clinicians in the US. 17% have EHRs today. This leaves
664,000 who need EHRs. Over the next 5 years the early to mid-adopters
will work hard to gain the full stimulus incentive amounts available in
2011-2012. Late adopters will gain the reduced stimulus available in
2013-2014. Resistors will begin receiving penalties in 2015.

How many companies are currently competing in the small practice/
ambulatory EHR market? Are there any clear leaders in terms of client
base or innovation?

There are over 100 companies providing
EHRs for small practices. In my experience the ambulatory market
leaders are eClinicalWorks, Allscripts, NextGen, GE Centricity, and
Meditech/LSS (for small practices tightly affiliated to a hospital
using Meditech). Epic is a market leader but not for small practices.

What does “meaningful use” really mean? Do you think physicians
currently feel compelled to wait for clearer language from the
government on the interoperability standards before investing?

use" is demonstrating to the satisfaction of the Secretary that the
professional is using a certified EHR in a meaningful manner, which
includes the use of e-prescribing, electronic HIE, and submission of
information on clinical quality measures. Additional clarity on
interoperability will be complete by the end of 2009. I do not believe
clinicians should wait for all the details before investing. They
should begin EHR implementation now.

5. What other details about meaningful use are listed in the bill?

-The Secretary may develop more stringent measures of meaningful use over time.-For
eligible professionals that are not meaningful users of EHRs, Medicare
reimbursements will be cut 1% in 2015, 2% in 2016, and 3% in 2017.-If
less than 75% of professionals are meaningful users in 2018, Secretary
can cut reimbursements another 1 percentage point, to maximum of 5%.-Exceptions to the reimbursement reductions may be made on a case-by-case basis for hardships.-The CMS Website will list eligible professionals who are meaningful EHR users.

6. Will Healthcare Smart Cards replace PHRs?

cards have not received wide acceptance in any US industry, although
they are very popular in other parts of the world. Reading and writing
to smart cards would require a substantial investment in hardware
throughout the healthcare industry. There are likely to be privacy
concerns associated with lost or stolen smart cards. For all these
reasons, I believe it is much more likely that web-based Personal
Health Records, such as those provided by Google, Microsoft, and
Dossia, will be more popular than smart cards. These PHRs are secure,
protect confidentiality, and are automatically updated by labs,
pharmacies, hospitals, and clinician offices.

7. Will clinicians be able to migrate easily from one EHR to another?

in 2009 includes e-Prescribing, laboratories and clinical summaries
needed for continuity of care. It does not include every field in the
EHR. Conversion for one to EHR to another requires a combination of
automated and manual data transfer. For the next few years, replacing
one EHR product with another will still be a data conversion challenge.

8. What is the roadmap for interoperability?

See my blog on this topic.
Over the past 3 years, HITSP has focused on Labs, Medications, Clinical
Summaries, Public/Population Health, and Devices. In 2009 and beyond
we'll add clinical research, newborn screening and close numerous gaps.
In general, I believe meaningful use will include exchange of

Problems lists/DiagnosesMedications including e-prescribingAllergiesText-based summariesQuality data setsPopulation health data sets submitted to CDC, public health departments, and other government agencies.

"After standards are adopted in 2009, the National Coordinator shall
make available at a nominal fee an electronic health record, unless the
Secretary determines that the needs and demands of providers are being
substantially and adequately met by the marketplace. Nothing in the
legislation requires that entities adopt or use the technology made
available through this provision.” -from HITECH Act. Do you see this as
a viable solution for small practices who want to wait it out and go
with a cheaper software product?

See my blog on this topic.
Open Source may provide reduced licensing cost, but other costs beyond
license fees are the majority of implementation expenditures including
practice workflow redesign, interfaces, and training. Open Source is an
important part of the nationwide acceleration of EHR implementation,
but it is not a panacea.

10. Do you see PHR’s and EHR’s as separate markets currently and what about in the future?

and EHRs are different products and I do not believe that PHRs will
replace EHRs. EHRs are workflow tools for clinicians. PHRs are lifetime
clinical summary and workflow tools for the consumer. They are
complementary not competitive technologies.

Categories: Uncategorized

Tagged as:

15 replies »

  1. I’d like to echo the comments by Randy Vanderhoof and Merle Bushkin with respect to online PHR confidentiality and privacy issues. I have significant concerns with centralizing large quantities of valuable and private information in Internet-accessible databases. Just as we have seen thousands of financial databases ransacked by hackers, if the trend towards on-line PHRs with minimal security (unencrypted data, username/password access controls) continues, we will see massive health privacy disclosures and subsequent abuse.
    I also question why you would say that smart cards pose privacy concerns. On the contrary, smart card technology is our most cost-effective option for mitigating privacy worries. The big problem with smart card technology is not security or privacy, but capacity and the answer is a hybrid solution as described by Mr. Vanderhoof: Use smart cards to provide strong security for online PHRs. In addition, smart cards may also be used to provide a portable emergency medical record, though deployment of network access to emergency personnel may make that unnecessary.
    Shawn Willden
    Health I/T Architect
    IBM Trusted Identity Initiative

  2. I appreciate your definitions of EMR, EHR and PHR. I’d like to point out that there’s a tiny difference between your definition of PHR and that defined in the ARRA that may make an impact to those who are tasked with providing PHRs. As a provider of PHRs for our members which are pre-populated with claims data, it’s important to distinguish that the data is managed, shared, and controlled by or PRIMARILY FOR the individual. Members are able to manage and control (change, edit, delete) the data they have entered, but we’ll manage and control the data that is primarily FOR the individual (i.e., claims data).
    Here’s the ARRA definition:
    PERSONAL HEALTH RECORD.—The term ‘‘personal
    health record’’ means an electronic record of PHR identifiable health information (as defined in section 13407(f)(2)) on an individual that can be drawn from multiple sources and that is managed, shared, and controlled by or primarily for the individual.
    We appreciate your knowledge and dedication to HIT.
    Best wishes,

  3. I recently came across your blog and have been reading along. I thought I would leave my first comment. I don’t know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.

  4. Hello John,
    I understand your point of view and zeal but you do yourself a disservice and undermine your credibility when you repeat statements you know to be wrong. You KNOW web-based PHRs are NOT secure, and DO NOT protect confidentiality — so why say they are/do?
    On the other hand, you make one statement that should be shouted from the rooftops: “PHRs and EHRs are different products … PHRs are lifetime clinical summary and workflow tools for the consumer. They are complementary not competitive technologies.”
    If more people understood this fundamental difference, we could get a patient’s PHR in the hands of care providers when and where they need it, simply, easily, quickly, and cheaply! We could start improving care and reducing costs in months rather than years!
    We wouldn’t have to require that physicians adopt EMRs, jeopardize the security of patient records, or spend hundreds of billions to build elaborate networks simply to move records from where they reside to where they are needed.
    By recognizing this distinction, our MedKaz™ Lifetime Health Record System accomplishes what no other system does — we meet the needs of care providers and patients, simply, cheaply and quickly. Thanks for making our case!
    FD: I am President of Health Record Corporation, creator of the MedKaz™ System.

  5. Hi John,
    Thank you very much for your thoughtful and informative primer. It sheds much-needed light on the healthcare informatics business.
    I would like to comment on the smart card statements you made. First, smart cards are in fact, quite secure — in many cases more so than online databases. Smart cards carry individual records, which remain with the cardholder. All data on smart cards are encrypted with 3DES algorithms recognized by NIST as the “gold standard” for data protection. So information on lost cards is not likely to accessed by a thief. Conversely, by hacking into an online database, a hacker can grab literally thousands of records. Those records are often unencrypted. And we know that medical identity theft is the fastest growing segment of consumer fraud.
    Second, the discussion between electronic patient health records (“ePHRs”) and smart cards is not an either/or discussion. Rather, smart cards are a wonderful complementary technology to ePHRs. While there is indeed utility in patients developing and maintaining their medical records, the utility of such information is limited by its accessability. Currently the “portal” approach taken by Google and Microsoft puts the access onus upon the patient. In other words, it is up to the patient to allow for access or connectivity to that stored data. The obvious analogy is that of a digital safe deposit box: the information is controlled by the patient, but is of no use to the provider if they can’t get to it. Smart cards are useful as tokens which allow permitted providers access to those records. Additionally, smart cards can store relevant data portably and securely from an ePHR, which can later be presented to a provider.
    In terms of where the market is moving, we see that smart cards will be used as authentication tokens (by storing a password, photo, or biometric); will carry important demographic, insurance, and medical data that is used to admit a patient into a hospital; can gather, verify, store, and pass information between disparate data silos (including portals or ePHRs); and can eliminate needless redundant paperwork for the patient. Why do we believe this? Because we are doing that right now. As the largest deployer of smart card healthcare solutions nationally, our company, SMART Association, Inc. has deployed our “LifeMed” solution into hospitals from Texas to New Hampshire that do just what was described, while lowering patient errors, saving time and money, and increasing patient satisfaction.
    So, we are bullish on smart cards in healhtcare and see them as very valuable tools which will likely see widescale adoption in the coming decades.
    Dale Grogan,
    Director of Smart Card Initiatives
    SMART Association, Inc.
    916.677.8400 X311

  6. John,
    In response to “6. Will Healthcare Smart Cards replace PHRs?” – you said “web-based Personal Health Records…are secure, protect confidentiality, and are automatically updated by labs, pharmacies, hospitals, and clinician offices.” I support what you said that smart cards should not replace PHRs, but not for the reasons you gave. Smart cards are needed to provide security, privacy, and network accessability to PHRs, because web-based Personal Health Records protected by a user name and password or some additional knowledge-based access step like “where were you born” is inadequate to protect sensitive medical information. Consumers need to know that they hold the key that unlocks their private information and that the person at the other end of the healthIT system has their own “key”, not some knowledge-based information that can be shared by anyone. The smart health ID card can store a subset or mirror image of a PHR that is protected inside the chip with strong encryption and layers of security, like a PIN or a biometric, so that only the consumer can authorize someone to look at their personal private data or give consent to an insurer, health professional, or authorized medical authority to access their web-based PHR data. When that consumer visits their doctor or a hospital, they can present their healthID card so their information is accurately collected and processed quickly and this will stop the proliferation of multiple patient personaes being collected and used at hospitals which leads to medical billing erros, treatment mistakes, and wastefull duplication of diagnostic tests.
    The Smart Card Alliance has a Health Care Council that has published a great deal of information on health ID cards. Visit the link provided and I would be happy to brief you or your readers in more detail.
    Randy Vanderhoof
    Executive Director
    Smart Card Alliance

  7. Good stuff here to be sure, but I’m not quite as certain that the current product offerings are really designed to meet the needs of primary care, where most of the 87% of non-adopters reside. Carol Diamond’s piece in last October’s Health Affairs seems to ring true to me. We are prematurely focused on standards, when we should be focused on the outcomes.
    Diamond and Shirky. Health information technology: a few years of magical thinking?. Health affairs (2008) vol. 27 (5) pp. 383-90

  8. Aren’t we missing an IT fundamental: the fact that empowering patients control over their medical process and with that new ways of interaction patient-doctor, doctor-doctor, patient-patient? This will change the described IT landscape drastically.

  9. Friends want to confess that a few weeks ago, I came looking for my medicine, I take oxycontin and could not find a suitable place where to do so, because as you know it is hard to get here, plus the cost because we spend money on an unnecessary, when we know that is what we are going to prescribe, at least for me is because I have chronic fibromyalgia and I need medicine for my pain, I found prescriptions-pain-medications.blogspot.com/ and saw that their prices are cheap and easy purchase and I do not need a prescription. ..

  10. I am not sure why there should be a difference in PHR and EHRs. To large extent they are same and if we really need to manage total health…we need to create the total solution proposal…I personally see this as simply a product proliferation.
    We should be able to create one system which is configurable to handle the needs of all the clients. NOW I understand why we need 20 billion dollars for this. I also do not see how portable record is going to be riskier.
    I do not want to criticise my IT friends…and hope it is taken that way. Here is realty, IT is behind in the product development process ( I mean microsoft with its super brain and resources still can not design a system that works properly – look at the window – by comparison, health IT companies are babies)..if they can look into that and develop competencies, you will find EHR/PHR etc are much cheaper, much more useful….btw, I have been involved in lots of ERP rollouts, so I am speaking from experience. In fact many of the IT users are not happy with the IT products as I have heard from them for over 15 years.
    I believe that we can do lots of good thing if we open up to our core competencies and seek others to fill the gaps.

  11. John: This is a very nice overview of the Health IT realm, and many will find it useful. There are a few points on which I’d like to comment. The current market leaders of EHRs for small practices that you mention (eCW, Allscripts, NextGen, Centricity, Meditech) are large, monolithic vertical solutions that are quite expensive and built from a client/server perspective – i.e., needing to be installed locally and all the server-end issues need to be encumbered by the practice (or collection of practices). Newer technologies, like cloud-based web applications, are emerging and eliminate the server-end cost-and-implementation nightmare associated with the older technologies. Open-source is a piece of this picture, but not the “solution” (as you mention). Open source is favored by consultants and engineers, but not necessarily by medical practices – after all, an open source engineer would be needed to customize an application for a practice. Hosted, web-based and flexible solutions, in my opinion, are more important than “open source” solutions intended for local deployment. The challenge for web-based EHRs is to find ways in which the service can be offered to physicians at very low costs – the EHR I have been working with is finding alternative business models by which the web-based EHR service can be offered to physicians free of charge.
    What is most important is interoperability, as you mention. This is central to “meaningful use,” which is the determinant for physician incentive payments. It is uncertain how the new EHR certification process will unfold this year, under the auspices of the Health IT Standards Committee of the HHS. They may be tempted to grandfather the certification criteria of CCHIT, which favors the large, monolithic client/server systems that you mention, or they may adopt a new set of certification criteria. My hope is that certification criteria will focus primarily on interoperability, and will encourage new technologies (e.g. web-based EHRs) rather than put up barriers for inclusion “in the club” (as is the case with the current CCHIT criteria, with over 450 functionality criterion to make everyone “look like me”).
    This is probably the biggest era of change in Healthcare IT that we have seen in a long time – maybe ever. EHR “certification” is in flux, “meaningful use” is not defined in full focus, and a lot of money is on the table. There is a lot in play.
    Robert Rowley, MD
    Chief Medical Officer
    Practice Fusion, Inc. (http://www.practicefusion.com)

  12. Hi John,
    I always enjoy your musings, here and elsewhere.
    You may recall that although you were unable to participate at the time, we were able to complete our dictionary print project.
    The “Dictionary of Health Information Technology and Security” was recently released.
    Link: http://www.amazon.com/Dictionary-Health-Information-Technology-Security/dp/0826149952/ref=sr_1_5?ie=UTF8&s=books&qid=1237900445&sr=1-5
    It contains over 10,000 entries, including 5000+ definitions, 3000+ abbreviations and acronyms, and 2000+ resources and readings. The book provides a comprehensive, handy, and up-to-date guide to this rapidly expanding area of the health care industry. The dictionary covers the language of every healthcare IT industry sector.
    1. Software, codes, and operating languages–hardware, PDFs and peripherals, legislation and policies
    2. PCs, LANs, WANs, Internet/intranet, T1, Ethernet and cable lines, and notable industry icons
    3. Security, WiFi-, WiMax, tele-medicine, tele-radiology, tele-surgery, and IT risk management concerns.
    It also highlights new terminology and current definitions, and explains confusing acronyms and abbreviations. It is global in coverage addressing international tech standards as well as those used in the US, and is arranged in a simple A-Z format.
    Many thanks for your blog contributions.
    Dr. David Edward Marcinko; MBA
    [Atlanta, GA]