Tech

Black Turtlenecks, Data Fiends and Code. An Interview with John Halamka

John Halamka-Google Glass

Of the nearly 100 people I interviewed for my upcoming book, John Halmaka was one of the most fascinating. Halamka is CIO of Beth Israel Deaconess Medical Center and a national leader in health IT policy. He also runs a family farm, on which he raises ducks, alpacas and llamas. His penchant for black mock turtlenecks, along with his brilliance and quirkiness, raise inevitable comparisons to Steve Jobs. I interviewed him in Boston on August 12, 2014.

Our conversation was very wide ranging, but I was particularly struck by what Halamka had to say about federal privacy regulations and HIPAA, and their impact on his job as CIO. Let’s start with that.

Halamka: Not long ago, one of our physicians went into an Apple store and bought a laptop. He returned to his office, plugged it in, and synched his e-mail. He then left for a meeting. When he came back, the laptop was gone. We looked at the video footage and saw that a known felon had entered the building, grabbed the laptop, and fled. We found him, and he was arrested.

Now, what is the likelihood that this drug fiend stole the device because he had identity theft in mind? That would be zero. But the case has now exceeded $500,000 in legal fees, forensic work, and investigations. We are close to signing a settlement agreement where we basically say, “It wasn’t our fault but here’s a set of actions Beth Israel will put in place so that no doctor is ever allowed again to bring a device into our environment and download patient data to it.”

RW: Is this the number one crazy-making issue for CIOs?

JH: Absolutely. Basically, my medical center board, the Attorney General, and Federal regulators are saying, “You are personally accountable for every byte of data on every thumb drive, every mobile device, and every network in your system.” So I came up with a 3-year plan where I explained to the board that it’s going to cost 5 million dollars a year and I’ll need 14 new staff. They said, “Okay.”

RW: I see how expensive and impossible that is. But how does it harm patient care?

JH: What ends up happening is that, to protect the 3% of patients who deeply care, I have to compromise the liquidity of 97% of the patients’ data. My medical record is public. My wife’s record is public. My father-in-law’s record is public. We don’t care. My daughter is 21, and she puts her relationship status on Facebook. Does she care about her flu shot? No. It’s just fascinating. We create this culture of culpability and fear to address a very small percentage of the population that is convinced that their allergy to whatever is going to cause them loss of standing in their community.

RW:  Between meaningful use requirements and HIPAA, there’s no doubt that the world of health IT has become far more bureaucratic and restrictive. Would you say that that’s getting in the way of nimbleness and innovation?

JH: Basically, I spend 50% of my time – five-oh – on this stuff. Not on building innovative, mobile devices for our doctors. Not on building highly usable applications for the inpatient ward. It’s on, “How do I prevent your iPhone from downloading a piece of patient information should you lose your phone?”

I became the CIO of Beth Israel Deaconess in 1997. Since that time, 300,000 pages of new healthcare regulations have been published. Back in ’97, I actually spent my day writing applications. We thought, “Let’s see how we can engage patients and families? Let’s create the first personal health record in the country.” We had daily meetings about features and functions we would add to the PHR.

Today it’s like, “Oh God. ICD-10. I need to come up with a new interface to allow you to code guinea fowl injury.”

RW: If a young person came to you and asked, “Should I go into clinical informatics?” what would you say?

JH: I’m in this field not for fame and fortune but to make a difference. It’s possible to make a difference, but you may want to do it in a different context than being in a healthcare delivery organization.

Can you create an app that will revolutionize patient care? Yes. But can you – in the context of working in a hospital, which is trying to meet the requirements of ICD-10, meaningful use, and the ACA – spend vast amounts of time on innovation? You can’t, really.

With HITECH and meaningful use, this is a time of great change in health IT. I asked Halamka to sketch out his vision for health IT after the dust settles.

JH: Today’s EHRs – they’re a horribly flawed construct. It’s just digital paper. What we really need is a combination of Wikipedia and Facebook. The Wikipedia part is the narrative of your life, and it’s written by a team and updated frequently. Facebook-like walls contain the events that are happening now. They say, “Oh, I had a TIA today. And I went to the ED. Oh, and I had a head CT …”

RW: What does the future doctor-patient visit look like?

JH: We use scribes in our emergency department and that has vastly improved physician productivity and the quality of the record. Why should a doctor have to document the vital signs? It’s crazy. So shared team documentation with a single accountable person who just edits the note inside the EMR – that’s the future.

I do envision a day where the medical record could simply be an audio or video record of the encounter. We’ll say to patients, “We’re going to put that in a shared medical record where you and I can see and hear what we’ve talked about today.” But unfortunately, it’s very hard to do quality measures on that.

I asked Halamka to share a bit of his personal story.

JH: When I was 12 years old, I lived in Southern California. My parents went to law school. I was a latchkey child in the early 70s, when defense contractors were very, very big in Southern California. It was the heyday of that industry.

Integrated circuits were very expensive and rare, but when a TRW or a Hughes Aircraft would build a satellite and things didn’t meet military spec, they would sell their integrated circuits by the pound.

As a 12-year-old, I rode my bike to surplus stores picking up integrated circuits. Then I got the manuals for the circuits and I taught myself analogue and digital logic, then early programming. In 1979, when Altair came out with the 8800 and the specs were published in Popular Electronics, I built an Altair 8800.

When I arrived at Stanford in 1980, I was the first student there to have a computer. While I was there, both the PC and the Apple were introduced. I was in the middle of that environment as this whole revolution was taking place.

RW: That’s pretty incredible. You could have gone on to work in Silicon Valley. What made you want to go to med school?

JH: From about the age of eight, I wanted to be a doctor and a scientist. Biological systems really fascinated me. The Six Million Dollar Man and the idea of machine-human integration really fascinated me.

My dual interests – in life sciences plus technology – led me to enroll in the MSTP [MD/PhD] program at UCSF. My advisors were [future Nobel prize winners] Harold Varmus and J. Michael Bishop. They said, “You want to do engineering? Why?” While working at Lawrence Livermore Laboratory, I founded a technology start-up. But one of my med school advisors said, “You cannot be a medical student and run a company. We’re either going to kick you out of medical school or you have to give up your company,” so I gave up the company.

During my emergency medicine residency at Harbor UCLA, I helped computerize the ED – the ED became mobile and paperless. The county of Los Angeles gave me its Employee of the Year award in 1996.

RW: Did people think you were a complete oddball?

JH: Yes. But when I came out to Boston, I was finishing up a fellowship at MIT while attending in emergency medicine. Tom Delbanco [then chief of general medicine at Beth Israel Hospital], said, “You know what we need? We need somebody who understands technology and medicine. You’ll be responsible for all quality measurements and business intelligence within our delivery system.”

So here I was, a month out of fellowship, now running a staff and a budget. Jim Reinertsen, the new CEO of the medical center, said, “I’ve got a problem. The doctors hate IT and hate the IT leader here. I hear there’s this young guy who has created things on the web.” In an act of administrative malpractice, he made me the CIO in one bold stroke. No interview. Just “You’re the CIO, okay.” And I’ve been on this ride since ‘97.

I ended by asking Halamka whether computers will ever replace physicians.

JH: Of course I embrace technology and innovation, but remember that IBM’s Watson thinks Toronto is a U.S. city [a famous misstep in its otherwise astounding 2011 Jeopardy victory]. As an emergency physician, what do I believe is the difference between a novice and an expert? Two things: I know what data to ignore, and intuition.

RW: What does intuition mean in the IT world?

John: You walk into a patient’s room and see objective data. But then you look at the patient, and can say in 30 seconds whether this person needs to be admitted, or not.

RW: But won’t computers figure out how to do that?

JH: Computers can be excellent filters. Then a human can look at that filtered result and say, “Ah, I think this is a patient who has X.” Yes, absolutely. They can turn unstructured data into structured data. They can highlight, they can emphasize, they can alert, and they can remind. But the decision-making – I think that is still ultimately human.

RW: Why?

JH: Because of nuance. Take my wife and her cancer treatment. She had totally protocol-driven cancer treatment. But she’s a visual artist. Taxol has this interesting problem of causing neuropathy, which if you’re a jackhammer operator, who cares? But if you’re a visual artist and there’s this subtle loss of feeling in your fingers, what should the computers say? Stop the Taxol. Change the protocol. This is a judgment based on subtlety. I just worry that computers will never quite get there.

RW: Never, as opposed to, say, in the next 20 years?

JH: Without question they can simplify, they can make our lives and our workflow more efficient. But they can’t replace us.

*     *     *

Edited for length and clarity. I’ll post additional interviews over the next few months. My book, The Digital Doctor: Hope, Hype, and Harm at the Dawn of Medicine’s Digital Age, will be published by McGraw-Hill in early April; it’s available for advance purchase now.

Happy New Year to you and yours.

Livongo’s Post Ad Banner 728*90

36
Leave a Reply

18 Comment threads
18 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
18 Comment authors
News ManVA CoderJohn BallardJeff Roeangelajohn Recent comment authors
newest oldest most voted
News Man
Guest

It is real cool. This article is interesting as well.

VA Coder
Guest
VA Coder

This article is very interesting. Patients and employees need their medical histories protected. Especially since my old employer put bold horrible lies about my medical history on the Web to defame me. I goggled my name and it popped up with horrible lies regarding facts that have never been true regarding my medical history.This did effect me in my chosen profession. Yes we need the HIPAA regulation to govern fools who use MIS work to sabotage and bully innocent victims.
.

John Ballard
Guest

Dr. Halamka is one of my favorite people. Years ago (back when we used aggregators — I did love my Bloglines) I followed his blog posts regularly. I hadn’t thought about him for some time. I see his mention of making records public has struck a nerve. There are plenty of arguments pro and con, but the one glaring reality of HIPAA is that our obsession with privacy is probably costing more lives than it saves, especially when it comes to keeping firearms out of the hands of crazy people. I know that insurance underwriters and other huge corporate entities… Read more »

angelajohn
Guest

Tanq for sharing your thoughts to us .it’s really helpful to me
This will be required reading for future generations doing a PhD in “Unintended Consequences

Whatsen Williams
Guest
Whatsen Williams

Driving a tractor w Google glasses is a brilliant idea.

Paul Slobodian
Guest

Almost no one believes that EHR’s have yielded a net positive benefit.
Most medical providers believe it has been a net negative.

Yet billions have been spent….and the spending goes on and on.

Why don’t we repeal any legislative mandates or HHS policy mandates and just stop? Let any private system that thinks they can make it work proceed, but stop the incentive payments and coercion…..the savings would be immediate and substantial.

John Denning
Guest
John Denning

If Halakma had secured the network, had real Network Access Control, and other proper measures in place, there would not have been an issue. So perhaps the hospital should charge him for the costs related to the breach.

That said, I can imagine that there isn’t time for a Chief Information Officer to ensure all that trivial stuff like protecting patient information when there are blogs to write. It’s all a matter of priorities.

Chris Kapsa
Guest

Exercising his Imprivata options would just about cover it.

William Palmer MD
Guest
William Palmer MD

I’ve had patients beg me to destroy records. “I don’t care” is not the correct response. We are all in love with computers and they will, alas, never be secure. The asymptotic approach to security is not good enough if you are running for office and you had an STD. We fell in love with a flawed product….just like sucrose. Patients are not going to agree to have all their data entered, especially after a few more Sonys. Interoperability simply tells the hackers “Make my day”. We may have to go to something radically different from TCP/IP and use LANs… Read more »

Chris Kapsa
Guest

WP alludes to another devilish problem. When patients know their clinical data are not secure, they will stop telling us the things we need to know to give good care. What is withheld may be trivial or critical. We won’t know until there are adverse outcomes. I, too, have had patients beg me to destroy records. I have had many requests to treat off the record, particularly STDs, contraception or unintended pregnancy counseling for women whose partners have had vasectomies and in cases of abuse. I’ve told women once they tell me something, it’s difficult to take it back and… Read more »

lawyerdoctor
Guest

Dr Kapsa you are quite correct. The successful doctors of the future will have WRITTEN records of their patients, which they will maintain in the secure environment of their offices. Just like Marcus Welby. Patients will pay them with REAL money, not fake money. The doctor will decide what fees are appropriate. Just like Marcus Welby. The records of the patients will be secure and confidential. The people who work in the hospital up the street will not have access to gossip about them. The patients will be happy because they know their private information is not spewed all over… Read more »

Saurabh Jha
Guest
Saurabh Jha

“We fell in love with a flawed product….just like sucrose.”

Spot on.

This will be required reading for future generations doing a PhD in “Unintended Consequences”.

I think it will be a separate branch of study in another 10 years.

Chris Kapsa
Guest

Jeff is right to be wary of insurance company benevolence. I worked in the industry for a couple of years and was taken aback at the depth of info the company had on “insureds” and dependents. And providers. No pretense about de-identified data. The most unsettling aspect is all these data also flow to their business associates, fully identified. It is ALL follow the money. Many insurance industry BAs want the full info for data mining. The combo of names, SSNs, ICD-9/10, Rx’s and prescribers is solid gold. Becoming an insurance company BA is relatively easy. We’re all creating revenue… Read more »

Barry Carol
Guest
Barry Carol

I wonder what the feasibility would be to have several levels of security that would apply to the same individual’s medical record. For the most sensitive information, access would be extremely limited while much less sensitive information would be readily available to a broad audience. Under such a system, employers, for example would not be able to gain access to the most sensitive information under any circumstances no matter how much they were willing to pay for it.

@BobbyGvegas
Guest

“My medical record is public.”
__

You’re in no danger of losing your job or being denied _______________ over that.

Chris Kapsa
Guest

Unless your medical record has notes about your treatment for bipolar disorder, a positive BRCA test, your kid’s autism, your losing fight with your cocaine habit, family history of Huntington’s Disease…and on. And on. Then, federal protections or not, most employers will find ways to lose your application. Employers check Facebook, Instagram and other social media before making offers to prospective employees. If they’ll pull an offer because of questionable behavior on spring break, they’ll run screaming in the other direction when they find out what your illness is going to do to their insurance risk pool. And it’s not… Read more »

@BobbyGvegas
Guest

That was my point.

Chris Kapsa
Guest

Oh, sorry, not clear, perhaps. Or maybe I’m just tired. That’s not PHI!

Saurabh Jha
Guest
Saurabh Jha

You are right – privacy matters to many and loss of privacy makes a few (or many, or significant many) very vulnerable. JH is also right – privacy is not such a big deal to many. JH is right that it costs tons to safeguard a few, diverts resources from innovative use (opportunity costs) and that there is a law of diminishing returns. You are all correct. Which is why this is a wicked problem with no solution. Electronic records is a boon. No denying that. Electronic records create a fragile system and is a curse. We are finding that… Read more »

Jeff Goldsmith
Guest
Jeff Goldsmith

Wouldn’t it be great if we could tune the system to adjust to peoples’ privacy preferences, instead of fetishizing medical privacy and encasing the system in thousands of pages of incomprehensible and inflexible regulations? I am a privacy fundamentalist with limited trust in the benevolence of our health insurance system. Nevertheless, the health information architecture I would impose on society to accomodate my lack of trust carries HUGE societal and institutional costs along with it (which I think we’ ve already incurred). We haven’t had a very constructive societal conversation about this stuff, like a lot of other important things… Read more »

Saurabh Jha
Guest
Saurabh Jha

“Wouldn’t it be great if we could tune the system to adjust to peoples’ privacy preferences”

Jeff, that is a plausible solution if you could fine tune privacy and get people to pay the marginal cost of added privacy.

Otherwise everyone will prefer less privacy for others but not for themselves. A bit like mutiny at Harvard over Obamacare’s rising cost sharing – over which I have been laughing so hard that I’ve burst three hernia orifices (HIPAA, I permit myself to disclose this sensitive medical information)

Chris Kapsa
Guest

Can’t help but wonder what would happen if there was no way to monetize the data. Would JH be so interested in “data liquidity” then? We all have spheres of privacy. For some, it’s health or person lives. For others, it’s financial dealings. It was instructive to search JH’s conflicts-of-interest. He has multiple positions on the boards of HIT companies, among others. For these companies liquid data are life blood. For one company, Imprivata, he states he does not currently own stock. Odd wording. Red flag. Technically true. But a quick SEC search showed he holds options to purchase 70K… Read more »

Saurabh Jha
Guest
Saurabh Jha

“For one company, Imprivata, he states he does not currently own stock. Odd wording. Red flag. Technically true. But a quick SEC search showed he holds options to purchase 70K shares at a very favorable price compared to yesterday’s close. That’s a cloud across the Sunshine Law.” Yes, that’s all very interesting but it does not diminish the validity of his concerns. Nor do his concerns diminish the reality of your concerns. This is a tricky cerebral exercise for some, but perhaps you’re both right. Once we stop playing the man and play the ball, we can grasp the magnitude… Read more »

Saurabh Jha
Guest
Saurabh Jha

I have an uncanny suspicion that the price of stolen PHI is high precisely because we safeguard it as if we are safeguarding the names of Taliban informers in North West Frontier Province (sorry, just finished watching Homeland).

I don’t think the average citizen would care terribly if one knew which brand of statin they were taking. But I would certainly care, if I knew my concern was the path to a multi-million dollar lawsuit.

Could someone kindly steal my PHI?

civisisus
Guest
civisisus

” Few women would be eager to have records of STDs, contraception, partner abuse, substance abuse, mental health treatment, infertility or high-risk pregnancies publicly available.” I’m no Halamka booster – he CAN be by turns both arrogant and ignorant – but at the same time no one is proposing to make the information you mention, or any other personal information “publicly available” by default. Halamka SHOULD, & probably does, understand that having tight access and usage tracking & recording controls is of great benefit to his organization and to each and every person whose data flows through his organization’s IT… Read more »

Chris Kapsa
Guest

Respectfully disagree. When Halamka speaks about the medical records of his extended family all being public, the implication is that should be the default. He dismissively mentions flu shots and allergies, seeming to forget that medical records contain considerably more sensitive data. He even speaks of ditching EHRs in favor of some Facebook/Wikipedia-like construct. And even PHI for healthy people that records only allergies and flu shots has SSNs, medical histories, family history, demographics and insurance info. It may include genetic testing results and other labs, consults, photocopied driver’s licenses, email addresses and contact names. All data valuable to identity… Read more »

Jeff Goldsmith
Guest
Jeff Goldsmith

This interview is one of the finest things I’ve seen in seven plus years on this blog. As you can see, John was “present at the creation” of this digital world, and voluntarily chose to work in medicine. He donated at least a kidney and a half acre of brain cells to work in our screwed up field. My favorite line: “As an emergency physician, what do I believe is the difference between a novice and an expert? Two things: I know what data to ignore, and intuition.” Right frigging on, John! This is why people call it medical PRACTICE.… Read more »

Chris Kapsa
Guest

It’s difficult to say whether Dr. Hamalka’s comments reflect arrogance or ignorance. Or both. His assertion that only 3% of people care about medical privacy is no doubt based upon a survey. I suspect if you surveyed the same people and asked them whether they want their most intimate health records searchable by Google (or their employers), the results would look different. I practiced Ob/Gyn for 25 years. Few women would be eager to have records of STDs, contraception, partner abuse, substance abuse, mental health treatment, infertility or high-risk pregnancies publicly available. Further, medical records are a gold mines for… Read more »