Thursday, May 31, 2012

Cool Technology of the Week

Thanks to Wes Rishel for this suggestion.

I'm a vegan, so I find this product questionable, but it does illustrate an interesting technology - using the genome to create customized products.

RayFish will genetically engineer a stingray to express colors and patterns of your own design and will then create a shoes from stingray leather.

Not just build to order but breed to order. The 10 month lead time may limit the market size.

Per Wes:

"I wonder if they can be genetically bred to include logos in the hide? You should be able to get a GREAT discount for volume!

If this is true and the genetic engineering can be automated what else could we breed to order? The ultimate dinner party, serving fish bred with a unique flavor just for one single meal? Takes a year to prepare dinner, but your friends will be impressed.

Tell your daughter she needs to plan her wedding a year in advance so the entrée can be bred to order. Perhaps the cycle time for breeding vegan entrée ingredients is shorter?"

It's a brave new world when our supply chain includes breeding products to order.

Morally objectionable, but fascinating nonetheless.

Wednesday, May 30, 2012

The Patient Safety Organization Common Format

In a recent call with the HIT Policy Committee, I was asked to comment on the suggestion that EHRs include the technology necessary to submit reports to patient safety organizations about defects in the EHR or safety issues caused by the use of the software.

I commented that the standards to do this are still emerging.

You may not be familiar with the AHRQ and NQF efforts to standardize reporting to Patient Safety Organizations.

AHRQ recently released version 1.2 of the "Common Format"  .

Its objective is well described in the implementation guide:

"The Common Formats published by the Agency for Healthcare Research and Quality (AHRQ) of the U.S. Department of Health & Human Services were created as part of the Patient Safety and Quality Improvement Act of 2005 (Patient Safety Act). AHRQ has coordinated the development of the Common Formats to facilitate the voluntary collection of patient safety event information. The Common Formats are available on the PPC Web Site ( For more information on the Common Formats, refer to the Common Formats Users Guide available on the PPC Web Site (

The Common Formats are intended to be used to gather information on a patient safety event in order to create a Common Formats Patient Safety Report (hereinafter referenced to as “report”). Reports may be submitted to the PPC for data nonidentification and transmission to the Network of Patient Safety Databases (NPSD)."

The Common Format is a CDA document customized to include 3 report types

*Incident: A patient safety event that reached the patient, whether or not the patient was harmed.
*Near Miss: A patient safety event that did not reach the patient.
*Unsafe Condition: Any circumstance that increases the probability of a patient safety event.

Each of these types includes an issue category for Device or Medical/Surgical Supply, including Health Information Technology (HIT).

The challenge is that the data elements required do not map to the information commonly available in EHRs today.

Although software vendors supporting Patient Safety Organizations have implemented the Common Format, no EHR vendors have yet included it.

At Harvard, we're working to map our own local codes, supporting our patient safety organization, to the Common Format, so that we have interoperable incident reporting among all our hospitals.

Thus, the PSO Common Format is emerging - low maturity, low adoption, but deserves watching.   I think it unlikely that PSO reporting will be included in the 2014 Meaningful Use final rule, but it's clear that PSO report is on the list of desirable future goals.

Tuesday, May 29, 2012

The Canadian eHealth Conference

On May 28, I keynoted the Canadian eHealth 2012 Conference, focusing on the need to innovate in the areas of EHR usability, frictionless health information exchange, novel analytics, patient/family engagement, and privacy protection.

Here's the presentation I used.

I talked to dozens of people during my 24 hours in Vancouver and I believe there are 5 areas that Canadians should address to enhance their national healthcare IT program.

1.  Enable innovation via grant programs, competitive challenges, and high risk/high reward projects for emerging technologies, recognizing that traditional procurement approaches can inhibit innovation.  Procurement generally includes complex legal boilerplate plus certification that the technology is already running in referenceable customer sites.   No  innovative startup is going to agree to these terms and conditions.  Customer references for new technologies are likely to be scant because it is evolving so fast.   Traditional procurement approaches are likely to acquire technology at the end of its lifecycle.

2.  Prioritize Patient and Family engagement - to date, much of the Canadian healthcare IT program has focused on acute care hospitals.  Although some patient portals have been created, there is no national priority to engage patient and families.   Given the importance of shared decision making, keeping the patient informed, and transparency, encouraging interoperability with patients is key.

3.  Consider a Meaningful use type program even thought it may be politically unpopular among clinicians.  Canada has encouraged clinicians to acquire technology and has set interoperability standards nationally.  However, it has not specified the best practices for using the technology or held clinicians accountable for their  IT behaviors.  There is a fear that pushing the clinicians too far too fast will result in their leaving Canada to practice elsewhere.

4.  Clarify the strategy for healthcare IT at a national level.  Canada Health Infoway has done a remarkable job with standards and defining infrastructure for data exchange, but healthcare IT implementation is done on the provincial level.   It's not clear that the Canadian Prime Minister thinks about healthcare IT or has set priorities that must be followed by all provinces.

5.  Standardize outpatient/ambulatory EHRs with the same vigor that Canada has used for acute care settings.  Canada has many advantages over the US to accomplish the interconnection of ambulatory records - 30 million people (1/10 of the US), a publicly funded universal healthcare system, and a provincial level healthcare identifier.  It does have a challenge ensuring the connectivity of all providers across its diverse and sometimes remote geography.   Creating a certification program for ambulatory EHRs and ensuring they adhere to functional capabilities and interoperability standards will enable data sharing for care coordination and population health.

The Canadians are a warm, enthusiastic, and thoughtful people.   I look forward to continued collaboration and learning from each other as we implement new healthcare information technologies.

Friday, May 25, 2012

The May HIT Standards Committee Meeting

The May HIT Standards Committee focused on the ONC Governance RFI and how best to think about standards and policy for building trust among healthcare information exchange network participants

We also reviewed the Query Health project, Quality measurement project efforts, and the continuing work to create a national library of medicine curated vocabulary/code set repository in support for meaningful use.

The meeting began with a description by Farzad  that our work on the Governance RFI should result in "interoperability that just works".    Instead of plug and pray, it should be plug and play.   No one should have to negotiate trading partner agreements one by one.

Jon Perlin outlined the work recently done by the National Cancer Institute to envision a learning healthcare system based on information exchange and decision support.  It is no longer a dream, but is becoming a reality.

Steve Posnack from ONC presented the Governance RFI which is summarized on this blog post.

The discussion that followed was very robust with two major recommendations

a.  Policy should be "modular"  - the requirements to be a Network Validated Entity should vary based on the services offered.  It's quite different to be a repository of deidentified data verses a full Nationwide Health Information Network participant supporting a "pull" model for records based on a master patient index/record locator service.

b.  Policy should be separated from standards/certification, since policy may change at a slower rate than technology.  The current Meaningful Use Program separates attestation and certification, and such an approach seems prudent.

Dixie Baker presented an analysis on the RFI from the NwHIN Power Team and the Privacy & Security Workgroup .  Her comments provided many valuable refinements to the RFI and further bolster the case for separating policy and standards/certification details when defining criteria for trusted healthcare data exchange

Richard Elmore presented an overview of the Query Health program  including current pilots and next steps.  Massachusetts is proud to be a participant in this ground breaking effort to send questions to the data rather than data to a central repository.

Jim Walker presented the work of the Essential Components Tiger Team which included recommendations for federal action to make usable and useful value sets available for Meaningful Use Stage 2.

Betsy Humphreys presented an overview of the latest NLM work to provide curated code sets, vocabularies and cross-maps.   She offered us optimistic comments that ONC and NLM are working hard to operationalize the HIT Standards Committee request for hosting these code sets in one central location for any stakeholder to access at no charge.

A very rich agenda that represents the maturity of the standards harmonization process.  We're no longer debating basic vocabulary, content, and transport standards - we're thinking about advanced ways to enable an ecosystem of data exchange.

Thursday, May 24, 2012

Our Cancer Journey Week 23

Radiation Oncology planning begins June 1 and radiation treatments begin June 6.   Kathy is regaining her sensation in her fingers and toes, but she does find that a day of walking results in pain/fatigue in her lower extremities.   All of this pales in comparison to the news we received last week that she is now in complete remission.

Last Thursday,  Kathy's pathology results concluded there is no residual cancer.   Here's the report

Breast, left, lower inner quadrant, needle localized partial mastectomy :
Changes consistent with tumor bed/biopsy site.
No residual carcinoma identified.
Margins inked and evaluated.

Breast, left, lower inner quadrant, radial re-excision :
Changes consistent with tumor bed/biopsy site.
No residual carcinoma identified.
Margins inked and evaluated.

We were overjoyed and used the weekend to get our lives back on track with the day to day chores on the farm. I shoveled hundreds of pounds of debris from the compost pile, repaired doors/windows, and built a tree swing.

Kathy is again doing heavy lifting since her surgical site is healing rapidly.   She's up at 5am and working until 9pm.

The stress and anticipation in our lives is palpably different.

Now we will learn about radiation treatments, which she'll receive to significantly decrease the risk of cancer returning after surgery.  We are believe the treatments will be daily (7 days a week) for 5 weeks.   What are the side effects to the local skin?    Will the irradiated area become painful over time?  Will she feel fatigued over the course of treatment?

What started as the nightmare of diagnosis in December will become fully treated complete remission by July.

I turned 50 this week and all my birthday wishes have been granted.

Wednesday, May 23, 2012

Crafting a Social Media Policy

Today's Computerworld has a great article about the issues of mixing social media and healthcare.

As hospitals and clinics formulate social networking policies, there are three broad considerations:

1.  Given HIPAA and HITECH privacy and breach rules, how can you best prevent the disclosure of protected healthcare information on insecure social media sites?

2.  Given the distraction factor and productivity loss that can occur with social media, how can you best align the benefits of groupware communication while minimizing the negatives?

3.  How can you reduce the security risks of malware embedded in games and other applications that are downloaded from social networking sites?

To date, Beth Israel Deaconess has focused on #1, ensuring that our employees do not post data to social networking sites in violation of state and federal laws.

We've not yet completed a  policy covering #2, although several hospital sites and departments are discussing the issue.

We're developing a pilot for #3, including blocks on selected websites, Facebook add-on applications, and personal email.

Ensuring we have a suite of social media policies is one of our Internal Audit focuses for 2012.  To formalize our polices, procedures, and guidelines, we're collecting best practices for healthcare institutions throughout the country and assembling a multi-disciplinary group including Corporate Communications, Legal and IT.

There are many benefits to social networking to foster collaboration and communication.   As we work on developing further policies, I'll share our lessons learned in future posts.

Tuesday, May 22, 2012

The Challenge of Encrypting BYOD Devices

As we continue the journey to protect corporate data that is accessed from personal mobile devices, we're developing increasingly rigorous policies that  rebalance individual preferences with corporate compliance requirements.

Requiring a non-trivial password and a timeout is supported by all Windows, Android, and iOS phones.   Using Microsoft Active Sync, we can push settings to phones, enforcing corporate policies.

Central management of personal phone encryption is much more problematic.

I've spoken to my peer CIOs in Massachusetts and we all have policies requiring encryption of mobile devices that access hospital information systems.

Massachusetts requires that any mobile device containing "personal information" be encrypted:

"Under the law, personal information to be protected includes a Massachusetts resident’s name (either first and last name or first initial and last name) combined with a complete social security number, driver’s license, or other state-issued number, a financial account number or a complete credit card or bank account number."

However, no local CIO has tried to push encryption settings to personal devices.


We've tested encryption on several smartphones and found that it lacks robustness - we've had performance issues and data corruption issues.

Many phones do not support pushed settings to encrypt the device.   Some devices, such as any iPhone older than the iPhone 3, do not support encryption at all.    Here's an overview of the heterogeneity.

Similarly, no local CIO has implemented automated remote wipe of personal devices for a certain number of failed password attempts.   At present, smartphones have no capability to selectively wipe corporate data, leaving personal data intact.  Although there are mobile device management (MDM) solutions that require loading software on personal devices, they are expensive and challenging to support.

Thus, the best practice in the hospitals of Massachusetts as of mid-2012 seems to be pushing password/timeout settings, avoiding remote wiping, and requiring encryption by policy rather than a forcing technology.

What about laptops?

Everyone in healthcare wants laptops encrypted because encryption provides a "safe harbor".  If you lose one that contains protected healthcare information , you don't have to go through the full breach disclosure.

There are three generations of laptop encryption strategies

a. Full Disk Encryption (FDE) requiring an application such as McAfee's SafeBoot

b. Native Operating support  for encryption such as Microsoft's BitLocker in Windows 7 and Apple's native encryption in Lion.

c.  Self-encrypting drives with enterprise management software such as Safend Endpoint Security.  The encryption is part of the hardware when the device is procured.

We currently use FDE for Windows XP and native operating system support for Windows 7 and iOS.  We're studying management tools that support self-encrypting drives.

The issue of encrypting smartphones and laptops is a very high priority for hospital compliance and risk committees.   The policies are clear, but the technology to support those policies is still in evolution.

The burden on IT departments to purchase and support mobile device security tools is significant.

Self encrypting drive approaches hold promise because they are operating system neutral and require little support.

We will continue to enhance  our abilities to centrally manage encryption of mobile devices.   Like many security issues, the management of personal device encryption is a journey.

Monday, May 21, 2012

On Turning 50

On Wednesday I turn 50.

Ive been a son for 50 years, a husband for 28 years, and a father for 19 years.

I've been a doctor for 20 years, a CIO for 15 years, and a blogger for 5 years.

What have I learned in all my roles over the half a century I've been on the planet?

 I've started to understand what really matters.

Is it fame or fortune?  No, although it is important to have an income that matches your lifestyle burn rate in a sustainable way.

Is it your work life and the trajectory of your career?  No, but it is important to spend your day doing something that is intellectually challenging and offers you the potential for personal growth.

Is it the awards and accolades you accumulate through strength of will and persistence against adversity?  No, but it is important to feel recognized for your successes.

In my multiple roles living, working, and playing over 50 years, I've spent time with  Presidents, Nobel Laureates, and tycoons.   Some have risen and some have fallen.  I've watched my mentors in life triumph and I've watched them fail.

So after 50 years what really matters?

I've said that the difference between an expert and novice is not the detail they notice, but what they choose to ignore.   For example, when I do a toxicology consult, I focus less on the exact subspecies of mushroom the patient has ingested, and more on ensuring it is not one of the few that kill humans.  

I ignore the day to day frustrations, bureaucratic hassles, and conflicts in my work life.  People leave, projects end, and no one remembers the details of last year's urgencies.

What really matters is happiness at home.

Jobs may change but family is forever.    The life events surrounding your parents, your spouse, and your children are the palette that color the stages of life.

If your relationships with those who are important to you are positive and supportive, you will feel a sense of optimism and life energy that empowers all the other aspects of your life.

You'll be able to share all your life joys, be supported through your sorrows, and look forward to the sanctuary that is your home life.

When my mentors have stumbled in the workplace, they've generally been forgiven.   However, when they've had challenges in their home lives (affairs, violence, or public conflict), they've been judged harshly.

As I've approached 50, I've worked hard to build a haven at home.   I married the first person I dated in college and we've created homes together since 1980.   Our relationship has always been based on loyalty.  I call my parents every week and we have an open loving relationship.   My 19 year daughter still believes her parents are reasonable people.   Tonight and for much of the summer, our household will be multi-generational since my daughter will be home from college, and my father in law recently moved in with us.   My wife is cancer free and our new farm is bursting with healthy young animals, fresh hay in our meadow, and the spring vegetables we planted.

Yes, I will be engaged and passionate in my work life as I begin my 50th year, but my reputation, integrity, and sense of equanimity derive from my happiness at home.  

Happy Birthday to my colleagues Micky Tripathi and Meg Aranow - all three of us were born on the same day and we share the very similar values of what matters and what does not as we age another year.

Friday, May 18, 2012

Cool Technology of the Week

I've often been asked how Emergency Medical Services (EMS) run sheets can be automatically integrated to emergency department information systems so that the transition of care between the ambulance and the hospital is seamless.

It's been challenging to do in the past because data was not available electronically from EMS and we lacked an architecture to transmit the information.

In Boston, both problems have been solved.

BIDMC now receives electronic run sheets from each Boston EMS ambulance run, in near real time.

Boston EMS uses the SafetyPad mobile application  to capture patient history electronically during the ambulance run.

The SafetyPAD Application Programming Interface exposes a targeted subset of features of the SafetyPAD platform to developers.

Specifically, the SafetyPAD API accepts GET or POST requests to the primary API endpoint URL and returns one or more results in XML format. In general, developers send requests via GET when retrieving information and via POST when adding, removing or updating information.

As patients arrive at BIDMC, we poll the SafetyPad servers, retrieve the XML and incorporate the record into our Emergency Department Information System, matching patient demographics to insert the data automatically.   A screen shot is above.

Automated mobile EMS data capture followed by incorporating to hospital information systems using XML and a RESTful API.  That's cool!

Thursday, May 17, 2012

Our Cancer Journey Week 22

Kathy's Surgical Pathology report came back at 1pm today.   Here's her Oncologist's summary:

"Your path shows no tumor whatsoever.  The pathologists put through additional sections beyond the usual and still found nothing."

We're overjoyed.

Here's how we got to this point.

When Kathy was first diagnosed with breast cancer, titanium clips were inserted at the margins of the tumor to help localize the area as the tumor changed.

After 4 doses of cytoxan/adriamycin and 5 doses of taxol, the tumor disappeared - an MRI showed no evidence of disease.

Per my blog last week, Kathy and her breast surgeon made a decision to move forward with a lumpectomy.   Here are the details from the surgeon's clinical note

"Impression:  Carcinoma of the left breast, s/p neoadjuvant chemotherapy with a complete response based upon clinical examination and recent breast MRI.

Options for management were discussed which includes an attempt at breast conserving surgery.  This would be a wire localized left partial mastectomy using two wires to bracket the cancer at presentation. If adequate margins are attainable, she would then receive adjuvant radiation therapy followed by hormonal therapy.  Alternatively, mastectomy with and without reconstruction was discussed.

Ms Halamka and I have decided to proceed with an attempt at breast conserving surgery.  The procedure was discussed in detail, including the wire localization. The pre-, peri-, and post operative care was discussed. Consent form was signed.  This has been scheduled for 5/11/12."

On May 11, I drove Kathy to BIDMC at 6am and we checked into surgery at 7am.   She was taken to interventional radiology for placement of wires aligned to the titanium clips to guide hemisection of the breast.   Here's the procedure note:

"Using standard aseptic technique and 4 cc of 1% lidocaine for local anesthesia two needles and subsequently two wires were advanced into the patient's breast.  Satisfactory positioning of the wire was confirmed on orthogonal views with the percutaneous clips at the respective wire stiffeners."

Kathy tolerated the procedure well, and was bought to the Operating Room at 9:30am. She was given Monitored Anesthesia Care (MAC) - breathing on her own but deeply relaxed via doses of Propofol, Versed and Fentanyl.   Her surgeon cut out the tissue between the wires and sent that to Pathology.   She then cut a wider margin and sent that to Pathology.  Here's the procedure details from our OR system

Incision Time: 09:39 Cosmetic? N
Close Time: 10:49
Specimens Taken?  Y

149845-1 Mammo.
Anatomical ID: Left
Disposition: Fresh
Comments: Specimen out @1000.
149845-2 Permanent
Anatomical ID: Left
Disposition: Fresh
Comments: Specimen out @1022.

She was taken to the recovery room at 11:00am and I met her there.   She did very well and had no post operative pain.

Over the  past week, she's done well, with no swelling, redness, or pain at the incision site.  She's had a small amount of clear drainage but no signs of infection.

So, she's done with chemotherapy and surgery.  Her Pathology report was perfect, showing no evidence of cancer.   Tomorrow we'll meet with her care team to prepare for the next step - radiation oncology.

Wednesday, May 16, 2012

The State of e-Prescribing in the US

Tomorrow Surescripts issues its annual report about the state of e-prescribing in the US.

I think you'll find the summary quite valuable as it illustrates the impact of Meaningful Use Stage 1 on providers and the industry.    Here are the high points from the report:

Meaningful Use
*By the end of 2011, 58% of office-based physicians in the United States had adopted electronic prescribing – vs. less than 10% a little more than 3 years prior.
*Research suggests that the federal incentives for meaningful use of e-prescribing are well founded.
*As physicians gain more experience with e-prescribing, the data shows that they use it more.
*Prescribers who began e-prescribing in 2008 showed a 4X increase in e-prescriptions sent between 2008-2011.
*In the case of prescribers who adopted e-prescribing in 2008, the majority have met the standard for the Stage 1 Meaningful Use e-prescribing measure – over a third have already met the proposed 2014 Edition Meaningful Use measure.

Physician Adoption
*Pprimary care docs have achieved high levels of adoption.
-Internists (81%)
-Family practitioners (75%)
*Eleven different specialties have achieved adoption rates of 60 percent or more.
-Endocrinologists (78%)
-Cardiologists (76%)
-Gastroenterologists (69%)
-Urologists (68%)
-Opthalmologists (67%)
*Contradicting many survey-based studies on health IT adoption, the report shows e-prescribing adoption is highest among smaller practices:
-6 to 10 physicians (55%)
-2 to 5 physicians (53%).
*In 2011, The most significant growth in physician adoption of e-prescribing occurred among and solo practitioners – from 31% in 2010 to 46% in 2011.

Overall E-Prescribing Use
*The number of electronic prescriptions in 2011 grew to 570 million, up from 326 million e-prescriptions in 2010.
* By the end of 2011, an estimated 36% of prescriptions dispensed were routed electronically, up from 22% at the end of 2010.
*Electronic responses for prescription benefit information grew 87% in 2011.
*Electronic medication history deliveries increased 72% in 2011.
*Approximately 31% of patient visits generated an electronically delivered medication history in 2011.

Medication Adherence
*In 2011, Surescripts partnered with PBMs and retail pharmacies to compare the effectiveness of e-prescriptions and paper prescriptions on first fill medication adherence.
*The data showed a consistent 10% increase in patient first fill medication adherence (i.e., new prescriptions that were picked up by the patient) among physicians who adopted e-prescribing technology.
*The analysis suggests that the increase in first fill medication adherence combined with other e-prescribing benefits could, over the next 10 years, lead to between $140 billion and $240 billion in health care cost savings and improved health outcomes.

Thanks to Surescripts for doing this research.  It's clear that the trajectory for e-prescribing is very positive.

Tuesday, May 15, 2012

The NwHIN Governance RFI

Last week ONC released the Nationwide Health Information Network: Conditions for Trusted Exchange Request for Information that will be published in the Federal Register today

Steve Posnack, Director of the Federal Policy Division, ONC presented this webinar using these slides

The work is part of the HITECH mandate that requires the National Coordinator to establish a governance mechanism for the nationwide health information network.

Key concepts in the presentation include a few new acronyms that we'll all be using over the next few years, so it's a good idea to memorize them now.

CTE - Conditions for Trusted healthcare information Exchange, the  “rules of the road” for participation

NVE - a nationwide health information Network Validated Entity, the organizations that adhere to operational and financial practice preconditions for participation in trusted exchange.

Of interest, the proposed conditions for trusted exchange include

Safeguards CTEs
[S-1]: An NVE must comply with sections 164.308, 164.310, 164.312, and 164.316 of title 45 of the Code of Federal Regulations as if it were a covered entity, and must treat all implementation specifications included within sections 164.308, 164.310, and 164.312 as “required.”
[S-2]: An NVE must only facilitate electronic health information exchange for parties it has authenticated and authorized, either directly or indirectly.
[S-3]: An NVE must ensure that individuals are provided with a meaningful choice regarding whether their IIHI may be exchanged by the NVE.
[S-4]: An NVE must only exchange encrypted IIHI.
[S-5]: An NVE must make publicly available a notice of its data practices describing why IIHI is collected, how it is used, and to whom and for what reason it is disclosed.
[S-6]: An NVE must not use or disclose de-identified health information to which it has access for any commercial purpose.
[S-7]: An NVE must operate its services with high availability.
[S-8]: If an NVE assembles or aggregates health information that results in a unique set of IIHI, then it must provide individuals with electronic access to their unique set of IIHI.
[S-9]: If an NVE assembles or aggregates health information which results in a unique set of IIHI, then it must provide individuals with the right to request a correction and/or annotation to this unique set of IIHI.
[S-10]: An NVE must have the means to verify that a provider requesting an individual’s health information through a query and response model has or is in the process of establishing a treatment relationship with that individual.

[I-1]: An NVE must be able to facilitate secure electronic health information exchange in two circumstances: 1) when the sender and receiver are known; and 2) when the exchange occurs at the patient’s direction.
[I-2]: An NVE must follow required standards for establishing and discovering digital certificates.
[I-3]: An NVE must have the ability to verify and match the subject of a message, including the ability to locate a potential source of available information for a specific subject.

Business Practices
[BP-1]: An NVE must send and receive any planned electronic exchange message from another NVE without imposing financial preconditions on any other NVE.
[BP-2]: An NVE must provide open access to the directory services it provides to enable planned electronic exchange.
[BP-3]: An NVE must report on users and transaction volume for validated services.

Reflecting on our Massachusetts Health Information Exchange strategic and operational plan, the stakeholders of the Commonwealth have outlined policies and technologies to address each one of these conditions.   It's my hope that Massachusetts will be an early adopter of this framework and will be one of the first NVE's to be certified.

As I've said in my lectures on the topic, our generation will be the one that solves the trust fabric problem, so that our grandchildren will grow up in a connected healthcare system.    The NWHIN Governance RFI provides the policies necessary to create and maintain the network of networks that will result in nationwide exchange.

Monday, May 14, 2012


Recently, I've met with several internet startups, web thought leaders, and venture capitalists.

There's one word that's come up in every conversation and it's not Plastics .  It's Gamification 

Gamification, described by Wikipedia is applying gaming principles to non-gaming applications and processes,

"in order to encourage people to adopt them, or to influence how they are used. Gamification works by making technology more engaging, by encouraging users to engage in desired behaviors, by showing a path to mastery and autonomy, by helping to solve problems and not being a distraction, and by taking advantage of humans' psychological predisposition to engage in gaming."

Whenever technologists create a cool new application, they often focus on the innovation necessary to solve a hard engineering problem rather than the user experience or how to ensure the ongoing use of the software.

Many internet companies have tried and failed (such as Google Health) to create highly usable healthcare sites, but failed to engage customers over the long term.

Although the biology behind gamification is controversial, the claim is that the human brain inherently enjoys problem solving and the dopamine-mediated emotional rewards that come with it.   Sticky platforms like Facebook implement many gamification features to keep users coming back.   Group competitions, customer loyalty programs, and goal achievement are all examples of gamification strategies.

We're in the midst of a redesign of the BIDMC Personal Health Record, Patientsite.  Not only do we want to make it easier to use and more visually appealing, we want to ensure it adds value and becomes a destination that patients want to revisit.   We'll certainly keep Gamification principles in mind.

So next time you're faced with a software redesign, think about its use more than its engineering.  Replace Plastics with Gamification in your lexicon.   There's a great future in it.

Friday, May 11, 2012

Cool Technology of the Week

I've written many times about the Bring Your Own Device movement (BYOD) and the need for increasing security controls.

For years, we've controlled device settings on Blackberry devices with the Blackberry Enterprise Server (BES).   We force passwords, encryption, and device memory wipes for ten failed passwords so that every user has enterprise enforced security

With iPhones and Android devices it's harder to control settings and behavior on personal equipment.

We think the best we can do within the limitations of present server-side technology is to enforce the use of passwords on all devices using Active Sync, require a timeout of 10 minutes, and eliminate the use of the most simple passwords (1234, 1111 etc).   Microsoft Exchange/Active Sync can query the device for the settings currently in place and only synchronize email if the device adheres to enterprise security policies.

We'll eliminate support for POP and IMAP protocols because these cannot be used to inspect and enforce desirable device settings.

We've debated the use of settings that automatically wipe the device for 10 failed password attempts, as we do with Blackberry.  However, given that we cannot selectively purge corporate verses personal data, we'll likely avoid that setting for now.

BYOD management is a journey.   Server side tools that inspect personal devices and only allow synchronization of corporate data such as email when settings are consistent with  policies seem like a cool solution.

In the future, we may add client software (Mobile Device Management) to each device to provide more control over encryption on Android devices and permit selective memory wiping of corporate data.

I welcome comments on what others have done.  BYOD is here to stay.  Compliance and IT departments need to collaborate on a set of policies and technologies that will meet the needs of regulatory requirements while maintaining service capabilities and user productivity.

Thursday, May 10, 2012

Our Cancer Journey Week 21

Kathy heads to surgery tomorrow at 7am.   She'll be NPO (nothing by mouth) after midnight.  She'll wake at 5am, shower with Hibiclens (a antibacterial prep), and I'll drive her to surgical check in.  Prior to surgery, the radiology department will insert a wire adjacent to the titanium markers that were placed in her tumor at first diagnosis.   Her surgeon will use this wire to guide the lumpectomy.

Her left breast will become smaller than her right.  She jokes that her career in exotic dancing will come to an end.

The operating room will call me at the end of her procedure and I'll pick her up.   Since she'll not have had general anesthesia, we're presuming she'll feel good enough for a bit of an extended ride home.   The last of our chickens arrives on Friday (Buff Orpington's) and we'll pick them up as we drive back to our new farm.

We'll anxiously await the results of pathology.   If the margins on the lumpectomy tissue are clear, Kathy will start Radiation Therapy 1-2 months after surgery, likely late June or early July.

By Labor Day, if all goes well, this phase of our cancer  journey will end, although our continued vigilance for reoccurrence will be lifelong.

Her hair is beginning to regrow and she's progressed from peach fuzz to GI Jane.   Her nails are becoming less brittle and losing their black pallor.    Her body is beginning to recover.

2012 has been a year of learning.   We've learned how to deal with the unknowns of cancer care.   We've learned the value of personal health records.  We've learned how to buy and sell a house in the middle of chemotherapy.  We've learned how to keep our sanity and patience in the face of adversity.    Although we would have preferred not to learn some of these lessons, we're stronger for it.

Onward to the next step in the morning.

Wednesday, May 9, 2012

The American Hospital Association Letter

On April 30, the American Hospital Association issued a 68 page letter to CMS outlining their response to the Meaningful Use NPRM.

There are elements of the letter I can appreciate - implementing electronic medication administration records and bedside medication verification can be expensive for a hospital that has not yet begun the process, especially the 1300 critical access hospitals in the US.

Implementing some aspects of interoperability require using technologies that are very new.   Vendor products will need to be enhanced to support efficient health information exchange workflows.

However, as David Blumenthal said with stage 1 of Meaningful Use, we have to set the pace of the policy "escalator" so that it gets us to our destination with reasonable speed but not so fast that passengers fall off.   In my view, the AHA sets the speed too slowwith its patient and family engagement language:

"Patient Portal. CMS proposes as a new objective: provide patients the ability to view online, download, and transmit information about a hospital admission. The AHA recommends that this objective be removed for two reasons: (1) CMS does not have regulatory authority over patients’ access to their health records; and (2) the objective is not feasible as specified."


"Remove the measure on patient use of the portal to both minimize measurement burden and eliminate a provision that makes provider performance contingent on actions of others."

Patient and Family engagement is an area that needs to be pushed aggressively if progress is to be made.  The fears and myths about the burden and expense of implementing it are unfounded in my experience.   Unless we ramp up the policy "escalator" in the patient/family engagement area, vendors will not innovate and providers will not overcome their inertia.

What do I mean?

When the telephone was introduced, there was fear in the medical community that it would disrupt doctor patient relationships.  History has shown that It did not.

When secure email and patient portals were introduced, clinicians believed the burden of communications would escalate.   It did not.

When BIDMC began sharing notes with patients there was fear of litigation, misunderstanding, and level of effort to support patient questions.   Nothing bad happened.

BIDMC has had a patient portal in place since 1999 that does everything required in the Meaningful Use 2014 edition NPRM language.   60,000 patients per month have used it for over a decade.   They can view their records in real time, send secure email, make appointments, refill prescriptions, request referrals, and access numerous patient specific educational materials.   20% of our patients send secure email and look up their records - double the threshold recommended by the NPRM.

The technology is simple and the impact on the hospital (cost, workflow, burden) has been insignificant.

As the spouse of a cancer patient, I can describe firsthand the critical importance of PHRs.   Kathy has navigated her entire cancer care experience by using the BIDMC patient portal to track her care plan, her treatment progress, and her diagnostic test results.   She's securely communicated with her clinicians and accessed patient educational materials.   True, we built this system ourselves in 1999 with a budget of less than $50,000, but today's commercial products such as Epic's MyChart, and eClinicalWorks Patient Portal offer similar functionality.

I'm passionate about patient and family engagement.

I hope that the public response to their letter will encourage the AHA to reconsider their  patient engagement recommendations and ensure they carefully consider the patient record access provisions in upcoming recommendations coming from the Office of Civil Rights.   I welcome the opportunity to share the experiences of early PHR adopters with AHA membership.

Working together as an industry, we can manage the concerns voiced by AHA membership.   I encourage us to push the limits of the "escalator" on  patient and family engagement policies/technologies.   My wife's treatment and patients everywhere depend on it.

Tuesday, May 8, 2012

Metadata in an HIE

Last week, the Technology Workgroup of the Massachusetts State HIE Advisory Committee was asked to address an interesting policy and technology question.

When a payload of data (a clinical summary, a public health transaction, a lab result) is sent from provider to provider, what data should be included in the electronic envelope used in the sending process?

Massachusetts uses the Direct protocol so the payload is encrypted during transport.  The Healthcare Information Services Provider (HISP) cannot read the contents of the message.   All routing information i.e. who is the sender, who is the receiver, when was it sent, are there special privacy restrictions etc. must be placed as metadata in an electronic envelope around the payload.

Most metadata is not very controversial.   Beth Israel Deaconess sent a payload to Dr. Smith on May 9th at 8:00am with patient consent.

However, for auditing purposes, it could be important to send patient identifiers in the envelope.   If the HIE is asked a question like "we sent 10 payloads about John Halamka, can you tell us the time/date and location of delivery?"   For medical/legal, data integrity, and service level guarantees, patient identifiers in the audit trail make HIE operations easier.

However, there are downsides.   The audit trail becomes protected healthcare information.  Operators of the HIE now have access to person identified information.

How could this be a problematic?

What if the audit trail is itself is breached?   The HIE must follow HITECH reporting requirements.   The Direct Protocol was designed so that transport intermediaries minimize risk of breach by sending unidentified payloads.

What if someone asks the HIE to provide the date/delivery times of a patient's payloads sent from a substance abuse or psychiatric treatment facility?   The public is likely to have concerns that HIE staff (especially state government operators) have access to audit trails which contains such sensitive details.

Furthermore, applications that will perform novel routing and linking may need more than just limited amounts of person identified metadata in the envelope to add functionality.   Clinicians on the Tech Workgroup noted that data elements such as visit type (inpatient or outpatient),  message purpose (discharge summary, medication summary, admission notification), author of the message etc. are needed to automate advanced routing functions.   Thus, the recipient organization will likely open the payload after it is securely received to access additional information for processing.

What did we decide?

We elected to remove all human readable patient identifiers from the audit trail, instead using hashes of such data elements as name and date of birth for auditing purposes.

How will that work?

Suppose my PCP wants to send a clinical summary to a specialist as part of a referral.

We agreed to use a secure hashing algorithm (such as salted SHA-2) to anonymize identifiers.

The hash of John becomes AY#!

The hash of Halamka becomes *iUOP

The hash of my birthday becomes G5^*

If the audit trail is breached or mined by HIE staff, there is no way to know that AY#! *iUOP refers to me

However, I can ask the HIE to run an audit on AY#! *iUOP G5^* messages to ensure the payloads were delivered.   We get a perfect audit trail that's non-disclosing.

Such hashing approaches for anonymous linkage of patient records are very powerful and I recommend you study the work of Jeff Jonas, described in this post and this powerpoint.  Linking identity among heterogenous databases will be required for healthcare reform and emerging ACO business intelligence applications.   Doing it without having to disclose identity of the patient gives us the functionality we need without the risk.

Thus, Massachusetts has decided to use Direct without human readable personally identified metadata, instead adopting hashes of personal identifiers in the envelope and audit trail.   The HIE cannot be asked to mine audit trails by anyone but the sender of the messages, and the audits themselves are non-disclosing.

We have broad support for this approach and we'll let you know how it works in production.

Monday, May 7, 2012

A Moving Experience

Last week I took a hiatus from my daily writing (except chronicling Kathy's progress on my Thursday post) to move our household from Wellesley to Sherborn, MA.

On weekends and nights, we packed, moved, and unpacked.

The rules we followed during the process were

1.  Living things first - ensure the health of each other, Kathy's father (who is moving in with us), and our animals
2.  Empty the old house -  although it's appealing to focus on creating a new life, the old one must be swept clean first
3.  Focus on basic function in the new house - bedrooms, the kitchen, and bathrooms are more important than the living room, family room, or garage
4.  Repairs to the new house - no matter how attentive a seller might be, there will always be dozens of small repairs to do whenever a house changes hands
5.  Aesthetics in the new house - it will be weeks before all the boxes are emptied and everything is restored to order.   That's ok.

When we packed, we triaged items into three piles - save, donate, or recycle.

During the unpacking process, I reflected on the things we kept.   Why did we save the things we did?

Because they are meaningful parts of our lives.

The photo above illustrates a few items from the top drawer of my dresser:

C. Everett Koop's Coin that he gave me in 2008 after I presented the Koop lecture at Dartmouth

The neckerchief holder for my cub scout uniform from 1969.   My father made it for me by hand tooling leather using supplies he purchased from the Tandy Company in the pre-Radioshack days

An integrated circuit tie tack given to me by Professor Frederick Termon, commemorating the first microprocessor used in Hewlett Packard products.   The chip has an embedded photo-micrograph signed by David Packard and Bill Hewlett

A tiny birdhouse that my daughter and I found while geocaching at one of the most remarkable geocaches - the Depot in Needham.

A sleigh bell that my daughter received when our family spent a winter's night on the Polar Express.  I can still hear it's sweet sound 

A coin, a piece of leather, a plastic tie tack, a little birdhouse, and a bell may seem like trinkets, but to me they represent milestones, emotional moments, and treasured memories.    They may have little monetary value, but to me they're priceless.

During our move we wanted to consciously think about what we own and why we own it.   Now that we've moved, we're reducing our belongings to those things that really matter as we chart a new course to the future.

Thursday, May 3, 2012

Our Cancer Journey Week 20

Kathy's MRI showed no evidence of tumor and her surgeon worked with her to develop a go forward plan - lumpectomy on May 11 instead of mastectomy.

This has been a busy week moving Kathy, 2 cats, 2 rabbits, and 6 chickens to our farm in Sherborn, Massachusetts.   I've spent my nights unpacking boxes instead of posting blogs.  I'll return to a normal writing schedule next week.

Here's the MRI results from Kathy's imaging last week:

HISTORY: 49-year-old female with locally advanced left sided breast cancer who is undergoing neoadjuvant chemotherapy. Please assess response to treatment.

COMPARISON: No prior breast MRIs are available. Correlation is made with mammograms dated April 25, 2012 and December 13, 2011.

TECHNIQUE: Multiplanar T1- and T2-weighted images were acquired on a 1.5 Tesla magnet including dynamic 3D imaging obtained prior to, during, and after the uneventful IV administration of 0.1 mmol/kg of gadolinium-DTPA.

Multiplanar 2D and 3D reformations and subtraction images were generated on an independent workstation. The dynamic contrast enhanced 3D series was sent to an independent workstation for computerized assessment of contrast dynamics. CAD analysis facilitated DCE interpretation.

parenchymal enhancement. There is no suspicious focal enhancement or mass in either breast. The left breast skin appears thicker compared to right.  Post-surgical changes are present in the left axilla consistent with history of sentinel node biopsy. There is no evidence of pathologically enlarged axillary lymphadenopathy.

No suspicious focal enhancement or mass seen on MRI to correspond with known malignancy. The left breast skin appears thicker compared to right; clinical correlation is recommended.

In summary, there is no longer any evidence of tumor.   Based on this positive finding, her breast surgeon scheduled an urgent appointment with Kathy to formulate next steps.  Together, Kathy and Dr. Houlihan agreed on the following:

"I just saw Kathy Halamka who has had a complete remission by MRI after Cytoxan/Adriamycin times 4 dose dense and 5 rounds of Taxol, which was discontinued due to Taxol toxicity. I plan to do a wire location with two wires of the two clips on 5/11.  I plan an en bloc resection. If margins are ok, plan Radiation Therapy. If residual disease, probable mastectomy.  Single micro met in sentinel node--plan no axillary dissection based upon current guidelines."

So far so good   The numbness in Kathy's hands and feet is better than it was - pins and needles rather than complete lack of sensation.

This week our lives are returning to normal post chemotherapy and post move.   Six more chickens arrive tomorrow.    Our next milestone will be lumpectomy with local anesthesia on May 11.   We're all hoping for negative margins (no sign of active disease).