Building Unity Farm - The Unconditional Love of Dogs

As I've mentioned in previous posts, our male alpacas are guarded by two Great Pyrenees Mountain dogs,  Bundle (a one year old female) and Shiro (a 6 month old male).   Bundle is 70 pounds and not likely to grow much more.   Shiro is 70 pounds and likely to grow to 100 pounds.

At the farm, we have a routine.   In the early morning, when we do chores (stock the hay feeders, fill water buckets, haul manure etc.) we give the dogs breakfast biscuits.  Great Pyrenees tend to guard their food, so the dogs carry their treats to opposite ends of the paddock and savor them.    As we finish the chores, I ask Bundle to get her leash (it's sometimes a favorite tug of war toy for the dogs) and we run a few miles on surrounding trails.   Bundle is very interested in finding deer, wild turkeys, and small mammals.   Shiro is more interested in following Bundle then stealthily jumping on her when she least expects it.    Since Shiro goes where Bundle goes, he does not need a leash at this point in his life (although mature male Great Pyrenees tend to wander).

I've cut 3 trails through the woodland - the Orchard trail, the Old Cart Path (used in Colonial days), and the Marsh trail.   The dogs run as fast as they can along the Orchard trail and up the stairs I've built in an old rock wall to access the neighboring 55 acre orchard where they can play in the grass, roll down hills, and enjoy all the interesting plant/animal smells they discover between the old apple trees.

After a run around the orchard, we return to the Orchard trail and run back to paddock.  Great Pyrenees tend to sleep during the day and guard at night when predators are most active.   After their run, the dogs fall asleep under the hay feeder or in the hay loft.  They never seem to mind the cold since they have a double coat of insulating fur.   Bundle would rather stay dry but Shiro enjoys digging in the mud before sleep.   It's puppy heaven.

Before evening chores, we run the Old Cart Path, often finding the 30 wild turkeys that roost in pine trees above our stream.   In the longer days of Summer and Fall, Bundle and Shiro enjoy a few minutes of tumbling together in the tall grass of the pasture before heading back to the paddock.   While we are cleaning the barnyard and replenishing food/water/minerals for all the animals, the dogs eat dinner in separate areas of the barn to avoid any squabbling over food.    Although our farm is entirely vegetarian/vegan, the dogs eat an appropriate diet for an omnivore.  Although it is possible, I would not recommend a vegan diet for dogs and cats.

After all the animals are secured and settled for the night, my wife and I return to the house to prepare our own dinner.   The dogs begin the vigilant watch of the barn yard.

Two dogs, a 300 pound llama and a 5 foot electric fence has proven to be an effective deterrent for the coyotes, fisher cats, and foxes in our forest.

Whenever a predator threatens, the dogs bark at it wildly, raising an alarm.  When I hear them, I venture out to the paddock to ensure all is well.  The dogs great me as if they have not seen me in years.  They can never be petted enough.   Both dogs are incredibly strong and try to tackle me to the ground in play.

On the rare occasions that I must discipline the dogs (See The Guinea Fowl Who Lost His Mojo)
 they are genuinely upset by the disapproval of their pack leaders (the humans).   They sulk and beg forgiveness.

At any time of day or night, with fair and foul weather, in any situation, the dogs give their love unconditionally.

Bundle and Shiro are always happy to serve, eager to play, and thankful for a rub behind the ears.   They seek approval and take their alpaca guarding work very seriously.

They look forward to the daily rituals we've developed and definitely feel a loss when my schedule breaks the pattern (going to Washington DC at 4am conflicts with the morning run)

We have affection for all the citizens of Unity Farm, but the unconditional love of dogs creates a special bond for us.   I look forward to sharing the next decade of our lives together.

Interoperability Gets Real

Today I'm speaking at the ONC annual meeting as part of panel discussing interoperability.

For years, patients, providers and payers have complained that EHRs "do not talk to each other"

By 2014, I expect this issue to disappear.

Why?

Do I expect that every state and territory will have a robust, sustainable healthcare information exchange by 2014?  No

Do I expect that every provider will be connected to a Nationwide Health Information Network by 2014?  No

Do I expect that a single vendor will create a centrally hosted method to share data by 2014 just as Sabre did for the airline industry in the 1960's?  No

What I expect is that Meaningful Use Stage 2 will provide the technology, policy, and incentives to make interoperability real.

Stage 2 requires that providers demonstrate, in production, the exchange of clinical care summaries for 10% of their patient encounters during the reporting period.   The application and infrastructure investment necessary to support 10% is not much different than 100%.   The 10% requirement will bring most professionals and hospitals to the tipping point where information exchange will be implemented at scale, rapidly accelerating data liquidity.

Stage 2 requires that more than 5 percent of patients with inpatient or outpatient encounters (or their authorized representatives) to view, download or transmit to a third party their information during the EHR reporting period.     The Automate Blue Button initiative is an example of this functionality.  It puts the patient in control by enabling query/response or publish/subscribe retrieval of care summary data from EHRs.   Just as the 10% threshold for exchange of summaries between providers will encourage technology and policy implementation, the 5% threshold for patient-provider exchange means that software, educational materials and processes will be put in place to engage patient and families in novel ways.   If not, hospitals and professionals will not qualify for stimulus dollars.

A subtle point in the final rule that some may overlook is the statement above "patients (or their authorized representative)".    The Social Security Administrative, with patient consent, could act as an authorized representative and retrieve medical history in support of disability claims.   Innovative third parties offering consumer oriented decision support, care management services, or home health might act as authorized representatives.    The patient access provisions will create an ecosystem of products - an app store for health.

The standards included in Meaningful Use Stage 2 are unambiguous.   Content, vocabulary, and transport standards backed by comprehensive implementation guides and resources like the National Library of Medicine's Value Set Authority Center (VSAC) eliminate the gaps in semantic interoperability that were an impediment to interoperability in the past.

Finally, in addition to stimulus payment incentives, Accountable Care Organizations/Value-Based Purchasing risk contracts make redundant testing a cost rather than a profit center, motivating hospitals and professionals to share data across communities.  

With certified technology, standards, and incentives to share data among providers and patients, 2013-2014 will usher in a new era of interoperability.

My daughter will be 21 years old in 2014.   It is my hope and belief that she will never face paper-based uncoordinated care in her adult life.    With Meaningful Use Stage 2, CMS and ONC have laid the foundation to make that possible.

Cool Technology of the Week

I've written several posts about security including identity management, role-based access control, and two factor authentication.

As we work to follow best practices, I'm always interested in learning about emerging technologies.

I was recently emailed about OneID as a means to secure identity using specifically registered devices.   Here's a technology overview.

Here's the full story.

The bottom line is that by using digital certificates placed on your known devices, application passwords can be eliminated for those applications that can integrate with the OneID approach.

If a device is lost or stolen, it's easy to deactivate the device and remove all authentication.

The approach is resistant to phishing, keystroke loggers, and malware since nothing typed on the device is sufficient for authentication.

Device-based certificate management for easy authentication that eliminates many password management issues.   That's cool

Building Unity Farm - Preparing for Christmas on the Farm

This is our first winter on the farm and although we have prepared the barn, pasture, woodlot, coop, and animals for the cold weather  we do not yet have Christmas traditions at Unity.  This year, we have to make them.



Using local materials from local vendors, we've added garlands of white pine and fir to the barn, pasture gate and house entryway.   We've hung wreaths on the sheds and added swags of juniper to our light posts.





Mistletoe kissing balls surround the front door.  We've decorated a living Christmas tree in front of the house.    We've added strings of Christmas lights to selected trees and woven lights into the strands of pine garland.

Our 15 acres are filled with oaks, cedars, pines, birch, and poplar.  Hurricane Sandy blew over a few older, dead trees.   I've cut them up and split the wood into 3 neat cords for Christmas fires in our stone hearth and wood burning stove (made in 1880).

Indoors we'll find a place to build our model New England village and create a miniature barnyard around the creche from my childhood.

A Lionel train will circle a small indoor Christmas tree that we'll harvest this weekend.

Christmas stockings for my wife and me, our daughter, my father-in-law and our animals will be hung on the chimney with care.

While we do not have reindeer, we do have a four point buck and five does living in our meadow.

Christmas dinner will include a medley of root vegetables from our cellar, Japanese pumpkin (kabocha) simmered in rice wine and soy sauce, potatoes, baked apples, homemade tofu, and blueberry pie.

Life on a farm means that gifts are practical.  Warm, waterproof gloves for cold early morning work in the paddocks.   A vest to break the chill of a windy day.   A few woodworking tools (last year my wife gave me a splitting maul and Swedish forest axe).   We make our own soaps on the farm and we'll be giving gifts that range from an oatmeal scrubbing soap to a poppy seed facial soap.  I cut up a 100 year old cedar that fell in recent storms and we'll be giving blocks of its aromatic purple wood to keep moths out of closets.

The traditions we're building at Unity Farm will bond me to the place, the citizens (animal and human) living there, and the familiar rituals we create.    There is something timeless about working the land and creating a celebration of the season with a loving family around you.   We are defined by the experiences, good and bad, in our jobs, our relationships, and our environment.   Preparing for Christmas on the Farm has healed the bad, multiplied the good, and given me the equanimity I have yearned for in 2012.

My daughter still has the silver bell she received from our ride on the "Polar Express" in New Hampshire when she was a child.   We'll hang it on our first Unity Farm christmas tree and I'm confident that this season we will all be able to hear its sweet, resonant sound.

Creating Quantitative IT Governance

Over the past few months I've been talking to many industry leaders about the challenge of matching IT supply and demand.   Governance committees are essential but are not enough when the number of project requests is so large that they become difficult to triage.

Objective, quantitative scoring criteria can help.

 Intel has implemented a Business Value Index that is based on numerical scoring of

Customer need
Business and technical risks
Strategic fit
Revenue potential
Level of required investment
Amount of innovation and learning generated

My colleagues at Stanford have developed a quantitative approach based on a weighted scoring of

Quality and Effectiveness
User Productivity and Satisfaction (includes providers, patients, referring MDs)
Compliance (required by law or external regulatory/accreditation body)
Patient Safety
Financial
Scope/Urgency

Their process is very robust as described by Dr. Pravene Nath

"We take all inbound requests, whether captured by helpdesk or in meetings. A clinical informaticist reviews the request and presents it at our scoring committee meeting, which lasts for about an hour each week. The informaticist provides a preliminary scoring, and the group either confirms it, adjusts it, or sends it back for more research. Occasionally a request will be outright denied at the meeting if it just doesn't make sense. We have an appeals process for the requestor but it is rarely used. All requests, regardless of age, are kept in a rank ordered list by priority based on score. The application teams work from the top of that list downward, and they don't pick up anything new from the list until something currently underway is completed. Lastly, we reserve some capacity for fast track (easy items) which can be done even if lower on the list."

BIDMC has prioritized capital projects (IT and others) by scoring

Return on Investment
Strategic Alignment
Impact factor (Employees, Clinicians, Patients)
Quality/Safety
Compliance/Regulatory

We have policies that require CIO sign off of all IT-related projects to ensure grant funded/departmental funded IT projects are prioritized along with institutionally funded capital projects.

This year, we're looking to expand quantitative IT governance to those projects which are not capital funded and simply use existing staff resources.

I welcome your input on approaches you have used to rank project requests in a way that stakeholders feel is objective, transparent, and fair.

Crafting the Security Roadmap

Per the theme of security assessment I've been posting about, part of crafting a multi-year security roadmap is examining technologies and practices that have limited use in healthcare but are widely deployed in other industries.

Application Security Testing -  Vendor applications including those with FDA 510k approval may have security vulnerabilities.   Testing third party products with source code analysis tools can find defects that are missed by traditional vulnerability scanning software.   Related to Application testing is third party vendor management.   Testing and verifying the security of cloud hosted service providers and business associates is becoming a best practice.

Data Loss Prevention - Although many healthcare organizations have strict policies on the use of email, social networking, cloud storage, remote access, and mobile devices, it's increasingly import to have technology in place that enforces policies, preventing users from violating policy by sending data to non-secured locations i.e. sending patient information to a referring clinician who uses Gmail.   Many vendors offer appliances that quarantine, notify, restrict, and manage the flow of email containing person identified information/protected healthcare information.    Related to DLP is a strategy to prevent use of unencrypted storage devices - thumb drives, DVDs, CDs etc.

Adaptive Authentication  -  Critical applications, including email, enterprise resource planning , and clinical applications deserve increased authentication rigor.   For example, if a user is not typically outside the US and suddenly logs in from an unexpected location, then the user should be challenged with an additional factor.  Approaches could include a secret question or a one time PIN code sent to a known cell phone.  Such applications can also perform a risk analysis of authentication events to detect anomalies, including authentication events using compromised accounts and suspect IP addresses.

As with other posts on such topics, I look forward to comments about your plans and experiences in these areas.

The Quest for a Perfect Password Expiration Frequency

I've mentioned in previous blogs that BIDMC has contracted for an enterprise wide security assessment  to ensure our security projects are aligned with best practices.    Over the next few months I'll write several posts about the issues we've reviewed and the evolution of our thinking about security.

Today I'll start with something basic.

What is the right frequency to require passwords changes?

Many security experts and commonly used guidelines suggest a 90 day password expiration frequency.

To understand the common practices of hospitals in Massachusetts, I asked many of my peer CIOs about their password change policies.   The answer - some organizations are at 9 months, some are at 6 months, and some are at 3 months.   One is at 4.5 months - a compromise between 3 months and 6 months.

Two questions we need to answer before crafting the ideal policy.

1.  Does changing passwords frequently actually increase security?

2.  What is the impact of frequent password changes on the user experience (especially for smartphone and iPad users)

For question 1 - The benefit of requiring a more frequent change to passwords has been the topic of debate within the IS community for years.  While many experts claim shortening the period reduces risk, others argue the opposite because users cannot remember frequently changed passwords and write them on post it notes which they affix to their work area.

Here are three references which suggest that increasing password frequency reduces security.

http://www.cerias.purdue.edu/site/blog/post/password-change-myths/
http://www.healthcare-informatics.com/blogs/dale/password-expiration-insanity
http://digitaltrustllc.com/?p=49

For question 2 - Frequent password changes can be challenging for users of mobile devices.   Generally, something like this happens

You change your password via a desktop application
Your iPhone and iPad try to synch email before you can change the password on them
Your account is locked out for 20 minutes
You try to change your password on your mobile devices but you cannot because of the lock out
You call the IS help desk and they remove the account lock but you spent two hours trying to change the password on all your mobile devices before the account is locked again, calling the help desk several times.

I'm sure there is an ideal way to do this i.e. turn off all the cellular and network connections on your mobile devices and  change your password via a desktop application.  Then, change them on your mobile devices before reimplementing wireless network connections.

Regardless, doing this every few months will increase help desk support call volume and user frustration.

A side effect of creating a suboptimal user experience is that users will stop using tightly controlled corporate applications and instead access consumer grade technology such as Gmail, Dropbox, and text messaging, increasing risk and ultimately reducing security.

As a next step, we'll ask our multi-stakeholer IS Security and Privacy Committee to review the literature (pro and con) about frequent password changes.  They'll evaluate the risks and benefits of various password change frequencies and then we'll select a path forward which hopefully balances the risks of infrequent password changes and too frequent password changes.

Just as I asked about remote access, I welcome your comments about your password expiration frequency policies and experience.