Sunday, May 31, 2009

Enhancing Health Information Exchange in Massachusetts

The HIT Policy Committee and its Meaningful Use Working Group will be defining meaningful use very soon. Although I have no inside knowledge of what meaningful use will be, I think it will likely include several elements of health information exchange.

To me, health information exchange is three things

1. Policies for exchange which protect confidentiality, ensure compliance with regulations, and meet the service expectations of stakeholders.

2. Workflow which supports the business processes of payers, providers and patients.

3. A technical architecture which implements the workflow.

To achieve meaningfully useful health information exchange, Massachusetts has recently convened three committees under the auspices of the Eastern Massachusetts Healthcare Initiative. During May and June, we'll complete meetings of our Policy Committee, the Workflow Committee and the Architecture Committee which will take our existing health information exchanges to the next level.

I'm an active participant in these activities and want to share our work in progress with you.

Policy Committee - we're working through complex issues of consent, liability, service levels, and the division of responsibility between the health information exchange and local organizations sending/receiving data. Last Friday, we discussed these issues in detail. Here's the powerpoint outlining the issues and the draft policy for health information exchange we have developed thus far, based on our experience with NEHEN.

Workflow Committee - There are several high priority workflows among our stakeholders including clinical summary exchange, referral management, admission notification, results exchange, and quality reporting. Here's an overview of our workflow activities in progress.

Architecture Committee - In Massachusetts, we've tended to implement a service oriented architecture using CAQH Core Phase II common data transport and XML constructs such as CCD. I'll post the details of our implementation guides when they are complete.

With sound policies, prioritized workflow, and a single architecture including content, vocabulary, and secure transmission standards, Massachusetts will be "shovel ready" for health information exchange supporting meaningful use by this Summer.

Friday, May 29, 2009

Cool Technology of the Week

In my recent blog about the Red Flags rule, GreenLeaves commented that biometric checking would help reduce errors by establishing identity and uncovering fraud.

Using biometrics to verify identity seems like a good idea, so I met with Jim Sullivan from BIO-key, a leading provider of biometric solutions.

In the past, I've been reluctant to adopt biometrics because of the expense of buying fingerprint or Iris scanners for each of my 8000 client devices.

However, now that many laptops and hospital ready tablets include embedded fingerprint swipe scanners and that the price of USB fingerprint scanners has dropped significantly, it is realistic to consider biometrics.

BIO-key has developed a next-generation algorithm that reduces the fingerprint to set of calculated unique identifiers. A person’s fingerprint graphic is not the credential; their finger is. BIO-key ensures that only a real finger is being scanned to produce these unique identifiers, making a stolen fingerprint graphic useless to a potential imposter. It's the computed values that are stored when the user's finger is scanned at enrollment, and is later used for comparison with future scans. To me, it's similar to the way NTLM authentication works - there is no need to store or exchange the actual password, it's a mathematical hash of the password that is compared to a stored mathematical hash of the original password. BIO-key allows you to enroll and identify on most of the different fingerprint scanners in the market, allowing an open, heterogeneous fingerprint hardware environment.

There are several interesting ways that biometrics could be used in healthcare:

1. As an alternative authentication method for clinicians instead of having to constantly type a username and password. BIO-key provides a web-enabled fingerprint scanning authentication method that interfaces seamlessly between web applications and an enrollee database or Active Directory. Every authentication, from connecting initially to a secure Wi-Fi hub, to authenticating to Active Directory, to authenticating to web-based or thick client applications, can be done using a finger scan.
2. As a two factor authentication mechanism for secure remote access to sensitive data - instead of a token, you carry your finger with you wherever you go. Note that modern fingerprint scanners include measurement of living tissue, so your finger cannot be stolen and used as an authenticator.
3. As a way to protect patients from identity theft or mis-identification. The first time you register for care, you present your passport and your finger for scanning. On every successive visit, your fingerprint scan is used to verify your identity, without the need to hand-check the paper credentials again.

Some people may think that fingerprints are used to identify criminals and thus be reluctant to use a fingerprint scanner. As noted above, we're not using the fingerprint itself - this is not an FBI comparison to a stored library of fingerprints. Instead, it's comparing the scan of finger to specific computations made on earlier scans of the finger when the patient first registered. Hopefully, this will make patients accept scanning as a positive way to protect their identity instead of a negative "police-like" search of their past.

If you'd like to try this yourself, just get a USB fingerprint scanner or use a laptop with a built in fingerprint swipe reader such as HP, Lenovo, or Dell. Go to and follow the instructions to download the web client and test the fingerprint enabled applications. Note that it only works in Windows at this time.

A simple way to prevent identity theft and to authenticate web applications using your finger. That's cool!

Thursday, May 28, 2009

Data Center Space in the Northeast

Yesterday I wrote my personal blog for the week, so today's blog is a return the typical issues of a CIO - building and renting data centers in the Northeast.

I was recently asked about a report being published this week on health care data center costs in Boston compared with other U.S. metropolitan areas. The report claims that, although huge opportunities exist for data center providers to house growing amounts of health care data, the high costs of running a data center in Boston and other Northeast cities will drive providers to house their data in low-cost areas in the Midwest.

Here's my view of the needs of healthcare CIOs for data center space in the Northeast.

My sense is that most IT organizations are embracing virtualization which reduces server space needs. However storage needs are increasing 25% per year, consuming more space.

Thus, the demand for data center real estate, on average, will experience modest growth. Healthcare data center space is not likely to cost much more than typical data center space.

The choice of build/owned verses co-located data center space is mostly a function of network connectivity and capital availability.

The breakout of BIDMC data center expenses, not including the operating and capital needed to suppport our applications is roughly as follows:

Space and Utilities 15%
Salaries & Benefits 29%
Elect Wiring/KVM/LAN Cabling/Racks/Etc. 5%
Storage 18%
Tape/Backup 4%
Servers 14%
Monitoring Software 3%
Network 1%

Moving the data center to the Midwest MAY save on space cost and would likely save on energy. Most of the other costs would be the same whether we were located in Boston or Lincoln, Nebraska. Some costs may actually be higher in the Midwest as we are within driving distance of engineering support centers for some of our OEM's such as EMC. We currently have a favorable space rental rate compared to the square foot cost of hosting facilities in Boston. Consequently, savings for us is not going to be as great as it may be for other companies who use hosted space. Moving the data center MAY also reduce computer operations salaries, but that's questionable and assumes the labor pool is readily available in the Midwest.

I estimate the annual savings for space, utilities, and salaries, in our case, would be $150k to $300k per year. Offsetting this would be increases in wide area networking expenses and, given the distance, there would need to be dual paths for redundancy which would increase the expense. There would be a significant one time expense for the relocation cost. The combination of these could easily overwhelm any projected savings.

Relocating the data center would also require a major project that would absorb much of IT's time thereby causing us to halt or slow down other, more pressing requirements of the Medical Center. There would also be a risk element in that we would be placing our IT assets in the hands of a party we do not directly control except through contract terms and conditions.

Unlike some companies that have national or international presence, we are limited to metro-Boston. The incentives to relocate the data center to the Midwest are not compelling for us.

I predict Boston and Northeast data center space will continue to be well utilized.

Wednesday, May 27, 2009

The Number 5

In the movie "The Number 23", the main character played by Jim Carrey is obsessed with the idea that all incidents and events are directly connected to the number 23, some permutation of the number 23, or a number related to the number 23.

I'm not obsessed, nor do I have OCD in any way, but much of my life is neatly organized into groups of 5.

Why 5?

I find that 5 is the maximum number of tasks I can do simultaneously without losing track of the details. Here's my framework for my career and personal life

1. BIDMC - As CIO of BIDMC, I have 5 direct reports
a. Clinical Systems
b. Financial Systems
c. Infrastructure
d. Knowledge Services (includes medical library and all online
e. Media Services

2. Harvard Medical School - As CIO of HMS, I have 5 direct reports
a. Administrative IT
b. Educational IT
c. Informatics
d. Infrastructure
e. Research IT

3. Standards- Chair of HITSP and Vice-chair of the HIT Standards Committee (Although the work we're doing includes 5 Tiger Teams,that was not a conscious choice on my part!)

4. Healthcare Information Exchange - Chair of NEHEN and CEO of MA-Share (MA-Share and NEHEN merger will be finalized in June) which supports 5 different use cases for data sharing.

5. Advisory Councils - I have 5 advisory positions
a. Food and Drug Administration Subcommittee on IT
b. Social Security Administration Future Technology Advisory Panel
c. Anvita Health Board of Directors
d. Epocrates IT Advisory Council
e. Robert Wood Johnson Foundation National Advisory Committee for Project HealthDesign

Personal Life
1. Family - (wife, daughter, mother, father and me)
2. Home and Garden (my Thursday blog will describe my 5 small gardens)
3. Japanese Flutes (I have 5 instruments)
4. Outdoors - (Hiking, Kayaking, Climbing, Running, and Biking)
5. Writing (blogs, IT journals, academic publications, popular press, lectures)

Each night before bed, I review my 5 career organizations and my 5 direct reports in each of my jobs to ensure I've resolved all the issues of each day. By always balancing five tasks, five people, and five projects in every area, I maximize my breadth without sacrificing the depth of my attention span.

There's no need to worry about my sanity, the number 5 is just a convenient mnemonic and not a pre-requisite for getting through the day. And now it's time to prepare for my 5 meetings tomorrow...

Tuesday, May 26, 2009

A Personal Reflection on Standards Harmonization

As HITSP prepares for the demands of ARRA by reorganizing its work around meaningful use rather than use cases, here is my view of the state of standards harmonization in the US. This is my personal opinion, not a statement from HITSP or ONC.

1. Medication management and e-prescribing

This area is very mature and widely implemented.

NCPDP Script 10.5 is the right messaging standard to support e-prescribing workflow in ambulatory and long term care settings.

The National Library of Medicine's RxNorm is the right vocabulary to specify medication names.

The Food and Drug Administration's Unique Ingredient Identifier (UNII) is the right vocabulary for chemical substances and is especially useful in allergy checking.

Structured SIG, although still evolving, is good enough to describe the way to take a medication.

The Veterans Administration's National Drug File Reference Terminology (NDF-RT) is the right vocabulary for medication class and is especially useful in drug/drug interaction checking and formulary enforcement.

There are few controversies in the medication standards area. The only outstanding issues are the fact that some of these standards such as Structured SIG and RxNorm are relatively new and continue to evolve.

2. Laboratory

HL7 2.51 is good enough for results reporting to EHRs, public health, and biosurveillance.

LOINC is the right vocabulary for lab test names.

UCUM, although very new, is a reasonable vocabulary to describe units of measure.

The only controversy around lab is the timing of implementation, given that thousands of commercial labs in the US need to update their interfaces to support HL7 2.51, LOINC and UCUM. Of these, standardizing units of measure with UCUM is probably the most controversial, given that using UCUM is new for lab stakeholders. I've recently spoken with healthcare IT leaders from other countries and all agree that standardizing units of measure for labs is a priority and should move forward.

3. Clinical Summaries

Just about all stakeholders agree that clinical summaries (problem list, medication list, allergy list, diagnostic test reports, discharge summaries, other documents) should be represented in XML.

The question is what flavor of XML - HL7's Clinical Document Architecture or ASTM's Continuity of Care Record.

HITSP harmonized these two approaches with the HL7 Continuity of Care Document (CCD).

The major controversy in the area of clinical summaries is the nature of the XML format and schema. Some have described the CDA as overly complex XML. I've also heard that some believe CCR's XML could be improved. My hope is that all stakeholders continue to work together to converge on a single, simple XML representation of a clinical summary that works for everyone and is more similar to the typical XML structures used widely on the web.

4. Quality Measures

The National Quality Forum's HITEP efforts have fostered a new way to represent quality measures in terms of a collection of data types. Additional work needs to be done to uniformly map these data types to specific standards. It's likely that the same standards mentioned above for medications, laboratory and clinical summaries will be suitable for transmitting quality measures to data marts.

The only controversy in the world of quality measures is the need to rewrite existing measures in terms of EHR data types. The National Quality Forum will be the catalyst for such a project.

5. Common Data Transport

The above discussion on medications, labs, summaries and quality has been about content and vocabularies, not the secure transmission of data from place to place. How should transport work for all healthcare data exchange?

Just about everyone agrees that the internet/TCPIP/HTTPS is the right approach. However, there are controversies about the other standards to be used - enveloping, authorization/authentication, and architecture.

Some have proposed simple RESTful web services. Some have suggested that SOAP with WS* constructs provides a more solid security framework.

In Massachusetts, we've used CAQH CORE Phase II with SOAP over HTTPS and X.509 certificates. We do nearly 100 million transactions a year with this approach and it works very well.

HITSP will work on harmonizing common data transport as part of its 2009 Extensions and Gaps efforts. It will harmonize the transport work done to date, the efforts of the NHIN pilots and the requirements of the Common Data Transport Use Case recently released to HITSP by ONC.

In general, how do we resolve remaining standards controversies by the end of 2009 when a interim final rule must be finalized per ARRA? Here's my understanding of the process:

1. The HIT Policy Committee will propose a set of priorities for "meaningful use", likely in the next 60 days. The National Coordinator will deliver these to the HIT Standards Committee.

2. The HIT Standards Committee and its 3 workgroups (Clinical Operations, Clinical Quality, Privacy and Security) will determine what existing accepted /recognized standards best support the HIT Policy Committee's priorities, likely in the next 90 days. The HIT Standards Committee will draw on the work of harmonization organizations (including HITSP), standards development organizations, and implementation guide writers. The Standards Committee will also engage NIST for standards testing.

3. The National Coordinator will review this work and if it is appropriate deliver it to the Secretary of HHS for acceptance and publication in the interim final rule.

There will be several periods of public comment and administrative review along the way.

What will HITSP's role be in this process? Initially it will provide expert testimony about harmonized standards to the HIT Standards Committee. In general, HITSP responds to the priorities established by the Office of the National Coordinator. It is independent of any particular administration/political party. If there is a need to approach priorities in a different way, HITSP will align to do that, just as it has with the ARRA focused efforts of the past 60 days.

Friday, May 22, 2009

Cool Technology of the Week

Massachusetts Data Protection regulations require that data on portable devices be encrypted. As I've written about previously, we have encrypted all our laptops with McAfee Safeboot/Endpoint

However, it's commonplace for folks to backup their data on removable USB drives. How can we ensure portable drives are protected?

The answer is hardware encryption. I tested the Maxtor BlackArmor 160GB Encrypted Portable Drive and it's my cool technology of the week.

Here are the specs:

» Hardware-Based Full-Disc Encryption: Prohibits access without a password, no exceptions-not even a professional data recovery service can access the data without the password.

» KeyErase™: Permanent removal of encryption key allows secure redeployment of the drive.

» USB Powered: Powers your drive and ensures fast data transfer-

» 5400RPM, 8MB Cache Buffer: For fast drive performance and fast access to your files.

» Backup Software: Maxtor Manager software lets you easily set your automated backup schedule, sync to multiple computers, and restore files.

» Capacity (Model #): 160GB (STM901603BAA1E1-RK)
» RPM: 5400
» Cache Buffer: 8MB
» Interface: USB 2.0
» Bus Transfer Rate: USB 2.0 480MB/sec
» Dimensions: 5.17" H x 3.32" W x 0.67" L [131.2 mm x 84.2 mm x 16.9 mm]
» Weight: 7.20 oz [204.12 g]
» Warranty: 5 years

The software provided autostarts upon USB connection and sets the drive password. It only runs on Windows, so I had to test the device on one of our clinical subnotebooks - a Dell laptop running XP.

The drive mounted without a problem, queried for a password, and enabled me to place data on the device without error. Each time I reconnect the device it queries for my password. Without the password, the data is completely unreadable - I cannot even see the file names.

A portable, inexpensive, removable, hardware encrypted data store that complies with all current federal and state data protection regulations.

That's cool!

Thursday, May 21, 2009

Kayaking the Charles River

From Spring to Fall each year, I kayak 6 miles a day on the Charles River between route 128 and the Moody Street Dam.

My general rule of thumb is that I kayak when the sum of water temperature plus air temperature is greater than 120. The risk of hypothermia is much less when the water temperature is above 55 and the air temperature is above 65. This usually occurs sometime in May and lasts until October. Today's water temperature was 65 and the air temperature was 75F with a very light wind - perfect conditions.

The route I take passes through the "Lakes District" of the Charles - a wide, shallow, and particularly beautiful stretch for flatwater paddling.

I generally kayak between 5:30-6:30pm, stopping at the Charles River Canoe and Kayak boathouse on my way home. It's a great way to get some exercise and decompress - I can work a full day, kayak, have dinner with my family, and the continue to read and write until bedtime.

The early evening on the Charles is a perfect time to view widelife - Great Blue Herons, Trumpeter Swans, American River Otters, Snapping Turtles, and enormous Carp. The river is different every time I kayak with variable weather, changing wildlife, and new people. Today I did a rescue of a mother and daughter from Montreal who tipped their kayak in the deepest part of Charles. We did a T-rescue and all is well.

The boat I prefer is the Epic Kayaks V10 Surf Ski, a fast 17" wide boat that's a racing and fitness kayak, just unstable enough to keep the trip very challenging. In windy or turbulent conditions, I'll pick the Epic 18X. Here's my guide to choosing a kayak.

The other advantage of daily kayaking is the calorie burn - greater than 500 calories per hour.

Incredible sights, a relaxing river, 2500 calories of aerobic exercise, and an ever-changing riverscape. Highly recommended!

Wednesday, May 20, 2009

The Adventures of an IT Leader

In January of 2003, F. Warren McFarlan and Robert D. Austin of Harvard Business School wrote a great case study about the CareGroup Network Outage.

One of my blog readers, Brian Ahier, suggested that I read the new book by one of the same authors, Robert D. Austin, called "The Adventures of an IT Leader" .

From the HBS website:

"Becoming an effective IT manager presents a host of challenges–from anticipating emerging technology to managing relationships with vendors, employees, and other managers. A good IT manager must also be a strong business leader.

This book invites you to accompany new CIO Jim Barton to better understand the role of IT in your organization. You’ll see Jim struggle through a challenging first year, handling (and fumbling) situations that, although fictional, are based on true events.

You can read this book from beginning to end, or treat is as a series of cases. You can also skip around to address your most pressing needs. For example, need to learn about crisis management and security? Read chapters 10-12. You can formulate your own responses to a CIO’s obstacles by reading the authors’ regular 'reflection' questions.

You’ll turn to this book many times as you face IT-related issues in your own career."

Imagine my surprise when I turned to page 48, where the main character Jim Barton is listening to the radio and hears a mini-biography about "a critical care physician who still took his turn in the ER; PhD from MIT in bioinformatics; former entrepreneur who had started, grown, and sold a company while in medical school; and former student of a Nobel Prize winning economist. He was the author of four books on computer programming and had written the first version of many of the hospital's software applications. This CIO earned kudos for his transparency during a network crisis...."

Thanks to Robert Austin for my first appearance in a "novel"!

It's a great book with many practical suggestions about IT leadership, governance, and budget allocation.

In the spirit of the book's Chapter 4 on budgeting, I'm sharing the document I used last week to justify my FY10 capital budget. I always present a narrative written in non-technical terms which supplements my budget spreadsheets by highlighting quality, safety, return on investment and strategic alignment. I hope you'll find the format useful for defending your own capital budgets.

When presenting my operating budget, I use benchmarks from HIMSS, the American Hospital Association, and the Association of American Medical Colleges. I benchmark growth of the entire organization and the growth of IT. Currently the IT organization is 1.78% of the BIDMC operating budget. BIDMC has grown by 38% over the past 5 yeas, but IT staffing has stayed constant, supporting growth in demands and technological complexity by working harder and smarter. IT is lean and mean. In tough budget times, presenting data rather than emotion is the best way to objectively justify a budget.

Tuesday, May 19, 2009

The ONC ARRA Implementation Plan

Yesterday, ONC released its implementation and operating plan in fulfillment of the 90-day deadline established by Div. A, Title XIII of ARRA.

The plan is posted to the HHS Recovery Website.

Here are a few highlights:

$24 million is budgeted for enhanced privacy and security including $9.5 million for the Office of Civil Rights and CMS for auditing and for complaint resolution.

$20 million is budgeted for NIST to test technical standards and establish a conformance testing infrastructure.

$300 million is allocated for Regional Healthcare Information Exchange, but no details are provided about timelines for distribution.

The plan for Standards is consistent with the charter of the HIT Standards Committee - HHS shall adopt and publish an initial set of standards, implementation specifications, and certification criteria by December 31, 2009. Today in the Federal Register, you'll find a Notice of the HIT Standards Committee Schedule for the Assessment of HIT Policy Committee Recommendations.

To refine the Federal HIT Strategic Plan, ONC will develop a draft update, receive input from stakeholders, review the impact on other projects, adjust the operating plan as needed, and publish the updated plan on the HHS website by December 31, 2009.

Additionally, a notification for funding availability for the regional extension center grants will be published by the end of FY 2009. Awards are anticipated to be made in early FY 2010.

And of course, meaningful use will be defined soon. HHS is developing milestones for major phases of the program’s activities with planned delivery dates.

With each passing day, more and more details of the new plan are published at a remarkable pace. The magnitude of the work ahead for ONC is summarized nicely by the document

"With the arrival of the new National Coordinator, decisions about how to best address standards development and harmonization, the certification and testing processes, privacy and security policy development, issues around governance, workforce training, and education for health care providers and consumers will be made. "

Monday, May 18, 2009

The Red Flags Rule

You may have seen the recent headlines "FTC delays Red Flags Rule implementation until August 2009". What is the Red Flags Rule and how does it relate to healthcare?

The FTC has a great website that it explains it all in detail.

Basically, the FTC requires most clinical offices, hospitals, and other health care providers to develop a written program to spot the warning signs of identity theft - “red flags”

If a patient's name on a photo ID and on their insurance card do not match, that's a red flag.

If a patient visited last week as John Smith but today is Fred Jones, that's a red flag.

If patient seems to travel from provider to provider seeking numerous expensive treatments, that's a reg flag.

The law was initially designed to cover creditors and it seems odd for healthcare providers to be considered creditors. The FTC defines a creditor as anyone who enables the customer to carry a balance after services are rendered. Unless a clinician asks for payment upfront (all balances not covered by insurance), the clinician is a creditor.

The FTC will be begin enforcement August 1, 2009, so it's important to develop policies and procedures to address red flags in healthcare settings.

What is BIDMC doing?

We are actively working to develop procedures and an educational plan. We created an interdisciplinary group that includes IS, Compliance, Finance, Patient Financial Services, clinicians, Human Resources , Ambulatory Services, Health Information Management, and others to examine Red Flags, but also the broader issues of HITECH/ARRA privacy provisions, and new Massachusetts Data Protection regulations. First, we will finish our Red Flags program and implement it, then we will move on to working on the other issues. We have not finalized our specific policy, but have already reported to the Board of Directors and to senior leadership about the issues and the work we are doing. As soon as the policy is finalized, I will post it on my blog.

If you have not begun a program to address compliance with the Red Flag rule, now is the time!

Friday, May 15, 2009

The First Meeting of the HIT Standards Committee

Today, Jonathan Perlin and I ran the first meeting of the new HIT Standards Committee. The members are:

Jonathan Perlin, MD, Chair
Healthcare Corporation of America

John Halamka, MD. Vice-Chair
Harvard Medical School

Dixie Baker, PhD
Science Applications International Corporation

Anne Castro
BlueCross BlueShield of South Carolina

Christopher Chute, MD
Mayo Clinic College of Medicine

Janet Corrigan, PhD
National Quality Forum

John Derr, R.Ph.
Golden Living, LLC

Linda Dillman
Wal-Mart Stores, Inc.

James Ferguson
Kaiser Permanente

Steven Findlay, MPH
Consumers Union

Douglas Fridsma, MD, PhD
Arizona Biomedical Collaborataive 1

C. Martin Harris, MD, MBA
Cleveland Clinic Foundation

Stanley M. Huff, MD
Intermountain Healthcare

Kevin Hutchinson
Prematics, Inc.

Elizabeth O. Johnson, RN
Tenet Health

John Klimek, R.Ph.
National Council for Prescription Drug Programs

David McCallie, Jr., MD
Cerner Corporation

Judy Murphy, RN
Aurora Health Care

J. Marc Overhage, MD, PhD
Regenstrief Institute

Gina Perez, MPA
Delaware Health Information Network

Wes Rishel
Gartner, Inc.

Richard Stephens

Sharon Terry, MA
Genetic Alliance

James Walker, MD
Geisinger Health System

We began the meeting with introductory remarks from Dr. Blumenthal. He emphasized the need to improve care quality, efficiency, and the scope of healthcare coverage. He noted that technology is a tool that facilitates meaningful use and leads to better care. The goal is better health, not implementation of IT for technology's sake.

Jodi Daniel provided us with important statutory background on the committee. Here are few key points from her presentation and the discussion which followed

1. The purpose of the committee is to recommend standards, implementation specifications, and certification criteria to the National Coordinator for the electronic exchange and use of health information. The committee is not limited to standards selection, it covers the process from end to end - standards, implementation, and certification criteria. It will gather input from standards harmonization and development organizations, implementation guide writers, and certifying organizations to make recommendations which enable data exchange in support of meaningful use.

2. There are 8 areas of policy focus
-Technologies that protect the privacy of health information
-A nationwide health information technology infrastructure
-The utilization of a certified electronic record for each person in the US by 2014
-Technologies that support accounting of disclosures made by a covered entity
-The use of electronic records to improve quality
-Technologies that enable identifiable health information to be rendered unusable/unreadable
-Demographic data collection including race, ethnicity, primary language, and gender
-Technologies that address the needs of children and other vulnerable populations

You'll see a great deal of discussion in the HIT Policy and Standards Committees about these issues. These 8 areas are our guiding principles!

3. The HIT Standards Committee will have two standards adoption processes
- expedited, in support of the statutory deadline for HHS to publish an interim file rule on initial standards, implementation specifications and certification criteria by 12/31/09. For this process, we'll leverage the already approved/recognized standards.

- normal, the committee will receive guidance from the HIT Policy Committee and typically within 90 days will make recommendations. Note that these recommendations may include naming standards, identifying gaps, and asking standards harmonization/development organizations to do further work.

4. NIST will serve a role to test the standards. To clarify, this work is to ensure the standards are appropriately documented and technically adequate for their intended purpose. NIST will not certify products - that will be left to certification organizations.

5. The summary of the entire process is illustrated in picture above.

We then discussed the types of data exchanges which might constitute meaningful use. ONC and HHS have not yet provided official guidance on meaningful use, so these are contingencies - our best guess as to the data exchanges likely to enable meaningful use.

Clinical Operations - ePrescribing/medication management, lab ordering/resulting, clinical summary exchange (problem list, medication list, allergies, text based reports including op notes, diagnostic testing reports, discharge summaries)

Quality - Process, outcomes, treatment plans, medical decisionmaking, health behaviors

Security - Transport, secure messaging, authentication, authorization, auditing

We elected to form three working groups to focus on these areas. These groups will conduct phone meetings and include additional experts as needed.

In the discussion that followed a few major themes emerged:

a. We need a high level roadmap of milestones to ensure we meet our statuary deadlines for initial deliverables in time for the 12/31/09 interim rule.
b. We also need a roadmap which takes into account the other mandates/compliance requirements already imposed on healthcare stakeholders such as ICD-10 and X12 5010. We need to ensure our clinical work is in synch with administrative data exchange activities already in progress.
c. Although we should provide for the exchange of basic text, we should strive for semantic interoperability whenever possible, using controlled vocabularies which are foundational to decision support and quality reporting.
d. We should set the bar for interoperability higher than the status quo but also make it achievable, realizing that rural providers and small clinician offices have less capabilities than large academic health centers. We'll need to retrofit many existing systems - healthcare IT is not a greenfield and thus we need to be realistic about the capabilities of existing software, while also encouraging forward progress and innovation.
e. Meaningful use will change over time. Data exchange and the standards we select must evolve. To ensure successful adoption throughout the industry, our work must be continuous incremental progress with phased adoption of standards.

I will serve as Chair of HITSP and Vice-Chair of the HIT Standards Committee simultaneously, coordinating communication between these two organizations. I look forward to the work ahead.

Thursday, May 14, 2009

More Vegan Dining

Over the past two weeks I've been traveling up and down the Northeast Corridor from Boston to New York City to Philadelphia to Washington for various meetings related to healthcare IT. When I arrive in a city and check into a hotel, I Google "vegan" followed by the city name. I scan the Google map that appears and walk to the most appealing vegan restaurant nearby. Here are a few of my recent finds:

Mi Lah is a great mix of oriental vegan foods from Cambodia, Japan, and Thailand as well as classic ethnic dishes such as Greek butternut squash moussake and African peanut stew. I had the Cambodian Amok with spinach, eggplant, and tofu in coconut lemongrass sauce. Great service, a warm atmosphere, and an all vegan menu.

Horizons is an internationally famous vegan restaurant specializing in Mediterranean flavors. I highly recommend the tempeh and seitan dishes.

I recently had a wonderful evening with Dr. Sidney Zubrow and his team from Philadelphia Hospital. We dined at the classic steakhouse in Philadelphia, The Prime Rib. A steakhouse for a vegan? Surprisingly, steakhouses such as Morton's, Capital Grille, and The Prime Rib have great vegan side dishes including fresh broccoli, green beans, roasted tomatoes, spinach, and roasted potatoes. I order everything steamed and without butter or any sauce.

Washington DC
My favorite vegan restaurant in Washington is Vegetate near the Convention Center. The menu is divided into three sections: bites, small plates and large plates. Great small plates include golden beets, spring vegetable shepherd's pie, and seasonal salads. Great large plates are Sesame Crusted Tofu and Seasonal Vegetable Risotto.

I've not had much experience with Mezzes, small plates of Eastern Mediterranean food (similar to Spanish Tapas). Zaytinya is a fabulous restaurant with many vegan entrees. I had great humus, eggplant, couscous, and mushroom dishes. The staff is very vegan friendly and even brought me fresh cucumber slides for dipping instead of pita, which is made with dairy.

If you find me in a vegan restaurant sitting alone, you'll notice that I'm photographing every course on my Blackberry. I email them to my wife in real time, so that we can enjoy dinner together, even when I'm hundreds of miles away.

Wednesday, May 13, 2009

The BIDMC Problem List Vocabulary

In several blog entries, I've been discussing the adoption of SNOMED-CT as the vocabulary to support BIDMC problem lists and our Google Health interface.

The National Library of medicine has mapped 93% of BIDMC problem list terms to SNOMED. The International Health Terminology Standards Development Organization (IHTSDO) has given me permission to share the BIDMC problem list vocabulary and the SNOMED-CT codes on my blog via the following terms

"The SNOMED CT® identifiers are posted with permission from the International Health Terminology Standards Development Organisation (IHTSDO). SNOMED CT is available for use under the terms of the IHTSDO Affiliate License Agreement, which is also Appendix 2 of the License Agreement for Use of the UMLS Metathesaurus. Use of SNOMED CT is free in IHTSDO Member countries (12 countries as of May 2009, including the US), in an additional 49 countries characterized as low-income economies by the World Bank, and for qualifying research projects worldwide. The National Library of Medicine (NLM) is the US Member of the IHTSDO. For more information, those in the US should contact NLM. Those in other countries should consult the IHTSDO for appropriate contact information."

Our plan is to load these terms into our electronic health record and code all our matching historical problem list data into SNOMED-CT. Our Google and Microsoft interfaces will be changed to send SNOMED-CT so that all problem list data can be mapped to disease monographs and consumer decision support tools.

In June, the NLM will forward us their consolidated list of the 6000 SNOMED-CT coded problems from the leading early adopters of SNOMED in the US. If we find any gaps in this problem list, we'll work with NLM and IHTSDO to fill them.

I hope the BIDMC problem list is helpful to your applications and institutions!

Tuesday, May 12, 2009

The First Meeting of the HIT Policy Committee

Today, the HIT Policy Committee met for the first time. Dr. Walter Suarez, CEO of the Institute for HIPAA/HIT Education, and the co-leader of the HITSP Education and Communication Committee, attended on my behalf. Here are his notes.

The meeting began with an introduction by Dr. David Blumenthal. He highlighted six priority areas for the HIT Policy Committee
* Meaningful Use
* Certification
* Infrastructure
* Privacy and Security
* Health Information Exchange
* Public Health

A question was asked about the recent NCVHS meaningful use hearings. Dr. Blumenthal responded that the HIT Policy Committee will be the venue for discussion of the NCVHS report.

A question was asked about the Office of National Coordinator (ONC) Strategic Plan. Dr. Blumenthal responded that ONC must revise its plan to reflect the statuary requirements of ARRA. For example, by May 18 it must establish a process for identifying Regional Healthcare IT Extension Centers.

Jodi Daniels, ONC Director of Office for Policy and Research, briefed the Committee about ARRA.

* The HIT Policy Committee is expected to advise ONC on priorities
* The National Coordinator will ensure communication with the HIT Standards Committee
* ARRA calls for two standards-related activities for the HIT Policy Committee
- Identify where standards are needed, not setting standards
- Recommend a policy framework for adoption of electronic standards, including:
Meaningful use
Utilization of EHRs
Accounting for Disclosure
Using certified EHRs for quality improvement and patient safety
Technologies that render protected healthcare information unusable
Collection of demographic data including race and ethnicity
Data to benefit vulnerable populations including children
HIT and telemedicine
HIT and public health
HIT and home health care

Dr. Blumenthal discussed the priorities for early work
* ARRA includes an enormous mandate that extends from privacy and security to monitoring public health threats to getting doctors and hospitals to adopt certified qualified EHRs
* It is impossible to do everything at once. We need to set priorities.
* Congress has given guidance by setting some priority topics and deadlines, but also by allocating billions of dollars in payments to help support adoption, starting 2011 and extending through 2018
* These funds focus attention and create important benefits/risks
* This is the first time in history that Congress has acted to correct some of the market errors in the healthcare information technology industry
* There are a series of tasks that need to be accomplished to make meaningful use a meaningful idea
- First, define meaningful use. This is an unprecedented task. The HIT Policy Committee will need to pick-up where NCVHS left off. ONC also has an internal group working on this.
- Second, review certification, which is tied to meaningful use.
- Third, infrastructure. Congress has allocated billions to accelerate industry adoption including extension centers, money to support information exchanges, training workers, training health professionals who will use these technologies and funding to states to help providers not eligible for Medicare/Medicaid payments.
- Fourth, privacy and security. ONC will appoint a privacy officer
- Fifth, public health and disease surveillance

There were a few questions:
*Shall we build upon activities already in progress?
Dr. Blumenthal noted that the NCVHS work on neaningful use is important; Certification needs to be reviewed; privacy and security – a lot of work done; HIE – modest literature about RHIOs and local adoption.

*What happens when the HIT Standards Committee receives input from the HIT Policy Committee?
Dr. Blumenthal noted this is something ONC is working on. The Standards Committee must recommend to the HHS Secretary the standards to achieve meaningful use. The Secretary will publish interim rules by end of year. The HIT Policy Committee is charged with the areas where standards are needed and perhaps the general approach to standards but not to define the standards.

*Summary of Priorities
- First, privacy and security
- Second, how to define meaningful use in an effective way
- Third, designing a certification process that facilitates adoption
- Others:
Supporting research
Measuring quality
Training and education of workforce (such as extension centers)
Demonstrating and documenting success. Show Congress, the industry, and the public that this does make a difference
Need to keep an eye on implementation via an incremental approach
Need to involve the workforce from the beginning. Workforce training is a priority.

* Discussion of Goals and Principles of Working Groups
- HIT Policy committee is charged to make recommendation to ONC
- Workgroups will support the detail work that needs to be done, then brought back to the full Committee

*Is Meaningful Use, for example, a time-limited issue? As it deals with the immediate needs to define and set parameters and metrics, yes; but it will also need to be reviewed periodically

*Where are we putting HIEs? Meaningful Use or Infrastructure?
- There is an aspect of HIE that comes under infrastructure (there is funding tied to it, question is for what)
- There is also a Meaningful Use aspect – that is, what are the requirements HIE for meaningful use
- There is also a Certification component – that is, what are the certification aspects of HIE that are tied to Meaningful Use and EHRs

- Some concern expressed about creating a privacy and security workgroup, it should be foundational across all groups
- But perhaps it should be immersed into an Information Sharing Workgroup which covers architectural, functionality and covers also privacy and security

*Another cross-cutting element for all workgroups: Patient centeredness

*Summary of discussion: recommendation for four working groups
-Meaningful Use
-Certification/Adoption including infrastructure issues, workforce, adoption strategy
-Information Exchange/Sharing
-Cross-cutting issues - Privacy and Security, Patient centeredness, Measurement

*Message to the HIT Standards Committee
Tell the HIT Standards Committee that the HIT Policy Committee is working on Meaningful Use, Certification/Adoption, and Information Sharing. The HIT Standards Committee can identify standards to support these goals.

I look forward to the first meeting of the HIT Standards Committee on Friday. I'll summarize the meeting on my blog.

Monday, May 11, 2009

The Healthcare Information Technology Expert Panel II

Last week, I joined an amazing group of colleagues at the National Quality Forum's Healthcare Information Technology Expert Panel to work on a next generation quality data set. They key breakthrough was the development of a universal terminology for the design of quality measures which captures process and outcome data from electronic systems.

Elements which are captured include:

Datatype (e.g., medication order)

Data (e.g., aspirin)

Attributes (e.g., date/time)

Data Source (e.g., physician, patient, lab)

Data Recorder (e.g., physician, lab, monitor)

Data Setting (e.g., home, hospital, rehab facility)

Health Record Field (e.g., problem list, med list, allergy)

In the original HITEP work last year, 35 datatypes were defined such as encounter, diagnosis, diagnostic study, laboratory, device, intervention, medication, symptom etc. Each datatype can have subtypes describing specific events. Here's an example of the subtypes of the medication datatype

medication administered
medication adverse event
medication allergy
medication discontinued
medication dispensed
medication intolerance
medication order
medication prescribed
medication offered
medication refused

A traditional measure of quality might be

"Was Aspirin administered within 5 minutes of ED arrival in diagnosis of acute MI?"

If an EHR transmits datatypes for encounter, diagnosis, and medication to a quality data warehouse, we could capture the following data:

Datatype - encounter
Data - ED arrival
Attribute - date/time of arrival
Source - registration system
Recorder - ED ward clerk
Setting - ED
Health record field - ED arrival date/time

Datatype - diagnosis
Data - MI
Codelist - SNOMED code 12345
Attribute - date/time of diagnosis
Source - physician
Recorder - physician
Setting - ED
Health record field - encounter diagnosis

Datatype - medication administered
Data - ASA
Codelist - RxNorm code 123456
Attribute - date/time of administration
Source - nurse
Recorder - nurse
Setting - ED
Health record field - medication administered

then the quality measure could be defined as

Diagnosis="SNOMED 12345" AND (medication administered="RxNorm 123456" date/time - ED arrival encounter date/time) < 5 minutes

Such an approach makes quality measures more clearly defined, more directly related to data elements in EHRs, and more easily maintained.

The next steps for NQF include review of their existing 500 quality measures to determine which could be placed into such a framework. If there are gaps or revisions needed, the NQF will work with quality measure development organizations.

Meaningful use of EHRs will likely include quality measurement. Having a framework for recording quality data and computing measures is foundational.

Friday, May 8, 2009

Followup on Dispute Resolution

In my earlier blog about Dispute Resolution, I described the planned gathering of computer scientists, electronic health record experts, and dispute resolution professionals called "Online Dispute Resolution in a Technology-oriented Healthcare World"

I attended the event and enjoyed the multidisciplinary discussion, learning a great deal about possible disputes among the data stakeholders in healthcare - patients, providers, payers, employers, compliance organizations, public health, government, national security, research etc.

Here are a few lessons learned

1. There's a need to web enable dispute workflow in healthcare. As e-patient Dave pointed out, I did not hear about any data concerns regarding personal health records likely because there was no easy way to raise the issue. Hospitals have policies regarding medical record disputes. Generally the workflow involves writing letters, making phone calls, and resolving disputes via committee. As the country implements more electronic records and shares more data (with patient consent), among more stakeholders, we need to embrace automated dispute resolution workflows such as are used by eBay. In healthcare, the issues are complex because the medical record is a legal record and there are many compliance issues involved in annotating it. However, I can imagine adding a comment field to the problem list which could be electronically annotated by the patient, so a clinician examining the record could understand the patient's point of view if data is disputed. In our medication reconciliation application, we give clinicians the ability to make notations about patient compliance with medications i.e. discontinued, taken infrequently, changed to a different medication etc. I can imagine gathering this input directly from patients.

Thus, the work of the dispute resolution community working with the healthcare data community will be to think through the workflow that can be supported via web-based dispute resolution tools, while still ensuring the non-repudiability of the medical record and complying with federal, state, and local medical record policies.

2. For issues that cannot be resolved via automated tools, an electronic escalation to an Ombudsman is a reasonable workflow. Complex issues are generally more easily resolved when two people speak directly rather than virtually. However, a web application could be used to identify the issues, exchange background information, and schedule the discussion.

3. If there is assertion of malpractice or harm caused to the patient, then workflows involving risk management and insurance organizations are appropriate.

The full report of the meeting will be available soon, but in the meantime, I will be more sensitive to the need to consider the modes of failure in electronic health records, especially those which are shared with patients, and the desirability of automated dispute resolution workflow.

Thursday, May 7, 2009

Your Karma Account Balance

It's a tough time for everyone right now.

The economy is troubled, there's an H1N1 flu outbreak, and there's increased competition for scarce resources.

This causes people to be edgy, angry, and impatient.

I encounter a sense of frenzy when I board airplanes, when I search for parking, and when I commute on busy highways.

It's time to dust ourselves off, make the most of each day, and strive for more good Karma.

What do I mean?

Conflict happens every day. I have always believed that the nice guy can finish first in any conflict by doing the right thing.

1. By trying to win every competition you may win the battle of office politics but lose the Karma war. I've found that those who are Machiavellian live by the sword and eventually die by the sword. Thus, do not grandstand, take credit inappropriately, or demean others to enhance your own stature.

2. Rather than worrying about fame, fortune, or glory, just try to make a difference. Treat everyone with respect, listen to their concerns, and make decisions based on the greatest good for the greatest number.

3. Use email as a communication tool, not a weapon. If you feel emotion, save as draft and send it later. Never use blind cc's or use email to make others look bad to their superiors.

4. At the end of every day, look back on each open issue and ask if you've moved the issue forward. Many conflicts are not easily resolvable, but can be moved forward over time via gradual change and aligning the interests of stakeholders.

5. Stick to your principles. Integrity, honesty, and consistency should guide your actions.

If everyone looked at the balance in their Karma account at the end of every week, the world would be a much more positive place.

Yesterday in a meeting, someone asked how I was doing. My answer what that my 401k may be bad, but my Karma account is looking good. I have my health, a happy marriage , a loving daughter, and a set of really interesting challenges that enable me to make a difference.

I do not know where the future will lead, but when I look back in 30 years, I'll feel good about the journey. Along the way I'll be optimistic, kind, and fair.

Speaking of journeys, I'm at NASDAQ today doing a live webcast at 2:00pm Eastern. You can watch it at

Wednesday, May 6, 2009

Next Steps on the HIT Policy and Standards Committees

Last week, ONC formally established the HIT Policy and Standards Committees via publication in the Federal Register. Here are the announcements:

ACTION: Notification of the Establishment of the HIT Policy Committee.

SUMMARY: This notice announces the establishment of the HIT Policy Committee. The American Recovery and Reinvestment Act of 2009 (Pub. L. 111-5), section 13101, directs the establishment of the HIT Policy Committee. The HIT Policy Committee (also referred to as the
"Committee'') is charged with recommending to the National Coordinator a policy framework for the development and adoption of a nationwide health information technology infrastructure that permits the electronic exchange and use of health information as is consistent with the Federal Health IT Strategic Plan and that includes recommendations on the areas in which standards, implementation specifications, and certification criteria are needed. The HIT Policy Committee is also charged with recommending to the National Coordinator an order of priority for the development, harmonization, and recognition of such standards, specifications, and certification criteria.

FOR FURTHER INFORMATION CONTACT: Judith Sparrow, Office of the National Coordinator for Health Information Technology, e-mail

I. Background
The Committee and its staff are governed by the provisions of the Federal Advisory Committee Act (FACA) (Pub. L. 92-463), as amended (5 U.S.C. App.), which sets forth standards for the formation and use of federal advisory committees.

The Committee shall determine a schedule of meetings following an election of a Chairperson and a Vice Chairperson from among its members.

II. Criteria for Members
The Committee shall be comprised of the following, including a Chair and Vice Chair, and represent a balance among various sectors of the health care system so that no single sector unduly influences the recommendations of the Committee. Committee members shall be appointed in the following manner:
3 members shall be appointed by the Secretary of Health and Human Services, 1 of whom shall be appointed to represent the Department of Health and Human Services and 1 of whom shall be a public health official;
1 member shall be appointed by the majority leader of the Senate;
1 member shall be appointed by the minority leader of the Senate;
1 member shall be appointed by the Speaker of the House of Representatives;
1 member shall be appointed by the minority leader of the House of Representatives;
Such other members as shall be appointed by the President as representatives of other relevant Federal agencies;
13 members shall be appointed by the Comptroller General of the United States of whom-
3 members shall be advocates for patients or consumers;
2 members shall represent health care providers, one of which shall be a physician;
1 member shall be from a labor organization representing health care workers;
1 member shall have expertise in health information privacy and security;
1 member shall have expertise in improving the health of vulnerable populations;
1 member shall be from the research community;
1 member shall represent health plans or other third-party payers;
1 member shall represent information technology vendors;
1 member shall represent purchasers or employers; and
1 member shall have expertise in health care quality measurement and reporting.
Non-federal members of the Committee shall be Special Government
Employees, unless classified as representatives.

III. Copies of the Charter
To obtain a copy of the Committee's charter, submit a written request to the above contact.
Dated: April 23, 2009.
David Blumenthal,
National Coordinator for Health Information Technology, Office of the
National Coordinator for Health Information Technology.
[FR Doc. E9-9839 Filed 4-24-09; 4:15 pm]

ACTION: Notification of the Establishment of the HIT Standards Committee.

SUMMARY: This notice announces the establishment of the HIT Standards Committee. The American Recovery and Reinvestment Act of 2009 (ARRA) (Pub. L. 111-5), section 13101, directs the establishment of the HIT Standards Committee. The HIT Standards Committee (also referred to as the "Committee'') is charged with making recommendations to the National Coordinator on standards, implementation specifications, and certification criteria for the electronic exchange and use of health information for purposes of adoption, consistent with the implementation of the Federal Health IT Strategic Plan, and in accordance with policies developed by the HIT Policy Committee.

FOR FURTHER INFORMATION CONTACT: Judith Sparrow, Office of the National Coordinator for Health Information Technology, e-mail

I. Background
The Committee and its staff are governed by the provisions of the Federal Advisory Committee Act (FACA) (Pub. L. 92-463), as amended, (5 U.S.C. App.), which sets forth standards for the formation and use of federal advisory committees. The Committee shall determine a schedule of meetings following an election of a Chairperson and a Vice Chairperson from among its members. An initial meeting of the Committee shall take place not later than 90 days from passage of the ARRA.

II. Criteria for Members
The HIT Standards Committee shall not exceed thirty (30) voting members, including a Chair and Vice Chair, and members are appointed by the Secretary with input from the National Coordinator. Membership of the Committee shall at least reflect providers, ancillary healthcare workers, consumers, purchasers, health plans, technology vendors, researchers, relevant Federal agencies, and individuals with technical expertise on health care quality, privacy and security, and on the electronic exchange and use of health information and shall represent a balance among various sectors of the health care system so that no single sector unduly influences the recommendations of the Committee. Non-Federal members of the Committee shall be Special Government Employees, unless classified as representatives.

III. Copies of the Charter
To obtain a copy of the Committee's charter, submit a written request to the above contact.
Dated: April 23, 2009.
David Blumenthal,
National Coordinator for Health Information Technology, Office of the
National Coordinator for Health Information Technology.
[FR Doc. E9-9838 Filed 4-24-09; 4:15 pm]

We'll hear more about these committees soon, since their meetings are mandated by ARRA to occur in the month of May. Watch the ONC Website for announcements of the meetings and the members to be named.

Tuesday, May 5, 2009

More Meaningful Use

My colleague Micky Tripathi testified to NCVHS about meaningful use on April 29. His major points included:

1) We need substantial implementation support and significant resources for health information exchange if we are going to achieve meaningful use. The Regional Health Information Technology Extension Centers (RHITECs) are ideal organizations to assist with these issues.

2) ARRA currently delivers incentive payments directly to clinicians. These payments should be shared with RHITECs, which will assist clinicians with implementation of EHRs. Otherwise, RHITECs will bear the burden/expense of implementation but the physicians alone will be paid for meaningful use.

3) We should use Health Information Exchange activity measurement as a “sufficient statistic” for meaningful use. We should require basic clinical summary exchange through authorized health information exchanges, and require quality measures/public health reporting to be sent to authorized data aggregation entities. If a physician is accomplishing these, then we do not need to measure at the EHR-level because they could not accomplish these things without meaningfully using the EHR.

Also, for completeness, here is the meaningful use statement from the College of Healthcare Information Management Executives (CHIME), also submitted to NCVHS. Sharon Canner from CHIME added a clarification to this testimony:

There is an error in our statement, discovered late in the process. The statement should have read “HL7 Continuity of Care Document (CCD).” CHIME Prefers the CCD; however, it may be a stretch for some hospitals initially.

Monday, May 4, 2009

Information Technology and the H1N1 Virus

At BIDMC, our Infection Control staff have sent out daily updates about the H1N1 Virus, our process changes to protect patients/staff, and our planning for future activities if the infection escalates.

There are many things that IT can do to support the hospital and the country during this outbreak. Here are five projects we've implemented.

1. Support CDC's Biosense

Every day, BIDMC electronically sends 4000 data elements to the Centers for Disease Control using the HITSP Biosurveillance standards. Patients are not identified - no names, MRN’s or addresses are sent. Birthdays are month and year only. Here are the data elements we send:

ADT information – a message that there was an admission, discharge or transfer with date and time
Pharmacy orders
Daily census

Emergency Department Visits
Visit information
Pharmacy orders
Patient instructions

Outpatient Visits
Visit information

All patients
Microbiology orders and results (including viral studies)
Radiology orders and results

The CDC uses this to track outbreaks and prioritize resource allocation.

2. Build an intranet site to educate faculty and staff

We've supported our Infection Control staff with template-based content management tools and launched "H1N1 Central". In this single intranet site we link together our institutional polices, CDC reports, local news, and best practices.

Also, all our login screens display the message

"H1N1 Influenza Employee Screen:
In order to prevent spread of infection to patients and staff,
the following guideline should be followed by all staff:
If you have two or more of the following:
- fever over 100 in past 7 days
- flu symptoms (chills, cough, sore throat, stuffy nose, body aches, headache)
in past 7 days
- contact within 6 ft of someone who has a flu-like illness
Please put on a mask if you are in the hospital, contact your manager/supervisor
immediately to arrange coverage for your absence and to advise regarding
need for swab testing. Contact your PCP if appropriate, and recover at home."

3. Employees have been told to stay home if they have flu symptoms. In the case of H1N1 or any infectious outbreak, it's important to support remote access to applications, data, and communications. BIDMC applications are all web-based and accessible anywhere in the world. All our files are web accessible as well as mountable via VPN. We have an SSLVPN from Juniper Networks available at We have a web-based large file transfer systems available at We are testing the ability to route incoming phone calls to cell phones and home numbers. The combination of all these features makes working from home simple and seamless.

4. Provider Order Entry order sets for isolation of infected patients

We're enhancing our internally developed provider order entry system with order sets specific to H1N1 so that clinicians can easily order standardized protocols for H1N1 isolation and treatment.

5. Public Health data reporting

We've built an automated interface to the Boston Public Health Commission.

Every day we send the following data to them from the Emergency Department

Daily volume
Chief complaint
ICD9 codes
Date of service

The Public Health folks create control charts and identify unexpected variations in symptoms and diagnoses.

We also participate in the Aegis project, a regional real time mapping of symptoms from 20 hospitals. Aegis includes alerting and cluster detection tools for use by public health officials.

The Aegis team at Children's hospital has also created Healthmap which parses news stories and displays outbreak information.

We remain nimble and will support our local, regional and national stakeholders as needed during this outbreak.

Friday, May 1, 2009

Cool Technology of the Week

As folks who read my blog know, I'm a great fan of cloud computing, software as a service, and working remotely.

There's a perfect client to complement these technologies - netbooks.

Netbooks are simple computers with an operating system, a processor that's good enough, and just enough memory and storage to ensure a positive web browsing experience. Most cost under $500.

I recently evaluated the Dell Mini 10 and it's my Cool Technology of the Week.

The Mini 10 is a netbook with a 1024x567 ten inch display, web cam, an Intel Atom Processor Z520 (1.33GHz/533MHz FSB/512K Cache), 1 Gig of memory, and a 160 Gig hard drive in a 2.5 pound package for under $400.

I found the keyboard, multi-touch track pad, and 10" screen to be the right proportions for rapid typing and easy viewing with my 47 year old presbyopic eyes. I accessed all my storage and applications in the BIDMC and HMS clouds via 802.11g on my home FIOS network and found the Atom processor fast enough to meet my needs.

Here are the full specs.

The device I tested ran Windows XP, but I plan to test Ubuntu, which is offered on other Mini models, as soon as it is available.

A full featured netbook with a screen like a 720p television that's lightweight and low cost. Cool!