Friday, June 24, 2011

An Update on Google Health

Google is retiring Google Health per the announcement below.

A few thoughts
*Google Health has the best user interface, feature set, and ease of use of all the stand alone personal health records
*Google Health is truly innovative and broke new ground when it created interfaces to hospitals, labs, and pharmacies in 2008.    I was there at the beginning and can definitively state that it was Google's reputation and vision that broke down the political barriers keeping data from patients.
*Google will be using the Direct standards to enable patients to transmit their Google Health data to Microsoft Healthvault and other PHRs

Thank you to Google and the Google Health team.  You really moved the industry.

Dear Google Health Partner,

As we just announced in the Official Google Blog, we will be discontinuing the Google Health service and platform over the next several months. For more context around this announcement, please check out our blog post.

Going forward, we recommend that you notify your team and discontinue any current development around your Google Health integration. Also, you’ll need to remove the integration functionality as well as Google Health related text and logos from your website as of January 1, 2012. Please consider this as our notice to terminate our agreement with you on the Google Health API Terms and Conditions, found at

We truly appreciate your partnership and support of the Google Health service.

Best regards,

The Google Health Team

CMS Clarifies Electronic Transmission

One of the more confusing items about Meaningful Stage 1 is what constitutes a test of electronic record exchange.  The HIT Standards Committee did not specify transport standards, so there are no certification criteria to test the ability of an EHR to send data from place to place.

It was unclear what kinds of transport constitute a valid test of data exchange - Bluetooth between iPhones?  e-Fax?  USB Drives?

Now we know from a new CMS FAQ - any transport standard will do, but physical media will not.

Here's the language:

"To complete step 2, an eligible professional, eligible hospital, or critical access hospital may use any means of electronic transmission according to any transport standard(s) (SMTP, FTP, REST, SOAP, etc.) regardless of whether it was included by an EHR technology developer as part of the certified EHR technology in the eligible professional’s, eligible hospital’s, or critical access hospital’s possession.

Please note that the use of USB, CD-ROM, or other physical media or electronic fax would not meet the measure of this objective and has been addressed in another FAQ (see FAQ #10638)  If the test involves the transmission of actual patient information, all current privacy and security regulations must be met."

Now that we know, feel free to send me a secure email (Zixmail, Accellion, Direct, S/MIME, or TLS) and I can validate your test!

Thursday, June 23, 2011

Hiking Denali

Given the responsibilities I have at BIDMC and HMS, I try to limit my travel.  I rarely take vacation time.

This summer is the last time my daughter will be living at home, so we're trying to balance work, family life, and opportunity.

The HIMSS Chapters of Alaska and Hawaii asked that I spend a day with them at the location of my choice - Honolulu or Anchorage.   I let my daughter decide.  She decided that experiencing the midnight sun, hiking Denali, and reveling in meadows of wildflowers would serve as an extraordinary graduation present.

Next week will be a balance of family time and work time.   I'll stay in touch will all my staff at HMS and BIDMC, lecture to the IT professionals of Alaska in person with a video conferencing connection to Hawaii, and explore Alaska with my family.

Here's our itinerary:

Sunday - We'll fly to Anchorage via Chicago enjoying the benefits of a 4 hour time change to arrive in Anchorage at 1pm.   We'll be at a latitude of 61 degrees north during the first week of Summer, so sunrise will be at 4:22 AM and sunset will be at 11:42 PM, giving us 20 hour days.   After we land, we'll drive to Girdwood, a former gold mining town 40 miles south of Anchorage.  It's close proximity to three national parks makes it a great base camp for a few days.  We'll hike and explore the area around Mt. Alyeska.

Monday - We'll drive further south to Seward and explore the Exit Glacier.  My daughter loves Alaskan Huskies and we'll be visiting a breeder and learning more about the Iditarod sled race

Tuesday - We'll return to Anchorage and I'll be meeting with IT professionals for a lecture and a few hours of informal conversation with the HIMSS Hawaii-Alaska Annual Meeting.   The folks from Hawaii will join by video conference.

Wednesday - I'll hike the Chugach Mountains with Steward Ferguson, CIO of the Alaska Native Tribal Health Consortium 

Thursday - my family and I will drive north to Talkeetna, the gateway to Denali National Park.   We'll spend the day driving the byways, exploring wildflowers, wildlife and the terrain.

Friday - we'll explore Denali national park to the limits of the roads that only touch the limits of the wilderness.

Saturday - we'll go deep into Denali via the shuttles that are the only way to access the remote trailheads

Sunday - we'll make our way back to Anchorage and fly back to Boston.

I'll be on blog holiday next week while I'm traveling.   I'll summarize the entire experience as soon as a I return.

Into the Wild!

Wednesday, June 22, 2011

The June HIT Standards Committee Meeting

The June HIT Standards Committee meeting followed the "Summer Camp" schedule precisely, and focused on health information exchange metadata (patient identifiers/provenance/privacy flags),  provider directories, patient matching, meaningful use stage 2 standards, quality measures, and feedback how to ease the burden of certification.

Farzad Mostashari, National Coordinator, began the meeting by highlighting the importance of taking first steps on early health information exchange use cases.  The notion of creating a standard envelope around data that identifies the patient and the sender of the data enables many transactions.   Supporting privacy flags enables the recipient of the data to obtain necessary consents before viewing data and to store the data optimally to respect patient privacy preferences (such as special locked areas for mental health, substance abuse or HIV related data).   Privacy flags may not be needed if the patient is the source of the data or the patient gives consent to disclose and consent to view directly to the provider at the point of care.

Stan Huff led the metadata discussion and reviewed the work that has been done to date on patient ID and provenance standards.   For patient ID, we considered many options but selected a very simple XML construct based on a streamlined CDA R2 header.  This XML has nothing healthcare specific such as OIDs in it.   For provenance, we considered many options but selected a very simple XML construct based on a streamlined CDA R2 header and X.509 certificates for digital signature.  The signature could be an institution, a department, or an individual, as needed by the use case.   For Privacy we considered many options and recommended a CDA R2 Header with a simple vocabulary to indicate that sensitive data is present.   The list of sensitive data types could include mental illness, substance abuse, sexually transmitted disease data, HIV data, domestic violence data etc. or it could be a simple indicator that sensitive data is present.  Specifying such a vocabulary is future work.

A robust discussion followed about privacy flags.   Here are important clarifications

1. During transmission, the envelope of metadata plus the payload of content is fully encrypted and so the metadata is not readable until it arrives inside the organization or to the person authorized to read it.

2.  Much of the time, no privacy flags are needed because the patient will be the source of the data and will elect what to disclose to whom.   Privacy flags would likely be needed when data is assembled from multiple sources and is received by a provider who needs to obtain special consent before viewing it or apply special protections before storing it.

3.  A privacy flag would enable data to be automatically routed to specially protected areas of the EHR.

4.  The CDA R2 header standards are used millions of times per day throughout the world but this subset of them and constrained specifications of how/when they are used should be tested before regulations require them for specific transactions.

5.  The recommendation to use CDA R2 headers for metadata is the beginning of a formal ONC process to seek comment, feedback and stakeholder engagement regarding their use.

Based on all these clarifications, the HIT STandards Committee approved the use CDA R2 header for metadata as a formal recommendation to ONC as it begins the NPRM process.

Next, Dixie Baker and Walter Suarez presented Provider Directory recommendations.   At last month's meeting, they suggested the use of LDAP/IHE HPD standards and received  feedback that these standards were not the best fit for cross organizational/federated directory lookup.   They reconsidered the possibilities and examined DNS as a means to find IP addresses and certificates, the concept of a Top-Level-Domain as a means to create a uniform, secure way to retrieve directory information about healthcare organizations (of note, ICAAN announced that such Top Level Domains will soon be very easy to create), and the use of microformats/microdata as a means of creating simple federated lookups for provider directory information that cannot be stored in DNS, such as street address and phone number.  Web pages containing such data can be secured with Extended Validation certificates to provide identity verification of the entity publishing the information i.e. it really is Beth Israel Deaconess publishing the directory information about Beth Israel Deaconess.  Summarizing their recommendations for provider directories:

1.  DNS should be used for certificate retrieval per the Direct Specification plus web pages with microformats/microdata should be used for additional directory information.   These web pages can be federated via standard search engine technology.

2.  A Top level domain can be considered in the future, but there is no need to implement one now.

The HIT Standards Committee approved this recommendation as input to the S&I framework process.

Next, Doug Fridsma let a discussion of progress on "Summer Camp".

Marc Overhage presented the work on patient matching, noting that the work of the group is to specify those data elements that can be used to match patients, achieving a reasonable balance of sensitivity and specificity i.e. it's ok to occasionally not find a patient's record, but it is very bad to find the wrong record.   The team is not specifying the matching algorithm such as exact match, probabilistic match, partial match (first six letters of last name), Soundex or other approaches.   Their work to date suggests using patient name, gender, date of birth and numeric identifiers (such as driver's license number, payer member number, last 4 of SSN etc.).   It does not preclude the possibility that new identifiers such as an opt in patient healthcare ID, a DIRECT address, or other identifier could be included in the future.

Dixe Baker presented an overview of the Nationwide Health Information Network power team effort which will create a set of building blocks encompassing all the requirements of the existing NwHIN Exchange standards and Direct standards.   Their final report will be presented in September.

Steve Posnack presented the Standards and Certification Criteria codeset update that enables the latest version of SNOMED-CT, LOINC and CVX to be included in Certification testing.

George Hripcsak and Josh Seidman presented an overview of Meaningful Use Stage 2.   In the next few weeks, ONC will determine what gaps need to be filled with new standards specifications.

Jim Walker presented the Clinical Quality Workgroup Update as the group continues to simplify the computation of measures and reduce the level of effort to comply with the quality reporting requirements of meaningful use.

Jamie Ferguson and Betsy Humphreys presented the Vocabulary Task Force Update.  Soon, standards subsets will be available that will reduce the burden of implementation and compliance with meaningful use vocabulary standards adoption.

Judy Murphy and Liz Johnson presented the Implementation Workgroup Update.   They are completing data gathering and analysis of feedback on the certification process and ways in which it can be improved for stage 2.

A very productive meeting.   I look forward to the July meeting and the work ahead on Meaningful Use Stage 2 standards.

Tuesday, June 21, 2011

Introducing and Microdata

In my recent Standards Summer Camp post I discussed the concept of microformats as a way to standardize provider directory information in a simple to use and easy to index web page.

Now, Google, Microsoft, and Yahoo have agreed on uniform microdata formats and placed the specifications in a shared location -

Here's the press coverage of their announcement.

The idea is simple - search engine providers collaboratively document a single set of tags for commonly expressed concepts - people, organizations, places etc.

Web page authors markup their pages with these schemas, making true semantic web possible - no RDF necessary.

There's even a schema for provider directories already published! is in essence Google,  Microsoft Bing, and Yahoo telling web authors "go forth and markup your pages per the specifications at and we'll understand them." and microdata provides a very interesting alternative for federated, human readable, and searchable provider directory information.   We'll be discussing it at the HIT Standards Committee on Wednesday.

Monday, June 20, 2011

Making Patient Engagement Useful

Stage 2 of Meaningful Use is likely to include numerous patient engagement features.

BIDMC has been offering Personal Health Records since 1999 and we've learned that patient information must be organized appropriately and wrapped in patient education materials so that the data is transformed into knowledge, and is actionable.

I recently visited my PCP for an annual physical.  Ok, to be honest it was my first visit in 4 years since as a physician I am uniquely poor at seeking regular preventative/wellness care.   My PCP ordered a Urinalysis, a metabolic panel, lipids, and a CBC from Quest.   Quest has a very cool feature that enables patients to upload their lab results into Microsoft Healthvault and Google Health.

Google does a technically elegant but less than useful thing - a list of test names and values in alphabetical order that mixes my urine, chemistry, microbiology, and hematology tests together randomly.    You cannot even tell what is a blood result and what is a urine result.   There are no educational materials.

Microsoft organizes the results by panel, which is great.    Although at times, healthcare data should be organized into attribute-value pairs for mining and analysis, presentation to patients requires persistence of the original format of the lab panels as they were ordered.  Microsoft wisely recognizes this.   The only improvement would be to include educational materials for each test.

BIDMC's Patientsite includes tests clustered in panels as they were ordered, trends them over time, and provides educational materials.

My advice to the industry - please do not consider labs to be discrete data elements, instead treat them as collections of data that are clustered according to body fluid, date, and panel.   The user interface needs to include patient educational materials/self management tools so the patient understands what is being tested and why the result is relevant.

Ideally, after viewing labs, patients should be able to ask their clinicians questions, schedule an appointment, or seek a referral online.   Since most stand-alone Personal Health Records do not include integration into clinician office workflows, patients tend to prefer Personal Health Records that are directly linked to the EHR of their providers, such as those offered by Epic (MyChart), eClinicalWorks (Patient Portal), and self-built provider systems (BIDMC's Patientsite, Partners' Patient Gateway).

If we're going to change the culture so that patients demand personal health records and stewardship of their own data, we need to make the tools usable!

Friday, June 17, 2011

Cool Technology of the Week

CIOs are expected to deliver stability, reliability and security.   Change and unpredictability make this is a very challenging proposition.

The exponential adoption of mobile devices is one of the greatest challenges for CIOs as consumer devices are connected to corporate networks and users expect to run enterprise applications in environments like iPads, iPhones, and Android devices.

At BIDMC, our web applications, distributed via the Imperva web application firewall, work just fine on these mobile devices.

However, we have little control other than policies as to how devices are configured and secured.

Good Technologies provides a suite of products that builds a secure containing for business applications while enabling personal data and applications to co-exist on consumer oriented devices.

Here's an overview of how it works.

Many fellow CIOs across industries have told me that Good provides the controls and security that enables a CIO to keep business applications secure, while allowing customers the freedom of buying and supporting their own personal devices.

A technology that offers consumers choice, while also supporting the CIO's need to protect enterprise applications.

That's cool!

Thursday, June 16, 2011

How Does Your Garden Grow?

Thursday blog posts are an opportunity for personal reflection.

This Spring, my wife and I planted flowers and vegetables in the Wellesley Brookside Community Garden (we're plot 13 at the corner of Oakland and Brookside)

Here's a glimpse of the garden as we approach the first day of summer.

Our 5 raised beds include tomatoes, peas, lettuce, eggplant  and basil:

Cutting flowers and climbing vines for the hummingbirds:

Beans, squash, borage, spinach, and thyme

Onions, cucumbers, kale,  parsley, and beets

A hand-built grape trellis, with morning glories, and runner beans.

I also built 2 bird houses (wren/bluebird, and nuthatch/chickadee) and 2 birdfeeders (hummingbird nectar and sunflower seed).

We're already harvesting more lettuce than we can eat.

As we weed, compost, and tend to the garden on nights and weekends,  I leave my Blackberry in the car because unlike this recent article in the Boston Globe, a mental recharge is more about being disconnected than connected.

During quiet times of reflection, I'd rather focus on sunflowers than servers, eggplant than email, nasturtiums rather than networks, mushrooms rather than malware, and gardening rather than Gantt charts.

Society today is so stressed that community volunteer work is considered is distraction, the shortest measurable time is not the nanosecond but the time from the light changing green until the BMW behind you honks, and aggressiveness is confused with leadership.

My garden grows with the family's love and attention to the process of transforming a seed into a delectable shared meal, knowing that our labor created food for the soul as well as the body.

Wednesday, June 15, 2011

The Massachusetts HIT-HIE Advisory Committee

Today, the Massachusetts HIT-HIE Advisory Committee  begins its work.  The Advisory Committee will serve as a multi-stakeholder advisory body to the Health Information Technology Council,  the Massachusetts HIT governance body chaired by Executive Office of Health and Human Services (EOHHS) Secretary JudyAnn Bigby. The Advisory Committee’s primary focus will be to make recommendations on  the design and implementation of healthcare information exchange (HIE), as well as on other health information technology policies for the Commonwealth.

We'll be reviewing this presentation which includes a review of the HIE work done to date, the proposed State Medicaid Health Plan, and the national standards work ahead.

The key initiatives of the State Medicaid Health Plan (SMHP) include:

EHR Program – Administer the Incentive Payment program enabling payments through the state’s MMIS (Medicaid) system

Direct Project  - Promote the adoption of the Point-to-Point Push capability by providing increased level of documentation, training and a common HIE interface. Extend use case to include some EOHHS Department of Public Health services

Record Locator Service – Enabling a citizen record locator service.  Infrastructure could be leveraged for statewide use.

Provider Directory Interface –  Create/establish a statewide Provider Directory

Public Key Infrastructure (PKI)/Certificate Management  - To support HIE and Medicaid security infrastructure.

Health Information Service Provider – To make HIE services available to providers that meet certain economic and technical qualifications. This is especially targeted to HIE actors not affiliated with larger organizations and networks. Including in this consideration is consumer education and involvement.

Massachusetts Virtual Gateway (VG) upgrade – VG is the front door for many of the Health and Human state services  Enhance this critical service by further increasing support for standards-based interfaces including Direct.

Clinical Database – Enabling a data-marts in support of Meaningful Use measures.

Connection to Quality Data Center – Establish Medicaid performance measure infrastructure leveraging standards-based Quality Data Center service providers.

Formulary/Medication Management - Reducing errors in drug identification by enabling global access to accurate medication data for improving prescription practices and patient compliance using NCPDP 8.1 for Medication History and HL7 for Medication Reconciliation. Electronic Prior Authorization is another area of opportunity.

Re-architecting and Enabling Payment Methodologies – With the advent of payment reform, flexible IT claim processing systems shall be needed to quickly adapt to the evolving ACO (and other) programs and reforms.

Claims Relay Service Analysis and Design Project – Similar to the HL7 and HIPAA Hub concept, this project shall provide a single gateway for the submission of claims for MassHealth (regardless of medical, pharmacy, Dental or Health Safety Net Claims)

Public Health Interfaces (labs, immunizations, syndromic surveillance) – Targeting an EOHHS MA Single End Point (XML Gateway) for a variety of “services” including both HL7 transactions and HIPAA transactions. This includes bi-directional sync and async support.

Statewide HIE Solution Integration Services – Systems Integrator services supporting above project and aggressively advancing the adoption of  statewide HIE services.

Our first task will be reconcile health information exchange planning done to date with the state medicaid health plan and evolving meaningful use stage 2 requirements.

I look forward to the discussion!

Tuesday, June 14, 2011

Standards Summer Camp

At the April HIT Standards Committee meeting, Doug Fridsma kicked off the Summer of standards - an accelerated effort to support the regulation requirements of Meaningful Use Stage 2.

We've been hard at work with meetings and phone calls since then.   The schedule for standards deliverables has crystalized and here's what we've done and we're doing:

Certificate Recommendations

Metadata preliminary recommendations
Provider preliminary recommendations
Vocabulary preliminary recommendations

Metadata recommendations
Provider Directory recommendations
Patient Matching preliminary recommendations
Vocabulary recommendations

Patient Matching recommendations
ePrescribing of discharged medications recommendations
Syndromic Surveillance recommendations
Quality Measurement recommendations

Simple Lab Results recommendations
Transitions of Care recommendations
CDA Cleanup recommendations
NwHIN preliminary recommendations

NwHIN recommendations
Summary of all recommendations from Summer Camp

The June HIT Standards Committee will include reports from
a.  the metadata workgroup on patient identifiers, data provenance, and privacy flags
b.  evaluation of competing provider directory approaches - LDAP, DNS, and microformats
c.  an early look at strategies for patient matching

We'll also have to consider the implications of recent Policy Committee debate on Meaningful Use Stage 2.    As you'll see in their presentation, there are many requests for new standards.

We'll have an exciting few months ahead.   When our handoff is complete in September, ONC will turn our recommendations into a Notice of Proposed Rulemaking by December/January and the country will have a complete set of Meaningful Use, Standards and Certification regulations finalized in mid-2012.

Given that Meaningful Use Stage 2 will likely be deferred a year (organizations who attest in 2011, can begin the measurement period for stage 2 on October 1, 2013 with attestation on October 1,2014, receiving three years of payment based on stage 1 requirements), this timing should give the industry 18 months to rollout the software changes needed.

Monday, June 13, 2011

Assessing US National Healthcare IT Efforts

As I travel the world speaking about the Health Information Technology for Economic and Clinical Health (HITECH) Act, I'm often asked to present objective evidence that it is making a difference.

Here's the progress thus far:

1.  The HITECH program has elevated our national consciousness about Electronic Health Records (EHR) and moved the market considerably forward.   Every hospital CEO knows the term Meaningful Use and believes it is an important 2011 goal.   On my plane back from Scotland two weeks ago, the person sitting next to me (a scanning software engineer), asked about the impact on Meaningful Use on the scanning software market.    With every strategic affiliation BIDMC proposes, the first question asked is how Health Information Exchange (HIE) will support care coordination and the analytics which support the evolving payment models of healthcare reform.    It's clear that EHR and HIE have become commonplace topics of conversation.

2.  State HIE plans require a focus on e-prescribing, electronic lab result messaging, and clinical summary exchange.    State will have to report metrics.   With publicly reported metrics, you can be sure states will be motivated to accelerate adoption.

3.  Every recipient of federal HIE funds had to create a strategic and operational plan, which is a great step forward.  Those plans are publicly available.   As Beacon community and HIE success stories become widely known, it's likely these HIE plans will be revised so that a network of networks connecting state HIEs together will evolve.

4.  Kaiser recently podcast an interview with Farzad Mostashari, National Coordinator, highlighting the progress thus far.

5.   According to the National Health Information Technology Research Center (HITRC), the HIT Regional Extension Centers nationwide have enrolled more than 50,000 Priority Primary Care Providers (PPCPs) to begin the process of achieving Meaningful Use.

6.  Doug Fridsma notes that Direct Project for health information exchange has support from vendors which constitute 90% of the US IT market share.

7.  For the first time in history, patients are telling me they will not go to a doctor without an EHR, since they view it as essential for quality, safety, and efficiency.

Yes, we'll need to wait a few more months before concrete numbers on Meaningful Use attestation are available.   However, I believe the cultural transformation, leading to widespread support for EHRs in the US, has already happened as a result of the US national healthcare IT efforts.

Friday, June 10, 2011

Cool Technology of the Week

Stolen laptops can have a cost that far exceeds the repurchase or hardware or software.

There is lost work, lost important personal media (such as photographs of family), and possibly confidential data.   Hopefully any mobile device hosting patient data is encrypted.

Hidden App makes software that is analogous to a nanny cam.   Pictures and screen prints of your mobile device are secretly sent to a cloud-based server to assist in recovery of the device.  The cost is $15.00/year.

Here's a great USA Today case study that describes a successful laptop recovery.

A nanny cam for your mobile devices.  That's cool!

Thursday, June 9, 2011

Thoughts on my Daughter's Graduation

Last Friday, my daughter graduated from Wellesley High School.

Just as it was a milestone for her, it was a pivotal life event for her parents.

Lara was born 18 years ago.   We had no idea who she would be or what she would become.

During her early years, I was an Emergency Medicine resident.   The nature of shift work meant that I could spent at least 12 hours of every 24 hour cycle with her - reading, walking on the beach, going to the park, strolling the Los Angeles zoo, and playing her favorite computer games - Pajama Sam, Freddie Fish, and Spy Fox.

We moved to Massachusetts when she was 3, exactly 15 years ago this week.    My Emergency Medicine faculty and Informatics Fellow schedule enabled us to explore nature, hunt geocaches, and camp on the Boston Harbor Islands.

As I became a CIO, life became a bit more complicated, but every weekend we went to Drumlin Farm, Broadmoor, and other Audubon sites.

By the time she was an adolescent the time spent together evolved to time spent with her friends, extracurricular activities, and schoolwork.   I served as her transportation, advisor, and editor.

As she blossomed into an adult, we became peers, having honest and open dialog about relationships, world events, and the challenges ahead.

All along the path, we tried to give her the latitude to celebrate her own successes, learn from her own mistakes, and experience the many facets of the 21st century world - within limits that kept her from going seriously off track.

She begins college in just 2 short months, making decisions about when to sleep, what to eat, and how to study, all on her own.    Her house will be here whenever she wants to visit and her parents will be available whenever she wants to call.   We'll not have the pitter-patter of her feet on the stairs, the ebb and flow of her friends, or the vibrant but sometimes unpredictable schedules she added to our lives.

Her parents will garden, travel, rekindle their 30 years of romance together, plan for the future, and write checks for college.

Based on all my conversations with other parents, I know that this transition is truly not saying goodbye and declaring the end of parenthood.   It's the beginning of another chapter filled with new demands, more complex issues, and expanded possibilities.

As she graduates, the most important thing I can offer is my love and support, including a clear expectation of what I believe will constitute success in her next phase of life.   This poem by Ralph Waldo Emerson says it better than I can:


To laugh often and much;
To win the respect of intelligent;
people and the affection of children;
To earn the appreciation of honest
critics and endure the betrayal of false friends;
To appreciate beauty, to find the best in others;
To leave the world a bit better,
whether by a healthy child, a garden patch,
or a redeemed social condition;
To know even one life has breathed
easier because you have lived.
This is to have succeeded

So Lara, congratulations on an extraordinary high school career.   Now, go define your own success.   We'll be here to beam with pride.

Wednesday, June 8, 2011

Harmonizing Provider Directory Standards

Two weeks ago, I wrote about a strawman for embracing internet-based standards to support the provider directory services needed by health information exchanges.

Wes Rishel wrote a blog post about a related approach to creating provider directories and exchange certificates using microformats embedded in web pages that are protected by Extended Validation Certificates to provide assurance that the information is trustworthy.  

Microformats are a simple idea - using standard tags embedded in simple web pages to create semantic interoperability, empower search, and enable standard visualization of data.  Microformats are already in use for calendaring and have been proposed for other standard information sources such as recipes and resumes.  Extended Validation Certificates are standard X.509 digital certificates issued using strict identity-verification criteria.  

As we prepare for the next HIT standards committee meeting, many people are thinking about the best approach for building an industry-wide provider-directory capability using simple web standards.   A guiding principle of the HIT Standards Committee is to “Keep it simple; think big, but start small; recommend standards as minimal as possible to support the business goal and then build as you go” . This eliminates most complex implementation guides based on assembling esoteric, seldomly implemented, non-internet friendly standards.

The committee will find use of generalized internet standards such as DNS and simple XML tagging structures such as microformats very appealing.

Is there a combination of the approach I suggested on my blog and the approach suggested by Wes that works?

I think so.

As Wes notes in his blog, exchanging health information using Direct requires a “Direct Address.”  Nationwide Health Information Network (NwHIN) enterprises other than those using Direct have no common addressing scheme.   Creating a .HEALTH Top Level Domain with an entry for each entity participating in health information exchange would create an easily recognizable addressing scheme for the industry.   These addresses could point to highly trusted microformatted web pages containing directory information and certificate data, creating a directory solution without changing existing business models or processes.   This could be a winning approach.

Direct has chosen DNS for certificate distribution and although the DNS standard supports this function, no one other than Direct has used this approach for certificate management.  Indeed, not all Direct participants use this approach.

The NwHIN, including but not limited to Direct participants,  requires routing information to exchange information between entities.

Would it be much cleaner to have a top level domain that encompasses all  entities which exchange health information, including but not limited to NwHIN Exchange and Direct participants, and that provides an index of secure microformatted web pages containing certificates and other directory information for all participants in health information exchange?

We'll have several calls and meetings on this subject over the next few weeks.    Expect a convergence and recommendations soon.

Tuesday, June 7, 2011

ICD10 Kickoff meeting

Although BIDMC has finished its 5010 work in anticipation of the January 1, 2012 deadline, we're just beginning our ICD10 project for an October 1, 2013 go live.

As I've written about previously, I believe that ICD10 implementation should be delayed until after Meaningful Use Stage 3 (2016) to enable widespread adoption of structured clinical documentation including vocabularies like SNOMED-CT which will provide the necessary detail for coders using ICD10.   Moving forward with ICD10 in the absence of enhanced electronic clinical documentation makes no sense.

That being said, we need to follow the October 2013 timeline, as that is the current requirement.

Our ICD10 Steering Committee includes a multi-stakeholder group from inpatient, ambulatory, finance, HIM, our physician's organization,  and IS.   ICD10 is not an IS project, but is an enterprise project involving all operational areas.

To ensure a common understanding about the scope of work ahead, I've prepared this presentation.

I've also circulated a sample project plan from the American Medical Association.

At our first meeting, we'll need to select a project manager and allocate the resources for the detailed work ahead including

*completing an inventory systems where ICD info is housed.
*checking with each of the software vendors so impacted to see if the current version of their software can support the extended characters and transitional issues
*determining the state of our software installs and plans for upgrades to compliant versions
*checking payer contracts for use of ICD10 codes
*creating test plans for pre-production cutover
*conducting training sessions for our coding staff on ICD10
*contacting payers on their timeframe for being compliant and arranging pre-production test plans
*checking web reporting systems such as State, Federal, or others on use of ICD10 codes

If ICD10 was delayed until 2016, our approach would be different.    We'd focus on getting widespread provider adoption of SNOMED-CT on the front end, then limit ICD10 implementation to back office functions, mapping clinically focused SNOMED-CT codes to administrative ICD10 codes for billing.  Let's hope wise folks at CMS realize the benefits of such an approach.

Until then, our project will march ahead.

Monday, June 6, 2011

The Accounting of Disclosures NPRM

On May 31, HHS Published a notice of proposed rulemaking (NPRM) on the HIPAA Privacy Rule Accounting of Disclosures Under the Health Information Technology for Economic and Clinical Health Act (HITECH).

Here's Robin Raiford's bookmarked version of it.

The purpose of the NPRM is to implement the statutory requirement under HITECH to require covered entities and business associates to account for disclosures of protected health information to carry out treatment, payment, and health care operations if such disclosures are through an electronic health record.

Remember that HIPAA did not require disclosure logging for treatment, payment and operations.  This revision does, when such data is disclosed/accessed via an EHR.

In the certification process, demonstrating accounting of disclosures is optional, so it's likely many certified EHRs lack accounting of disclosure functionality.

Wes Rishel wisely warns us that this may be very challenging to implement for hospitals with complex built and bought systems.

Here's Rebecca Herold's blog summarizing the major points of the NPRM.

She also describes the definition of a designated record set.

Under the current provisions of the HIPAA Privacy Rule, covered entities are required to maintain records on disclosures of protected health information for a period of six years, and to furnish an accounting of disclosures to individuals who request them. The HIPAA Privacy Rule included an exemption for disclosures for the purposes of treatment, payment, health care operations, and a variety of other special circumstances, including disclosures to the individual of their own PHI. Collectively, the excepted purposes constituted the vast majority of  disclosure.  HIPAA also covered all PHI, whether in paper or electronic form. HITECH shortened the accounting period to three years, but removed the exemptions for treatment, payment, and health care operations when the disclosure of information is from an EHR.  The NPRM explicitly lists the types of disclosures that are subject to the accounting of disclosure requirement, rather than the prior approach of generally requiring inclusion but enumerating specific exceptions.

The NPRM does exempt disclosures made through a health information exchange, noting that the technology to track such disclosures is still evolving.   The authors state

"as electronic health information exchange expands and standards for such exchange are adopted, we intend to work with ONC to assess whether such standards should include information about the purpose of each exchange transaction. Adoption of such standards may significantly reduce the burden on covered entities to account for treatment, payment, and health care operations disclosures through electronic health information exchange. We then intend to revisit this issue and determine whether the accounting requirements should be revised to encompass such disclosures, in light of the interests of individuals and the reduced burden on covered entities."

The burden of implementing this regulation, especially in complex organizations with many departmental systems, could be very high.

I'll watch the comment period very closely.

Friday, June 3, 2011

Cool Technology of the Week

As BIDMC creates automated workflows, moving from a hybrid paper-electronic record to a completely electronic record, we are supporting multiple approaches to capture the data.   We use electronic forms, web-based structured documentation, voice recognition, PDF files with metadata that inserts them into the correct record, and scanning.

Today, Ricoh introduced the eWriter Solution, a combination digital clipboard and cloud based solution for capturing structured data such as consents, patient intake information, and home care data.   It uses an e-Ink display with WiFi/3G/GPS built in and a 20 hour battery life.

The idea is simple - when forms are created, they have an appearance just like paper using the same display as the Kindle.   A stylus is used to check boxes, add free text, sign forms etc.   Data is sent to cloud servers as PDFs, XML-encoded structured data, and pen pressure/velocity metadata to provide reliable assurance that a signature is real, should forensics ever be needed.

This approach works very well for those workflows that are highly distributed in sites without significant IT support, for workers who have an affinity for paper and find the use of iPads/iPods/iPhones a challenging learning curve, and for those tasks that easily automated through the use of pre-populated forms with largely structured responses.

Gathering signatures on pre-op consents is most often done in the community setting.  Capturing consents electronically in small provider offices via a cloud-based service makes great sense.

A wireless clipboard based on the e-ink display with cloud based services to gather structured data.

That's cool!

Thursday, June 2, 2011

Choosing a Great Single Malt

During my trip to Scotland I had the opportunity to learn more about single malts from my Scottish hosts.  If you really want to choose a great whisky, ask a Scotsman!

Andrew Morris, a Professor at the University of Dundee, and the person who invited me to Scotland, is a member of the Royal and Ancient Golf Club in St. Andrews.  For golfers, this is a sacred place, the home of golf.   Andrew is a member,  a remarkable honor since only 300 people in all of Scotland are members.   As we entered the club, I walked by the British Open trophy which sits next to the lockers of club members.   I looked at the name plate closest to me - "A. Palmer".

We retired to the "Great Room" under a painting of the Queen and asked about the single malts served by the club.   They serve two which are produced exclusively for the Royal and Ancient - an Islay (pronounced eye-lay) bottling from Western Scotland and a Speyside bottling from Eastern Scotland.    Western single malts are often more Peaty/Smokey/Earthy in character while Eastern single malts are more subtle with flavors of sherry and vanilla imparted from the casks they are aged in.   I ordered the Speyside and added just a drop of water to release the aroma.   Over 30 minutes I cradled the glass, sipping slowly to savor the amazing nose and palate.

As we left the Royal and Ancient at 10pm, people were still golfing on the 18th hole of the Old Course.

Here are the favorites suggested by the folks in Scotland I asked:

Lagavulin (Islay) - a smokey, peaty, complex  whisky  that is considered by many to be the finest single malt made in Scotland.   On most restaurant menus it commands a higher price because of its reputation and quality.

Highland Park (Orkney Islands) - a peaty whisky with a sweet/sour finish and subtle vanilla flavors.  The northernmost distillery in Scotland.

Talisker (Skye) - a peaty whisky, from the only distillery on Skye.  Robert Louis Stevenson regarded Talisker as 'the king of drinks' and who would argue with him?

There are many myths about Scotland - that kilt wearing, bag pipe playing,  freedom loving men (per Braveheart), are thrifty with their money and enjoy a wee dram in the pub on a daily basis.    I saw no kilts, heard no bag pipes, and although we did rehydrate at pubs after our hikes with fine Scottish ales, the only whisky I consumed was at the Royal and Ancient.   The Scottish are warm, gregarious, and selfless hosts.

Thank you Andrew for a remarkable experience and an amazing education about Scotland and its people.   I'll raise a toast with a freshly opened bottle of Lagavulin.

Wednesday, June 1, 2011

HIT Lessons Learned from Scotland

My trip to Scotland provided a remarkable opportunity to exchange ideas and experiences.

Scotland has nearly 100% adoption of electronic health records among general practioners and is making good progress in hospitals with innovative built/bought inpatient systems.   As in most countries, health information exchange is still evolving, but novel databases supporting disease management at the community level and an emergency care summary exchange are already live.

Here's what I learned while in Scotland

1.  Scotland has 5 million people - about the same size as Massachusetts.    There's a real "can do" attitude that makes significant change at the national and regional level possible.

2.  General Practictioners are passionate about IT.   There are 2 major electronic health records (Vision and EMIS) used in ambulatory settings in Scotland.  I was able to test them with demonstration patients and they seem to be a bit more focused on creating a journal of patient health events as compared to EHRs in the US which follow the Meaningful Use paradigm of structured problem lists,  e-prescribed medications, allergies, notes/reports, and coded diagnostic results.

3.  Healthcare information exchange between EHRs and hospitals is document centric.   My limited experience suggests that clinical encounter summaries in Scotland are shared via episode of care documents rather than structured data element exchange.

4.  There is a national healthcare identifier which enables records to be coordinated and aggregated in a national emergency care database, registries, and for continuity among caregivers.

5.  The National Health Service provides comprehensive care across all settings and therefore can drive innovation and adoption across the country.

Scotland has many of the same healthcare challenges as the US - increasing obesity, earlier onset and increased numbers of diabetics, and the worldwide issues of tobacco and alcohol use.  

Through the use of careplans/guidelines, registries, electronic health records, and care coordination across the community, Scotland is hard at work improving public health and population health.   I think of Scotland as an extraordinary testbed for healthcare IT implementation.  With its high adoption of EHRs among community clinicians, its bottom up approach to creating automation to meet the need of hospital stakeholders at a local level, and its population size that makes implementation doable, I highly recommend that vendors partner with Scottish healthcare provider organizations to test innovative solutions which can then be spread throughout the world after successful pilots.

Thanks for Andrew Morris and the University of Dundee for hosting me.  I look forward to our further work together.