Welcome to EMR and HIPAA

Recently I’ve been reading a fair amount about the movement that many are calling Health 2.0. I think the most simple description of Health 2.0 is applying many of the Web 2.0 concepts to health care. My question is whether EMR fits into Health 2.0. My personal feeling is that most of them don’t. Most Web 2.0 projects are consumer facing projects that allow people to interact, collaborate and participate in the process. EMR software is more about facilitating a doctor’s charting.

Certainly you could make a good case that a patient portal or EHR is more Health 2.0. In fact, that really seems to cut to the heart of Health 2.0. Creating a powerful interface between doctors and patients so that patients are a part of the process. However, I think that most EMR in their current state don’t benefit from this type of interaction.

Of course, this begs the question of whether an EMR should have this type of interaction. My short answer is that it should, but until the payment systems catch up with the technology that creates these interactions we won’t see broad Health 2.0 application to EMR software.

For those loyal readers of this blog, you’ll know that open source software and in particular open source EMR software has been a much discussed topic. I guess people love it when you talk about a free EMR. I must admit that I’m always intrigued by open source (free) software and open source EMR software is no different.

I recently came across a list of the top 100 Open Source Software Tools for Medical Professionals.

You know I’m a sucker for a list and I especially like EMR lists, so here’s their top 10 open source EMR software:
1. FreeMED
2. OpenEMR
3. OpenEMR Current
4. OpenEMR Virtual Appliance
5. FreeB
6. SmartCare
7. XChart
8. OpenMRS
9. Open Dental Software
10. ClearHealth

Quite an interesting list to choose from. Now if I could just get the data on number of installs for these applications. When I mean installs I mean doctors who actually use these open source EMR systems every day in their practice. Anyone want to let us know where we can find that data? Or any open source EMR packages want to fill us in on their progress?

I’ll update the post if I find anything or get that information in the comments.

Interesting. I wonder why none of these are CCHIT certified?

A little while back I got an email asking me if I was interested in writing an article for Medscape about “Choosing an EMR.” I figured that might be a fun experience considering I’d written so much about the topic of choosing an EMR on this blog that it would be pretty easy to do.

Luckily, all went well and they accepted the article that I wrote and published it to their site. I think the article turned out pretty good and offers some decent insight for someone interested in selecting an EMR. I think the selection process is probably the EMR industries biggest barrier to adoption right now. The technology is certainly there now, but there are just too many choices right now that it is really hard for a doctor to know which EMR is best for them. Unfortunately, many just choose to not make a decision and just continue on with paper charts. Hopefully this article will help a few doctors offices get on the right track and implement an EMR successfully.

In the end, it was a really fun experience going through the process of writing an article that’s going to be published. It’s much more difficult than writing about EMR on this blog. It took hours of work for me to write that article. I wanted to make sure that I provided significant value to the readers of the article and that I didn’t leave anything important out. By comparison, this post that I’m writing now won’t take more than 10 minutes. Blogging is better that way, because I know that my insightful readers will correct me if I post something that’s way off kilter.

At the end of the day, it’s really fun to see my writing published and my name alongside a contribution to the medical community. I also got a big kick the other day when I was helping one of my PA’s with something and I saw he subscribed to Medscape. Made me feel good that I was being published in what he considered to be a credible medical source.

One final thought, I’d love to hear people’s feedback on my article “Choosing an EMR.” Leave all your thoughts, good and bad, in the comments.

Just the other day I saw an old link to an EMR Jobs website. Of course, I’m always interested in seeing what type of EMR jobs are out there. I’m not currently looking for a new job, but I do finish my masters degree in May and so I may be looking for a new job in the EMR, EHR, Healthcare or possibly IT area soon. However, I was a little bit saddened by the list of jobs on that EMR job website. I even took a look at EMR jobs on Indeed.com to see what they had to offer. Looks like there is some decent potential there. A search on Monster for EMR jobs left me less enthusiastic.

Honestly, most of the jobs listed required specific knowledge of an EMR software. This really surprised me. Seriously, the EMR systems aren’t that different and an intense 2 days of training/playing on an EMR system and you’ll get a pretty good idea of that EMR. Certainly it makes sense to put that knowledge of the EMR is preferred, but often I think that someone without the cultural baggage of poor implementations or other biases might be better than someone with previous experience with the EMR. In fact, from a product perspective having a fresh set of eyes to give new feedback and suggestions could be incredibly valuable to a company.

In the end, I have a feeling that searching any of these job boards won’t be nearly as valuable as connecting to people you know. I guess that’s why I think this EMR and HIPAA blog could be very valuable for my career. Anyone else have advice for those looking to work in the EMR field?

As many of you know, I love getting comments on my blog. Plus, comments on my blog often ask very good questions that I prefer to just answer as a separate blog post. I’ve considered a few times trying to integrate something that would allow people to ask questions that I could then answer, but I’ve never found just the right solution. Until then, just leave a comment and I’ll reply as best I can.

The following quotes are from a comment Sean made on my Choosing and EMR or EHR post.

Eric,

I’m not sure how he got my name as Eric since it’s not Eric. Possibly he was confusing it with my post about Eric Schmidt’s Google Health Announcement at HIMSS. I really don’t mind what you call me as long as you leave insightful comments and questions.

Thanks for the informative blog. I hope others have found it as interesting as I have.

Thanks. I’ll pay you later for the compliment.

I have a question about EMR implementation & you may be able to provide a good answer: When a practice adopts an EMR solution, what is the process by which all of the existing files get scanned & imported to the EMR? Do practices send their files to an outsourced (and presumably HIPAA compliant) scanning company? Or do they buy a scanner & have the staff or temps scan them in bulk? Or do they scan patient files as those patients come to the office?

Do you have any insights here? Seems like a big part of the process, but I’m having trouble finding information about it.

Of course, the obvious answer to your question is Yes! The reality is that every method you describe above has been done. I personally recommend sending the files to an outsourced HIPAA compliant scanning company. It’s a pretty smooth process to send them out and the company can often index them in such a way that you can access those files quickly if needed. I say I prefer this way, because we found that in the majority of cases there wasn’t a need to look back at the paper charts. In the beginning of our EMR use, we would pull the chart for each patient. After doing this for a short period, our clinicians found that more often than not, they didn’t have a need to see the paper chart. So, we decided to stop pulling the charts unless a clinician made a specific request.

I can imagine that this may not be realistic for many people. My clinic works with a younger population which don’t usually have an extensive medical history. However, our experience provides a good insight for other practices. Take a second to notice how often you look into the paper chart. How often do you need the information from past visits found in the paper chart? If you are like us and rarely needed the past history, then why waste your time pulling charts and scanning them individually?

For those that feel they need to see a past chart, you might consider my previous post about “Thinning Out the Chart for Scanning to an EMR.” The idea is just pulling out the relevant information that needs to be inputed into the EMR. The rest of the information can remain in the paper chart.

If you decide to start scanning the charts in yourself, I think it’s a good idea to scan as you go. I don’t expect that most offices have an abundance of people that are just sitting around needing something to do (ie. scanning). Scanning is an tedious process and it’s better to bite it off in little chunks. Then, once you’ve made a dent into the past charts, you can consider doing a bulk scan or sending it out to a third party scanner to clean things out.

I think the key milestone to achieve with your EMR is to reach a point where you no longer have need of a paper chart. This really takes a change of perspective for most people. It’s so easy to just drop a paper into a chart. Your medical records staff are probably trained well enough to create charts in their sleep. Teaching them to scan all the paper into your EMR takes focus and effort. However, with a little work it becomes second nature and people won’t remember what it was like to have paper charts.

Thanks very much in advance.

Thanks for stopping by EMR and HIPAA and asking some very good questions. A blog becomes much more interesting when their is interaction with the end users.

About a month ago I got an email that I just got around to reading today. Essentially it was someone announcing a new social network for prescription drug consumers. Here’s a part of the release that I was sent about the prescription drug social network:

I’d like to invite you to try out the eDrugSearch.com Community — a brand new social network for prescription drug consumers. To join, just go to www.edrugsearch.com/register and sign up; it takes only a couple of minutes.

Why a social network for drug consumers? At eDrugSearch.com, we believe that online communities will forever change the face of healthcare — by giving consumers the information and resources they need to ask better questions of caregivers, to support one another, and to save money on treatments and medications.

Prescription drug consumers, in particular, have shown a strong interest in social networks on general health sites, indicating an unmet demand for a niche community. U.S. drug consumers relish the opportunity to share their experiences — their discoveries, their frustrations, their solutions. These Americans are turning to each other rather than relying solely on pharmaceutical company advertising or rushed doctor’s appointments.

We want the eDrugSearch.com Community to be a place you can come for help, reassurance and advice.

Of course, this really begs the question of if we need a social network around prescription drugs. Of course, my gut reaction is that prescription drugs sounds like much to small of a category for a social network. I’m certain that a lot of niche social networks are going to do very well (in fact, I’m working on a sports one myself), but can prescription drug consumers support a social network.

Seriously, when I’m taking prescription drugs I want to get off them as soon as possible. Are people going to just visit the site for entertainment. Certainly there are people who have chronic illnesses that take drugs for a long time, but won’t they stop visiting the site after taking the same drug for so many years? I guess maybe they’re hoping for advancements or alternatives to that drug, but that still feels like a stretch.

The other part of me thinks that something like this might work. I’ve always felt like one of the advantages of my job is that I had access to not only a bunch of doctors, nurse practioners and PAs, but I also support a pharmacy. In the past three years, there have been a number of times where I make the rounds of doctors, APNs and the pharmacist to learn about the drugs that were prescribed to myself or my family. To me this illustrates the need for information that people have when they are prescribed a drug.

Of course, the biggest challenge of this all is can you trust the information that this prescription drug social network provides? How do you know when someone is qualified in the area or not? Not to mention I could see the drug companies really abusing this site with false information. I think we all have been to hotel sites where the ratings just sounded too good to be true. Sounds pretty easy for the drug companies to do the same thing.

Now, if they had a way to certify providers (MD, DO, APN, PA), then you could give some credibility to what was being said. In fact, a social network for these providers to discuss the various drugs is something that could be very strong and useful. That sounds pretty Health 2.0 to me.

I think that Google is confused about my blog. I don’t think it knows if it should categorize me as an EMR blog or as a HIPAA blog. In fact, sometimes it even thinks I’m an EHR blog which is perfectly fine by me. Right now I think that Google thinks that I’m a HIPAA blog, but quite honestly I think I’d rather be an EMR blog. Sure, I cover HIPAA and some of the various HIPAA related news on here. In fact, it’s kind of hard to cover EMR and not cover certain aspects of HIPAA. However, I think at the end of the day I’m more interested in EMR and EHR and I really don’t care about HIPAA. It’s a necessary evil.

I guess I’ll have to focus more of my posts on EMR and EHR and stop using that naughty H word since Google seems to like to classify with that H word when I want to show up for EMR and EHR. At the end of the day it doesn’t really matter too much, but as a tech person I always think it’s fun to see what the Google bots see in my content. It’s kind of a way to justify myself that the bots are happy and classify me as an authority on a subject.

Are you listening Google bots? I’m an EHR and EMR blog. Make sure I make it to the top of searches related to EMR and EHR. That’s really where I’m meant to be. I can feel it in my bones. Well, at least that’s who I want to be.

Think about how wonderful the ability to send a discharge summary by email to a patient straight from your EMR. I think it’s pretty easy to see the tremendous benefits of this type of communication. Send the patient information to one place they probably visit every day and where they can read and process the information away from the hustle and bustle of the clinic. Certainly many doctors have been doing this with little pamphlets or handout sheets with clinical information. Unfortunately, too many of these sheets never get read. Certainly that same thing could happen with an email, but at least the next generation of patients are going to want this information in their email box.

Of course, the problem with sending this information in an email is that email is not secure. Email encryption hasn’t taken hold fast enough to make it encrypted. Is a user’s email box really a secure location where they want their health information? I personally don’t have a problem with it, but I would expect that many people wouldn’t want their health information in their email any more than their regular mailbox. Either way, without the encryption it wouldn’t be difficult for someone to sniff out what’s being sent in an Email containing for example a patient’s discharge. It would be going across the internet in basically plain text.

This situation actually happened in Austrailia a little while back in an article I read called “Unsecured email sparks dispute.” I know I wouldn’t be happy if a clinic just decided to send these unsecured emails. Not so much because I was personally worried about my information being lost. I personally have nothing to hide (yet anyway). However, I would feel uncomfortable patronizing an organization that would deal so flippantly with my information.

I’m sure that someone will chime in that this is the whole purpose of a Patient Portal or EHR interface that allows people a secure method to receive and send protected health information. This is all well and good, but from what I’ve seen this usually requires the doctor’s EMR company to support this type of interaction. Plus, even more serious of an issue is that you’re giving your patients one more login and password that they’ll need to remember. Certainly not a deal breaker, but one more inconvenience for our users and the staff that have to support our users when they forget their password. Unfortunately, I think that this is the future of secured messaging, but I can always hope that there’s something better that we’re just missing.

We should also realize that this isn’t going to get any easier. In fact, I think we can reasonably say that this is going to get harder and harder. Don’t be surprised if soon some patient would like their health information somehow incorporated into some site like Facebook. It’s really only a matter of time until some developer creates a health interface into Facebook.

It might not make sense to most people, but the next generation of patients are going to grow up living and breathing their online life in some sort of social network (Facebook is just one example of these). They are very comfortable with transparency and will be interested in being able to track and compare health information with other people. Not to mention interact in a social network with other people who have similar conditions. It seems like this isn’t a question of if, but when this type of interaction will happen.

Even if you think that health information on a social network like Facebook is far fetched, we are already seeing health information propagating to the web in Microsoft’s HealthVault and Google Health. Is this going to be ok? Will it become as synonymous as online banking has become to the banking world? It’s not that far of a stretch to think that Google Health could easily be tied into Google’s OpenSocial platform which would allow a patient’s health information to do all sorts of cool things.

The convergence of Health Care and IT is going to be really interesting. It’s taken health care a while to get going with IT, but I think almost everyone agrees that IT could do amazing things to better the health care a person receives.

Today I found a really interesting article in Utah’s local paper the Deseret Morning News. In the story, a box of medical charts was lost by UPS after being sent from a Hospital to somewhere in Las Vegas for a medicare audit. You can read the article for all the facts, but essentially the box somehow got misdirected and ended up being bought by a Utah school teacher purchasing some “scrap” paper.

I was kind of surprised by how long it took the hospital to get in touch with UPS after the box was lost. Ok, so I’m not really surprised that the hospital is not watching all of the HIPAA information they sent out to make sure that it arrives safely, but maybe it should. UPS has some pretty incredible tracking tools these days that really aren’t that hard to use.

The other interesting thing to consider is how these types of audits/information transfer happens in an electronic world. I know that we transfer eligibility lists to insurance companies using Secure FTP and that works quite well. We’ve worked with a scanning company who is scanning our old paper charts and when we need to access one of those old records, they send us an encrypted file through email. That works pretty smoothly.

Unfortunately, I think if a patient wants a record right now or if we needed to send some health information out for an audit (not sure why we would need to) then we’d have to pretty much just print out the electronic record like we do when a patient makes a . In fact, we’ve even made a request to our EMR software company to give us a one click method that will allow us to print the entire chart. It’s a pain to print out everything in the paper chart from what’s scanned in, to prescriptions, to lab results, to referrals, etc etc etc. Any EMR companies have a better way to do this?

I’ve been pretty outspoken about my love for biometrics in healthcare. In particular I couldn’t imagine my computer without facial recognition, but I’ve also enjoyed playing around with biometric fingerprint readers and proximity readers too. Sorry, no retina scans yet. Anyone willing to send me one?

Today I came across a new biometric authentication method that recognizes a person’s typing behavior. Techcrunch described it as folows:

It’s a Flash-based interface that compares your typing style against a list of known styles and logs you in based on your individual typing fingerprint. To enroll you simply type a sentence nine times and then the system senses the pauses, mistakes, and speed of your hunting and pecking. Obviously, this doesn’t work if you have a broken hand or, presumably, you’re under duress so it’s fairly hard to crack a system using physical coercion. A cool way to add biometrics to web-based forms.

They have a test on their site, but the registration process seemed a bit onerous. Haven’t they realized the first key to a website is to let me test the product with no registration. Then, let me register when I like it? Maybe if I have some free time later I’ll register and try it out.

I wonder if something like this could merge with the OpenID movement and make this one other method of authenticating yourself to an open id enabled site. Could be pretty interesting I think.