Welcome to EMR and HIPAA

I found a nice article in Medical Economics that had a list of 50 reasons to get an EMR or EHR. In this post I’ll cover the first 13 that talk about Better Access to Data and Better Charting.

Better access to data

1. Pull a patient chart within seconds rather than minutes.

2. Never waste time looking for a chart.

3. Open a patient’s chart on any computer in the office.

4. Have two or more people work with a chart at the same time.

5. Have clinical data at your fingertips when a consulting or referring physician calls.

6. Open the patient’s chart on a wireless computer when you see him in the hospital.

7. Access a patient’s chart online when he calls you at home at 2 a.m.

The biggest point is how quickly you can locate a chart. This is such a time saver. Sharing the chart with multiple users and being able to access the chart from multiple locations is also big. I don’t think most doctors realize how accessible an EMR can be for them while still securing a patient’s privacy. I’m a tech person and I still am amazed with the access I can have and the way I can control computers and access information remotely.

Better charting

8. Never worry about illegible handwriting (your malpractice carrier and local pharmacists will be happy).

9. Have patients complete a computer-guided medical history at home or in your office that downloads into the EHR.

10. Update medication and problem lists with every visit.

11. Import lab results, diagnostic images, and hospital discharge summaries into the patient’s record.

12. Create flow sheets and graphs for any kind of data—blood pressure, HbA1c, pediatric height and weight, etc.

13. Tap thousands of procedure and diagnosis codes—far more than a paper charge ticket can display.

Legible charts is the key one here. The other pieces really point to what you are able to do with the data that is entered. You can chart it, graph it, flag it and organize it. In fact, in an EMR you don’t have to do that for each chart. You do it once and every chart’s data is organized just the way you like it.

More 50 Reasons to get an EHR or EMR later!

Dr. Rob Lamberts recently blogged about how EMR adoption is finally reaching a point where the media is covering it more and people are actually adopting the technology. It was interesting to see how he thought that they were near this point 10 years ago and yet was wrong. Here’s his reasons why he thought we are now ready to embrace EMR:

1. Technology is finally mainstream. Most doctors have computers in their homes with broadband connections. That could not be said 10 years ago. Most Americans have shopped online (some of us prefer it), send e-mail regularly, and even blog (although the latter is reserved for the real geeks!) 10 years ago it was still novel to use computers, now they are a regular part of our lives.
2. Computers are faster. This allows applications such as voice recognition, and allows for much more complex functions of the EMR (such as disease management) without causing a serious slow-down workflow.
3. Memory. Now we can scan and store huge amounts of documents without worrying about using up memory.
4. More mature EMR products. A lot of this is due to the integration of the internet into the products, allowing much of the content to be outsourced. The programming languages (such as Java, XML, and AJAX) are also a lot faster, requiring less processor to accomplish tasks.
5. A new generation of decision makers. Doctors who are in their 40’s and 50’s are now more computer friendly than they were in the past. These are generally the decision makers in a practice.
6. Pioneers have arrived in California.

Let me explain that last one. I see those of us who were early adopters of EMR as being like the pioneers going out west. We did not have a map and did not know what the place we were going to was like, but we had the belief that it would make our lives better. There were many casualties along the way (which prevented others from wanting to try the journey), but some of us got there and are finally prospering. Now we can give the best route to California and cause people to get here without as much peril as we underwent. We can send a map.

I loved the California example because if you think about many of the early EMR adopters you realize that they were looking for Gold. However, the Gold was in the form of seeing more patients, higher reimbursement rates and other effeciencies gained by using an EMR. I’m sure a number of them found this rare “Gold”, but like in the California Gold rush I think that many EMR adopters and espescially the early adopters pioneered ground at great loss to them. However, because of their loss we are all better able to use an EMR now. Thank you EMR pioneers.

While I think Dr. Lamberts has a pretty good list I think there is one glaring reason missing from his list. So, here’s my number 1 reason for more widespread EMR adoption:

The cost of servers and technology in general is significantly less.

10 years ago a server would often cost $20,000 with a slow processor, a small hard drive and very little RAM. Thanks to Dell(and I’m sure many others) you can now buy a server with Windows Small Business server for $3000-$4000. That’s an incredible offer. Install linux instead of windows and you have even greater savings. A desktop can easily be bought for around $500 these days. I believe hese lowered costs is the biggest reasons EMR’s are becoming much more common.

I found a really nice interview of CCHIT Commissioner and Practice Partner CEO and President Andy Ury by HISTalk. There was some interesting information in the article. One thing that was a good comment was that Practice Partners seems like they finally figured out that EMR customer support would be their key to success. Doesn’t seem like rocket science if you’ve seen how many doctors talk. I think it has to do with the bonds created during medical school. Those long hours of studying really make students close to each other and so it continues after med school. I digress.

I also was very interested in what a CCHIT commissioner would say about the CCHIT certification process. HISTalk asked a very nice question:

Will CCHIT certification really increase EMR adoption by reducing customer risk?

I think it is a fair question. Here was CCHIT commissioner’s response:

I think certification is intended to increase EMR adoption, but reducing customer risk is just one of the ways it will achieve that. By ensuring baseline functionality, it does reduce customer risk. It also increases the chance that payors will provide incentives to physicians who use EMRs.

Certification won’t be a differentiator if either everyone or no one obtains it. Will CCHIT consider releasing specific details instead of pass-or-fail results so that physicians can make their own decisions based on the needs of their practices?

The certification scripts are public. At this point, certification is 100% pass-fail, so I’m not sure what there is to release. Certification is done using an anonymous jury, so there’s no record to look at for most of the certification process. The bulk of it is a juried pass-fail test. Certainly certification and the criteria will evolve over time. While it provides a baseline for the market, there’s plenty of room for product differentiation that certification doesn’t cover.

It’s still important for physicians to pick according to their needs. If they’re looking at five certified EMRs, they’ll need to look at awards, medical society recommendations, VHA, demonstrations, etc. There are plenty of other ways to differentiate product.

Not everyone will be certified. But let’s assume that most major EMR vendors will get certified sooner or later. The benefit of certification is a comfort level for the purchaser, but there’s still the possibility of payors providing incentives.

I think there’s no question that vendors have to work to pass certification. It is a multi-year process and the criteria change year by year. The 2006 criteria cover widely available features, but most vendors will have to make some software changes to achieve certification. In 2007 and 2008, vendors will have to continue to change their software to become certified.

Certification is year-dependent, so each certification is measured separately and is good for three years. Vendors can choose whether to be recertified every year on the stricter criteria. Customers will be able to ask if vendors if they’re certified under each year’s standards.

Certification also involves interoperability, which is important to many customers. It also includes security and reliability, which are harder for practices to judge and may be a source of comfort.

BULL!! CCHIT certification will not decrease customer risk, but could in many cases actually increase the risk because it will provide doctors more confidence in a product that may or may not be good for that Doctor. The problem with CCHIT certification(and any certification at this point) is that no one has figured out how to cerfify usability. Unfortunately, CCHIT certification is going to look like it has certified a product as usable when in fact the certification is only going to certify a feature set. Even certifying a feature set has some set of interpretation. What does it mean to have a prescription writer in your EMR? This could mean that you can type on a form that prints out. This could also mean that you select from a drug database that checks for contradictions with other prescribed drugs and allergies. This is very different and demonstrates the problem of certifying feature set.

At least Andy Ury does point out that the certification shouldn’t be all or nothing. That is a huge CCHIT certification mistake. Also, he makes a nice point that CCHIT certification will be irelevant if either all EMR vendors certify or no one certifies. Fine Points!

I think I’ll save more comments on the interview for a future post.

I found a website that listed a number of Privacy Violations. The page is quite outdated since it’s latest case was in 2002, but I thought that many of the examples could just as easily apply today. In fact, with computers it makes many of the cases much easier to accomplish and easier to track misdoing. Does that mean we are going to have more HIPAA lawsuits coming? I think it’s only just a matter of time.

Does EMR affect this? Probably not directly, but indirectly many of these cases could be related to your use of an EMR system.

Here’s 2 examples that I found quite interesting from the HIPAA privacy violations article:

# A psychiatrist from New Hampshire was fined $1,000 for repeatedly looking at the medical records of an acquaintance without permission. Because there was no state law making it a crime to breach the confidentiality of medical records, the case was brought under a law against misusing a computer. (”Psychiatrist Convicted of Snooping in Records,” The Associated Press State & Local Wire, May 5, 1999)

# A jury in Waukesha, Wisconsin, found that an emergency medical technician (EMT) invaded the privacy of an overdose patient when she told the patient’s co-worker about the overdose. The co-worker then told nurses at West Allis Memorial Hospital, where both she and the patient were nurses. The EMT claimed that she called the patient’s co-worker out of concern for the patient. The jury, however, found that regardless of her intentions, the EMT had no right to disclose confidential and sensitive medical information, and directed the EMT and her employer to pay $3,000 for the invasion of privacy. (L. Sink, “Jurors Decide Patient Privacy Was Invaded,” Milwaukee Journal Sentinel, May 9, 2002)

My biggest comfort with HIPAA is that it doesn’t seem like they are really out headhunting. If you are an honest person who makes a bad choice then HIPAA is kinder to you then those that blatantly misuse the information. However, in our sue happy world that might be changing.

One day when browsing through some different EMR related websites I ran across HIMSS’s EMR Selection Toolkit. I was of course intrigued by the title since I’d heard so many good things about HIMSS and the conference that they hold. Granted it is a conference and prone to have faults, but overall I’d heard good reviews about it. I also have to thank that conference for introducing me to SensibleVision and biometric facial recognition. They are fantastic!

The EMR Selection toolkit offered the following:

The HIMSS Ambulatory EHR Selector can help you make a well-informed choice. The Selector is an on-line database of EHR products and vendors, comparing more than 375 important characteristics, including:

-Practice size
-Specialties using the product
-Software pricing
-Contract details

-Product features and functions
-Regulatory compliance
-Training and support

The HIMSS Ambulatory EHR Selector is offered to individual physician practices for an annual subscription fee of $149.

I thought that might be a nice offer until I looked on the right side of the screen. It said it had 34 available products to search. Today when writing this post I went back and now they only have 31 products to choose from. I’m not sure how this works, but I’m amazed that a group like HIMMS can only profile 31 EMR products. That is absolutely crazy. I will admit that they do have a number of good choices, but 31 seems so narrow considering all the great EMR systems out there.

Sounds like an interesting business model for me. I’ll review the characteristics of 31 EMR systems and then charge you $100 to search my review. I’d be saving doctors $49. I might just have to do that. On second thought, what if I review 31 systems and then let you decide what the information I give is worth. I’m pretty sure most doctors have $149 in their budget to save them from being stuck with the jabba the hut EMR’s of the world.

I agree wholeheartedly that technology shouldn’t make it so that health workers(doctors in particular) have to COMPLETELY change the way they treat patients. However, I think it is completely absurd the way some health providers aren’t willing to change ANY processes when implementing an EMR. Just because you’ve done something one way for a long time doesn’t mean that it can’t(and shouldn’t) be changed.

Many healthcare providers I’ve known have been unwilling to change the way they practice in any way. The computer or technology should completely conform to the way they want to work and practice medicine. This is egotistical and wrong since this assumes that your way is the very best way and that their couldn’t possibly be something more efficient and better quality.

Feel free to rip apart an EMR system that doesn’t allow you to practice proper medicine. Don’t hide your thoughts when an EMR system doesn’t respect a patients privacy. Please let your EMR vendor know when they could do something better. Please don’t stand systems that aren’t fully developed or EMR systems that are overdeveloped(I call them Jabba the Hut EMR’s). Find something that you like and something that works close to the way you practice medicine, but don’t start working with an EMR and not expect to adapt many of your processes.

I know how much everyone enjoyed taking that medical chart and filing it or for that matter finding the chart in the first place. How come we aren’t complaining about not having to do that anymore? While you may consider this quite harsh, I think situations all to similar to this happen in an EMR implementation.

In fact, this just reminded me of my biggest EMR implementation pet peeve of all. Don’t act like you don’t know how to do your job anymore. Just because you have an EMR doesn’t mean that you can’t accomplish the same things. I don’t know how many times I’ve been told that the new EMR system won’t be able to do [fill in the blank]. My response is of course, why not? The reply is of course something akin to it just won’t work. I then kindly ask how they did it before EMR and not to leave out any details. Then, I calmly walk through a few different options of how it can be done in an EMR. They[Doctors] are dead on when they say that many old processes can’t be done in an EMR system. However, I can’t think of hardly any processes that can’t be modified and integrated into an EMR. Just don’t blame the EMR because you chose to stop doing it.

Moral of the Story: EMR means change. Embrace it. Love it. Don’t be too selfish to change.

Thanks to The Health Tech blog who prompted this rant. He has nothing to do with my opinions in this post, but his post prompted what you just read. Thanks!!

Healthcare Informatics just posted it’s annual report of the top 100 companies by Revenue. I think it’s important to note that revenue doesn’t always mean quality. In fact, I would suggest that for an EMR company it is often a good thing to not be on this list because that means there software development isn’t governed by the bueracracy of a large company. A small emr company means that you can have a dynamic EMR program and have an EMR that continues to evolve as technology changes. You do want the company to be on a solid footing(like most of the companies on this list), but you gain some specific advantages as a small company that most of the companies on this list don’t have.

One other thing I loved about seeing this list is to see the variety of healthcare IT companies there are out there. It makes me realize how small a fish I am in this big pond we call Healthcare IT.

Here’s the list from Healthcare Informatics:

1
Cardinal Health
San Diego, CA
(858) 480-6000
www.cardinalhealth.com

* Founded: 1971
* Employees: 55,000
* Revenue: 2,190.00 (’05) 1,560.00 (’04) 1,410.00 (’03)
* HIT Revenue: 3%
* Ticker: CAH
* Market: NYSE

Manufactures and distributes pharmaceuticals and medical supplies, offers a range of clinical services and develops automation products that improve the management and delivery of supplies and medications
Company Executives: Dave Schlotterbeck, Chairman/CEO, Clinical Technologies and Services; Dwight Winstead, Pres./COO, Clinical Techologies and Services

2
Affiliated Computer Services (ACS)
Dallas, TX
(214) 841-6111
www.acs-hcs.com

* Founded: 1988
* Employees: 55,000
* Revenue: 1,520.00 (’05) 1,200.00 (’04) 1,010.00 (’03)
* HIT Revenue: 28%
* Ticker: ACS
* Market: NYSE

Delivers worldwide diversified end-to-end business process and IT outsourcing solutions to commercial and government clients

Company Executives: Mark King, Pres./CEO; Lynn Blodgett, EVP/COO

3
EDS
Plano, TX
(972) 605-6000
www.eds.com

* Founded: 1962
* Employees: 117,600
* Revenue: 1,310.00 (’05) 1,308.00 (’04) 1,720.00 (’03)
* HIT Revenue: 7%
* Ticker: EDS
* Market: NYSE

Delivers global business solutions to its clients, and delivers IT and business process outsourcing services to healthcare clients in public and private sectors

Company Executives: Michael Jordan, CEO/Chairman; Jeff Heller, Pres.

4
McKesson Provider Technologies
Alpharetta, GA
(404) 338-6000
infosolutions.mckesson.com

* Founded: 1974
* Employees: 7,000
* Revenue: 1,301.80 (’05) 1,202.50 (’04) 1,139.00 (’03)
* HIT Revenue: 100%
* Ticker: McK
* Market: NYSE

A worldwide provider of IT solutions that help organizations improve patient safety, reduce the cost and variability of care, improve healthcare efficiency and better manage revenue streams and resources

Company Executives: Pamela Pure, Pres., McKesson Provider Technologies; EVP McKesson Corp.

5
Emdeon Corp.
Elmwood Park, NJ
(201) 703-3400
www.emdeon.com

* Founded: 1996
* Employees: 6,100
* Revenue: 1.20 (’05) 1.08 (’04) 0.89 (’03)
* HIT Revenue: 94%
* Ticker: HLTH
* Market: Nasdaq

Provides business, technology and information solutions that transform both the financial and clinical aspects of healthcare delivery by connecting providers, payers, employers, physicians and consumers

Company Executives: Martin Wygod, Chairman; Kevin Cameron, CEO

6
Cerner Corp.
Kansas City, MO
(816) 221-1024
www.cerner.com

* Founded: 1979
* Employees: 7,033
* Revenue: 1,160.80 (’05) 926.40 (’04) 839.60 (’03)
* HIT Revenue: 100%
* Ticker: CERN
* Market: Nasdaq

Supplies healthcare IT, taking the paper chart out of healthcare and eliminating error, variance and waste in the care process

Company Executives: Neal Patterson, Chair/CEO; Cliff Illig, Vice Chair

7
Computer Sciences Corp.
El Segundo, CA
(610) 251-0660
www.csc.com/

* Founded: 1959
* Employees: 80,000
* Revenue: 1,113.85 (’05) 1,063.81 (’04) 843.00 (’03)
* HIT Revenue: 8%
* Ticker: CSC
* Market: NYSE

Globally organized to serve all aspects of the healthcare industry — provider, payer, life sciences and government organizations — through management consulting, systems integration and outsourcing agreements

Company Executives: Van Honeycutt, Chair/CEO; Dan Garrett, VP Global Health Solutions

8
GE Healthcare Integrated IT Solutions
Barrington, IL
(800) 558-5120
www.gehealthcare.com

* Founded: 1997
* Employees: 4,800
* Revenue: 994.00 (’05) 941.00 (’04) NA (’03)
* HIT Revenue: 100%
* Ticker: GE
* Market: NYSE

Healthcare IT vendor with a comprehensive suite of clinical, imaging and business information systems. GE Healthcare acquired IDX Systems Corporation in January of 2006 and has combined product offerings

Company Executives: Vishal Wanchoo, Pres./CEO

9
Perot Systems Corp.
Plano, TX
(972) 577-0000
www.perotsystems.com

* Founded: 1988
* Employees: 18,000
* Revenue: 920.00 (’05) 846.00 (’04) 690.00 (’03)
* HIT Revenue: 46%
* Ticker: PER
* Market: NYSE

Offers services in business analysis and strategy, systems design and integration, and operations alignment

Company Executives: Peter Altabef, Pres./CEO; Russell Freeman, VP, CFO

10
Ingenix
Eden Prairie, MN
(952) 833-6582
www.ingenix.com

* Founded: 1998
* Founded: 1998
* Employees: 3,700
* Revenue: 795.00 (’05) 670.00 (’04) 574.00 (’03)
* HIT Revenue: 100%
* Ticker: Private

Provides technology, products and services to improve delivery and operations for its customers. Ingenix is a wholly owned subsidiary of UnitedHealth Group

Company Executives: Richard Anderson, CEO; Andrew Slavitt, COO

Read more…

Electronic Prescribing(e-Prescribing) in Las Vegas
I’m not afraid to say that I live and work in Las Vegas. I don’t think I would call it completely home, but possibly home for now. Well, my third favorite Healthcare IT blog Just recently posted an interesting link to the local Las Vegas newspaper. I will admit that it is really the only newspaper that people read in Las Vegas. There are a few other that try to challenge, but really it is all about the Las Vegas Review Journal or “RJ” as it is affectionately known. I digress. Neil points out that an article on what the RJ called news is in his opinion stale news since he personally wrote about the same story in October in a Health IT World article. It’s interesting what can be considered “stale” news to one might be great news for another.

More importantly I was grateful that Neil pointed this article out to me since I’m very interested in getting Allscripts for free. I’ll have to see how it integrates with my EMR package and how Allscripts works, but I’ve wanted to use it for a while. One other problem I may have with Allscripts is that we have our own pharmacy. I wonder what is involved in getting Allscripts to work at our pharmacy. Does the e-Pescribing in Allscripts integrate with our pharmacy software ProPharm from Kalos Inc? These are all questions that I’ll have to be looking at soon. I’m also interested in how the alternative works when a pharmacy is not Allscripts compliant. I’ve heard it just sends through the fax which is something I’ve been looking into myself as an interim solution. Now if I could just find the time to work on all these fun projects. Thanks Neil for pointing it out to me. I guess I should have become part of the healthcare IT blogosphere sooner.

EMR Money in Rochester, NY
I recently ran into some other EMR news in my wife’s home town of Rochester, NY. I’m always interested in what’s happening there since I’m sure we’d consider moving there one day if the opportunity is right(despite Kodak pretty much leaving Rochester). The EMR article’s first line went as followed:

Two local coalitions will use $4.6 million in state grants to expand the use of electronic medical records. They hope the result will improve the quality of care for patients.

However, as I delved into the article I found that almost no amount of the money is going towards actual doctor’s implementations of EMR. In fact, almost all the money is going towards the development of an RHIO in Rochester. I think this is a great thing I can’t wait to see what a full working RHIO looks like. This type of money should give them a good start. Maybe some of you could disagree and say that RHIO’s are EMR. However, I would disagree with you. I will agree that RHIO’s are linked to an EMR and that an RHIO is very beneficial when you have an EMR. I’ll even say that an EMR becomes infinitely more important when there is an RHIO available. However, an RHIO is not an EMR. So, I was disappointed to read what I thought was a bunch of cash to support a nice EMR project in the Rochester area turn out to be a bunch of money for an RHIO. Maybe I should start working with an RHIO in the Las Vegas area. Is there one? I best find out.

Not too long ago I ran accross an article that talked about Ohio University’s server being hacked and in a hackers hands for a long period of time. I honestly don’t think this is really all that common. In fact, after working with a friend of mine in college who was excellent at hacking I think this happens a lot more than we ever realize and definitely more than ever gets published. Not that the practices of this article are acceptable, but I don’t think we should be naive.

Many may be wondering what a University getting hacked is doing on an EMR and HIPAA blog. Well, read this quote from the article:

How a server could be left open to intruders is still under investigation. But this much is known: A server supporting the alumni relations department was supposed to be offline, Sams said. The people responsible for shutting it down thought they had done so. The server continued to be connected to the Internet but didn’t receive security updates. It was the equivalent of leaving a backdoor open for thieves to walk in and seize what they wanted.

The culprits who broke into the other two servers made off with health records belonging to students treated at the university’s health center, as well as Social Security numbers of an additional 60,000 people.

Does this really make sense to any rational person? What is a student’s health record doing on a server supportint the alumni relations department? Not to mention on a server that someone isn’t updating. At the rate that Windows puts out updates I think we are all guilty of sometimes being a bit lazy in our updating policy. However, to forget about the machine and think it is shutdown is ridiculous. That has HIPAA violation and HIPAA lawsuit written all over it.

An EMR and HIPAA blog reader recently contacted me about a health search engine that he is creating called Healia.com. Being the nice guy that I am I decided to go and check out the search and see what kind of results it would give. Of course since I have an EMR website I of course focused on searches for EMR first and then I moved into my own personal health searches. Here’s the comments I sent to Healia:

I did a number of searches on the site. The search definitely seems better than any other health search out there. Although, I think it will be interesting what Google Health is able to produce with their Google Health Co-op.

A few comments:
-How come emrandhipaa.com isn’t there? I tried a number of EMR searches and the information wasn’t that useful(besides the fact that my website wasn’t there). In fact, one of the searches looked like it would have some good informtion from HIMSS. I opened the link and unfortunately it was just a list of presentations that were being done on that subject. That was dissappointing.
-Many of the medical term searches I did pulled up information on the term I used, but was related to HIV patients. This happened multiple times. That is good information if I was HIV positive. However, to see it on multiple generic searches seems like the specific HIV pages were getting too much weight.
-A search for “swimmers ear” gave me as a consumer(not a doctor) some great information on what was happening. Excellent result
-A search for heart burn didn’t bring up good search results at all. None of it seemed relevant t