Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Weekend Twitter Roundup

Posted on July 31, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

A quick look at some interesting EMR and healthcare IT related tweets I saw this weekend.

This was timely after my recent posts about backup and disaster recovery.

Interesting comparison for sure.

As a physician advocate, I always love physicians’ perspectives.
http://twitter.com/#!/lsaldanamd/status/97132994258665472

Health Tech Next Generation Conference – See You in San Francisco

Posted on July 30, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I haven’t been to a healthcare IT conference in a little while. Mostly, because I hadn’t seen one that I really wanted to attend. So, I’m excited that August 12th I’m going to the Health Tech: Next Generation Conference in San Franscisco, CA.

I’m actually going to be there the whole weekend since there’s a WordPress conference happening that weekend as well. Plus, there are a number of people I’m planning to meet with while I’m there. If you’re in San Francisco that weekend, let me know so we can get together. I always love meeting readers of this site.

I’m really excited for this healthcare IT conference. They have the amazing Guy Kawasaki as one of the keynote speakers. He’s a dynamic person and I can’t wait to see him speak in person for the first time. Plus, I’m sure he’ll offer an interesting “outsiders” perspective on healthcare IT. I believe every attendee gets a free copy of his book “Enchantment: The Art of Changing Hearts, Minds, and Actions.”

I’m going to be moderating a panel about EMR 101. Most long time readers of this site won’t likely want to attend. Although, hopefully it will be a great session for those doctors who are diving into the EMR and EHR world. So, if you’re a doctor near San Francisco, come and learn. Nice thing is that it’s only a one day event so it’s not a huge ordeal. Plus, there are some other really smart people that will be at the event as well.

Here’s the full description of the Health Tech healthcare IT conference from their press release:

HealthTech:NextGeneration will host it’s first upcoming Conference & Exposition at the Hilton San Francisco Airport Bayfront Hotel, Burlingame, CA on August 12th 2011. This one day comprehensive event will assimilate leaders & professionals in Healthcare & Information Technology under one roof. It will showcase up-and-coming strategies and technologies to tackle today’s healthcare delivery obstacles, shaping and advancing the healthcare industry forward into tomorrow’s paradigm of patient controlled environments.

HealthTech:NextGeneration will feature expert speakers from both the Healthcare and IT industries, including renowned author Guy Kawasaki & Dr. Mattison who is CMIO at Kaiser Permanente. The track sessions will address crucial topics such as Data Privacy and Security, Meaningful Use of Electronic Health Records, Role of Social Media, Cloud Computing In Healthcare, Health Information Exchange, Funding Opportunities for Healthcare Businesses and Global Healthcare Systems. The conference is designed for Healthcare & IT Executives, Consultants, Entrepreneurs and Professionals. Attendees will also include Policy Makers, Vendors, Insurers, Medical Administrators, Directors, Managers and VCs.

I hope to see a number of my readers at the event. If you can’t make it to the event, but are in San Francisco, definitely drop me a line and I’d love to meet up with others as much as possible. If enough are interested we could do a dinner event or something one of the nights I’m there.

Email Archiving in the Healthcare Industry – Guest Post

Posted on July 29, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This guest post was provided by Ed Fisher on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: email archiving software.

In today’s business environment, where litigation is an increasingly common way for disputes to be settled, compliance is included in every business plan, and regulations are reaching into business processes everywhere. Email admins must concern themselves with far more than just whether or not email is flowing. They must ensure that messaging meets the various regulations under which their business falls. They may also have to deal with legal holds, compliance reviews, discovery motions, and internal policy enforcement.

An email archiving solution can assist with all of these tasks, and nowhere is this more important than in the Healthcare industry. Email is becoming the preferred method to communicate, and since there are so many ways in which the Health Insurance Portability and Accountability Act (HIPPA) of 1996 can come into play with data sharing between providers and communications with patients, email archiving can be a very important, and potentially far reaching, service you can add to your email system.

PHI data in email communications

HIPAA requirements are unique to the healthcare industry, but the scope of these requirements can extend well beyond the boundaries of the doctor’s office or hospital. Both the burden and the potential penalties for non-compliance have been increased by HITECH. Enterprises that deal with healthcare providers, including professional services companies like accountants, law firms and IT consulting practices, will find themselves subject to provisions of HIPAA and HITECH as soon as they take on a healthcare provider as a client.

One of the trickier aspects for messaging is that HIPAA specifically addresses the need to encrypt Personal Health Information (PHI) in email communications. It is very rare for healthcare providers to send PHI by email as most of them use specialized messaging systems to do this. However, this doesn’t mean healthcare providers are not sending or receiving email that, indirectly, affects the relationship between healthcare provider and the patient or that between the staff and their patients.

There are other items that could be relevant for an investigation. For example, appointment reminders/confirmations (thus validating that the patient was notified); internal email discussions among doctors/nurses (not directly referencing a patient, but talking about treatments or scheduling); and even general HR emails that a doctor was absent due to illness (if the doctor was away when a claim is made that a patient was misdiagnosed, then they would be cleared of wrongdoing) and so on.

Many organizations, not only in healthcare, underestimate the importance of email in terms of content and intellectual property and being able to refer to emails sent six months earlier or last year can be of great benefit. Email archiving is not specifically called for within the text of HIPAA, but by maintaining a copy of every internal email message or any that was sent to or received from partners, vendors, and clients, you can prove conclusively that messages sent contained no PHI, and that any messages that did contain PHI were sent through the proper and encrypted channels.

Some people argue that email archiving is a double-edged sword – damned if you do, damned if you don’t. This is a rather naïve way of looking at email archiving. If you do archive your email, you have assurance that you comply with any regulations in place and if you are subject to legal requests for information that may be traced through an email, you have the ability to find it.

Now the counter argument would be, ‘well, if I don’t have an email archived, I can’t be condemned because the evidence is not there’. Wrong. If you don’t have the email, someone else certainly does and suddenly you’ve found yourself in a worse situation once the evidence is presented.

Proving that you made the effort at attaining compliance is preferable to doing nothing at all.

Document retention

With email archiving, you can also meet the document retention requirements specified within HIPAA. There is a six year retention period for information related to PHI which is mandated by HIPAA. That can be six years from the creation of a message, or the last date on which the message can be considered relevant. As more communications move from in-person, telephone, and facsimile, to email, patient requests and Healthcare professionals’ responses will follow suit. An email archiving solution makes it easy to retain these communications for the six year timeframe, as well as to automatically purge out those communications which are older than six years or tagged as no longer relevant.

Search and discovery

An email archiving solution is also an excellent way to access the repository of information contained within the combined emails of a company. Consider how much of your own email is saved because it contains data or instructions that simply don’t exist anywhere else. An email archiving solution can empower a user to search their own archived messages for all content related to a search string, such as a patient’s name; it can also enable an authorized user to search across all users’ email for information related to a patient, a condition, a particular medicine, or any other topic. There may well come a day when you must do this in response to a legal order, but there will also be plenty of times when you need to find a key piece of information, or simply want to spot check to ensure that all users are following the policies in place to protect patients’ PHI.

With an email archiving solution in place, healthcare providers not only position themselves to show compliance, review users’ actions, and meet current document retention requirements, they are able to build up a historical repository to meet future needs. The health care provider is also able to take advantage of the many benefits of an email archiving solution that are common across all enterprises, including storage, search, and business continuity.

All product and company names herein may be trademarks of their respective owners.

Full Disclosure: GFI Software Ltd. is an advertiser on EMR and HIPAA.
GFI

Highly Functional EMRs Aren’t Necessarily High-Functioning

Posted on July 28, 2011 I Written By

I’ve just turned in a story for InformationWeek Healthcare about the new “Essentials of the U.S. Hospital IT Market, 6th Edition” report from HIMSS Analytics. That report details the progress hospitals and integrated delivery networks have made in IT over the past year and gives an update on how far along providers are according to the HIMSS Analytics EMR Adoption Model. That’s the seven-level scale (eight if you count Stage Zero) that measures adoption of various EMR components.

At the top of the scale, 1 percent of nonfederal hospitals in the U.S. attained Stage 7 in 2010, meaning that the EMR served as the legal medical record for all departments, was capable of exporting patient records as Continuity of Care Documents and had data warehousing and mining in place. That was up from 0.7 percent in 2009. The number of Stage 6 hospitals—with electronic clinician documentation, full clinical decision support and full PACS for radiology—doubled in the same time frame, from 1.8 percent in 2009 to 3.2 percent in 2010.

Here’s how the entire scale breaks down:

 

Actually, the EMRAM Web page shows newer numbers, through the 2011 second quarter. We’re up to 1.1 percent for Stage 7, 4 percent for Stage 6, 6.1 percent for Stage 5 and 12.3 percent for Stage 4. HIMSS considers Stage 4 to be the closest to the current requirements for “meaningful use” of EMRs.

It’s nice to see progress in installing technology and it’s nice to see hospitals using EMRs in a “meaningful” way, but that doesn’t mean there won’t be problems. As everyone in health IT knows, EMR certification, a prerequisite for meaningful use, does not measure usability, and this still is the first of three stages for meaningful use. That means we’re a long way from perfect, or even ideal. How do I know this?

The mother of a good friend of mine is now on dialysis and eventually will need a kidney transplant because she was given a medication that is contraindicated for Type 2 diabetes, which she suffers from. The harmful interaction resulted in her losing about 80 percent of normal kidney function. This happened at a HIMSS Analytics EMRAM Stage 7 hospital. Apparently, either the patient record didn’t show she was diabetic, the medication order didn’t get flagged, or the ordering physician, pharmacy and administering nurse all missed or ignored an alert. As the chart above illustrates, the medication loop should have been closed by Stage 5.

I’m not going to name the hospital or give any more details because there’s a good chance a malpractice suit is coming. I’m also aware of a medical informaticist with a long history of implementing and working with EMRs losing his mother due to a medical error that an EMR exacerbated. Again, I’ve been asked not to say more because of the legal ramifications.

It’s no secret that healthcare is in trouble. In this push to install technology and earn Medicare and Medicaid bonuses for meaningful use, we can’t take our eyes off the ultimate goal, creating a safer health system.

EMR and Meaningful Use Books

Posted on July 27, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I must admit that I’m not much of a book guy. Especially since there’s so much free information available on the internet about just about any subject you could want. However, I’ve been quite intrigued by the number of healthcare IT related books that I’ve seen coming out of late. Here’s a quick roundup of some of the ones I’ve seen.

Getting to Meaningful Use and Beyond: A Guide for IT Staff in Health Care by Fred Trotter and David Uhlman – I’ve been a big fan of Fred Trotter for a while. So, I’m glad he’s working on this book. Turns out the book isn’t even published, but in Fred Trotter open source style fashion, the book is available for free online right now. Of course, they’re hoping you’ll provide feedback.

The HITECH Act Made Easy: A Simple Guide to the Federal EHR Incentive Programs – I had this book sent to me. It’s a short book which I think is good. It tries to tackle not only the details of the Medicaid and Medicare stimulus program, but also has a number of sections on EHR selection and implementation as well. I love it’s question format where many of the chapters are a question and the chapter offers the answer.

Health Information Exchange Formation Guide: The Authoritative Guide for Planning and Forming an HIE in Your State, Region or Community – I haven’t really had a chance to dig into this book yet. It’s brought to you by HIMSS. It’s a pretty thick book which I think describes well the challenge that is forming an HIE. Without reading the book, I’m a little torn just by the subtitle of the book, “The Authoritative Guide for Planning and Forming an HIE in your State, Region or Community.” I guess it’s hard for me to imagine it being the “authoritative guide” when I think we’re still trying to figure out the right HIE business model. I don’t think we’ve found it yet. I guess I should read the book to find out.

Jim Tate’s EHR Incentive Roadmap – Ok, this is an e-Book, but I think it’s as good a value as any hard cover book. So, it’s worth mentioning. I wrote a whole post on Jim Tate’s EHR Incentive book before.

Any other books about EMR, Meaningful Use, and/or healthcare IT that are out that we should know about?

UPDATE: User EHR and Meaningful Use Recommendations from the comments below:
Electronic Health Records For Dummies – Recommended by Nate Osit

Electronic Health Records: Transforming Your Medical Practice, second edition – “This is a book from MGMA and was recommended to me by a coordinator from the REC (Ohio) that I have been shadowing.” – Mary Ellen Weber

New EHR Company Ready to Launch – Carecloud

Posted on July 26, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Aaron Blackledge M.D., founder of Care Practice clinic in San Francisco, sent me a link to a post he did back in April about a new EMR company called Carecloud. The irony of this is that Carecloud had just reached out to me for information about advertising their EMR on my sites since they are getting ready to launch their product. Their impending launch was why Aaron decided to share his post with me.

I think Dr. Blackledge’s post about Carecloud is summarized in his final paragraph:

My recommendation is if you are about to give up and lay down some hard earned cash on an EMR that is just good enough I would urge you to wait a few more months and compare CareCloud’s first iteration with other emerging platforms now gaining a foothold in the marketplace.

Since Carecloud is about to launch, you won’t have to wait a few months to check it out, but if you read the rest of the post, you see that Dr. Blackledge is high on Carecloud and its potential.

The hard thing for me is that I’ve seen this same EMR high from people over and over. You know the EMR employee (particularly the EMR sales people) “high.” (Although, Dr. Blackledge is not a Carecloud sales person and calls himself a “wayward disgruntled platform evangelist waiting for the future to arrive.”) The one where you can tell that the EMR employee has drunk the Kool-aid they’ve been fed by the company. They’ve likely not looked at many other competing systems and only know the stuff they’ve read in their email from the company highlighting how they’re better than everyone else in the industry.

This “high” is especially potent before a product is actually released. Why? Because it’s easy to get excited about an ideal and see the potential of the ideal. What’s much harder is when the customers start using your product and telling you what’s wrong and trust me that customers will find something wrong. No product is ever perfect.

This pre-product launch “high” is not unique to the EMR industry. It’s found throughout the tech industry (and likely many others). Funny thing is that Dr. Blackledge probably knows this pre-launch hype better than most doctors since he practices medicine in in the internet startup mecca: silicon valley. Ironically he traveled to an EMR company in Miami to find his EMR “high.”

Funny thing is that as I read Dr. Blackledge’s post on Carecloud, a number of comments he made popped out to me as potential red flags. Here are a few:

“First off, they have a really impressive group of people with ambitious plans for building something robust and elegant.”
How many big ambitious plans by companies have fallen apart? Many! I’m not saying that companies shouldn’t think big. I am saying that a group of impressive people with ambitious plans often leads to a momentous flop. At least the startup company numbers seem to spell this out.

“What I like most about CareCloud is that when asked about a timeline for release they will only say that they won’t release it until they get it right. They simply don’t know when it will be ready.”
Some might say that this sounds like a company that’s too afraid to release a product. That the company won’t ever find out what’s right until they launch the product and get customer feedback on what needs to be improved. I guess they don’t follow the release early and often approach to software development.

“Another thing I like is they are worried about not just becoming a very successful billing company, but they want to achieve much more by building something that really resonates with users and transforms the space.”
I applaud this ambition since I’ve been preaching that current EMR software are often just expensive billing machines for a long time. If they solve that problem I’ll be quite happy. Let’s just hope they didn’t forget the billing part though. Sadly, it’s still very important.

“I would guess CareCloud’s calm steady course is because they just don’t feel that anyone else is on the same path they are on so why hurry when you have time to get your vision done right.”
This is possible. Although, it’s also possible that they spent so much time waiting to release that it’s too late for them to capture the EHR market.

“If you hear an EMR company offer you 20 hours of free training with your purchase you can stop right there because any software that needs 20 hours of free onsite training forgot about the user long ago during the building and won’t be doing much in 5 years.”
Of course, in this comment it’s assumed that Carecloud’s focus on a great UI will limit the number of hours needed for EMR training. I love the irony of this being said right after he describes it as a “very complex and difficult to develop product.” I guess you could say it’s making a complex process simple is what’s so difficult. No doubt I agree that many EHR vendors over charge for their EHR training services. Problem with Carecloud is that we don’t know if they’ll charge, how much they’ll charge, and how many hours of training is needed since they haven’t launched.

“Even the office space at CareCloud is beautiful and reflects this attention to aesthetic and experience of the individual, in this case the employee experience.”
That’s one way to look at it. Another is that they overspent on office space and you’re going to pay for that overspending when you buy the software.

Ok, I won’t go through and nit pick the whole post. I think you get the basic idea. Dr. Blackledge describes Carecloud as the best thing since sliced bread. In this post, I’ve played devil’s advocate and described how maybe it’s an over funded, slow to release software company that’s trying to bite off more than it can chew. The reality is that Carecloud is probably somewhere in the middle of those two extremes.

The fact of the matter is that I really don’t have any clue if Carecloud is a good EMR system or not. They haven’t even launched their product, so I’m not sure that anyone knows. However, after creating this post, I have to admit that I’m excited to see it in action in a real doctor’s office. Plus, I think the founder, Albert Santalo, and Dr. Blackledge are going to be at a healthcare IT conference I’m hoping to go to in SF in a couple weeks. I’m looking forward to learning more and talking with them in person.

If nothing else, I love the audacity that it takes for someone to launch an EHR company now. I’ll be interested to see if their product is compelling enough to be “heard above all the EMR noise.”

Public Health Menu Measures – Meaningful Use Monday

Posted on July 25, 2011 I Written By

Lynn Scheps is Vice President, Government Affairs at EHR vendor SRSsoft. In this role, Lynn has been a Voice of Physicians and SRSsoft users in Washington during the formulation of the meaningful use criteria. Lynn is currently working to assist SRSsoft users interested in showing meaningful use and receiving the EHR incentive money.

Lynn Scheps is Vice President, Government Affairs at EHR vendor SRSsoft. In this role, Lynn has been a Voice of Physicians and SRSsoft users in Washington during the formulation of the meaningful use criteria. Lynn is currently working to assist SRSsoft users interested in showing meaningful use and receiving the EHR incentive money. Check out Lynn’s previous Meaningful Use Monday posts.

When selecting the 5 meaningful use menu measures on which to report—from the list of 10 possibilities—the only constraint is that the EP must include at least one of the two measures from the “public health” category:

 These two measures have a number of things in common:

  • EPs report by attesting that “Yes” a test was performed. There is no numerator and denominator to report and consequently no thresholds to meet.
  • One test is sufficient for a group of providers that share a certified EHR in the same setting – it is not necessary for each EP to conduct a test individually.
  • The test does not have to be successful to meet the measure.
  • If the test is successful, then the EPs should continue to report on a regular basis.

 Both measures allow EPs to claim an exclusion under specified circumstances:

  • Immunizations Measure:  The EP does not perform immunizations OR none of the immunization registries to which he/she would submit the information are able to receive the information electronically.
  • Syndromic Surveillance Measure: The EP does not collect any reportable information OR there is no public health agency that is able to receive the information electronically.

 The potential to exclude these measures has resulted in some confusion about which—and how many—of these measures to report. The next Meaningful Use Monday post will offer some guidance on this issue.

Top 5 EHR Contract Pitfalls Identified – Guest Post

Posted on July 22, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The decisions don’t end after deciding on an EHR system for your medical practice. An EHR contract is an important and legally binding document, and it’s absolutely essential to consider every line of fine print before accepting the terms. O’Toole Law Group founder William O’Toole strongly believes that contract terms should be one of the top criteria in the EHR selection process.

Consulting with a lawyer before you sign is the best way to avoid difficult and expensive problems in the future. The following five issues arise frequently in EMR/EHR contracts, which are being rushed to execution by many practices that are aiming to qualify for federal funding under ARRA/HITECH. This is by no means an exhaustive list, but it aims to shed light on a few of the most frequent contract issues.

1. The EHR may not have the required certification. In order to qualify for federal funding under the ARRA’s Meaningful Use requirements, your EHR must be certified. Certification isn’t a totally black-and-white label, however – an EHR could be certified for the present but that certification could be withheld later on in the reimbursement period. The vendor is responsible for maintaining certification, so it’s important to determine for exactly how long the certification is guaranteed.
2. Your EHR vendor cannot guarantee that you will qualify for Meaningful Use. Meaningful Use – that is to say, your meaningful use of the EHR – is determined by you and your practice. Simply buying and setting up the EHR does not mean that you will qualify for reimbursement unless you follow the legal requirements and use it appropriately.
3. Your contract should include training time and support. Your staff will not be able to use the EHR system effectively without proper training, and if your contract does not guarantee a certain amount of training time (as well as specify exactly how and where the training will take place), your practice could be in trouble. Similarly, you will undoubtedly run into problems and your contract should specify support options for both day-to-day problems and long-term EHR product development by the vendor.
4. The EHR may not be guaranteed to be up and running by your deadline. If the EHR system is not ready to use in time for your Meaningful Use deadlines, you will certainly run into problems and lose reimbursement. While the vendor can’t guarantee a timeline for the work required of your practice, they should be able to promise timely delivery of all materials and support necessary on their part.
5. You could be surprised with licensing fees if you don’t carefully consider what type of license you’re paying for. In general terms, the license agreement with your EHR vendor could be one of two types: a perpetual agreement under which license fees are paid once up front, or a temporary SAAS-type license that requires ongoing payments and expires once your contract ends. Though an SAAS license may be less expensive initially, your costs could increase if you choose to stay with that same EHR vendor after the contract ends. A good legal representative can help you negotiate escalation amounts for the end of your contract.

About O’Toole Law Group
William O’Toole founded the O’Toole Law Group, specializing exclusively in healthcare information technology, following his long tenure as Corporate Counsel at Medical Information Technology (MEDITECH). Known and respected by executives, attorneys and consultants throughout the healthcare industry, O’Toole now represents healthcare provider entities and technology companies in all aspects of technology acquisition, development and distribution and stands among the most experienced and successful negotiators in the HIT industry.

For further detailed information on these and other hot topics regarding EHR contracts, see the popular white paper offered by O’Toole Law Group, entitled Selection and Negotiation of EHR Contracts for Providers (pdf).

What Will Happen to Google Health Data After 2012?

Posted on July 21, 2011 I Written By

Let’s face it, I haven’t actually been nice to Google of late when it comes to healthcare (or maybe I have, just once). While I believe the criticisms are justified, I can see why some people might think I’m beating a dead horse, namely Google Health. But there are some unresolved questions in the area of privacy that Google really should answer.

Google’s ill-fated attempt at a PHR isn’t completely dead. The company won’t “retire” the online service until January, and will allow users to download their data through Jan. 1, 2013. Naturally, others have stepped up to try to fill the (tiny) void left by Google Health’s demise. To nobody’s surprise, Microsoft is helping the remarkably small number of Google Health users transition their accounts to HealthVault, Microsoft’s own overly hyped, underutilized PHR platform.

What concerns me is what will happen to data already on Google’s servers. Will records be archived? Will sensitive patient health data stay on Google’s servers in perpetuity? Nobody has said for sure.

Are records safe from Google’s data-mining juggernaut? Google has consistently said that it would not use health records for anything other than to steer traffic to its core search engine, but let’s face it, Google’s primary source of revenue is from algorithm-driven advertising.

But, you say, HIPAA protects patients from unauthorized uses of their data, right? Well, remember back to 2009, when the American Recovery and Reinvestment Act expressly made third-party data repositories, health information networks and, yes, personal health records, into HIPAA business associates, effectively holding them to the same rules as covered entities under HIPAA.

Wouldn’t you know, both Google and Microsoft came out and said they were not subject to this provision. No less an insider than former national health IT coordinator Dr. David Brailer, who was a part of the legislative negotiations, told me then that lawmakers had Google Health and HealthVault specifically in mind when they crafted the ARRA language. As far as I know, there haven’t been any reported data breaches involving either PHR platform, so there’s been no need to test whether ARRA actually does apply to them, but if I had my data on Google’s or Microsoft’s servers, I’d be concerned. I’d particularly want to know what Google plans on doing with the data it’s been holding once Google Health does shut down.

Perhaps it’s time for me to make some phone calls.

What if “they” get hit by a bus?

Posted on July 20, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

A little while back I asked my wife what she would do with all my blogs if I was hit by the proverbial “bus.” Her answer made me laugh. She said, she’d log into my blogs and post that I had passed away and that if readers of the site would like to support my wife and kids they could do so using the PayPal button below. I guess it’s a good thing I taught my wife how to blog. I hope she never has to post that PayPal button.

However, I’ve always loved the question of “what are you going to do if they get hit by a bus?” The “they” can be replaced by all sorts of things. Each organization will have a different set of “they’s”. Remember that the buses can come in all sorts of ways: re-location, new job, injury, illness, change of lifestyle, etc etc etc.

For example, if I’m a clinic and I have one doctor that is our EHR master, I might ask the question of what our clinic will do if that EHR master is no longer around.

How do you solve the problem of individual knowledge? I’ve seen it best approached in two ways: dual training or documentation. Personally I prefer the later to the former. Unless it’s a task that multiple people can perform regularly. The problem with dual training is that you train someone on how to do it, but if they don’t get to do it for a long time to come then they’re very likely to forget. That’s why documentation is better than dual training in most instances. Plus, once you have the documentation, you can use it to perform the dual training. It’s a great way to test how good your documentation really is.

These same questions apply to the EHR vendors that read this blog. How would your EHR software do if a key person in your organization was “hit by a bus?” We could also look at it from an EHR selection perspective. How would your EHR support be impacted if your EHR vendor lost their main EHR support person? What if the lead developer of the EHR left the company? This is sometimes hard information to obtain, but these were questions I knew the answer to with the EHR I supported for over 5 years. These are things worth considering.

How cool would it be for an EHR vendor to do a blog post about how they’d answer the question of how they’ve prepared their organization for the “hit by a bus” problem? I’d respect that EHR vendor: warts and all.