Welcome to EMR and HIPAA

Today I came across the HHS Secretary Mike Leavitt’s blog. To be honest, I saw Mike Leavitt’s picture on the blog and I felt like I was meeting an old friend. No, I don’t really know Mike Leavitt from the next person on the street. We have never met before and the closest I’ve been to him is probably when I watched him pass by in numerous 24th of July parades in Utah. However, he was the governor of Utah for many of the years I lived in Utah and so I feel like I kind of know the man.

Reminiscing aside, I find Mike Leavitt’s blog completely captivating. He currently has been writing about his trip to China. For some reason I’ve always had an inner itch whenever I heard about China. I don’t know what it is, but I find the place completely fascinating. So, you can imagine my fascination with the HHS secretary’s interaction with the Chinese government. Plus, these posts about HHS and China give Mike a real personal quality that I find real and interesting.

Of course, I couldn’t begin to read the HHS Secretary’s blog without making sure to find some post about EHR or EMR. I quickly found a post entitled Value-Driven Health Care Interoperability which I think could more aptly be entitled “Electronic Health Records (EHR) Progress Report.” Of course, he is in government so that explains the title.

I’m grateful that the HHS Secretary is willing to engage the public in a discussion about EHR and EHR adoption, but unfortunately the post I found is so filled with political rhetoric. It sounds really good, but really has very little substance.

First, I’ll start with the good.

Three years ago, there were 200 vendors selling electronic health record systems but there was no assurance that the systems would ever be able to share privacy protected data in interoperable formats.

I think the concept of a certification for interoperability is good. It just makes sense that every EMR software vendor should be able to interact with another. Establishing a quality standard for this interoperability is valuable and even worth certifying.

Unfortunately, I think the HHS Secretary has been getting bad information when he says the following:

Since then, we have made remarkable progress.

An EHR standards process is now in place, and we are marching steadily towards interoperability. We created the CCHIT process to certify products using the national standards and it is functioning well. More than 75% of the products being sold today carry the certification.

Where to begin? First, Mike has suggested that there were 200 vendors selling EHR systems 3 years ago (It’s probably a few more than 200 EHR, but we’ll let this one slide). Mike asserts that “75% of the products being sold today carry the certification.” If that’s the case, then simple math tells us that there should be 150 certified EHR software, no?

If you look at the 2006 CCHIT Certified Ambulatory EHR list I count 92 EHR software products. Let’s see, that’s only 46% of EHR products that are certified. Plus, my count of 92 EHR counts some of the software multiple times since a number of the EHR software vendors certified multiple versions of their product. That sounds like less than 75% of EHR products sold to me.

Of course, Mike Leavitt certainly could say that 75% represents a percentage of actual products sold. Certainly the certified eMD’s has a lot more installs than any of the free open source EMR products out there. However, I think it’s a bit deceptive to say 200 EHR and then 75% of products sold if they aren’t the same thing.

I also love how it says 75% of products sold. I think we’re all aware of the outrageous failure rates of so many of the EHR products out there. It’s unfortunate that we don’t have a percentage of products installed. Then, you’d have a much better idea of how many doctor’s offices really have the possibility of interoperability.

Wait a minute! I was being extra generous above when I said that there were 92 Ambulatory EHR CCHIT certified. Why? Because it was 92 EHR certified with the 2006 CCHIT Certification. Correct me if I’m wrong, but I think that interoperability was taken out of the 2006 CCHIT Certification (along with the joke of the pediatric requirements). I’m pretty confident about this, because I work on one of the 2006 CCHIT Certified EHR and I have no way of sending a chart to another clinic other than manually going through the product and printing out the chart.

What does all this mean? That means that instead of 92 interoperable CCHIT certified EHR, there are only 31 EHR CCHIT certified in 2007. That represents 15.5% (not 75%) of the 200 EHR products on the market today are interoperable according to number of certified EHR.

I’m not really blaming Mike Leavitt for this. I’m sure him or his office was given a nice executive report with a bunch of data and they made it look as nice as possible. Reminds me a lot of what I call EMR sales miscommunications. Sometimes the data just gets lost in translation. Let’s just hope my trackback to Mike Leavitt’s blog gets read.

You thought I was done. Nope. Still plenty more to say and I’m just hitting the major points.

In addition, a National Health Information Network will start testing data exchange by the end of the year and go into production with real data transmission the year after.

This concept I really find intriguing. I look forward to seeing this go public and I’m glad it’s on the agenda. However, I fear that this isn’t more than political hyperbole. I’d love to see how they plan to address any of the following: unique identifier, the ultimate hacker’s health information paradise, economic model, motivational model and that’s just the list off the top of my head.

The primary reasons for low adoption rates among small practices are predictable: economics and the burden of change.

I’m glad you pointed out the obvious. If this was so obvious, then why did you support the implementation of a certification that costs so much money that EHR will inevitably raise the cost a small practice pays for an EHR? That doesn’t make much economic sense. Not to mention you missed what I think is the biggest factor in lack of implementation: fear. Not fear of change. Not fear of the expense. Certainly those are two major factors, but I believe that adoption rates by small practices are so low because most doctors have seen too many of their colleagues fail at implementing an EHR.

Let’s start waving the CCHIT certification flag again. Many will be willing to make the case that CCHIT certification helps supplant a doctor’s fear that their EHR implementation will fail. It may even supplant some fear, but what it doesn’t do is decrease the number of failed EHR implementations. It’s a problem I’ve discussed many times on this blog. Certifications don’t certify usability. They never have and never will.

I actually have a thought about what should have been done instead of CCHIT, but I think I’ll save that for a future post.

Thanks Mike for opening up the lines of communication with your blog. Now it will be interesting to see if Mike Leavitt and HHS have really embraced new social media and participate in the discussion they started. I’m certain that Mike’s blog is going to become one of my favorite reads.

I’ve been following the Google Health announcements for quite a while now and today Google Health finally went live.

It’s been a long time coming and so it will be interesting to finally take a look under the hood. I haven’t personally had enough time to do a full analysis of Google Health myself, but techcrunch posted the announcement live and an initial review.

I think that techcrunch summed up a major part of Google Health and its meaning for EHR software in the following:

Google is planning to open up APIs to Google health to make it easy for other partners to tap into its health platform. And make no mistake about it. That is what this is: a platform. Health apps anyone?

Sure does make for some interesting thinking about how an EMR or EHR could integrate with Google Health. Depending on how my next couple days go, I may see if Google Health has given any sort of specifications for importing a patient record into Google Health from an EMR or EHR software program. In my previous posts it was said to use some form of CCR to integrate Google Health with EMR and EHR software. I hope this is the case. If it is, I think I’ll try to be the first to integrate Google Health with my EMR. I don’t think most of it would be that difficult.

Well, my prediction that Eric Schmidt would announce Google Health at the HIMSS08 conference were pretty close. From what I’ve read so far, that’s all he really talked about. I’m still waiting to see my contact that was able to attend HIMSS to see his thoughts on what was said. Sounds like he mostly reiterated what we already knew. A few interesting points:

-Google Health will not contain ads (although I bet that won’t stop them from using the information to target the ads it shows you other places)
-Eric Schmidt repeatedly said no data would be shared without the consumer’s consent (unless of course some hacker finds a way around Google’s security measures)
-1,370 volunteers at the Cleveland Clinic are beta testing the application
-Portability is the key (we heard that this was a form of CCR, but if it requires consent are people going to go to the effort to make it portable?)

Despite certain privacy questions and fears around Google Health I think that Eric Schmidt made a very good point about the way Google will protect your information from legal cases when he said:

“In the Google implementation, your personal health information will not be given to anyone without their explicit permission, which is not true completely for HIPAA-compliant systems. If we get a subpoena, we always check our judgment as to whether the subpoena is narrow enough. If we think it’s a fishing expedition, we will fight it in court. That has worked well for us so far.”

The battle of PHRs by Google Health and Microsoft HealthVault have begun. While I love to see the big players participating in healthcare, I’m not sure they’ve figured out the right motivational drivers that will make this a smashing success. It wouldn’t surprise me if in a few years we hear stories about a life being saved because of proper information and how even one saved life is worth it.

The biggest disappointment: No announcement about when we can get in and try it out ourselves.

UPDATE: Techcrunch think that whoever cracks the healthcare nut will have a huge new market. I don’t see it ever cracking. Marissa Mayer talks about Google Health on the Official Google Blog.

Today I’ve been reading about the news that Microsoft has entered the health care space with a major offering that will certainly make Google and Google Health take a hard look at their electronic medical record plans. Microsoft’s Lifelong Electronic Health Record is called HealthVault.

I’ve been reading this Microsoft Health Blog for a while and as expected, there was a nice blog post about HealthVault. Read it with the knowledge that he works at Microsoft and you’ll get some good information and figure out where it is good old PR spin. Here’s just one example of where I think you need to read between the lines:

* The Microsoft HealthVault record you create is controlled by you.
* You decide what goes into your HealthVault record.
* You decide who can see and use your information on a case by case basis.
* Microsoft does not use your health information for commercial purposes unless you are asked and you clearly tell Microsoft they may.

This is a good list of information. However, the last one concerns me. I’m afraid that Microsoft “asking” to use your information will be something akin to a really long privacy policy that no one reads and everyone clicks through. We all know about these and it’s very common. However, is that really Microsoft “clearly” telling you what they’re going to do? Of course this is my speculation, but it’s a pretty common practice and I wouldn’t be surprised if Microsoft employs it in HealthVault.

I’ll have to save a full review of Microsoft HealthVault until I have more time to really dig my teeth into it. However, a few parting thoughts.

-I think that many people will use this, because most people aren’t afraid of sharing their medical history. Essentially the ones that have “nothing to hide.” More on this in the future.
-I hate that Microsoft uses the Net passport as the login. Give me a special login and don’t make me log in and out of my email passport and my health record passport.
-Microsoft needs to look at getting the info into their system using something like CCR. Otherwise, people just aren’t going to update it which basically renders it useless.

Why would an EMR company not want to use these databases (or at least ones like them)?

I’ve recenly come accross SnoMed and RxNorm. I honestly don’t know too much about them, but my impression is that at a minimum these 2 databases list all the ICD9 codes and standardize the listing of Rx’s using the NDC number. Lists like these would have made my life so much easier. When I first implemented an EMR I really didn’t know what I was doing at all. I was learning the medical side as quickly as I could so I would know how to configure the software. I guess I could have sat back and said I’d be happy to just install the server, install the software and let the doctors deal with the medical side of it. However, if I did that I think that we wouldn’t be anywhere near an EMR implementation. So, I jumped in head first and tried to learn what needed to be uploaded to our new EMR system. I found myself having to upload all the ICD9 codes and find a way to add all the medications we wanted to prescribe into the EMR system. Anyone that has looked at these lists knows how much fun this was. Having access to some databases like SnoMed and RxNorm would have made my life so much easier. Even more important is that an EMR vendor should have this standard.

Ok, don’t start flaming this thread(although maybe I should encourage comments since this is a subject I don’t know that well), but there are some challenges for EMR companies wanting to implement it. I’m sure if you list every drug every created then I’m going to start complaining about that too. Not to mention every ICD9 code. At least you have to plan a way for me to sort through the lengthy list. Also, I don’t think it’s just a flip that is switched to turn this type of integration on or off. I also will give those older EMR companies a little slack since it’s going to be a definite challenge integrating these databases if you haven’t been using them in the past. However, it’s not impossible.

I think the biggest reason to implement some type of database like SnoMed and RxNorm is because of the potential integrations that can be done in the future. RHIO is a hot topic, but if we don’t all speak the same language as far as ICD9 codes and drug names then it will be difficult to integrate. The whole CCR initiative will be so much better if we have a standard language that we all use.

Ok, so I apologize for my primitive understanding on the topic, but I figured I had to start somewhere. More information to come.

I’ve been coming accross a few different EMR and Health Information Management organizations that I probably should have known about if I was going to claim to have an EMR blog. Here’s are a few that I have found during my start into EMR blogging. I admit that I’ve only found a couple so far, but I figured if I posted the few that I’ve found here I might here from some of my readers on other organizations I should know about and follow.
HIMSS - Healthcare Information and Management Systems Society
TEPR - Towards the Electronic Patient Record

ASTM - Continuity of Care Record(CCR) Standard
HL7 - HL7 Standard

I know I’m missing a lot, but I’m sure my trusty readers will let me know of any others worth mentioning. I also must admit that I wish I would have gone to either the HIMSS or TEPR conference this year. I should have planned better. The HIMSS 2006 would have been really cool because I could have gone to the blogger meetup. Maybe next year.

The AAFP reported an interesting piece on a request that the Continuity of Care Record (CCR) be used by HHS to carry forward their IT Healthcare goals. While I’m glad I don’t do this kind of political jockeying I love to read about it. Here’s part of the letter that was sent to HHS:

* The CCR standard has been endorsed by multiple physician organizations and health IT vendors and is already in the market and available for use.
* The standard is a comprehensive clinical content standard with 16 sections, including patient demographics, encounters, diagnoses, medications, allergies and immunizations.
* The CCR standard will permit interoperable exchange of personal health data between disparate electronic health record systems used in medical practices.
* The standard is an open standard and is free of licensing fees.

I really need to spend some more time on this subject. I found the Continuity of Care Record(CCR) website. Something that I don’t like already is that their “official CCR Implementation Guide” costs. Maybe this is standard, but I’m not sure I’m ready to pay to see the official guide. I guess they have to fund CCR some way or another.

I saw a really good article that seemed to be starting towards RHIO that everyone wants, but no one wants to work or pay for. The article discusses how Hospitals in Indianapolis have created an RHIO to exhange lab results, radiology reports, and discharge summaries.
It was really nice that it discussed some interesting challenges that face an RHIO. Foremost in my mind is that it requires someone a full day to be able to “copy and paste” the data from the records into a company’s EMR. They are looking at integrating it with HL7 so they don’t have to do this. I guess this is baby steps, but can you imagine having to enter lab result data all day. I did data entry for a while and it’s not any fun. Plus, this isn’t just data entry, but knowing which result field it should be added to in your EMR.
I wonder if they have any plans to integrate some of the data with the CCR standard. I think projects like this and the people behind them are going to really determine the future of medical interactions.

This CCR Initiative seems to show some interesting promise and I’m very interested to look more into it. I’m not sure how HL7 and CCR will work together(or against each other), but I expect to see the CCR abbreviation to become commonplace with EMR’s.

Here’s some good info I got from this website:

Continuity of Care Record Is Developed by

ASTM International Health Care Informatics Committee

W. CONSHOHOCKEN, Pa., 5 January 2006—A revolutionary new ASTM International standard will change the way in which healthcare professionals preserve and transfer healthcare information about their patients. The standard, E 2369, Specification for Continuity of Care Record (CCR), was developed by Subcommittee E31.28 on Electronic Health Records, which is under the jurisdiction of Committee E31 on Healthcare Informatics.

The Continuity of Care Record is a core dataset to be sent to the next healthcare provider whenever a patient is referred, transferred, or otherwise uses different clinics, hospitals, or other providers. The CCR will bring an end to physicians and other healthcare professionals having to act “blindly,” without easy access to relevant patient information. It will provide the necessary information to support continuity of care, thus reducing medical errors, achieving higher efficiency, and creating better quality of care.

During the past two years, U.S. President George W. Bush has called for greater interoperability of electronic medical records and personal health records. E 2369 represents a major step forward in assisting vendors and healthcare organizations in their search for simple, yet powerful tools that will help meet the president’s objectives.

Read more…