Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

More EHR Consolidation – Modernizing Medicine Acquires gMed

Posted on July 22, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’ve been writing and tracking the EHR consolidation world for a long time. It’s always fascinating to me to see how various EHR companies merge, shut down, or build their own little (and sometimes big) empire. Today I was greeted by the announcement that Modernizing Medicine had acquired gMed. I found the announcement pretty ironic since I keynoted both companies EHR user conference last year. So, I know both companies really well.

On face, they are both companies in southern Florida and so that’s going to make the transition a lot easier. Not to mention the competition for talent in the area as they grow will be a lot easier with the combined company. I talked to Dan Cane, CEO and co-founder of Modernizing Medicine, and Joe Rubinsztain, MD, CEO and founder of gMed, today about the acquisition. They told me that the combined companies will have roughly 10,000 specialty providers and 420 employees. Plus, Dan Cane commented that they expect to add over 50 to that head count over the next little while. Dan also noted that if you use meaningful use attestation data (which is a decent, but faulty proxy for EHR market share) then it puts the combined companies in the top 15 of EHR vendors. That’s pretty interesting considering they only serve a handful of medical specialties.

I’ve recently written about the power of a specialty EHR company and both of these companies had been executing the specialty specific EHR approach with great success. Who doesn’t like a piece of software that’s customized uniquely for their needs?

I asked Dan and Joe about the future plans for the two software platforms. They’re cognizant that gMed has been so successful in the marketplace because of the tight integration between its PM, EHR, and endoscopy report writer. So, I got the feeling that Modernizing Medicine will be very careful to not “disrupt the apple cart.” Although, I think Modernizing Medicine is keenly interested in taking gMed’s 18 years of experience in gastroenterology and incorporating that knowledge and expertise into the Modernizing Medicine technology. So, I think we’ll see this play out slowly and once Modernizing Medicine has caught their product up to gMed, we’ll see them sunset the gMed software. That could be a year or two at least.

There’s one caveat to all of that though. First, gMed has a PM and Modernizing Medicine doesn’t have one. I asked if Modernizing Medicine would start using the gMed PM. They won’t (at least for now) and I think that’s because Modernizing Medicine wants a truly integrated PM if they’re going to roll out their own PM. Plus, gMed’s PM has so many gastro specific features that I’m not sure it would be a good fit for a dermatologist (one of Modernizing Medicine’s best specialties). My guess is that Modernizing Medicine will utilize gMed’s PM experience to finally roll out their own PM, but we’ll see. They certainly have plenty to tackle when it comes to gastro EHR and deciding what they want to do with the endoscopy report writer which is very popular and important part of what set gMed apart from other EHR vendors.

I respect both gMed and Modernizing Medicine. So, I’m really interested to see what’s going to happen with the combined companies.

Eyes Wide Shut – Making the Most of Meaningful Use, for Healthcare Providers, Insurers, and Patients

Posted on July 21, 2015 I Written By

Mandi Bishop is a hardcore health data geek with a Master's in English and a passion for big data analytics, which she brings to her role as Dell Health’s Analytics Solutions Lead. She fell in love with her PCjr at 9 when she learned to program in BASIC. Individual accountability zealot, patient engagement advocate, innovation lover and ceaseless dreamer. Relentless in pursuit of answers to the question: "How do we GET there from here?" More byte-sized commentary on Twitter: @MandiBPro.

When I ask a room of 100 health plan leaders, “how many of you know what HL7 is,” and only a third raise their hands, I realize there had been a “Meaningful Use” for my recent travels through the healthcare provider system and its maze of regulatory and payer mandates. I navigated change management hell in order to inform my future endeavors. I came out on the other side of an attestation nightmare with the knowledge to educate others who are embarking on extensions of that journey. This “Eyes Wide Shut” series has come full-circle.

For those who have followed this series, a quick update on the fate of the IDN highlighted throughout earlier posts: they have not yet successfully attested to all Meaningful Use Stage 2 measures across all the inpatient facilities and ambulatory practices. However, the continuing changes to attestation criteria (specifically, the engagement measures that caused so much consternation) may allow them to squeak in under the wire in fiscal year 2016 before penalties kick in. Although I’m no longer directly involved in the IDN’s pursuit of multi-EMR integration excellence, I am a “beneficiary” of those encounter data normalization efforts, as I am back to working with payer clients who are leveraging this clinically-integrated network. And I’m still having to adjust for inconsistencies in identity management rules, coding practices, and clinical workflow differences across each of the offices (and departments within offices), as I integrate their information with the insurer’s data ecosystem.

I began this series on my (woefully neglected) personal blog, almost 2 years ago: Eyes Wide Shut: Seeing the Dark Side of Health IT Mandates and Meaningful Use. Coming from the health insurance world, I had no idea of the magnitude of healthcare provider process impacts resulting from regulatory and payer demands (nee, mandates). I was insensitive to the plight of the independent general practitioner, and the size of the budget required to implement a certified EMR, let alone populate it with any patient history or integrate it with existing scheduling or billing processes. I didn’t realize that my request for chart data to support HEDIS measures would involve more work than simply clicking an indicator in an EMR configuration screen to suddenly send me my heart’s desire of data elements. I would never have believed that certified software would not be tested for conformance to code-level specifications (only visual output tests).

To all my clinician and provider office-worker friends: I am sorry for all the ways in which this ignorance may have contributed to the new reality forced on practitioners of medicine to also be data-entry clerks/contract lawyers/IT experts. Personally, I want my doctor to be my doctor. So, I’m dedicating the next leg of my career journey aligning all healthcare system actors to what should always have been our higher purpose: contributing positively to the health and well-being of the individuals and populations we serve.

When I initially began writing this post, I thought I’d be using it to end the series.

Instead, I’m just embarking on a new chapter: the post-provider world of healthcare actor convergence.

HIM Departments Need More Support

Posted on July 16, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

As both a contributor to this blog, and an assertive, activist patient managing chronic conditions, I get to see both sides of professional health information management.  And I have to say that while health data management pros obviously do great things against great odds, support for their work doesn’t seem to have trickled down to the front lines.  I’m speaking most specifically about Medical Records (oops, I mean Health Information Management) departments in hospitals.

As I noted in a related blog post, I recently had a small run-in with the HIM department of a local hospital which seems emblematic of this problem. The snag occurred when I reached out to DC-based Sibley Memorial Hospital and tried to get a new log-in code for their implementation of Epic PHR MyChart. The clerk answering the phone for that department told me, quite inaccurately, that if I didn’t use the activation code provided on my discharge summary papers within two days, my chance to log in to the Johns Hopkins MyChart site was forever lost. (Sibley is part of the Johns Hopkins system.)

Being the pushy type that I am, I complained to management, who put me in touch with the MyChart tech support office. The very smart and help tech support staffer who reached out to me expressed surprise at what I’d been told as a) the code wasn’t yet expired and b) given that I supplied the right security information she’d have been able to supply me with a new one.  The thing is, I never would have gotten to her if I hadn’t known not to take the HIM clerk’s word at face value.

Note: After writing the linked article, I was able to speak to the HIM department leader at Sibley, and she told me that she planned to address the issue of supporting MyChart questions with her entire staff. She seemed to agree completely that they had a vital role in the success of the PHR and patient empowerment generally, and I commend her for that.

Now, I realize that HIM departments are facing what may be the biggest changes in their history, and that Madame Clerk may have been an anomaly or even a temp. But assuming she was a regular hire, how much training would it have taken for the department managers to require her to simply give out the MyChart tech support number? Ten minutes?  Five? A priority e-mail demanding that PHR/digital medical record calls be routed this way would probably have done the trick.

My take on all of this is that HIM departments seem to have a lot of growing up to do. Responsible largely for pushing paper — very important paper but paper nonetheless — they’re now in the thick of the health data revolution without having a central role in it. They aren’t attached to the IT department, really, nor are they directly supporting physicians — they’re sort of a legacy department that hasn’t got as clearly defined a role as it did.

I’m not suggesting that HIM departments be wiped off the map, but it seems to me that some aggressive measures are in order to loop them in to today’s world.

Obviously, training on patient health data access is an issue. If HIM staffers know more about patient portals generally — and ideally, have hands-on experience with them, they’ll be in a better position to support such initiatives without needing to parrot facts blindly. In other words, they’ll do better if they have context.

HIM departments should also be well informed as to EMR and other health data system developments. Sure, the senior people in the department may already be looped in, but they should share that knowledge at brown bag lunches and staff update sessions freely and often. As I see it, this provides the team with much-needed sense of participation in the broader HIT enterprise.

Also, HIM staff members should encourage patients who call to log in and leverage patient portals. Patients who call the hospital with only a vague sense that they can access their health data online will get routed to that department by the switchboard. HIM needs to be well prepared to support them.

These concerns should only become more important as Meaningful Use Stage 3 comes on deck. MU Stage 3 should provide the acid test as to whether whether hospital HIM departments are really ready to embrace change.

Patient Safety and EHR’s: Q&A with Two Companies Striving to Make a Difference – Breakaway Thinking

Posted on July 15, 2015 I Written By

The following is a guest blog post by Lori Balstad, Learning and Development Specialist at The Breakaway Group (A Xerox Company). Check out all of the blog posts in the Breakaway Thinking series.
Lori Balstad
While electronic health records (EHRs) have been in existence since the late 1960s, it wasn’t until almost 30 years later that the Institute of Medicine (IOM) concluded that healthcare would be safer with computerized physician order entry, estimating that 100,000 Americans die each year from preventable adverse events. Now in 2015, most have heard the frightening number of deaths per year due to medical errors—400,000—or more than 1,000 lost lives in the U.S. every day. Preventable medical errors cause the third most deaths in the U.S., right after heart disease and cancer. With many organizations either upgrading old systems or making the decision on their first EHR, it is critical that patient safety is the ultimate goal.

Enter two companies striving towards this goal on both sides of the process:  The Breakaway Group and Sociotechnologix.

The Breakaway Group, A Xerox Company, is committed to ensuring healthcare organizations gain value from technology.   Our innovative approach using “flight simulators” allows users to practice new workflows and reinforce the handoffs required to achieve the quality and safety outcomes they expect. Our research-based solution expedites end-user adoption of new technologies and using the EHR system to its full potential.  This results in fewer errors, and a higher level of care.  Healthcare professionals adopt new applications faster, giving back critical time for providers to do what they do best – care for patients.

Sociotechnologix works to help healthcare organizations understand the influence of culture and leadership on safety and quality of care.  The implementation of technology can create significant patient risk when not used correctly or when system issues are ignored post go-live.  Sociotechnologix uses a validated assessment to measure HIT safety.  This focus on organizational culture drives organizations to integrate quality initiatives into every aspect of care.  They recently launched a tool that allows providers to quickly and easily identify patient safety risks in their EHR.  The application called SafeHIT, provides detailed analytics on the safety, usability, and workflow, from the perspective of clinicians to prioritize safety issues. As sighted by Westat in a report for The Office of the National Coordinator for Health IT (ONC), “Examining health IT incidents within the context of the socio-technical model enables organizations to look beyond the incident to understand it in the context of the people who use the system and the other technologies and processes affected by health IT. Understanding these interactions enables high-reliability organizations to make improvements to their health IT systems when flaws in the systems are identified that can lead to patient harm.”


In the following Q&A, we discuss how EHRs impact patient safety and how each company hopes to improve it. The individuals interviewed from each company are Dr. Heather Haugen, CEO and Managing Director of The Breakaway Group, and Dr. Michael Woods, a Principal of Sociotechnologix, LLC.

Question #1: How must healthcare change to ensure proper use of EHRs for improved safety?

Heather: We must move beyond an implementation mindset.  The hard work begins when the technology is installed.  An EHR is simply one tool we can use to improve care processes.  It requires clinical leadership and a long term commitment to achieve the promise of the EHR- improved quality and safety.

Michael: No one would give their child a medication the FDA had not approved as safe and effective, yet we don’t think twice about having our child cared for in a hospital that has implemented an EHR whose safety and efficacy for patients (and users) hasn’t been systematically demonstrated. Clinical leaders and their organizations will not be able to optimize quality and patient safety without committing to a structured methodology to capture, track, and fix the EHR safety, usability, and workflow issues encountered daily on the frontline of care.

Question #2: Can you share examples of how your company helps improve patient safety?

Heather: We are witnessing a unique time in healthcare.  Healthcare leaders face an increasing number of competing priorities with fewer resources every year.  If we continue to quickly push more technology into clinical care processes without ensuring users are proficient, we will experience an increase in errors and negative impact on quality and safety.  By mimicking the clinical environment, we can easily assess end user proficiency in their actual workflow before they use the live system.  These clinicians are less likely to make an error and learn the system faster.  Giving clinicians time back to focus on the patient and properly use the tools results in safer care.

Michael: We use a sociotechnical approach to assess an organization’s overall patient safety. HIT is one of three components in our model, but it has profound impact on the other two, culture and process. In consulting to a number of organizations, we consistently found EHRs leave frontline caregivers frustrated, cognitively burdened (culture), and forcing workarounds (processes) to the EHR to ensure their patients aren’t harmed. We’ve never heard a frontline caregiver say, “Gosh, our HIT system is just so awesome — it’s so intuitive, easy to use, and safe for our patients.” On the other side of the fence, our data tells us our information technology (IT) colleagues are paralyzed by the sheer volume of (legitimate) frontline complaints (“tickets”), often with no way to categorize, prioritize, and track what issues are creating real safety risks, or which HIT usability issue is costing 10’s or even 100’s of thousands of dollars per year in lost efficiency. It’s for these reasons we created SafeHIT™, a mobile, SaaS-based application for real-time, frontline reporting and advanced analytics of HIT safety, usability, & workflow issues. SafeHIT brings the clinical and IT folks together collaboratively to solve HIT problems, leveraging in-App, bi-directional, highly secure communication.

Question #3: How can companies like The Breakaway Group and Sociotechnologix work together to improve patient safety?

Heather: Both organizations are passionate about improving patient safety through research-based solutions.  We understand patient safety is a complex issue that must be addressed from multiple touch points in the organization.  By pairing our solutions, an organization can address safety across the care continuum – from the leadership culture of safety to how providers use technology to deliver the highest quality of care.

Michael: Heather is spot-on. Sociotechnologix talks about EHR ROS – return on safety – an EHR system that actually helps the entire sociotechnical environment (culture, processes, and technology) be safer. Combining the methodologies and data streams from The Breakaway Group and Sociotechnologix creates a truly unique — and frankly, for the first time — complete approach to not just the initial EHR implementation, but ongoing and sustained EHR proficiency, safety, usability, and workflow optimization, while stopping the pandemic, ongoing lost efficiency costs associated with sub-optimal adoption and usability.


Many government organizations and institutions have also recognized the need to evaluate health IT’s role in patient safety over the last few years. The ONC has funded numerous reports and projects for this very reason and holds meetings with the Agency for Healthcare Research and Quality (AHRQ) to coordinate health IT and patient safety.  AHRQ has recently awarded $4 million in new research grants to improve the safety of health IT. More information can be found at healthit.ahrq.gov.

Focusing on processes to ensure better use of health IT, from the true adoption of applications to how they are being used in real time and what issues arise, will make us all safer and provide a better patient experience. The right intentions have been there for 50 years.  We’ve had successes and growth, and are getting better at defining the needs of patients, providers, and organizations to reach the ultimate goal of safety.

Xerox is a sponsor of the Breakaway Thinking series of blog posts. The Breakaway Group is a leader in EHR and Health IT training.

FHIR Optimism – Is It Misplaced?

Posted on July 9, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

We’ve all seen the optimism around FHIR. I even wrote the cheeky post titled FHIR is on Fire. I think that observation is still accurate. If you mention the word FHIR, then people start listening. I saw a number of sessions at HIMSS on FHIR and there was a lot of interest. I actually think that many people were (and are) still trying to figure out how FHIR is different from all the previous HL7 versions, but there was a definite interest in learning about it.

Admittedly, I’m still working to understand FHIR as well. However, in all the learning I’ve done, FHIR feels like more of the same. Certainly it’s a step forward from previous HL7 iterations. I think that it has much more robust capabilities. There is a lot to like about FHIR and I don’t want to thwart people’s efforts to bring it to light.

As I’ve thought about this more though, I don’t think FHIR is the coming of interoperability. Here’s what I asked in today’s #KareoChat:

I think most would agree that the reason we don’t have healthcare data interoperability yet has almost nothing to do with the technology. It has everything to do with political and economic reasons why healthcare organizations didn’t (and many still don’t) want to share data. I’m quite sure that if there was a political and financial reason to share data it would happen very quickly.

Assuming you agree with this premise, why then do we think that a new tech standard (FHIR in this case) will change those dynamics? Will FHIR be so plug and play obvious that healthcare executives will start being embarrassed for not sharing data when it’s so easy? My past experience with healthcare standards say that won’t be the case. FHIR will be a technical improvement over what we have today, but still will require a lot of effort.

I’d love to be proven wrong on this. Do you have a different view? I’d love to learn in the comments.

The Current EHR “Reality”

Posted on July 1, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In response to my post on EMR and EHR about specialty specific EHR, we started a nice discussion about the need for specialty specific EHR vendors and all EHR vendors to create the capability to integrate with third party vendors who can extend the functionality of the EHR. This is not a new subject for Healthcare Scene, but it is an important one.

After talking about the dream framework of a middleware provider that connected third parties with every EHR, one of the readers offered their perspectives on the current EHR “reality”:

1) EHR vendors believe they are making great progress with their evolution.
2) EHR vendors believe that the next release is going to make everything right.
3) EHR vendors don’t believe that anyone can deliver a better solution then they can.
4) EHR vendors want to restrict access to “their” data. There’s money in that thar data.

He then offered a quote from this article: “we are stuck in a perpetual midpoint” along with these insights:

Procrastination is the best defense the EHR vendors can use to protect their turf.

That is where we will stay.

Unless there is some type of congressional action we will all keep wondering why interoperability keeps stalling and UCD is failing.

Those are some stinging words. The sting is stronger because I’ve seen so many cases of what he describes. I’ve seen glimpses of change on the horizon, but they are just glimpses. We’re really talking about an entire change in culture when it comes to EHRs.

I asked him this question, “Can the current crop of EHR build an app store model that would enable this vision? Is it an opportunity for a new vendor?

2300 Blog Posts and 11 Million Pageviews Later

Posted on June 29, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

For those that don’t know the history of EMR and HIPAA, I wrote the first post on EMR and HIPAA back on December 11, 2005. It’s fun to read that first post. Short and sweet. I hit some high level points which amazingly still represent my desires 10 years later. “I will try to incorporate any aspects of EMR and HIPAA because I think best practices across the industry are important to know.” – I still try to incorporate any aspect of healthcare IT. Lately I’ve been writing even more about the business of medicine, but I still try and find best practices.

In my original post I invited people to participate in the conversation. I still desire this greatly, but I’ve found that much of the conversation has moved to social media versus the blog comment section. Plus, as I’ve refined my blogging skill, it avoids many comment threads. In the beginning I wasn’t as skilled and so there was a lot of opportunity to correct me which made for great comment threads.

The last line of that original post really expressed my understanding of EHR at the time: “This is my best knowledge from my research and is not guaranteed in anyway.” Pretty funny that I thought to put in a disclaimer from the start. When I started I knew so little. It’s amazing how much you can learn over 10 years. Yet, I’m still learning.

5 months into my EMR and HIPAA blogging journey I celebrated reaching 30,000 visitors to my blog. I was amazed by my achievement. Little did I know that less than 10 years later I’d be celebrating 2300 blog posts and 11 million pageviews. For some perspective, we celebrated 3 million pageviews in August 2010 and then last Valentine’s day we celebrated 9 million pageviews. I was nostalgic for those posts and still am today.

I’m really not sure how to process 2300 blog posts and 11 million pageviews for one of my Healthcare Scene blogs. I mostly feel to say: Thank you!

I never thought I’d be a full time blogger when I grew up, but I feel lucky to do so. Over the past 5 years as a full time blogger, it’s been amazing to see the blogging business model change. When I started blogging people were happy to buy links from my site (We stay far away from that now). We always have done some pay per click and display advertising and those both still do quite well for us. However, as we’ve matured, we’ve been able to offer a variety of email marketing and sponsored content options which really take healthcare IT marketing to the next level.

With that in mind, I want to take a second to thank those companies who are currently supporting the work we do here at EMR and HIPAA. Without their support, none of this would be possible.

EMR and HIPAA Email Sponsors
DrChrono
Stericycle

EMR and HIPAA Sponsored Content Series
ClinicSpectrum
The Breakaway Group

EMR and HIPAA Display Advertising
Ambir
HIPAA Secure Now
Colocation America
Accountable

What I love about each of these companies is that they are looking to promote their company, but they’re also interested in supporting the work we do here at EMR and HIPAA. Almost all of them are not only sponsors of the site, but also readers of the site as well.

If your company would like to support the work we do here at EMR and HIPAA, we’ve created a new landing page which outlines all of the various healthcare IT marketing and advertising options we offer across the Healthcare Scene network. We’d love to work with you on sharing your message. Just drop us a note on our contact us page.

We’ve got a lot of ideas on how to continue to make what we do here at EMR and HIPAA better. However, what won’t change is our efforts to provide valuable content that helps make our readers’ lives easier.

Does Federal Health Data Warehouse Pose Privacy Risk?

Posted on June 23, 2015 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Not too long ago, few consumers were aware of the threat data thieves posed to their privacy, and far fewer had even an inkling of how vulnerable many large commercial databases would turn out to be.

But as consumer health data has gone digital — and average people have become more aware of the extent to which data breaches can affect their lives — they’ve grown more worried, and for good reason. As a series of spectacular data breaches within health plans has illustrated, both their medical and personal data might be at risk, with potentially devastating consequences if that data gets into the wrong hands.

Considering that these concerns are not only common, but pretty valid, federal authorities who have collected information on millions of HealthCare.gov insurance customers need to be sure that they’re above reproach. Unfortunately, this doesn’t seem to be the case.

According to an Associated Press story, the administration is storing all of the HealthCare.gov data in a perpetual central repository known as MIDAS. MIDAS data includes a lot of sensitive information, including Social Security numbers, birth dates, addresses and financial accounts.  If stolen, this data could provide a springboard for countless case of identity or even medical identity theft, both of which have emerged as perhaps the iconic crimes of 21st century life.

Both the immensity of the database and a failure to plan for destruction of old records are raising the hackles of privacy advocates. They definitely aren’t comfortable with the ten-year storage period recommended by the National Archives.

An Obama Administration rep told the AP that MIDAS meets or exceeds federal security and privacy standards, by which I assume he largely meant HIPAA regs. But it’s reasonable to wonder how long the federal government can protect its massive data store, particularly if commercial entities like Anthem — who arguably have more to lose — can’t protect their beneficiaries’ data from break-ins. True, MIDAS is also operated by a private concern, government technology contractor CACI, but the workflow has to impacted by the fact that CMS owns the data.

Meanwhile, growing privacy breach questions are driven by reasonable concerns, especially those outlined by the GAO, which noted last year that MIDAS went live without an in-depth assessment of privacy risks posed by the system.

Another key point made by the AP report (which did a very good job on this topic, by the way, somewhat to my surprise) is that MIDAS’ mission has evolved from a facility for running analytics on the data to a central clearinghouse for data sharing between CMS and health insurance companies and state Medicaid organizations. And we all know that with mission creep can come feature creep; with feature creep comes greater and greater potential for security holes that are passed over and left to be found by intruders.

Now, private healthcare organizations will still be managing the bulk of consumer medical data for the near future. And they have many vulnerabilities that are left unpatched, as recent events have emphasized. But in the near term, it seems like a good idea to hold the federal government’s feet to the fire. The last thing we need is a giant loss of consumer confidence generated by a giant government data exposure.

Downsides of Incorporating Behavioral and Social Data Into an EHR

Posted on June 19, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In response to my post about incorporating behavioral and social data into EHR, I got the following email from one of our readers:

My worry on the collection of such behavioral and social data is that it will get used to further prescribe people with the psychiatric drugs that have such horrendous side effects to the benefit of big pharma rather than move towards diet, health education, nutrition and other non-medical remedies that can have long lasting benefits for a lifetime.

It’s a very fine point. In my previous article I didn’t spend enough time talking about the potential downsides of incorporating all that data into an EHR. The reader pointed out the potential abuse by big pharma to sell more drugs. No doubt, pharma is trying to sell more drugs. I’m sure the creative minds at pharma will try and find ways to leverage this data and sell more drugs. That’s the nature of healthcare.

However, I think pharma would try to do this whether the data was in the EHR or not. In fact, having this data in the EHR for the doctor might mean the doctor makes better choices and doesn’t always default to pharma to treat a patient. For example, if you know they’re living in a poor area, then you can ask them if they have enough food or heat in the winter in order to avoid them returning to you a few weeks later with another cold. This would actually lead to less drugs because you’re actually treating the cause of the problem as opposed to just the presenting problem.

While this example paints a pretty picture, you could also paint an awful picture where this data is used for discrimination. This could be in the office itself or by insurance companies. Some of the new ACA laws help when it comes to insurance discrimination, but many fear that the move to ACOs will cause these organization to discriminate against the unhealthy and poor. I have this fear as well. When you pay to keep people healthy, who do you want to have in your patient population? The healthy.

When you start talking about including all this new data in an EHR, there are a lot of privacy and security questions that come up as well. We’ve always known that the patient record was a treasure trove of personal information that needed to be safeguarded and protected from abuse. Social and behavioral data makes the health record even that much more desirable to nefarious groups who want to abuse the data. HIPAA along with privacy and security will become that much more important.

I’m sure I’m just touching the surface on the challenges and problems associated with all this new data. Although, the thing that scares me most is the way people could abuse the data. I don’t think these are reasons to not use this data. We need to use this data to move healthcare forward. However, it is a call to be very thoughtful about how we collect, secure, and use the data we’re collecting.

Interoperability of Electronic Health Records– Benefits and Opportunities – Breakaway Thinking

Posted on June 17, 2015 I Written By

The following is a guest blog post by Jennifer Bergeron, Learning and Development Manager at The Breakaway Group (A Xerox Company). Check out all of the blog posts in the Breakaway Thinking series.
Jennifer Bergeron
Electronic health records (EHR) aim to improve healthcare and processes for providers and patients on a number of fronts. In an ideal situation according to HealthIT.gov, the clinician benefits by having quick access to patient records and alerts, the ability to quickly and accurately report, and a path to safer prescribing. Patients should be able to spend less time filling out duplicative forms at clinics, have prescriptions sent automatically to pharmacies, and gain easier access to specialist referrals.

The International Journal of Innovation and Applied Studies points out that interoperability can work toward a resolution to several current problems including patient record accessibility and consolidation, and healthcare costs. As far as getting patient information and all available information when it’s needed, the report “estimated that 18% of medical errors that result in an adverse drug event were due to inadequate availability of patients’ information.” Healthcare costs are reduced when different entities can share and communicate common data and could save up to $77.8 billion annually.

Given the potential benefits, there are still opportunities to achieve interoperability. For example, not all healthcare organizations are using EHRs so data isn’t being collected consistently across the board. In 2014 there was an increase in the percentage of hospitals with EHRs. However, only 39% of physicians reported that they share data with other providers. Even though the data is available to share, some EHR users may still be living in a silo and haven’t reached full adoption. In addition, existing specification standards have not promoted interoperability. Even though there is data is available to share, few providers are tapping into that information.

To help increase data sharing, more attention is being paid to FHIR, or Fast Healthcare Interoperability Resources. FHIR stems from HL7 (Health Level Seven) data exchange and information modeling standards. HL7 has been around since 1987 to develop families of standards used to automate healthcare data sharing with the goal to improve patient care. FHIR builds upon the interoperability uses of HL7 and takes into consideration the changes in technology and requirements. According to the Office of the National Coordinator for Health Information Technology (ONC), FHIR is used to enable data access, is used as the container to return query results, and will be used to build necessary security and privacy controls.

FHIR combines what are called “resources” — also known as an instance of data – that define data and are used for specific content. Within a resource are characteristics including “a common way to define and represent them, building them from data types that define common reusable patterns of elements, a common set of metadata, and a human readable part.” Collected data can be used and exchanged, searched for individually or in groupings, analyzed and examined.

Interoperability and the role of FHIR is not yet clearly defined. Going forward, the roadmap for interoperability built by the ONC will be watched closely. Guidelines are broad at this point to allow appropriate decision-making as paths are forged. A group of organizations called the Argonaut Project has committed to working with FHIR. HI7.org defines the Argonaut Project as having the purpose of developing “a first-generation API (application programming interface) and Core Data Services specification to enable expanded information sharing for electronic health records, documents, and other health information based on the FHIR specification.”

APIs are at work behind the scenes when we’re accessing information online. Although healthcare is beginning to harness the power of APIs these interfaces are present everywhere in our day-to-day lives. For example, say you are listening to Spotify and want to connect that application with Facebook. An API helps make that translation of information from Spotify to Facebook happen.  Imagine the possibilities in the realm of data and healthcare. The development of APIs by the Argonaut Project is just the beginning stages of data sharing and interoperability.

In order to reach true interoperability and efficient use of FHIR, the first step is EHR adoption. Once data is captured into an EHR system, organizations can focus on data standards and clear data management, and have the ability to measure impacts to healthcare patients, providers, costs, and communication. Without the right, accurate data input, interpretation at the end of the process is not accurate or actionable. If clinicians are aware of how their engagement with data and proper input at the beginning of this process affects their practice, their patient’s experience and health, and healthcare on a broad spectrum, they can make a difference well into the future.

Xerox is a sponsor of the Breakaway Thinking series of blog posts. The Breakaway Group is a leader in EHR and Health IT training.