Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

The Burden of Structured Data: What Health Care Can Learn From the Web Experience (Part 2 of 2)

Posted on September 23, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The first part of this article summarized what Web developers have done to structure data, and started to look at the barriers presented by health care. This part presents more recommendations for making structured data work.

The Grand Scheme of Things
Once you start classifying things, it’s easy to become ensnared by grandiose pipe dreams and enter a free fall trying to design the perfect classification system. A good system is distinguished by knowing its limitations. That’s why microdata on the Web succeeded. In other areas, the field of ontology is littered with the carcasses of projects that reached too far. And health care ontologies always teeter on the edge of that danger.

Let’s take an everyday classification system as an example of the limitations of ontology. We all use genealogies. Imagine being able to sift information about a family quickly, navigating from father to son and along the trail of siblings. But even historical families, such as royal ones, introduce difficulties right away. For instance, children born out of wedlock should be shown differently from legitimate heirs. Modern families present even bigger headaches. How do you represent blended families where many parents take responsibilities of different types for the children, or people who provided sperm or eggs for artificial insemination?

The human condition is a complicated one not subject to easy classification, and that naturally extends to health, which is one of the most complex human conditions. I’m sure, for instance, that the science of mosquito borne diseases moves much faster than the ICD standard for disease. ICD itself should be replaced with something that embodies semantic meaning. But constant flexibility must be the hallmark of any ontology.

Transgender people present another enormous challenge to ontologies and EHRs. They’re a test case for every kind of variation in humanity. Their needs and status vary from person to person, with no classification suiting everybody. These needs can change over time as people make transitions. And they may simultaneously need services defined for male and female, with the mix differing from one patient to the next.

Getting to the Point
As the very term “microdata” indicates, those who wish to expose semantic data on the Web can choose just a few items of information for that favored treatment. A movie theater may have text on its site extolling its concession stand, its seating, or its accommodations for the disabled, but these are not part of the microdata given to search engines.

A big problem in electronic health records is their insistence that certain things be filled out for every patient. Any item that is of interest for any class of patient must appear in the interface, a problem known in the data industry as a Cartesian explosion. Many observers counsel a “less is more” philosophy in response. It’s interesting that a recent article that complained of “bloated records” and suggested a “less is more” approach goes on to recommend the inclusion of scads of new data in the record, to cover behavioral and environmental information. Without mentioning the contradiction explicitly, the authors address it through the hope that better interfaces for entering and displaying information will ease the burden on the clinician.

The various problems with ontologies that I have explained throw doubt on whether EHRs can attain such simplicity. Patients are not restaurants. To really understand what’s important about a patient–whether to guide the clinician in efficient data entry or to display salient facts to her–we’ll need systems embodying artificial intelligence. Such systems always feature false positives and negatives. They also depend on continuous learning, which means they’re never perfect. I would not like to be the patient whose data gets lost or misclassified during the process of tuning the algorithms.

I do believe that some improvements in EHRs can promote the use of structured data. Doctors should be allowed to enter the data in the order and the manner they find intuitive, because that order and that manner reflect their holistic understanding of the patient. But suggestions can prompt them to save some of the data in structured format, without forcing them to break their trains of thought. Relevant data will be collected and irrelevant fields will not be shown or preserved at all.

The resulting data will be less messy than what we have in unstructured text currently, but still messy. So what? That is the nature of data. Analysts will make the best use of it they can. But structure should never get in the way of the information.

The Burden of Structured Data: What Health Care Can Learn From the Web Experience (Part 1 of 2)

Posted on September 22, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

Most innovations in electronic health records, notably those tied to the Precision Medicine initiative that has recently raised so many expectations, operate by moving clinical information into structure of one type or another. This might be a classification system such as ICD, or a specific record such as “medications” or “lab results” with fixed units and lists of names to choose from. There’s no arguing against the benefits of structured data. But its costs are high as well. So we should avoid repeating old mistakes. Experiences drawn from the Web may have something to teach the health care field in respect to structured data.

What Works on the Web
The Web grew out of a structured data initiative. The dream of organizing information goes back decades, and was embodied in Standard Generalized Markup Language (SGML) years before Tim Berners-Lee stole its general syntax to create HTML and present information on the Web. SGML could let a firm mark in its documents that FR927 was a part number whereas SG1 was a building. Any tags that met the author’s fancy could be defined. This put semantics into documents. In other words, the meaning of text could be abstracted from the the text and presented explicitly. Semantics got stripped out of HTML. Although the semantic goals of SGML were re-introduced into the HTML successor XML, it found only niche uses. Another semantic Web tool, JSON, was reserved for data storage and exchange, not text markup.

Since the Web got popular, people have been trying to reintroduce semantics into it. There was Dublin Core, then RDF, then microdata in places like schema.org–just to list a few. Two terms denoting structured data on the Web, the Semantic Web and Linked Data, have been enthusiastically taken up by the World Wide Web Consortium and Tim Berners-Lee himself.

But none of these structured data initiatives are widely known among the Web-browsing public, probably because they all take a lot of work to implement. Furthermore, they run into the bootstrapping problem faced by nearly all standards: if your web site uses semantics that aren’t recognized by the browser, they’re just dropped on the ground (or even worse, the browser mangles your web pages).

Even so, recent years have seen an important form of structured data take off. When you look up a movie or restaurant on a major search engine such a Google, Yahoo!, or Bing, you’ll see a summary of the information most people want to see: local showtimes for the movie, phone number and ratings for a restaurant, etc. This is highly useful (particularly on mobile devices) and can save you the trouble of visiting the web site from which the data comes. Google calls these summaries Rich Cards and Rich Snippets.

If my memory serves me right, the basis for these snippets didn’t come from standards committees involving years of negotiation between stake-holders. Google just decided what would be valuable to its users and laid out the standard. It got adopted because it was a win-win. The movie theaters and restaurants got their information right into the viewer’s face, and the search engine became instantly more valuable and more likely to be used again. The visitors doing the search obviously benefitted too. Everyone found it worth their time to implement the standards.

Interestingly, as structure moves into metadata, HTML itself is getting less semantic. The most recent standard, HTML5, did add a few modest tags such as header and footer. But many sites are replacing meaningful HTML markup, such as p for paragraph, with two ultra-generic tags: div for a division that is set off from other parts of the page, and span for a piece of text embedded within another. Formatting is expressed through CSS, a separate language.

Having reviewed a bit of Web history, let’s see what we can learn from it and apply to health care.

Make the Customer Happy
Win-win is the key to getting a standard adopted. If your clinician doesn’t see any benefit from the use of structured data, she will carp and bristle at any attempt to get her to enter it. One of the big reasons electronic health records are so notoriously hard to use is, “All those fields to fill out.” And while lists of medications or other structured data can help the doctor choose the right one, they can also help her enter serious errors–perhaps because she chose the one next to the one she meant to choose, or because the one she really wanted isn’t offered on the list.

Doctors’ resentment gets directed against every institution implicated in the structured data explosion: the ONC and CMS who demand quality data and other fields of information for their own inscrutable purposes, the vendor who designs up the clunky system, and the hospital or clinic that forces doctors to use it. But the Web experience suggests that doctors would fill out fields that would help them in their jobs. The use of structured data should be negotiated, not dictated, just like other innovations such as hand-washing protocols or checklists. Is it such a radical notion to put technology at the service of the people using it?

I know it’s frustrating to offer that perspective, because many great things come from collecting data that is used in analytics and can turn up unexpected insights. If we fill out all those fields, maybe we’ll find a new cure! But the promised benefit is too far off and too speculative to justify the hourly drag upon the doctor’s time.

We can fall back on the other hope for EHR improvement: an interface that makes data entry so easy that doctors don’t mind using structured fields. I have some caveats to offer about that dream, which will appear in the second part of this article.

Can Machine Learning Tame Healthcare’s Big Data?

Posted on September 20, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Big data is both a blessing and a curse. The blessing is that if we use it well, it will tell us important things we don’t know about patient care processes, clinical improvement, outcomes and more. The curse is that if we don’t use it, we’ve got a very expensive and labor-hungry boondoggle on our hands.

But there may be hope for progress. One article I read today suggests that another technology may hold the key to unlocking these blessings — that machine learning may be the tool which lets us harvest the big data fields. The piece, whose writer, oddly enough, was cited only as “Mauricio,” lead cloud expert at Cloudwards.net, argues that machine learning is “the most effective way to excavate buried patterns in the chunks of unstructured data.” While I am an HIT observer rather than techie, what limited tech knowledge I possess suggests that machine learning is going to play an important role in the future of taming big data in healthcare.

In the piece, Mauricio notes that big data is characterized by the high volume of data, including both structured and non-structured data, the high velocity of data flowing into databases every working second, the variety of data, which can range from texts and email to audio to financial transactions, complexity of data coming from multiple incompatible sources and variability of data flow rates.

Though his is a general analysis, I’m sure we can agree that healthcare big data specifically matches his description. I don’t know if you who are reading this include wild cards like social media content or video in their big data repositories, but even if you don’t, you may well in the future.

Anyway, for the purposes of this discussion, let’s summarize by saying that in this context, big data isn’t just made of giant repositories of relatively normalized data, it’s a whirlwind of structured and unstructured data in a huge number of formats, flooding into databases in spurts, trickles and floods around the clock.

To Mauricio, an obvious choice for extracting value from this chaos is machine learning, which he defines as a data analysis method that automates extrapolated model-building algorithms. In machine learning models, systems adapt independently without any human interaction, using automatically-applied customized algorithms and mathematical calculations to big data. “Machine learning offers a deeper insight into collected data and allows the computers to find hidden patterns which human analysts are bound to miss,” he writes.

According to the author, there are already machine learning models in place which help predict the appearance of genetically-influenced diseases such as diabetes and heart disease. Other possibilities for machine learning in healthcare – which he doesn’t mention but are referenced elsewhere – include getting a handle on population health. After all, an iterative learning technology could be a great choice for making predictions about population trends. You can probably think of several other possibilities.

Now, like many other industries, healthcare suffers from a data silo problem, and we’ll have to address that issue before we create the kind of multi-source, multi-format data pool that Mauricio envisions. Leveraging big data effectively will also require people to cooperate across departmental and even organizational boundaries, as John Lynn noted in a post from last year.

Even so, it’s good to identify tools and models that can help get the technical work done, and machine learning seems promising. Have any of you experimented with it?

Will a Duo of AI and Machine Learning Catch Data Thieves Lurking in Hospital EHR Corridors?

Posted on September 19, 2016 I Written By

The following is a guest blog post by Santosh Varughese, President of Cognetyx, an organization devoted to using artificial intelligence and machine learning innovation to bring an end to the theft of patient medical data.
santosh-varughese-president-cognetyx
As Halloween approaches, the usual spate of horror movies will intrigue audiences across the US, replete with slashers named Jason or Freddie running amuck in the corridors of all too easily accessible hospitals. They grab a hospital gown and the zombies fit right in.  While this is just a movie you can turn off, the real horror of patient data theft can follow you.

(I know how terrible this type of crime can be. I myself have been the victim of a data theft by hackers who stole my deceased father’s medical files, running up more than $300,000 in false charges. I am still disputing on-going bills that have been accruing for the last 15 years).

Unfortunately, this horror movie scenario is similar to how data thefts often occur at medical facilities. In 2015, the healthcare industry was one of the top three hardest hit industries with serious data breaches and major attacks, along with government and manufacturers. Packed with a wealth of exploitable information such as credit card data, email addresses, Social Security numbers, employment information and medical history records, much of which will remain valid for years, if not decades and fetch a high price on the black market.

Who Are The Hackers?
It is commonly believed attacks are from outside intruders looking to steal valuable patient data and 45 percent of the hacks are external. However, “phantom” hackers are also often your colleagues, employees and business associates who are unwittingly careless in the use of passwords or lured by phishing schemes that open the door for data thieves. Not only is data stolen, but privacy violations are insidious.

The problem is not only high-tech, but also low-tech, requiring that providers across the continuum simply become smarter about data protection and privacy issues. Medical facilities are finding they must teach doctors and nurses not to click on suspicious links.

For healthcare consultants, here is a great opportunity to not only help end this industry wide problem, but build up your client base by implementing some new technologies to help medical facilities bring an end to data theft.  With EHRs being more vulnerable than ever before, CIOs and CISOs are looking for new solutions.  These range from thwarting accidental and purposeful hackers by implementing physical security procedures to securing network hardware and storage media through measures like maintaining a visitor log and installing security cameras. Also limiting physical access to server rooms and restricting the ability to remove devices from secure areas.

Of course enterprise solutions for the entire hospital system using new innovations are the best way to cast a digital safety net over all IT operations and leaving administrators and patients with a sense of security and safety.

Growing Nightmare
Medical data theft is a growing national nightmare.  IDC’s Health Insights group predicts that 1 in 3 healthcare recipients will be the victim of a medical data breach in 2016.  Other surveys found that in the last two years, 89% of healthcare organizations reported at least one data breach, with 79% reporting two or more breaches. The most commonly compromised data are medical records, followed by billing and insurance records. The average cost of a healthcare data breach is about $2.2 million.

At health insurer Anthem, Inc., foreign hackers stole up to 80 million records using social engineering to dig their way into the company’s network using the credentials of five tech workers. The hackers stole names, Social Security numbers and other sensitive information, but were thwarted when an Anthem computer system administrator discovered outsiders were using his own security credentials to log into the company system and to hack databases.

Investigators believe the hackers somehow compromised the tech worker’s security through a phishing scheme that tricked the employee into unknowingly revealing a password or downloading malicious software. Using this login information, they were able to access the company’s database and steal files.

Healthcare Hacks Spread Hospital Mayhem in Diabolical Ways
Not only is current patient data security an issue, but thieves can also drain the electronic economic blood from hospitals’ jugular vein—its IT systems. Hospitals increasingly rely on cloud delivery of big enterprise data from start-ups like iCare that can predict epidemics, cure disease, and avoid preventable deaths. They also add Personal Health Record apps to the system from fitness apps like FitBit and Jawbone.

Banner Health, operating 29 hospitals in Arizona, had to notify millions of individuals that their data was exposed. The breach began when hackers gained access to payment card processing systems at some of its food and beverage outlets. That apparently also opened the door to the attackers accessing a variety of healthcare-related information.

Because Banner Health says its breach began with an attack on payment systems, it differentiates from other recent hacker breaches. While payment system attacks have plagued the retail sector, they are almost unheard of by healthcare entities.

What also makes this breach more concerning is the question of how did hackers access healthcare systems after breaching payment systems at food/beverage facilities, when these networks should be completely separated from one another? Healthcare system networks are very complex and become more complicated as other business functions are added to the infrastructure – even those that don’t necessarily have anything to do with systems handling and protected health information.

Who hasn’t heard of “ransomware”? The first reported attack was Hollywood Presbyterian Medical Center which had its EHR and clinical information systems shut down for more than week. The systems were restored after the hospital paid $17,000 in Bitcoins.

Will Data Thieves Also Rob Us of Advances in Healthcare Technology?
Is the data theft at MedStar Health, a major healthcare system in the DC region, a foreboding sign that an industry racing to digitize and interoperate EHRs is facing a new kind of security threat that it is ill-equipped to handle? Hospitals are focused on keeping patient data from falling into the wrong hands, but attacks at MedStar and other hospitals highlight an even more frightening downside of security breaches—as hospitals strive for IT interoperability. Is this goal now a concern?

As hospitals increasingly depend on EHRs and other IT systems to coordinate care, communicate critical health data and avoid medication errors, they could also be risking patients’ well-being when hackers strike. While chasing the latest medical innovations, healthcare facilities are rapidly learning that caring for patients also means protecting their medical records and technology systems against theft and privacy violations.

“We continue the struggle to integrate EHR systems,” says anesthesiologist Dr. Donald M. Voltz, Medical Director of the Main Operating Room at Aultman Hospital in Canton, OH, and an advocate and expert on EHR interoperability. “We can’t allow patient data theft and privacy violations to become an insurmountable problem and curtail the critical technology initiative of resolving health system interoperability. Billions have been pumped into this initiative and it can’t be risked.”

Taking Healthcare Security Seriously
Healthcare is an easy target. Its security systems tend to be less mature than those of other industries, such as finance and tech. Its doctors and nurses depend on data to perform time-sensitive and life-saving work.

Where a financial-services firm might spend a third of its budget on information technology, hospitals spend only about 2% to 3%. Healthcare providers are averaging less than 6% of their information technology budget expenditures on security, according to a recent HIMSS survey. In contrast, the federal government spends 16% of its IT budget on security, while financial and banking institutions spend 12% to 15%.

Meanwhile, the number of healthcare attacks over the last five years has increased 125%, as the industry has become an easy target. Personal health information is 50 times more valuable on the black market than financial information. Stolen patient health records can fetch as much as $363 per record.

“If you’re a hacker… would you go to Fidelity or an underfunded hospital?” says John Halamka, the chief information officer of Beth Israel Deaconess Medical Center in Boston. “You’re going to go where the money is and the safe is the easiest to open.”

Many healthcare executives believe that the healthcare industry is at greater risk of breaches than other industries. Despite these concerns, many organizations have either decreased their cyber security budgets or kept them the same. While the healthcare industry has traditionally spent a small fraction of its budget on cyber defense, it has also not shored up its technical systems against hackers.

Disrupting the Healthcare Security Industry with Behavior Analysis   
Common defenses in trying to keep patient data safe have included firewalls and keeping the organization’s operating systems, software, anti-virus packages and other protective solutions up-to-date.  This task of constantly updating and patching security gaps or holes is ongoing and will invariably be less than 100% functional at any given time.  However, with only about 10% of healthcare organizations not having experienced a data breach, sophisticated hackers are clearly penetrating through these perimeter defenses and winning the healthcare data security war. So it’s time for a disruption.

Many organizations employ network surveillance tactics to prevent the misuse of login credentials. These involve the use of behavior analysis, a technique that the financial industry uses to detect credit card fraud. By adding some leading innovation, behavior analysis can offer C-suite healthcare executives a cutting-edge, game-changing innovation.

The technology relies on the proven power of cloud technology to combine artificial intelligence with machine learning algorithms to create and deploy “digital fingerprints” using ambient cognitive cyber surveillance to cast a net over EHRs and other hospital data sanctuaries. It exposes user behavior deviations while accessing EHRs and other applications with PHI that humans would miss and can not only augment current defenses against outside hackers and malicious insiders, but also flag problem employees who continually violate cyber security policy.

“Hospitals have been hit hard by data theft,” said Doug Brown, CEO, Black Book Research. “It is time for them to consider new IT security initiatives. Harnessing machine learning artificial intelligence is a smart way to sort through large amounts of data. When you unleash that technology collaboration, combined with existing cloud resources, the security parameters you build for detecting user pattern anomalies will be difficult to defeat.”

While the technology is advanced, the concept is simple. A pattern of user behavior is established and any actions that deviate from that behavior, such as logging in from a new location or accessing a part of the system the user normally doesn’t access are flagged.  Depending on the deviation, the user may be required to provide further authentication to continue or may be forbidden from proceeding until a system administrator can investigate the issue.

The cost of this technology will be positively impacted by the continuing decline in the cost of storage and processing power from cloud computing giants such as Amazon Web Services, Microsoft and Alphabet.

The healthcare data security war can be won, but it will require action and commitment from the industry. In addition to allocating adequate human and monetary resources to information security and training employees on best practices, the industry would do well to implement network surveillance that includes behavior analysis. It is the single best technological defense against the misuse of medical facility systems and the most powerful weapon the healthcare industry has in its war against cyber criminals.

Mobile Health App Makers Still Shaky On Privacy Policies

Posted on September 16, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study has concluded that while mobile health app developers are developing better privacy practices, these developers vary widely in how they share those policies with consumers. The research, part of a program launched in 2011 by the Future of Privacy Forum, concludes that while mHealth app makers have improved their practices, too many are still not as clear as they could be with users as to how they handle private health information.

This year’s FPF Mobile App Study notes that mHealth players are working to make privacy policies available to users before purchase or download, by posting links on the app listing page. It probably has helped that the two major mobile health app distribution sites require apps that collect personal info to have a privacy policy in place, but consumer and government pressure has played a role as well, the report said. According to FPF researchers, mHealth app makers are beginning to explain how personal data is collected, used and shared, a step privacy advocates see as the bare minimum standard.

Researchers found that this year, 76% of top overall apps on the iOS App Store and Google Play had a privacy policy, up from 68% noted in the previous iteration of the study. In contrast, only 61% of health and fitness apps surveyed this year included a link to their privacy policies in their app store listing, 10% less than among top apps cutting across all categories.  “Given that some health and fitness apps can access sensitive, physiological data collected by sensors on a mobile phone, wearable, or other device, their below-average performance is both unexpected and troubling,” the report noted.

This disquieting lack of thorough privacy protections extended even to apps collecting some of the most intimate data, the FPF report pointed out. In particular, a subset of mHealth developers aren’t doing anything much to make their policies accessible.

For example, researchers found that while 80% of apps helping women track periods and fertility across Google Play and the iOS App Store had privacy policies, just 63% of the apps had posted links to these policies. In another niche, sleep tracking apps, only 66% of even had a privacy policy in place, and just 54% of these apps linked back to the policy on their store page. (FPF terms this level of performance “dismal,” and it’s hard to disagree.)

Underlying this analysis is the unfortunate truth that there’s still no gold standard for mHealth privacy policies. This may be due more to the complexity of the still-maturing mobile health ecosystem than resistance to creating robust policies, certainly. But either way, this issue won’t go away on its own, so mHealth app developers will need to give their privacy strategy more thought.

Engaging Patients With Health Data Cuts Louisiana ED Overuse

Posted on September 15, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Maybe I’m misreading things, but it seems to me that few health IT pros really believe we can get patients to leverage their own health data successfully. And I understand why. After all, we don’t even have clear evidence that patient portals improve outcomes, and portals are probably the most successful engagement tool the industry has come up with to date.

And not to be a jerk about it, but I bet you’d be hard-pressed to find HIT gurus who believed the state of Louisiana would lead the way, as the achingly poor southern state isn’t exactly known for being a healthcare thought leader.  As it so happens, though, the state has actually succeeded where highfalutin’ health systems have failed.

Over one year, the state has managed to generate a 23% increase in health IT use among at-risk patients, and also, a 10.2% decrease in non-emergent use of emergency departments by Medicaid managed care organization members, thank you very much.

So how did Louisiana’s top healthcare brass accomplish this feat? Among other things, they launched a HIE-enabled ED data registry, along with a direct-to-consumer patient engagement campaign. These efforts were done in partnership with the Louisiana Health Care Quality Forum, which developed statewide marketing plans for the effort (See John’s interview with the Louisiana Health Care Quality Forum for more details).

They must have created some snazzy marketing copy. As Healthcare IT News noted, between August 2015 and May 2016, patient portal use shot up 31%, consumer EHR awareness rose 23% and opt-in to the state’s HIE grew by 3%, Quality Forum marketer Jamie Martin told HIN.

Not only that, the number of patients asking for access to or copies of electronic health data increased by 12%, and the number of patients with current copies of their health information grew by 9%, Martin said.

This is great news for those who want to see patients buy in to the digital health paradigm. Though it’s hard to tell whether the state will be able to maintain the benefits it gained in its initial effort, it clearly succeeded in getting a substantial number of patients to rethink how they manage their care.

But (and I’m sorry to be a bit of a Debbie Downer), I was a bit disappointed when I saw none of the gains cited related to changing health behaviors, such as, say, an increase in diabetics getting retinal exams.

I know that I should probably be focused on the project’s commendable successes, and believe it or not, I do find them to be exciting. I’m just not sure that these kinds of metrics can be used as proxies for health improvement measures, and let’s face it, that’s what we need, right?

Apple App Store Toughens Guidelines For Health Apps

Posted on September 13, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

In a precedent-setting move, Apple has released new guidelines for its iOS App Store which impose new limitations on health and medical app developers.  iMedicalApps contributor Iltifat Husain, M.D., who wrote a piece about the changed standards, said they contain “the most stringent language I have ever seen Apple used for the health and medical category of apps.”

According to Husain, highlights from Apple’s new developer guidelines include:

  • A warning that if an app could possibly cause physical harm, Apple could reject it
  • A warning that apps which provide inaccurate data or information that could be used to diagnose or treat patients will get increased scrutiny
  • A reminder that apps which calculate drug dosage must come from the drug manufacturer, a hospital, university, health insurance company or other approved entity. In other words, independent developers cannot post a medical app for drug dosages themselves.
  • A ban on marijuana-related apps
  • A ban on apps that encourage people to place their iPhones under a mattress or pillow while charging (such as some sleep monitors)

Historically, Apple has been relatively lax about hosting potentially dangerous health apps, Husain says. For example, he notes that apps purporting to measure a consumer’s blood pressure by using the iPhone’s camera and microphone tend to be quite inaccurate in their measurements, but that Apple had not screened them out.  Now things have changed for the better, Husain writes. “Apps [like these] would not get through the screening review process under Apple’s new guidelines.”

Husain argues that the new guidelines are more important than the FDA’s recently-updated guidelines on health apps: “There is no way the FDA can regulate the hundreds of thousands of health and medical apps and the updates made to them,” Husain writes. “The screening process is what has to change.” And given Apple’s market footprint and influencer status it’s hard to disagree with him.

At this point the question is whether Google will follow suit. After all, while the Apple app store hosted 2 million apps as of June, Google Play offered 2.2 million apps, according to one study, and as of February there were three Android users for every iPhone user. So If Google doesn’t put more stringent health app requirements in place as well, creators of dodgy health apps can still develop for Android and find a wide audience.

That being said, neither Google nor Apple are required to impose new restrictions on health apps, and are likely to be governed by commercial pressure more than medical appropriateness. Also, both parties are free to set any rules they choose, and uses might not be aware of important differences between the two sets of policies. In other words, if the goal is to protect consumers, relying on guidelines generated by app store hosts probably won’t fly over the long-term.

I’m not necessarily suggesting that the FDA or other regulatory body should come down on the app stores like a ton of bricks. That would be overkill, and as Husain notes, is probably beyond their capabilities.

But doctors in the know about apps might want to warn patients about their potential limitations, and offer some criteria as to what they can expect from health apps. After all, most consumers have experimented with one health app of the other, so even if the doctor doesn’t prescribe them, patients need to be educated about their options. So if you’re a mobile health savvy clinician reading this, consider increasing patients on these issues.

Study: Health IT Costs $32K Per Doctor Each Year

Posted on September 9, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study by the Medical Group Management Association has concluded that that physician-owned multispecialty practices spent roughly $32,500 on health IT last year for each full-time doctor. This number has climbed dramatically over the past seven years, the group’s research finds.

To conduct the study, the MGMA surveyed more than 3,100 physician practices across the U.S. The expense number they generated includes equipment, staff, maintenance and other related costs, according to a press release issued by the group.

The cost of supporting physicians with IT services has climbed, in part, due to rising IT staffing expenses, which shot up 47% between 2009 and 2015. The current cost per physician for health IT support went up 40% during the same interval. The biggest jump in HIT costs for supporting physicians took place between 2010 and 2011, the period during which the HITECH Act was implemented.

Practices are also seeing lower levels of financial incentives to adopt EHRs as Meaningful Use is phased out. While changes under MACRA/MIPS could benefit practices, they aren’t likely to reward physicians directly for investments in health IT.

As MGMA sees it, this is bad news, particularly given that practices still have to keep investing in such infrastructure: “We remain concerned that far too much of a practice’s IT investment is tied directly to complying with the ever-increasing number of federal requirements, rather than to providing patient care,” the group said in a prepared statement. “Unless we see significant changes in the final rule, practice IT costs will continue to rise without a corresponding improvement in the care delivery process.”

But the MGMA’s own analysis offers at least a glimmer of hope that these investments weren’t in vain. For example, while it argues that growing investments in technologies haven’t resulted in greater administrative efficiencies (or better care) for practices, it also notes that more than 50% of responders to a recent MGMA Stat poll reported that their patients could request or make appointments via their practice’s patient portal.

While there doesn’t seem to be any hard and fast evidence that portals improve patient care across the board, studies have emerged to suggest that portals support better outcomes, in areas such as medication adherence. (A Kaiser Permanente study from a couple of years ago, comparing statin adherence for those who chose online refills as their only method of getting the med with those who didn’t, found that those getting refills online saw nonadherence drop 6%.)

Just as importantly – in my view at least – I frequently hear accounts of individual practices which saw the volume of incoming calls drop dramatically. While that may not correlate directly to better patient care, it can’t hurt when patients are engaged enough to manage the petty details of their care on their own. Also, if the volume of phone requests for administrative support falls enough, a practice may be able to cut back on clerical staff and put the money towards say, a nurse case manager for coordination.

I’m not suggesting that every health IT investment practices have made will turn to fulfill its promise. EHRs, in particular, are difficult to look at as a whole and classify as a success across the board. I am, however, arguing that the MGMA has more reason for optimism than its leaders would publicly admit.

Switching EHRs, The Trends And What To Consider

Posted on September 8, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest blog post by Winyen Wu, Technology and Health Trend Blogger and Enthusiast at Stericycle Communication Solutions as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter: @StericycleComms
Winyen Wu - Stericycle
In recent years, there has been a trend in providers switching Electronic Health Record (EHR) systems: according to Software Advice, the number of buyers replacing EHR software has increased 59% since 2014. In a survey by KLAS, 27% of medical practices are looking to replace their EHR while another 12% would like to but cannot due to financial or organizational constraints. By 2016, almost 50% of large hospitals will replace their current EHR. This indicates that the current EHR products on the market are not meeting the needs of physicians.

What are the reasons for switching EHRs?

  • Complexity and poor usability: Many physicians find that it takes too many clicks to find the screen that they need, or that it is too time consuming to fill out all the checkboxes and forms required
  • Poor technical support: Some physicians may be experiencing unresponsive or low quality support from their EHR vendor
  • Consolidation of multiple EHRs: After consolidating practices, an organization will choose to use only one EHR as opposed to having multiple systems in place
  • Outgrowing functionality or inadequate systems: Some current EHRs may meet stage 1 criteria for meaningful use, but will not meet stage 2 criteria, which demand more from an EHR system.

Which companies are gaining and losing customers?

  • Epic and Cerner are the top programs in terms of functionality according to a survey by KLAS; cloud-based programs Athenahealth and eClinicalWorks are also popular
  • Companies that are getting replaced include GE Healthcare, Allscripts, NextGen Healthcare, and McKesson; 40-50% of their customers reported potential plans to move

What are providers looking for in choosing an EHR?

  • Ability to meet Meaningful Use standards/criteria: In September 2013, 861 EHR vendors met stage 1 requirements of meaningful use while only 512 met stage 2 criteria for certification, according to the US Department of Health and Human Services. Because stage 2 criteria for meaningful is more demanding, EHRs systems are required to have more sophisticated analytics, standardization, and linkages with patient portals.
  • Interoperability: able to integrate workflows and exchange information with other products
  • Company reliability: Physicians are looking for vendors who are likely to be around in 20 years. Potential buyers may be deterred from switching to a company if there are factors like an impending merger/acquisition, senior management issues, declining market share, or internal staff system training issues.

Is it worth it?
In a survey conducted by Family Practice Management of physicians who switched EHRs since 2010, 59% said their new EHRs had added functionality, and 57% said that their new system allowed them to meet meaningful use criteria, but 43% said they were glad they switched systems and only 39% were happy with their new EHR.

5 Things to consider when planning to switch EHRs

  1. Certifications and Compliance: Do your research. Does your new vendor have customers who have achieved the level of certification your organization hopes to achieve? Does this new vendor continually invest in the system to make updates with changing regulations?
  2. Customer Service: Don’t be shy. Ask to speak to at least 3 current customers in your specialty and around your size. Ask the tough questions regarding level of service the vendor provides.
  3. Interoperability: Don’t be left unconnected. Ensure your new vendor is committed to interoperability and has concreate examples of integration with other EHR vendors and lab services.
  4. Reliability and Longevity: Don’t be left out to dry. Do digging into the vendor’s financials, leadership changes and staffing updates. If they appear to be slimming down and not growing this is a sign that this product is not a main focus of the company and could be phased out or sold.
  5. Integration with Current Services: Don’t wait until it’s too late. Reach out to your current providers (like appointment reminders) and ensure they integrate with your new system and set up a plan for integrating the two well in advance.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality telephone answering, appointment scheduling, and automated communication services. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media:  @StericycleComms

ONC’s Interoperability Standards Advisory Twitter Chat Summary

Posted on September 2, 2016 I Written By

The following is a guest blog post by Steve Sisko (@ShimCode and www.shimcode.com).

Yesterday the Office of the National Coordinator for Health Information Technology (ONC) hosted an open chat to discuss their DRAFT 2017 Interoperability Standards Advisory (ISA) artifacts.  The chat was moderated by Steven Posnak, Director, Office of Standards and Technology at Office of the National Coordinator for Health Information and used the #ISAchat hashtag under the @HealthIT_Policy account. The @ONC_HealthIT Twitter account also weighed in.

It was encouraging to see that the ONC hosted a tweetchat to share information and solicit feedback and questions from interested parties. After a little bit of a rough start and clarification of the objectives of the chat, the pace of interactions increased and some good information and ideas were exchanged. In addition, some questions were raised; some of which were answered by Steven Posnak and some of which were not addressed.

What’s This All About?

This post summarizes all of the tweets from the #ISAchat. I’ve organized the tweets as best as I could and I’ve excluded re-tweets and most ‘salutatory’ and ‘thank you’ tweets.

Note: The @hitechanswers  account shared a partial summary of the #ISAchat on 8/31/16 but it included less than half of the tweets shared in this post. So you’re getting the complete scoop here.

Topic 1: Tell us about the ISA (Interoperability Standards Advisory)
Account Tweet Time
@gratefull080504 Question: What is the objective of #ISAchat?   12:04:35
@onc_healthit To spread the word and help people better understand what the ISA is about 12:05:00
@gratefull080504 Question: What are today’s objectives, please? 12:08:43
@onc_healthit Our objective is to educate interested parties. Answer questions & hear from the creators 12:11:02
@johnklimek “What’s this I hear about interoperability?” 12:12:00
@cperezmha What is #PPDX? What is #HIE? What is interoperability? What is interface? #providers need to know the differences. Most do not. 12:14:41
@techguy Who is the target audience for these documents? 12:44:06
@healthit_policy HITdevs, CIOs, start-ups, fed/state gov’t prog admins. Those that have a need to align standards 4 use #ISAchat 12:46:18
@ahier No one should have to use proprietary standards to connect to public data #ISAchat 12:46:19
@shimcode Reference Materials on ISA
Ok then, here’s the “2016 Interoperability Standards Advisory” https://t.co/5QkmV3Yc6w
12:07:19
@shimcode And here’s “Draft 2017 Interoperability Standards Advisory” https://t.co/TUFidMXk0j 12:07:38
@stephenkonya #ICYMI Here’s the link to the @ONC_HealthIT 2017 DRAFT Interoperability Standards Advisory (ISA): https://t.co/VTqdZHUjBW 12:10:57
@techguy Question: Do you have a good summary blog post that summarizes what’s available in the ISA? 12:52:15
@onc_healthit We do! https://t.co/vVW6BM5TFW Authored by @HealthIT_Policy and Chris Muir – both of whom are in the room for #ISAchat 12:53:15
@healthit_policy Good? – The ISA can help folks better understand what standards are being implemented & at what level 12:06:29
@healthit_policy Getting more detailed compared to prior versions due largely to HITSC & public comments 12:29:48
@healthit_policy More work this fall on our side to make that come to fruition. In future, we’re aiming for a “standards wikipedia” approach 12:33:03
@survivorshipit It would be particularly helpful to include cited full documents to facilitate patient, consumer participation 12:40:22
@davisjamie77 Seeing lots of references to plans to “explore inclusion” of certain data. Will progress updates be provided? 12:50:00
@healthit_policy 1/ Our next milestone will be release of final 2017 ISA in Dec. That will rep’snt full transition to web 12:51:15
@healthit_policy 2/ after that future ISA will be updated more regularly & hopefully with stakeholder involved curation 12:52:21
@bjrstn Topic:  How does the ISA link to the Interoperability Roadmap? 12:51:38
@cnsicorp How will #ISA impact Nationwide Interoperability Roadmap & already established priorities? 12:10:49
@healthit_policy ISA was 1st major deliverable concurrent w/ Roadmap. Will continue to b strong/underlying support to work 12:13:49
@healthit_policy ISA is 1 part of tech & policy section of Roadmap. Helps add transparency & provides common landscape 12:53:55
@healthit_policy Exciting thing for me is the initiated transition from PDF to a web-based/interactive experience w/ ISA 12:30:51
@onc_healthit Web-based version of the ISA can be found here: https://t.co/F6KtFMjNA1 We welcome comments! 12:32:04
@techguy Little <HSML> From a Participant on the Ease of Consuming ISA Artifacts
So easy to consume!
12:40:57
@healthit_policy If I knew you better I’d sense some sarcasm :) that said, working on better nav approaches too 12:43:36
@techguy You know me well. It’s kind of like the challenge of EHRs. You can only make it so usable given the reqs. 12:45:36
@shimcode I think John forgot to enclose his tweet with <HSML> tags (Hyper Sarcasm Markup Language) 12:46:48
@ahier Don ‘t Use My Toothbrush!
OH (Overheard) at conference “Standards are like toothbrushes, everyone has one and no one wants to use yours”
13:15:43
Topic 2: What makes this ISA different than the previous drafts you have issued?
Account Tweet Time
@cnsicorp #Interoperability for rural communities priority 12:32:40
@healthit_policy Rural, underserved, LTPAC and other pieces of the interoperability puzzle all important #ISAchat 12:35:33
@cnsicorp “more efficient, closer to real-time updates and comments…, hyperlinks to projects…” 12:47:15
@shimcode Question: So you’re not providing any guidance on the implementation of interoperability standards? Hmm… 12:21:10
@gratefull080504 Question: Are implementation pilots planned? 12:22:51
@healthit_policy ISA reflects what’s out there, being used & worked on. Pointer to other resources, especially into future #ISAchat 12:24:10
@ahier The future is here it’s just not evenly distributed (yet) #ISAchat 12:25:15
@healthit_policy Yes, we put out 2 FOAs for High Impact Pilots & Standards Exploration Awards 12:25:56
@healthit_policy HHS Announces $1.5 Million in Funding Opportunities to Advance Common Health Data Standards. Info here: https://t.co/QLo05LfsLw
Topic 3: If you had to pick one of your favorite parts of the ISA, what would it be?
Account Tweet Time
@shimcode The “Responses to Comments Requiring Additional Consideration” section. Helps me understand ONC’s thinking. 12:45:32
@healthit_policy Our aim is to help convey forward trajectory for ISA, as we shift to web, will be easier/efficient engagement 12:47:47
@healthit_policy Depends on sections. Some, like #FHIR, @LOINC, SNOMED-CT are pointed to a bunch. 12:49:15
@gratefull080504 Question: What can patients do to support the objectives of #ISAchat ? 12:07:02
@gratefull080504 Question: Isn’t #ISAChat for patients? Don’t set low expectations for patients 12:10:44
@gratefull080504 I am a patient + I suffer the consequences of lack of #interoperability 12:12:26
@healthit_policy Certainly want that perspective, would love thoughts on how to get more feedback from patients on ISA 12:12:35
@gratefull080504 What about patients? 12:13:03
@gratefull080504 First step is to ensure they have been invited. I am happy to help you after this chat 12:13:57
@survivorshipit Think partly to do w/cascade of knowledge–>as pts know more about tech, better able to advocate 12:15:21
@healthit_policy Open door, numerous oppty for comment, and representation on advisory committees. #MoreTheMerrier 12:15:52
@gratefull080504 I am currently on @ONC_HealthIT Consumer Advisory Task Force Happy to contribute further 12:17:08
@healthit_policy 1 / The ISA is technical in nature, & we haven’t gotten any comments on ISA before from patient groups 12:08:54
@healthit_policy 2/ but as we look to pt generated health data & other examples of bi-directional interop, we’d like to represent those uses in ISA 12:09:51
@resultant TYVM all! Trying to learn all i can about #interoperability & why we’re not making progress patients expect 13:09:22
@shimcode Question: Are use cases being developed in parallel with the Interoperability Standards? 12:13:28
@shimcode Value of standards don’t lie in level of adoption of std as a whole, but rather in implementation for a particular use case. 12:16:33
@healthit_policy We are trying to represent broader uses at this point in the “interoperability need” framing in ISA 12:18:58
@healthit_policy 2/ would be great into the future to have more detailed use case -> interop standards in the ISA with details 12:19:49
@healthit_policy Indeed, royal we will learn a lot from “doing” 12:20:40
@shimcode IHE Profiles provide a common language to discuss integration needs of healthcare sites and… Info here: https://t.co/iBt2m8F9Ob 12:29:12
@techguy I’d love to see them take 1 section (say allergies) and translate where we’d see the standards in the wild. 12:59:04
@techguy Or some example use cases where people want to implement a standard and how to use ISA to guide it. 13:00:38
@healthit_policy Check out links now in ISA to the Interop Proving Ground – projects using #ISAchat standards. Info here: https://t.co/Co1l1hau3B 13:02:54
@healthit_policy Thx for feedback, agree on need to translate from ISA to people seeing standards implemented in real life 13:01:08
@healthit_policy Commenting on ISA Artifacts
We want to make the #ISA more accessible, available, and update-able to be more current compared to 1x/yr publication
12:34:22
@cperezmha #interoperability lowers cost and shows better outcomes changing the culture of healthcare to be tech savvy is key 12:35:10
@healthit_policy One new feature we want to add to web ISA is citation ability to help document what’s happ’n with standards 12:37:12
@shimcode A “discussion forum” mechanism where individual aspects can be discussed & rated would be good. 12:39:53
@healthit_policy Good feedback. We’re looking at that kind of approach as an option. ISA will hopefully prompt debate 12:40:50
@shimcode Having to scroll through all those PDF’s and then open them 1 by 1 only to have to scroll some more is VERY inefficient. 12:41:25
@shimcode Well, I wouldn’t look/think too long about it. Adding that capability is ‘cheap’ & can make it way easier on all. 12:43:48
@shimcode Question: What Can Be Learned About Interoperability from the Private Sector?
Maybe @ONC_HealthIT can get input from Apple’s latest #healthIT purchase/Gliimpse? What do they know of interoperability?
12:19:13
@healthit_policy > interest from big tech cos and more mainstream awareness is good + more innovation Apple iOS has CCDA sprt 12:22:59
@drewivan Testing & Tools
I haven’t had time to count, but does anyone know approximately how many different standards are included in the document?
12:47:29
@healthit_policy Don’t know stat off had, but we do identify and provide links for test tools as available. 12:56:31
@drewivan And what percentage of them have test tools available? 12:54:38
@shimcode According to the 2017 ISA stds just released, a tiny fraction of them have test tools. See here: https://t.co/Jbw7flDuTg 12:58:02
@shimcode I take back “tiny faction” comment on test tools. I count 92 don’t have test tools, 46 do. No assessment of tool quality though. 13:08:31
@healthit_policy Testing def an area for pub-private improvement, would love to see # increase, with freely available too 12:59:10
@techguy A topic near and dear to @interopguy’s heart! 12:59:54
@resultant Perhaps we could replace a couple days of HIMSS one year with #interoperability testing? #OutsideBox 13:02:30
 
Walk on Topic: Promotion of ISA (Thank you @cperezmha)
What can HIE clinics do to help other non-users get on board? Is there a certain resource we should point them too to implement?
Account Tweet Time
@davisjamie77 Liking the idea of an interactive resource library. How will you promote it to grow use? 12:35:57
@healthit_policy A tweetchat of course! ;) Also web ISA now linking to projects in the Interoperability Proving Ground 12:39:04
@davisjamie77 Lol! Of course! Just seeing if RECs, HIEs, other #HIT programs might help promote. 12:40:44
@healthit_policy Exactly… opportunities to use existing relationships and comm channels ONC has to spread the word 12:41:28
@stephenkonya Question: How can we better align public vs private #healthcare delivery systems through #interoperability standards? 12:42:23
Miscellaneous Feedback from Participants
Account Tweet Time
@ahier Restful APIs & using JSON and other modern technologies 12:54:03
@waynekubick Wayne Kubick joining from #HL7 anxious to hear how #FHIR and #CCDA can help further advance #interoperability. 12:11:30
@resultant We all do! The great fail of #MU was that we spent $38B and did not get #interoperability 12:14:21
@waynekubick SMART on #FHIR can help patients access and gain insights from their own health data — and share it with care providers. 12:17:44
@resultant I think throwing money at it is the only solution… IMHO providers are not going to move to do it on their own… 12:20:44
@shimcode @Search_E_O your automatic RT’s of the #ISAChat tweets are just clouding up the stream. Why? smh 12:08:30
@ahier
Do you see #blockchain making it into future ISA
12:28:02
@healthit_policy Phew… toughy. lots of potential directions for it. Going to segue my response into T2 12:28:58
@hitpol #blockchain for healthcare! ➡ @ONC_HealthIT blockchain challenge. Info here: https://t.co/vG60qRAqqa 12:31:33
@healthit_policy That’s All Folks!
Thank you everyone for joining our #ISAchat! Don’t forget to leave comments.
PDF version

 
About Steve Sisko
Steve Sisko has over 20 years of experience in the healthcare industry and is a consultant focused on healthcare data, technology and services – mainly for health plans, payers and risk-bearing providers. Steve is known as @ShimCode on Twitter and runs a blog at www.shimcode.com. You can learn more about Steve at his LinkedIn page and he can be contacted at shimcode@gmail.com.