Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Study: Health IT Costs $32K Per Doctor Each Year

Posted on September 9, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

A new study by the Medical Group Management Association has concluded that that physician-owned multispecialty practices spent roughly $32,500 on health IT last year for each full-time doctor. This number has climbed dramatically over the past seven years, the group’s research finds.

To conduct the study, the MGMA surveyed more than 3,100 physician practices across the U.S. The expense number they generated includes equipment, staff, maintenance and other related costs, according to a press release issued by the group.

The cost of supporting physicians with IT services has climbed, in part, due to rising IT staffing expenses, which shot up 47% between 2009 and 2015. The current cost per physician for health IT support went up 40% during the same interval. The biggest jump in HIT costs for supporting physicians took place between 2010 and 2011, the period during which the HITECH Act was implemented.

Practices are also seeing lower levels of financial incentives to adopt EHRs as Meaningful Use is phased out. While changes under MACRA/MIPS could benefit practices, they aren’t likely to reward physicians directly for investments in health IT.

As MGMA sees it, this is bad news, particularly given that practices still have to keep investing in such infrastructure: “We remain concerned that far too much of a practice’s IT investment is tied directly to complying with the ever-increasing number of federal requirements, rather than to providing patient care,” the group said in a prepared statement. “Unless we see significant changes in the final rule, practice IT costs will continue to rise without a corresponding improvement in the care delivery process.”

But the MGMA’s own analysis offers at least a glimmer of hope that these investments weren’t in vain. For example, while it argues that growing investments in technologies haven’t resulted in greater administrative efficiencies (or better care) for practices, it also notes that more than 50% of responders to a recent MGMA Stat poll reported that their patients could request or make appointments via their practice’s patient portal.

While there doesn’t seem to be any hard and fast evidence that portals improve patient care across the board, studies have emerged to suggest that portals support better outcomes, in areas such as medication adherence. (A Kaiser Permanente study from a couple of years ago, comparing statin adherence for those who chose online refills as their only method of getting the med with those who didn’t, found that those getting refills online saw nonadherence drop 6%.)

Just as importantly – in my view at least – I frequently hear accounts of individual practices which saw the volume of incoming calls drop dramatically. While that may not correlate directly to better patient care, it can’t hurt when patients are engaged enough to manage the petty details of their care on their own. Also, if the volume of phone requests for administrative support falls enough, a practice may be able to cut back on clerical staff and put the money towards say, a nurse case manager for coordination.

I’m not suggesting that every health IT investment practices have made will turn to fulfill its promise. EHRs, in particular, are difficult to look at as a whole and classify as a success across the board. I am, however, arguing that the MGMA has more reason for optimism than its leaders would publicly admit.

Switching EHRs, The Trends And What To Consider

Posted on September 8, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest blog post by Winyen Wu, Technology and Health Trend Blogger and Enthusiast at Stericycle Communication Solutions as part of the Communication Solutions Series of blog posts. Follow and engage with them on Twitter: @StericycleComms
Winyen Wu - Stericycle
In recent years, there has been a trend in providers switching Electronic Health Record (EHR) systems: according to Software Advice, the number of buyers replacing EHR software has increased 59% since 2014. In a survey by KLAS, 27% of medical practices are looking to replace their EHR while another 12% would like to but cannot due to financial or organizational constraints. By 2016, almost 50% of large hospitals will replace their current EHR. This indicates that the current EHR products on the market are not meeting the needs of physicians.

What are the reasons for switching EHRs?

  • Complexity and poor usability: Many physicians find that it takes too many clicks to find the screen that they need, or that it is too time consuming to fill out all the checkboxes and forms required
  • Poor technical support: Some physicians may be experiencing unresponsive or low quality support from their EHR vendor
  • Consolidation of multiple EHRs: After consolidating practices, an organization will choose to use only one EHR as opposed to having multiple systems in place
  • Outgrowing functionality or inadequate systems: Some current EHRs may meet stage 1 criteria for meaningful use, but will not meet stage 2 criteria, which demand more from an EHR system.

Which companies are gaining and losing customers?

  • Epic and Cerner are the top programs in terms of functionality according to a survey by KLAS; cloud-based programs Athenahealth and eClinicalWorks are also popular
  • Companies that are getting replaced include GE Healthcare, Allscripts, NextGen Healthcare, and McKesson; 40-50% of their customers reported potential plans to move

What are providers looking for in choosing an EHR?

  • Ability to meet Meaningful Use standards/criteria: In September 2013, 861 EHR vendors met stage 1 requirements of meaningful use while only 512 met stage 2 criteria for certification, according to the US Department of Health and Human Services. Because stage 2 criteria for meaningful is more demanding, EHRs systems are required to have more sophisticated analytics, standardization, and linkages with patient portals.
  • Interoperability: able to integrate workflows and exchange information with other products
  • Company reliability: Physicians are looking for vendors who are likely to be around in 20 years. Potential buyers may be deterred from switching to a company if there are factors like an impending merger/acquisition, senior management issues, declining market share, or internal staff system training issues.

Is it worth it?
In a survey conducted by Family Practice Management of physicians who switched EHRs since 2010, 59% said their new EHRs had added functionality, and 57% said that their new system allowed them to meet meaningful use criteria, but 43% said they were glad they switched systems and only 39% were happy with their new EHR.

5 Things to consider when planning to switch EHRs

  1. Certifications and Compliance: Do your research. Does your new vendor have customers who have achieved the level of certification your organization hopes to achieve? Does this new vendor continually invest in the system to make updates with changing regulations?
  2. Customer Service: Don’t be shy. Ask to speak to at least 3 current customers in your specialty and around your size. Ask the tough questions regarding level of service the vendor provides.
  3. Interoperability: Don’t be left unconnected. Ensure your new vendor is committed to interoperability and has concreate examples of integration with other EHR vendors and lab services.
  4. Reliability and Longevity: Don’t be left out to dry. Do digging into the vendor’s financials, leadership changes and staffing updates. If they appear to be slimming down and not growing this is a sign that this product is not a main focus of the company and could be phased out or sold.
  5. Integration with Current Services: Don’t wait until it’s too late. Reach out to your current providers (like appointment reminders) and ensure they integrate with your new system and set up a plan for integrating the two well in advance.

The Communication Solutions Series of blog posts is sponsored by Stericycle Communication Solutions, a leading provider of high quality telephone answering, appointment scheduling, and automated communication services. Stericycle Communication Solutions combines a human touch with innovative technology to deliver best-in-class communication services.  Connect with Stericycle Communication Solutions on social media:  @StericycleComms

A Consulting Firm Attempts a Transition to Open Source Health Software (Part 2 of 2)

Posted on September 7, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous section of this article covered the history of HLN’s open source offerings. How can it benefit from this far-thinking practice to build a sustainable business?

The obvious place to turn for funding is the Centers for Disease Control, which lies behind many of the contracts signed by public health agencies. One way or another, a public health agency has to step up and pay for development. This practice is called custom-developed code in the open source policy memorandum of the federal Office of Management and Budget (p. 14 of the PDF).

The free rider problem is acute in health care. In particular, the problems faced by a now-defunct organization, Open Health Tools, were covered in another article of mine. I examined why the potential users of the software felt little inclination to pay for its development.

The best hope for sustaining HLN as an open source vendor is the customization model: when an agency needs a new feature or a customized clinical decision support rule, it contracts with HLN to develop it. Naturally, the agency could contract with anyone it wants to upgrade open source software, but HLN would be the first place to look because they are familiar with software they built originally.

Other popular models include offering support as a paid service, and building proprietary tools on top of the basic open source version (“open core”). The temptation to skim off the cream of the product and profit by it is so compelling that one of the most vocal stalwarts of the open source process, MariaDB (based on the popular MySQL database) recently broke radically from its tradition and announced a proprietary license for its primary distinguishing extension.

Support has never scaled as a business model; it’s very labor-intensive. Furthermore, it might have made sense to offer support decades ago when each piece of software posed unique integration problems. But if you create good, modern interfaces–as Arzt claims to do–you use standards that are familiar and require little guidance.

The “open core” model has also proven historically to be a weak business model. Those that use it may stay afloat, but they don’t grow the way popular open source software such as Linux or Python do. The usual explanation for this is that users don’t find the open part of the software useful enough on its own, and don’t want to contribute to it because they feel they are just helping a company build its proprietary business.

Wonks to the Rescue
It may be that Arzt–and others who want to emulate his model in health care–have to foster a policy change in governments. This is certainly starting to happen, as seen in a series of policy announcements by the US government regarding open source software. But this is a long road, and direction could easily be reversed or allowed to falter. We have already seen false starts to open source software in various Latin American governments–the decade of the 2000s saw many flowery promises these, but hardly any follow-through.

I don’t like to be cynical, but hope may lie in the crushing failures of proprietary vendors to produce usable and accurate software for health care settings. The EHR Incentive Programs under Meaningful Use poured about 28 billion dollars into moving clinicians onto electronic records, almost all of it spent on proprietary products (of course, there were also administration costs for things such as Regional Extension Centers), with little to show in quality improvements or data exchange. The government’s open source initiatives, CONNECT and Direct, got lost in the muddle of non-functional proprietary EHRs.

So the health care industry will have to try something radically new, and the institutions willing to be innovate have their fingers on the pulse of cutting-edge trends. This includes open source software. HLN may be able to ride a coming wave.

A Consulting Firm Attempts a Transition to Open Source Health Software (Part 1 of 2)

Posted on September 6, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

Open source is increasingly understood to be the future of software, because communities working together on shared needs can produce code that is at least as good as proprietary products, while representing user interests more effectively and interoperating without friction. But running an open source project is a complex task, and keeping a business going on it is absolutely perilous. In his 2001 book The Cathedral & the Bazaar, Eric S. Raymond listed half a dozen ways for businesses to profit on open source software, but today only one or two are visible in the field (and they differ from his list).

An Enduring Commitment
Noam H Arzt, president and founder of HLN Consulting, is trying to make the leap. After getting his PhD from the University of Pennsylvania and working there in various computer-related positions for 20 years, he got the health care bug–like many readers of this article–and decided to devote his career to software for public health. He first encountered the field while working on a public health project among the famous “hot spotters” of depressed Camden, New Jersey, and was inspired by the accomplishments of people in a bad area with minimal resources. Many of his company’s later projects come from the Department of Health and Mental Hygiene in New York City.

Founded in 1997, HLN Consulting has released code under an open source license for some time. It makes sense, because its clients have no reason to compete with anybody, because IT plays a crucial role in public health, and because the needs of different public health agencies overlap a great deal. Furthermore, they’re all strapped for funds. So Arzt tells me that the agency leadership is usually enthusiastic about making the software open source. It just may take a few months to persuade the agency’s lawyers, who are clueless about open source licenses, to put one in the contract.

A few agencies outside of HLN’s clients have picked up the software, though–particularly as the developers adopt modern software practices such as more modular systems and a service-oriented architecture using open, published APIs–but none have yet contributed anything back.

HLN did, however, rack up a recent win over the Immunization Calculation Engine (ICE), software that calculates and alerts clinicians about the vaccinations patients need. The software is normally used by immunization registries that serve states or large municipalities. But eClinicalWorks has also incorporated ICE into its EHR. And the Veterans Health Administration (VHA) chose ICE this year to integrate with its renowned VistA health record. HLN has invested a fair amount of its own time into preparing ICE for integration. Arzt estimates that since HLN developed ICE for a client, the company has invested at least five person-years in upgrading the software, and has received no money directly for doing so. HLN hopes to generate revenue from assisting organizations in configuring and using ICE and its clinical decision support rules, and a new support contract with VHA is the first big step.

Can You Get There From Here?
Arzt is trying now to build on the success of ICE and make a transition from a consulting firm to an open source software firm. A consulting firm typically creates products for a single customer, and has “fight and claw for every contract,” in Arzt’s words. Maintaining a steady stream of work in such firms is always challenging. In contrast, successful open source software is widely used, and the work put into the software by each contributor is repaid by all the contributions made by others. There is no doubt that HLN is developing products with broad applicability. It all makes economic sense–except that somebody actually has to foot the bill. We’ll look at possibilities in the next section of this article.

Happy Labor Day!

Posted on September 5, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Labor Day in Healthcare

A big shout out to all those who labor hard and do amazing things in healthcare. Particularly those who are stuck working on Labor Day to make sure patients get the care they need. Happy Labor Day!

ONC’s Interoperability Standards Advisory Twitter Chat Summary

Posted on September 2, 2016 I Written By

The following is a guest blog post by Steve Sisko (@ShimCode and www.shimcode.com).

Yesterday the Office of the National Coordinator for Health Information Technology (ONC) hosted an open chat to discuss their DRAFT 2017 Interoperability Standards Advisory (ISA) artifacts.  The chat was moderated by Steven Posnak, Director, Office of Standards and Technology at Office of the National Coordinator for Health Information and used the #ISAchat hashtag under the @HealthIT_Policy account. The @ONC_HealthIT Twitter account also weighed in.

It was encouraging to see that the ONC hosted a tweetchat to share information and solicit feedback and questions from interested parties. After a little bit of a rough start and clarification of the objectives of the chat, the pace of interactions increased and some good information and ideas were exchanged. In addition, some questions were raised; some of which were answered by Steven Posnak and some of which were not addressed.

What’s This All About?

This post summarizes all of the tweets from the #ISAchat. I’ve organized the tweets as best as I could and I’ve excluded re-tweets and most ‘salutatory’ and ‘thank you’ tweets.

Note: The @hitechanswers  account shared a partial summary of the #ISAchat on 8/31/16 but it included less than half of the tweets shared in this post. So you’re getting the complete scoop here.

Topic 1: Tell us about the ISA (Interoperability Standards Advisory)
Account Tweet Time
@gratefull080504 Question: What is the objective of #ISAchat?   12:04:35
@onc_healthit To spread the word and help people better understand what the ISA is about 12:05:00
@gratefull080504 Question: What are today’s objectives, please? 12:08:43
@onc_healthit Our objective is to educate interested parties. Answer questions & hear from the creators 12:11:02
@johnklimek “What’s this I hear about interoperability?” 12:12:00
@cperezmha What is #PPDX? What is #HIE? What is interoperability? What is interface? #providers need to know the differences. Most do not. 12:14:41
@techguy Who is the target audience for these documents? 12:44:06
@healthit_policy HITdevs, CIOs, start-ups, fed/state gov’t prog admins. Those that have a need to align standards 4 use #ISAchat 12:46:18
@ahier No one should have to use proprietary standards to connect to public data #ISAchat 12:46:19
@shimcode Reference Materials on ISA
Ok then, here’s the “2016 Interoperability Standards Advisory” https://t.co/5QkmV3Yc6w
12:07:19
@shimcode And here’s “Draft 2017 Interoperability Standards Advisory” https://t.co/TUFidMXk0j 12:07:38
@stephenkonya #ICYMI Here’s the link to the @ONC_HealthIT 2017 DRAFT Interoperability Standards Advisory (ISA): https://t.co/VTqdZHUjBW 12:10:57
@techguy Question: Do you have a good summary blog post that summarizes what’s available in the ISA? 12:52:15
@onc_healthit We do! https://t.co/vVW6BM5TFW Authored by @HealthIT_Policy and Chris Muir – both of whom are in the room for #ISAchat 12:53:15
@healthit_policy Good? – The ISA can help folks better understand what standards are being implemented & at what level 12:06:29
@healthit_policy Getting more detailed compared to prior versions due largely to HITSC & public comments 12:29:48
@healthit_policy More work this fall on our side to make that come to fruition. In future, we’re aiming for a “standards wikipedia” approach 12:33:03
@survivorshipit It would be particularly helpful to include cited full documents to facilitate patient, consumer participation 12:40:22
@davisjamie77 Seeing lots of references to plans to “explore inclusion” of certain data. Will progress updates be provided? 12:50:00
@healthit_policy 1/ Our next milestone will be release of final 2017 ISA in Dec. That will rep’snt full transition to web 12:51:15
@healthit_policy 2/ after that future ISA will be updated more regularly & hopefully with stakeholder involved curation 12:52:21
@bjrstn Topic:  How does the ISA link to the Interoperability Roadmap? 12:51:38
@cnsicorp How will #ISA impact Nationwide Interoperability Roadmap & already established priorities? 12:10:49
@healthit_policy ISA was 1st major deliverable concurrent w/ Roadmap. Will continue to b strong/underlying support to work 12:13:49
@healthit_policy ISA is 1 part of tech & policy section of Roadmap. Helps add transparency & provides common landscape 12:53:55
@healthit_policy Exciting thing for me is the initiated transition from PDF to a web-based/interactive experience w/ ISA 12:30:51
@onc_healthit Web-based version of the ISA can be found here: https://t.co/F6KtFMjNA1 We welcome comments! 12:32:04
@techguy Little <HSML> From a Participant on the Ease of Consuming ISA Artifacts
So easy to consume!
12:40:57
@healthit_policy If I knew you better I’d sense some sarcasm :) that said, working on better nav approaches too 12:43:36
@techguy You know me well. It’s kind of like the challenge of EHRs. You can only make it so usable given the reqs. 12:45:36
@shimcode I think John forgot to enclose his tweet with <HSML> tags (Hyper Sarcasm Markup Language) 12:46:48
@ahier Don ‘t Use My Toothbrush!
OH (Overheard) at conference “Standards are like toothbrushes, everyone has one and no one wants to use yours”
13:15:43
Topic 2: What makes this ISA different than the previous drafts you have issued?
Account Tweet Time
@cnsicorp #Interoperability for rural communities priority 12:32:40
@healthit_policy Rural, underserved, LTPAC and other pieces of the interoperability puzzle all important #ISAchat 12:35:33
@cnsicorp “more efficient, closer to real-time updates and comments…, hyperlinks to projects…” 12:47:15
@shimcode Question: So you’re not providing any guidance on the implementation of interoperability standards? Hmm… 12:21:10
@gratefull080504 Question: Are implementation pilots planned? 12:22:51
@healthit_policy ISA reflects what’s out there, being used & worked on. Pointer to other resources, especially into future #ISAchat 12:24:10
@ahier The future is here it’s just not evenly distributed (yet) #ISAchat 12:25:15
@healthit_policy Yes, we put out 2 FOAs for High Impact Pilots & Standards Exploration Awards 12:25:56
@healthit_policy HHS Announces $1.5 Million in Funding Opportunities to Advance Common Health Data Standards. Info here: https://t.co/QLo05LfsLw
Topic 3: If you had to pick one of your favorite parts of the ISA, what would it be?
Account Tweet Time
@shimcode The “Responses to Comments Requiring Additional Consideration” section. Helps me understand ONC’s thinking. 12:45:32
@healthit_policy Our aim is to help convey forward trajectory for ISA, as we shift to web, will be easier/efficient engagement 12:47:47
@healthit_policy Depends on sections. Some, like #FHIR, @LOINC, SNOMED-CT are pointed to a bunch. 12:49:15
@gratefull080504 Question: What can patients do to support the objectives of #ISAchat ? 12:07:02
@gratefull080504 Question: Isn’t #ISAChat for patients? Don’t set low expectations for patients 12:10:44
@gratefull080504 I am a patient + I suffer the consequences of lack of #interoperability 12:12:26
@healthit_policy Certainly want that perspective, would love thoughts on how to get more feedback from patients on ISA 12:12:35
@gratefull080504 What about patients? 12:13:03
@gratefull080504 First step is to ensure they have been invited. I am happy to help you after this chat 12:13:57
@survivorshipit Think partly to do w/cascade of knowledge–>as pts know more about tech, better able to advocate 12:15:21
@healthit_policy Open door, numerous oppty for comment, and representation on advisory committees. #MoreTheMerrier 12:15:52
@gratefull080504 I am currently on @ONC_HealthIT Consumer Advisory Task Force Happy to contribute further 12:17:08
@healthit_policy 1 / The ISA is technical in nature, & we haven’t gotten any comments on ISA before from patient groups 12:08:54
@healthit_policy 2/ but as we look to pt generated health data & other examples of bi-directional interop, we’d like to represent those uses in ISA 12:09:51
@resultant TYVM all! Trying to learn all i can about #interoperability & why we’re not making progress patients expect 13:09:22
@shimcode Question: Are use cases being developed in parallel with the Interoperability Standards? 12:13:28
@shimcode Value of standards don’t lie in level of adoption of std as a whole, but rather in implementation for a particular use case. 12:16:33
@healthit_policy We are trying to represent broader uses at this point in the “interoperability need” framing in ISA 12:18:58
@healthit_policy 2/ would be great into the future to have more detailed use case -> interop standards in the ISA with details 12:19:49
@healthit_policy Indeed, royal we will learn a lot from “doing” 12:20:40
@shimcode IHE Profiles provide a common language to discuss integration needs of healthcare sites and… Info here: https://t.co/iBt2m8F9Ob 12:29:12
@techguy I’d love to see them take 1 section (say allergies) and translate where we’d see the standards in the wild. 12:59:04
@techguy Or some example use cases where people want to implement a standard and how to use ISA to guide it. 13:00:38
@healthit_policy Check out links now in ISA to the Interop Proving Ground – projects using #ISAchat standards. Info here: https://t.co/Co1l1hau3B 13:02:54
@healthit_policy Thx for feedback, agree on need to translate from ISA to people seeing standards implemented in real life 13:01:08
@healthit_policy Commenting on ISA Artifacts
We want to make the #ISA more accessible, available, and update-able to be more current compared to 1x/yr publication
12:34:22
@cperezmha #interoperability lowers cost and shows better outcomes changing the culture of healthcare to be tech savvy is key 12:35:10
@healthit_policy One new feature we want to add to web ISA is citation ability to help document what’s happ’n with standards 12:37:12
@shimcode A “discussion forum” mechanism where individual aspects can be discussed & rated would be good. 12:39:53
@healthit_policy Good feedback. We’re looking at that kind of approach as an option. ISA will hopefully prompt debate 12:40:50
@shimcode Having to scroll through all those PDF’s and then open them 1 by 1 only to have to scroll some more is VERY inefficient. 12:41:25
@shimcode Well, I wouldn’t look/think too long about it. Adding that capability is ‘cheap’ & can make it way easier on all. 12:43:48
@shimcode Question: What Can Be Learned About Interoperability from the Private Sector?
Maybe @ONC_HealthIT can get input from Apple’s latest #healthIT purchase/Gliimpse? What do they know of interoperability?
12:19:13
@healthit_policy > interest from big tech cos and more mainstream awareness is good + more innovation Apple iOS has CCDA sprt 12:22:59
@drewivan Testing & Tools
I haven’t had time to count, but does anyone know approximately how many different standards are included in the document?
12:47:29
@healthit_policy Don’t know stat off had, but we do identify and provide links for test tools as available. 12:56:31
@drewivan And what percentage of them have test tools available? 12:54:38
@shimcode According to the 2017 ISA stds just released, a tiny fraction of them have test tools. See here: https://t.co/Jbw7flDuTg 12:58:02
@shimcode I take back “tiny faction” comment on test tools. I count 92 don’t have test tools, 46 do. No assessment of tool quality though. 13:08:31
@healthit_policy Testing def an area for pub-private improvement, would love to see # increase, with freely available too 12:59:10
@techguy A topic near and dear to @interopguy’s heart! 12:59:54
@resultant Perhaps we could replace a couple days of HIMSS one year with #interoperability testing? #OutsideBox 13:02:30
 
Walk on Topic: Promotion of ISA (Thank you @cperezmha)
What can HIE clinics do to help other non-users get on board? Is there a certain resource we should point them too to implement?
Account Tweet Time
@davisjamie77 Liking the idea of an interactive resource library. How will you promote it to grow use? 12:35:57
@healthit_policy A tweetchat of course! ;) Also web ISA now linking to projects in the Interoperability Proving Ground 12:39:04
@davisjamie77 Lol! Of course! Just seeing if RECs, HIEs, other #HIT programs might help promote. 12:40:44
@healthit_policy Exactly… opportunities to use existing relationships and comm channels ONC has to spread the word 12:41:28
@stephenkonya Question: How can we better align public vs private #healthcare delivery systems through #interoperability standards? 12:42:23
Miscellaneous Feedback from Participants
Account Tweet Time
@ahier Restful APIs & using JSON and other modern technologies 12:54:03
@waynekubick Wayne Kubick joining from #HL7 anxious to hear how #FHIR and #CCDA can help further advance #interoperability. 12:11:30
@resultant We all do! The great fail of #MU was that we spent $38B and did not get #interoperability 12:14:21
@waynekubick SMART on #FHIR can help patients access and gain insights from their own health data — and share it with care providers. 12:17:44
@resultant I think throwing money at it is the only solution… IMHO providers are not going to move to do it on their own… 12:20:44
@shimcode @Search_E_O your automatic RT’s of the #ISAChat tweets are just clouding up the stream. Why? smh 12:08:30
@ahier
Do you see #blockchain making it into future ISA
12:28:02
@healthit_policy Phew… toughy. lots of potential directions for it. Going to segue my response into T2 12:28:58
@hitpol #blockchain for healthcare! ➡ @ONC_HealthIT blockchain challenge. Info here: https://t.co/vG60qRAqqa 12:31:33
@healthit_policy That’s All Folks!
Thank you everyone for joining our #ISAchat! Don’t forget to leave comments.
PDF version

 
About Steve Sisko
Steve Sisko has over 20 years of experience in the healthcare industry and is a consultant focused on healthcare data, technology and services – mainly for health plans, payers and risk-bearing providers. Steve is known as @ShimCode on Twitter and runs a blog at www.shimcode.com. You can learn more about Steve at his LinkedIn page and he can be contacted at shimcode@gmail.com.

Electronic Prescribing Of Controlled Substances Rates Spiking

Posted on September 1, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Back in the day, say a decade ago or so, when e-prescribing itself was a new and big deal, the feds – especially the DEA – didn’t think much of the e-prescribing of controlled drugs like opiates. But a few years later the agency eventually came around. In June of 2010, it released a rule which allowed providers to issue such prescriptions nd pharmacies to receive, dispense and archive these scripts electronically nationwide.

Since then, electronic prescribing of controlled substances (EPCS) has taken off, according to a story in Search HealthIT. In fact, EPCS has been growing rapidly, particularly during 2015, according to national pharmacy IT network Surescripts.

Specifically, the number of ECPS transactions shot up 600% last year, from 1.67 million to 12.8 million scripts issued, according to Surescripts’ 2015 National Progress Report. Part of the reason for this surge is that providers are getting on board at a brisk pace. The number of providers enabled to use EPCS grew 359% last year.

Among the interesting stats to be culled from the Surescripts report is that 32% of drugs prescribed were opioids. This statistic should draw a lot of interest from public officials and enforcement agencies trying to stem the tide of opioid overdoses which killed more than 28,000 Americans in 2014. That’s four times as many who died of this cause in 2010, according to Surescripts’ sources.

A Drop in the Bucket

It’s worth noting that the number of EPCS transactions still pales in contrast to the number of transactions hosted on the Surescripts network that year. The network handled 9.7 billion transactions in 2015, up 40% from the previous year, the company reported. That means the EPCS is still a drop in the bucket overall.

Also, levels of EPCS-enabled pharmacies and physicians vary across the U.S. For example, 91% of pharmacies are EPCS-enabled in New York, the top state for such pharmacies. (A New York State rule requiring every practitioner in the state to e-prescribe all medications went into effect in March.) Other top-ranked states for pharmacy penetration included Massachusetts, California and Texas. On the other hand, only 73% of pharmacies were EPCS-enabled in Georgia and Florida.

Still, with adoption levels seemingly evening out between states – and the gap small enough to close over the next few years – it seems like EPCS is becoming an established practice. Surescripts contends that this is for the best, and argues that EPCS reduces fraud and improper prescribing by making it easier to track such medications. And with states like New York mandating e-prescribing for all providers, the growth in EPCS is likely to stay healthy.

However, for every action there’s a reaction, and the other shoe may not have dropped where EPCS risks are concerned. It may take a few years to find out whether the confidence some have in this approach was merited.

Are You Wasting your EHR Investment? – Breakaway Thinking

Posted on August 31, 2016 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest blog post by Heather Haugen, PhD, Managing Director and CEO at The Breakaway Group (A Xerox Company). Check out all of the blog posts in the Breakaway Thinking series.
Heather Haugen
Healthcare leaders and clinicians continue to be disappointed with the value Electronic Health Record (EHR) technology provides in their organizations today. The challenges are real, and it will take some time and effort to improve. The technology will continue to evolve at the pace we set as leaders, vendors and healthcare professionals.

When Free Is Expensive
Several years ago, a reputable IT vendor offered us free use of their software, which provided monitoring of equipment that would be valuable to us. Initially, we were excited; the functionality perfectly aligned with our needs, and the application was robust enough to grow with us. We had a need and the software fulfilled the need. We couldn’t wait to have access to the dashboard of data promised by the vendor.

Months after the implementation, we were still waiting. The “free” price tag was alluring, but we quickly recognized the actual maintenance costs and labor required to make the application truly valuable to our organization were far from free. This story drives home a concept that we all understand, but often overlook. Underestimating the “care and feeding” required to maintain a valuable investment puts the entire project at risk. We all need to remember the importance of sustainability even when we are initially excited about a new investment.

EHR systems are expensive and require tremendous resource investment, but the effort is ongoing and we need to plan accordingly.

The Key to Long Term Behavior Change
The difficulty of moving from implementing an EHR to maintaining high levels of adoption over the life of the application is strikingly similar to weight loss and weight management efforts. The percentage of overweight adults in the U.S. is staggering and continues to rise. Today, over 66 percent of adults in the United States are overweight and 59 percent of Americans are actively trying to lose weight. But the problem isn’t weight loss – it’s weight maintenance. Many of us have successfully lost weight, but can’t keep the weight off. As a matter of fact, we regain all the weight (and often more) within 3-5 years.

This isn’t a complex concept: dieting doesn’t incent long-term lifestyle change, thus we re-gain weight after we settle back into old habits. To be successful in the long-term, we need to practice weight management behaviors actively – for years, not months.

We’ve taken the dieting approach to implementing new software solutions in healthcare for too long. We prepare for a go-live event, but fall back into our comfortable old habits afterwards – resulting in work-arounds, regression to ineffective workflows, insufficient training for new users, poor communication and errors. The process of adoption requires a radically different discipline, and the real work begins at go-live.

Instead of checking the project off your to-do list after a successful implementation, you need to create a plan to sustain the changes. A sustainment plan addresses two critical areas:

  • It establishes how your organization will support the ongoing needs of the end users for the life of the application. This includes communication, education and maintenance of materials and resources.
  • It establishes how and when your organization will collect metrics to assess end user adoption and performance.

Lack of planning and execution in these two areas will lead to a slow and steady decline in end user adoption over time.

Effective sustainment plans require resources – time and money. Keep in mind that adoption is never static; it is either improving or degrading in the organization. A series of upgrades can quickly lead to decreased proficiency among end users, completely eroding the value of the application over time. Leadership must plan for the investment and fund it to achieve improved performance.

Most organizations only achieve modest adoption after a go-live event, and it takes relentless focus to achieve the levels of adoption needed to improve quality of care, patient safety and financial outcomes. Sustainment plans are most successful when they are part of the initial budgeting and planning stages for EHR.

Metrics Make the Difference
Metrics are the differentiating factor between a highly effective sustainment plan and one that is just mediocre. End user knowledge and confidence metrics serve as a barometer for their level of proficiency, providing the earliest indication of adoption. Ultimately, performance metrics are powerful indicators of whether end users are improving, maintaining or regressing in their adoption of the system. If we get an early warning that proficiency is slipping, we can react quickly to address the problem. These metrics ensure the organization is progressing toward high levels of adoption, overcoming barriers and gaining the efficiencies promised by EHR adoption. Metrics act just as the scale does in long-term weight management; they are the first indicator that we are falling back into old behaviors that are not consistent with sustainable adoption.

Metrics also keep us on track when performance does not meet expectations. Two potential scenarios in which the go-live event is successful but performance metrics fail to reach expectations help illustrate this idea. For instance, performance metrics could not be achieved because the system is not being utilized effectively. This may be due to inadequate training and therefore lower proficiency, or a problem with the actual performance by end users in the system. Measuring end user proficiency allows us to identify “pockets” of low proficiency among certain users or departments and make sure they receive the education needed. Once users are proficient, we can refocus our attention on the performance metrics.

A second scenario is less common but more difficult to diagnose. Users could be proficient, but specific performance metrics are still not meeting expectations. In this case, we need to analyze the specific metric. Are we asking the right question? Are we collecting the right data? Are we examining a very small change in a rare occurrence? There may also be a delay in achieving certain metrics, especially if the measurements are examining small changes. A normal delay can wreak havoc if we start throwing quick fixes at the problem. In this situation, staying the course and having confidence in the metrics will bring desired results.

Like sustained weight loss, EHR adoption is hard work.  Commit to a sustainment plan and a measurement strategy to ensure your EHR continues to provide the long-term value that was promised at go-live.

Xerox is a sponsor of the Breakaway Thinking series of blog posts. The Breakaway Group is a leader in EHR and Health IT training.

What Would a Patient-Centered Security Program Look Like? (Part 2 of 2)

Posted on August 30, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous part of this article laid down a basic premise that the purpose of security is to protect people, not computer systems or data. Let’s continue our exploration of internal threats.

Security Starts at Home

Before we talk about firewalls and anomaly detection for breaches, let’s ask why hospitals, pharmacies, insurers, and others can spread the data from health care records on their own by selling this data (supposedly de-identified) to all manner of third parties, without patient consent or any benefit to the patient.

This is a policy issue that calls for involvement by a wide range of actors throughout society, of course. Policy-makers have apparently already decided that it is socially beneficial–or at least the most feasible course economically–for clinicians to share data with partners helping them with treatment, operations, or payment. There are even rules now requiring those partners to protect the data. Policy-makers have further decided that de-identified data sharing is beneficial to help researchers and even companies using it to sell more treatments. What no one admits is that de-identification lies on a slope–it is not an all-or-nothing guarantee of privacy. The more widely patient data is shared, the more risk there is that someone will break the protections, and that someone’s motivation will change from relatively benign goals such as marketing to something hostile to the patient.

Were HIMSS to take a patient-centered approach to privacy, it would also ask how credentials are handed out in health care institutions, and who has the right to view patient data. How do we minimize the chance of a Peeping Tom looking at a neighbor’s record? And what about segmentation of data, so that each clinician can see only what she needs for treatment? Segmentation has been justly criticized as impractical, but observers have been asking for it for years and there’s even an HL7 guide to segmentation. Even so, it hasn’t proceeded past the pilot stage.

Nor does it make sense to talk about security unless we talk about the rights of patients to get all their data. Accuracy is related to security, and this means allowing patients to make corrections. I don’t know what I think would be worse: perfectly secure records that are plain wrong in important places, or incorrect assertions being traded around the Internet.

Patients and the Cloud

HIMSS did not ask respondents whether they stored records at their own facilities or in third-party services. For a while, trust in the cloud seemed to enjoy rapid growth–from 9% in 2012 to 40% in 2013. Another HIMSS survey found that 44% of respondents used the cloud to host clinical applications and data–but that was back in 2014, so the percentage has probably increased since then. (Every survey measures different things, of course.)

But before we investigate clinicians’ use of third parties, we must consider taking patient data out of clinicians’ hands entirely and giving it back to patients. Patients will need security training of their own, under those conditions, and will probably use the cloud to avoid catastrophic data loss. The big advantage they have over clinicians, when it comes to avoiding breaches, is that their data will be less concentrated, making it harder for intruders to grab a million records at one blow. Plenty of companies offer personal health records with some impressive features for sharing and analytics. An open source solution called HEART, described in another article, is in the works.

There’s good reason to believe that data is safer in the cloud than on local, network-connected systems. For instance, many of the complex technologies mentioned by HIMSS (network monitoring, single sign on, intrusion detection, and so on) are major configuration tasks that a cloud provider can give to its clients with a click of a button. More fundamentally, hospital IT staffs are burdened with a large set of tasks, of which security is one of the lowest-priority because it doesn’t generate revenue. In contrast, IT staff at the cloud environment spend gobs of time keeping up to date on security. They may need extra training to understand the particular regulatory requirements of health care, but the basic ways of accessing data are the same in health care as any other industry. Respondents to the HIMSS survey acknowledged that cloud systems had low vulnerability (p. 6).

There won’t be any more questions about encryption once patients have their data. When physicians want to see it, they will have to so over an encrypted path. Even Edward Snowden unreservedly boasted, “Encryption works.”

Security is a way of behaving, not a set of technologies. That fundamental attitude was not addressed by the HIMSS survey, and might not be available through any survey. HIMSS treated security as a routine corporate function, not as a patient right. We might ask the health care field different questions if we returned to the basic goal of all this security, which is the dignity and safety of the patient.

We all know the health record system is broken, and the dismal state of security is one symptom of that failure. Before we invest large sums to prop up a bad record system, let’s re-evaluate security on the basis of a realistic and respectful understanding of the patients’ rights.

What Would a Patient-Centered Security Program Look Like? (Part 1 of 2)

Posted on August 29, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

HIMSS has just released its 2016 Cybersecurity Survey. I’m not writing this article just to say that the industry-wide situation is pretty bad. In fact, it would be worth hiring a truck with a megaphone to tour the city if the situation was good. What I want to do instead is take a critical look at the priorities as defined by HIMSS, and call for a different industry focus.

We should start off by dispelling notions that there’s anything especially bad about security in the health care industry. Breaches there get a lot of attention because they’re relatively new and because the personal sensitivity of the data strikes home with us. But the financial industry, which we all thought understood security, is no better–more than 500 million financial records were stolen during just a 12-month period ending in October 2014. Retailers are frequently breached. And what about one of the government institutions most tasked with maintaining personal data, the Office of Personnel Management?

The HIMSS report certainly appears comprehensive to a traditional security professional. They ask about important things–encryption, multi-factor authentication, intrusion detection, audits–and warn the industry of breaches caused by skimping on such things. But before we spend several billion dollars patching the existing system, let’s step back and ask what our priorities are.

People Come Before Technologies

One hint that HIMSS’s assumptions are skewed comes in the section of the survey that asked its respondents what motivated them to pursue greater security. The top motivation, at 76 percent, was a phishing attack (p. 6). In other words, what they noticed out in the field was not some technical breach but a social engineering attack on their staff. It was hard to interpret the text, but it appeared that the respondents had actually experienced these attacks. If so, it’s a reminder that your own staff is your first line of defense. It doesn’t matter how strong your encryption is if you give away your password.

It’s a long-held tenet of the security field that the most common source of breaches is internal: employees who were malicious themselves, or who mistakenly let intruders in through phishing attacks or other exploits. That’s why (you might notice) I don’t use the term “cybersecurity” in this article, even though it’s part of the title of the HIMSS report.

The security field has standardized ways of training staff to avoid scams. Explain to them the most common vectors of attack. Check that they’re creating strong passwords, where increased computing power is creating an escalating war (and the value of frequent password changes has been challenged). Best yet, use two-factor authentication, which may help you avoid the infuriating burden of passwords. Run mock phishing scams to test your users. Set up regular audits of access to sensitive data–a practice that HIMSS found among only 60% of respondents (p. 3). And give someone the job of actually checking the audit logs.

Why didn’t HIMSS ask about most of these practices? It began the project with a technology focus instead a human focus. We’ll take the reverse approach in the second part of this article.