Welcome to EMR and HIPAA

Think about how wonderful the ability to send a discharge summary by email to a patient straight from your EMR. I think it’s pretty easy to see the tremendous benefits of this type of communication. Send the patient information to one place they probably visit every day and where they can read and process the information away from the hustle and bustle of the clinic. Certainly many doctors have been doing this with little pamphlets or handout sheets with clinical information. Unfortunately, too many of these sheets never get read. Certainly that same thing could happen with an email, but at least the next generation of patients are going to want this information in their email box.

Of course, the problem with sending this information in an email is that email is not secure. Email encryption hasn’t taken hold fast enough to make it encrypted. Is a user’s email box really a secure location where they want their health information? I personally don’t have a problem with it, but I would expect that many people wouldn’t want their health information in their email any more than their regular mailbox. Either way, without the encryption it wouldn’t be difficult for someone to sniff out what’s being sent in an Email containing for example a patient’s discharge. It would be going across the internet in basically plain text.

This situation actually happened in Austrailia a little while back in an article I read called “Unsecured email sparks dispute.” I know I wouldn’t be happy if a clinic just decided to send these unsecured emails. Not so much because I was personally worried about my information being lost. I personally have nothing to hide (yet anyway). However, I would feel uncomfortable patronizing an organization that would deal so flippantly with my information.

I’m sure that someone will chime in that this is the whole purpose of a Patient Portal or EHR interface that allows people a secure method to receive and send protected health information. This is all well and good, but from what I’ve seen this usually requires the doctor’s EMR company to support this type of interaction. Plus, even more serious of an issue is that you’re giving your patients one more login and password that they’ll need to remember. Certainly not a deal breaker, but one more inconvenience for our users and the staff that have to support our users when they forget their password. Unfortunately, I think that this is the future of secured messaging, but I can always hope that there’s something better that we’re just missing.

We should also realize that this isn’t going to get any easier. In fact, I think we can reasonably say that this is going to get harder and harder. Don’t be surprised if soon some patient would like their health information somehow incorporated into some site like Facebook. It’s really only a matter of time until some developer creates a health interface into Facebook.

It might not make sense to most people, but the next generation of patients are going to grow up living and breathing their online life in some sort of social network (Facebook is just one example of these). They are very comfortable with transparency and will be interested in being able to track and compare health information with other people. Not to mention interact in a social network with other people who have similar conditions. It seems like this isn’t a question of if, but when this type of interaction will happen.

Even if you think that health information on a social network like Facebook is far fetched, we are already seeing health information propagating to the web in Microsoft’s HealthVault and Google Health. Is this going to be ok? Will it become as synonymous as online banking has become to the banking world? It’s not that far of a stretch to think that Google Health could easily be tied into Google’s OpenSocial platform which would allow a patient’s health information to do all sorts of cool things.

The convergence of Health Care and IT is going to be really interesting. It’s taken health care a while to get going with IT, but I think almost everyone agrees that IT could do amazing things to better the health care a person receives.

Well, my prediction that Eric Schmidt would announce Google Health at the HIMSS08 conference were pretty close. From what I’ve read so far, that’s all he really talked about. I’m still waiting to see my contact that was able to attend HIMSS to see his thoughts on what was said. Sounds like he mostly reiterated what we already knew. A few interesting points:

-Google Health will not contain ads (although I bet that won’t stop them from using the information to target the ads it shows you other places)
-Eric Schmidt repeatedly said no data would be shared without the consumer’s consent (unless of course some hacker finds a way around Google’s security measures)
-1,370 volunteers at the Cleveland Clinic are beta testing the application
-Portability is the key (we heard that this was a form of CCR, but if it requires consent are people going to go to the effort to make it portable?)

Despite certain privacy questions and fears around Google Health I think that Eric Schmidt made a very good point about the way Google will protect your information from legal cases when he said:

“In the Google implementation, your personal health information will not be given to anyone without their explicit permission, which is not true completely for HIPAA-compliant systems. If we get a subpoena, we always check our judgment as to whether the subpoena is narrow enough. If we think it’s a fishing expedition, we will fight it in court. That has worked well for us so far.”

The battle of PHRs by Google Health and Microsoft HealthVault have begun. While I love to see the big players participating in healthcare, I’m not sure they’ve figured out the right motivational drivers that will make this a smashing success. It wouldn’t surprise me if in a few years we hear stories about a life being saved because of proper information and how even one saved life is worth it.

The biggest disappointment: No announcement about when we can get in and try it out ourselves.

UPDATE: Techcrunch think that whoever cracks the healthcare nut will have a huge new market. I don’t see it ever cracking. Marissa Mayer talks about Google Health on the Official Google Blog.

The AP had a story today that told about a pilot project using a Cleveland Hospital to test out the anticipated Google Health. Here’s an excerpt from the story:

The pilot project announced Thursday will involve 1,500 to 10,000 patients at the Cleveland Clinic who volunteered to an electronic transfer of their personal health records so they can be retrieved through Google’s new service, which won’t be open to the general public.

I’ve covered Google Health a number of times on this blog and I still wonder what Eric Schmidt is going to say at HIMSS next week. I can’t imagine him not speaking about Google Health at that time. The question is how much will he actually say.

Many people are afraid of what it means for Google to have our Health information. It looks like they won’t have to comply with HIPAA requirements at all. Other people are scared that Google Health will just help Google to offer targeted Viagra (or other drug) ads.

I’m not personally as concerned as most people with Google having health information. However, it is definitely something we’ll have to watch and see how the public accepts it. The AP article described the type of content Google Health will contain:

Each health profile, including information about prescriptions, allergies and medical histories, will be protected by a password that’s also required to use other Google services such as e-mail and personalized search tools.

Too bad most doctors don’t care about Google Health and will probably never use it.

Today I was preparing a proposal to have my work send me to the HIMSS 08 conference. As part of that proposal I used the list of Keynote Speakers as a little justification as to why this conference would be incredibly interesting and useful for my job.

As I looked over the list I was impressed to see that Eric Schmidt is doing a keynote at HIMSS. Then it dawned on me that HIMSS would be the perfect place to announce Google’s launch into the healthcare industry with Google Health. We know it’s coming or why else would they have put up a Google Health beta page and then taken it down.

Anyone have any inside information that this is the case? If it is, then I’m even more interested in being there to hear the announcement.

If I’m able to make it, then I’ll have plenty to do. I’ll have some great meet ups with many people from the EMR Update forums. I’m sure there will be a meet up of Healthcare IT bloggers like there has been at past HIMSS conferences. I can’t find the link now, but I’m sure I’ll find it if I go. I’ll also be certain to catch up with Naveen and the team at DoctorsPartner. I also told Nick from EMR Update that I’d bring my eee with its built in video camera and make sure to capture some interviews with some people. That would be pretty fun.

Anyone else planning to go to the HIMSS conference?

UPDATE: Neil Versel blogged the following info about Eric Schmidt at HIMSS

As for Google, CEO Eric Schmidt is delivering a keynote at next week’s HIMSS conference, and actually is holding a 30-minute press conference afterwards. The Internet search giant also is throwing a cocktail party next Tuesday, with the theme, “Home is Where the Heart Is.” The invite says, “Come meet the health team at Google and learn more about what we’re working on.” About all I expect to learn from the secretive company is who actually works for Google (I know a couple of people already) and whether the bartender can mix a dry vodka martini.

Well, after Google (probably inadvertently) put up the Google Health beta page, it is now down. They put up the standard Google login page that includes links to their other services. I wonder if someone on the Google Health team got their hand slapped for letting that slip out. Or maybe it was an intentional way for Google to get a little feedback on Google Health and how people will react. Either way, the screenshots and content are spread across the web now. Now turning back at this point. Full steam ahead, let’s see what Google can offer in the health care arena.

Today I saw an article on TechCrunch that talked about how Google Blogscoped found a Google Health login page (UPDATE: The Google Health Beta Landing Page has been taken down) for the hopefully soon to be released Google Health. Of course, there isn’t really anything all that special about the login page. It looks just like almost all the other Google login pages. However, the Google Health page did include the following information:

With Google Health, you can:

* Build online health profiles that belong to you
* Download medical records from doctors and pharmacies
* Get personalized health guidance and relevant news
* Find qualified doctors and connect to time-saving services
* Share selected information with family or caregivers

Too bad none of the other links work, but it does give some interesting information about what Google Health will be like. The part that is most concerning to me is downloading medical records from doctors and pharmacies. How are they going to do that? The answer is that they aren’t really going to do it. There are going to be a handful of the thousands and thousands of doctors and pharmacies that will be able to work with Google Health.

I hope that Google Health does the right thing and integrates with something like CCR since it is already beginning to be established in many Electronic Medical Record software programs. That would be a huge boon to CCR, but it would also open up an entire set of doctors that could support upload to Google Health. This could definitely be a nice differentiator from Microsoft Health Vault which can’t do this either (unless it’s been added since I looked).

If Google Health decides to create their own standard for a clinic to be able to upload to Google Health they are crazy. Doctors have almost no motivation to support Google’s standard for uploading medical records. I’m not sure many EMR companies will support it either. I can see a few of them do it as a PR move, but I’d be very surprised if many of them bit on this. Doctors don’t buy EMR software because their patients can get their record out easier. It just doesn’t make business sense for EMRs or doctors to really do any sort of uploading like this to Google Health.

Of course the good thing for this all is that having another big player like Google interested in helping the healthcare system with some Health 2.0 solutions is great by me.

You can see my previous coverage of Google Health and also the Google Health Co-op.

Update: Here’s a screen shot of what Google Health could look like.

Update 2: What CEO of Google Eric Schmidt said about Google Health at HIMSS08.