Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

ONC Announces Winners Of FHIR App Challenge

Posted on August 3, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

The ONC has announced the first wave of winners of two app challenges, both of which called for competitors to use FHIR standards and open APIs.

As I’ve noted previously, I’m skeptical that market forces can solve our industry’s broad interoperability problems, even if they’re supported and channeled by a neutral intermediary like ONC. But there’s little doubt that FHIR has the potential to provide some of the benefits of interoperability, as we’ll see below.

Winners of Phase 1 of the agency’s Consumer Health Data Aggregator Challenge, each of whom will receive a $15,000 award, included the following:

  • Green Circle Health’s platform is designed to provide a comprehensive family health dashboard covering the Common Clinical Data Set, using FHIR to transfer patient information. This app will also integrate patient-generated health data from connected devices such as wearables and sensors.
  • The Prevvy Family Health Assistant by HealthCentrix offers tools for managing a family’s health and wellness, as well as targeted data exchange. Prevvy uses both FHIR and Direct messaging with EMRs certified for Meaningful Use Stage 2.
  • Medyear’s mobile app uses FHIR to merge patient records from multiple sources, making them accessible through a single interface. It displays real-time EMR updates via a social media-style feed, as well as functions intended to make it simple to message or call clinicians.
  • The Locket app by MetroStar Systems pulls patient data from different EMRs together onto a single mobile device. Other Locket capabilities include paper-free check in and appointment scheduling and reminders.

ONC also announced winners of the Provider User Experience Challenge, each of whom will also get a $15,000 award. This part of the contest was dedicated to promoting the use of FHIR as well, but participants were asked to show how they could enhance providers’ EMR experience, specifically by making clinical workflows more intuitive, specific to clinical specialty and actionable, by making data accessible to apps through APIs. Winners include the following:

  • The Herald platform by Herald Health uses FHIR to highlight patient information most needed by clinicians. By integrating FHIT, Herald will offer alerts based on real-time EMR data.
  • PHRASE (Population Health Risk Assessment Support Engine) Health is creating a clinical decision support platform designed to better manage emerging illnesses, integrating more external data sources into the process of identifying at-risk patients and enabling the two-way exchange of information between providers and public health entities.
  • A partnership between the University of Utah Health Care, Intermountain Healthcare and Duke Health System is providing clinical decision support for timely diagnosis and management of newborn bilirubin according to evidence-based practice. The partners will integrate the app across each member’s EMR.
  • WellSheet has created a web application using machine learning and natural language processing to prioritize important information during a patient visit. Its algorithm simplifies workflows incorporating multiple data sources, including those enabled by FHIR. It then presents information in a single screen.

As I see it, the two contests don’t necessarily need to be run on separate tracks. After all, providers need aggregate data and consumers need prioritized, easy-to-navigate platforms. But either way, this effort seems to have been productive. I’m eager to see the winners of the next phase.

Securing IoT Devices Calls For New Ways Of Doing Business

Posted on June 8, 2016 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

While new Internet-connected devices can expose healthcare organizations to security threats in much the same way as a desktop PC or laptop, they aren’t always procured, monitored or maintained the same way. This can lead to potentially major ePHI breaches, as one renowned health system recently found out.

According a piece in SearchHealtlhIT, executives at Intermountain Healthcare recently went through something of a panic when connected audiology device went missing. According to Intermountain CISO Karl West, the device had come into the hospital via a different channel than most of the system’s other devices. For that reason, West told the site, his team couldn’t verify what operating system the audiology device had, how it had come into the hospital and what its lifecycle management status was.

Not only did Intermountain lack some key configuration and operating system data on the device, they didn’t know how to prevent the exposure of stored patient information the device had on board. And because the data was persistent over time, the audiology device had information on multiple patients — in fact, every patient that had used the device. When the device was eventually located, was discovered that it held two-and-a-half years worth of stored patient data.

After this incident, West realized that Intermountain needed to improve on how it managed Internet of Things devices. Specifically, the team decided that simply taking inventory of all devices and applications was far from sufficient to protect the security of IoT medical devices.

To prevent such problems from occurring again, West and his team created a data dictionary, designed to let them know where data originates, how it moves and where it resides. The group is also documenting what each IoT device’s transmission capabilities are, West told SearchHealthIT.

A huge vulnerability

Unfortunately, Intermountain isn’t the first and won’t be the last health system to face problems in managing IoT device security. Such devices can be a huge vulnerability, as they are seldom documented and maintained in the same way that traditional network devices are. In fact, this lack of oversight is almost a given when you consider where they come from.

Sure, some connected devices arrive via traditional medical device channels — such as, for example, connected infusion pumps — but a growing number of network-connected devices are coming through consumer channels. For example, though the problem is well understood these days, healthcare organizations continue to grapple with security issues created by staff-owned smart phones and tablets.

The next wave of smart, connected devices may pose even bigger problems. While operating systems running mobile devices are well understood, and can be maintained and secured using enterprise-level processes,  new connected devices are throwing the entire healthcare industry a curveball.  After all, the smart watch a patient brings into your facility doesn’t turn up on your procurement schedule, may use nonstandard software and its operating system and applications may not be patched. And that’s just one example.

Redesigning processes

While there’s no single solution to this rapidly-growing problem, one thing seems to be clear. As the Intermountain example demonstrates, healthcare organizations must redefine their processes for tracking and securing devices in the face of the IoT security threat.

First and foremost, medical device teams and the IT department must come together to create a comprehensive connected device strategy. Both teams need to know what devices are using the network, how and why. And whatever policy is set for managing IoT devices has to embrace everyone. This is no time for a turf war — it’s time to hunker down and manage this serious threat.

Efforts like Intermountain’s may not work for every organization, but the key is to take a step forward. As the number of IoT network nodes grow to a nearly infinite level, healthcare organizations will have to re-think their entire philosophy on how and why networked devices should interact. Otherwise, a catastrophic breach is nearly guaranteed.

HL7 Backs Effort To Boost Patient Data Exchange

Posted on December 8, 2014 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

Standards group Health Level Seven has kicked off a new project intended to increase the adoption of tech standards designed to improve electronic patient data exchange. The initiative, the Argonaut Project, includes just five EMR vendors and four provider organizations, but it seems to have some interesting and substantial goals.

Participating vendors include Athenahealth, Cerner, Epic, McKesson and MEDITECH, while providers include Beth Israel Deaconess Medical Center, Intermoutain  Healthcare, Mayo Clinic and Partners HealthCare. In an interesting twist, the group also includes SMART, Boston Children’s Hospital Informatics Program’s federally-funded mobile app development project. (How often does mobile get a seat at the table when interoperability is being discussed?) And consulting firm the Advisory Board Company is also involved.

Unlike the activity around the much-bruited CommonWell Alliance, which still feels like vaporware to industry watchers like myself, this project seems to have a solid technical footing. On the recommendation of a group of science advisors known as JASON, the group is working at creating a public API to advance EMR interoperability.

The springboard for its efforts is HL7’s Fast Healthcare Interoperability Resources. HL7’s FHir is a RESTful API, an approach which, the standards group notes, makes it easier to share data not only across traditional networks and EMR-sharing modular components, but also to mobile devices, web-based applications and cloud communications.

According to JASON’s David McCallie, Cerner’s president of medical informatics, the group has an intriguing goal. Members’ intent is to develop a health IT operating system such as those used by Apple and Android mobile devices. Once that was created, providers could then use both built-in apps resident in the OS and others created by independent developers. While the devices a “health IT OS” would have to embrace would be far more diverse than those run by Android or iOS, the concept is still a fascinating one.

It’s also neat to hear that the collective has committed itself to a fairly aggressive timeline, promising to accelerate current FHIT development to provide hands-on FHIR profiles and implementation guides to the healthcare world by spring of next year.

Lest I seem too critical of CommonWell, which has been soldiering along for quite some time now, it’s onlyt fair to note that its goals are, if anything, even more ambitious than the Argonauts’. CommonWell hopes to accomplish nothing less than managing a single identity for every person/patient, locating the person’s records in the network and managing consent. And CommonWell member Cerner recently announced that it would provide CommonWell services to its clients for free until Jan. 1, 2018.

But as things stand, I’d wager that the Argonauts (I love that name!) will get more done, more quickly. I’m truly eager to see what emerges from their efforts.

Intermountain Uses EMR To Share Radiation Exposure

Posted on May 24, 2013 I Written By

Anne Zieger is a healthcare journalist who has written about the industry for 30 years. Her work has appeared in all of the leading healthcare industry publications, and she's served as editor in chief of several healthcare B2B sites.

It’s a well-known and worrisome trend that patients are receiving potentially harmful doses of  radiation from tests such as CT scans. Generally speaking, though, neither patients nor clinicians know exactly how much radiation exposure an individual has received.

At Intermountain Healthcare, however,  they’re hoping to change this state of affairs. The Salt Lake City-based health system of 22 hospitals and 185 clinics is launching what the Wall Street Journal says is the first major effort to measure and report patients’ cumulative radiation exposure.

Intermountain’s effort is focused on the tests that produce the highest amount of radiation, including CT scans, nuclear medicine scans and interventional radiology exams of the heart, the WSJ reports.  As part of an effort to educate clinicians and patients about medical radiation, both will be able to access data on patient exposure levels through Intermountain’s EMR.

The idea behind listing a patient’s radiation exposure is to encourage both clinician and patient to consider the risks and benefits of a particular test and at times, avoid the test if the needed information can be obtained with a radiation-free test, the WSJ piece says.

In a typical year, Intermountain’s patients receive 220,000 CT scans and radiology procedures, so data that helps patient and doctor consider alternatives could conceivably have a meaningful effect, clinicians there say.

Intermountain is not the only hospital system to focus on tracking radiation doses. For example, Hospital Corporation of America, the largest for-profit hospital system, is kicking off a new “Radiation Right” campaign tracking patient doses, the newspaper reports. But it does seem to be the only chain sharing the data with patients via an EMR.

Realistically, these efforts are still in their infancy, as researchers don’t know how much of a cumulative dose of radiation directly increases cancer risk. Still, this does seem like an excellent use of the EMR as a collaborative tool engaging patients in making better-informed health decisions.

Marc Probst Talks About Meaningful Use

Posted on August 1, 2009 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

A relatively new reader of EMR and HIPAA, Michael Archuleta, sent me his notes from the Utah Medical Group Managers Association 6/25/09 where the keynote speaker was Marc Probst. For those that don’t know, Marc Probst is the CIO of Intermountain Healthcare (IHC). IHC is huge in Utah and I think it does pretty well in a number of surrounding states as well. Plus, Marc Probst is also a member of the HIT Policy Committee. You may remember that I’ve talked about Marc Probst on EMR and HIPAA a few times before.

Anyway, I found some of the points that Michael captured interesting. I guess in the end I was interested to hear what Marc Probst was telling people. Michael Archuleta’s notes are as follows (published with permission and the emphasis added was mine to highlight some interesting parts):

Mark Probst – Intermountain Health Care – government wants to invest 42 billion in IT healthcare. IHC has 500,000 enrollees, 28,000 employees. 600 physicians. They are a unique integrated health care organization. Feels Obama framed the problem (related to health care, in previous nights TV pitch) well, and wants his plan in by Oct 09. Referred to how IHC is the lowest cost per capita.

Probst has met with 3 congressman and 20 government staffers. Using Mayo Clinic as a benchmark, could save 30 pct in chronic illnesses. There are 300,000 uninsured Utahns.

Four stages of an EMR. Third stage was commercial products. Stage four will have broad adoption of solutions. Second increased knowledge. Third is introduction of clinical decision support. A stage 3 EMR could save a 300 bed hosp at least 11M.

At LDS hospital there were 581 adverse drug events in 1990 and in 2004 there are only 270 . Their stats showed that waiting to 39 weeks (for OB delivery) was best for infants and reduced neonatal admissions. The docs said they knew this already and didn’t induce unnecessarily. But when showing them the data, they were in fact inducing. The same stats showed improved outcome with acute respiratory stress.

150 people are working on a new EMR system (for IHC) with GE and people from India. A complete clinical information system has automation (taking common tasks and automating it like voice, scanning, bar codes. Helps you with inventory management and pricing. Provides automated data entry with hot texting.), connectivity (using a network. Allows doctors to see and share information and this brings more specialists into the picture.), decision support (prompts and alerts for obvious things. Advanced decision support like glucose management and need to push the human mind.), data mining (using historical data to identify patterns and to test hypotheses).

Commercial systems were good at automation and connectivity but were weak on decision support. IHC was good in that area so they decided to build their own hybrid.

Rather than rip and replace, they aggregate, view, analyze, alert and then gradually replace existing systems.

The government HIT policy committee: Meaningful use says that to get money you need a certified system and have meaningful use. There must be a certification and an adoption. Must have the ability to do health information exchange. Time frames are aggressive: They originally thought they had until October to define requirements and then were told by the Obama administration that it was moved up to July 16. It will move from policy to a standards committee.

The intent and commitment of the people involved on the HIT committee is to do the right thing.

Questions from the floor: Doesn’t HIPAA preclude the ability to share information? In his opinion it allows for protection.

How do we get our voices heard? Have to get involved with AMA.

What is meaningful use? Capture discreet data like BMI, weight. Then there is an adoption process.

How will costs go down? If other things are in place, then we will minimize duplications. We may be connected but we can’t talk.

What about CCHIT? It is unclear what their role will be. IHC, for instance, is a hybrid of best of systems. Who would certify us?

Great Marc Probst Interview

Posted on May 2, 2009 I Written By

John Lynn is the Founder of the blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of and John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Marc Probst, CIO at Intermountain Healthcare and member of the new Health Information Technology Policy Committee, gave a really interesting interview to Healthcare Informatics. I really don’t know Marc Probst other than what I read in this interview, but I do know something about Intermountain Healthcare (or IHC as it’s known in Utah). When I was in high school I actually worked for IHC spending one hour a day cleaning a local doctors office. I’m glad those days are over and I don’t think I did a very good job at it either.

However, from that experience and also my high school friend’s dad being the CEO of IHC I got to know the company pretty well. I was really impressed with how the company was run. From the above interview I think that Marc Probst probably has quite a bit to do with that. Let me give a few examples of things he said that I liked:

AG: I completely agree about John (Glaser’s positive influence on defining “meaningful use”) and I’ve written as much. You may not know the answer to this, but there is also a Standards Committee that has yet to be formed. And there have been a lot of questions about what the differentiation might be between the Standards Committee and HITSP, John Halamka’s group. Do you have any information about the Standards Committee makeup, how it’s going to interact with the Policy Committee and the relationship of the Standards Committee to HITSP?

MP: I don’t know any of that, no.

AG: But they’re good questions.

MP: They are really good questions. Blumenthal has just gotten in and HHS still needs to finish their appointments, I think it’s just all very preliminary. Congress basically set down the dates for GAO to have to have the first 13 in place. But I don’t know if there are those same triggers out there for the other committee or the other seven on the Policy Committee. I think GAO has just met the timeline that they had to meet.

AG: We’re all just working our way through this, right?

MP: The best thing about standards is that there are so many of them, right? I hope the Standards Committee can become a brokering point to say, ‘Whether or not they’re the perfect standards, these are what we’re going to follow.’ Where does HITSP fit in this? Where does HL7 fit in this? I don’t know. We may only be 85 percent right in terms of agreement, but boy, it would be nice to have a target to go after.

Call me crazy, but I like I guy that’s not afraid to say that he doesn’t know. Makes me trust someone a lot more when they don’t try to fake something.

AG: Let’s not forget CCHIT.

MP: Do we have to talk about CCHIT?

AG: We can never leave any acronyms out as far as I’m concerned.

MP: CCHIT in my book is really good; I’m just concerned about a blanket rule that every system has to be CCHIT-certified, boy, that’s got a lot of challenges in that statement, and I’d be careful.

My understanding is that IHC built most of their EHR systems in house. This may be why Probst is not so happy with the blanket statement of CCHIT, but he realizes he has to be politically correct enough to not bash it (something I haven’t learned).

Let’s just say that I’m quite happy to see Marc Probst on the Health Information Technology Policy Committee. I’m adding him to my list of really smart and thoughtful people in healthcare.