Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

What Would a Patient-Centered Security Program Look Like? (Part 2 of 2)

Posted on August 30, 2016 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The previous part of this article laid down a basic premise that the purpose of security is to protect people, not computer systems or data. Let’s continue our exploration of internal threats.

Security Starts at Home

Before we talk about firewalls and anomaly detection for breaches, let’s ask why hospitals, pharmacies, insurers, and others can spread the data from health care records on their own by selling this data (supposedly de-identified) to all manner of third parties, without patient consent or any benefit to the patient.

This is a policy issue that calls for involvement by a wide range of actors throughout society, of course. Policy-makers have apparently already decided that it is socially beneficial–or at least the most feasible course economically–for clinicians to share data with partners helping them with treatment, operations, or payment. There are even rules now requiring those partners to protect the data. Policy-makers have further decided that de-identified data sharing is beneficial to help researchers and even companies using it to sell more treatments. What no one admits is that de-identification lies on a slope–it is not an all-or-nothing guarantee of privacy. The more widely patient data is shared, the more risk there is that someone will break the protections, and that someone’s motivation will change from relatively benign goals such as marketing to something hostile to the patient.

Were HIMSS to take a patient-centered approach to privacy, it would also ask how credentials are handed out in health care institutions, and who has the right to view patient data. How do we minimize the chance of a Peeping Tom looking at a neighbor’s record? And what about segmentation of data, so that each clinician can see only what she needs for treatment? Segmentation has been justly criticized as impractical, but observers have been asking for it for years and there’s even an HL7 guide to segmentation. Even so, it hasn’t proceeded past the pilot stage.

Nor does it make sense to talk about security unless we talk about the rights of patients to get all their data. Accuracy is related to security, and this means allowing patients to make corrections. I don’t know what I think would be worse: perfectly secure records that are plain wrong in important places, or incorrect assertions being traded around the Internet.

Patients and the Cloud

HIMSS did not ask respondents whether they stored records at their own facilities or in third-party services. For a while, trust in the cloud seemed to enjoy rapid growth–from 9% in 2012 to 40% in 2013. Another HIMSS survey found that 44% of respondents used the cloud to host clinical applications and data–but that was back in 2014, so the percentage has probably increased since then. (Every survey measures different things, of course.)

But before we investigate clinicians’ use of third parties, we must consider taking patient data out of clinicians’ hands entirely and giving it back to patients. Patients will need security training of their own, under those conditions, and will probably use the cloud to avoid catastrophic data loss. The big advantage they have over clinicians, when it comes to avoiding breaches, is that their data will be less concentrated, making it harder for intruders to grab a million records at one blow. Plenty of companies offer personal health records with some impressive features for sharing and analytics. An open source solution called HEART, described in another article, is in the works.

There’s good reason to believe that data is safer in the cloud than on local, network-connected systems. For instance, many of the complex technologies mentioned by HIMSS (network monitoring, single sign on, intrusion detection, and so on) are major configuration tasks that a cloud provider can give to its clients with a click of a button. More fundamentally, hospital IT staffs are burdened with a large set of tasks, of which security is one of the lowest-priority because it doesn’t generate revenue. In contrast, IT staff at the cloud environment spend gobs of time keeping up to date on security. They may need extra training to understand the particular regulatory requirements of health care, but the basic ways of accessing data are the same in health care as any other industry. Respondents to the HIMSS survey acknowledged that cloud systems had low vulnerability (p. 6).

There won’t be any more questions about encryption once patients have their data. When physicians want to see it, they will have to so over an encrypted path. Even Edward Snowden unreservedly boasted, “Encryption works.”

Security is a way of behaving, not a set of technologies. That fundamental attitude was not addressed by the HIMSS survey, and might not be available through any survey. HIMSS treated security as a routine corporate function, not as a patient right. We might ask the health care field different questions if we returned to the basic goal of all this security, which is the dignity and safety of the patient.

We all know the health record system is broken, and the dismal state of security is one symptom of that failure. Before we invest large sums to prop up a bad record system, let’s re-evaluate security on the basis of a realistic and respectful understanding of the patients’ rights.

Will We Be Maintaining Our Genomic Health Record?

Posted on May 4, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

If you’re interested in Genomic Medicine like I am, be sure to check out my article on EMR and EHR called “When Will Genomic Medicine Become As Common As Antibiotics?” That’s a really interesting question that’s worth considering. We’re not there yet and won’t get there for a couple years. However, I think that genomic medicine will become as common as antibiotics and will have a massive impact on healthcare the way antibiotics have as well.

The article mentioned links to a genomics whitepaper that talks about a person’s genomic health record. I’d never heard the term before, but I’m definitely intrigued by the idea of everyone having their own genomic health record.

We’ve talked forever about people having a personal health record which they need to collect and maintain. Some people store it in a PHR on the web and others store it on a mobile phone. However, we’ve never really seen the personal health record take off. This is true for a number of reasons. The first is that it’s still quite difficult to aggregate your entire health record across multiple providers. I even read of one PHR that was paying doctors to provide them a patient’s record. The second problem is that patients don’t know what to do with all the records once they have them. Even if they go to their doctor and say they have their full patient record, the doctor hands them a stack of health history forms to fill out. Best case, they file a copy of the patients records in the chart (usually in some sort of PDF or paper copy).

Now let’s think about those challenges from the perspective of a genomic health record. If you’ve paid thousands of dollars for genomic tests and analysis, are you going to want to pay that again to the next doctor you see? No, they’re going to ask you for your copy of their genomic record and use that as part of your care. Patients won’t want to pay for another genomic test and it will be easier to get their record, so they’ll be more motivated to get and maintain it than they were with a simple personal health record. It’s pretty compelling to consider.

Some challenges and questions I have about how this will evolve. Will your PHR start to include your genomic health record or will it be something that’s stored separately? Will their be a standard for the genomic health record so that the doctor can easily use that record in the work they’re doing? Will the genomic health record be so large that it will have to be stored in the cloud?

What do you think of the concept of a genomic health record?

What Value Does a Healthy Patient Get from a PHR?

Posted on November 11, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In my previous post about a Patient Controlled Medical Record, I asserted that such a thing would be a challenge to get to work in the US, but that there was a lot of potential internationally. I did provide one caveat when it came to chronic patients where I think there is potential in the US as well. Although, some argued against even that group being interested in the comments.

Let me further expound on why I think the patient controlled medical record fails for a healthy patient (and this includes people who think they’re healthy, or at least relatively healthy…ie. they don’t go to a doctor for any chronic condition). In many respects this is my talking from my own personal perspective as a young, healthy adult (although I guess all of those descriptors could be argued).

The problem for someone that’s healthy is that their medical record basically has no data. The reason you want a patient controlled medical record is so that you can extract value from the data. I don’t need to look at my online medical record to see that I don’t have any drug allergies, that I had a cold or flu 3 years ago, that I got my flu shot 4 years ago, and that when I was 15 I had a hernia operation.

The point being that my medical record is so short that there’s so little value in me trying to aggregate that record in once place. What value do I get from doing so?

I think there could be value in doing so, but not today. For example, if by keeping a patient controlled medical record I could avoid filling out the crazy stack of paperwork that’s given you at every new doctor you visit, I and every other patient would want to keep an online patient record. This should be a solvable problem, but I won’t go into the hundreds of systemic reasons why it’s not going to happen anytime soon. Although, we’ll start with the doctor preferring your allergies to be in the upper right corner in red. Now scale that request up to 700,000 doctors.

Similar to the above item, there are other ancillary functions (ie. appointment scheduling, prescription refills, message your doctor, etc.) that could be tied to your medical record that would make people want to use a PHR or other similar system. However, most people would use it for the ancillary functions and not to be able to control their medical record in one place. For many of the ancillary services this portal will need to be tethered to a PHR.

One trend that I hope will change my description above is the wave of new health sensors that are hitting the market. As those health sensors get better I believe we’ll see a new type of portal that is attractive for even a “healthy” person to visit. This concept coincides with what I call Treating a Healthy Patient. All of this new sensor data could make it worth my time as someone who thinks I’m healthy to check and aggregate my data in one location. The volume of data available would be much more than what I have stored in my memory and so it will make sense for me to visit somewhere that stores and processes my whole medical record.

How these portals full of health sensor data will work with doctors is a topic for another blog post. Until then, I’ll be surprised how many healthy patients really get on board collecting their patient data in a patient controlled medical record.

Healthcare Unbound #HITsm Chat Thoughts

Posted on June 21, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Most of you have seen that we’ve been working on a number of ways to stretch and deepen the amazing #HITsm community. Check out the EMR and HIPAA YouTube channel for some post #HITsm video chats we’ve done. Plus, we do our weekly #HITsm Twitter Roundups (Every other week our #HITsm roundup is on EMR and EHR). At the core of all of this is the weekly #HITsm twitter chat. If you’ve never participated, it’s an incredible community of people.

I’ve always wanted to do a blog post before the regularly scheduled #HITsm chat where I write some thoughts about the planned #HITsm topics. Leonard Kish (@leonardkish) got the topics for this week’s chat up early, so I thought it was the perfect opportunity for me to write a post based on his topics. Hopefully some can read it before the chat and it will enhance their chat experience.

Topic 1: So how long will it be before office visits are no longer the norm? (via Mark Blatt, MD, CMIO Intel)
This is a bit of a hard question because it depends on how you define office visit. Is an e-visit with the doctor considered an office visit. What if the visit is in a HealthSpot like kiosk? Is that an office visit. I’ll assume for the sake of this question that he means any visit where you didn’t have to go into the office. This could be a telemedicine visit or some other electronic method of interacting with a care provider.

My prediction is that it will probably be 3 years before it’s common for the early adopters to do an e-visit of some sort. It will probably be 6 years before someone like mom is doing an e-visit. Although, there’s a subtle caveat to my answer. Many office visit types will be perfect for an e-visit and some office visit types will never be possible in an e-visit. So, I’m mostly making my prediction based on the former visit type.

Topic 2: What technologies will lead the way?
The Google Plus hangout simplicity has made very clear to me that a video connection between two people is easily possible today. Of course, I’m not suggesting Google Plus will be used for a healthcare office visit, but video and audio using the off the shelf and built in cameras and microphones that come on every laptop, smartphone, and tablet is going to be the preferred method.

As for software, the early adoption is going to be based on which companies the insurance companies choose to reimburse. The insurance companies I’ve talked to are more than happy to have doctors reimbursed for an electronic visit. However, they need some way to know if an e-visit was actually done by the doctor. Even a small space for corruption can cost an insurance company billions of dollars because of their scale. Their method to battle this will be to reimburse only a few telemedicine companies for whom they’ve created deep ties.

Let’s also not count out secure text and secure email as a simple method to replace many unneeded visits.

Topic 3: How will these at-home and mobile technologies integrate with existing systems?
As Anne Zieger recently pointed out, Telemedicine is Not Connecting with EHRs. EHR vendors have so many interoperability challenges as is that integrating with Telemedicine is far down their list of priorities. Instead, I think we’ll see the insurance companies take the lead on integrating Telemedicine into their platforms. We may also see some PHR and patient portals work out deals with the companies that are recognized for reimbursement by the insurance companies.

The other beautiful area for this technology is the cash pay patients. I see a whole new group of cash pay patients emerging. Many people and companies will be willing to pay cash for an e-visit versus making the trip to a doctor’s office for a regular visit. The key question is how the company that provides these visits will get enough locally licensed doctors on board to make this happen, but someone will crack the nut.

Topic 4: Aetna’s CarePass will track customer behavior. Will this become the norm, is it a good thing?
I believe that this will be the norm. In fact, they’re already doing some of this customer behavior tracking already, but most people just don’t know about it. Things like CarePass will just be a public way to do it. I think many will hop on board. I think that this will be a good thing for insurance companies, a good thing for healthcare, and a good thing for many patients. However, a few patients will get really hurt by it.

Topic 5: We’ll need culture change to bring this massive about. what will it take to change culture?
1. Reimbursement 2. Medical Licensing Laws 3. Trusted Technology

If we figure out those 3 areas, we’re going to see the culture change that will unbind healthcare. I personally think we’re headed this direction already and I see nothing that will stop it. It’s just a question of how quickly we can get there.

HIEs and Patient Engagement – Why and Why Now?

Posted on June 20, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The following is a guest post by Jeff Donnell, President of NoMoreClipboard.
Jeff Donnell - NoMoreClipboard PHR
Health information exchanges have become quite adept at moving medical data from provider to provider on behalf of patients, but making that data available to those same patients has rarely been attempted – until recently.

Not including patients at the HIE exchange table is understandable, but ironic. Understandable for reasons ranging from policy challenges to a lack of standards to technical limitations. Ironic because HIEs are ideally positioned to aggregate data from multiple providers – leveraging the interfaces already in place with provider applications – and deliver that data to consumers, overcoming several of the major barriers to patient adoption and use of tools like PHRs and patient portals.

HIEs have recently grown interested in supporting electronic patient engagement, in large part based on provider inquiries regarding meaningful use stage two requirements. Many providers are looking for affordable alternatives to the tethered patient portals being offered by their EHR vendors, and they want to provide their patients with a solution that can be used across the care continuum. Increasingly, providers recognize that a patient who visits five different clinicians is not about to create five different patient portal accounts. Savvy providers realize that the HIE is well equipped to provide portable, interoperable solutions.

For HIEs interested in long-term sustainability, patient engagement makes perfect sense. The HIE can leverage its existing interfaces and aggregated data – making existing medical information available to patients from a single pipe, in a standardized format. The HIE can act as a conduit between consumers and clinicians – adding value for all parties. Providers can transmit data to patients, and recent CMS guidance indicates that all providers who contribute data to a shared portal (like that provided by an HIE) can count patients who use that portal toward their 5% patient participation requirement. Patients avoid having to collect data from every provider they see, and can populate a PHR or HIE portal account with existing electronic data. Everybody wins.

The value is evident, but what about those challenges? In the state of Indiana, we received an ONC Challenge Grant to figure out how to get HIE data in the hands of consumers with a PHR. We are fortunate to reside in a state with five well-established HIEs and a provider community eager to innovate, and we have spent the last two years working on those challenges (giving us a real appreciation for why the ONC affixed the challenge label to this grant program). We have addressed issues ranging from patient ID/Auth/Match to minor consent to provider skepticism to amended data use agreements. We have overcome any number of obstacles to get data flowing, and we are seeing increased levels of engagement and enhanced clinical outcomes.

We have learned any number of lessons to help other HIEs, state agencies and healthcare providers avoid pitfalls and make accelerated progress. We are eager to share what we have learned. Perhaps the most important lesson is to get started now – as crafting and implementing a patient engagement strategy takes time. As nobody appears to be manufacturing more time these days, HIEs and other organizations that envision sharing data with patients even a year or two down the road would be well advised to begin working in earnest, with an eye on making incremental progress.

Jeff Donnell is president of NoMoreClipboard, a web-based, Personal Health Record (PHR) management system designed to consolidate medical information in one convenient and secure location for easy retrieval and updates. NMC enables consumers to share personal or family member medical information with medical professionals electronically, reducing the need for repetitive medical paperwork.  Jeff and the company are committed to developing PHR applications that are consumer-friendly, interactive, secure, mobile and interoperable.  For more information, follow us on Twitter @NoMoreClipboard or visit www.NoMoreClipboard.com.

Benefits and Struggles of EMRs, and More – Around Healthcare Scene

Posted on June 9, 2013 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

Are tablets going to take the place of traditional laptops and desktops? Well, Dr. Michael West seems to think so. He talks about his new-found love for his iPad mini, and how it fulfills all his current needs. Have you traded your desktop in for a tablet yet? The new Microsoft Surface is making me kind of want to!

Having a PHR on your phone doesn’t have to be complicated. In fact, if your phone has a camera (what phone doesn’t nowadays?) you can create when quickly and easily. Here are five health-related snapshots you could keep on your phone to assist in a variety of situations.

If you have been following the Affordable Health Care Act, you’ll know that an optional Medicaid State Plan called Medicaid Health Homes was introduced. There are, of course, many questions that people have about this, including what kind of technology will be required for successful implementation. Lori Bernstein, president of GSI Health, addresses some questions and lays out the benefits that this new model has to offer in her guest post at EMR and EHR last week. what kind of technology will Medicaid Health Homes require to ensure successful implementation?

Paper to EMR is a necessary evil for for hospitals, therefore, it’s easy to justify the expense required to do so. But what about when you decide to switch EMRs. Is it justifiable? Not always. There is no ROI to switch from EMR and EMR, and it can be a big risk.

A current pilot program is currently underway to help identify high-risk pregnancies by using an EMR. This pilot program is being led by researchers and people from Johns Hopkins University’s Center for Population Health IT to find hints in a mother’s health history to help determine if her pregnancy is high-risk. It’s a slow-moving project, but may prove to be worth it if it helps get mothers the help they nee.d

PHR Are Like Early Email

Posted on July 31, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In response to Anne Zieger’s post on PHR, John Tempesco offered this powerful insight that’s worth sharing:

PHRs will become popular when the patients don’t have to enter most of the data themselves. As more and more EHRs and HIEs begin to automatically interact with PHRs and patients have one central place to go for all their health information, they’ll catch on. Having a PHR now is like the early adopters of cell phones or email – there are few people to have conversations with.

It’s a really interesting comparison to email in the early days. I unfortunately wasn’t on email early on so I can’t say exactly what it was like, but I’ve heard stories. The interesting thing is that HIE’s seem to be suffering some of the same problem. HIE’s are often like early email since only a few people are on board with it. Plus, imagine if email required some sort of third party agreement to let you email each other?

EHR software on the other hand could become widely adopted and connected to a PHR. The biggest problem there is the major lack of standards for sending that health information. Until we solve the standards problem, I don’t think a PHR will be able to connect to the hundreds of EHR software vendors.

PHR, EHR and EMR, Remote EHR Access, and ECC EMR Report

Posted on July 22, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Time again for another EMR round up. This one includes a few pet peeves and also some interesting information that I think some will find useful.

Also, the tweets sometimes display funky if you haven’t noticed. The good thing is that I’m about half way through a redesign of the website. Once that’s done, I shouldn’t have that problem any more. I’m excited to show you the new design. Let’s hope it all works out well and I can finish it quickly.


I love the sarcasm of the response. I particularly like it when talking about EMR and EHR. I use them synonymously in all my writing. Those that make a big deal about the difference make me laugh since I think it doesn’t matter. For all practical purposes if I say one or the other everyone knows what I’m talking about. If you haven’t noticed in the same post I’ll interchange EMR and EHR. I’m sure it annoys some people, but I think it illustrates the point that it doesn’t matter. We all know we’re talking about the same thing.


This tweet makes me sad. I don’t know how Wendy Sue Swanson, MD doesn’t know about all the ways to run Windows programs on her Mac: parallels, bootcamp, virtual machine, etc etc etc. It makes me more sad that her IT department didn’t inform her of these options as well. The patient suffers just because the doctor has bad information.


I have no idea what the ECC comm report is, but it sounds official. I assume it’s a UK report on EMR since Bryony is in the UK. If someone else knows more about it I’d love to learn. Is it worth searching out when it comes out?

Tricorder Devices, REC Numbers, and EHR Photo IDs: This Week in HealthCare Scene

Posted on June 10, 2012 I Written By

Katie Clark is originally from Colorado and currently lives in Utah with her husband and son. She writes primarily for Smart Phone Health Care, but contributes to several Health Care Scene blogs, including EMR Thoughts, EMR and EHR, and EMR and HIPAA. She enjoys learning about Health IT and mHealth, and finding ways to improve her own health along the way.

John’s Note: As regular readers know, I usually reserve the Sunday post to do a Twitter round up. The Sunday post on EMR and EHR has been a Healthcare Scene round up post written by Katie. I decided to mix things up a little bit. Each week I’ll swap which site does the Twitter round up and which site does the Around Healthcare Scene.

If all of this is confusing, don’t worry. Just subscribe to the emails for EMR and HIPAA & EMR and EHR and you’ll be all set. Now sit back and enjoy a look around the Healthcare Scene network.

EMR and EHR
The Shift From Expensive Technology to Cost Saving Technology

For years, medical technology came with a hefty price tag. While many of these investments were a miracle worker of sorts, it left hospitals and medical practices with a large bill. Fortunately, in recent years, the technology being released, such as EHR, are trying to make health care less expensive. While it is up for debate if software like EHR really is less expensive, there is a definite shift in the costs of medical technology.

Photo IDs as Part of the Patient Record — Flashy Trend or Future of Medicine?

Unfortunately, errors do occur in hospitals. However, putting photos on a patient record may help prevent some of these problems. Children’s Hospital in Colorado is currently trying this out. The number of mistaken orders dropped from 12 in 2010 to 3 in 2010 since the hospital started using photo IDs. So the question is, are photo IDs worth the time and effort?

Hospital EMR and EHR
Make Consumers Want Their PHR

More PHRs seem to be popping up, but are any of them really convincing people to use them? Anne Zeigler doesn’t think she. In this post, she lists several different ideas on how to get people “excited” about PHRs with tips such as good marketing and rewarding the user. If companies want consumers to use their PHR, many things should be taken into consideration.

EMR Thoughts

REC Numbers for REACH (Minnesota and North Dakota Doctors)

REACH is a nonprofit federal Health Information Technology Regional Extension Center that aims to help hospitals and medical practices through Minnesota and North Dakota implement EHR or optimize the current system. It had many goals in mind when it started, and recently, many of these goals have been met or surpassed. REACH serves 4,749 priority primary care providers across these two states.

EHR and EMR Videos

Dr. Eric Hartz’s EHR Story from the 2012 HIMSS Conference

At the recent HIMSS Conference, Dr. Eric Hartz shared his thoughts on EHR. He discussed the benefits of EHRs and gave tips on participating in incentive programs. He also talked about how to use EHR across a number of different hospitals.

Smart Phone Health Care

Is the Tricorder Device a Reality?

Is that rash on your child something serious, or nothing to worry about? Or is that fever from a UTI? Scanadu, a tricorder-like device, supposedly will use social media to help make healthcare more immediate and accessible. The machine will allow people to take a picture or sample of something worrisome, and immediately find out what action needs to be taken. The world of social medicine is quickly expanding, and a tricorder is becoming an actual possibility.

Pajamas Created to Monitor an Infant’s Vital Stats, Sends Mobile Alerts

Wearable monitors are popping up throughout the health care world. The latest? Pajamas for an infant to wear. It monitors an infant’s vital stats and sends mobile alerts to the parents. Great idea, or just another gimmick to sell to paranoid parents? Read more and decide for yourself.

Two Primary Obstacles to PHR Adoption per Epic

Posted on May 11, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I recently happened upon the interoperability page on Epic’s website. Yes, I realize the irony of Epic and interoperability in the same sentence. In fact, that’s why I was so intrigued by what Epic had on their website about interoperability.

I’ll leave what they called the “physician-guided” interoperability using their Care Everywhere product for another post. In this post I just want to highlight their “freestanding Personal Health Record (PHR)” section. I was most intrigued by what Epic lists on that page as the “two primary obstacles to patient PHR adoption”:

Lucy [Epic’s PHR] is free of the two primary obstacles to patient PHR adoption:
1. There are no advertisements on Lucy.
2. Epic will not sell patient data for secondary uses.

I find this really intriguing. Let’s look at each one individually.

First, I can’t say I’ve ever heard someone say that the reason they aren’t using an EHR is because of the advertisements. I’m sure there are a few out there that wouldn’t enjoy the ads and might not use a PHR because of them, but I believe they are few and far between. Plus, PHR use has been so low that most haven’t used a PHR enough to have seen ads. So, that’s not an obstacle. Not to mention, what PHR software has ads there now? As best to my knowledge Microsoft HealthVault, NoMoreClipboard and even the now defunct Google Health have never shown ads before.

Now to the second point about selling patient data for secondary uses. This could potentially be a bigger issue. There’s little doubt that there’s value in aggregate health data. A PHR is a legitimate way to collect that aggregate health data. Some certainly have some fear of their individualized health data being learned and so they don’t want to input their health data into a PHR. However, I believe there’s a larger majority that don’t care about this all that much. Sure, they want to make sure that the PHR uses proper security in their system. They also don’t want their individual data sold, but I expect a large user base doesn’t really care if aggregate healthcare data is sold in order for them to get a product that provides value to them.

In fact, this highlights the real problem with PHR software generally. To date, the PHR has offered little value to the patient. This is the primary obstacle to patient PHR adoption. I’ve hypothesized previously a couple things that could change that patient value equation: physician interaction in the PHR and paper work completion.

The real problem with PHR software is providing the patient value, not ads or sold patient data.