Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Google Health Announced – Kind of

Posted on February 28, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Well, my prediction that Eric Schmidt would announce Google Health at the HIMSS08 conference were pretty close. From what I’ve read so far, that’s all he really talked about. I’m still waiting to see my contact that was able to attend HIMSS to see his thoughts on what was said. Sounds like he mostly reiterated what we already knew. A few interesting points:

-Google Health will not contain ads (although I bet that won’t stop them from using the information to target the ads it shows you other places)
-Eric Schmidt repeatedly said no data would be shared without the consumer’s consent (unless of course some hacker finds a way around Google’s security measures)
-1,370 volunteers at the Cleveland Clinic are beta testing the application
-Portability is the key (we heard that this was a form of CCR, but if it requires consent are people going to go to the effort to make it portable?)

Despite certain privacy questions and fears around Google Health I think that Eric Schmidt made a very good point about the way Google will protect your information from legal cases when he said:

“In the Google implementation, your personal health information will not be given to anyone without their explicit permission, which is not true completely for HIPAA-compliant systems. If we get a subpoena, we always check our judgment as to whether the subpoena is narrow enough. If we think it’s a fishing expedition, we will fight it in court. That has worked well for us so far.”

The battle of PHRs by Google Health and Microsoft HealthVault have begun. While I love to see the big players participating in healthcare, I’m not sure they’ve figured out the right motivational drivers that will make this a smashing success. It wouldn’t surprise me if in a few years we hear stories about a life being saved because of proper information and how even one saved life is worth it.

The biggest disappointment: No announcement about when we can get in and try it out ourselves.

UPDATE: Techcrunch think that whoever cracks the healthcare nut will have a huge new market. I don’t see it ever cracking. Marissa Mayer talks about Google Health on the Official Google Blog.

More Google Health Fodder – Cleveland Hospital Starting First

Posted on February 22, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The AP had a story today that told about a pilot project using a Cleveland Hospital to test out the anticipated Google Health. Here’s an excerpt from the story:

The pilot project announced Thursday will involve 1,500 to 10,000 patients at the Cleveland Clinic who volunteered to an electronic transfer of their personal health records so they can be retrieved through Google’s new service, which won’t be open to the general public.

I’ve covered Google Health a number of times on this blog and I still wonder what Eric Schmidt is going to say at HIMSS next week. I can’t imagine him not speaking about Google Health at that time. The question is how much will he actually say.

Many people are afraid of what it means for Google to have our Health information. It looks like they won’t have to comply with HIPAA requirements at all. Other people are scared that Google Health will just help Google to offer targeted Viagra (or other drug) ads.

I’m not personally as concerned as most people with Google having health information. However, it is definitely something we’ll have to watch and see how the public accepts it. The AP article described the type of content Google Health will contain:

Each health profile, including information about prescriptions, allergies and medical histories, will be protected by a password that’s also required to use other Google services such as e-mail and personalized search tools.

Too bad most doctors don’t care about Google Health and will probably never use it.

EMR and EHR Software and Dragon Naturally Speaking

Posted on February 19, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In a recent comment, Tom Hamilton from KnowBrainer software sent some interesting insights about using Dragon Naturally Speaking. His observation about more and more physicians using Dragon Naturally Speaking with their EMR or EHR is very true. I expect this trend to continue for quite a while. I don’t know how many times doctors have asked me for this ability. Unfortunately, it is like any software program and takes some getting use to, but those that do get use to it seem to really love it.

Here’s what Tom sent me. I hope it’s valuable for those looking at voice recognition with their EMR or EHR. I always welcome guest posters who want to post information like this to my blog. If you’re an expert at something related to EMR, EHR, or other Healthcare IT related topics, then let me know if you’re interested in being a guest blogger.

EMR Software and Dragon NaturallySpeaking are being utilized together in more practices and by more physicians every year. In light of that fact I would like to offer this information to the curious.

1. If you’re using Vista you should have 3-4 GB of RAM. For an XP platform you will require 2 GB of RAM. The software will run on less but won’t be very as effective.

NOTE: If you’re looking at buying a new computer to use with DNS I would consider looking at ASUS computers. Regardless of what system you by, you want a Core2 Duo 2 GHz or better CPU speed, 2 GB of RAM an XP platform (3 GB on Vista), 2 – 4 MB of L2 cache, a SATA hard drive of at least 100 GB although you may be able get 160 for about the same price. Your soundcard will be important so go with a mid to high end Soundblaster.

2. Unless you’re using a Soundblaster card don’t depend on the integrated soundcard in your computer as it is probably poorly shielded. Get yourself an external soundcard (USB Pod) and use a USB port on the back of your computer as opposed to the front.

3. Here is a copy of the manual we wrote for version 9. It’s designed as version 9.5 upgrade manual but if you are a new user to DNS you can download a full copy manual at KnowBrainer.com. KnowBrainer Manual

4. Here is a copy of the KnowBrainer Quick Tips which is PDF help file for day to day troubleshooting that is updated all the time from questions answered on our forum.

5. Here is a copy of our DNS 9 Review. I think you’ll find it pretty thorough.

6. For research feel free to use the KnowBrainer Speech Recognition Forum as it is by far the largest and most active of its kind.

7. I know there are quite a few users of NaturallySpeaking version 9 who don’t know about the Free upgrade to 9.5. Then there are some that do but don’t have time to find a path to it and worry about difficulty installing it. You should always use the most updated software especially when it’s free. Version 9.5 consolidates the code between version 9 and 9.1 and contains a few minor tweaks. The main purpose for the upgrade is for Vista compatibility. Here is your path and instructions – DNS 9.5 Update Guide

KnowBrainer, Inc. Support Staff – Tom Hamilton
Now Providing FREE (1st 5 min.) Tech Support 615-884-4558
A Nuance Gold Certified Endorsed Vendor
ALWAYS Ask If Your Speech Recognition Vendor Is Nuance Certified

Thanks Tom for the information. I think I’m going to have to “borrow” the dragon naturally speaking software one of my users cast aside and try it for myself.

Check out the following prices for the various versions of DNS on Amazon:
Dragon NaturallySpeaking 10 Preferred – Currently $151.49 with $50 rebate ($101.49 after rebate)
Dragon NaturallySpeaking 9 Preferred – Currently $92.97
I’m still looking around for the best location to buy Dragon NaturallySpeaking Medical.

Misys to Open Source Its Software

Posted on February 13, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Today I read an article about Misys leading healthcare into open source. I guess I can mostly agree with the idea of them leading into open source, but even Misys is taking baby steps into the open source realm. The article says that it’s going to “open source components of its proprietary Connect Healthcare solution”[emphasis added]. So, I don’t want to completely knock Misys for only making some components open source, but if we’re going to call them a leader in healthcare’s movement to open source then it needs to be more than just components. I think the real leader was VistaEMR (I think that’s it’s official name) was open sourced. Granted, I don’t think they had much choice, but that’s being a leader.

One thing that does look good for Misys is they have “hired Ryan Bloom, a founder of the Apache Portable Runtime project and a major contributor to the Apache HTTP 2.0 project.” I don’t know any specifics about Ryan Bloom, but I can tell you that the Apache open source project is a great one that I believe will power most of the web in the future.

This will be really interesting to watch as it evolves. Open source is now a pretty proven model in other software categories. Will it work for healthcare?

Hosted Fax Applications vs Fax Servers in a Healthcare Environment

Posted on February 5, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Today I got an email asking about whether someone should use a hosted HIPAA compliant fax application or get their own fax server. Here’s the full email (with names removed):

I’m setting up a web based application for administrative work at doctors offices. I want to be able to allow these offices to purchase an electronic fax service that is HIPAA compliant and integrated with my application from me. I have tried to research this and have only gotten more confused. What should I do?

* Should I use one of these internet fax providers through a partnership program where I can brand the product to my own? Are they HIPAA compliant? and how come some of them like smartfax.com charges only $12.95 for unlimited faxing, and someone like sfaxme.com who claims to be HIPAA compliant charges $99.00 for 1000 pages.
* Or should I use some sort of fax server.

Any help would be highly appreciated.

Best Regards,
Name Removed

Some very good questions. I will admit that I’m definitely not an expert on the hosted HIPAA compliant fax server market. I’d love for people to correct anything I’ve said which is wrong. Here’s what I wrote in response to the email:

I can understand your confusion. There are a lot of different options out there. I personally don’t know much about the fax service providers. I knew there were some out there, but I’ve never personally used one myself. I’m not sure I ever would use one at least for HIPAA related information. You’re probably ok if you have a business associates agreement, but here again I’m not a lawyer and laws may depend on which state you’re in.

As far as the pricing difference, I’m sure there are a number of factors, but it makes a lot of sense that a HIPAA compliant fax service would be more expensive than a non-HIPAA compliant service. Not necessarily because the technology is all that different, but because they “should” implement more safeguards to protect your data in order to be HIPAA compliant. Not to mention if a company can claim HIPAA compliant faxes, then they’ll probably charge more just because they can.

I personally prefer the fax server route. They are inexpensive (like $50 or less) and everything is stored in house. If you have a Windows Server 2003 server in your office, then the fax application to keep logs of all your faxes is also free. If you don’t have a server like that, then it will be a little more difficult but a good fax program only costs around $50-100 last I checked.

One thing you should know about a fax server (and probably the fax providers) is that you’ll need to have some sort of scanner to be able to scan things in order to fax them. Unless of course you’re planning to only fax things that are already electronic. Basically a fax server can fax anything you can print. If you can print it, you can fax it with a fax server.

Anything else that I left out about fax servers vs. hosted fax applications that people in healthcare should know?

42 Questions HHS Might Ask in a HIPAA Audit

Posted on February 4, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

This information is a little bit dated, but it was sitting in my draft posts and I think that it’s still very relevant to those interested in HIPAA compliance. Computer World posted an article about Atlanta’s Piedmont hospital being the first organization to have a HIPAA audit by the HHS.

In the report they identified 42 questions that HHS reportedly asked Piedmont hospital during the HIPAA audit. Regardless of how accurate this is, I think that it’s interesting for all those in the healthcare industry to evaluate these questions and how they apply in their environment.

Here’s the list of questions:

1. Establishing and terminating users’ access to systems housing electronic patient health information (ePHI).
2. Emergency access to electronic information systems.
3. Inactive computer sessions (periods of inactivity).
4. Recording and examining activity in information systems that contain or use ePHI.
5. Risk assessments and analyses of relevant information systems that house or process ePHI data.
6. Employee violations (sanctions).
7. Electronically transmitting ePHI.
8. Preventing, detecting, containing and correcting security violations (incident reports).
9. Regularly reviewing records of information system activity, such as audit logs, access reports and security incident tracking reports.
10. Creating, documenting and reviewing exception reports or logs. Please provide a list of examples of security violation logging and monitoring.
11. Monitoring systems and the network, including a listing of all network perimeter devices, i.e. firewalls and routers.
12. Physical access to electronic information systems and the facility in which they are housed.
13. Establishing security access controls; (what types of security access controls are currently implemented or installed in hospitals’ databases that house ePHI data?).
14. Remote access activity i.e. network infrastructure, platform, access servers, authentication, and encryption software.
15. Internet usage.
16. Wireless security (transmission and usage).
17. Firewalls, routers and switches.
18. Maintenance and repairs of hardware, walls, doors, and locks in sensitive areas.
19. Terminating an electronic session and encrypting and decrypting ePHI.
20. Transmitting ePHI.
21. Password and server configurations.
22. Antivirus software.
23. Network remote access.
24. Computer patch management.

HHS also had a slew of other requests:

1. Please provide a list of all information systems that house ePHI data, as well as network diagrams, including all hardware and software that are used to collect, store, process or transmit ePHI.
2. Please provide a list of terminated employees.
3. Please provide a list of all new hires.
4. Please provide a list of encryption mechanisms use for ePHI.
5. Please provide a list of authentication methods used to identify users authorized to access ePHI.
6. Please provide a list of outsourced individuals and contractors with access to ePHI data, if applicable. Please include a copy of the contract for these individuals.
7. Please provide a list of transmission methods used to transmit ePHI over an electronic communications network.
8. Please provide organizational charts that include names and titles for the management information system and information system security departments.
9. Please provide entity wide security program plans (e.g System Security Plan).
10. Please provide a list of all users with access to ePHI data. Please identify each user’s access rights and privileges.
11. Please provide a list of systems administrators, backup operators and users.
12. Please include a list of antivirus servers, installed, including their versions.
13. Please provide a list of software used to manage and control access to the Internet.
14. Please provide the antivirus software used for desktop and other devices, including their versions.
15. Please provide a list of users with remote access capabilities.
16. Please provide a list of database security requirements and settings.
17. Please provide a list of all Primary Domain Controllers (PDC) and servers (including Unix, Apple, Linux and Windows). Please identify whether these servers are used for processing, maintaining, updating, and sorting ePHI.
18. Please provide a list of authentication approaches used to verify a person has been authorized for specific access privileges to information and information systems.

Since most of my interest is in ambulatory care, I wonder if an audit would be this extensive for ambulatory care. Talk about putting a company out of business. This would be an extensive report for a hospital but could be really detrimental to a small doctor’s office. Still interesting to think about.

I expect that no one is fully compliant with this list. Of course, that raises the question of what’s full compliance, but we’ll save that topic for another day.

Choosing an EMR or EHR

Posted on February 2, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I think I’ve written enough speculative posts about Google Health. I decided to turn to something EMR or EHR related.

I’m interested to know how people have sifted through the vast array of EMR and EHR software offerings out there. I personally think we’ve almost reached the peak number of EMR software companies and that soon we’ll start seeing consolidation and less people trying to enter the EMR market. Regardless of that speculation, I’d love to hear the process people used to select their EMR software.

Even more important than the process you used, I’d find it very interesting to know what was the key factor people used to finally select their EMR. Also, what would you have done different if you had the chance to go through the process again?

I have a few of my own thoughts, but I thought I’d put it out their for readers before I clouded your ideas with mine.

Will Eric Schmidt Announce Google Health at HIMSS?

Posted on February 1, 2008 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Today I was preparing a proposal to have my work send me to the HIMSS 08 conference. As part of that proposal I used the list of Keynote Speakers as a little justification as to why this conference would be incredibly interesting and useful for my job.

As I looked over the list I was impressed to see that Eric Schmidt is doing a keynote at HIMSS. Then it dawned on me that HIMSS would be the perfect place to announce Google’s launch into the healthcare industry with Google Health. We know it’s coming or why else would they have put up a Google Health beta page and then taken it down.

Anyone have any inside information that this is the case? If it is, then I’m even more interested in being there to hear the announcement.

If I’m able to make it, then I’ll have plenty to do. I’ll have some great meet ups with many people from the EMR Update forums. I’m sure there will be a meet up of Healthcare IT bloggers like there has been at past HIMSS conferences. I can’t find the link now, but I’m sure I’ll find it if I go. I’ll also be certain to catch up with Naveen and the team at DoctorsPartner. I also told Nick from EMR Update that I’d bring my eee with its built in video camera and make sure to capture some interviews with some people. That would be pretty fun.

Anyone else planning to go to the HIMSS conference?

UPDATE: Neil Versel blogged the following info about Eric Schmidt at HIMSS

As for Google, CEO Eric Schmidt is delivering a keynote at next week’s HIMSS conference, and actually is holding a 30-minute press conference afterwards. The Internet search giant also is throwing a cocktail party next Tuesday, with the theme, “Home is Where the Heart Is.” The invite says, “Come meet the health team at Google and learn more about what we’re working on.” About all I expect to learn from the secretive company is who actually works for Google (I know a couple of people already) and whether the bartender can mix a dry vodka martini.