January 28,2015


The AMA and some 35 other physician professional societies have sent a letter to the ONC requesting changes to the EHR certification process (see: Docs to ONC: Change the EHR certification process). Here's a link to the letter and below is an excerpt from the article discussing it:

An American Medical Association-led coalition of 35 medical societies, stressing "elevated concern" about the certification of electronic health record systems, has sent a letter to National Coordinator for Health IT Karen DeSalvo urging ONC to reevaluate its "current trajectory" and recommending changes to the certification process. The letter, dated Jan. 21, identifies a myriad of problems with the current EHR certification process, including: the lack of necessary security measures to protect patient information; the lack of oversight on the authorized testing and certification bodies; concern that test methods are no guarantee that the systems will perform as expected in production; and fear that the administration is "pushing too quickly" for use of certified EHRs beyond the Meaningful Use program.

Without going into too many details, Meaningful Use (MU) is a key element in the certification process and refers to the set of criteria used to assess the ability of the various electronic health record (EHR) products to achieve the following high-level goals (see: EHR Incentives & Certification)

  • Improve quality, safety, efficiency, and reduce health disparities
  • Engage patients and family
  • Improve care coordination, and population and public health
  • Maintain privacy and security of patient health information

This letter from a broad range of medical organizations is a frontal assault on the federal bureaucracy, the healthcare IT industry, and healthcare IT professional groups like HIMSS. This latter organization, in my opinion, is solidly in the pocket of industry. My notes on this topic go back eight years (see, for example: A Curious Aspect of the HIMSS Registration ProcessHIMSS Describes Itself as a "Trade Association" in a Press Release; Multiple Privileges Extended to Hospital CIOs at HIMSSHIMSS Virtual Conference: Qualifying for a Reduced Fee)

This AMA letter has been the subject of discussion on the Association for Pathology Informatics (API) list server. A comment about MU was posted by Peter Gershkovich, M.D., who is Associate Director, Pathology Informatics at Yale University School of Medicine. It was so relevant to this discussion that I offer is below:

...Meaningful Use,...in my opinion..., ...restricts access to EHR market for smaller companies and shifts focus of development from “what makes sense for the end user” to “what makes sense for the committee”. It complicates modular approaches to systems implementation. Hospitals are incentivized to purchase all-in-one solutions with their inherent limitations: overblown costs, restrictive workflows, stalled innovation, lack of flexibility essential for clinical research, and inability to quickly replace poorly designed blocks or the entire systems. Epic scale of such systems may lead to failures of epic proportions.

He's right, of course. Like most governmental regulatory activity, the certification and MU requirements create an environment highly favorable to the largest EHR companies that have large business units to attend to regulatory affairs. In so doing, the process reduces competition. We are left with mega-EHRs that often provide inadequate functionality from the physician perspective and can lead to mega-system failures (see: What's Really Wrong with EHRs: Beginning a Deep DiveOn the Future of EHRs: A Continuing Deep Dive). There is a revolution brewing in terms of physician opposition to the deployment of EHRs, bolstered by the flawed government certification program. The AMA letter is simply another milestone in the declaration of the discontent of physician EHR users.


Topol_bookEvery once in a while, a book hits upon a convergence of science, technology and society in ways the existing incumbents are not at all ready to hear. To them, it might sound like someone describing a dream. Marshall McLuhan’s work in the 60s on media and culture come to mind and technology, as do business, and innovation authors such as Kevin Kellyl and Clay Shirky. These are the writers who seem to be more than 80% right if you allow a few years for the trends to play out. Their forward-thinking ideas eventually play a large part in changing the mindset of the incumbents. I see Eric Topol’s latest book, “The Patient Will See You Now: The Future of Medicine is in Your Hands” as firmly planted in this group of trend-spotters. It can’t be fully appreciated in the present.

Our “health care future is here, but it’s not evenly distributed,” as author William Gibson may have said.

From the perspective of current health care practitioners, the future that’s happening now looks like a distant planet, light years away. As evidence from some of the predictable early reviews of the book perhaps nowhere is the future less evenly distributed than health care. Physicians (and likely a lot of health technology vendors) don’t see or recognize many of the changes taking place. In health care, after all, there’s an often-cited 17-year adoption rate of new innovation.

If this were under normal circumstances it still may take a while to get dramatic industry-wide change, but this is not internal change. Change is coming from outside, from patients and digital innovators. At a time when big tech innovators like Google are investing in outer space, this kind of innovation seems overdue for health care.

The connectivity and democratization of health information – the prerequisites for Topol’s health care future – has already started. With this new information, patients and caregivers are, at the same time, driving significant improvements in care and care delivery as the medical establishment. Consumers don’t need 17 years to adopt new tools and to develop new solutions when they are both the developers and adopters. Topol cites several examples of people taking their data and their technology into their own hands, from the 3D-printing tumors of to help their physicians gain a better view, to Angelina Jolie’s very public BRCA saga and taking preventative actions in consultation with her physician.

The disruption Topol sees for health care is not unlike the disruption MacLuhan saw for media, and Topol leans appropriately on McLuhan’s work early on to set the tone for the remainder of the book. Tech innovation will change the fabric of medicine and society’s relationship to their health care in the same way it changed our relationship to media.

Topol’s latest is a must-read for anyone interested in the future of health care and what risks and opportunities are on the horizon. There are fundamental trends that will make this happen, although it’s admittedly hard to predict when it will occur. This is perhaps the first and best book to date about the dramatic social changes technology is driving in health care. The technologies are changing traditional relationship dynamics between various stakeholders in health care. We are entering the age of “Do It Yourself” health care, smart phone care, retail care and cloud-based care. These changes are as disruptive to medicine as eCommerce and MegaStores have been to retail.

If you have an interest in the technological, social, science and business futures of health care, go read #TPWSYN with an open mind and think about how value will be generated in this new world and our privacy and our ability to live freely can be protected while managing more and more of our own health. Putting these tools to use could save your life or the life of someone you love.

8 Key Takeaways

1. Medical costs are largely about location, time and people. Intelligent networks will allow place, time and people to become more distributed.

Tech will change how and where medical intelligence will live. It will become distributed in the cloud, within connected communities, and at our fingertips in evolving ecosystems of smart phones and sensors (IoMT or Internet of Medical Things, as Topol calls them). These networks will able to access and apply the knowledge in the world and at the bedside. Kevin Kelly is calling the act of putting intelligence into things “to cognify.” We’ll see much of our world become distributed and “medically cognified” in the years to come.

2. Democratization of medicine means the end to paternalism.

Democratization of health data, health information, and sensors means the democratization of care and an end to much medical paternalism, which has largely existed because of knowledge asymmetries. With the end of these asymmetries, the relationship will undergo a change from patient as kind of object to patient as COO. As Topol notes, just as the Gutenberg’s printing press upended many institutions of the time, so too will the spread of medical knowledge upend many current institutions.

3. Democratization will lead to more Peer-to-Peer (P2P) medicine.

Networks can connect people and devices in ways that make the whole smarter than the sum of it’s parts. Patients can connect to patients who have shared problems and can share solutions, such as with the FLHCC community Topol describes that worked with researchers to find the cause of this rare cancer. People can connect images to 3D printers and monitor their ECG from across the globe. These networks of P2Ps of many varieties will continue to shake up the medical community and find solutions to difficult problems, solutions that would otherwise be expensive, rare or underfunded.

4. Because of the democratization of medical knowledge, innovation will come from all sorts of new places.

People with medical problems have the time, the resources and the incentives that the medical establishment doesn’t have. Jack Andraka is now famous ag a 16 year-old high school student that came up with a novel approach to detecting pancreatic cancer. Kim Goodsell and others are were able to diagnose complex medical conditions that their physicians could never have time to figure out. The surplus of open knowledge and information (including big data and open access) will soon combine to allow innovation to spring from new places. In fact, it already has.

5. The open health movement, patient-centered care, and value-based payments are inextricably linked.

Topol devotes an entire chapter in the book to the open movement. At the core of the issue is a whole new group of people, patients and caregivers, need to have access to information – code, data, research and more – to make the best decisions. Better decisions by all players will make value-based payments successful. As I write this, Bill Clinton just committed to “open source health care” and the White House has issued new goals and guidelines around value-based payments in Medicare. Want to accelerate better decisions and success under these new paradigms? Open more access to more information resources.

6. Medical education is near-turmoil.

Medical education and knowledge will also be democratized and upended. Massively Open Online Medical Education, MOOM, as Topol calls it, may be the answer, but medical education is in turmoil. There are few digital health courses or care delivery courses in medical schools in the United States. If physicians are to continue to stay relevant, they’ll need to become as adept with these tools, and in delivering care through them, as their patients soon will be.

7. Patients may ultimately be better at understanding risks than many physicians.

In a world where, as Topol notes, nearly everyone with elevated cholesterol gets Lipitor, and mammograms find 100x more false positives than tumors, we may need a reboot of our understanding of costs and risks. The ones bearing the risks and the costs may want to have a larger voice. It’s all too easy, even with good intentions, for physicians to say, “do more,” because the risks for physicians is almost always doing too little. For the patients, doing less may be a much lower risk option, and with more data and more democratization, we may get a better handle on those risks.

8. There are risks, of course.

Just as we have networks like Google and Facebook that are virtual monopoly on our online selves, we face the same risks in our health future where identity and computing power could be controlled by a small few. We’ll have to be vigilant to keep the whole system open and balanced with privacy and security for all.

All the right notes, but…

Overall, Topol hits on all the right notes. Just when I thought, “we need to bring social media into this conversation” or “we need to bring the open movement, or costs or security into this conversation,” I would inevitably find a passage or even a chapter on the topic and a great discussion on the next subject. “‘The Patient Will See You Now: The Future of Medicine is in Your Hands” is an extremely satisfying read, offering a phenomenal tour of possibilities.

If there a few things to add to the conversation, I’ll add two.

First, more on how user-experience-driven technology design (not just the design of facilities) will play a role in providing solutions people can actually use to their greatest benefit. These new tools won’t work for everyone. We’ll need technology designers to find solutions to displace bricks and mortar health care, including some stepping stones. Who can help those that can’t help themselves with new tools? Care coordinators, social networks, nurses? I am as convinced as Topol, but we need to recognize that self-care or P2P care won’t work for everyone right away. For others, due to price and geography, these new tools may be the only options.

Second, How policy might accelerate some of these changes? Topol touches on how existing players can adapt in the last chapter, but not much on how we can help deliver this better world. I suspect Dr. Topol sees the changes he describes as inevitable because of basic economics (we’ll get more, better outcomes for less). Still, security and privacy (which Topol discusses, but there are no easy solutions here) may be roadblocks. Also, there are many perverse incentives and difficult design challenges along the way that will keep us from getting to high-quality tech-enabled care at a reasonable price. In fact, the “Obamacare 2.0” as Vox recently put it, is a proposal to accelerate pay-for-quality reimbursements may be part of the solutions.

Still, this is not that kind of book. It’s not a design or policy book. It’s about potential, a catalytic substrate for what will happen very soon as patients become central to health care and the democratization of health data comes to fruition. As Topol points out at the end, each of us could have a role toward tipping medicine toward a much brighter future. Let’s each do our part to make it a better health care world.

Categories: News and Views , All

Value based payments.  Value based care.  Meaningful  use.  Is there a place for an independent doctor in a suburban location?  This article says that these and all the technology to go with them along with physician acceptance is “Inevitable”.

I have four physicians.  I don’t see a place for them long term.  My first is my Internist.  A few years ago he was given a cell phone as a gift.  It does all he will ever want.  If it rings, he answers it.  If he has to make a call, he dials the number.  He has no computers in his office.  All his files are paper.  As a Doctor he is recognized as one of the best in the state. EHR is not in his future.  Phones, fax, copier suit him just fine.  The article that raised these questions for me was a report from Deloitte.  You might end up with some of the same questions after reading it. 

My second physician has been using EHR for as long as I have known him.  He has 2 offices and four other doctors working for him.  He needs the technology.  He hates it, upgrades only when he has to and would never do it again.  He is also recognizes as one of the best in the state.  His daughter is now in her residency and will join him next year.  My gut feel is that in 3-4 years he turns the business over to her, let’s her worry about it and sails off into the sunset.

My radiation oncologist was great.  He treated me 8 years ago.  My last visit with him was 4 years ago.  The company he worked for terminated him for not generating enough revenue.  His waiting room was always filled but with little to no wait.  His staff was great and could have easily made more money by moving to a large city.  They, like he, enjoyed the suburban life.  All were dumbfounded when he was terminated.  They also learned that for this big city practice, profit was the only incentive.  He’s in FL now, out in the sticks and owns his own practice.

Doctor #4 is a general surgeon.  He is probably the only one that could/would survive in the “inevitable market”.  His office is at the medical arts building at the local hospital.  There are 3 other surgeons in his practice.  He has a fairly up to date computer system,  though not in his location and not compatible with the hospitals new system.  I know that his definition of value based anything and mine differ.  On my last visit he kept me waiting for 45 minutes because lunch went longer than scheduled.  He’s all business.

For 3 of these 4 I see the choice of conforming and or selling out.  They are all rated in the top 25 physicians in the state.  They are not going to increase their patient base to increase revenue.

I am sure that Doctor #4 will succeed. He is all and only business.  He holds the purse strings for his practice and has absolutely no problem in spending whatever it takes for technology to increase profit.  As long as he doesn’t have to use it.

The area that I live in is not unique The hospital‘s area of reach is a bit under 60,000.  As part of that is a resort area, add another 10K for the summer months.  Is there a future for physicians like this?  If so, what will they need to do to stay viable?  Hire a business manager?  More nurse Practitioners?  Sell, retire or join together a form their own physician groups?  Any thoughts?

HIMSS UK3 - 4 March 2015, London, UK.
A world-class learning and networking opportunity will come to London's Olympia this March bringing together the latest e-Health innovations with those who commission, implement and use them on the frontline.
CarestreamHans Bossink, an experienced medical and healthcare leader, has joined Carestream as Regional General Manager, Europe. He brings a strong knowledge and understanding of the healthcare technology market together with extensive sales management expertise.
TunstallA new technology partnership is leading the way in supporting people with learning disabilities and autism to lead more independent and fulfilling lives. Not-for-profit support provider Dimensions is working with Tunstall Healthcare to provide personalised support through home technology.
This appeared a few days ago.Tony Abbott promotes Malcolm Turnbull to take charge of e-governmentDate January 23, 2015 - 3:29PM James MassolaPolitical correspondentPrime Minister Tony Abbott has bolstered Malcolm Turnbull's ministerial duties, handing him greater responsibility for e-government in a push to expand the use of a single digital identity for Australians.Mr Turnbull and Mr Abbott on Friday announced the creation of a new Digital Transformation Office, made up of developers, designers, researchers and content makers.  It will work like a start-up and look to expand the use of the MyGov site across federal, state and local governments and potentially deliver big savings for the budget bottom line.The establishment of the new digital office is designed to resolve the messy division of responsibilities between several departments, including Finance and Mr Turnbull's Communications Department, for e-government services.In an interview with Fairfax Media, Mr Turnbull...

This is the initial part of the post - read more by clicking on the title of the article. David.
Categories: MedTech and Devices , All

January 27,2015

HealthBlog readers, and even those who don’t read HealthBlog, know that I am unabashedly a fan of the Microsoft Surface Pro 3. As I have proclaimed here before, my Surface Pro 3 is the best computing device I have ever used. I don’t say that lightly,...(read more)
Source: HealthBlog

As you may know, I am a member of the advisory board of Health eVillages. Every so often, the organization does something extraordinary, and I want to share one of those moments here. Actually, I want to share two.

In December, Health eVillages Founder Donato Tramuto, CEO of Physicians Interactive, won a tremendous honor, a 2014 RFK Ripple of Hope Award, from the newly renamed Robert F. Kennedy Human Rights organization. (The other three honorees were three nobodies named Robert De Niro, Tony Bennett and Hillary Clinton.)

Today, Health eVillages released this bit of news:

Health eVillages Raises Funds to Expand Rural Hospital in Kenya

New wing will help Lwala Community Alliance (LCA) to further reduce infant and maternal mortality rates

READING, MA – (January 27, 2015) -Health eVillages, a program of the not-for-profit Robert F. Kennedy Human Rights organization and Physicians Interactive, announced today that construction has started on a new wing to expand the first hospital in Lwala, Kenya, as well as housing for clinicians and their families.

The announcement, made by Health eVillages Founder Donato Tramuto, builds on the success of a partnership with Lwala Community Alliance (LCA), a local health and development organization.

“In just four years, the early infant mortality rate has been cut almost by half in our area,” said James Nardella, LCA’s Executive Director. “With the help of partners like Health eVillages, skilled delivery rates have rapidly increased. In 2010, only 26% of births were attended by a trained nurse. That has risen to 96% with the wonderful assistance of Health eVillages.”

He continued, “The expansion of our maternal health facilities and housing for our clinicians and their families will immediately improve the outcomes for more Lwala mothers and their babies, while creating local employment opportunities for Kenyan nurses and other clinical professionals for years to come.”

The rapid expansion was made possible by the success of Health eVillages’ partnerships and the financial support of nearly 100 private donors, including Physicians Interactive.

When it is completed, the 1,500-square-foot wing will add 12 beds to the rural hospital, two exam rooms for outpatient visits, full separation of the well-child visit area from sick-patient areas, and separate men’s and women’s in-patient wards. The wing will also offer new laboratory space with specialized rooms for blood drawing, sterilization and microbiology, as well as a new space for HIV client counseling.

Health eVillages also is adding eight housing units with more than 6,000 square feet of living space, so LCA’s clinical staff can be immediately available on-site during emergency care situations.

The majority of the caregivers at the hospital are with the LCA, a Health eVillages partner whose mission is to advance the health and well-being of people living in the rural region in Western Kenya. Founded by Milton and Fred Ochieng’, US-trained physicians who are natives of Lwala, the Alliance’s first major project was the completion of the Erastus Ochieng’ Memorial Lwala Community Hospital. Initially conceived as a facility to treat HIV/AIDS patients, over time the hospital has expanded to include multiple public health services, including services to pregnant women.

The LCA’s community health workers recruit and enroll women of reproductive age in Migori County through its Safe Babies program to participate in the entire continuum of prenatal, maternal, neonatal and child healthcare services. Health eVillages currently helps fund prenatal and postnatal immunizations as part of the program. It also provides mobile handheld devices (from Physicians Interactive) to the LCA’s 80+ community health workers and the hospital’s clinical staff, as they work to improve primary and preventive healthcare throughout the region.

“It is incredibly gratifying to watch this successful facility grow, knowing that the additional space will give more babies in Lwala a healthy start to life, which every mother in the world wants for her child,” said Tramuto, who is also the Chairman and CEO of Physicians Interactive and the recipient of the 2014 RFK Human Rights Ripple of Hope Award. “It is a testament to the LCA’s hard-working caregivers that the demand for their services is only increasing as families throughout Migori County witness the significant decline in infant and maternity mortality rates in their community.”

About Health eVillages

Health eVillages, a program of the not-for-profit Robert F. Kennedy Human Rights organization and Physicians Interactive, provides state-of-the-art mobile health technology including medical reference and clinical decision-support resources to medical professionals in the most challenging clinical environments around the world. For more information about Health eVillages, please visit http://www.healthevillages.org/. 

About Physicians Interactive

Headquartered in Reading, MA, PI aspires to use the power of worldwide networks of healthcare professionals and life sciences companies, together, in ways that will change the practice and business of medicine for the better. PI’s value proposition is to offer the life science industry a low-cost, virtual, multichannel marketing approach that can be used to supplement currently promoted products, as well as non-promoted and orphaned products, that deliver benefits to physicians and patients. A key focus is providing services that fit into physicians’ and healthcare professionals’ daily workflow at the point-of-care, when they make diagnosis, treatment, and prescribing decisions. More information can be found at www.PhysiciansInteractive.com.

# # #

It’s more proof that mobile devices can have a positive effect on health pretty much anywhere in the world.



Allow Don't Allow

How will my “Personal Information” be used?

One of the most annoying emails in my inbox is from a digital address app. Emails come from people I do not know asking me, via the app, to “update my contact information”.

Let’s take a look at the app’s privacy policy. It says, “We may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that is transferred. Also, if we are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information would be one of the assets transferred to or acquired by a third party.” (Emphasis mine.)

This clearly states that “Personal Information” can be given or sold to a third party, but emails from the app tout that information is private. I never directly shared my email information with the sender, although there are numerous ways the sender or the app may have gotten my email. But I do not have a relationship with the sender or the app.

Without a relationship, there can be no trust.

The Issue: We Need a Trust Revolution

At the 2015 World Economic Forum Annual Meeting in Davos, a session in the Future of the Internet track was, “In Tech We Trust”.

“The digital revolution needs a trust revolution. Huge shifts are occurring as the world moves towards comprehensive information sharing via social media, cloud computing and big data. Systems of record (such as email) have become systems of engagement (such as social media) and are now moving towards systems of intelligence (data analytics). However, this progress cannot occur unless customers trust how their data is used. The challenge: more than 90% of consumers feel they have lost control of their data.”

Recent Privacy Concerns in Healthcare

Before I write a post for HL7standards.com, I generally have read and collected quite a few articles on a particular topic. My “Consent of the User” list was overflowing. I am going to limit this post to three timely concerns in healthcare: Healthcare.gov, “matchbacks”, and 23andMe.


In case you missed it, Healthcare.gov was saving personal health data in referrer URLs from people using the system. This personal health data was also being shared with “third parties”, at least 14, according to the Electronic Freedom Foundation:

EFF researchers have independently confirmed that healthcare.gov is sending personal health information to at least 14 third party domains, even if the user has enabled Do Not Track. The information is sent via the referrer header, which contains the URL of the page requesting a third party resource. The referrer header is an essential part of the HTTP protocol, and is sent for every request that is made on the web. The referrer header lets the requested resource know what URL the request came from. This would for example let a website know who else was linking to their pages. In this case however the referrer URL contains personal health information.

According to MEDCITYNews, “At first, the administration defended the current standing of privacy standards, but advocates and lawmakers became very vocal and demanded changes.”




According to Bloomberg News, “matchbacks” are a little known process of assigning patients unique codes based on their prescription drug records. Marketers can then send tailored Web ads to patients.  Federal regulators were not aware of this practice when contacted by Bloomberg News. It may be legal, but many do not consider it ethical. According to Bloomberg, matchbacks were also not addressed in privacy policies.

De-Identified, Anonymous and Confidential Have Different Meanings

Just because data are de-identified, that does not mean anonymous. Most people do not realize that de-identified, anonymous, and confidential all have different meanings, especially when it comes to research, which brings us to 23andMe.


What could be more personal than your DNA? One of the most confusing and ever-changing privacy policies is 23andMe.  The company recently announced tens of millions of dollars in deals with pharmaceutical companies for research. In Medium, Dr. Eric Topol asks, “Who Should Have Access to your DNA?”  He says that critics are now questioning whether customers really understood what they were consenting to at the time of their saliva data collection, “We are moving into the big data-per individual era (with your very own ‘Google’ medical map), and we have not yet established any model for the rightful ownership of all this information.”

Opt-In vs. Opt-Out

Vendors and apps often say that you can always opt-out. However, most people prefer a choice to opt-in. If technology wants to build trust, opt-in will need to be the model.


A Set of Universal Principles for Data Protection

At the WEF Annual Meeting, a set of universal data protection principles was called for.

  • First, “consent” must always be requested and granted.
  • Second, how personal data is used must be fully “transparent.”
  • Third, heightened “accountability” must accompany higher levels of data access.

Is the Enterprise Cloud a  Model for the Consumer Cloud?

Marc Benioff of Salesforce believes the enterprise cloud should be a model for the consumer cloud. Healthcare is said to be Salesforce’s next billion dollar initiative. Here’s what Marc shared at WEF in Davos:
“We all have to step up to another level of transparency, especially the vendors. So whether you are an enterprise vendor or a consumer vendor, we all need to open up a lot more to be able to say exactly where is the data, what’s going on with the data, who has the data, and if there’s a problem with the data – a security problem or some other issue with the data – immediate disclosure, complete and total transparency. No secrets. Because only through that transparency are we going to get to a higher level of trust. That is not where we are today.
“We’re the enterprise cloud. Our customers are the GEs, the Philips, the BMWs, it’s their data. We can’t do anything without our customers saying what we can do. It’s their data. They tell where they want it, how they want to use it, what applications are using it. We can’t see it, the data is black to us, it’s encrypted. But that very much is a model from where the consumer companies are going to have to go. Enterprise companies can’t do anything without their customers saying it’s okay. That’s our agreement with our customers that we sign with them. In the consumer world, you don’t know what’s going on, and that is going to have to change. Total disclosure is critical.”


Marissa Mayer was also part of the WEF panel. (Yahoo’s privacy policy was criticized by Bloomberg News regarding matchups in the above-mentioned story.) Here’s what she had to say from Davos:
Trust is about weighing trade-offs – how much privacy do I have, how secure do I feel – what are the benefits I get, in exchange for that? You need to afford the individual trace and control. The user’s own their data. They should be able to examine it, take it with them, bring it to other sites, bring it to other vendors that they trust more. Basically, have a system and a market that helps people make these trade-offs and these decisions. But they should have control over how they use the system, or whether they use the system at all. People have trouble making some of these trade-offs because the vendors are not being transparent enough, not providing enough controls and choice.”

Beneficent Apps

Tim Berners-Lee said that at MIT they are working on a new architecture for how we store data, and proposed “Beneficent Apps.”

Is what I am doing beneficent? Basically, is it good for users? Suppose we have a brand, this is a beneficent app, that means while I am writing the app, you are going to pay me for the app, and I am going to think about what you want. That’s the business model we are going to see.

Terms of Service, Privacy Policies

The moderator of the WEF panel, Nick Gowing, said the that Terms and Conditions are not the small print, “Terms and Conditions, No, that’s the Big Print.”

Terms of service and privacy policies may not identify what third parties can do with data. So even if you trust an app or service, you may not know what a third party can do with your data. This will become increasing important with the growth in consumer health data that is not necessarily patient data. In a world of convergence, the Internet of Things, wearable technologies and integrated health app platforms, we need to build with consent of the user.

Consent means, we won’t use your data for any other purpose, unless you approve it.

Categories: News and Views , All

Today we held the first ever #HITMC (Healthcare IT Marketing and PR Community) Twitter chat. The turnout for the chat was amazing and it was so active I don’t think anyone could keep up. That’s pretty amazing for a first time chat. In case you missed it and are interested in health IT marketing and PR, here’s my tweet that links to the transcript:

I’m particularly interested to look back at the answer to question 3 on the chat which talks about the tools that people use to make their lives easier.

Here’s a look at the stats for the first HITMC chat:

All of this tells me that I should have started this twitter chat sooner. It’s amazing how a Twitter chat can really bring a community together. Plus, it always leads to interesting new connections that wouldn’t have happened otherwise. Tomorrow I’ll be participating in another new Twitter chat that’s focused on Health Information Governance. If that topic interests you, be sure to join us on #InfoTalk at Noon ET on January 28th.

We’re also 5 days away from the end of Early Bird Registration for the Health IT Marketing and PR Conference. Register now and save $500 off the registration price. Plus, as a reader of EMR and HIPAA, use the promo code “emrandhipaa” and you’ll save an extra $100. We’ve just started uploaded the speaker profiles for those who will be speaking at the event. It’s going to be a fantastic 2+ days of the best in healthcare IT marketing and PR. I can’t wait!

For those not interested in the above topics. Tomorrow we’ll be back with our regularly scheduled programming.

IBMIBM (NYSE: IBM) is working with Diabetizer, a German-based healthcare technology company, to leverage IBM's open platform-as-a-service, Bluemix to build and deploy a first-of-its-kind, cloud-based application that improves care for diabetes patients around the world.
PhilipsRoyal Philips (NYSE: PHG, AEX: PHIA) has reported Q4 sales of EUR 6.5 billion and operational results of EUR 743 million. Healthcare comparable sales were 3% lower. The EBITA margin, excluding restructuring and acquisition-related charges and other items, was 14.8%, down from 19.0% year-on-year.
Looking back at 2014 it seems to be clear that as far as e-Health is concerned it has been largely a wasted year as far as the national initiatives - such as the Personally Controlled Electronic Health Record  (PCEHR) - have been concerned. It seems to me there is at least some small hope things might just be a little different in 2015.Despite all the propaganda that tends to be encountered from Government and its agents the goal of ‘e-Health’, or what might be better termed Health Information Technology Deployment and Use, is to safely and securely provide relevant health information to those who need it for decision making in the care of and support of patients. This can be via the provision of record keeping systems for patient information as well as a range of information communication and sharing systems which make available at health information where it is needed with security, integrity and privacy.In 2010 ,for reasons best known to Ms Nicola Roxon, the then Health...

This is the initial part of the post - read more by clicking on the title of the article. David.
Categories: MedTech and Devices , All

January 26,2015


I have always thought that hospitals, as stewards of abundant genotypic and phenotypic patient information, could perhaps partner with pharmaceutical companies in identifying patients for clinical research projects. A key concern of mine, however, has always been how this could be accomplished without impinging on patient privacy and security rights. A recent article raised this issue and I provide an excerpt from it below (see: Does 23andMe Deal Mean Medical Centers Are Sitting On Data Worth Millions?):

Are academic medical centers (AMCs) sitting on troves of data that could provide researchers insight into disease, jump start pharmaceutical efforts to develop cures – and potentially generate millions of dollars of revenue in the process? That’s the question many AMCs are sure to be asking this week, following Genentech’s announcement...that the South San Francisco-based biotech will pay 23andMe $60M ($10M upfront, plus $50M if certain milestones are met) for access to genetic and phenotypic data collected by 23andMe, with particular focus on the 12,000 patients with Parkinson’s Disease, and 1,300 parents and siblings.  Herper reports 23andMe have data on 800,000 customers in all, about 600,000 of whom have agreed to donate their data for research. The 23andMe data are especially useful for researchers because of its size and because the patients are re-contactable....Consequently... the 23andMe data trove “is much better than the vast majority of academic equivalents.”....

[In] early 2014, Tarrytown, NY-based Regeneron Pharmaceuticals ...and Geisinger Health System, headquartered in Danville, PA, initiated a collaboration, where Regeneron would sequence samples from consented Geisinger patients, creating opportunity for both organizations to leverage genomic and EMR-derived data....(see: Regeneron and Geisinger Health System Announce Major Human Genetics Research Collaboration) There are a number of questions emerging here: First, are datasets comprised of rich phenotype plus genotype information actually valuable....The honest answer at this point is that nobody knows....If new data can help pinpoint targets or suitable patients, or can help a company avoid a tempting dead end, then the effort could pay for itself quickly. ....Second, how could integrated datasets be more powerful....For instance, how rich or detailed should the genetic data be?  What about EMR data, which are notoriously difficult to extract – how do you organize this information....? 

The fact that Geisinger Health has cut a deal with a pharmaceutical company caught my attention since I view it as one of the most innovative health systems in the country. Here is a brief quote from a Regeneron press release discussing some additional details about this collaboration (see: Regeneron and Geisinger Health System Announce Major Human Genetics Research Collaboration): 

During the initial five-year collaboration term, Geisinger plans to collect samples from more than 100,000 consented patient volunteers, while Regeneron, through its wholly-owned subsidiary, Regeneron Genetics Center LLC, will perform sequencing and genotyping to generate de-identified genomic data....The collaboration will benefit from Geisinger's state of the art sample collection and storage capabilities, the MyCode biorepository, and extensive electronic medical records.  Regeneron has built a team and an infrastructure to support sequencing and genotyping over the term of the collaboration.  Regeneron intends to use its translational research and functional biology capabilities, including its VelociGene technology, to validate observed human genetic associations.

The Geisinger project is very interesting in that it involves Geisinger personnel collecting samples prospectively from 100,000 consented patient volunteers. The Geisinger MyCode biorepository project is a large scale biobanking initiative integrated with its EHR. It's not clear whether Geisinger will mine retrospective clinical data from its EHR relating to its patient volunteers or such data on a prospective basis. What is abundantly clear from this news is that a major health system is embarking on a large scale genomic research project with a pharmaceutical company using patient volunteers. The goal is undoubtedly to better understand the genetic basis of disease and also generate intellectual property for Geisinger. In this era of reduced reimbursement for healthcare services, this seems like a suitable goal as long as no patient rights are infringed upon, which I anticipate will be the case.


Stephen Claypool, M.D., is Vice President of Clinical Development & Informatics, Clinical Solutions, with Wolters Kluwer Health and Medical Director of its Innovation Lab. He can be reached at steve.claypool@wolterskluwer.com.
Stephen Claypool - WKH
Three-week-old Jose Carlos Romero-Herrera was rushed to the ER, lethargic and unresponsive with a fever of 102.3. His mother watched helplessly as doctors, nurses, respiratory therapists and assorted other clinicians frantically worked to determine what was wrong with an infant who just 24 hours earlier had been healthy and happy.

Hours later, Jose was transferred to the PICU where his heart rate remained extremely high and his blood pressure dangerously low. He was intubated and on a ventilator. Seizures started. Blood, platelets, plasma, IVs, and multiple antibiotics were given. Still, Jose hovered near death.

CT scans, hourly blood draws and EEGs brought no answers. Despite all the data and knowledge available to the clinical team fighting for Jose’s life, it was two days before the word “sepsis” was uttered. By then, his tiny body was in septic shock. It had swelled to four times the normal size. The baby was switched from a ventilator to an oscillator. He received approximately 16 different IV antibiotics, along with platelets, blood, plasma, seizure medications and diuretics.

“My husband and I were overwhelmed at the equipment in the room for such a tiny little person. We were still in shock about how we’d just sat there and enjoyed him a few hours ago and now were being told that we may not be bringing him back home with us,” writes Jose’s mother, Edna, who shared the story of her baby’s 30-day ordeal as part of the Sepsis Alliance’s “Faces of Sepsis” series.

Jose ultimately survived. Many do not. Three-year-old Ivy Hayes went into septic shock and died after being sent home from the ER with antibiotics for a UTI. Larry Przybylski’s mother died just days after complaining of a “chill” that she suspected was nothing more than a 24-hour bug.

Sepsis is the body’s overwhelming, often-fatal immune response to infection. Worldwide, there are an estimated 8 million deaths from sepsis, including 750,000 in the U.S. At $20 billion annually, sepsis is the single most expensive condition treated in U.S. hospitals.

Hampering Efforts to Fight Sepsis

Two overarching issues hamper efforts to drive down sepsis mortality and severity rates.

First, awareness among the general population is surprisingly low. A recent study conducted by The Harris Poll on behalf of Sepsis Alliance found that just 44% of Americans had ever even heard of sepsis.

Second, the initial presentation of sepsis can be subtle and its common signs and symptoms are shared by multiple other illnesses. Therefore, along with clinical acumen, early detection requires the ability to integrate and track multiple data points from multiple sources—something many hospitals cannot deliver due to disparate systems and siloed data.

While the Sepsis Alliance focuses on awareness through campaigns including Faces of Sepsis and Sepsis Awareness Month, hospitals and health IT firms are focused on reducing rates by arming clinicians with the tools necessary to rapidly diagnose and treat sepsis at its earliest stages.

A primary clinical challenge is that sepsis escalates rapidly, leading to organ failure and septic shock, resulting in death in nearly 30 percent of patients. Every hour without treatment significantly raises the risk of death, yet early screening is problematic. Though much of the data needed to diagnose sepsis already reside within EHRs, most systems don’t have the necessary clinical decision support content or informatics functionality.

There are also workflow issues. Inadequate cross-shift communication, challenges in diagnosing sepsis in lower-acuity areas, limited financial resources and a lack of sepsis protocols and sepsis-specific quality metrics all contribute to this intractable issue.

Multiple Attack Points

Recognizing the need to attack sepsis from multiple angles, our company is testing a promising breakthrough in the form of POC Advisor™. The program is a holistic approach that integrates advanced technology with clinical change management to prevent the cascade of adverse events that occur when sepsis treatment is delayed.

This comprehensive platform is currently being piloted at Huntsville Hospital in Alabama and John Muir Medical Center in California. It works by leveraging EHR data and automated surveillance, clinical content and a rules engine driven by proprietary algorithms to begin the sepsis evaluation process. Mobile technology alerts clinical staff to evaluate potentially septic patients and determine a course of treatment based on their best clinical judgment.

For a truly comprehensive solution, it is necessary to evaluate specific needs at each hospital. That information is used to expand sepsis protocols and add rules, often hundreds of them, to improve sensitivity and specificity and reduce alert fatigue by assessing sepsis in complex clinical settings. These additional rules take into account comorbid medical conditions and medications that can cause lab abnormalities that may mimic sepsis. This helps to ensure alerts truly represent sepsis.

The quality of these alerts is crucial to clinical adoption. They must be both highly specific and highly sensitive in order to minimize alert fatigue. In the case of this specific system, a 95% specificity and sensitivity rating has been achieved by constructing hundreds of variations of sepsis rules. For example, completely different rules are run for patients with liver disease versus those with end-stage renal disease. Doing so ensures clinicians only get alerts that are helpful.

Alerts are also coupled with the best evidence-based recommendations so the clinical staff can decide which treatment path is most appropriate for a specific patient.

The Human Element

To address the human elements impacting sepsis rates, the system in place includes clinical change management to develop best practices, including provider education and screening tools and protocols for early sepsis detection. Enhanced data analytics further manage protocol compliance, public reporting requirements and real-time data reporting, which supports system-wide best practices and performance improvement.

At John Muir, the staff implemented POC Advisor within two medical/surgical units for patients with chronic kidney disease and for oncology patient populations. Four MEDITECH interfaces sent data to the platform, including lab results, pharmacy orders, Admit Discharge Transfer (ADT) and vitals/nursing documentation. A clinical database was created from these feeds, and rules were applied to create the appropriate alerts.

Nurses received alerts on a VoIP phone and then logged into the solution to review the specifics and determine whether they agree with the alerts based on their clinical training. The system prompted the nursing staff to respond to each one, either through acknowledgement or override. If acknowledged, suggested guidance regarding the appropriate next steps was provided, such as alerting the physician or ordering diagnostic lactate tests, based on the facility’s specific protocols. If alerts were overridden, a reason had to be entered, all of which were logged, monitored and reported. If action was not taken, repeat alerts were fired, typically within 10 minutes. If repeat alerts were not acted upon, they were escalated to supervising personnel.

Over the course of the pilot, the entire John Muir organization benefited from significant improvements on several fronts:

  • Nurses were able to see how data entered into the EHR was used to generate alerts
  • Data could be tracked to identify clinical process problems
  • Access to clinical data empowered the quality review team
  • Nurses reported being more comfortable communicating quickly with physicians based on guidance from the system and from John Muir’s standing policies

Finally, physicians reported higher confidence in the validity of information relayed to them by the nursing staff because they knew it was being communicated based on agreed upon protocols.

Within three months, John Muir experienced significant improvements related to key sepsis compliance rate metrics. These included an 80% compliance with patient screening protocols, 90% lactate tests ordered for patients who met screening criteria and 75% initiation of early, goal-directed therapy for patients with severe sepsis.

Early data from Huntsville Hospital is equally promising, including a 37% decline in mortality on patient floors where POC Advisor was implemented. Thirty-day readmissions have declined by 22% on screening floors, and data suggest documentation improvements resulting from the program may positively impact reimbursement levels.

This kind of immediate outcome is generating excitement at the pilot hospitals. Though greater data analysis is still necessary, early indications are that a multi-faceted approach to sepsis holds great promise for reducing deaths and severity.

Last week, I shared information about the progress we are making on Windows 10 and some really cool new technologies, like HoloLens , that I believe will have a significant impact in health and medicine down the line. This week, I’d like to focus on something...(read more)
Source: HealthBlog

My first exposure to Mobisante and their disruptive diagnostic ultrasound system was the mHealth Summit in November of 2010. At that time, the consumerization of medical devices had been gaining traction, mostly in the physician office market. Consumerization offers medical device manufacturers advantages in lower design costs, shorter time-to-market, lower product costs, increased usability and lower training costs.

I recently got Sailesh Chutani, co-founder and CEO of Mobisante, on the phone and we discussed their product strategy — a software based diagnostic ultrasound that runs on a variety of consumer electronics platforms.

Your product is clearly a diagnostic ultrasound medical device, but one can’t help but notice the rather unique design and choice of components. What were the factors driving the eventual design and appearance of your diagnostic ultrasound?

For us, in terms of where we started, our goal was to make ultrasound imaging universally accessible; to democratize it. Currently, there are three very significant barriers to broader adoption of ultrasound imaging:  cost, complexity and the difficulty of integration with workflows.

Traditional ultrasounds are the way they are because historically the only way to get the high performance and image quality you need was to do custom hardware, custom everything. This is by necessity very expensive. Then, in 2007, Qualcomm came up with Snapdragon chip sets. Now, for the first time, you had enough computing power in a smartphone to do the processing required for real time ultrasound imaging. So, we were looking at all of that and thinking, “Okay, so what are some the cost drivers?” Doing custom hardware is a pretty major driver of costs. If we could now use commodity electronics as building blocks for these devices, our costs would be dramatically lower.

The second big barrier was that a lot of the complexity you see in traditional devices comes from designs that are kind of one-off designs. And these devices are also designed for highly trained sonographers or experts. Those devices have dozens of knobs and controls. Sometimes weeks of training is required to just learn how to master a conventional ultrasound system. We questioned whether all of that complexity was necessary. Certainly, this complexity is an impediment if you’re going to make the diagnostic functionality more broadly accessible, especially to non-experts. As consumers, all of us are getting trained on the interaction paradigm of smartphones and tablets, so why not just make using ultrasound look like any other application you’d download? Stick to the interaction paradigm that the whole community has been trained on, and leverage that. So now, it takes someone five minutes now to learn to operate the device versus taking three weeks of class.

Breaking the third barrier entailed leveraging the connectivity that comes for free in all of these smart phones and tablets. So, we leverage those connectivity capabilities to offer functionality beyond image capture, but also managing and organizing these images through the diagnostic life cycle. We offer cloud-based image management and then eventually we’ll offer over-read services and analytics. These capabilities simplify integration of our devices into clinical workflows.

Those are the three key insights and drivers we had for our product, and I think you can clearly see them emerge out of the design and the actual product today. We are leveraging commodity smartphones, tablets and other off-the-shelf hardware, focusing on designing a simplified user interface that piggybacks off the training we all have in gestures and touch. The third piece is connectivity and increasing the value of the solution by not just capturing images at the device but also providing image management and access to other complementary services.

It seems that you intended to create a disruptive medical device from the get go? ?

That’s an accurate statement. [chuckle]

Our driver was really, how do you increase access. And maybe I can step back and ask, “Why does this even matter?” If you look at the broader issue, and this is really a global issue, the big question is, “How do you increase access to healthcare and do it in an affordable manner?“

There are two main drivers that determine the cost of healthcare. One is where are you delivering care? Are you delivering care in places like hospitals, in clinics, or in people’s own homes? And the other is who’s delivering that care? Is it highly trained MDs or nurses, nurse practitioners, or community workers or maybe patients themselves?

So, if you can move care closer to the patients, whether it’s a clinic out in the community or their own home, and you can move more of the care delivery to mid-level professionals and eventually patients themselves – if you can move along those two dimensions, that’s where you start to break the cost curve.

The problem is, in order to do that, you need a different kind of medical device or toolbox. Less skilled users need diagnostic and procedural guidance that you don’t have today. Today’s medical toolbox, the diagnostic toolbox included, is designed to be operated in a hospital environment by highly trained professionals. So, in some sense, that’s the problem we wanted to solve, and we picked ultrasound imaging as the tool to focus on first because it has very broad applicability.

Point of care imaging can take the guesswork out of medicine, right? So, you don’t have to palpate or poke to try and figure out what’s happening inside someone’s body – you can image and see what’s happening. That is the driver for what we’re doing. And yes, we also wanted to explore, how do you have a business model that would be difficult for incumbents to copy, and an approach, which as the newcomer, we could pioneer and build into a very strong position in the market?

Your product design has allowed you to carve out a segment of the market that really didn’t exist before.

That is correct. That is correct because, ultimately, if you think about who do we compete with? We compete with non-consumption (pdf), to use Clayton Christensen’s term, right? We are really making ultrasound imaging available to people who either didn’t have access before, had inconvenient access, or couldn’t afford it. Right? So, for them, they’re not looking for the dozens of features of a $100,000 device. They’re looking for something basic that allows them to do triage, quick looks. Essentially, answer yes/no questions.

So, while your disruptive product design significantly reduced the purchase price and per unit revenue for your product compared to traditional ultrasound systems, it sounds like it’s also created new business opportunities and new revenue opportunities?

Absolutely. An example would be, in addition to the imaging device, offering people image management in the cloud.  Besides automating the diagnostic workflow, clinics and hospital systems can essentially start to use that to do quality control on the images being acquired. They can use it to do training. Radiologists can start to offer 24X7 over-read services for ultrasounds, which exists in CT and MRI, but is not as prevalent in ultrasound.

So, yes, you’re absolutely right, you got the new opportunities to provide better care and create new revenue opportunities for us. But, there’s one point I want to highlight. Traditionally, devices have been sold in a fee-for-service reimbursement world. Manufacturers sell big-ticket medical devices justified by the fees health care providers can charge for using the device to do procedures. In this scenario, capital equipment costs are less important than the provider’s revenue potential from procedure fees. Providers have an incentive to do as many procedures as possible because they’re receiving a fee for providing that service. Now with the change in the health care system, the Affordable Care Act, I think people are starting to look at costs, clinical effectiveness and overall value – this creates a very different kind of business environment where you’re looking at tools asking the questions, “Does it help you provide better care? Does it help you provide cheaper care?”

I think that’s the big opportunity for innovation in point-of-care devices because they essentially allow you to do much more effective triage very early to see who needs the more expensive modality or not. For example, you’re at your community clinic in a rural area, complaining of abdominal pain. Today, if they don’t have imaging, they’re referring you to a hospital due to the serious conditions your symptoms might indicate. You want to rule out a whole class of things. If they have a device like ours, they can do it right away, and then for a number of cases, they will be able to have confidence. “Yeah, you don’t need that extra level of screening or diagnosis. You’re fine. You can go home. You just have gas or you ate something that didn’t agree with you.” Early on, in the health care delivery process, it’s possible to really reduce the number of unneeded procedures and screenings that have been the norm, with these point-of-care devices.

Up to this point, we’ve talked mostly about market facing factors that have both driven your design and are a consequence of your design approach. What factors or what kind of impacts were there internally in your company as a consequence of taking this pretty radical approach to medical devices? And I’m thinking things like new core competencies, regulatory impacts, purchasing components, all those kinds of issues.

Oh, it’s huge. It starts with what kind of team do you put in place, right? We needed folks, not only from the medical device community, but people who knew how to operate in this environment where some of the building blocks are off the shelf. The next consideration had to do with what we were going to be building on a platform that would evolve very rapidly. We had to learn to architect our product’s stack, so that it can cope with the rapid change that occurs with consumer electronics without requiring extensive redesign. And then tied to that was “Well, how do we approach our regulatory strategy?” If every time something minor changes, we have to get a new 510(k), you’d go out of business pretty quickly.


Categories: All , MedTech and Devices
Here are a few I have come across the last week or so.Note: Each link is followed by a title and a few paragraphs. For the full article click on the link above title of the article. Note also that full access to some links may require site registration or subscription payment.General CommentThe holidays are about the end and things will start to return to normal next week. Soon after that Parliament will come back and the bun-fight can resart.Interesting that Mr Turnbull is pushing for a ‘single digital identity’ for Australians - I wonder just exactly he means by that - thinking IHI etc. Time will tell I guess. Clearly Microsoft's Window 10 is going to have some considerable impact when it appears later in the year. -----http://www.smh.com.au/federal-politics/political-news/tony-abbott-promotes-malcolm-turnbull-to-take-charge-of-egovernment-20150123-12wstp.htmlTony Abbott promotes Malcolm Turnbull to take charge of e-governmentDate January 23, 2015 - 3:29PM James MassolaPolitical...

This is the initial part of the post - read more by clicking on the title of the article. David.
Categories: MedTech and Devices , All

January 25,2015


Kathy Beitz, 29, is legally blind - she lost her vision as a child and, for a long time, adapted to living in a world she couldn't see (Kathy has Stargardt disease, a condition that causes macular degeneration). Technology called eSight glasses allowed Kathy to see her son on the day he was born. The glasses cost $15,000 and work by capturing real-time video and enhancing it.

Categories: All , News and Views


As part of the Masters Program in Health Informatics, I produced videos on The Role of Informatics for Accountable Care Organizations. Links are below. I will be updating this post with videos each week.



Key Learning Objectives are:

  • To discuss the establishment of ACO Models of care and legislation that created them.
  • We will also learn about the philosophy, eligibility and characteristics of Accountable Care Organizations and the various models of care.
  • We will talk about managing health of ACO patients and the latest evidence and national distribution of ACOs
  • We will talk about best practices for managing care and tools to analyze gaps in patient care as well as the challenges faced by ACOs
  • Health Informatics and the tools that can be used to monitor performance standards, produce reports of quality metrics and the process for analyzing large amounts of data will also be reviewed.
  • Of course large amounts of data to analyze require tools and technology so we will speak about the types of tools used.
  • In addition, you will hear about interviews conducted with ACO Executives across the country covering their background, how they coordinate care and the technologies they use.
  • Finally you will gain insights and perspectives about the future of ACOs from these executives.

#1 Accountable Care Organizations 

#2 ACO Health Management

#3 Informatics, Big Data and Accountable Care Organizations 

#4 Informatics and Technology for ACOs

#5 Informatics and Big Data

#6 Interviews with ACO Executives

#7 Current and Future ACO Technology Needs


Categories: MedTech and Devices , All
This appeared a few days ago:Health advocates call on Federal Government to utilise technology to fight mental illness saying digital services are 'vastly underused' By Lexi Metherell January 21, 2015, 4:00 pmMental health advocates are urging the Federal Government to make better use of technology-based mental health services, saying they are cheap, effective, but vastly underused.The Federal Government is considering reforms to the sector and is soon expected to deliver its response to the National Mental Health Commission's review of programs and services.Mental health professionals have called for e-mental health services to be made a core part of the system.The Black Dog Institute estimates that while e-mental health services could benefit 600,000 Australians, just 30,000 use them.E-mental health programs include services delivered through digital mechanisms - such as phones and computers - which allow users to prevent, treat and recover from mental illness.E-mental health...

This is the initial part of the post - read more by clicking on the title of the article. David.
Categories: MedTech and Devices , All

January 24,2015

Here are the results of the poll.Following The Back-down On Medicare Rebate Cuts, With A Promise Of Consultation, Do You Expect More Consultation On The PCEHR And E-Health This Year?For Sure 3% (2) Probably 6% (4) Neutral 3% (2) Probably Not 32% (21) No Way 53% (35) I Have No Idea 3% (2) Total votes: 66 A pretty clear response with large majority believing that it is unlikely E-Health consultation will be stepped up any time soon. Good to see a clear outcome with a lot of responses over the time of the holidays. Again, many, many thanks to all those that voted! David.

This is the initial part of the post - read more by clicking on the title of the article. David.
Categories: MedTech and Devices , All

January 23,2015


Today I had the amazing opportunity to volunteer at my kids school. They make it a big deal for dad’s to volunteer at the school and my kids absolutely adore having their dad at school with them. We have a tradition that I go and spend the day at school with my kids on their birthdays. It’s pretty awesome and I might have even shed a tear or two. (Side Note: Check out my new Daddy Blog for cute pics of my kids)

However, that’s not the point of this post. It turns out today was testing day for a bunch of my kids (I have 3 in elementary school). What was amazing is that all of the test were administered on a computer. Yes, even my 5 year old kindergartner was taking his test on the computer. In fact the teacher told me, “It’s kind of hard because they don’t even really know how to type.”

Whether this is a good idea or not, is a topic for an education blog. However, I’ve written before about the next generation of digital natives and the impact they’ll have on healthcare and EHR. If we look a little further out, my 5 year old won’t even be able to comprehend the idea of a paper chart. It will be so ridiculous to him.

I’m still processing what this will mean to healthcare IT and to society in general. As I think back on the thousands of blog posts I’ve written about adopting EHR, I can think of many that will sound ridiculous even 5-10 years from now. That has me very excited. Not that my content is no longer useful (unless you enjoy Health IT history). I’m excited that a whole sea change is going to happen in how we want technology applied to healthcare.

No doubt, it’s not without some risk. I’ve heard many argue that the next generation doesn’t care about privacy. Personally I’ve seen quite the opposite. The next generation has a very sophisticated approach to privacy. They know when and where to share something based on who and what they want to see it. It’s the older generation that has a problem knowing exactly where something should be shared and where it shouldn’t. That’s not to say that some young kids don’t make mistakes. They do, but most are quite aware of where something is being shared. It’s why so many kids use snapchat.

What do you think of the coming generations of technology savvy people? What benefits will they bring? What challenges will we face? Are you excited, scared, nervous?


I have some big news to share with you this Friday afternoon. I have accepted an offer to become digital editor of Clinical Innovation+ Technology, a publication you may be familiar with. I’ll be responsible for the daily e-mail newsletter, among other things. It’s my first full-time job since the end of 2003.

Clinical Innovation + Technology is published by TriMed Media Group of Providence, R.I., which also publishes Health Imaging + IT, Cardiovascular Business, Healthcare Technology Management, Health CXO and the recently revived CMIO. (I freelanced for the first few issues of the original incarnation of CMIO, which later became Clinical Innovation & Technology.) This is a telecommuting job, so I will remain in Chicago.

Of course, this means I will have to give up most of my freelance work, in part because I won’t have the time and also because I don’t want to be in direct competition with my new employer. At least in the short term, I do intend to keep up this blog, since it never really was my primary outlet or source of income anyway, Lately, I haven’t been posting more than 2-3 times a month anyway, so you may not even notice much of a difference. Once I figure out my routine at the new job, I’ll decide on whether or not to continue this site.

I don’t know all the details yet on what kinds of things I’ll be focusing on, so please do not start inundating me with pitches. The last time I did multiple newsletters a week, I got burned out in no small part due to the volume of e-mail I received. Do note that “clinical” is the first name of the publication, and that TriMed has other titles devoted to the business side of things. That should be a clue as to what I’ll be interested in. As far as I know, there is no change to the staff of the print magazine.


A recent article in Modern Healthcare featured an interview with Dr. Delos "Toby" Cosgrove who is the CEO of the Cleveland Clinic (see: Cleveland Clinic CEO talks strategy, expansion and standardization). There are a number of very interesting points in this article but one jumped out at me so I will start with it. The exchange is listed below:

MH: Cleveland Clinic is unique in that you've actually grown inpatient volume. What do you attribute that to, and is it sustainable?

Cosgrove: About 80% of our patients come from about a six-county area, about 19% come from the rest of the U.S. and about 1% from overseas. One of our major strategies has been hospital transfers. We have about 20,000 hospital transfers on an annual basis, and people are coming to us for tertiary, quaternary care, and about a quarter of our beds are intensive-care beds. That's one of the things that has sustained us. And we've had substantial growth in our outpatient visits. 

A note in Lab Soft News from 2013 made reference to the Cleveland Clinic as a "super-regional" hospital, a term coined by Atul Gawande (see: Cleveland Clinic Launches Consulting Relationship with ProMedica System in Toledo). I must admit that the term seemed appropriate to me at the time but I wasn't sure of the exact definition. When searching for the term super-regional hospital, I came across this article: New Laws and Rising Costs Create a Surge of Supersizing Hospitals. However, this is about hospitals merging to achieve greater size ("supersizing" hospitals). In the case of the Clinic, I have the sense that it has becoming a super-regional by getting better and not necessarily by getting bigger. 

The patient admission numbers provided by Cosgove help me to begin to better understand the term super-regional, at least in the case of Cleveland Clinic. Eighty per cent of patient admission are from the adjoining six-county area and 19% from the rest of the country with 1% from overseas. An additional important number is that 20,000 admissions are transfers for tertiary and quaternary care. About a quarter of the Cleveland Clinic beds are intensive care. So, in this case, better as I use the term in the paragraph above, means the ability of Cleveland Clinic to manage complex patients and satisfy the referring hospitals and physicians. Because the hospital has only a lesser interest in primary and secondary care, the referring hospitals will not fear that referred patients will be poached and thus not return to their home hospitals.

So the idea that hospitals' inpatient populations will inevitably shrink in the future may not apply to large academic centers and super-regional facilities like Cleveland Clinic and Mayo Clinic (see: Falling Inpatient Revenues at Many Hospitals Is Sign of Healthcare’s Transition to New Models of Integrated Clinical Care...) These facilities, however, need to continue to promote transfers and referrals and many of these transferred patients will occupy intensive care beds.

The Modern Healthcare interview of Cosgove also makes mention of a new "knowledge transfer agreement" between the Cleveland Clinic and Community Health Systems, a for-profit hospital system that owns, operates, or leases 206 hospitals in 29 states with approximately 31,100 licensed beds. Such an arrangement would probably be unthinkable for, say, a prestigious academic medical center. On the other hand, CHS may be a productive source of referrals and transfers for Cleveland Clinic in the future.

January 22,2015

So yesterday was a big day here at Microsoft. Like many of you, I was glued to my computer screen while our business and product leaders updated the world on Windows 10 , Windows Phone, Xbox, and more. We learned that Cortana will be taking up residence...(read more)
Source: HealthBlog

I’ve been involved in building many life-critical and mission-critical products over the last 25 years and have found that, finally, cybersecurity is getting the kind of attention it deserves. We’re slowly and steadily moving from “HIPAA Compliance” silliness into a more mature and disciplined professional focus on risk management, continuous risk monitoring, and actual security tasks concentrating on real technical vulnerabilities and proper training of users (instead of just “security theater”). I believe that security, like quality, is an emergent property of the system and its interaction with users and not something you can buy and bolt on. I’m both excited and pleased to see a number of healthcare focused cybersecurity experts, like Kamal Govindaswamy from RisknCompliance Consulting Group, preaching similar proactive and holistic guidance around compliance and security. I asked Kamal a simple question – if cybersecurity is an emergent property of a system, who should be held responsible/accountable for it? Here’s what Kamal said, and it’s sage advice worth following:

Information Security in general has historically been seen as something that the organization’s CISO (or equivalent) is responsible for. In reality, the Information Security department often doesn’t have the resources or the ability (regardless of resources) to be the owners or be ultimately “accountable” or “responsible” for information security. In almost all cases, the CISO can and must be the advisor to business and technology leaders or management in the organization. He could also operate/manage/oversee certain behind-the-scenes security specific technologies.

If your CISO doesn’t “own” Information Security in your organization, who should?

At the end of the day, everyone has a role to play in Information Security. However, I think the HealthIT managers and leaders in particular are critical to making security programs effective in healthcare organizations today.

Let me explain…

Of all the problems we have with security these days,  I think the biggest stumbling block often has to do with not having an accurate inventory of the data we need to protect and defining ownership and accountability for protection. This problem is certainly not unique to Healthcare. No amount of technology investments or sophistication can solve this problem as it is a people and process problem more than anything else.

Healthcare is unfortunately in a unenviable position in this regard. Before the Meaningful Use program that has led to rapid adoption of EHRs over the last five years, many healthcare organizations didn’t necessarily have standard methods or technologies for collecting, processing or storing data. As a result, you will often see PHI or other sensitive information in all kinds of places that no one knows about any longer, let alone “own” them –  Network file shares,  emails, a legacy application or database that is no longer used  etc. The fact that HealthIT in general has been overstretched over the last five years with implementation of EHRs or other programs hasn’t helped matters either.

In my opinion and experience, the average Healthcare organization is nowhere close to solving the crux of the problem with security programs – which is to ensure ownership, accountability and real effectiveness or efficiencies.

Most of us in the security profession have long talked about the critical need for the “business” to take ownership among business and technology leaders. For the most part however, I think this remains a elusive goal for many organizations. This is a serious problem because we can’t hope to have effective security programs or efficiencies without ownership and accountability.

So, how do we solve this problem in Healthcare? I think the answer lies in HealthIT leadership taking point on both ownership and accountability.

HealthIT personnel plan, design and build systems that collect/migrate/process/store data, interact with clinical or business leadership and stakeholders to formulate strategies, gather requirements, set expectations and are ultimately responsible for delivering them. Who better than HealthIT leaders and managers to be the owners and be accountable for safeguarding the data? Right?

So, let’s stop saying that we need “the business” to take ownership. Instead, I think it makes much more pragmatic sense to focus on assigning ownership and accountability on the HealthIT leadership.

I present below a few sample mechanics of how we could do this:

  1. Independence of the CISO. For a start, Healthcare CIOs or leaders should insist on independence for the CISO (or equivalent) in their organizations. Even if the CISO or security director or manager happens to be reporting to the CIO (as it still happens in many organizations), I think it is absolutely critical that you reorganize to make the role one of an advisor and support role and not an IT function itself. The CISO and his may also have their own operational responsibilities, such as management of certain security technologies or operations,  performing risk assessments, monitoring risk mitigation or remediation programs,  assisting with regulatory compliance and so on. Regardless, they must be an independent function with a strong backing or support from the CIO.
  1. IT (Data) Asset Discovery, Classification and Management. To start with, all IT assets (hardware and software) that collect, receive,  process,  store or transmit data (CRPST) need to be identified,  regardless of whether these assets are owned/leased/subscribed or where they are hosted. Every physical or virtual asset (network device, server, storage, application, database etc.) must have one assigned owner at a manager/director/VP level who is ultimately accountable for security of the information CRPSTed by the asset. As the owner may choose or need to delegate responsibilities (see #3 below)  the asset meta-data should also include information regarding personnel that have delegated responsibilities. If you are a smaller organization,  you may have one person being the owner that is “accountable” as well as “responsible” .
  1. Directives to HealthIT executives and managers. It is important that Healthcare CIOs send a clear message of sponsorship and accountability to their executives and managers regarding their “ownership” related to security.  The asset owners (see #2 above) may in turn delegate “responsibilities” to other personnel (not below a manager) in her department. For example, the VP or Director of IT Infrastructure may delegate responsibilities to Manager of Servers and Manager of networks. Similarly, the VP/Director of Applications may delegate responsibilities to the Database Manager and Manager of Applications and so on. Regardless of the delegation, the VP or Director retains the “ownership” and “accountability” for security of information CRPSTed by the asset.
  1. Bolted-in Security. The HealthIT strategy and architecture teams need to work in close collaboration with the CISO’s team. It is critical that security is an important planning and design consideration and not something of an afterthought. It is much more cost effective to plan, design and implement secure systems from the start (hence bolted-in) than trying to look for a patch-work of controls after the systems are already in place.
  1. Need for HealthIT managers with “responsibilities” to be proactive. Let me explain this with a few examples of the Server Manager’s role in #3 above.
    • The Server Manager must at all times know the highest classification of the data stored on his servers so he is sure he has appropriate controls for safeguarding the data as required by the organization’s Information Security Policy and standards. If a file server is not “authorized” to contain PHI or PII on its shares, he should perhaps reach out to the CISO with a request for periodic scans of his servers to detect any “sensitive” data that users may have put on their file shares, for example.
    • If a file server is authorized to store PHI for use by the billing department for example, the Server manager must work with the billing department manager to have her periodically review the access that people have to the billing file shares. If your organization’s Identity and Access Management (IAM)  solution or program has capabilities for automating these periodic access reviews,  the Server Manager must work with the CISO (or whoever runs the IAM program)  to operationalize these access reviews as part of your Business-As-Usual (BAU)  activities. The key point here is that it is the Server Manager’s responsibility (and not the Billing Manager or the CISO’s) to ensure that the Billing Manager performs the access reviews in compliance with the organization’s policies or standards for access reviews of PHI repositories.
    • The Server Manager must all times be aware of who all have administrative access to these servers, so he must look for ways to get alerts for every change that happens to the privileged or administrator access to the servers. If your organization has a Log Management or a Security Information Event Management(SIEM)  solution,  the Server Manager should reach out to the CISO or his designate so the SIEM solution can collects those events from your servers and send email alerts for any specific administrator or similar privilege changes to the Server Manager. While we are on SIEM, the Server Manager should also work with the CISO and the Billing Manager so the Billing Manager gets an email alert every time there is a change to the access privileges on the file shares containing PHI or PII used by the billing department.
    • If one of the servers happens to be a database server, the Server Manager may be responsible for the operating system level safeguards while the Database Manager may have the responsibility for the database “asset”.  She will in turn need to work with the CISO and the relevant business managers for automation of access reviews, monitoring of potential high risk privilege changes in the database etc.


I hope these examples from Kamal illustrate how HealthIT can have an effective ownership and accountability for security.

Drop us some comments if you agree but especially if you don’t.


In a recent blog, the opinions of the JASON Report Part II with regards to CDA were analyzed. The review of CDA was lukewarm at best. However, the report did spend a significant amount of time talking about future possibilities. The main focus of the future possibilities was HL7 FHIR.

FHIR was discussed extensively in the report because JASON thought it lends itself well to the health IT vision which was stated as:

Focus on the health of individuals rather than the care of individuals.

Key to this vision is the establishment of a robust health data infrastructure that could also be used to enable a Learning Health System. But one major impediment that remains is the critical need for open APIs for EHR connectivity and to stimulate entrepreneurial ideas. One solution to this impediment is seen as the FHIR standard, which JASON sees as a “significant improvement over CDA.”

The JASON report describes CDA as a container for information. The problem with the container is that it is hard to sort out all the data in the container into usable chunks. FHIR solves this by organizing the data into smaller usable chunks called resources. These resources standardize the exchange of information as modular components.

Resources contain basic pieces of information and can be extended to fulfill specialized requirements. Resources can also be bundled together to satisfy the same messaging and document workflows that the health IT industry uses today. In a previous post, I detailed the interoperability paradigms of FHIR, including REST, messaging, documents, and services.  Examples of resources include Patient, Medication, and CarePlan to name a few. Like CDA, each resource has a human readable element as well as coded entries.

Because these resources are simple in structure and clearly defined, they are viewed as something that is easy to parse and extract the data. Not to mention, it is always possible to extract the human readable portion. The resources, which can be encoded in XML or JSON (not to be confused with JASON – the organization writing the report), are lightweight and easily adaptable to web applications which is something that has not existed in health IT to this point.

According to the report, of even greater importance than the lightweight and clearly defined resources is the ability to support representation state transfer (REST). There are several design features listed in the report which give evidence to REST being such a good choice:

  • Separation of concerns about the storage of data and the interface to the data
  • The communication is essentially stateless between requests
  • Load balancing can easily be employed on the server side
  • Client caching can be enabled for efficiency
  • Servers can send code to clients to extend functionality
  • Applications present a uniform interface, with four guiding principles:
    • Resources are identified via URLs
    • Clients, with permission, can modify the resources on the server
    • Messages are self-descriptive
    • Transitions of the data are performed using hyperlinks

With REST in place as a paradigm for interoperability, along with the simple modular structure of resources, JASON believes that FHIR sets the stage for a major shift in the way healthcare data is exchanged, and make data more readily available when and where it is needed to support the future vision of healthcare.

Categories: News and Views , All

The following is a guest blog post by Mark Fulford, Partner in LBMC’s Security & Risk Services practice group.
Mark Fulford
Myths abound when it comes to data security and compliance. This is not surprising—HIPAA covers a lot of ground and many organizations are left to decide on their own how to best implement a compliant data security solution. A critical first step in putting a compliant data security solution in place is separating fact from fiction.  Here are four common misassumptions you’ll want to be aware of:

Myth #1: If we’ve never had a data security incident before, we must be doing OK on compliance with the HIPAA Security Rule.

It’s easy to fall into this trap. Not having had an incident is a good start, but HIPAA requires you to take a more proactive stance. Too often, no one is dedicated to monitoring electronic protected health information (ePHI) as prescribed by HIPAA. Data must be monitored—that is, someone must be actively reviewing data records and security logs to be on the lookout for suspicious activity.

Your current IT framework most likely includes a firewall and antivirus/antimalware software, and all systems have event logs. These tools collect data that too often go unchecked. Simply assigning someone to review the data you already have will greatly improve your compliance with HIPAA monitoring requirements, and more importantly, you may discover events and incidents that require your attention.

Going beyond your technology infrastructure, your facility security, hardcopy processing, workstation locations, portable media, mobile device usage and business associate agreements all need to be assessed to make sure they are compliant with HIPAA privacy and security regulations. And don’t forget about your employees. HIPAA dictates that your staff is trained (with regularly scheduled reminders) on how to handle PHI appropriately.

Myth #2: Implementing a HIPAA security compliance solution will involve a big technology spend.

This is not necessarily the case.  An organization’s investment in data security solutions can vary, widely depending on its size, budget and the nature of its transactions. The Office for Civil Rights (OCR) takes these variables into account—certainly, a private practice will have fewer resources to divert to security compliance than a major corporation. As long as you’ve justified each decision you’ve made about your own approach to compliance with each of the standards, the OCR will take your position into account if you are audited.

Most likely, you already have a number of appropriate technical security tools in place necessary to meet compliance. The added expense will more likely be associated with administering your data security compliance strategy.

Myth #3: We’ve read the HIPAA guidelines and we’ve put a compliance strategy in place. We must be OK on compliance.

Perhaps your organization is following the letter of the law. Policies and procedures are in place, and your staff is well-trained on how to handle patient data appropriately. By all appearances, you are making a good faith effort to be compliant.

But a large part of HIPAA compliance addresses how the confidentiality, integrity, and availability of ePHI is monitored in the IT department. If no one on the team has been assigned to monitor transactions and flag anomalies, all of your hard work at the front of the office could be for naught.

While a ‘check the box’ approach to HIPAA compliance might help if you get audited, unless it includes the ongoing monitoring of your system, your patient data may actually be exposed.

Myth #4: The OCR won’t waste their time auditing the ‘little guys.’ After all, doesn’t the agency have bigger fish to fry?

This is simply not true. Healthcare organizations of all sizes are eligible for an audit. Consider this cautionary tale: as a result of a reported incident, a dermatologist in Massachusetts was slapped with a $150,000 fine when an employee’s thumb drive was stolen from a car.

Fines for non-compliance can be steep, regardless of an organization’s size. If you haven’t done so already, now might be a good time to conduct a risk assessment and make appropriate adjustments. The OCR won’t grant you concessions just because you’re small, but they will take into consideration a good faith effort to comply.

Data Security and HIPAA Compliance: Make No Assumptions

As a provider, you are probably aware that the audits are starting soon, but perhaps you aren’t quite sure what that means for you. Arm yourself with facts. Consult with outside sources if necessary, but be aware that the OCR is setting the bar higher for healthcare organizations of all sizes. You might want to consider doing this, too. Your business—and your patients—are counting on it.

About Mark Fulford
Mark Fulford is a Partner in LBMC’s Security & Risk Services practice group.  He has over 20 years of experience in information systems management, IT auditing, and security.  Marks focuses on risk assessments and information systems auditing engagements including SOC reporting in the healthcare sector.  He is a Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP).   LBMC is a top 50 Accounting & Consulting firm based in Brentwood, Tennessee.

Follow Us: