Black Bags to Robots: 100 Years of Medical Progress

Posted 28 July, 2007 in future tech

There was once a time when doctors did house calls^*. Then a population boom, decreasing physician/patient ratios and new hospital technologies largely obsoleted personal house visits. For the past 50 years, nearly all contact with one’s physician has occurred in a doctor’s office. Recently, EHR patient portal software has allowed email and instant chat with physicians. Some EHRs now even have live video conferencing/telemedicine capabilities (which are particular handy in a corrections environment, for example.) Increasingly, remote medical encounters (with robots) are enabling a specialist to operate from the other side of the country or world.

I think that remote medicine is particularly exciting because it allows the mechanical motions of the procedure to be recorded for review. Previously, procedures could be video recorded, but now every movement and pressure and cut can all be saved and analyzed for best practices and training.

As well, once the operation data is stored, it can be combined with outcomes data to find useful trends and patterns. How’s that for cool?

* Just yesterday I heard that some doctors are beginning again to make house calls, in an effort to curb expensive  emergency room visits.

More Data != Better Data

Posted 18 July, 2007 in tech choices, solutions, problems

The World Wide Web is terrifically empowering because it carries a nearly infinite wealth of knowledge on innumerable entwined topics right into the leisure of your home. The caveat to this blessing is that intermixed in this wave of data is erroneous, incomplete and misleading material. Also, a deluge of information without context and experience can lead to inflated confidence and poor consequent decisions. This is particularly troubling in the healthcare domain, for after reading up on a variety of medical topics on wikipedia, it’s not uncommon to overvalue your medical competence. Doctors in Australia, for example, say they spend, on average, “1 day per week reassuring patients who have misdiagnosed themselves due to using the Internet to find health related information.”^*

The problem of Internet information is not only a shallow, encyclopedic rendering of complex topics^**, but also an ever-growing cesspit of misinformation from unscrupulous persons (see quackery.)

The internet is choked with unscientific “alternative” health sites which purport to hold insights into “what doctors don’t want you to know.” They prey on the uniformed, the naive and the desperate, to peddle dietary supplements, exotic foreign juices and daily colonics. All of which are, at best, expensive placebos, and at worse, dangerous and sinister. These fraudsters sidestep the FDA, double-blind tests, and the scientific method by verbal slight of hand and faulty logic such as, “If doctors were successful at curing people, they would be out of a job, so it’s in a doctor’s best interests to keep you sick.”

And then there is Web2.0 that, with all its promise, is also full of user-generated nonsense. “Blogs have become so dizzyingly infinite that they’ve undermined our sense of what is true and what is false, what is real and what is imaginary. These days, kids can’t tell the difference between credible [information] by objective professional[s] and what they read on [any blog]”^***

So, in summary, ten minutes of Goolging doesn’t make you a doctor, much of what you read online is false, massive doses of vitamin C doesn’t cure cancer and Kevin Trudeau is a con man.

So, how do we solve this problem? “All animals are created equal, but some are more equal than others,” was certainly bad policy for the pigs in Animal Farm, but when applied to Internet medical content, it’s unarguable that not all content is created equal. Perhaps some sort of non-profit certifying organization could help mark the reliable and credible sources of information? Democratic moderation isn’t the answer, because what is popular is not the same as what is correct. Expert systems are a step in the right direction. An EHR that allows you to chat/email with physicians is another good remedy. What do you propose?

* “A survey of 106 GPs, published last month in Australian Doctor magazine, found almost 40 per cent of doctors spent nearly a day a week on patients who had incorrectly diagnosed themselves or their children.”
see http://www.smh.com.au/news/technology/diagnosis-by-internet-wastes-time-say-gps/2007/07/13/1183833772789.html

** “A little Learning is a dang’rous Thing;
Drink deep, or taste not the Pierian Spring:
There shallow Draughts intoxicate the Brain,
And drinking largely sobers us again.”
An Essay on Criticism, Alexander Pope

*** Andrew Keen, The Cult of the Amateur: How today’s Internet is killing our culture

How good is your hospital? (JCAHO CMS to the rescue!)

Posted 10 July, 2007 in news, EHRs, solutions

We’ve talked before about the importance of universal metrics and standards (e.g. IT security metrics (see: HIPAA intro and HIPAA enforcement) and EHR functionality.) Well, now that you have patient encounter data safely in your hosted EHR database, you’ll need some way to measure how well the medical practitioners are doing their jobs.

Enter JCAHO^*– Joint Commission on Accreditation of Healthcare Organizations and Centers for Medicare & Medicaid Services– CMS (I know, they forgot an M in there…)

Those two organizations have identified “core measures” which they use 1. to determine JCAHO accreditation and 2. to determine if the hospital gets government money (Medicare & Medicaid).

An example, please!

A patient is admitted to the ER who has suffered a heart attack. JCAHO/CMS core measure AMI-1 states that the patient needs to be administered aspirin within 24 hours. There are five main categories of core measures with over thirty sub-measures. Running through your encounters manually to check against core measures would quickly become exhausting.

Wouldn’t it be nice if your EHR program could analyze your EHR encounter data and produce handy reports which show your JCAHO/CMS compliance levels? Well, there is at least one EHR vendor whose product now does that: RemedyMD’s OutcomeTrack. You can now even test drive their core measures analysis tool for free online (registration required).

If JCAHO accreditation is in the present or future of your hospital or practice, be sure that your EHR supports JCAHO/CMS reporting. If not, switch to an EHR vendor who does!

* The Joint Commission, an independent, not-for-profit organization, is the nation’s predominant standards-setting and accrediting body in health care. JCAHO is committed to improving healthcare nationwide and it evaluates medical facility compliance based on a focused set of “requirements” that are long known as essential to the delivery of good patient care.A JCAHO certification is considered the gold seal of approval and current law says hospitals accredited by JCAHO are automatically eligible for Medicare reimbursement.

The JCAHO web site can be found at www.jcaho.org (which is an alias for http://www.jointcommission.org/ )

Why healthcare IT should matter to you

Posted 8 July, 2007 in news, healthcare it benefits

QuadraMed (a Medical billing company) published a list of ten reasons why consumers should care about health information technology. I was happy to see such a list and I’ve included a few of their reasons below:

Health information technology:

• improves the quality of care
• prevents some medical errors
• empowers consumers to make smarter healthcare decisions.
• saves consumers money.
• decreases billing errors.
• is critical in the event of a nation-wide emergency.
• increases accountability from providers.

You can see the full list here

HIPAA– it’s got teeth now

Posted 7 July, 2007 in HIPAA, EHRs

Without enforcement (including audits and levied penalties), laws are essentially meaningless. In en effort to prove that the HIPAA regulations were meant to be both read and obeyed, the Department of Health and Human Service (HHS) has begun to audit medical institutions. They started this March with Atlanta’s Piedmont Hospital. I think this is great, because up until now, EHR companies and the like have been able to claim HIPAA compliance without any proof. Now is when the truth will come out.

Piedmont Hospital was given ten days to provide policies and procedures addressing the following 24 areas:

1. Establishing and terminating users’ access to systems housing electronic patient health information (ePHI).
2. Emergency access to electronic information systems.
3. Inactive computer sessions (periods of inactivity).
4. Recording and examining activity in information systems that contain or use ePHI.
5. Risk assessments and analyses of relevant information systems that house or process ePHI data.
6. Employee violations (sanctions).
7. Electronically transmitting ePHI.
8. Preventing, detecting, containing and correcting security violations (incident reports).
9. Regularly reviewing records of information system activity, such as audit logs, access reports and security incident tracking reports.
10. Creating, documenting and reviewing exception reports or logs. Please provide a list of examples of security violation logging and monitoring.
11. Monitoring systems and the network, including a listing of all network perimeter devices, i.e. firewalls and routers.
12. Physical access to electronic information systems and the facility in which they are housed.
13. Establishing security access controls; (what types of security access controls are currently implemented or installed in hospitals’ databases that house ePHI data?).
14. Remote access activity i.e. network infrastructure, platform, access servers, authentication, and encryption software.
15. Internet usage.
16. Wireless security (transmission and usage).
17. Firewalls, routers and switches.
18. Maintenance and repairs of hardware, walls, doors, and locks in sensitive areas.
19. Terminating an electronic session and encrypting and decrypting ePHI.
20. Transmitting ePHI.
21. Password and server configurations.
22. Antivirus software.
23. Network remote access.
24. Computer patch management.

How would your EHR institution do on this quiz?

The Makings of an EHR

Posted 6 July, 2007 in EHRs

When deciding on an EHR for your practice or hospital, a functional comparison between vendors is certainly in order. Fortunately, a company called CCHIT (Certification Commission for Healthcare Information Technology) provides an updated comprehensive list of functional EHR requirements for “certified” EHR systems. Whether or not a private, for-profit organization ought to be certifying EHR companies is debatable, but the CCHIT certification documents do provide a robust baseline upon which an EHR can be considered complete. I’ve summarized most of their 2007 EHR functional specifications for you below:

Criteria for a complete EHR (items the EHR system must have or do):

• Identify and maintain a patient record
• Manage patient demographics
• Create and maintain patient specific problem lists
• Create and maintain patient specific medication lists
• Create and maintain patient specific allergy and adverse reaction lists
• Capture, review and manage medical, procedural/surgical, social and family history
• Summarize health record
• Manage clinical documents and notes
• Capture and store external clinical documents
• Generate and record patient specific instructions
• Create prescriptions with detail adequate for filing and administration
• Order diagnostic tests
• Route, manage and present current and historical rest results
• Manage consents and authorizations
• Identify drug interaction warnings at the point of medication ordering
• Present alerts for disease management, preventive services and wellness
• Clinical task assignment and routing
• Scheduling
• Report generation
• Health record output
• Manage and document the health care delivered during an encounter
• Rules-driven financial and administrative coding assistance
• Entity authorization
• Enforcement of confidentiality
• Data retention, availability and destruction
• Audit trail
• Concurrent Use