The Healthcare IT Guy

I introduced Phreesia on my blog back in December 2005. I was impressed by the company back then because they took a real problem — improving the patient check-in process — and solved it using some deceptively simple technology that would actually be used.

They definitely haven’t rested on their laurels; since then, Phreesia has continued to improve the patient experience. Phreesia remains the Patient Check-in Company but they’re just getting even more deeply embedded within the physician office workflow. The new PhreesiaPad has had a total makeover in its user interface and external design; a new, friendly orange PhreesiaPad now sits in doctors’ offices across the country (see image below). This non-intimidating design helps even the most techno-phobic patients ease into using it for check-in.

The team at Phreesia is dedicated to creating a functional interface and maintaining patient satisfaction. The data collection ranges from basic identifying information to reason for visit, family medical history, insurance provider and current medications – even adding a comprehensive list of name brand and generic meds built-in to avoid remembering or confusing prescriptions. One of the newer and most innovative controls I’ve seen on the PhreesiaPad was a custom signature capture feature where patients can electronically sign doctor-uploaded HIPAA and other agreement forms, not only does it capture an accurate signature, but also allows one to switch the side of the line depending on whether they’re right- or left-handed. Rest assured that all of the Patient Health Information captured, is secure and safe and since Phreesia is committed to the ideals of HIPAA, docs remain compliant by using the pad. You can view all these features in a demo of the new PhreesiaPad here.

Doctors across the country have clearly seen a need for the PhreesiaPad; the company has grown exponentially since it started. The fact that docs in a number of specialties, not just primary care physicians, get specialty specific and fully modifiable interviews makes it easy for any type of physician to serve their patients. Phreesia draws on the advice of a really comprehensive medical advisory board with a broad range of specialties from some of the top hospitals in the country, which helps the team become completely engrossed in various medical fields including: Neurology, Cardiology, Internal Medicine and Obstetrics among others.

Phreesia recently launched Spanish-language functionality so patients can conduct the interview in Spanish. Chaim, Evan and team are responding to physician offices’ requests by enhancing applications to conduct real-time, patient triggered eligibility and benefits checks and enabling a patient self service co-payment process. Phreesia will integrate with any existing and future technology in your office

With such success so far, Phreesia has also contributed to the ‘greater-good’ by launching clinical initiatives that aid in the prevention and awareness of stroke, medication wear-off in Parkinson’s Disease patients and the early identification of women at risk for postpartum depression. Since I last recommended giving Phreesia a chance, it has grown at a rapid pace and docs in almost every state are reaping the benefits. I still stand behind Phreesia, and if you’re a doctor and haven’t done so already, please take the opportunity to learn more and get this technology into your office. It’s well worth the effort.

The folks at MyFamilyHealth.com have combined online genealogy, social networking, and basic personal health record management for a single and eminently useful purpose: learning more about your family’s medical history to help improve your own health by better understanding your genetic risks. It will be fascinating to see how people use it over the next few years.

I built my own family history account this morning and found these important benefits:

• Create a social network of your family members and share your medical history with them. It would be interesting to see if they make a facebook application soon to tie in with other social networking tools.
• Discover and learn about the health problems that run in your family – including conditions that might not otherwise be considered by your physician.
• Discover if you or your family members could benefit from specific diagnostic, genetic or screening tests.This is probably the area they are making money so it’s good to see a viable business model.
• You can share your family health history with your physician and receive better guidance to delay, improve or even prevent bad health. This is a good way to promote the service, too.
• Although I didn’t try it, they claim they can Import your family tree from genealogy sites like geni.com and ancestry.com.

A surgeon friend of mine, who’s been a great proponent of practical healthcare IT solutions, prepared this nice little parody of a fictitious HIT/HIS vendor named Extormity’s press release . Here’s what my friend wrote after some bad experiences with a few healthcare IT firms at his hospital:

Health care information systems provider Extormity, Inc. (NASDAC:EXTRT) announces a product class action law firms have been developing in concert with Extormity corporate leadership.  Extormity Litigation Aggregator (ELA) helps by bringing together thousands of plaintiffs from Extormity installations nationwide for focused legal action, or threats of legal action.  Often with the help of ELA, an experienced legal firm can bring a settlement provider organization (SPO) to its knees, without having to let the actual injured plaintiffs become aware of the potential for legal action.  Hospital billing records and clinical data are scoured for use of products outside the confines of the FDA approved list, or for impossible to disprove potential adverse effects (IDPAE) for presentation to the SPO (a pharmaceutical firm such as makers of Vioxx, or a professional organization (e.g., the American Society of Neurosurgeons), who refuse to staff emergency rooms 24/7 as plaintiffs arrive in medical need.  While kickbacks to hospitals for such legal actions are illegal, complex contracting for Extormity’s clinical suite can conceal incentives to install ELA by extending our Extormity contract, free of additional charges, for a decade or more.  We expect the product to provide an immediate return on investment for Extormity, since the usual delay in litigation can be avoided, and settlement terms hammered out quickly as data is presented on a real-time basis.  Our legal team assures us that trial lawyers won’t delay product roll-out, as spin off suits can be identified and passed to smaller local or regional firms, allowing ELA’s legal clients to go after only the best litigation targets.

TechCrunch posted today about MedPedia:

MedPedia is a new project, currently in development, that will offer an online collaborative medical encyclopedia for use by the general public. In order to keep the content accurate and up-to-date, content editors and creators have to have an MD or a PhD. Several highly-esteemed medical colleges will be contributing content to MedPedia, including Harvard Medical School, Stanford School of Medicine, UC Berkeley School of Public Health, and University of Michigan Medical School. Medpedia is also receiving support from the National Institutes of Health (NIH), the Centers for Disease Control (CDC), the Federal Drug Administration (FDA) and many other government research groups. The content from these organizations will then be edited by MedPedia’s community of medical professionals.

When the New England Journal of Medicine speaks, people in clinical circles listen. In the most recent issue of the Journal, in an article entitled "Electronic Health Records in Ambulatory Care — A National Survey of Physicians" the authors report the following results from the survey:

Four percent of physicians reported having an extensive, fully functional electronic-records system, and 13% reported having a basic system. In multivariate analyses, primary care physicians and those practicing in large groups, in hospitals or medical centers, and in the western region of the United States were more likely to use electronic health records. Physicians reported positive effects of these systems on several dimensions of quality of care and high levels of satisfaction. Financial barriers were viewed as having the greatest effect on decisions about the adoption of electronic health records.

They formed the following conclusions:

Physicians who use electronic health records believe such systems improve the quality of care and are generally satisfied with the systems. However, as of early 2008, electronic systems had been adopted by only a small minority of U.S. physicians, who may differ from later adopters of these systems.

While neither the results nor the conclusions from the results are surprising (that money is the biggest impediment) , they are well documented and give a much better picture given the general rigor of the survey and excellent attention to statistical analysis.

I especially liked their closing remarks:

In discussions about health-information technology, our study informs the debate by providing benchmark information about the levels of adoption of electronic health records by U.S. physicians as of late 2007 and early 2008. Further studies that use clear, similar definitions of electronic health records and representative samples of physicians will be necessary to inform the development of policies with regard to electronic health records in our health care system.

Life hacks are productivity strategies that solve everyday problems — especially problems related to information overload. Joshua Schwimmer, a Physician, recently put together and presented Life Hacks for Doctors (as a slide deck, not a paper). It’s a nice presentation and I recommend all Physicians take a quick glance — it will only take a few minutes to run through it.

Fred Trotter sent out this note to several health IT bloggers recently.

Recently slashdot referenced two uninformed comments on Google Health offering.

http://science.slashdot.org/article.pl?sid=08/05/23/0520223

The problem here is that HIPAA should NOT cover Google Health or HealthVault. This issue now dominates this debate, and I wanted to specifically point out some of the problems with this thinking.

http://www.fredtrotter.com/2008/05/23/in-all-fairness/

Fred does a great deal of wonderful healthcare and IT writing. His latest argument for why HIPAA does not cover Google’s or Microsoft’s PHR offerings makes a lot of sense and is well worth reading. Vendors of technology are generally not covered entities unless they are somehow participating in the care process and I think everyone’s making a big deal about "Google is not HIPAA compliant" or "Microsoft has privacy problems" for very little reason.

Normally I write about Healthcare IT but today’s Why Doctors Are Heading for Texas article in the Wall Street Journal caught my attention. Here’s why:

Today obstetricians, surgeons and other doctors might consider reviving the practice. Over the past three years, some 7,000 M.D.s have flooded into Texas, many from Tennessee.
[Why Doctors Are Heading for Texas]
Corbis
Sam Houston.

Why? Two words: Tort reform.

In 2003 and in 2005, Texas enacted a series of reforms to the state’s civil justice system. They are stunning in their success. Texas Medical Liability Trust, one of the largest malpractice insurance companies in the state, has slashed its premiums by 35%, saving doctors some $217 million over four years. There is also a competitive malpractice insurance industry in Texas, with over 30 companies competing for business. This is driving rates down.

The result is an influx of doctors so great that recently the State Board of Medical Examiners couldn’t process all the new medical-license applications quickly enough. The board faced a backlog of 3,000 applications. To handle the extra workload, the legislature rushed through an emergency appropriation last year.

Now many of the newly arriving doctors are heading to rural or underserved parts of the state. Four new anesthesiologists have headed to Beaumont, for example. Meanwhile, San Antonio has experienced a 52% growth in the number of new doctors.

The article goes on to cite many other benefits of tort reform in Texas, especially in Asbestos cases. It’s a great example of how a simple change in the rules governing physicians and malpractice can fix problems like:

• Lack of medical professionals (Doctors want to practice in a state where medicine is more important than lawyers)
• High healthcare costs (when malpractice insurance premiums go down, so do healthcare costs)
• Availability of healthcare support for charity care (when healthcare costs go down, hospitals can afford to do more charity work)

I grew up in Houston, TX but now live in Washington DC. I still have fond memories of Texas and really do enjoy seeing stories like this. Perhaps some of the presidential candidates should increase their support of tort reform.

I loved what the author, Mr. Nixon, said at the end of the article:

Texas recently became home to more Fortune 500 companies than New York and California. Things are trending well for the Lone Star State. Anecdotally, we can see that while doctors are moving in, trial lawyers are packing up and heading west. They’re GTC — Gone to California.

HealthCampMD  (http://barcamp.org/HealthCampMd) will look at Social Networks, Web 2.0 technology and Data Portability as it might impact the Health Care industry.

This will be a meeting of minds of technologists and health care professionals interested in the evolution of the Health Care industry.

Check out the information page at http://barcamp.org/HealthCampMd and sign up! If you live nearby in MD, VA, or DC please pass along this message.

I love it when my readers send me links and tips and I got a great one from Bioxpert (name withheld per request):

Hi,

Longtime reader, first time tipper. Love your blog!

I went to a fantastic presentation at Harvard Med School on High Impact Clinical Innovation -techniques for physicians to innovate within their specialties.  It was sponsored by CIMIT and features a presentation by Zen Chu, a local venture capitalist and medical device entrepreneur.

The slide presentation was really useful and would be to your audience. CIMIT serves MIT, Harvard Med, BU Med, MGH, Brigham and other institutions in the Boston medical community. They are now posting their videos of forums in blog form, too.

I thought of your blog as he concluded with the need for training MD/VCs and "commercialization grand rounds."

The presentation she’s referring to can be found here. I read through it and liked it a lot — it has some great ideas and it’s worth reading.

Thanks, Bioexpert.

The folks at LiveSmarter have put together their list of the Top 100 Open Source Software Tools for Medical Professionals. It includes the following subject areas:

• Medical Billing and Electronic Medical Records
• Antivirus, Security and Privacy
• Communications
• Graphics and Imaging
• Content Management Tools
• Research and Reference
• Multimedia
• Storing Patient Information
• General Tools that Work for Everyone
• Collaboration Tools
• Storing, Sharing and Managing Files
• and For Patients

It’s a nice list, worth checking out.

In the past, I’ve written a number of postings on Identity Management for Healthcare. I recently contacted Ash Motiwala, CTO of Identropy to weigh in on the subject.  Ash and Identropy have plenty of real-life experience deploying Identity Management systems in the healthcare arena, and are industry innovators with their managed identity services platform, iMIS.  Identropy also provides identity infrastructure assessments, integration services and workshops to aid organizations find their identity management roadmap. These guys know what they’re doing and they take a good deal of identity management burden off the shoulders of CIOs and IT directors. If you want to make some headway on your initiatives but don’t want all the management headache or can’t hire the "best and the brightest" into your own firm check out their managed service offerings — they’re pretty unique.

Here’s what Ash had to say about identity management for healthcare institutions:

Identity Management is officially center stage for healthcare institutions.  According to the 2008 HIMSS Leadership Survey, which surveyed 300+ healthcare IT professionals, the number one technology they anticipated their organizations would use within the next two years was identity management (coming in at 45 percent).  In terms of security technologies, they identified single sign-on as high on their priority list, while nearly half of the participants acknowledged plans to deploy it in their environment within the next two years.

With that being stated, the questions regarding the definition of identity management and the practical steps that their institutions are taking to deploy them seem pervasive. As evidence, the same report stated that the respondents had overwhelmingly installed access control technologies (83 percent).

So, what’s going on here?  Didn’t 45% of the same respondents claim they are looking for identity management solutions?  The answer is quite simple: the term "identity management" means different things to different people. 

Some look at it as a synonym for a specific technology such as Single Sign-On, Automated User Provisioning, Access Management, Directory Services or Self-Service Password Management.  Others look at it as an umbrella term for multiple technologies, and yet others see it as "a set of business processes, and a supporting infrastructure, for the creation, maintenance, and use of digital identities."

This posting for Shahid’s blog aims to provide simple yet practical guidelines to help your organization along in the conversation around identity management technologies and what it means to your environment. So here goes:

1. The first practical step you can take is to identify the drivers: Is it HIPAA compliance you seek? If so, which specific areas? Or is the main driver physicians complaining about logging into a myriad of different applications to do their job? Or is it a problem that your software engineers are trying to solve regarding passing patient identity data between heterogeneous applications and systems?
2. Validation.  Once you’ve listed out the drivers, validate!  If the physicians are a calling, answer by setting up focus groups to allow them to voice their concerns. Sometimes a physician may use a technology buzz word that she read in a magazine, not quite grasping what it really means – so ask them to explain their experience, perhaps even allow them to demonstrate their experience so you can evaluate exactly what they need.  Perhaps you’ll find that they don’t need an entire Identity Management suite, and a simple self-service password reset tool will suffice.  If the driver is the resultant clatter from a failed audit, then speak to those internal resources that were directly involved in the audit regarding their experience and any documentation that they could provide.  Find the exact audit failures, and how they were evaluated.  Second and third-hand information is quite often adulterated and can skew the true audit demonstration needs.  By taking the time to validate the drivers, you will ensure that your endeavors are based on hard facts.
3. Classify the drivers as long term versus short term, tactical versus strategic.  Some drivers point to a tactical point solution, while others require a strategic initiative and will probably require more than one technology to solve.  If you have identified it as a strategic initiative, getting help from a consulting firm that could help you identify a roadmap rather than doing it yourself could save you significant heartache 12 months down the line.  The upfront investment can save you from finding yourself in a vendor or technology lock-in situation that could have been avoided.
4. Another practical guideline is to stop using the blanket term "identity management" in internal conversations, unless you really mean it.  If your organization really means it, then define it up front. Creating a common vocabulary is a powerful first step for meaningful dialogue, and an evasive term like "identity management" can wreak havoc on any project planning sessions unless clearly defined.  If your organization is seeking a Single Sign-On point solution, then call it that.  But if it’s a Web Access Management solution that you are after, then call it that and sharply contrast it to Single Sign-On and what benefits it will provide you.  If your organization is seeking a technology set to comprehensively manage digital identities, then label it identity management, but define exactly what it means to your organization.  Nail down that moving target, and then be relentless on those around you to use the agreed upon terms appropriately.
5. Talk about vendors last. But when you get to it, and if you have defined a roadmap that is longer than 18 months, then identify only the technologies that you seek to deploy within the next 18 months, and use them as the criterion for vendor selection.  Looking beyond 18 months in the identity world is like looking into a crystal ball.  The M&A activity is fierce, the landscape changes quickly, and even the experts are having a tough time making their identity management predictions stick.  The sales folks from the various vendors will almost always try to sell you the entire suite, yet only a handful of clients utilize it all.  Be aggressive in your roadmap, but conservative when it comes to vendor selection.

A friend sent me a note about this forum posting at HIStalk recently. It’s about an interesting new foundation called Doctors in Peril. Here’s the original text:

Hi,

My name is Jim Edison and I work part time for a private, non-profit foundation called www.doctorsinperil.org. The foundation was started after a personal loss of the founder and its mission statement is to assist doctors in obtaining refunds from electronic medical records manufacturers for products that do not work as advertised. The EHR industry is new and many companies are taking advantage of doctor’s natural trust and naitivite. We do not take any money for our services.

We will investigate a complaint filed with us and if there is merit to the complaint, we will use the threat of public exposure to help the doctor or clinic obtain a refund. We also have a legal war chest and a law firm on retainer that may be used for class action lawsuits against companies that ignore our requests or who have a history of widespread abuse.

I am looking for the best way to tell doctors about our service, so please refer me to other popular sites that might allow us to post this announcement. Please feel free to visit our site and register if you have a complaint.

We have recently updated our site with two new sections titled, "Unscrupulous Practices By EMR Companies" and "ADVICE ON PROTECTING YOUR IT INVESTMENT". They can be found here & here.

Thank you,

James Edison

Jim — I applaud your efforts and felt I should publish your request on my blog as well. If any of my physician readers have already used this service or find the new site and organization useful please do drop us a comment here.

A reader, Rami Yousef, wrote me yesterday asking the following:

What are your views on the healthcare industry in the Middle East, are they moving in the right direction in converting their clinics to e-clinics?

Since I live and work in the USA I know this market well but don’t really have much of an idea about how the Middle East healthcare IT industry is faring. I know I have many readers around the world, and based on Google Analytics, some of you are in the Middle East. Could anyone else answer Rami’s question here? I, too, am very much interested in how healthcare IT is being used outside the USA.

Many of my friends and readers of my other blogs (like my Architecture one) often ask me where they can get information about “how to get into healthcare.” As the IT field has grown in many verticals, healthcare among them, specialization provides more job security and better opportunities.

Dr. Ankush Shinde sent me this note a little while ago:

I am regular reader of your blog. Please find attached document it contains essential comprehensive references for healthcare information technology professionals.

As there is sea of information available, these references are collected by me during searching relevant information on net.

These references are useful to software professional to obtain right information regarding healthcare IT.

I love it when readers write to me and even more so when they provide extremely helpful tips or resources. The Healthcare Domain.pdf file Dr. Ankush sent should get almost any IT person who wants to get started in healthcare enough to get going.

AMNews reports:

The Massachusetts Blues believes that the return on physicians’ investment doesn’t warrant buying the technology as part of its bonus programs.

One health plan has come to a conclusion that many physicians already have reached: The financial benefits of office-based electronic medical records systems are not worth the cost to doctors.

Relying on information from past studies, including an American Medical Association estimate that doctors see only 11 cents of every dollar saved through the use of information technology, BlueCross BlueShield of Massachusetts recently announced that it has decided not to require physicians to install an EMR to participate in its bonus program.

Read the rest…

Yikes. More bad news for EMRs. As I speak to physicians, especially ambulatory care and small office ones, EMRs more and more have a reputation for harming, rather than helping, practices. EMRs remain quite useful in acute care settings but reports like the above seem keep hammering the lack of value of large EMRs in small practices. I wonder what is going to turn around this bad news.

Many of my readers have been asking about security, privacy, and HIPAA these days. I thought I would reach out an expert — Dr. Zachary Peterson. Zachary is a Senior Security Analyst at Independent Security Evaluators a computer security consulting firm in Baltimore, MD. Dr. Peterson earned his Ph.D. in Computer Science at The Johns Hopkins University, where his dissertation was on new technologies to meet regulatory compliant storage system. He also has a Masters in Security Informatics and a Masters in Computer Science. Independent Security Evaluators, started by Johns Hopkins Professor, Dr. Avi Rubin, is a small team of security experts that specialize in evaluating, designing and building secure systems. ISE’s client list includes MasterCard, Verdasys, WebEx, and PGP — they know what they’re doing.

ISE is expanding its services to include developing and implementing the correct policy and technology solutions required to meet regulatory compliance.

Here’s Zachary’s posting:

With the introduction of computers to the health care system, paper medical records have given way to their electronic counterparts, allowing information to be easily accessed, shared and modified. Systems for managing electronic records are now commonplace in all major and health care related institutions. They increase productivity, disappear geographic boundaries, and improve quality of service. It is not all good news, however.

The same features of electronic records that make them beneficial can also be used for malicious purposes. Duplicate records can be made instantaneously and clandestinely, threatening privacy. The loss of 26.5 million veteran medical records by the VA is a notable example. Electronic records are also extremely malleable, leaving open the possibility of forgery and falsification — a physician involved in a malpractice suit may wish to alter the record.

Indeed, the importance of securing and authenticating electronic records transcends health care, and has led legislators to create an ever increasing body of electronic record management legislation. There now exists many federal, state and local pieces of legislation that govern the management of electronic records, requiring corporations and government agencies alike to rethink their current electronic record systems. This is particularly true for health care entities with the passage of the Health Insurance Portability and Accountability Act (HIPAA).

As we all know, HIPPA requires "covered entities," which include hospitals, insurance companies, billing agencies, and even individual physicians, to provide privacy and security guarantees for a patient’s electronic records. Despite the lack of specificity in the legislation, computer system vendors have quickly identified the large market opportunity for "HIPAA compliant storage". Many of these products, however, fail to meet the requirements of HIPAA, mostly adding policy enhancements to existing storage platforms. There is a growing consensus among computer security experts, such as those at Independent Security Evaluators, that health care entities should understand the true requirements mandated by HIPAA and adopt appropriate technologies to ensure compliance.

The Law

The Health Insurance Portability and Accountability Act, enacted in 1996, was intended to improve the efficiency and effectiveness of the health care system by making individual’s medical information easily transfered between insurers. As part of the Act, legislators addressed the privacy and security implications of sharing sensitive patient data. HIPAA includes two provisions, the Privacy Rule and the Security Rule, that require covered entities to address the security and privacy of "protected health information" (PHI).

The HIPAA Standards for Privacy of Individually Identifiable Health Information, or Privacy Rule, addresses the use and disclosure of PHI. One of the key components of the Privacy Rule requires covered entities to implement, access control and error correction</ i> procedures, allowing an individual to manage how their personal information will be used, including limiting the marketing of their PHI.

The HIPAA Security Rule acts as a complement to the Privacy Rule, requiring a covered entity to ensure the confidentiality, integrity and availability of all electronic PHI that is created, received, maintained or transmitted by a covered entity. The entity must protect against reasonable threats and hazards, as well as protect against any reasonably anticipated misuse or unauthorized disclosure.

The Technology

The requirements set out by HIPAA are broad, complex and very often, ambiguous. To worsen matters, the penalties for failure to comply may be steep. Fortunately, the requirements fall into three broad categories. In general, HIPAA requires electronic records to be available, private and confidential, and authentic.

• Available means that all records must be accessible in real-time — accessing tape archives from a distant warehouse is unacceptable. This may require an organization to manage their own on-site storage system, and furthermore, retain a staff who knows how to manage it.
• Private and confidential means data is accessed with fine-grain controls and that data are protected from unauthorized disclosure and use — both in transit between provides and at rest on an entity’s system. Most existing compliance systems achieve this by providing only a policy-based interface, but can make no guarantees should data become lost or stolen. Systems must provide privacy and confidentiality through encrypted storage and data transmission. By correctly using encryption, systems may meet both the explicit encryption requirement of the HIPAA Security Rule and the access control requirements of the HIPAA Privacy Rule. Further, encryption can be used to permanently delete data, for example, when a patient requests a redaction under the HIPAA Privacy Rule.
• Lastly, systems must also employ authentication, meaning data are accurate and modifications are impossible to dispute. The HIPAA Security Rule requires a verification of the "accuracy" and "integrity" of electronic records. While encryption provides privacy from unauthorized intrusion and disclosure, it alone cannot guarantee the accuracy or integrity of the data. Without authentication, there is no way to verify that the result of a decryption is the same as original, unencrypted data. Authentication can also provide a way to bind an individual to their data modifications, making repudiation impossible.

Requirements must be met with cryptographically strong technologies, providing irrefutable evidence of compliance with regulations. Understanding and properly implementing the required technology to meet HIPAA compliance is a difficult and continually evolving process.

Entity compliance will be eventually be defined by the best practices of peer entities, an entity’s intent, and ultimately, decided by the courts. We assert that adopting the best security technologies, as understood by the computer security community, is a first step in the right direction. While it may be possible to achieve compliance without these technologies, systems that implement availability, privacy and confidentiality, and authenticity allow an organization to make a strong statement of compliance and able to provide irrefutable evidence of the same. In the future, were these technologies to become widely deployed as best practices, it may no longer be possible to be compliant without them.

Ed from WhoIsSick.org wrote me about his new site:

It is Web 2.0/User generated content meets Healthcare through a very simple Google Maps interface. Given the relatively slower adoption of internet and “web 2.0′ technology by much of the healthcare industry (aside from Revolution Health and a few select others), we set out to create a simple, user-friendly, and valuable website for the average consumer.

I thought you may want to check out some of the new features we added to the site. In the past we have received press from some notable websites and I just thought some of your readers may be interested in knowing about a site like ours. We’re hoping to ramp up traffic so that the site can be more useful to more people especially for the remaining of the 2008 flu season.

I love these kinds of simple but useful sites — their uses don’t fit an exact description but through collaborative communications between patients, care providers, and hopefully governments in the future we can experiment and learn alot about what I like to call “collaborative healthcare”.

A reader recently wrote me:

Have been reading your blog off and on for a while. I recently came across a site called www.trustrex.com when researching another issue. Apparently allows patients to register online with any doctor that is registered with the site. After that, patients can apparently communicate securely with the doctor after logging in. Thought it might be something worth checking out. The online registration alone is great for anyone whose had to fill out that paperwork while sick or with kids running around.

I haven’t had a chance to review it yet, but it does look promising. Anything that increases collaboration and communications among patients and providers gets my nod for sure.

There are still all kinds of worries about who owns the data, what happens to the messages if the company goes out of business, whether the communications are private and using whose privacy policy but these sorts of experiments and worth doing.

A physician friend of mine, Dr. Richard Olson ("Rich") of Gainesville, GA, and I often discuss healthcare IT issues over e-mail. He is a thoughtful, caring surgeon in private practice who has been involved in health IT issues for decades (as a consumer of them and on multiple selection committees for products at various hospitals). He definitely knows his stuff. Recently Rich sent me a note wondering about whether or not the years of healthcare IT that has been applied was in the best manner to help patient outcomes and improve clinical care. I thought it was a great question and since I’m not bright enough to answer it alone I thought I’d open it up to the rest of the readers of this blog to see what they thought. Please drop comments here to let Rich know what you think.

Here’s the complete text of the question Dr. Olson posed:

On Amazon.com recently I was pitched a book titled "CHI Remixed" about computer human interaction (CHI). I began to wonder whether the traditional informatics field has blinders on and is trying to automate too much of the textual work. Based on the effort I spend as a clinician each day, the patient/physician-provider communication process is what I need help with.

If the computer helped me translate the layman’s language into ‘medicalese’, not jargon, but description based on physiologic understanding, and vice versa to the patient, we would be ON to something. Traditional informatics looks to start AFTER all that face time with the patient, then ask me to click or type in data to populate the database, enter orders, and to what end? So that a machine structures all decisions, and my choices can supervised by an automated process?

If the academic discipline of CHI (see for example, http://www.hcii.cmu.edu/Research/projects.html) were to begin with the patient/physician relationship, and not the traditional textual medical record as its starting point, I wonder what direction the field would take. I think we would see more image-based communication (words just don’t convey understanding of many processes as well as pictures, diagrams, or video). Furthermore, the time pressure of the office appointment could be reduced, if a patient, if educated well enough, could take time for independent or family study of "what the doctor said" and logged on the Personal Health Record and went from there to online or other resources, before coming back for discussion, or other online interaction.

Data entry for analysis could be a role performed by a new class of technical worker, a glorified transcriptionist, who can work with the digital voice record, and fill in the blanks for the information system for all purposes: billing, performance improvement, public health, and subsequent clinical care. Doctors could spend their valuable time doing what we do best, in one on one time with patients and family, in an emotionally highly charged environment, inherently not very structured and unique to each individual patient (for most of us.) I pity the doc cranking the same old crank day after day - the cataract guy for example.

The standard practice of medicine also is rather isolated for the physician, with an appeal for help or consultation kind of a big deal. Without so much infatuation with artificial intelligence, we might focus instead on having records available for review by a trusted mentor. This would provide a much needed opportunity to enhance quality of care using the EHR and technology to facilitate good old regular human cognition. Pathologists routinely send out tough cases for consultation, but never do our radiologists, or internists, or surgeons for that matter. We now have information and communication systems to do so, but no reimbursement allowance to fund that at this time.

My basic question is, did we start at the right place? If our starting point was the medical record, and not the patient-physician relationship, have we picked the best path to apply technology to improve clinical care?