February 13, 2011 9:22 PM
Posted by: RedaChouffani
On Feb. 2, two pilot projects launched promoting electronic health records exchange through the Direct Project. The two states that are currently listed with these initiatives are Rhode Island and Minnesota, though there are several other states that will undergo a similar initiative to support both public and commercial providers with the secure transmission of records.
For Minneapolis, the pilot project is focused on sending immunization records to the Minnesota Department of Health. This marks a significant accomplishment for the Direct Project since its creation.
As for Rhode Island, specifically the Rhode Island Quality Institute’s (RIQI) initiative, officials are focused on two goals: the demonstration of simple, direct, provider-to-provider data exchange, and leveraging Direct Project messaging as means to push data from EHR to the statewide HIE.
The one state that has an upcoming pilot — and can significantly outline the importance of an HIE and the results of all the hard work made by Direct Project stakeholders — is Tennessee. In this state, the CareSpark organization, which supports several of the hospitals near Bristol, will support the exchange between the state HIE and the VA. The exchange will consist of exchange the referrals and consultation reports amongst VA providers and private physician’s practices in east Tennessee and southwest Virginia.
February 13, 2011 7:21 PM
Posted by: RedaChouffani
, business intelligence
, Stage 2
, Stage 3
In a recent article, I reviewed the HIT Policy Committee’s proposed measures for meaningful use stages two and three. As we begin to see more questions in regard to which measures will make it to the final requirements, with much of the focus being on clinical implications required to become a meaningful user on a certified system, it leaves a large task on the hands of CMIOs, CIOs, and other executives — the task being to collect, analyze and trend the information, predict, react, and measure progress from the pre-captured clinical data.
While there are still questions regarding the format of the questionnaires and surveys required to capture patients activation, skills, knowledge, and level of patient awareness (as listed in the proposed measures), several organizations have started to create their action plan to gauge and record such measures.
With all the data that will be available to support improved outcome measures, comes the responsibility of using the right business intelligence tools to assist with the analysis and trending of the data required for meaningful use stages two and three.
In order to ensure that your business intelligence (BI) is successful you will need to follow these simple and critical steps:
1. Get the right data at the right time
As discussed earlier, it is very critical to ensure that there is sufficient data available to plot your progress in certain areas. This would require first analyzing the reports and trends, not limited to meaningful use stages. Second, identify at what frequency the data will need to be reported on for each department within the organization.
2. Define where the data is
The majority of the analysis will be applied against existing data that has been collected through the hospital system and internal applications. But there are a few data sets that will need to come from third party entities and/or other public or federal groups. As an example, when reviewing the suggested measures which will assess the appropriate use of medications based on standards of care for applicable conditions, we realize that we are comparing data collected within the hospital against standards that are outside the IDN. This clearly indicates the importance of knowing the origin of the other data collected.
3. Share the value with the rest of the group
Unfortunately, not everyone appreciates the power and value of BI provides to organizations. But it can be sometimes just a matter of education that can make a world of difference. In most successful organizations, the executive team realizes that in order to keep the finger on the pulse you must have a near real-time exposure to stats, scorecards, and other meaningful measures (even on your mobile device). So it would be beneficial to share with all management and executive team what are the capabilities and value of BI within your organization’s context. Whether the team needs to apply it to A/R analysis, the revenue cycle, quality metrics, general charge capture, patient satisfaction, or marketing, there numerous areas that can benefit from the analysis of the overall data.
4. Define reporting and analysis intervals
For the data to be properly analyzed and meaningful, it must query from the production system at different frequencies. This will store it at different processing data repositories. But in order to avoid performance issues, one must plan the difference extraction and processing frequencies ahead. For example if we are looking at reviewing the clinical services and perform a comparative analysis over a period of five years, then this is a job to be performed during non-peak hours and would most likely take many hours. But if we are looking to review a ticker in real-time that displays patient admissions or discharges then a simple query can be executed periodically throughout the hour and voila.
5. Select the right tool for you
There are a variety of BI tools, from spreadsheets, to OLAP, and reporting tools. Some are open sources, while others are provided under the SaaS model. But really, the tools that need to be implemented would depend on several things: overall data size, current platform, in-house skill set, physical architecture, mobile app capabilities and support.
Another component to selecting the right tools is actually identifying the analytical data model for your specific needs. There are several third party vendors that specialize in business performance management that can reduce the customization and building time for your organization.
6. Hire help if you are not sure
Many healthcare organizations have the talent needed to implement the BI widely available. However, given the ongoing complex requirements that require a deep understanding of the data model, metadata, data integration, quality, analytics, and different management metrics, it is usually recommended to work with a third party vendor, if budgets permit, to ensure that at least the initial implementation is done right, and in a timely fashion. It also ensures that your team is involved in all the steps so they can take over and ensure that future BI needs are met internally and kept in-house.
For a successful implementation of BI and in a patient-centric environment, there are many complex tasks that need to be addressed. Some are related to showing value and engaging the leadership to back the initiative, and other relate to all the technical requirements for a successful install and deployment. But whether you’re focusing on logistics, ER, AR, or nursing dashboards, all of these areas have meaningful data that will help ensure the organization’s goals are met at all levels and everyone is in line with the objectives.
February 6, 2011 10:21 PM
Posted by: RedaChouffani
, mobile health
With more vendors directing their R&D teams to mHealth product development in response to the market trends, it is becoming more exciting to see the capabilities that several of these products are offering to physicians across the world. One recent application that attracted my attention was some of the products developed by a company in Texas that has received approval from the DFA for remote patient monitoring (RPM).
AirStrip Technologies has clearly focused initially on developing mobile applications to provide access to their cardiology and critical care remote patient monitoring for iPads, iPhones, and iPod touch, but has recently released solutions for other platforms, such as Android based devices. In addition, this vendor has provided obstetricians with access through their Smartphones and mobile devices to monitor different stages of patients who are in labor. The product, AirStrip, provides an effective way to ensure clinicians have access to real time fetal heart tracings, contraction patters, vital statistics, and nursing notes.
As we continue to see more products hit the apple store, Microsoft market place and Android Market, many caregivers are realizing the potential and promise that mHealth holds.
February 6, 2011 9:48 PM
Posted by: RedaChouffani
With several medical organizations seeking to become paper-less with the implementation of an EHR, they are still dealing with paper based documents in many clinical areas. But fortunately, physicians are more eager to completely eliminate some of the paper documents, especially given 10% of their prescriptions written on Pads are for controlled substances.
Up until June of 2010, all controlled substance prescriptions were required to be on paper. Fortunately, after that date, and with the final ruling from the Drug Enforcement administration (DEA), all schedule II and V substances can now be transmitted electronically to pharmacies. Unlike other prescriptions, controlled substances have some additional requirements in order to ensure compliance with the DEA regulations and state laws.
With this change, there are some tangible benefits from an EPCS (Electronic Prescription of Controlled Substance). For many physicians, having one workflow for all prescriptions clearly makes for a simpler process. It will also ensure efficiency as well as reduce double data entry. In addition, under the new ruling, new programs in collaboration with several pharmacies will be put in place to help reduce fraud and abuse of these substances. There are still several questions around some of these programs, however, such as PMP (Prescription Monitoring Program), since physicians can’t pull a patient’s medication history unless given prior permission, and this would require patient consent if physicians suspect a case of a drug seeking.
Participation for electronically prescribing controlled substances is voluntary, but with that comes few requirements from participants such as:
Two-Factor Authentication (Something you have, you know or you are)
(A password + fingerprint or palmscan)
(A password + generated token)
(A token + Bionmetric authentication)
Secure Network (Secured connection to the prescription Hubs or clearinghouse)
At this point, there are several things that are going to be taking place to ensure the security, including third party security and technology auditors for pharmacies and the certification of products being used. But with much of the progress already made in some of the pilot programs, and value of digitizing these prescriptions, the timeline that have been put in place are aggressive. At this stage the goal is get certification by the first quarter of 2011 and plan to have all pharmacies live with electronic controlled substance prescription by 2013.
January 30, 2011 7:30 PM
Posted by: RedaChouffani
, mHealth applications
, mobile health
As we continue to see more health care providers adopt medical records and the push toward coordination of care, many are asking the same, common questions, one of which is: Why can’t these applications just talk to each other? Well, there are definitely several ways to answer this, but the question that needs to be asked here is: Why didn’t EHR providers predict such a need, and agree one way or the other to create some type of standards to ensure interoperability? Could it be that they were competing with each other, and simply did not see the value — even if there is value for the patient here — in exchanging records many many years ago?
Well, this is the reason this question is being asked here. Clearly in the same way that we have seen several EHR vendors in the market place bring innovation, and grow to be very successful software vendors, we will see the same in the mHealth applications of tomorrow. And we can already start seeing a similar disconnect with many of the available apps.
Let’s take the example of a medical application out there that can provide risk assessment that can be developed from heart surgery. The information would generally be stored on the mobile device that the cardiothoracic surgeon uses, or even the cloud but never reported back to the EHR or patient PHI record.
We can also see another example for patients that have had bariatric surgery and are following a specific diet that requires daily logging using some of the apps. But much of the information here such as food intake and exercise logs are kept on the mobile phone as well as the cloud storage for the wellness solution provider. This leaves yet another missing link in the patients overall health record.
This will continue to be more significant as more apps become available and widely used. And as the gap continues to increase, it may be little too late at that point to try to get every mHealth app provider to agree on a new way to share information in a standardize method. As a software developer, part of my mhealth app strategy is to always follow these few rules:
- Develop the mobile solution to be able to store data in the cloud
- Develop server based solutions that can authenticate requests from outside entities through web services or other secure means
- Allow flexibility in what data can be exchanged
- Accept and store information from outside entities (such as patient information during an exchange or transfer)
- Allow for virtual printing of summary of whatever information the mobile app is generating.
While there are most definitely more to this than what was mentioned in, but this can be a good start to attempt to create a framework for mHealth apps that will ensure future interoperability as well as ease the critical exchange of information.
January 30, 2011 7:02 PM
Posted by: RedaChouffani
We have seen a surge in the implementation of electronic health records. This of course has improved access to patient medical data and made it accessible from literally anywhere in the world. But with the incredible growth seen in Smartphones in consumer market and clinicians, comes the challenge of what to do to ensure the protection and safety of the medical records.
When an organization selects to implement a complete EHR in their environment the software vendor will assist in implementing, configuring, installing and maintaining the system. They will also stage the system for accessibility from patient portal, Smartphones, Tablets, and other methods.
But as health information becomes more accessible from different devices and at different points this creates a daunting task for many IT departments to ensure the security of the entire infrastructure.
The real security difficulty that we will be facing in today’s complex environment is the unknowns created by some of the newly adopted mobile devices. But mobile devices are not the only ones that can pose a potential risk for data exposure. While most EHR advertise that the patient data is secured and can only be accessible by users who are allowed to see that information, it is far from the truth.
Following is a list of dangerous situations that can jeopardize patient’s information:
Some EHR products while installed on an end user’s PC download data to the workstation’s temp folders and retain protected health information in the local station accessible by ANYONE locally.
Windows Phone 7 SD file system is not encrypted which means that installed apps can be read and accessed if the device is compromised
Several EHR products use database engines that can easily be accessed and data extracted by technical staff who may not and should not have access to clinical data (Database Example: Advantage, Ctree, SQL, MySQL, etc..), and there are several available tools online that can help gain access to health data that otherwise should only be accessible by the end user.
Few products in the market place also allow unsecured emails send from the applications that may contain sensitive medical information regarding the patient.
Web servers that maybe exposed to the internet from within the organization to provide access to data for Smartphones and tablets through web services. This requires far more complex security planning to ensure its protection as it is more exposed to the elements that may target the organization
EHR products that store images or documents such as scanned charts in wide open shares for anyone to access from the organization
While we have several other areas that can pose a risk for health organizations and allow data to be leaked out, many CIO and health administrators have followed a methodology to ensure that their data is protected and secured regardless of the new products and technologies implemented.
January 23, 2011 9:02 PM
Posted by: RedaChouffani
September 13th, 2010 marked the end of the public comment period for proposed modifications to the HIPAA Privacy and Security Rules. Some of the changes outlined extend the Civil Rights enforcement to business associates and covered entities, also strengthening individual rights. The challenge now lays in the new security threats that will most likely increase in 2011. In addition, with meaningful use requirements such as exchanging of electronic records, many IT staffers and CIOs are under pressure to ensure the protection of their patient health records.
On top of the list for security threats in 2011 is the Malware. Many of these continue to come and infect the PCs without the knowledge of most Antivirus systems or end users. Malware makers continue to get more creative’s on how to get in your system and even install Trojans that can potentially have steal passwords and capture screen capturing tools that would be an automatic HIPAA violation.
The next threat is the hacking. With the increased activities in the cloud from the health information exchange, there is an increasing chance for more hackers to attempt to gain access to these private and secure networks.
Since the use of Smartphone is on the rise, securing these devices from Viruses and Malware is critical. For many health professional the mobile devices present an easy and immediate way to gain access to patient information and communicate with the hospital, so it is critical to ensure their protection.
There are of course many others threats available to be concerned about, from Cyber ways, to exploits executed through Social networks. Network and security administrators must be vigilant to monitor their network activities and ensure the use of the proper tools, procedures and policies to stay protected.
January 20, 2011 9:51 PM
Posted by: RedaChouffani
, Mobile enterprise
, windows phone 7
Microsoft continues to be a major player in both the health care and enterprise markets, whether it’s in the operating system, server software, or business productivity tools arena. But what’s been more impressive in the recent year is how well Microsoft products play with each other, whether it is to version word and excel documents through SharePoint, or using some of the Business Intelligence tools with Microsoft database systems. But with the reality of today and the growing trend of mHealth, one must wonder: How will MS approach the market, and what will they offer to get a bigger piece of the market share?
At this point there have been three strong competitors (RIM, Apple, and Android) for the Mobile operating system, so Bill Gates’ group must have a strong value proposition and powerful differentiators to be able to compete.
In 2010 Microsoft released its newly redesigned Windows Phone 7. This new platform replaced Windows Mobile, and of course it has already received a lot of skepticism from many technologists. So one must wonder, if Microsoft realized what makes the iPhones and Android based devices so popular, does it have a fighting chance?
The following are the top 10 reasons Windows Phone 7 may have a strong chance of one day getting to the top:
1. It’s made by Microsoft:We all realize that Microsoft is one of the most successful companies in the world. Bill Gates has created an empire dominated the Operating System, Business productivity tools as well as Database engines market. And with over $16 billion in revenue in Q4 of 2010, Microsoft can definitely afford to spend plenty on its R&D and marketing for the Windows Phone 7.
2.This is the second time around: In the past Microsoft did have an okay enterprise mobile product in Windows Mobile. Several companies developed applications for the devices using that OS but still failed to attract consumers. Realizing that the platform lacked appeal, Microsoft decided to scrap that and start from a clean slate of course, learning along the way from other competitors to ensure that this second time around they have a better chance.
3.Access to a huge pool of .NET software developers: For many software developers, picking up a new development language (especially if you have the option between Java based language for Android and Objective C for the iOS as part of the iPhones or iPad development) is quite difficult. The good news with Windows Phone 7 is that it is using .NET Compact Framework, and Xbox software developers or pure .Net developers can easily start creating Apps for this system.
4.Cross platform (Silverlight): For healthcare, it is very important to have applications run on multiple platforms. Having an application run on a PC, Windows XP, Vista, Windows 7, Tablet PC, and Phone 7 is very useful. With Silver light, Microsoft is aiming to encourage software developers to develop once and deploy their products everywhere.
5.Business productivity tools: Whether it is writing an Excuse letter, collaborating on a insurance contract, or reviewing some of the productivity numbers for nurses, Microsoft Office has been used by many. Windows Phone 7 has the ability to view and edit the common office formats from Excel, PowerPoint, Word and One Note to enable its users to work with business documents on the fly.
6.Interconnectivity: For many enterprises and hospitals, SharePoint has been adopted to help manage protocols, procedures, documentations, Events, Lists and forms. So for many it was welcomed news to hear that Windows Phone 7 has tight integration with SharePoint.
7.Unified Messaging: Earlier this year, Bill Gates in person announced Microsoft’s newest messaging product (actually an upgrade from Office Communicator) — Microsoft Lync. The intent for this product suite is to provide a way to communicate in an organization via audio and video. This provided an example of how a new generation of Soft VoIP Set will be replaced. Having this mobility, you can imagine that nurses may only have to carry a Windows Phone 7 and have with them all of their messages and extension follow them at all times. This would reduce telephony costs, and allow centralized management and support of both voice and data.
8.Future integrations: The new operating system will easily integrate with the cloud. By enabling easy communication with cloud computing services, the phone will help with Azure, SQL and future apps.
9.Centralized management: With all the different technologies being used in the hospital setting — from interface engines, radiology systems and electronic health records — it requires lots of resources to manage everything. And unfortunately many of the smartphones and mobile devices are not provided with strong enterprise management tools. With Microsoft its mobile platform can be managed centrally. This would help reduce the stress and complexity of such systems.
10.Device and data security: Since mobile phones can be used to access sensitive medical data and documents with health information, these devices should be well secured and protected. Security would not only need to be on the device itself to gain access, but users must also ensure secure communication as well. Unfortunately at this point Windows Phone 7 does not have an encrypted file system. This can be dangerous in the event that the phone is stolen. But certainly with future updates the device will most likely receive encryption functionality.
At the end of the day, in theory everything sounds good, but are users really going to use Windows Phone 7 as a PC or tablet? Only time will tell, and as long as Apps continue to be developed for this platform then Microsoft may have a good fighting chance at competing with the other current market leaders.
January 16, 2011 9:42 PM
Posted by: RedaChouffani
The is a lot of excitement around mHealth. And the more smartphones and mobile devices gain popularity the sooner we will see them in the clinical setting. As many already know mHealth stands for Mobile Health. As defined by in the Wikipedia it is “is a term used for the practice of medical and public health, supported by mobile devices”.
mHealth applications offer a new and fast way of collecting health related information without the use of full fledge workstations or laptops. With a small and yet powerful smartphone or mobile device such as an iPad or Android based tablet, information can quickly be exchange and even connect patient monitoring devices to practitioners.
There are several categories in which mobile Apps can be categorized into while there will most likely be a lot more out there, we will focus on the main parent categories and provide examples in each.
Applications for Clinical or assistance in diagnosis
Applications for remote monitoring
Applications for reminders and alters
Applications for references
Applications for healthy living
We will continue to see the growth in the mobile sector for health related Apps, and especial with the rapid growth of mobile subscribers throughout the world this will encourage innovation. But while applications will play a significant role in accessibility of health related information, it is just as critical to ensure the security and privacy of the health information .