New Meaningful Use Interim Standards Require Encryption Capabilities

New Meaningful Use Interim Standards Require Encryption Capabilities

Posted using ShareThis

Anybody building or implement EHR with Meaningful Use as a goal should consider MU and HIPAA as parallel objectives.  HIPAA compliance should not be new to anybody involved in delivering care to patients or those who fall under the definition of Business Associates.  Encryption requirement under HIPAA is pretty robust, though it is in some ways more lax than PCI requirements for handling credit card information (funny how that is the case…)  The policy and processes have to be in place whether you implement an EHR or not.

At the same time, the EHR itself needs to fulfill Meaningful Use requirements.  If you use a hosted EHR as a physician, you will want your vendor to give your assurances that they do not only meet MU but also HIPAA requirements.  Does that make sense?

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Advertisements

A Healthcare Consumer’s Experience in 2016

After reading John Halamka’s blog titled A history of our healthcare future, I got an idea.  You can actually put together a  video of what a patient might experience, if all the Meaningful Use criteria do become rules and the healthcare delivery processes change as intended.  Is it a desirable future?  I am sure everybody has his or her own perspective given how partisan this topic has become…

Say in 2016, Joan Smith, aged 52, comes down with an ailment while traveling for business.  While it was not extremely serious, she was in great discomfort so she makes an appointment for a doctor in the city she’s staying first thing in the morning, and manages to get an appointment for 2pm the same day.  Her doctor’s clinic automatically checks her insurance eligibility when the appointment is made.  When Joan arrives at the clinic, her chart is already available fully on the doctor’s futuristic (yes I have been trying to use this word) handheld device.  The doctor confirms with Joan the drugs she is on and examines her based on her complaints.  As the doctor is recording the new Note, the handheld device recommends a couple of questions or examinations for the patient, which the doctor performed.  The device also makes Joan’s medical history available for the doctor to call up if he has concerns about existing conditions.

There was nothing serious with Joan Smith’s ailment and a simple prescription of antibiotics would do.  However, Joan is allergic to the most common antibiotics so the doctor’s system warns about this while providing the formularies that Joan’s insurer would pay for.  All in all, it was a pretty painless 20 minutes for Joan to get a prescription, avoid unnecessary tests and skip a trip to the ER due to adverse reaction to a medicine.  In a subsequent routine visit to her regular physician, Joan is able to tell her doctor that the prescription cured her problem but did cause some minor side effects with her digestive tract.

6 months later, a researcher studying female patients between the age of 50 to 60 with the ailment that Joan has is able to generate a report that the drug prescribed for Joan is 70% effective for the ailment.  At the same time, it did cause substantial side effects 15% of the time.  This is added to the drug guide that doctors use in the course of care delivery.

This is a very cursory exploration of how healthcare can be in 2016.  It may very well already work this way for you.  I would love to hear it if that is the case.  Sadly, this is not how it works for me and many others.  Doctors cannot share records easily and information is often not available to help physicians make the best recommendations for the patient.  Even today, the fact that a doctor has an EMR implemented does not necessary mean anything other than the EMR vendor has made another 50k to a couple million dollars.  This has to change.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

The future of CCHIT

During the year of 2009, when the HITECH act allocated stimulus funds and assigned the responsibility for specifying the criteria for physicians to qualify for these funds, people in the Healthcare IT business have been wondering what would happen to CCHIT (The Certification Commission for Health IT) which is a non-profit consortium made up of among others the traditional large EMR vendors.  If the government wanted to make HIT easier, cheaper and more effective, it could not just adopt the CCHIT methodology which hadn’t been very effective in promoting EMR adoption.

From the start, it was clear that the requirement for Meaningful Use would not fit neatly into the CCHIT requirements, so the relevance of the organization was in doubt.  Centers for Medicare & Medicaid Services (CMS)’s Notice of Proposed Rule Making (NPRM) on January 13, 2010 made it clear that the government wanted to be vendor neutral in its requirements.  Thus, CCHIT had to do something to play a role in this new development in the EHR marketplace.

This article from InformationWeek reports the first steps being taken by CCHIT since the January 13 rules (which were actually released on Dec 30, 2009).  Basically they have introduced a scaled down version of their “Comprehensive” certification program called the “Modular” program.  They also offer to certify for ARRA stimulus those vendors who have already spent a huge amount of money to pass their Comprehensive program.  Of course, such certification program does not really exist yet because the rules for certification have not yet been finalized.

To make this situation even more interesting is the perspective from Practice Fusion.  You probably already realize that nobody speaks without self-interest in this muddy puddle we call Healthcare IT.   As an upstart in the EMR/EHR space, Practice Fusion obviously enjoys watching the established vendors in the CCHIT organization squirm.  The fact that the National Institute of Standards and Technology has contracted with Booz Allen Hamilton to develop testing methods and process of certification of EHR will keep the squirming going a while longer.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Yodlee, a shrewd platform strategy or missed opportunities?

For those not in the business of financial software, Yodlee might not be a familiar name.  However, if you use online bill pay or one of the popular online personal financial management software, you probably have been using Yodlee without knowing it.  The issue I want to explore in this post is whether Yodlee has missed a great opportunity to provide vertically integrated solutions that end users use or that they have been smart to stay away from the trench warfare in the end consumer products space.

Yodlee has spent over over 10 years to build out its business relationships, technological capability and dominance in the financial data aggregation space.  It makes little sense now for anybody building personal financial software to go sign individual agreements with each of the likes of Citibank, Fidelity and Chase.  As the go-to platform, Yodlee now earns a platform tax from every Personal Financial Management software provider that needs to integrate with banks, credit card companies and investment firms.

At the same time, one cannot help but wonder what would have happened if Yodlee’s end user facing business was a lot more successful and most people actually subscribe to Yodlee to do their bill and financial management, as opposed to doing it through their banks or using services like Mint.com.  Given the number of new product launch and M&A activities across the US, UK and India in the news, Mint.com, Artha Money, Kublax and MoneyDashboard, DebtGoal are just a few of them, there must be significant opportunities to be realized.  However, it appears that Yodlee will not become a dominant player for end users.

Yodlee is in every one of these Personal Financial Management software but it is staying in the background.  That might well be a very comfortable commercial position.  However,  this article from bankingtech.com, Where’s the money in Personal Finance? indicates that Microsoft (after killing its MS Money software) is teaming up with Citi to build a vertically integrated solution to rival Mint/Intuit called Bundle.  If they are successful, they will have a platform that competes with Yodlee as well.  I said earlier that it made little sense for anybody to replicate Yodlee, but then Microsoft is not anybody.  It has cash and it needs growth stories.

This just goes to show no matter where you are, you cannot stay still with a successful product.  What do you think?

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Meaningful Use Challenges – software or process?

Responses continue to roll in after the Dec 30, 2009 final rule proposal from The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC).  As expected, there are some positive and some critical comments.  From reading them, one cannot help but wonder what percentage of the challenges raised are due to poorly designed EMR (or EHR) software and what percentage are due to clinical processes that resist change.  I suspect a good portion the problems are due to software.

EMR and EHR software have been in the market for many years, though many have not  delivered on their promises.  In fact, a friend in the business once said the product he sold probably bankrupted a number of medical practices due to problems with the billing and other modules.   Those who have purchased these software and experiencing problems are rightfully concerned that they not only have to spend money to swap out their current EMR, but they may also lose out on the EHR incentive money.

However, from an objective observer and healthcare consumer’s point of view, I believe the Meaningful Use goals are worthy and necessary.  What needs to happen is for the software vendors to respond to the complaints of the purchasing doctors as well as Meaningful Use requirements.  This press release by research firm KLAS points out some of the feature gaps that need to be plugged.

There is indeed a market opportunity for EHR and Health 2.0 tools delivered as SaaS as The Health Care Blog says.  They are more flexible, more integration friendly and less costly to implement (at least from an infrastructure perspective).  Those who have already implemented a clunky and inflexible system, ironically these are probably hospitals and financially endowed practices, can be seen expressing concerns such as “unreasonable threshholds for some meaningful use criteria, including computerized prescription order entry, electronic claim submission and electronic insurance eligibility verification”.

This will continue to be a space to watch, whether you are a technologist or a medical professional.  There is hope yet EHR will learn from consumer web innovations that millions have been using for a number of years.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

EHR Incentive Program – clarifying the timeline

The Centers for Medicare & Medicaid Services (CMS) under HHS announced its proposed final rule for the Electronic Health Record Incentive Program on Dec 30, 2009.  Despite the long weekend, many people have been working overtime reading through the 556 page document and making comments on their blogs.  Just do a search on http://blogsearch.google.com and you’d see many well written as well as less than fully informed opinions.

For those who are defined as “Eligible Professionals” under the document (essentially physicians) as well as vendors in the EHR ecosystem, there are a few interesting points about the incentive payments that are worth noting:

  1. ONC will define the requirement for a “qualified EHR” in an upcoming announcement.  The certification body also has not been announced.
  2. While there is always a chance politics and execution can screw up the plan, people should realize that it is not a mere act of buying and installing an EHR that enables a physician to receive the $44,000 payment over 5 years.  There are specific reporting and process requirement that the physician needs to fulfill before the payments are made.  This isn’t a simple give away to EHR vendors.  It will be interesting to see how they will “assist” their customers to get certified for EHR use.
  3. The maximum first year payment is $18,000 and it declines till it reaches $0 in the 6th year.  For physicians working in geographically Health Professional Shortage Area (HPSA), the maximum incentive amount for each year is increased by 10%.
  4. A physician needs to start “meaningfully use” an EHR by October 1 of the year that he or she intends to claim as year 1.  He or she would have to use the EHR meaningfully for the entire year in subsequent years.
  5. The Meaningful Use requirements that have been released is for stage 1.  There will be additional stage 2 and stage 3 requirements to be announced by end of 2011 and end of 2013 respectively.

The timeline is reasonably clear now.  Even though the initial bar for certification will be lenient, getting certified for the incentive may still not lead to the ultimate goal of encouraging adoption of EHR, i.e. improving delivery of care and lowering costs.

CMS is trying to change not just the way thing are done but also forcing the data integration issues to the forefront.  That is a rather weak area in a lot of the current EHR solutions (not in the sense that the feature is not available but that it is usually an expensive and time consuming customization).  As Ken Terry said in his blog, “physicians must incorporate at least half of lab results in their EHRs as structured data. That requires interfaces with their major labs, but such interfaces may be unavailable or may be too expensive for some practices“.

If you are interested in reading a synopsis of the CMS document but can’t be bothered to read through the entire 556 pages, you can start with this post.  Whether you are a clinician, a technologist or marketer, there is something worth digging into there.

Now a question for the readers, what is your plan with respect to EHR?  Already done and implemented, wait-and-see or something else?

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

Database as a Service – from Force.com to Amazon RDS and SQL Azure

These days, those who are building internet applications have many choices for database.  Traditionally (i.e. up to the last few years), you have the usual commercial and open source solutions such as Oracle, Microsoft SQL Server, MySQL, PostgresSQL to store user and application data.  Usually, these databases run in the company’s own data centers or a co-lo facility managed by AT&T, Verizon or the like.  However, offerings from Force.com (from Salesforce.com), Amazon Web Services and Windows Azure are changing this landscape.  In fact, in some cases, they start to converge despite their differences.

I started thinking about database as a service not because I was building one or looking for a DBaaS solution.  In fact, I was building a full stack internet application based on open source technology.  However, the offering from Force.com was rather intriguing as they claim to offer faster development time, easy to use language and secured infrastructure as this InformationWeek article indicates.

However, when you dig a little deeper, you will find that if you do not want your UI to look like the Salesforce.com form based interface and instead you want a rich interactive user experience, Force.com offers limited options.  The reason is because Force.com only offers a database driven form application UI or a heavy client written in Adobe AIR and Flex.  The former is reminiscent of web application from the late 1990s and the latter requires significant processing power on the client desktop.

Now you may say Force.com supports Java, Ruby and every other language under the sun.  That is indeed true though it is also where Force.com veers from a Platform as a Service provider into a Database as a Service provider.   If you want to use Java, Ruby, PHP or another language to build your application logic and client interface, you essentially have to host that code yourself.  You would be using the Force.com infrastructure for database and maybe stored procedures.  Sure you can host your application code at AWS or even Azure cloud but does it really make sense to have multiple vendors hosting different tiers of your technology stack?  It is tough enough to satisfy your SLA for applications that you run fully in-house.

In short, if you see a need to contract with multiple hosting vendors for the database, application and client technologies, you may well start looking at Force.com, Amazon RDS and SQL Azure as similar solutions.  Each has its strengths and drawbacks.  Here is an article comparing RDS and SQL Azure that you can start with.

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine