Skip to main content

Electronic Health Records (EHR, EMR)

By Leontina Postelnicu | 11:09 am | April 03, 2019
Royal Devon & Exeter and Great Ormond Street Hospital NHS foundation trusts also picked Epic as their EPR supplier in the past few years.
Interoperability
By Mike Miliard | 10:15 am | April 03, 2019
The National Coordinator talks 21st Century Cures, information blocking, Apple, consumerism, FHIR, open APIs and new business models he sees emerging amid the "overarching theme of human choice and freedom and dignity."
Infomation Exchange
By Bill Siwicki | 03:42 pm | April 02, 2019
Case study: The EHR vendor's Happy Together technology enables the health system to incorporate data from patient portals from other healthcare organizations into its MyChart portal.
By HIMSS TV | 03:16 pm | April 02, 2019
Cisco Systems is taking on the challenge of linking the enormous amount of data generated by EMRs as well as consumer and enterprise devices in the same clinical space, says Brendan Lovelock, health practice lead at Cisco.
By Staff Writer | 01:00 am | April 02, 2019
Graham Grieve counters the case for smart eHealth cards with the argument that smartphones would work better. Several experts that presented to the senate panel investigating the My health Record in 2019 argued that instead of a central data repository, Australia should instead, invest in a smart card based infrastructure to store consumers’ health care records. These experts proposed an approach where each individual carries their own smart card, and healthcare providers load information to and read information from the card during encounters with health care providers. The experts claimed that using smart cards avoids the central problem of the My Health Record system: a single consolidated record of all health information, with dual consequences: All patients are held to a single set of policy choices about how their information is shared and managed The single repository is a large, attractive target for hackers and any successful hacks may yield many records.  Most of the focus was on the second point – a single gathering of such a large amount of healthcare information is a natural target for hackers of various kinds. Note that although the central system is highly secure and run by a security-focused team with high-discipline, provisioned to be able to make a rapid response to emerging issues, the same cannot be said of the many access points authorised to access data from the system. A hacker gaining control of such an access point (or, a legitimate user misusing the endpoint, as in the Medicare number breach in 2017) would have access to all the records, though the more indiscriminately the access is used, the more quickly it would be detected. The experts claimed that these problems could be resolved by using smart cards instead. SMART CARD EVALUATION It’s certainly true that smart cards would not have the same security challenge – hacking a single smart card, or even the system by which smart cards are accessed/updated would only grant access to the subset of smart cards encountered by the hacked system(s) during the time of the hack, since there is no central database to hack and get global access to. However, smart cards do not make any difference to the rest the of problems a system faces; they simply move them around. The problems of security, integrity, access control and security still arise in any architecture. The challenges for a smart card based approach are: Who has the right to read information on the smart card? How can a patient control how much information is accessed? Who has the right to put information on the smart card? And how is existing information reconciled with new information? Can systems updating records overwrite existing patient information? How do you secure smart cards against non-authorised readers, and still allow for back up?  How do you incentivise consumers to keep track of their health smart cards so they don’t lose them? (and how do you incentivise them to backup their information?) If they lose information, is it stored somewhere else like a new central store? How much information can you fit securely on a smart card? (And how much does the system cost?) Overseas, health smart cards generally store very little information – usually, enough to automatically identify the consumer that carries the card and to connect to a patient record stored elsewhere. In other words, it’s a token that provides access to a central record store. This does not avoid the problems of a central repository. All of these have possible solutions, but because the smart card itself is passive, the solutions must be imposed through rules made about the software that interacts with the smart card. Which means, in effect, the smart card system would hold patients to a single set of policy choices about how their information is shared and managed; at  least to the degree that the government can impose a single set of rules. But the patient doesn’t have any say about this – only the providers of the software to healthcare do. The current arrangements around the My Health Record – with the running problems related to certificates that the agency is not in a position to solve, but is still being held accountable for in public – demonstrate that a single organisation, or the health software ecosystem, cannot solve all these problems. Finally, using smart cards raise a real problem inherited from the “Australia Card” debacle – people are suspicious of government supplied cards that have an identifier.  In fact, this is such a serious perceptual problem that this might be the most important question: Would Australians accept any kind of smart card from the government? (even if it doesn’t serve as an identifying card) A patient controlled record will only truly be patient controlled when the patient holds the information. Unfortunately, smart cards will not get us there. A REALLY 'SMART CARD' All of these questions already have an answer; it’s called the smartphone. Smartphones are the correct package for acting as ‘local store’ for a patient’s information: 89 per cent of consumers already carry a smartphone Consumers part with their smartphones reluctantly  Most consumers backup their smartphones often and generally keep a close watch on them Smartphone vendors invest billions of dollars in making both a secure and usable smartphone ecosystem Rather than building a static framework, the government can specify the API formats used to exchange data between smartphones and the rest of the system, and let innovation bloom in the consumer space. The same APIs can be reused for other purposes in healthcare Applications on smartphones can manage storage/access/reconciliation/ownership issues to the degree that the consumer wants without a central authority having to make all their decisions for them Smartphones typically have plenty of storage space (note: it’s not known how much consumers would allocate to health, but the smartphones can proactively manage this question) Other countries (most notably the US) are already building ecosystems based on APIs that serve smartphones, with active support from the providers of the ecosystems.  In fact, it would be cheaper to buy the remaining 10 per cent of the population a smartphone than invest in a smart card ecosystem. Though many of that Australian population is not in a position to hold and use smartphones – mostly elderly patients and children under the age of two – they can depend on other people to manage their healthcare information. This is yet another challenge to resolve for smart cards. For this reason, the Australian Government should pay careful attention to the foundations of a healthcare information ecosystem to ensure that all consumers, not just digital literati, can leverage any API based system. And it should ensure a robust framework is set up for assessing policy and technical conformance for the APIs (though this no magic bullet). Of course, some consumers won’t want to use smartphones to store their health records at all. Others might want to take advantage of a centrally provided secure repository. The strong benefit of a web/API based framework is that consumers can choose how to engage with the system. As such, future developments for the My Health Record system should move away from the current document repository approach towards a web/API based ecosystem. Grahame Grieve is the Principal of Health Intersections, and a healthcare Interoperability consultant and developer.
By Bill Siwicki | 03:42 pm | April 01, 2019
Blood is a precious commodity nationwide, and often wasted. At University of Missouri Health Care, the mean red blood cell transfusion rate is now 22.4 percent below the original baseline rate. The medical director of transfusion services explains how that was accomplished.
By Mike Miliard | 02:51 pm | April 01, 2019
A new KLAS and Arch Collaborative report finds that RNs generally like their electronic health records more than physicians, perhaps offering hints at improved usability.
By Tom Sullivan | 12:07 pm | April 01, 2019
The EHR vendor continues its tradition of April 1 gags.
Interoperability
By Tom Sullivan | 10:03 am | April 01, 2019
New HIMSS Media research finds that nearly 75 percent of hospitals are beyond the basic level of interoperability, that best practices for information sharing are emerging and half are gearing up for APIs and FHIR.
By Staff Writer | 01:00 am | April 01, 2019
Good systems analysis requires adherence to a simple recipe – understanding who the stakeholders are and their needs, establishing design goals and working collaboratively to attain them. So how can the My Health Record system, which began in 2012 as opt-in and changed to opt-out 2018, be done better? We like to think the stakeholders are healthcare recipients and providers Australia wide. We would regard privacy, security and utility of health information as key design goals. We would hope that the many design aspects such as legislative, governance, administrative, medical and technical, be developed in harmony. Yet, all these aspects, when recently exposed to public scrutiny, have been found wanting. Researchers at Deakin University Law School under Professor Danuta Mendelson were quoted in Australian Doctor in December 2016 saying, "The My Health Record system appears more suited to supply data for government agencies and researchers than it is suited to healthcare". If the stakeholders rightfully were the Australian healthcare consumers and providers, we should be engaged in the design process and the design goals of utility, security and privacy should be achieved. Key to the design process is the question, "Does the electronic health data need to be in an online central repository?" If the stakeholders are those wanting access to big data about healthcare recipients and providers, the answer is, "Yes." If the stakeholders are Australia's healthcare recipients and providers, that answer may be different. Rights campaigner and lawyer Lizzie O’Shea drew a good analogy on Weekend Sunrise in July last year when she said, "When you centralise information like this … it becomes very attractive to hackers. We’re also putting power into the hands of government to decide how that information is to be used." "You wouldn’t cut a house key for every single plumber in the city, or every house painter [and] electrician… The same is true here; 900,000 medical professionals and 12,000 organisations have access to these records. Why would you design a system like that?” she said. Much has been touted about the benefits of treating doctors, for example, having ready access to an unfamiliar patient's data. The benefits are acknowledged and assumed to be achievable only from a centralised repository of health data. An online central repository accessible by hundreds of thousands of legitimate access points cannot be defended against cyber attack. An attacker need hack only one of these to gain access to every record in the database to see, copy and change at will. A POSSIBLE WAY FORWARD Germany implemented the first-generation of its system of smart eHealth cards in 1993 and this was then developed into the second-generation eHealthcare card in 2017. Data stored on the second-generation German eHealthcare card includes the insured person’s name, date of birth, address, gender, insurance number and coverage status.​ In addition, there is an option for additional personal data to be stored on the card with a person’s consent, such as emergency data and medication, allergies or drug intolerance. Currently, data is accessible by authorised healthcare providers on presentation of the eHealth card. There is no need for a centralised repository, which could be hacked or used for purposes other than for healthcare. If a card is lost or damaged, it is replaced by the issuing authority and data restored from the backup performed at the most recent healthcare consult. The data format is also not constrained by the physical design of the eHealth card memory chip. In 2017, 70 million Germans were in possession of the card. In the near future, a new generation of cards is expected to facilitate the exchange of medical information necessary for treatment, with the inclusion of emergency data, electronic medication plans and electronic patient records on the card. Some other main benefits of the new and improved system are said to include the prevention of redundant medical examinations by different doctors and the online update of administrative data. As such, the benefits of an eCard based system are: Patients control who and only who gets access to the data The entire database of health information is not in a centralised repository connected to the internet Patients don't need to be concerned about what present and future governments, as well as other non-healthcare organisations may do with their health data eCards are flexible about the way data may be stored and retrieved, enhancing the utility of healthcare data A comprehensive telematics infrastructure interface that provides secure communication of health data: eScripts, eReferrals, test results, health insurance, etc. updating the eCard at points of service.  A similar system could be designed for Australia, but the following need to be considered:   How do we make the data useful? It needs to be reliable, complete, up-to-date and stored in a manner which encourages meaningful, apt and rapid retrieval by the healthcare provider and associated recipient. How do we make it secure? We make it virtually impossible for the data to be retrieved by unauthorised actors. How do we make it private? We make it secure and prohibit use outside direct healthcare except only by informed explicit consent of the healthcare recipient. It is possible for Australia to have an eHealth system that services healthcare providers and recipients as primary stakeholders, but Australia is a long way from making such a system a reality. All aspects of the current My Health Record system design – legislative, privacy, health utility, security and technical – need a comprehensive overhaul. To achieve this requires our governments to change the present system, which has shortcomings in legislature, privacy, healthcare delivery, security and technology. There is a fundamental conflict between providing health data for government and non-government organisations, which the My Health Record system is geared to do, and providing an effective eHealth system which respects the privacy and trust of the patient-doctor relationship. Specifically, privacy, powers of the Minister to make rules, substantial powers invested in the System Operator and delegation of these powers need to be reviewed and changed (the original draft legislation commissioned by the Department of Health was substantially changed before presentation to the Parliament 2012). A focus on making the data relevant to immediate healthcare rather than value as cohort data needs to enliven the My Health Record use. A realisation of the fundamental vulnerability of centralised data accessible over the internet needs to drive a new paradigm. The new paradigm must make it practically impossible for everyone's data to be viewed, copied, or changed by unauthorised actors. This will allow for the use of data with informed consent, for example for research, so that it can be aggregated on a case by case basis rather than offering the totality of data by default as a smorgasbord. The most succinct summary of My Health Record’s current state was given in a submission to the Inquiry by an unnamed person who "held a variety of roles at Commonwealth Department of Health":  "In my analysis, both the government and the system operator of My Health Record, the Australian Digital Health Agency... have grossly overstated the benefits to individuals of My Health Record... which is primarily a glorified Dropbox,” he wrote. "The primary functionality of My Health Record is to facilitate secondary data usage, for government and non-government organisations, and that it is they that will be the primary beneficiaries of the system. "In terms of its usefulness for clinical practice and for individual health record management and tracking, it is not fit for purpose, although not entirely useless. This is primarily because My Health Record is about medical records storage rather than providing an up-to-date and accurate medical history overview that can be quickly drilled down into.” The only way the My Health Record can truly be Our Health Record rather than a “glorified dropbox” is if a smart eHealth card system similar to what Germany has in place is adopted.   Paul Power is the head of IT Consultancy to the medical profession, Power Associates. He also appeared as a witness and made submissions to the Senate Inquiry into the My Health Record system in 2018 and the Senate Inquiry into the Medicare card data breach in 2017. Graham Grieve counters the case for smart eHealth cards with the argument that smartphones would work better. Read more.