Bob on Medical Device Software

It’s finally here: Drumroll, Please: Google Health Launches!

If you use any of the Google applications (like Gmail), it’s just as easy as all the others:

It will be interesting to see if this and HealthVault have an impact on how patients interact with their medical service providers. The privacy and security issues are certain to remain a significant barrier to adoption. Only time will tell.

UPDATE (5/23/08): See Delving Into Google Health’s Privacy Concerns

UPDATE (5/24/08): Apparently this Slashdot reference is “uninformed”: Why Google Health and HealthVault are not covered by HIPAA.

UPDATE (7/6/08): I ran across this post that talks about Microsoft HealthVault security: You Will Never Get It Microsoft. Here’s a quote from it:

Microsoft obviously think that I don’t know how HealthVault works. I don’t have to know how it works, I only know that it will and can be abused one day.

Sphere

This presentation (pdf) was given by Matthew Holt at the MS-HUG Tech Forum, Feb. 24, at HIMSS08 in Orlando (all presentations are here).

There are many informative slides that cover EMR adoption, consumer health demographics, the progression of IT, Web 2.0, and a definition of Health 2.0:

It’s too bad there’s not a video available of the presentation. I’d love to hear a full explanation of the Mongolian Marxists and their relationship to healthcare IT.

There are five slides on PatientsLikeMe. This site and many of the related issues are well covered in the New York Times Magazine article last month called Practicing Patients.

Sphere

Here in Orlando at HIMSS’08 Google is barely noticeable and Microsoft is making a huge splash. Even so, Scott Shreeve unabashedly declares Google the PHR winner in his Getting Giga Over Google (Again) post:

My prediction: Google by a long shot. A really long, interconnected, collaborative, collective intelligence, networked kind of aggregated intelligence kind of a shot.

Whether you a agree with Scott or not, it’s a good read.

My only caution: It’s never a good idea to underestimate Microsoft. They may come to the game late, but when they put their minds (and resources) to it, they often win.

Sphere

The Journal of the American Medical Informatics Association has an article entitled The Early Experiences with Personal Health Records [Volume 15, Issue 1, January-February 2008, Pages 1-7] (found via Constructive Medicine 2.0).

I’ve discussed PHR a number of times in the past. This article details three PHR implementations and discusses past and future challenges. Many of these are access policy issues — privacy, security, data stewardship, and personal control. There are also many technical challenges. For example:

Thus, we will need to modify our existing PHR systems to support a service oriented architecture that permits multiple applications to retrieve our institutional data with patient control and consent. Providing such an architecture will require the nation to create and adopt national standards for clinical data content transmission, terminology and security to ensure interoperability.

I’ve also previously discussed interoperability in some detail. A SOA is a great idea, but with so many standards and proprietary implementations out there, it seems like the only way a national standard will ever be adopted is if the federal government steps in. This would require not only the definition of what the standards are, but what types of PHR/EMR systems are affected, along with a time-line for mandatory implementation.

All of that seems like a tall order. The technical aspects alone would be tough, but getting it done would also require a political process that would likely drag on for years. You really have to wonder if a national standard for interoperability is even possible?

Their conclusion regarding the importance of the P in PHR is a good one:

By placing the patient at the center of healthcare data exchange and empowering the patient to become the steward of their own data, protecting patient confidentiality becomes the personal responsibility of every participating patient.

---

On a semi-related note (i.e. isn’t worth a separate post, so I’ll park it here), I finally saw Michael Moore’s movie SiCKO the other day. It achieved a certain level of shock value regarding how people in the US are treated by insurance companies and HMOs, but it was a disappointment overall. It made no effort to further the understanding of why the health care system in this country is so messed up in the first place or to try to suggest ways to improve it. Instead it just showed the US problems and quickly turned to how great the UK, France, and Cuba socialized systems are (gosh, you mean you don’t have to pay any money at all!). Oh well, that’s Hollywood for you.

Sphere

The Health 2.0 movement (also see here) is a comprehensive approach to many of the EMR/PHR topics I’ve discussed in the past. Scott Shreeve, MD (there are many good posts on his blog) proposes what he calls the “Triple-A of Health 2.0″ approach (also see the overviews here and here):

I like Dr. Shreeve’s Health 2.0 Business Model analysis in that it clearly defines corporate motivations in this marketplace. It’s hard not to like the Aggregate concepts of Prostitution, Voyeurism, and Fetishes.

How is value going to be derived and payed for? Put into this Health 2.0 business model context at least you can begin to ask the right questions.

What Health 2.0 makes clear is the complexity of the issues that need to be resolved and that there’s a long road ahead.

UPDATE (15-Nov-2007) :

A new Health 2.0 site: Health 2.0 Blog

Sphere

Everybody is talking (WSJ-Health Blog, MedGadget, Health IT Guy, and many more) about the introduction of Microsoft HealthVault.

This seems to be a step in the right direction for personally controller health records. The direct device interfaces are particularly interesting.

Update:

There’s more discussion about this on the HISTalk blog. People certainly have strong feelings about whether PHR has a future, and even stronger ones about Microsoft. From here:

Last on HealthVault: lots of people hate Microsoft. Blue screen of death. Microsoft Bob. Forced upgrades. Browser security holes. Antitrust issues. Internet tollgate. Assume people buy into PHRs on a big scale. Of all the companies offering PHRs, which one would they trust least with their most personal information? Some Ukrainain hater will have it hacked by this time next week, I suspect.

Even if this was a real concern, I’m not so sure the general public has this level of technical knowledge that would lead them to distrust Microsoft.

In any case, I think a bigger concern about companies like Microsoft and Google getting into PHR is their bottom line motive: advertising. You can be sure that everything they do is driven by a business model — i.e to make money. This makes their shareholders happy, but what will it ultimately mean for PHR?

Sphere

Following my EMR-Facebook brainstorming post I ran across the IndivoHealth project (via WSJ-Health Blog). The announcement is that a consortium of large companies, Dossia, would be extending the Indivo open source core. Indivo has implemented the paradigm shift that I discussed.

The Indivo system is essentially an inversion of the current approach to medical records, in that the record resides with the patients and the patients grant permissions to institutions, clinicians, researchers, and other users of medical information. Indivo is a distributed, web-based, personally controlled electronic medical record system that is ubiquitously accessible to the nomadic user, built to public standards, and available under an open-source license.

Very cool. I guess I wasn’t the first to think of this!

Sphere

There’s an article in the October The Atlantic Monthly entitled About Facebook (subscription required) by Michael Hirschorn. His contention is that Facebook is currently the site that “comes closest to fulfilling the promise of social media.” As I read though the description of what that means — the way you qualify friends, the ability to track others and their interaction with others, and the restrictions you can put in place on what others can see about you, the groups you join, etc. — it made me think of the implementation of EMR systems. The primary components that Facebook has tackled are work flow and interoperability (I’ve touched a little on this before).

Maybe the Facebook model could point the way to better EMR solutions. As I started to look around I found that others are thinking the same way.

The first question is how are the requirements for an EMR system solved though the functionality provided by a social network?

1. Patient-centric: I think a huge missing piece in today’s EMR systems is patient interaction. Most are only concerned with data presentation, record management, and billing functions for the physician. Except for a few limited read-only web portals, the patient does not have the ability to add content or even interact with their own medical record. An important paradigm shift would be that the physician would seek out and gain permission to access the patients private medical account, not the other way around.
2. Patient-Doctor interaction: By not allowing the patient to have interactive control over their health information you are also limiting their ability to interact with their physician(s). Also, if multiple physicians were able to have a common platform for patient consultations it would save time, confusion, and duplication. Patients and their doctors can be thought of as a group of friends that need to interact in a unique way.
3. Multi-media: If teenagers can share music and video, why can’t patients and doctors share symptoms and test results just as easily? Also, the improved Web 2.0 interactivity holds a lot of promise for innovations in the presentation of medical data (e.g. Silverlight comes to mind).
4. Security: Nothing is perfect, but I think the Web has already proven itself secure. Think about the number of Web sites where you’ve left your credit card number, let alone if you’re like me you do all of your banking on-line. HIPAA standards can most certainly be met with current Web technology.

As the article points out:

In Facebook’s vision of the Web, you, the user, are in control of your persona.

The same should be said for your personal health information.

In addition to providing work flow restrictions, Facebook also allows developers to create custom applications though the use of the Facebook Platform. By doing so, it has created a well-defined sandbox in which to create user defined content. MySpace will also be following suite in this regard.

It’s the “walled garden” that opens the door to interoperability. This strategy is considered flawed by some (quoted in the article), but is perfect for EMR purposes. Within the confines of these APIs any medical record content provider would be able to share their data inside the sandbox. The real value is the content of the data, not the mechanism that allows access into the environment.

I know there are many other issues that need to be dealt with when considering EMR functionality. However, when thinking about the popularity and ease-of-use of these social networking sites it’s hard not to see them as a possible model for improving health information flow.

Sphere

I think the recent New York Time’s article entitled Google and Microsoft Look to Change Health Care missed the bigger picture. The article talks about other Internet companies (like WebMD), but it does not make any mention of the Federal Government’s involvement in this arena.

In particular is the Nationwide Health Information Network (NHIN) which was initiated by an executive order in April 2004:

The Nationwide Health Information Network (NHIN) is the critical portion of the health IT agenda intended to provide a secure, nationwide, interoperable health information infrastructure that will connect providers, consumers, and others involved in supporting health and healthcare. The NHIN will enable health information to follow the consumer, be available for clinical decision making, and support appropriate use of healthcare information beyond direct patient care so as to improve health.

At the end of May NHIN published four prototype architectures. The proposals are standards-based, use decentralized databases and services (’network of networks’), and try to incorporate existing healthcare information systems. The companies involved were Accenture, CSC/Connecting for Health, IBM, and Northrop Grumman.

It seems to me that Google and Microsoft are using their proprietary technologies to try to achieve the same goals as NHIN. One of the major differences of course is transparency. Everything that NHIN does is open to public scrutiny whereas GOOG/MSFT have their own market research programs and keep their strategies (for making money) close to the vest.

Besides ensuring privacy, I would argue that one of the key components for creating a successful NHIN is interoperability. Even with “standards” like HL7 and DICOM being available, IMHO the current state of the Electronic Health/Medical Records industry is total chaos. Just like GOOG/MSFT are creating their own islands of knowledge, there are a lot of other vendors (84 listed on Yahoo! Directory) doing the same. As a medical device developer trying to interface with customer EMR systems, we’re faced with having to provide essentially unique solutions to (what seems like) just about every customer. If that’s the reality down here in the trenches, a NHIN is most likely a very long way off.

In a related item, there are some screen shoots from the future Google Health service (codenamed “Weaver”) here.

Update: Dr. Bill Crounse at the HealthBlog also has some thoughts about the NYT article: Doctor Google and Doctor Microsoft; if not them, who?

Sphere