A plus in the operating room, EHRs can cause trouble for providers in the courtroom

Electronic health records have been touted as – and have proven to be – beneficial to healthcare organizations in terms of cost savings and efficacy of medical treatment.  They are not, however, unalloyedly beneficial in the courtroom.  As might be expected, the most important evidence in malpractice cases is medical records and now that they are digitized these records tend to be in EHR form.   According to defense attorneys, electronic medical records come with their own set of problems for the provider facing a malpractice lawsuit.  One striking issue is the “autofill” feature in EHR templates which automatically populates fields with data that may not be pertinent to the situation at hand.  Other issues include technical glitches, as well as users not using the software correctly.

See Business Insurance article at "Malpractice suits often tap electronic medical records"

Health care system mergers slow transition to electronic medical records

The mounting economic challenges and the uncertain regulatory environment ensure that the pace of mergers in the healthcare industry will continue to accelerate, at the same time as the industry is moving into the digital age.  Converting a single health care system from paper to meaningful-use certified electronic medical records (EMR) software is incredibly challenging and time consuming.  However, conducting such transition while two health care entities are merging is more than twice as difficult because the potential for patient-endangering errors is very high, especially while merging non-complementary EMR systems.

Via Wall Street Journal:

Hospitals around the country are finding themselves forced to juggle the demands of moving to electronic health records, just as a wave of mergers disrupts the healthcare industry.

In the latest deal, two of New York’s biggest hospital chains, NYU Langone Medical Center and Continuum Health Partners, agreed to pursue discussions of a merger last week. The potential merger is the latest hospital marriage as healthcare systems around the country seek greater efficiency. Last year, Provena Health agreed to merge with Resurrection Health Care. Ascension Health, the nation’s largest Catholic health system, also agreed in 2011 to join with Alexian Brothers Health System.  A March report from Moody’s said that the pace of hospital mergers will only quicken, as reimbursements from both Medicare and private insurers shrink.

CIOs must handle IT integration of the merged hospitals, just as they are leading a transition to electronic medical records. Around 30% of hospitals have already made the move to electronic medical records, up from just 11% in 2009, according to Dave Garets, executive director of The Advisory Board Company,a medical research firm.

The digital transition enables them to share in federal incentives. As part of President Barack Obama’s 2009 stimulus bill, the federal government offered $19 billion to hospitals and doctors who can demonstrate they are using electronic medical records to write patient histories, order medications and report quality improvements.

The Obama administration hopes that by pushing America’s health system towards electronic records it can slow rising healthcare costs by reducing duplicate tests and human error.

If the merger went through, Mark Moroses, CIO of Continuum, would work with partners at NYU Langone to meld dozens of billing, procurement and patient care systems over the next few years. At the same time he is in the process of moving the chain of hospitals, which includes Beth Israel, St. Luke’s, and Roosevelt, to digital healthcare records. That will allow the chain to claim $20 million to $30 million in government stimulus incentives over the next four years, he told CIO Journal.

Mergers can complicate the transition to electronic records. Hospitals have different technical terms, and methods of documenting care, complicating the migration of data between the two institutions. And because patient health is on the line, there is no room for error, says Moroses.

That level of accuracy requires many test runs before the real migration occurs, with doctors and nurses scrutinizing samples of the transfer to spot out potential mistakes, says Moroses.

In order to claim the government money, Continuum will need to prove that doctors are entering data from patient charts into its GE Centricity record keeping software. Nurses already enter basic information like blood pressure and medication information into wireless computers-on-wheels (or COWs as they’re called), which are brought into patient rooms.

Moroses says even his hospital’s current level of electronic medical record adoption is paying off. Electronic records are eliminating situations in which tests might have been reordered simply because paperwork didn’t transfer to another department. Patient allergy information is instantly available to doctors, because it is digital. And medications are less likely to be delivered to the wrong room or the wrong patient—-a mistake that can prove deadly. “Bad handwriting on prescriptions — I know it’s clichéd but you have a real improvement here,” Moroses said.

Over the next few months, doctors will begin entering longer patient histories, including detailed diagnoses, into the system as well. Moroses is also piloting the use of iPads with a handful of doctors. He’d like 95% of physicians across the hospital system to be using the devices over the next two years.

“The iPad is the first device with a long enough battery life,” Moroses said. “The challenge, so far, is navigating through the patient information on [the iPad’s] smaller screen.”

Moroses said Continuum is also part of a Department of Defense research project, which aims to allow the hospital to use data culled from the records to do predictive analytics. The project, which also includes John Hopkins Medical Center, will allow electronic records to produce alerts when data indicates a patient is at risk, and help researchers watch for trends on how treatments and dosage amounts affect patients.

As Continuum increases its use of electronic records, it will also have to prepare to merge its records with NYU Langone, without reversing the progress it made to secure millions in government grant money.

Moroses does not yet know what steps will go into the integration – the merger has not even been approved yet by government regulators. When it does his orders will come from the business units (“If they tell us to take a hill we’ll take a hill,” he said.)

But the experience of another major hospital chain North Shore-Long Island Jewish Health System, which took over Lenox Hill Hospital in 2010, offers clues.

To receive $8 million in government funding, North Shore chief medical information officer Michael Oppenheim is helping Lenox Hill ramp up its electronic record keeping to the level already in place at some of North Shore’s 12 other hospitals. To reach that goal Oppenheim is migrating Lenox Hill’s data to a newer version of the Allscripts medical record keeping system. (Lenox Hill currently uses an older version made by the same company, which is not on the list of systems the federal government will reimburse.)

While most data will transfer smoothly from one system to another, in some cases terminologies used by two hospitals don’t match. For example, one hospital may call an injury a “chief malady” and the other system may call it a “primary complaint,” complicating the migration.

Oppenheim plans to increase the number of Panasonic Toughbook tablets into Lenox Hill to allow doctors to enter data from patient charts directly into the system. But getting people onboard using the new tools and following a new set of protocols is the toughest part, Oppenheim said.

“You have to explain to the leadership that there is an upside,” Oppenheim said. “You want them to buy in rather than feel this is something coming from corporate. But in the end the fall back is that they don’t have an option of not going this way.”

CORRECTION: NYU Langone Medical Center and Continuum Health Partners agreed to pursue discussions of a merger last week. An earlier version of this article stated that the two hospitals had agreed to merge. Also, Mark Moroses, CIO of Continuum, will work with partners at NYU Langone should the hospitals merge. The earlier version of this article stated that Mark Moroses is already working with those partners.

For Hospital CIOs, Mergers Complicate Move to Electronic Records,” Wall Street Journal (June 13, 2012)

White House Panel Issues Report on Health IT

On December 8, 2010, President's Council of Advisors on Science and Technology (PCAST) issued its report on the importance of widespread adoption and use of health IT to improve healthcare delivery and reduce costs. The report concluded that:

information technology can help catalyze a number of important benefits including improved access to patient data, which can help clinicians as they diagnose and treat patients and patients themselves as they strive to take more control over their health; streamlined monitoring of public health patterns and trends; an enhanced ability to conduct clinical trials of new diagnostic methods and treatments; and the creation of new high­technology markets and jobs. Health information technology can also help support a range of healthcare ­related economic reforms needed to address our Nation’s long­term fiscal challenges.

PCAST also recommended "nationwide adoption of a universal exchange language for healthcare information and a digital infrastructure for locating patient records while strictly ensuring patient privacy," and tasked CMS and ONC with developing guidelines "to spur adoption of such a language and to facilitate a transition from traditional electronic health records to the use of healthcare data tagged with privacy and security specifications."

You can view PCAST's press release here.

You can view PCAST report here.


WSJ: Major consolidation among HIT vendors likely

The HITECH Act added over $27 billion to an industry whose publicly trading companies' market cap is below that, around $25 billion.  Such dramatic expansion of the industry will likely lead to significant consolidation among HIT vendors. We have already seen a merger between Eclypsis and Allscripts this summer (which became final last month); and now Cerner, another leading HIT vendor, entered into a partnership with MedAssets, Inc., a company that has specialized Internet-based financial improvement systems.  Via the Journal:

As that funding makes its way to health-care IT companies, it's likely to necessitate a lot more consolidation in an industry that's currently very fragmented. For instance, hospitals are not only looking to reduce the
number of different IT systems they use in-house, they also want more seamless ways of connecting to doctors' offices and insurers.

"We're at the beginning of the single fastest transformation of any industry in U.S. history," said Glen Tullman, chief executive of the health-care IT company Allscripts Healthcare Solutions Inc. (MDRX). <...> Tullman said he expects a lot more deals to come in the industry. He said that some of that consolidation will likely take place among the companies that provide IT systems to hospitals, a list that
includes Allscripts, privately held Epic Systems Corp., General Electric Co. (GE), Cerner, Germany-based Siemens AG (SI), McKesson Corp. (MCK) and privately held Medical Information Technology Inc., commonly known as Meditech. Tullman declined to comment on what companies he expects to make deals.

You can read more at the Wall Street Journal web site here

"Health-Care IT Sector Shaking Up As Medical World Goes Digital," Wall Street Journal (October 15, 2010).


CHIME comments on EHR certification NPRM

In a letter to Dr. David Blumenthal, the College of Healthcare Information Executives (CHIME), an organization which represents1,400 healthcare chief information officers, offered some criticism of ONC's recent notice of proposed rulemaking (NPRM) regarding the EHR certification program.  While CHIME expressed general support for a two-stage approach for creating the certifying bodies, the CIO's are worried about any destabilizing effects such rule may have on the health IT market.  Via Healthcare IT News:

We are very concerned that the introduction of a two-stage approach for certification will prolong the current instability in the health IT marketplace, which exists because of the un-finalized status of meaningful use and certification regulations," CHIME wrote. "The introduction of two separate certification schemes – one temporary and one permanent – carries a risk of continuing the uncertainty and promoting needless product replacement in the marketplace.

CHIME issued a few recommendations to combat such uncertainty, which you can find after the jump.

CHIME called for:

  • Temporary process to be a provisional or interim one that builds on current certification strategies and is "harmonized" with the eventual permanent certification process. According to CHIME, certification process should be the responsibility of the vendor, and that the purpose of certification should be to provide healthcare providers and professionals with assurance that the product they are purchasing can help them achieve meaningful use.
  • More specificity in language to define what constitutes a self-developed EHR. Current wording in the regulation suggests that any complete EHR or EHR module that's modified by a healthcare provider or a contractor could require certification.
  • Changes in certification requirements be made only when they are necessary to meet meaningful use evolution or advance interoperability, not just because a certain amount of time has passed.
  • If CMS maintains the "adoption year" approach originally advanced in proposed regulations, providers should not be required to have products certified for capabilities not required in their current adoption year.
  • Individual EHR modules be certified to ensure that they can communicate according to adopted standards, and that the interoperability of those modules as used by providers be deemed as certified.
  • HIT vendors fully disclose functions for which their products are certified and fully disclose known compatibility issues.
  • In the event of a certification body losing its authority to certify products, vendors should have six months to recertify products, and providers should not be penalized for a change in a product's certified status if they are still able to demonstrate the meaningful use of the technology.

"CHIME raises concerns about EHR certification," Healthcare IT News (April 9, 2010).

CBS News reports on EHR efforts

By popular demand, here is the video of David Pogue's report on the Obama Administration's efforts to digitize patient records in the U.S. 

Watch CBS News Videos Online

"Charting a New Course," CBS News (September 13, 2009).

FTC Issues Final Breach Notification Rule for Electronic Health Information

Pursuant to the American Recovery and Reinvestment Act of 2009 (ARRA), the Federal Trade Commission (FTC) issued the final rule regarding notification requirements for breaches of electronic health information by vendors of personal health records and certain affiliated entities:

The rule applies to both vendors of personal health records – which provide online repositories that people can use to keep track of their health information – and entities that offer third-party applications for personal health records. These applications could include, for example, devices such as blood pressure cuffs or pedometers whose readings consumers can upload into their personal health records. Consumers may benefit by using these innovations, but only if they are confident that their health information is secure and confidential.


The Final Rule requires vendors of personal health records and related entities to notify consumers following a breach involving unsecured information. In addition, if a service provider to one of these entities has a breach, it must notify the entity, which in turn must notify consumers. The Final Rule also specifies the timing, method, and content of notification, and in the case of certain breaches involving 500 or more people, requires notice to the media. Entities covered by the rule must notify the FTC, and they may use a standard form, which can be found along with additional information about the rule at www.ftc.gov/healthbreach.

You can find the full text of the rule here.

"FTC Issues Final Breach Notification Rule for Electronic Health Information," FTC Press Release (August 17, 2009).

In the news: Personal Health Records edition

  • The Federal Trade Commission (FTC) issued interim regulations regarding breach notification requirements for PHR vendors, as mandated by the American Recovery and Reinvestment Act of 2009.  According to the FTC press release, aside from breach notification, the proposed rule also:

stipulates that if a service provider to one of these [PHR vendor] entities experiences a breach, it must notify the entity, which in turn must notify consumers of the breach. The proposed rule contains additional requirements governing the standard for what triggers the notice, as well as the timing, method, and content of notice. It also requires entities covered by the proposed rule to notify the FTC of any breaches. The FTC can then post information about the breaches on its Web site, and notify the Secretary of Health and Human Services.

             The full notice can be found here.

  • Mayo Clinic, in collaboration with Microsoft, launched its new personal health record (PHR) site on Tuesday April 21, 2009.  The Mayo Clinic Health Manager uses Microsoft's HealthVault system to store medical histories, test results, immunization files and other records from doctors' offices and hospital visits, along with data from home devices like heart rate monitors.  Anyone, not just Mayo Clinic patients, can open an account online; users can grant limited access to doctors, family members, and others to view the information contained in their PHR.  It would be very interesting to learn if the Mayo Clinic required Microsoft to sign a Business Associate Agreement, or if Microsoft would publicly acknowledge that their PHR product is subject to certain privacy and security rules under HIPAA.  ("Mayo Clinic backs new personal health record site", USA Today, April 21, 2009.)


  • Meanwhile, the Boston Globe raised serious doubts regarding the accuracy of patient information contained in Google Health's PHRs because "Google takes some information from insurance billing records that use broad and imprecise codes to describe patient treatment."  According to Dr. David Kibbe, a senior technology adviser to the American Academy of Family Physicians, "[claims] data is notoriously inaccurate and notoriously incomplete with respect to an expression of the problems a person has."   However, as Bob Evans of Global CIO Blog points out in an entry on this subject, is it better to have some information regarding a patient contained in a PHR, even if there is a good chance that such information can be wrong, or no information at all? ("Electronic Health Records Raise Doubt", The Boston Globe, April 13, 2009; "Google Health Records Reveal Grossly Inaccurate Info", Global CIO Blog (Bob Evans), April 13, 2009.)


Steve Fox on the new PHR privacy rules

Bob Brewin of NextGov interviewed Steve Fox regarding the new privacy rules for vendors of personal health records (PHRs), and the applicability of such rules not only to PHR vendors such as Google and Microsoft, but also to the less obvious "related entities", a group so broad it may include an iPhone app:

Steven Fox, a lawyer with Post & Schell in Washington who co-chairs the firm's data protection group, agreed that the rules cover Google and Microsoft but said he wished FTC had specifically identified the two companies in the proposed rules.

The rules cover about 200 vendors of personal health record systems and 500 "related entities, which include online medication or weight tracking programs, and 200 third-party providers that offer billing and data services.

The related entities category could include low-cost iPhone applications that would have to comply with the potentially costly breach notification process, Dixon said. An online guide lists "100 Fabulous iPhone Apps for Your Health and Fitness," and Fox said these applications would be covered by the breach notification rules if they exchange information with personal health records.

("Proposed breach notification rule would affect more health vendors", NextGov, April 16, 2009.)


In the news: CVS and Google; Connect Open Source Software; and more

  • CVS pharmacy customers now have the ability to download their prescription and medication histories to Google Health accounts after CVS and Google expanded their partnership.  Patients at CVS' walk-in MinuteClinics are also able to add summaries of their visits to their Google Health accounts.  It would be interesting to find out if CVS and Google ever executed a Business Associate Agreement.  After the enactment of the HITECH Act, Google famously maintained that its personal health records product is not a subject to the new legislation and certain privacy and security provisions under HIPAA.  ("CVS-Google Health pact now includes drugstores", AP, April 6, 2009.)
  • The federal government released Connect, and open source software which allows public and private entities to share health information via the National Health Information Network.  The source code is free to download (the code and its documentation are available here), but organizations choosing to acquire and use this product will be responsible for costs associated with the installation and maintenance of Connect.  The Social Security Administration, Department of Defense, Veterans Affairs, and the CDC are among the many government agencies using this software for health information exchange already.  ("NHIN software released to open-source community", Government Health IT, April 7, 2009.)



  • This Business Week article analyzes the various data privacy and security concerns facing health care providers and patients alike.  ("Putting Patient Privacy in Peril?", Business Week, April 6, 2009.)
  • The New York Times reports that New York-Presbyterian Hospital became "the first large institution to move beyond the pilot stage this week as it begins to offer consumer-controlled health records for patients... New York-Presbyterian has been working with Microsoft for more than a year, not only on technical matters but also ease-of-use concerns with patients. The introduction will be gradual, beginning with heart patients, who will be told of the potential benefits of personal health records when they visit a New York-Presbyterian hospital or outpatient clinics."  Once again, it would be very interesting to find out if NYB and Microsoft signed a Business Associate Agreement, or if Microsoft acknowledged whether it is now subject to certain privacy and security provisions under HIPAA.  ("A Hospital Is Offering Digital Records", New York Times, April 5, 2009.)