CMA - Docs for Patients & EMRs

I have been seeing this and other spots on TV. Further info leads to the docsforpatients.ca  site and more information on the outspoken advocate for EMRs, Dr. Ewan Affleck. It is great to see more doctors advocate for Electronic Medical Records. Sponsored by the Canadian Medical Association.  This is why I still keep a cable TV subscription!

I’m Ewan Affleck, I’m a GP, and I live and work in Yellowknife, N.W.T.

The North is a remarkable place for those of us who have come to call it home. I’ve been here 20 years and it’s a privilege as a Canadian to get to know the North. It’s a big part of our identity but many of us never get here.

The health care system globally is under stress. In The North we’re in a bit of a fish bowl, which presents us with an opportunity to be creative and try to find solutions. We have this huge place – this vast territory with 42,000 people and 33 remote communities – and we have to provide some measure of equitable, efficient and safe care. That’s a difficulty, a challenge and a gift, all at the same time.

Last year, over a quarter of the population of the Northwest Territories was physically moved for health care purposes. That drives massive cost. We’re moving people over long distances when what we really need to do is share information over long distances.

Last year, over a quarter of the population of the Northwest Territories was physically moved for health care purposes

My work with health informatics systems started with an outreach clinic that I run at a women’s shelter. Obviously you can’t leave charts in an environment like that given security and privacy concerns. I had to transport charts in and out, and so I went and got an old airline trolley and I would take it down the road with this box of charts, and I thought to myself, there has to be a better way to do this.

I went and got an old airline trolley and I would take it down the road with this box of charts, and I thought to myself, there has to be a better way to do this.

I was very committed to making this outreach clinic work, so I thought whatever it takes I’ll do it. That’s how I started with digital charts and the territorial Electronic Medical Record. Now we have over half of the patients in the territory on that system, and the plan is to have the entire territory on this single charting system, and to have as many of the divisions within the health service on the system so we can provide quality care.  We can provide networked care in the patient’s chart.

As told to the CMA, abridged from a longer interview.

It’s Your Health! Learn more about reaching your fitness goals.
No-excuses ExercisesExercise in PregnancyClassical StretchKick it up a notch and take a hike!

Ethical hacking to prevent health records held for ransom

A story about hacking that had a different angle was of interest to our privacy and security group. In this scenario, the hackers did not maliciously penetrate a system to cause chaos and destruction, but to virtually hold for a ransom a huge store of health records and personal health information.

Hacker holds patient health information for ransom

A Virginia hacker is asking for $10 million in exchange for the safe return of the personal health and prescription drug information of 8.3 million patients, HealthLeaders Media reported on May 5.

The hacker allegedly stole the information from the Virginia Prescription Monitoring Program’s (VPMP) Web site, which tracks prescription drug abuse and contains 35.5 million prescriptions in addition to enrollees’ personal information, including names, social security numbers, and addresses.

The hacker, who replaced the VPMP site with a ransom note, claims to have deleted the original back-up file for the information and created a new password-protected back-up file.

The VPMP site and the Virginia Department of Health Professions site are both temporarily disabled and the incident is under federal investigation.

This is when I realized that healthcare institutions need certified ethical hackers. These are the "white hat" hackers, who have a code of ethics, who know how to find the flaws in system security and work to prevent the "black hat" hackers from gaining admission.  In fact one in our group who works in healthcare said "oh, we do that." It is good to know there are ethical hackers in healthcare.  One of my earlier posts on this blog was about a computer security expert who hacked his way into an insulin pump, which fortunately was his own.

The White Hat Ethical Hacker Code of Ethics:

This CODE OF ETHICS expresses the consensus of the profession on ethical issues and is a means to educate both the public and those who are entering the field about the ethical obligations of all e-commerce consultants. By joining EC-Council each member agrees to:

Privacy: Keep private any confidential information gained in her/his professional work, (in particular as it pertains to client lists and client personal information). Not collect, give, sell, or transfer any personal information (such as name, e-mail address, Social Security number, or other unique identifier) to a third party without client prior consent.

Intellectual Property: Protect the intellectual property of others by relying on her/his own innovation and efforts, thus ensuring that all benefits vest with its originator.

Disclosure: Disclose to appropriate persons or authorities potential dangers to any e-commerce clients, the Internet community, or the public, that she/he reasonably believes to be associated with a particular set or type of electronic transactions or related software or hardware.

Areas of Expertise: Provide service in their areas of competence, being honest and forthright about any limitations of her/his experience and education. Ensure that she/he is qualified for any project on which he/she works or proposes to work by an appropriate combination of education, training, and experience.

Unauthorized Usage: Never knowingly use software or process that is obtained or retained either illegally or unethically.

Illegal Activities: Not engage in deceptive financial practices such as bribery, double billing, or other improper financial practices.

Authorization: Use the property of a client or employer only in ways properly authorized, and with the owner’s knowledge and consent.

Disclosure: Disclose to all concerned parties those conflicts of interest that cannot reasonably be avoided or escaped.

Management: Ensure good management for any project he/she leads, including effective procedures for promotion of quality and full disclosure of risk.

Knowledge Sharing: Add to the knowledge of the e-commerce profession by constant study, share the lessons of her/his experience with fellow EC-Council members, and promote public awareness of benefits of electronic commerce.

Confidence: Conduct herself/himself in the most ethical and competent manner when soliciting professional service or seeking employment, thus meriting confidence in her/his knowledge and integrity. Extreme Care: Ensure ethical conduct and professional care at all times on all professional assignments without prejudice.

Malicious Activities: Not associate with malicious hackers nor engage in any malicious activities. No Compromise: Not purposefully compromise or cause to be compromised the client organization’s systems in the course of your professional dealings.

Legal Limits: Ensure all penetration testing activities are authorized and within legal limits. Involvement: Not partake in any black hat activity or be associated with any black hat community that serves to endanger networks. Underground Communities: Not be part of any underground hacking community for purposes of preaching and expanding black hat activities.

Now that's getting personal: how small data is the new oil

I am not sure what to make of the personal.com company and application. There is a health information component, making it relevant to this blog. I am not sure I am so hyper concerned about personal information that I would use the personal login to access my facebook account. I suppose I am more of an exponent of open data, and even big data for that matter. Don't get me wrong. I understand the need for privacy and security of data. But "small data is the new oil"? They really might have something here:

Small data puts the power and tools of big data into the hands of people. It is based on the assumption that people have a significant long-term competitive advantage over companies and governments at aggregating and curating the best and most complete set of structured, machine-readable data about themselves and their lives – the “golden copy”. With proper tools, protections and incentives, small data allows each person to become the ultimate gatekeeper and beneficiary of their own data.

Built on privacy by design and security by design principles, small data can help people become smarter, healthier, and make better, faster decisions. It can help people discover new experiences more easily, reclaim time in their busy lives, and enjoy deeper, more positive relationships with others.

Should diabetics eat grapes?

I was listening to an acquaintance of mine talk about her mother who was recently diagnosed with diabetes. She was debating with her whether or not grapes could be part of the diabetic diet. Where to get an answer on that one? Yes, make an appointment with a professional dietician, which is what she recommended to her mother.

But what do most people do? Right, they google. And, what do they find? Research has shown that most people will click on the first five search return links that come up (thus the lucrative power of Search Engine Optimization or SEO). But when searching for health information, which is one, if not the highest usage for internet searching, do most people know if they are getting reliable or trustworthy information? Anyone even heard of Health on the Net?

I just searched on "should diabetics eat grapes?" and I did not see some of the more trustworthy internet health sites out there, like mayoclinic.com or medline. I don't know if Canadians automatically go to their provincial health authority website to seek this information. There is a lot of research on health information seeking behavior, and what patients print off before they visit their family physician.

What I am getting at, is that the trend towards personalized medicine should be able to answer this question in the context of their personal health record system (which ideally has been prescribed or recommended to them by their personal family physician).  You could have a Dr. Watson type search engine answer the question. You could have data crunchers analyzing health information in the health record, comparing to the ocean of health data that could be analyzed. Genetic information could be a factor for grapes, blood type, and insulin levels. Socio-economic factors loom large, for example, what is a grape in a food desert?

But what I think the reality is, most people don't have personal health records or know how to set them up, and the personal health records that do exist, won't be able to automatically answer this type of question, though we all speculate that it should. The family physician should be answering this question, either through a referral to a nutritionist, or a diabetes guidance counsellor. 

And this has made me think that what we need are more self-tracking stations. These would be counselling services where people can go to learn and maybe even procure self-tracking technologies, like fitbit, personal health records, mobile smartphones with blood pressure cuffs, etc.  What if there could even be fMRI, ultrasound, and Transcranial Magnetic Stimulation machines in these stations. This would be one way to deconstruct medicine, and I would like to venture on this idea in a future post on practising medicine without a license. There are so many medical and other devices which can be used to support healthy living. Maybe the model of the York University "Health Coach" would fit this idea, or the Self-Tracking Station counsellor.

Let's pool our medical data and use consent in the EHR

This is a brilliant TED talk by John Wilbanks advocating for a voluntary big data commons for medical research. The < website > they have is fascinating from a bioethics/research ethics/consent point of view. Unfortunately, I would have to disagree that such a mechanism is necessary if more people were able to consent to have their medical data released for research through the Electronic Health Record or their Personally Controlled Health Record. I have looked for some sort of venue where citizens could donate their medical data to science, instead of just their mortal remains.
Uploaded by eHealthInfoLab on Jan 5, 2012 "EHR systems offer enormous potential to improve Canada's health system; however, privacy-related information governance issues must be resolved so that personal health information continues to be handled securely, confidentially and in compliance with legal and ethical standards. Joan Roch describes the work of the Canada Health Infoway-sponsored pan-Canadian Health Information Privacy (HIP) Group to resolve these issues. She focuses on privacy issues that emerge as EHR information moves across Canadian jurisdictions, and has developed a series of 'common understandings' to support such movement in an appropriate and privacy-protective manner. Ms. Roch is Chief Privacy Strategist at Canada Health Infoway." And here is the problem for the personal health information flow to medical research - privacy and security regulations. It is not an insurmountable problem, as data de-identification becomes more rigorous, and the mechanisms of online consent become more robust.

COACH Privacy Guides now available for Healthcare Organizations from eHealth Ontario

I knew eHealth Ontario was licensing the patient portal guidelines from COACH, because I was working with the COACH Expert Group that was writing them when it was announced. The recent news announcement that all 3 privacy and security of personal health information guidelines are being offered for free to Healthcare organizations in Ontario is wonderful.  I am now working on updates to the 2011 EMR guideline and the special edition of implementing the EMR with a COACH Expert Group again. Unfortunately, I am not as much as an expert this time because a lot of it is about legislation - not my speciality.  I knew more about patient portals at the time.  If you work in healthcare, you can apparently download them for free here.  So far, however, the download has not worked for me.  Not sure what the problem is.  Maybe it recognized my name and somehow knew I already have copies of these:
http://www.ehealthontario.on.ca/en/privacy/guides/

Privacy Guides

The 2011 Guidelines for the Protection of Health Information is an easy-to-use guide that covers topics such as accountability, consent, collection and security safeguards. This guide reflects the core principles of the Canadian Standards Association Model Code for the Protection of Personal Information and the content is aligned with Canada Health Infoway requirements and standards (international and national) such as the ISO 27002 Security Management Standards.

• 2011 Guidelines for the Protection of Health Information
  A comprehensive resource on privacy and security best practices that helps health care professionals protect the PHI that they require to do their day-to-day work. This resource is designed as a stepping stone to help health care organizations address common concerns, avoid confusion and prevent misunderstandings related to the protection of PHI.
• Privacy & Security for Patient Portals 2012 Guidelines for the Protection of Health Information Special Edition
  Developed for use by those designing, implementing and maintaining a patient portal system, this helpful guide is appropriate for organizations of all sizes—from a physician’s office to a large hospital. Topics include: choosing a portal model, Canadian privacy legislation and privacy and security risks/controls related to patient portals.
• Putting it into Practice: Privacy and Security for Healthcare Providers Implementing Electronic Medical Records COACH Guidelines for the Protection of Health Information Special Edition
  Provides health care providers with up-to-date privacy and security considerations and best practices related to the procurement, implementation, setup and maintenance of an electronic medical record system in a community practice setting.

A Pioneer of Medical Records

I found this story on a blog by a Doctor who blogs.  The subject of doctors who blog is an interesting one, but probably for another post.  I watched this video and was very impressed. Dr. Weed is right on. How could anyone audit, let alone make sense of that patients' chart?

The rest of the article by Dr. Wachter I will copy here.  It is an excellent article, the jest of which seems to me to be about usability of the EMR and the EMR not getting in the way of the human person who's digital information is being recorded:

Putting the “A” Back in SOAP Notes: Time to Tackle An Epic Problem

by BOB WACHTER on SEPTEMBER 3, 2012 in DIAGNOSIS/CLINICAL REASONING, HOSPITAL CARE, INFORMATION TECHNOLOGY,MEDICAL EDUCATION/ACADEMIA

4,766 VIEWS TO DATE

A colleague recently sent me a remarkable video – of Professor Lawrence Weed giving Medical Grand Rounds at Emory University in 1971. It’s fun to watch for many reasons: the packed audience composed mostly of white men in white jackets and narrow ties, the grainy black and white images a nostalgic reminder of Life Before High Def.

But the real treat is seeing Weed, then 47 years old, angular and frenetic, a man on a mission. He begins his talk by rifling through a typical medical chart, thick as a phone book. It is filled with garbage, he says disdainfully; “source oriented” rather than “problem oriented.” Weed was promoting his new vision for the medical record – one organized around patients’ clinical problems.

In 1964, in an article in the Irish Journal of Medical Sciences (reprised, rather more famously, in theNew England Journal in 1968), Weed described his new model for patient care records, known as theSOAP note (“Subjective, Objective, Assessment, and Plan”). The idea was to begin with the patient’s history, then to present the objective data (physical examination, and results of labs, radiographs, and other studies), and finally to describe an assessment and plan for each of the patient’s problems. SOAP notes were designed to populate what Weed called the POMR: problem-oriented medical record.

This was revolutionary stuff at the time, and Weed was ready for pushback from doctors who argued that their random jottings were sacred totems of the “art of medicine.” At 51:30 in the video, Weed addresses these objections:

Art… is not a scribble in the middle of the night…. We debase the word art itself when we call what we’ve been doing art… As Stravinsky says, ‘art is nothing more than placing limits and working against them rigorously’ …and if we refuse to place them… you do not have art, you have chaos, and, to a large extent that’s what we’ve had.  

I like Weed’s problem-oriented format – so much so that one of the reasons I’m pleased when my patients leave the ICU (other than the fact that this usually means that they’re getting better) is that my trainees’ oral presentations morph from being organ-system based (“Neuro: sedated, moving all fours, head CT negative for bleed; Cardiac: MAP 75 on 2 mics of Levophed, heart rate 85, lungs clear, 2 over 6 systolic murmur at apex, good systolic function on echo….”) to problem-based (“Problem 1: dyspnea. Patient remains short of breath, O2 sat 92% on 5 liters, lungs clear on exam and chest x-ray negative. Plan is for chest CT to rule out PE…”). When I hear an organ-based presentation, I find myself struggling to translate it into a problem framework, like someone who isn’t quite fluent in a foreign language trying to make sense of a song in that language.

Whatever the method used to divide patients up into manageable chunks, there is always a tension between a reductionist view of a patient’s problems (or organs) and a big-picture view. Just as we are, biochemically, simply the sum of our cells, even atheists know that humans are far more than that. So too are patients more than the sum of their problems.

Note that I’m not being touchy-feely and holistic here, decrying the dehumanizing aspects of modern healthcare. No, I’m saying that even if you are a coot who doesn’t give a damn about what the patient isfeeling, even if you gloss over the social history in a mad dash to the liver function tests, even if you think that “patient-centered care” is mostly an empty slogan, even if you’re the kind of doctor who simply wants to figure out your patient’s problems and deal with them effectively, you must balance the simplicity and practicality of a systematic approach with the need to see patients as more than the sum of their problems.

With paper notes, this tension usually managed to work itself out. Even as we embraced Weed’s problem-oriented approach, there was something about the act of writing things down that made you realize that there was a person attached to the problems, and that each patient needed an über-assessment – a paragraph or two summing up his or her issues. The reason for this was not so much to honor the patient’s humanity (although that’s nice too) as it was to offer a crucial synthesis of what was otherwise a jumble of facts and impressions.

At UCSF Medical Center, we went live with our version of the Epic electronic medical record three months ago. It beats pen and paper, and it beats the EMR system that we traded out (at a cost of a hundred million dollars or so) by a long shot. The implementation went well overall, notwithstanding a few snafus (several thousand missing billing charges, a few patients temporarily unaccounted for, that kind of thing). I’m certain that these glitches can and will be ironed out.

But I’m less confident that we can fix what Epic is doing to our notes, and our brains.

The system, you see, places the problem list at the core of the patient’s clinical world – in a way that goes well beyond what Larry Weed imagined. One really doesn’t “write a note” anymore; rather one charts on each of the patient’s problems, one by one. At the end of a session, the computer magically weaves these fragments into what outwardly appears to be the patient’s progress note. But it’s not really a note, it’s a series of problems (each accompanied by a brief assessment and plan) held together with electronic Steri-Strips. In other words, it takes Weed’s vision of the POMR and hypertrophies it. As with muscle, while some hypertrophy can improve function and be attractive, there comes a point when more hypertrophy becomes constrictive, dysfunctional, even grotesque.

Why did Epic and our UCSF IT gurus structure things this way? The primary virtue is that this charting-by-problem approach allows the patient to be followed longitudinally, since one can track problems such as “hypertension” or “ovarian cancer” over years, seeing how they have been managed and observing the response to therapy. It isn’t a bad conceit, and it probably makes tons of sense when described in a fishbone diagram on an informatics seminar whiteboard.

But the effect I witnessed on patient care and education was less positive. When I was on clinical service in July and read the notes written by our interns and residents, I often had no idea whether the patient was getting better or worse, whether our plan was or was not working, whether we need to rethink our whole approach or stay the course.

In other words, I couldn’t figure out what was going on with the patient.

If Epic was the only thing promoting this kind of reductionist approach, it might be survivable. But it’s not. In the face of duty-hours limits, our trainees are increasingly programmed to operate in a “just the facts, ma’am” mode, to approach patients as a series of problems to be addressed expeditiously and algorithmically. This “if X, then Y” mode of thinking isn’t wrong, per se, but – particularly in the hospital – when unaccompanied by an effort to paint a coherent overall picture, the notes (and accompanying presentations) can become data without information, empty e-calories.

(Note that this problem comes on top of the copy-and-paste phenomenon so cleverly skewered by Hirschtick a few years back in JAMA. While copy-and-paste must be addressed, I’m less worried about it than I am about the impact of the EMR on clinical synthesis and reasoning.)

Larry Weed was acutely aware of another objection to his problem-oriented approach: the concern that each problem would be viewed in a vacuum. In his 1968 article, he wrote:

Fragmentation of single diagnostic entities resulting from listing separately single related findings is not a legitimate complaint against a complete list of problems. If a complete analysis is done on each finding, integration of related ones is an automatic byproduct. Failure to integrate findings into a valid single entity can almost always be traced to incomplete understanding of all the implications of one or all of them.

In the old days, failure to connect the dots between problems 1, 3, and 6 may well have been due to cognitive gaps. But the modern IT system can prevent even smart physicians from performing this essential act of synthesis. The patient with cough, sinus problems, and kidney failure cannot be thought of as the sum of the differential diagnosis of each of these problems. Instead, as Occaminsisted, these problems must be placed in a Venn diagram, accompanied by strenuous attempts to figure out what lives at the intersection. This is damn hard to do when one is electronically charting each problem independently. Monkeys and typewriters come to mind.

Over the past few years, Epic has “won the game” in the competition among IT vendors trying to sell to large teaching hospitals. This is fine – it is a robust system and an impressive company. But something needs to be done to preserve the essential act of clinical synthesis, and soon.

What would I do? I’d build into each Epic note a mandatory field, and call it “Über Assessment” or “The Big Picture.” Mousing over a little i icon would reveal the field’s intended purpose:

In this field, please tell the many people who are coming to see your patient – nurses, nutritionists, social workers, consultants, your attending – what the hell is going on. What are the major issues you’re trying to address and the questions you’re struggling to answer? Describe the patient’s trajectory – is he or she getting better or worse? If worse (or not better), what are you doing to figure things out, and when might you rethink the diagnosis or your therapeutic approach and try something new? Please do not use this space to restate the narrow, one-problem-at-a-time-oriented approach you have so competently articulated in other parts of this record. We know that the patient has hypokalemia and that your plan is to replace the potassium. Use this section to be more synthetic, more novelistic, more imaginative, more expansive. Tell a story.

All in all, I am pleased that UCSF went with the Epic system and I remain a fan of electronic health records. And Larry Weed was right: we must have a structure to record what is happening to our patients, and his problem-oriented approach remains the most appealing one. (Ultimately, one wonders whether natural language processing will make such a structure less important, in the same way that I no longer pay much attention to filing documents on my Mac now that its search function is so powerful.)

But the time is now – before our trainees build habits that will be awfully hard to break – to recognize that electronic medical records do more than chronicle our patients’ histories, exams, and labs. They are also cognitive forcing functions, ever-so-subtly modifying our approach and language into something that can either improve our clinical care and teaching, or not. Let’s show these computers who’s boss, and put the “A” back in SOAP.