High Tech Medical Clinics?

Bolus asks: "I am a physician who is setting up a new adult medicine clinic with several other physicians. We are designing our clinic from the ground up with the latest computer technology. This will include computers in every exam room, a paperless electronic medical record, and a T1 for Internet access. Patients will have the ability to e-mail their physician and access parts of their chart online, such as medications and labs. What other kinds of online service would you want your doctor's office to offer? Instant messaging to your physician? A bulletin board for general medical questions? Chat groups? Video conferencing?"

Please be careful with email!

[Zachary+Kessin]

Many people do not want their spouse or empolyer to know things about their medical history. And at many offices the employer can in theory look at your email. If you were to email someone something you could create some delicate situations or even get someone fired or divorced.

Even just "Your appointment is next tuesday at 10:00" could cause problems if you are not a GP. I might not want my employer to know that I had an appointment with a Psycatrist or a specalist of one kind or another. There is still a major stigma attached to mental illness in many places.

What I'd WAnt

[maggard]

Things I'd like from a wired medical office:

• Security. Damn good security. Nothing holding my records directly connected to anything connected oto a general-access network.
• The courtesy of using these online devices for keeping both myself and the medical staff appraised of any scheduling issues.
• Assurences that there are "sanity checks" in the system (human) making sure that a keybounce doesn't turn my trivial prescription or medical procedure into a danger ("20" becomes "200".)
• Copies of all medical and financial records duplicated off-site under an escrow agreement should there be a disaster or the clinic fail financially.
• All records be in a format such that they can be identified and used in the future. I don't want my medical history locked in some inscrutable Whizbang-2000beta.97a format.
• None of this automation used as an excuse not to focus in me, the patient, what I have to say and being sure all my needs are being met. Presumably this equipment is all intended first & foremost to provide good quality of service efficiently and not to simply accelerate patients to the point that they become a blur.
• Competent people hired and trained to maintain and operate the systems. I don't ever want to hear "I can't because the computer's down" or "I can't do that because the computer won't let me" unless there's a VERY good reason.
• Secure email between myself and my care provider. I don't need a phone call letting me know the test results are in, a properly secured and authenticated email will do fine containing either the results and an explanation or should the implications be dire or complex a meeting request.

Hmmm.

[pcwhalen]

I have a friend from high school. Brilliant kid from a brilliant family. He is now a brain surgeon. Said he does brains instead of hearts because the brain surgeons drive better cars.

He didn't go into medicine for the money, though. His brother is making 12 times the money as an attorney in Chicago. His family has a business he could have gone into and bought 5 Lexi [plural of Lexus?]

I met him for breakfast last year. At 8 am, he had been at the hospital for 2 hrs already with a patient. I wanted to buy him a cup of coffee, but he told me had had sworn off caffiene because he could not afford a tremor in his hand, no matter how slight. He got minimum 8 hrs sleep every night and had to give up woodworking [which he loved] so his hands weren't callused.

I would GIVE this guy a Lexus if I needed someone to put his hands in my brain: I would want him. Who the fuck wouldn't?

Ever see that commercial for the Discover card? Dad buying his daughter a dog, says the $600 beagle is too expensive. Asks about the $25 hyena, which in turn eats the store clerk. Dad thoughtfully reconsiders beagle. Tag line - some things are worth more.

I'm a lawyer, kids. If you have a transaction for $100 million and you will make $10 million, do you mind paying me $500 an hour to make it work? Not likely. You get what you pay for.

I do work for neighborhood merchants and my church for free. Not to mention my entire extended family. Not everything is money.

Re:Security

[kzinti]

Security is hard enough for the professionals to get right, let alone a bunch of doctors designing their own system. Hire a security professional to design your security for you, but don't trust him. (Frankly, digital security pros are like car mechanics - just because they get paid for it doesn't mean they truly know what they're doing. Some might be experts who can fix it right, but others are just hacks who'll get it running but it'll break down again 100 miles down the road.)

So do your homework. Buy and read Schneier's Secrets and Lies and any other book like it you can get your hands on. Read the Privacy Digest and the Risks Digest. Don't read just the current issues - read the archives going back at least ten years. Don't read just the medical stuff - read it all, including stuff about the plane crashes, ATMs, 911 systems, banking systems, e-commerce systems, etc., etc. Reading those archives should scare you silly about the system you're trying to design. Armed with these fears, make sure you ask your security consultant lots of hard, pointed questions. Grill him. Make him sweat a little. If he has all the answers, he's bullshitting you.

Remember Scheier's motto "Security is a process not a product." Just because you buy a "secure" web server and a "secure" operating system and "secure" application software doesn't mean a thing. Your whole system needs to be designed from the beginning with security in mind, end to end. Furthermore, everyone who uses the system has to know and respect the security procedures. Does your receptionist know she can't hand out passwords over the phone, for example? Your people are going to be your weakest link if they don't know and respect your security system.

Some other random thoughts about security:

Do you know not to store passwords verbatim in the system, and not to have default passwords like the user's last name or SSN?

The machine that houses your online system should NOT be the primary system you use to store your permanent records. If someone breaks into your online system, they can compromise your database permanently! Your primary system should never ever be connected to the Internet, nor should it be connected to the online system while it is connected to the Internet.

Your system should be opt-in only. If a patient hasn't signed up for online access, his/her information should NEVER enter the online machine. It should be on the primary machine ONLY.

To illustrate the above: assume you store ALL your patient records on the online system, but you only enable passwords for those patients who opt into the online system. You're safe, right? Records can be accessed online ONLY for those patients wha have opted in, because the others have their passwords disabled... right? Right, until the day that sameone breaks into your online machine, then ALL the records are vulnerable. Or suppose your programmer makes a mistake so that a patient's web page accidently displays records for other patients? If ALL your records are on the online machine, mistakes like the above can compromise them ALL. The online records should be copies, should be online ONLY for opt-in patients, and should probably, just to be safe, be read-only copies.

Your online system should be non-critical. You should be able to run your office, diagnose and treat patients, etc., without it. Assume it's going to be broken into. Assume you're going to need to work without it, and BE ABLE TO DO SO.

Have backups of your critical primary records. Have hardcopy. Practice your backup procedures, so you know that they work. (My favorite kind of episode in the RISKS Digest is the instutition that has backup procedures, only to discover that they don't work when needed. Because they've never practiced them, never had a dry run.)

Make sure your office personnel are resistant to "social engineering" techniques. If a hacker can sweet-talk your office administrator, secretary, and receptionist into giving out a password, it doesn't matter how good the rest of your security is.

Bottom line: Security is a hard problem. That's why there are so many stories about people who get it wrong (again, read the RISKS digest). My advice would be to forget the online access to records. If you HAVE to go online, limit yourself to taking appointments, so you don't have to worry about securing sensitive information. (Even if you do take appointments online, do it from a separate, non-critical system.)

--Jim

I want...

[funkman]

The ability to know that I will be seen when I am scheduled for an appointment.

Personally, everything else is secondary. I don't need to see my charts and meds on-line. Other doctors or specialists might, I don't need on-line video conferencing or email - and I doubt "you" would either. Why? There is a good chance that more time will be spent setting up/maintaining/playing/fixing/teaching the technology then helping the patient.

When I see a doctor-I want to physically see the doctor on time. If possible, give me a accurate diagnosis, then I can be on my way doing whatever I need to do to get better.

Re:urk?! moral qualms a-plenty!

[mc6809e]

"Hi. I'm recovering from a recent apendectomy to save my life. Before the operation, I would have paid anything -- I thought I was the most valuable thing on the planet. Now, however, I think my life is only worth $5000 while my doctor says $10000. I really think he's giving me too much credit. "

Or:

"I am a plutocratic [programmer] trying to make enough money to buy a fifth Lexus. Myself and a couple of other blood-sucking leeches had the idea of kitting out a [web site] with fancy-schmancy computerised bells and whistles so that we can jack up our already stratospheric fees into the ionosphere. We don't really have a clue about [making a profit], so we thought we'd ask a bunch of [consumers] what they'd like, and more importantly, be prepared to pay for. Meanwhile, malnourished kids and the homeless? Fuck 'em."

Get this straight: we are not each others' slaves. You were not born to be a slave to your fellow man. I was not born to be a slave to my fellow man. Doctors don't become doctors so they can be your personal nose wiper. If you don't wany to pay a doctor for medical help and advice, then go to medical school and you won't have to.

The fact is, you don't know jack crap. How many lives have you saved? Probably zero.

This habit of villainizing people who want something in return for what they do for others is just plain evil.

WHERE IS YOUR SENSE OF RECIPROCITY? Are you telling me that you wouldn't give a man who saved your life a Lexus is you could? Would you even give a "Thank you"?

The truth is, you probably wouldn't do anything if you could help it. People like you are the very reason people ask for money for what they do instead of accepting a vague promise to recipricate some time in the future. When you give money in return for a service, that person has some reasonable chance of being able to get something in return for what they did for you. When people say, "Hey, thanks. I'll have to help you out some day" they really mean, "thanks sucker."

I don't write this to be cynical. This is just the way it is. The fact is, paying someone for something they have made for you or done for you is the most sincere way you can tell them "thanks."