Slashdot Mirror
Tech Giants Push Open Standards for Health Network
securitas writes "The New York Times' Steve Lohr reports that 'Eight of the nation's largest technology companies, including I.B.M., Microsoft and Oracle, have agreed to embrace open, nonproprietary technology standards as the software building blocks for a national health information network.' Microsoft, IBM, Intel, Oracle, Accenture, Cisco, Hewlett-Packard and Computer Sciences have formed the Interoperability Consortium to build a health information network proposed by the Department of Health and Human Services (HHS). The network is the first step in moving from paper to electronic patient records and sharing health data between doctors, researchers, insurers and hospitals. Mirrors at IHT and CNet News.com with additional coverage at IDG/ComputerWorld Australia."
Finally ... now maybe health care systems won't rely on dial-up as their primary method of sharing information from facility to facility.
Amazingly enough, health care is probably 5-10 years behind in IT. The optimistic note: Health Care IT can learn from the mistakes of the 90s (which they were thinking about implementing next quarter- honest) and with movements like this, perhaps they can finally adopt proven standards.
After all, an apple a day keeps the doctor away...
Somehow Microsoft got into the same sentence as non-proprietary
Please correct and resubmit
If thou see a fair woman pay court to her, for thus thou wilt obtain love
Well we like technology. We like services that make life easier for us. Now how about the privacy, and control issues raised?
Interoperability and sharing are all kinds of nice for the interchange of information, but what happens when a third-party developer comes up with something that can also plug-in, so it gets access to the data, but has some kind of big open hole in other parts of its code, so everyone's records are available to anyone?
Without resorting to a paranoid rant about huge databases where authorized people have access to my personal data... what about the unauthorized?
For some reason, I don't see a security framework coming down the line that is *good*, consistent, and enforced by the system as a whole.
500GB of disk, 5TB of transfer, $5.95/mo
Microsoft, IBM, Intel, Oracle, Accenture, Cisco, Hewlett-Packard and Computer Sciences have formed the Interoperability Consortium
This part of the summary (lifted from the article, apparently) mentions "Computer Sciences"; the company is actually Computer Sciences Corporation.
As an aside, the printer-friendly (i.e. less cluttered) version of the CNet link is here.
I want to drag this out as long as possible. Bring me my protractor.
I for one welcome our new open, nonproprietary technology standard overlords.
+1 Insightful, -1 Troll. What can I say, I'm an Insightful Troll.
That's all great, but Microsoft seem from history to have a corporate psychological flaw whereby on the rare occasions they try to support open standards they cannot help themselves trying to manipulate and distort that standard to their own devious ends.
MS should truly be proud of themselves if they manage to avoid that this time.
The network is the first step in moving from paper to electronic patient records and sharing health data between doctors, researchers, insurers and hospitals.
This was completely mind-boggling to me, until I realized we're talking about the big ole US of A.
If a commercial enterprise that was supposed to be working in my interests got access to my medical data here in Europe, there'd be fucking hell to pay. Heads would roll.
Can't see why you keep putting up with it.
Some of those are also the ones who are propelling trusted computing...
The AACS key is NOT 0xF606EEFD628B1CA427BEA93A9CA9773F
Anyone who has worked on IT in the health field knows about HL7. It is a free protocol for sharing any and all medical information. As of version 3, it has become XML compliant to allow programmers to use XML parsing tools to read/write data. I don't understand why there is such a need to make a new protocol for sharing health data when one already exists and is in use with most EMR systems.
The previous comment is purposely vague and generalized, but all of the facts are completely true.
Amazingly enough, health care is probably 5-10 years behind in IT.
It's not amazing, really: healthcare as an industry is often both very very conservative and rather frugal. The combination results in an atmosphere of sticking with what works because a) well, it works and b) the new item(s) will cost money and might not work (see a)). It's actually not a bad viewpoint much of the time because it discourages upgrading for the sake of upgrading (i.e. with no clear and necessary benefit).
I want to drag this out as long as possible. Bring me my protractor.
Medicine is behind because of the doctors. I have done computer work about 15-18 medical offices and the doctors seem to have a 'this shouldn't cost me any money' attitude towards technology. In a lot of (but not all) the offices, things were not updated/replaced until the gun of hippa was placed to their heads.
Apparently, the ability to get more accurate records, better customer satisfaction, faster data retrieval, etc, doesn't seem to matter. It's like a lot of the doctors take out as much money as they possibly can in their pockets *now*, and do very little reinvesting for the future.
technology standards for sending health data across the network and sharing information, when appropriate, among doctors, hospitals, insurers and researchers.
I seem to have missed the point of this. There's already a standard for the data/information: HL7. As long as all systems can read and write it, does there need to be "technology standards"?
They do not have access to the hospital data, period. I can't see why this is such a hard concept.
Hospitals are financed mostly by taxes and in part by private insurances. At no point will I allow the hospital to communicate any information directly to an insurance company, or vice versa. All such information passes through me. And I am free to lie about what I want, but I am also accountable for such lies, should I choose to change anything.
Anything other order is unthinkable.
The Veteran's Administration Health Care System has an excellent electronic record-keeping system, and can be found even as an open-source format. I'm hoping that they build off of the OpenVista project, and have some standardization across health-care organizations, so that the patient records are more easily transferrable and readable by the providers.
"What do you think?" "I think 'What, do you think?!'"
I've been following this story for some time now. For me, the cool thing about this quasi-open-source project is that it will be built using source code that was released to the public thanks to the US FOIA (Freedom of Information Act).
This software was built years ago by the Department of Veterans Affairs for its hospitals and clinics. Similar commercial software is easily sold for over US$1 Million. I would love to see more software developed by the US government with taxpayer money released into the public so that the open source community can benefit. If you know of any government software that could be useful, file a FOIA request! (Assuming of course that it does not violate national security, yada, yada.)
For more info on this software and other open source stuff going on in the healthcare world, see these links:
Let me give an example of one of our systems, a text based system, with functionality similar to telnet, when I used it for the first time I noticed that it was slow to open, so I put a ethereal on it and noticed that to connect it sends 8MB of info every time you connect. Approximately 20,000 packets, each with every permutation of two ASCII chars.
We deal with crap this daily. For another program we are forced to use a non-standard telnet client that takes 100% of the CPU regardless of the machine you are using.
Open standards that could link admitting, clinical and financial hospital systems will save billions of dollars and probably a few human lives. Additionally, this will allow small software companies and open source coders to make applications that can be widely used. Ive been working on a multi million dollar project the last few months where an aspect of it was completely screwed up because one software vendor uses a non-standard interface that they will not allow us to access directly, as a result, our users have to settle for diminished functionality.
If encryption is built into this standard it will be a step ahead for HIPPA protection and most systems just send everything, (passwords too) in plain text. I for one, look forward enthusiastically to open source hospital applications made possible by open standards.
but that's how it mostly works, yes. The hospital bills me, I am reimbursed by the insurance company, minus a small fixed amount which I don't know the U.S. term for.
There may be other systems but this is how I know it from where I live.
This only applies when seeking private care (95% not necessary) or needing a hospital bed, though. If it's an ordinary visit, I pay a small fee when entering the hospital, and the rest is paid through taxes. Many European countries don't have the entry fee, either.
The client aps are all written so that one implimentation can use MS sql or the db software of choice. My wife works with business process testing and function analysis on a large roll out of health care software. So far the act of going filmless has been successfull, but the time to implimentation costs are huge because of db migration and integration testing.
As far as the security of access goes, decisions about user access control have been paramount in the design. Each user and terminmal can access only the necessary info. In short the system has had to be designed from the ground up.
With the forsight to understand the asp.net and all the other access control problems caused by MS software, Cerner (the software vendor) has made some interesting decisions about going further than just being a MS centric gui vendor. They are starting to release unix versions of their healthcare software. Most people in the know would like to go back to a good old Vax style terminal and get away from the overblown MS wacky mouse button gui crap. Creating eye candy is not a big consideration in the real world. Effective training and efficient simple gui's are much more important.
I thought [DICOM and HL7] were distinct...?
And as I'm sure you know, there are different flavors of DICOM produced by different vendors. Last time I checked, Siemens DICOM doesn't play nice with GE DICOM. Yes, there are standards, but they're GOVERNMENT standards, not customer standards. They all have loopholes big enough to drive a truck through, and the vendors exploit these loopholes to lock customers into a one-vendor package.
If you are a Siemens sales guy, which one is better for you- a Siemens patient monitor that listens to a GE pulse ox, or a Siemens monitor that only works correctly with other Siemens equipment?
All the vendors make stuff that works. It just doesn't always play nice with the other kids. Standards compliance *on paper* is worthless if the box doesn't work with your other stuff when you plug it in. Publishing another set of standards won't fix this situation unless customers have a uniform, objective test for interoperability, and obtain the contractual right to RETURN a system that fails this test to the vendor for full refund (and some $$$ penalty for the inconvenience of being a guinea pig)...
An organized national health care system would produce "reference systems" for components of the OR suite, and provide them to the vendors with the understanding that if the vendor wanted to sell anything, their products would need to successfully interoperate with the reference system. Fortunatley for the continued financial well-being of GE and Siemens, the health care system in the US is about as far from organized as you can get.
To reply to parent's parent's parent's post- the issue is not standards. The issue is ENFORCEMENT of standards BY CUSTOMERS rather than by the government. HL7 was written by the vendors so that customers can't use "standards compliance" to change the market dynamic. DICOM was written to fix/extend HL7, but didn't change the approach. You can write RFC's all day, and turn them into a standard if you want, but the real problem is that to drive change in the market for healthcare devices, you need to take power from the vendors and put it into the hands of the customers, and the only way to do that is with contracts that carry financial penalties for the vendor if they fail an objective interoperability test.
Humpty Dumpty was pushed.
It's not just the doctors... it seems to me that many healthcare providers (doctors, pharmacists, nurses, etc.) don't like having their workflows messed with. It is much quicker and easier for any of the above mentioned professions to pull a pen out of their pocket and scribble something on a piece of paper in a chart than it is to find a workstation, log in, and then several mouse clicks later, finally be at a screen where you can type in your note, click on your orders, etc.
:) But, the reality is that it often takes longer to compose your patient documentation on a computer than with pen and paper.
The problem with most EMR (electronic medical record) systems that I have seen is that on the front end, they don't end up saving you any time. The actual data entry into a computer will frequently take more time to enter than if you had scribbled it in a paper chart.
Where you really reap the benefits is more on the "back end" of the process through electronic processing of orders - potentially reducing errors, improved billing/payment procedures, data analysis/mining that can be used to identify quality improvement opportunities (such as improved utilization of resources or decreasing infection rates), etc.
In my experience as a nurse, there is some limited benefit on the "front end" for when you're giving patient care such as lab alerts; graphs showing trends of lab values, vital signs, etc.; and being able to actually read the physician's notes!
Adding to this problem is issue that the healthcare industry keeps asking the providers to "do more with less", but then they want to introduce some computer systems that take more time to use.
There are other issues such as the nursing shortage, the fact that the average age of a nruse is in the mid-40's, and that the aging baby boomer population will soon start to place a crushing load on the healthcare industry as they begin experiencing the onset of chronic disease such as hypertension, heart disease, diabetes, etc.
Also, I have been involved with healthcare information systems for the past several year, and the user interfaces and system configuration tools need a LOT of work! You can put all the nifty infrastructure in place that you want, but if you can't configure an acceptable, efficient workflow and user interface for the user, the system will either fail miserably or be poorly/inappropriately utilized.
I've read all the posts on this topic but it seems like many important questions and comments haven't been made about the implications of having national health care records.
I could go on but I won't. As you can see, this isn't just about data, like the HL7 standard. It's about a heckuva lot more.
It's spelled (acronymed?) HIPAA. And part of it is a (gasp) open standard for data exchange format. I don't think what the big boys are doing will have any effect whatsoever on the healthcare IT field. Most IT departments in healthcare related businesses blew several years worth of budgets becoming HIPAA compliant. That generally meant new or upgraded software and hardware. Now the deadline for the HIPAA Final Security Rule of April 20th 2005 is fast approaching, and any competent IT department already has all their software in place.
Nice thinking Microsoft, IBM, et. al, but you're a day late, and a dollar too much. They should be embarassed that the US Federal Government beat them to it.