EPtalk by Dr. Jayne 5/16/19

We had some struggles at my clinical office this week. Our soon-to-be fossilized PCs running Windows 7 had a bad interaction with Active Directory and Citrix. The result was that nearly half of the physicians couldn’t access the EHR. When our IT team tried to fix it, they effectively eliminated access for the remainder of the providers.

It wasn’t pretty and caused a great deal of consternation as the staff tried to figure out how to execute downtime procedures when only half of the people were down. Staff continued to document electronically, but providers were on paper, except for the lucky providers at busy locations that had scribes assigned to them. Ultimately the situation was remediated, but it underscored the need for our leadership to get rid of Windows 7 since it is reaching the end of its support cycle.

Thanks to Dr. Nick van Terheyden for his kind mention of my recent Curbside Consult regarding employment-based health insurance and its impact on efficiency and fairness. He mentions one sad consequence of our US healthcare non-system that I didn’t mention — married couples who divorce when one of the spouses becomes seriously ill so that the surviving spouse is not saddled with medical debt. Another similar scenario that I’ve seen includes divorce from a spouse with serious (but non-terminal) health issues so that the ill spouse can apply for Medicaid or try to get Medicare coverage due to disability. People shouldn’t have to try to game the system in order to get the care they need.

A recent article in the Journal of the American Medical Informatics Association covers the evolution of knowledge and competencies needed by the clinical informatics workforce. A lot has changed in the years since board certification in clinical informatics was being designed. Survey participants spent approximately a third of their clinical informatics work time on improving care delivery and outcomes, while another quarter of their time was focused on leadership activities. Other blocks of time were spent working with enterprise information systems and on data analytics and governance. AMIA plans to reassess informatics practice every five to even years to ensure that their understanding of needs in the clinical informatics domain remains current.

I struggle sometimes with the requirements of board certification in clinical informatics, particularly the maintenance of certification ones. For those of us who are not employed by a hospital or health system, finding ways to meet the “Improvement in Medical Practice” MOC Part IV requirement is difficult. I don’t own the data of my clients and they’re generally reluctant to have their information used outside of their own organizations. As a consultant, I can’t steer projects to become something I need for informatics certification – I have to keep them between the lines of the client’s engagement.

I struggled with this is a family physician as well. One of the MOC Part IV requirements was to do a hand hygiene project that involved handing out surveys to patients about whether caregivers washed their hands. Guess what? My then-employer (who was a big health system) wouldn’t let me do the project in the office because they felt it would interfere with patient perceptions. Since I don’t have continuity patients, many of the other options were off the table. I have quite a few friends who are giving up on board certification, although it’s easier for them because they don’t practice clinically.

Whether you’re a clinical person or an IT person, most of us have spent many sleepless nights running upgrades, working on projects, or taking care of patients. A study published this week looked at the metabolic changes associated with sleep deprivation and whether “sleeping in” might help mitigate some of them. Nearly a third of US adults don’t get the seven hours of sleep recommended for us, but trying to make up for that isn’t as easy as we think. Researchers engaged a cohort of healthy adults and assigned them to a control group with sufficient sleep, a restricted (five hours nightly) group, and a restricted group that was allowed unrestricted sleep on weekends. The “makeup sleep” group only slept an additional three hours on the weekend despite missing more than a dozen hours of sleep during the previous nights. Those trying to catch up also experienced disruption to their circadian rhythms resulting in trouble falling asleep at the end of the weekend.

Sleep restriction led to decreased insulin sensitivity that was worse in those engaging in recovery sleep. Restricted individuals also consumed excess calories and gained an average of three pounds over the course of the study.

Given the fact that study participants were healthy, the authors question whether the results might be even more striking in patients who were older or less healthy. Even though it leaves a number of unanswered questions, the study shows that our bodies are negatively impacted by lack of sleep and it’s not easy to try to make up for it.

I was excited to start receiving the AMIA Daily Download, which includes a roundup of top news along with key issues in clinical informatics, bioinformatics, data science, population health, and social media highlights. They’re also including a link to HIStalk Morning Headlines, making it even easier to get your HIStalk fix.

We talk a lot about health insurance and many of us also deal with professional liability insurance, business continuity insurance, and more. I’ve seen some recent articles about data breach insurance. Most of the physicians I’ve spoken with have never heard of it. Policies typically cover expenses related to a breach as well as recovery services. We know that hackers find physician organizations to be easy targets and independent physician practices may be particularly vulnerable. I still see plenty of users writing down their passwords or using easily hacked passwords such as their children’s names. I see many practices that totally disregard the physical safeguards required under HIPAA as they leave server rooms accessible and allow users to put their own devices on the network without appropriate policies in place.

I’ve not been through the underwriting process for a data breach insurance policy, but I wonder if they look at how tuned-up your organization is to begin with. Do you they ask you if you have appropriate policies in place? Is it like auto insurance where they charge more for inexperienced drivers who are more likely to generate a claim? I’d be interested to hear from organizations that have been through the process and especially interested to hear from an organization (anonymously of course) who had to file a claim against their policy. Was it easy to get the coverage to pay out? Or did you have to fight them all the way? Leave a comment or email me.

Email Dr. Jayne.