HIStalk Interviews Dennis McLaughlin, VP, Information Builders

Dennis McLaughlin is VP of the Omni product division (Omni-HealthData) of Information Builders of New York, NY.  

Tell me about yourself and the company.

I have been with Information Builders for quite some time, specializing in data and data integration technologies. I have been involved with the healthcare business since we started investing in it roughly 10 years ago. It has become a significant, strategic part of the business. My role is driving the innovation and the technology direction of our healthcare business to match what the market needs and what our customers are looking for.

What are the most pressing analytics needs of health systems?

The biggest challenge that we run into is around data. There’s lots of great movement in the analytics and visualization space, but in healthcare specifically, having a great tool doesn’t do much if you can’t get the data together and work with it in a dynamic and consistent way.

The pressure that we see a lot for organizations is, “I want to do better care management, but I can’t get the pieces and parts of the data in place effectively to be able to do that.” That’s where we’ve been trying to break down some barriers to make it easy for folks to have access to data, have that data be consistent and comprehensive, and to then be able to apply it to their analytics challenges.

How are health systems that are expanding by acquisition making sense of all of the data that starts rolling in from those new organizations and the systems they use?

Healthcare is awesome and gets me excited when I talk about data, because there’s lots of data out there. It’s not that there’s anything wrong with the data that we have, it’s that the systems that run healthcare generally automate healthcare itself. They deal with people or they deal with financials.

When you’re trying to bring the data together and apply it to a set of requirements that weren’t anticipated when the data was collected — for example, almost anything coming out of care management or population health — you need to be able to take that data, apply some level of governance to it, and then be able to answer the questions that the modern healthcare industry is driving forward.

When we started in this business, fee-for-service was the thing. Now everybody’s working under contracts, whether those contracts are guided by CMS or whether they’re guided by the payer. Trying to look holistically at the patient and be able to provide care in a way that makes sense for the patient’s overall benefit and with reduced risk. All of that is driven by data. If the data that we are trying to base those decisions on isn’t good, then the care can’t be good. We don’t know whether or not that patient has had the appropriate level of care, especially in acute care situations and chronic situations. We don’t know what’s happening. The more data we can bring in, make relevant, and make available at the point of care, the more we can bend the curve.

The other side of this is that traditionally a lot of systems, like EMRs, are right there at the point of care, but some of the advanced data and analytics that you are going after don’t really get analyzed until down the road. It’s hard to make an impact for a patient who’s sitting in front of a doctor.

Another of the trends that we are seeing is, how can we take this insight that we’re developing out of the data, start to bring it to a much more real-time perspective, and get that information right there to the point of care?

Are health systems making bad operational decisions or failing to make operational decisions because their data governance is immature?

It would be unfair to be judgmental to folks on decisions that they made, mainly because in many cases in healthcare, unlike almost any other industry, the business of healthcare tends to drive decisions about the technology. The poor IT department is constantly on the ropes reacting to, decisions such as, “We’re going to have a new EMR. We’re going to have a new system to manage these cancer drugs. We’re going to have a new system to manage cost.”

A lot of our IT partners are responding constantly in a reactive way instead of a proactive way. Despite their efforts, even those who are dedicated to data governance recognize that if the chief medical officer makes a strategic decision about a particular automation system, that thing is probably going to happen. What we have to do after the fact is to figure out how to then govern the data that is flowing through that system and the way it interacts with other systems.

It feels at times like our customers are in a constant scramble to balance the needs of the business, while at the same time recognizing — especially those on the data and IT side — that they have a responsibility to ensure that data is of the highest quality. Especially for the organizations where they’re dedicated to making data be a strategic asset in the way that they approach the business, whether that’s related to quality, care management, or any of their initiatives.

A lot of the initiatives of these health systems relate to being the highest-quality provider in the area, or branching out to cover the largest potential population. That takes us back to, do we have data that can support that agenda?

Are health systems using more external data, such as from claims or pharmacies?

Absolutely. The health systems and organizations that we deal with have a voracious appetite for data. They want everything that they can get. They would like to get data from the payers. They would like to get data from labs that aren’t their own labs. They would like to get data everywhere they can.

Probably the number one question we get involves data related to things like benchmarking or feedback loops. A lot of the folks in healthcare have a scientific background. They are paying close attention to what the market is doing, what particular studies are in play, determining the best way to run their business, and figuring out how to best interact with their patients. In those cases, outside data is critical for being able to do that.

The challenge that they have is that in healthcare, while there are interesting sharing points related to data, I’ve always said, “You’ve seen one HL7 implementation, you’ve seen 40.” While healthcare is moving in a direction of being able to share data more effectively, it’s not the easiest thing for these organizations to do. That’s an area where we try and help them alleviate the pain of that challenge.

Are those health systems working toward reaching out to patients and their communities in general in treating them as customers?

Yes. We have worked with some organizations that have been very progressive in that area. From the ability to recognize when people move into town, to paying very close attention to where they site their clinics and their facilities, trying to match the outreach of the organization to the people in the area where they live, and provide services to folks closer to where they live. All of those would be second nature in certain industries.

You look at an organization like McDonald’s. The way it does its siting is high science. This is coming to healthcare. These folks are recognizing that to be able to effectively manage their customers, their patients, and their families, they have to borrow from some of these other industries. You’re starting to see a lot more of the techniques that we typically might see in marketing, advertising, or retail being applied to the healthcare challenge.

I think it’s a great thing. If I know that a particular group of my patient population has a propensity towards needing cardiac care and I don’t have a clinic anywhere nearby, then I’m not servicing them well. Being able to analyze the patient population, being able to analyze the surrounding market and my competitors, and then taking action accordingly gives an organization a leg up in a market that has become pretty competitive.

Are health systems using technology to help them align with independent physicians, or to co-market their services with their technologies, such as being listed in the health system’s physician directory or taking appointments online?

Yes. Ever since the budget deal that created the requirements around technical automation and doctors, we’ve seen a lot of consolidation in the market related to affiliations. Physicians are joining networks that they never would have considered before or are associating with a network.

At the same time, not everyone is going to hire the physicians into an expanded network. We see organizations we deal with range from, “We are going to expand and market to these physicians and get them to join us” all the way to, “We are going to make their experience so seamless and positive that they will want to affiliate with us, and we can provide a lot of efficiencies that the physician or the physician group wouldn’t be able to provide on their own.”

We did an innovation a couple of years ago that we would not have predicted, and that is around mastering physician practices. It’s not just knowing who the physicians are, but knowing where they’re practicing. Physicians are entering and exiting various practices on a much more frequent basis than ever before. It’s super important for us to be able to feed that information, to be able to say that Dr.  Smith is now associated with this other practice even though he spent 10 years at another place. 

That has been a rapidly changing part of the market, although you would normally think that data and information would be stable. It’s been changing a lot and we have spent a lot of innovation to be able to match it. We make it easier for these organizations to keep track of those folks and to be able to market them when they’re affiliated and not necessarily employed by the health system or the health network through its various tentacles. When we looked at our roadmap 10 years ago, we didn’t look at physician stability as something that would become a significant data challenge, but we have experienced exactly the opposite.

Do you have any final thoughts?

We talked a lot about data, the kinds of things that we’re looking at in the market, and how we are responding. The biggest challenge moving forward for both us and the market is, how do we now use some of the initiatives that are being pushed down by CMS and the market in general — things like FHIR – to take interoperability to a whole new level? One of our key themes for this year is to not only be able to access, manage, and govern this data, but now to look for ways that we can get that data, these analytics, and these insights that derive from the data into the systems that physicians, nurses, and health systems are using to be able to improve care. How to give them additional insight, whether that’s related to social determinants or just pure efficiency. 2020 is the year for better ways of getting data into the hands of the folks that can use it to impact care.

Morning Headlines 2/3/20

Best in KLAS 2020 Software/Services

KLAS announces its “Best in KLAS Software & Services 2020” winners, with Epic winning top Overall Software Suite for the tenth straight year as well as awards in numerous other categories.

AMN Healthcare to Acquire Stratus Video

Healthcare staffing firm AMN Healthcare will pay $475 million to acquire video-based hospital interpreter provider Stratus Video.

Google-Backed 1Life Healthcare Surges 58% in Trading Debut

Membership-based primary care company One Medical raises $245 million after seeing its shares surge 58% during its first day of trading.

Monday Morning Update 2/3/20

Top News

KLAS announces its “Best in KLAS Software & Services 2020” winners. Highlights:

• Epic won top Overall Software Suite for the tenth straight year, scoring 85.9. It was #1 in large hospital EMR, ambulatory EMR in both the medium and large practice categories, practice management in large practices, patient accounting and management in large hospitals, patient portal, and application hosting.
• Epic also won Category Leader designation for EMR-based interoperability solutions, laboratory information system for large hospitals, medical oncology, and patient flow.
• Pivot Point Consulting was named top Overall IT Services Firm.
• Meditech topped the community hospital EHR category.
• Leading the ambulatory specialty EMR category was PCC, which scored 96.1.
• Sectra was the PACS leader.
• CPSI Evident Thrive Patient Management was the most-improved software product, while Cerner Practice Management took that honor in the physician practice segment.
• The long-term trend away from standalone ancillary systems is obviously complete, as KLAS didn’t even report on pharmacy or radiology information systems and the inpatient LIS category contained only Epic and the distant second-place finisher Sunquest. One of few exceptions was Medsphere Wellsoft, which beat both Epic and Cerner in the emergency department solutions category.

Reader Comments

From Dark Crystal Ball: “Re: Practice Fusion. I searched HIStalk and you predicted this in 2007.” I had forgotten this, but I always enjoy re-reading my frenetic “Time Capsule” editorials, which are now themselves in a time capsule since it’s been many years since I wrote them (while working several jobs other than my health system one, thus the “frenetic” part). I said in the one you found from September 2007:

You’ve seen the faltering first steps of ad-powered physician systems, healthcare social networks, and online references. The approaches have been amateurish, but I guarantee somebody will figure out that the real money will be made by giving drug and medical device companies access to prescribers at the point of decision-making. Pay-per-click gets much more valuable when presented in context to free EMR content and patient-specific information. Say, do you really want to order Drug A? Why not try Drug B instead, especially since this patient has renal problems and we’re offering a special price? Click here for our convincing medical references. In fact, we’ll buy your whole office lunch if you’ll just click OK instead of Cancel.

From Vaporware?: “Re: DoD oversight report on Project Genesis. Takeaways: it provides no updates on previous failures in interoperability, fitness of purpose, and usability, all of which are presumably now part of final testing at Wave Travis. It also notes that patients are at risk because of Cerner’s failure to meet DoD cybersecurity requirements even three years after go-live. Summary: things are improving, like from an F- to F+, after all those billions have been spent.” The high-level summary report for 2019 doesn’t provide a lot of detail, but known cybersecurity shortcomings are obviously a focus.

From Curious: “Re: Cerner. Reddit users say Cerner will lay off employees in its offices in France, Spain, and Portugal in February.” I suggest taking Redditors with a grain of salt, but some of the unverified comments say:

• Outsourcing will replace some staff in those offices.
• Millennium has been taken off the market in France, Portugal, and Spain (that seems hard to believe, but I don’t know either way).
• GDPR may be driving company changes since data stored in non-EU countries (like the US) is a problem for European providers.

From Virtuous Visit: “Re: telehealth. You said before you hadn’t had a virtual visit. Still true?” Somewhat. I’ve reached out to my $70 per month concierge doctor a couple of times for minor, one-time problems, like my first-ever allergic reaction and a swollen toe. He has no incentive to make me come to his office needlessly since he isn’t billing separately, so in those cases, my situation’s description – from a text message sent to his cell phone with or without an attached photo – was enough for him to confidently send in a prescription and follow up afterward. I have few health needs otherwise, but it is empowering to be able to text him at any time on any day, to hear back immediately, and to have a prescription in the drugstore’s hand minutes later and mine not long after that. I trust him to tell me if I would be better off coming in, but most issues aren’t of the “laying on of hands” variety. It’s liberating but unfortunately rare in healthcare to be treated as a paying customer.

From Cloying Aftertaste: “Re: HIPAA covered entities. You aren’t one if you don’t bill electronically.” Correct. My concierge doctor, for example, is not bound by HIPAA since he doesn’t bill electronically using HHS standard formats. People sometimes forget that aspect of HIPAA, probably because most providers send electronic billing transactions. Or they think that HIPAA offers general privacy protection for healthcare data, which it most certainly does not.

HIStalk Announcements and Requests

Two-thirds of poll respondents suspect that Epic is motivated by its own interests and not those of patients in opposing HHS’s proposed interoperability rules.

New poll to your right or here: Which of the following would you check before allowing an app to access your health system-stored patient information?

Welcome to new HIStalk Platinum Sponsor CareSignal. The St. Louis-based company’s platform amplifies proactive care by engaging high-risk patients, providing real-time care team alerts and patient health status reporting via automated, evidence-based text messages or phone calls. Care managers can improve outcomes for any patient, and the platform offers 20 condition-specific interventions for conditions such as diabetes, asthma, and depression. Case studies describe how clinicians use the platform to reduce COPD hospitalizations by 62% while maintaining 80-90% patient engagement and a large, self-insured employer whose employees reported a 28% drop in PHQ-9 depression questionnaire scores in 11 months. Use cases for its automated, personalized support include chronic condition management, behavioral health, maternal health, discharge support, screening reminders, and complementary support. Ten peer-reviewed journal articles have described positive outcomes. Partners include Mercy, BJC HealthCare, and OSF HealthCare. Thanks to CareSignal for supporting HIStalk.

Last chance for HIStalk sponsors – tell me about your HIMSS activities and I’ll include you in my guide.

Listening: new from Canadian rockers Theory of a Deadman. Also: neo-soul from France-based singer Praa, who has both the sound and the look to become a star. I can listen to these while not watching the Super Bowl, the interest in which escapes me given my lack of appreciation for staring at someone else playing games, aka jock porn.

Webinars

None scheduled soon. Previous webinars are on our YouTube channel. Contact Lorre to present your own.

Acquisitions, Funding, Business, and Stock

Meditech files its annual report. Highlights:

• Total revenue was up 1% year over year.
• Net income increased by 226%, with much of the increase driven by an $89 million gain from the sale of an office building. 
• Product revenue decreased by 2%, but service revenue increased slightly.
• Neil Pappalardo owns 45% of the company’s shares. He also is the sole trustee of the company’s profit sharing trust, so he controls 63% of the voting rights.

Healthcare staffing firm AMN Healthcare will pay $475 million to acquire video-based hospital interpreter provider Stratus Video, which reports $34 million of EBITDA on $119 million in revenue. I didn’t realize that the medical translation business was that significant, but laws don’t give providers a choice.

Announcements and Implementations

Intelligent Medical Objects adds coronavirus-related terminology to its content, including 15 new diagnosis descriptions that are mapped to ICD-10-CM and SNOMET CT codes for billing, reporting, triggering clinical decision support rules, and tracking cases.

Privacy and Security

Meadville Medical Center (PA) says an unauthorized party used a hospital employee’s Meditech log-in to access its HR and payroll systems several times.

Other

A New York Times article describes the increasing number of prescription mistakes that result from chain drugstores holding their pharmacists accountable for high productivity metrics and forcing them to work the drive-through window, give flu shots, and answer phones. Among the issues:

• The stores routinely ignore the prescriber’s dispensing quantity and instead issue a 90-day supply, even for people who are at risk of suicide.
• Employees are instructed to push patients – in person or via outbound phone calls — into signing up for automatic refills, switching to 90-day supplies, and allowing the pharmacy to contact the prescriber automatically when the prescription expires or refills are exhausted.
• Doctors are being bombarded by drugstores that use automated systems to call them for refills where none were specified, even for inappropriate medications such as short-term dermatology drugs, forcing them to look up each patient’s record and increasing the chances of mistakes. Doctors report that patients didn’t approve such contact 90% of the time.

Weird News Andy is more tolerant than I of people who are paid to write who nonetheless do it poorly, but he draws the line at this article, which he says contains one of the worst-written sentences ever in “They are a very rare form of ovarian cyst, which are common in women” (the cysts? ovaries?) He also ponders how the writer knew the doctor was smiling behind his surgical mask, which hides his expression.

Sponsor Updates

• Netsmart will exhibit at the LeadingAge Minnesota Annual Institute and Expo February 5-7 in St. Paul.
• Clinical Computer Systems, developer of the Obix Perinatal Data System, will exhibit at the Foundation of SMFM 40th Annual Meeting February 3 in Grapevine, TX.
• PharmaCord will leverage the Surescripts health information network to enhance its patient services technology.Redox releases a new podcast, “Pharmacy of the Future with Alto’s Mattieu Gamache-Asselin.”
• Abu Dhabi Health Services Company SEHA will implement Vocera’s clinical communication and workflow software at the new Sheikh Shakhbout Medical City.

Blog Posts

• CIOs: Focus IT Investments on Revenue Enhancement and Demand (Phynd)
• HL7: What it is and why it’s important to understand (Spok)
• A More Attractive Choice: Retaining Your Patients! (EClinicalWorks)
• Start the Year Off Right with Healthy Living Practices (Lightbeam Health Solutions)
• Disruption and the “Retailization” of Healthcare (Loyale Healthcare)
• Creating a Data-Driven Research Ecosystem with Patients at the Center (Health Catalyst)
• Coronavirus: How to Mitigate Impact on Your Hospital (Mobile Heartbeat)
• Physical Therapy Private Practice Marketing – 5-Step Website Checkup (MWTherapy)
• 5 medical claims clearinghouse must-haves (Waystar)
• Let’s Talk Addiction: Combating the Stigma and Advancing Strategy Through Technology (Netsmart)
• 4 Ways Precision Medicine Impacts Patient Care (Definitive Healthcare)
• Five Proven Ways for Health Systems to Foster a Data-Centric Culture (Omni-HealthData)
• Is this the year of the patient-centric business model for healthcare? (OpenText)
• Appropriate Use Criteria Preparedness – Considerations Beyond Technical Setup (CereCore)
• Best practices to future-proof your patient identity platform (Experian Health)
• Could 2020 Be the Year for Telehealth? (PatientBond)
• Promoting Interoperability and Change at the Annual ONC Meeting: Day 1 and Day 2 (PatientPing)
• The Price Transparency Rule & What It Means for You (Patientco)
• CIOs: Focus IT Investments on Revenue Enhancement and Demand (Phynd)
• Top 5 Tips for Maximizing Epic Community Connect Partnerships (Pivot Point Consulting)
• Key Strategies: When and How to Modify Your System (ROI Healthcare Solutions)
• Mistaken Identity Today: Cookies, Privacy and the Olympics (SailPoint Technologies)
• The Link Between Trust, Interoperability and Better Patient Outcomes (Surescripts)
• Stopping the Noise Ending the Chaos, Improving Patient Safety (Vocera)
• How Many and How Often: When to Send Patient Appointment Reminders (WebPT)
• Three Programs Improving Health Outcomes for Underserved Communities Named as 202 Hearst Health Prize Finalists (Zynx Health)

HIStalk Sponsors Earning “Best in KLAS” Awards

• Arcadia (value-based care managed services)
• Chartis Group (clinical optimization)
• Dimensional Insight (business intelligence and analytics)
• Elsevier(care plans and order sets)
• Experian Health (revenue cycle,  contract management)
• HCTec (outsourced coding)
• Impact Advisors (HIT implementation leadership, large)
• InterSystems (interoperability platforms)a
• Meditech (acute care EMR, patient accounting and patient management)
• Nuance (quality management)
• PCare (interactive patient systems)
• Pivot Point Consulting (overall IT services firm)
• Relatient (patient outreach)
• Strata Decision Technology (business decision support)
• Waystar (claims and clearinghouse)
• Wolters Kluwer(clinical decision support, point-of-care clinical reference)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Contact us.

Weekender 1/31/20

Weekly News Recap

• Allscripts will pay $145 million to settle federal allegations that EHR vendor Practice Fusion, which it acquired two years ago, accepted $1 million in opioid prescribing kickbacks and falsified its ONC EHR certification.
• Imprivata acquires mobile device access management technology vendor GroundControl Solutions.
• HHS Secretary Alex Azar and CMS Administrator Seema Vema vow that profit-protecting “bad actors” won’t waylay HHS’s propose interoperability rules.
• The private equity owner of wearables-powered employee wellness vendor VirginPulse reportedly is preparing to sell the company for up to $2 billion.
• imaging and radiology workflow systems vendor Intelerad sells a majority stake in the company to an investment fund manager.
• A Health Affairs blog post describes the funding and operational challenges of the Indian Health Service in maintaining and eventually replacing its obsolete, VistA-based RPMS enterprise and EHR system as the VA moves to Cerner.
• Epic makes a rare public statement in explaining that its opposition to HHS’s proposed interoperability rules involve the potential of app vendors to misuse patient data and for patient family information to be inadvertently shared without the permission of those individuals.
• Evive acquires WiserTogether.

Best Reader Comments

Healthcare data breaches since 2014 have exposed over 200,000,000 records. There are indications that there are far more health systems with Google-Ascension type of agreements than have been publicly acknowledged. The top five private DNA testing companies have the complete genome of 29 million customers with no restriction on how that data may be used or sold, and their follow-on survey questions only add more information on personal lifestyle and family history. So, what is the chance that we’re discussing whether or not to lock the barn door when a walk around the barn reveals the back wall is already gone? (BillyM)

Patients have some limited recourse with breaches, and healthcare organizations have legal requirements to attempt to prevent them. Patients have zero recourse if an app sells their data per the terms of service. People sue hospitals all the time for privacy breaches. Good luck suing an app after approving the click-through agreement. (Elizabeth H. H. Holmes)

Most care delivered to the under-65 crowd is episodic. The only people who need to consistently monitor and interact with their data are over 65 or the caregivers of the over 65. Demand for tech solutions is less among that crowd. Consumer apps in healthcare are really really hard. Most are ad supported, which means they increase utilization (more eyeballs, more ads.) (BankeMeLater)

What did happen on the financial side was fairly open access to data by consumers, who could send it to whatever financial app they wanted. Sure there were some issues, but the world didn’t end. Maybe it’s time to make the same leap of faith with healthcare data. (Bob Smith)

A huge wildcard in the plans for the proposed HHS rule is Google v. Oracle. If the Supreme Court upholds the Circuit Court’s ruling, EHRs will have to live a in a regulatory landscape where both of the following are true: (a) their APIs are protected by copyright and they are within their rights to restrict their use and charge fees for such use; and (b) their APIs must also be exposed and offered for free. If the SC upholds the ruling, EHRs will immediately sue arguing that the proposed rule is illegal (and they would be correct). (Elizabeth H. H. Holmes)

HS seems to think that clumsily opening the floodgates will be some kind of cure-all. “If we expose all of the data, it will solve all of our problems”. Sure, go ahead and pretend like Carequality, CommonWell, and CareEverywhere have done nothing for the industry. And go ahead and blame the EHRs, when it’s almost always the IT departments at healthcare organizations that are the gatekeepers. EHR vendors and hospital organizations are bringing up valid privacy concerns, and HHS and others continue to talk past them and make appeals to patient rights to access their data. (Elizabeth H. H. Holmes)

The advertising business model does not work in healthcare. Most developed countries have some sort of ban on medical advertising. The Practice Fusion story is one reason why. Most consumer software is driven by an advertising business model. Facebook, Google search, Android, Gmail, MyFitnessPal, recipe apps, etc. HHS is opening up medical data to these advertising companies. (Goodluck)

Why should Epic and its customers be held responsible under HIPAA for any breach — as an example, to Mychart — but if an app developer who has access to that same data experiences a breach, they are not held to the same standards? The federal government needs to update the HIPAA regulations to ensure that anyone who has access to PHI is held equally accountable for maintaining the privacy and security of that data. (Nael Hafez)

Watercooler Talk Tidbits

The vacated 116,000-square-foot Palo Alto, CA building that served as headquarters for disgraced blood testing company Theranos (and the backdrop for related TV documentaries) has ironically been taken over by the medical school of Stanford, which owns the land in its Stanford Research Park. Theranos was paying $1 million per month in rent. The office from which Holmes led her fraudulent empire still has its bulletproof glass. It has a chemistry lab, which should probably be checked out by experts before using.

Several amusing cardiologists create the Kardashian Index (K-index) in observing the perceived prevalence of fame-hungry cardiologists who lead Twitter chats about their work and medical conferences that appoint questionably accomplished but prolific Twitterati as social media ambassadors. The authors find that the issue is overblown — only 238 of 1,500 cardiologists who practice at the country’s top 100 cardiology hospitals have Twitter accounts, leading the authors to conclude that “tooting your own horn does not necessarily equate with more impactful work.”

Content moderators for Facebook and YouTube are being required by contracted by their employer Accenture to acknowledge that they may experience PTSD from reviewing disturbing content posted by their fellow humans.

An impressively large aggregation of dimwits has decided that “coronavirus” must be associated with Corona beer, leading to a huge spike in Google searches for “Corona beer virus.” That’s pretty funny until you realize that they reproduce, spread their wisdom on social media, and vote.

Super Bowl Sunday brings forth a rash of “avocado hand,” in which unskilled, distracted, and possibly inebriated knife-wielders attempt to turn the stubbornly peeled and pitted fruit (technically, it’s a berry) into guacamole, plowing through 162 million pounds of avocado and quite a few tendons in a single day. Researchers estimate that 50,000 avocado-related knife injuries occurred from 1998 through 2017. Pro tip: the pre-made Walmart guacamole, especially the spicy version, is darned good, has a long shelf life, and may end up costing less than buying avocados yourself, at least when they aren’t on sale.

While you’re sitting in a hospital ED on Sunday waiting to have your avocado-knife tendon injury repaired, watch the Super Bowl for Kansas City Chiefs right guard Laurent Duvernay-Tardif, who signed a $42 million contract extension in 2017 and shortly after graduated from Montreal’s McGill University with an MD and Masters in Surgery after being drafted by the NFL in his third year. He spoke only French but missed the deadline to apply for French-speaking medical schools, so he had to learn English at McGill, one of three English-taught schools in Quebec. He wants to go into emergency medicine, but his career and the limited number of McGill residency spots have placed that plan on hold. The NFL won’t let him include “M.D.” after his name on his jersey.

In Case You Missed It

• News 1/31/20
• EPtalk by Dr. Jayne 1/30/20
• HIStalk Interviews Angie Franks, CEO, Central Logic
• News 1/29/20
• Details of Practice Fusion’s $145 Million DOJ Settlement Include Opioid Prescribing Kickbacks
• Epic Lists Its HHS Interoperability Rule Concerns
• Curbside Consult with Dr. Jayne 1/27/20
• Readers Write: Alert and Alarm Fatigue: It’s Not Just For Clinicians Any More
• Readers Write: ONC Regulations: Why Epic is Wrong and Judy is Right
• Monday Morning Update 1/27/20

Get Involved

• Sponsor
• Report a news item or rumor (anonymous or not)
• Sign up for email updates
• Connect on LinkedIn
• Contact Mr. H

Morning Headlines 1/31/20

1Life Healthcare (One Medical) Announces Pricing of Initial Public Offering

Primary care company One Medical will price its January 31 IPO at $14 a share for expected gross proceeds of $245 million.

OxyContin maker Purdue is ‘Pharma Co X’ in U.S. opioid kickback probe –sources

Reuters names OxyContin manufacturer Purdue Pharma as the opioid vendor that paid Practice Fusion $1 million to program its EHR to encourage doctors to prescribe its products inappropriately.

Exclusive: SoftBank leads latest Alto Pharmacy funding round at over $1 billion valuation

Silicon Valley prescription technology and delivery vendor Alto reportedly raises $250 million at a valuation of over $1 billion.

Intermountain’s Marc Probst to Receive CIO of the Year Award from CHIME and HIMSS

CHIME and HIMSS honor Intermountain Healthcare CIO Marc Probst with the 2019 John E. Gall Jr. CIO of the Year award.

News 1/31/20

Top News

Reuters names OxyContin manufacturer Purdue Pharma as the opioid vendor that paid Practice Fusion $1 million to program its EHR to encourage doctors to prescribe its products inappropriately.

Employees estimated that the software change would create 3,000 new opioid patients and $11 million in new opioid sales. Practice Fusion told Purdue in 2016 that the program was working in shifting prescriptions to the drug company’s long-acting opioid product. The the clinical alert fired 230 million times between July 2016 through early 2019.

The Reuters report says Practice Fusion started soliciting Purdue’s business in late 2013, before founder and CEO Ryan Howard was dismissed from the company and was replaced by a former drug sales executive. Howard has recently said on Twitter that no such activity occurred while he was in charge.

Purdue declined to comment, other than to say that it is cooperating with the Department of Justice “regarding a potential resolution of these investigations.”

Purdue filed bankruptcy in September 2019 while it tried to negotiate a settlement of up to $10 billion for its role in opioid addiction. The company sold at least $35 billion worth of OxyContin, with $12 billion of that flowing to the company’s owners, the Sackler family.

Allscripts will pay $145 million to settle charges that Practice Fusion – which it acquired for $100 million in January 2018, a fraction of its previously estimated value — accepted drug company kickbacks from 14 such deals and also obtained EHR certification fraudulently.

Reader Comments

From Doncha Know: “Re: healthcare IT M&A. You once published a very helpful flowchart. Would love to see a current view if you are still maintaining.” Constantine Davides, MBA (now managing director at Westwicke) created the “HCIT Family Tree” worksheet, but he hasn’t updated it since 2015 as far as I know. Vince also did something similar in his excellent HIS-tory series, but it’s also not quite current.

From Tolkien: “Re: Stanson Health founder Scott Weingarten. He seems to have left Cedars-Sinai.” I don’t have his contact information to ask, but his LinkedIn shows he left his Cedars SVP/chief clinical transformation officer position in December 2018, which is odd since he’s still listed on the health system’s website as holding that role. He remains CEO of Stanson Health, now owned by Premier.

HIStalk Announcements and Requests

Monday set a recent record for HIStalk at 10,559 page views in 8,400 unique visits, as folks followed the interoperability and Practice Fusion news. I’ve had only four busier days in HIStalk history, three of which barely passed Monday’s total (the DoD announcement day in 2015 was an outlier that crashed my server):

• January 20, 2015 (no big news except that Mayo chose Epic and McKesson announced that it was sunsetting Horizon).
• July 30, 2015 (the DoD announced that it chosen Leidos and Cerner).
• June 28, 2017 (Nuance ransomware attack).
• January 18, 2018 (Allscripts ransomware attack).

Reminder to HIStalk sponsors: fill out this form and I’ll include you in my HIMSS20 guide, which will include booth details and anything special you are doing or giving away. Attending but not exhibiting? It’s even more important to fill out the form since we will let readers know how to contact you at the conference.

Webinars

None scheduled soon. Previous webinars are on our YouTube channel. Contact Lorre to present your own.

Acquisitions, Funding, Business, and Stock

Imprivata acquires New York City-based GroundControl Solutions, which offers enterprise digital identity authorization and access management for mobile devices.

Silicon Valley prescription technology and delivery vendor Alto reportedly raises $250 million at a valuation of over $1 billion. The company operates only in San Francisco, Los Angeles, and Orange County, CA. The two co-founders – ages 26 and 27 – are former software engineers with no healthcare experience.

Eko gains FDA clearance for several algorithms that, when paired with its digital stethoscopes, will enable providers to more effectively screen for heart murmurs and atrial fibrillation.

People

Michael Jackman, MBA (Ardan Equity) joins Leido Health Group as COO.

CHIME and HIMSS honor Intermountain Healthcare CIO Marc Probst with the 2019 John E. Gall Jr. CIO of the Year award.

Digital therapeutics and AI-powered health analytics vendor Biofourmis hires John Varaklis (Roche) as chief strategy officer and Peter Braun, MBA (Roche) as chief commercial officer.

Announcements and Implementations

Nuance works with documentation and coding company ZHealth to develop computer-assisted physician documentation capabilities for cardiologists, particularly in the area of catheterization.

Valley Presbyterian Hospital (CA) connects to the CommonWell data-sharing network through its Meditech system.

Government and Politics

Healthcare stakeholders including AMIA, Microsoft, AAFP, Apple, and IBM (and zero EHR vendors) send a letter to HHS and the Office of Management and Budget indicating their support for the proposed interoperability rule, and requesting that it be finalized as soon as possible.

Echoing remarks made by HHS Secretary Alex Azar earlier this week, CMS Administrator Seema Verma says that “bad actors” in the private sector will not have their way when it comes to shutting down interoperability efforts:

It’s important to understand that the disingenuous efforts by certain private actors to use privacy – vital as it is – as a pretext for holding patient data hostage is an embarrassment to the industry … I want to extend that point to the entire industry: the sort of consumer-oriented revolution that will make the healthcare system more affordable and accessible is undermined by those bad actors throughout the system that continue to guard the status quo because it’s in the interest of their short-term profits. The short-sightedness of such efforts is deeply troubling, considering broad frustration with the status quo is the fuel that drives calls for the destruction of the entire private healthcare system. This self-serving mentality must be immediately and permanently retired. The problems of affordability in the health care system are too dire for the American patient to wait any longer.

A federal judge rules that HHS-imposed limits on the fees that providers can charge for providing copies of patient records do not apply when those records are sent to a third party, such as life insurers and law firms. Records release vendor Ciox Health sued the federal government in 2018, arguing that HHS did not have the authority to expand the fee caps that were intended to limit provider charges for patients to obtain copies of their own records.

The Government Accountability Office denies Nuance’s protest of the VA’s $10 billion Cerner contract, which included encoding and clinical documentation improvement that Nuance said should have been bid out separately. Nuance, which is the VA’s incumbent vendor, said an unnamed VA contact told it that the coding and CDI work would be bid as a separate contract, a complaint the GAO found to be unfounded since Nuance tried for months to get Cerner to choose it as a subcontractor and filed its protest only after Cerner declined to do so.

Other

Microsoft will devote $40 million to its AI for Health Initiative, a five-year project that will use artificial intelligence to help partner organizations study, prevent, and treat diseases; prepare for and protect against future pandemics; and reduce healthcare inequities.

Weird News Andy terms this article re-volting. In Germany, an IT worker is charged with 13 cases of attempted murder for convincing women and underage girls to apply electrical shocks to their heads while he watched them on Skype. Police think the man, who told the women he was running a pain management study for which they would be paid, received sexual gratification from watching the video sessions.

Sponsor Updates

• Digital prescription savings and patient engagement company OptimizeRx signs a multi-million dollar enterprise deal – its largest ever – for 12 months of access to its platform and core set of solutions.
• Engage will exhibit at the AHA Rural Health Care Leadership Conference February 2 in Phoenix.
• EClinicalWorks will exhibit at The Pediatric Urgent Care Conference February 5-6 in Universal City, CA.
• Hyland Healthcare demonstrates enhanced interoperability at the IHE Connectathon.
• Avaya partners with Noble Systems to enhance its Avaya IX Contact Center solutions with gamification for employee engagement, and data analytics for AI-powered customer contact process automation.
• InterSystems releases its latest PulseCast podcast, “Julia Riley: Breaking Down the Patient-Physician Divide.”
• The Chartis Group publishes a new white paper, “M&A Due Diligence: Seven Things the C-suite Should Know About IT.”
• Health Catalyst partners with the Amplifire Healthcare Alliance to give its customers access to the alliance’s learning modules, and to help the alliance develop additional content for modules.

Blog Posts

• 5 Innovative Ways Providers are Utilizing Their EHR (EClinicalWorks)
• Ensocare’s Top Blogs of 2019 (Ensocare)
• 3 Ways to Build Your Commercial Capabilities: Grow, Buy or Rent (Get-to-Market Health)
• How Do You Measure Change? (Optimum Healthcare IT)
• 5 Ways Your Team Can Start Collaborating with Google Drive (Google Cloud)
• In-workflow PDMP checking saves time, increases efficiency (Greenway Health)
• Getting Started with Epic Telemedicine Integration (The HCI Group)
• Infographic: Charlie’s 2019 Prescription Renewal Metrics (Healthfinch)
• Structured Content: The Future of Health Content (Healthwise)
• Top 4 Factors to Consider in Your Archival Prioritization Strategy (Impact Advisors)
• Considerations in your IAAM journey – Part 0: An IAAM system overview (Imprivata)
• What’s in store for health IT in 2020? (Intelligent Medical Objects)
• Analyzing Uncompensated Care by Hospital Location (Definitive Healthcare)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Contact us.

EPtalk by Dr. Jayne 1/30/20

CVS continues its transformation by opening Health Hubs in 13 of its Philadelphia-area pharmacies. The model was piloted in Houston and claims to “put patients at the center of their care” by offering services focused on health and wellness. Nurse practitioners staff the Hubs, along with pharmacists, to offer personalized care.

Although CVS leaders expect this to provide “integrated healthcare,” it remains to be seen how nurse practitioners who may have a limited scope of practice and pharmacists who are already in short supply will be able to effectively coordinate with primary care physicians and subspecialists. If they truly want to focus on controlling costs and delivering effective care, I’d like to see the focus on offering evidence-based treatments and avoiding nebulous “wellness” products, such as aromatherapy offerings. CVS plans to offer the model in 17 states by the first part of 2020. If you’ve had a chance to experience the Health Hub, let me know.

Elizabeth Holmes is in the news again as she represents herself in civil litigation, phoning in for a hearing in Phoenix. Attorneys apparently expect to be paid for their work, and since Holmes hasn’t paid her team in more than a year, her attorneys withdrew from the case. This litigation involves alleged personal injury related to faulty blood testing, with either missed diagnosis or unnecessary treatment as the outcome. Walgreens is a co-defendant in the case, and as the hearing began, Holmes stated that she will rely on the arguments made by her co-defendant’s legal team.

HIMSS is around the corner, and I’m missing Las Vegas. Even though I wouldn’t choose it as a personal travel destination, I much prefer it to Orlando for conferences. The access to restaurants and entertainment is much better in Las Vegas, and frankly, I’m just tired of Orlando. Las Vegas is mixing it up with a change to its marketing tagline, with “What happens here, only happens here” being the latest iteration. Supposedly the marketing agency has spent several years working on the new campaign, which seems like a long time.

I’m always looking for the next cool thing to see at HIMSS, and apparently Epic plans to debut “ambient voice technology” from Nuance at the show. I hope the Epic virtual assistant has a sense of humor like Alexa does, when she chides people who say sassy things to her. Supposedly the assistant, called “Hey Epic,” is being used by 20 organizations. If you’re using it, I’d love to report on your experiences (anonymously and confidentially, of course). Drop me a note if you have information to share. At HIMSS, they’re supposed to debut “conversational capture” along with automatic note creation, so it’s definitely on my booth list.

I’m starting to put together my HIMSS social schedule and have an opening due to one major vendor eliminating its client event this year. I haven’t gotten the backstory on why that happened, but it was always a fun party, with all the executives hanging out with the clients, so it will be sorely missed. I’ve already scheduled some lunches and meetings, so if you’re interested in having the HIStalk team report on your event, send the details our way. We’ll do our best to drop by, anonymously of course.

The Food and Drug Administration is warning healthcare providers and consumers about vulnerabilities in telemetry servers and clinical information stations that monitor patient vital signs. Security flaws can allow tampering with the devices to generate false alarms or silence genuine alarms on patient monitors that are connected to the systems. GE notified clients about the issue back in November, but posted additional information on its website this week. Although the FDA isn’t aware of any adverse patient events, GE is recommending that providers restrict access to the workstations, change default passwords, and isolate the affected devices from the wider hospital network. The interesting tidbit of this story is that the vulnerabilities were reported to GE by a third-party organization (CyberMDX) rather than by a client. It is unclear whether GE engaged them for routine vulnerability testing or how they came to be involved.

Precision medicine is a hot topic, but a recent article shows how difficult it can be to translate those results from the realm of research to the real world of patient care. From a panel discussion at the Precision Medicine World Conference, it appears that although the National Comprehensive Cancer Network offers guidelines on genomic testing, they are not regularly followed outside academic settings. Additionally, physicians and patients struggle to interpret the results of some tests. The results can impact not only the patients, but their potentially at-risk family members. Comparing what happens in community settings to the guidelines, only 8% of non-small-cell lung cancer patients and 40% of colorectal cancer patients received testing according to the guidelines. Panelists call for access to genetic counseling, along with a universal EHR, as potential ways to improve outcomes.

I’m intrigued by a new MyAnalytics feature from Microsoft that purports to give me visibility into my work habits. This week’s focus is on “wellbeing,” which it defines as the ability to “disconnect and recharge” as further quantified by “quiet hours” where I don’t have meetings, chats, or calls outside my working hours as set in Outlook. Apparently it knows that I worked on some documents outside my published work hours. Since this account belongs to a large health enterprise and I’m a contractor, I really don’t have work hours, but it’s fascinating to know that Big Brother is monitoring my work habits. I’ll have to see what the rest of my weekly reports reveal.

From Noteworthy: “Re: another tragedy in California. A vineyard spills 100,000 gallons of red wine. That could have satisfied a lot of thirsty HIMSS attendees.” It’s not only an oenological tragedy but an environmental one, as the wine contaminated the Russian River with the potential to damage water quality along its 110-mile route. The amount of cabernet sauvignon lost would fill eight tanker trucks. Officials note that about 20% of the spill was contained with the vineyard using vacuum trucks and a makeshift dam, but the effort ultimately failed.

What’s your favorite HIMSS beverage? Leave a comment or email me.

Email Dr. Jayne.

Morning Headlines 1/30/20

Important Notice Regarding Individuals’ Right of Access to Health Records

A federal judge overrules a policy that places limits on the fees providers and businesses can charge patients when they request that their records be sent to a third party.

Using AI to advance the health of people and communities around the world

Microsoft will devote $40 million to its AI for Health Initiative, a five-year project that will use artificial intelligence to help partner organizations study, prevent, and treat diseases; prepare for and protect against future pandemics; and reduce healthcare inequities.

Arkansas Blue Cross and Blue Shield gives $817,000 to upgrade digital health network in state’s rural hospitals

Arkansas Blue Cross and Blue Shield donates nearly $1 million to the Arkansas Rural Health Partnership, which will work with the state’s rural hospitals to ensure they are connected to the SHARE HIE.

HIStalk Interviews Angie Franks, CEO, Central Logic

Angie Franks is president and CEO of Central Logic of Sandy, UT.

Tell me about yourself and the company.

I am a healthcare technology veteran. I’ve been in the tech industry for over 30 years. I found myself in this position as CEO of Central Logic after serving on the board for close to four years. The board made the decision to take the company in a different direction and it was a good time for me, career-wise, to step in. I don’t think I’ve ever had more fun than what I’m doing today.

I like to use a couple of phrases. One is healthcare access and orchestration. It’s about moving patients into the health system via acute care, inter-facility patient transfers. Think about a patient who is in a rural facility or one that doesn’t have the appropriate level of acuity to take care of their needs. They need to be moved to a facility that is more appropriate for their condition. We take all the friction out of that process and make it easy to move a patient from one place to another.

What is the process involved with moving a patient from Facility A to Facility B?

With or without our system, it’s always a phone call. The sending physician and the accepting physician get on the phone and have a conversation about the patient to make sure that the patient is in a state where they can be transferred safely. Because the minute the accepting physician says, “Yes, we will take the patient,” they are responsible for that patient’s care until they get to the receiving facility. They are then part of the care team for that patient. If something happens to that patient, you want those conversations documented and recorded.

Without our system, there’s a phone call to the hospital system, into a call center, transferred around, bounced around, nursing station, phone calls back, lots of time delays, and a back-and-forth process before you can get to a decision of, “Yes, we can make that transfer happen.” When you put in technology, workflow, process, and access to data that we enable, you can take what might have been 10 or 15 phone calls and three hours to get a patient transferred down to a phone call or two and 10 to 15 minutes.

What does the receiving hospital review, other than clinical information, before deciding whether to accept the patient?

A transfer center agent takes the initial call. It’s a clinician, usually a nurse, or it could be an EMT. They identify the physician on call who should take the call and make the decision.

There’s the whole clinical piece that you just referred to. Where does the patient need to go based on the condition that they have? Then, do we have availability in this hospital or somewhere else in our system? Identifying that location, making that decision to say, “We’re going to place the patient in this bed, so hang on to that bed for this incoming patient.”

Then there’s the logistics of how we physically move the patient to the system, ordering the transport and getting all of the logistics done for the physical move.

Enabling all of that through one phone call and one number is what we do. When your health system makes it easy for other health systems or for other providers to send an acute care patient to you, you become the first phone call they make every single time. At the end of the day, this is a revenue-generating function for a health system. It helps bring in patients, it brings in the patients they want to bring in, it brings in the right level of acuity to support service line strategies or whatever the growth strategy is for that health system. When you make it easy, the sending facilities call you every time.

What are the primary sources of inpatients other than a hospital’s own emergency and surgery departments?

There are three primary sources — the emergency department, scheduled procedures, and the transfer center. When you don’t have a transfer center, a greater mix of your inpatient admissions come through the ED, which is a reactive way of building volume and driving patients into your health system that you seek to acquire and retain.

When you put a transfer center in place, you start strategically shifting the mix of patients that you have coming in the front door of the health system. More of those patients come in through your transfer center from other facilities that don’t have the ability, the room, or the capabilities and then send those patients your way.

It’s very attributable. It’s a tremendous ROI for every patient who is transferred into the system. When we work with health systems, we look at their current benchmark or baseline volume of transfers and compare that to where they should be given their size and their demographics. We can accurately predict the growth impact of putting in a transfer center, within a narrow timeframe on when they’ll break even on the investment for this type of solution. We can tell them what the net contribution margin impact will be in Year 1, Year 2, and so on.

In the entirety of my healthcare tech career – EMRs, ERP, and physician practice management — it was always a message of better, faster, cheaper. You’re trying to sell an intangible, the soft ROI of efficiency. This is the only time that I can truly say the value proposition that we bring to the health system can be forecast financially and and attributable down to a patient. It’s easy to track and document.

From a clinical perspective, you get superior clinical outcomes when you get people to the care that they need in an efficient timeframe. The patient’s life is in the balance when you’re in the midst of a transfer. These are not healthy people who just need a referral. These are people who are really sick, and they’re sitting in a facility where they can’t get the care that they need. When you can shave an hour or two or even 20 minutes off that transfer time, it can mean the difference between life or death for the patient, or it can mean the difference between a high quality of life after they’ve come through this medical situation and something much more compromised.

How will expanding health systems and the move to value-based care change how health systems manage their available beds?

As we make that shift to a more value-based care environment, this is all about giving the facility and the health system more control over helping the patient or their provider make the best clinical decision as to where that patient needs to be for the care that they need. You can’t manage and control that for high-acuity patients without the transfer center. Otherwise, who is coordinating the care? What is the fulcrum or the point inside that health system for helping make the decisions that are in the best interest of the patient and the system’s capabilities to deliver appropriate care? This is the function inside the health system that would make those decisions in a value-based care model.

I would add that the data that is captured inside of the platform, the technology that we’re providing, is so robust that it allows the health systems to make strategic decisions about capabilities that they should be offering, geographic areas that they should be serving better where transfers are coming or demand is growing, and services that they’re getting asked for that they don’t have the capability to deliver or maybe that have a higher demand than their ability to deliver. It’s a myriad of data elements and trends that allow executives, typically the chief strategy officer, to make strategic decisions for service line offerings for their health system or geographies that they should be serving.

What clinical information does the receiving hospital get from the sending hospital?

The information that is captured comes form the call from sending physician to accepting physician or to the clinician that takes that call. The Central Logic technology becomes like the EMR for that patient transfer. It’s all of the medical record around what status that patient is in when the call comes in. We have clinical protocols built in so you can rapidly capture all of the information about the patient’s current state and any other key clinical information that is relevant, and then the call between the two physicians. All this information is recorded and codified and a summary of that entire transfer record is passed as a PDF into the EMR. There’s always a record of the entire transfer end to end.

That has some pretty significant liability issues associated with it. If you don’t have these calls documented and you don’t have the entire decision-making process captured, you are opening up your health system to exposure to EMTALA violations. Also, oftentimes you can’t document in the EMR for a patient who doesn’t have a chart in your system, and most transferred patients are new to the health system. You’re exposed if something bad happens when you decline a transfer and you don’t have a way to document that the call came in. If the patient’s family sues the health system for denying the transfer and the patient passes away — and we’ve seen cases like this — and there’s no documentation that the call ever happened by the accepting facility, you can be liable for that decision with no documentation to back up why you made it.

You want and need to have a place where you can accept the call, document the condition, save that information, record the conference call between the physicians, and then maintain that record for the longevity of the patient, either in the patient’s chart or in the transfer record transfer system, in the case of of a denied transfer.

We talk a lot about interoperability, which often means sharing past visit records when a patient presents to a different facility. Does the receiving facility get the patient’s active chart, or something like it, from the sending hospital so they don’t have to start over and repeat tests and trying to understand a situation that has already been analyzed?

I just wish that we were at a place, interoperability-wise, where that was seamless. But the reality is that it just does not happen in today’s world. The information would have to come from the sending facility’s EMR. We have to inter-operate with just about everybody because it is fundamental to what we do. We’re talking to parties inside and outside the walls of the health system to facilitate a transfer on every single call. We have had 10 to 15 million patient transfers through our platforms. To broker the data back and forth between the the sending facility’s EMR and the accepting facility is not a problem technologically, but we’re just not at a point in the industry where the systems talk to each other like that. I’m going to just say that in today’s world, that does not happen. It is the information documented on the call.

I have to admit that in my entire health system career, I knew nothing about hospital-to-hospital patient transfers. They always just looked like admissions.

I would echo what you just said. After 30 years in the industry, until I joined the board, I had never even heard of a transfer center inside of a hospital. In fact, it never occurred to me to even think about how patients get to the hospital for the care that they need, outside of the emergency department and scheduled procedures. This is a channel strategy for health systems, but it’s not intuitive. It’s not something that we think about.

Do you have any final thoughts?

We’ve probably had more of a, ”If you build it, they will come” mentality in health systems. This is a more retail-like mindset. “We built it, we have the plant and the facility and the delivery capabilities, now  go out and get the patients in the door who need to be in our health system.” It’s a big financial reward and a clinical outcomes reward for that patient and a much better clinical outcome for the individual. We make it easy.

Morning Headlines 1/29/20

Marlin Equity readies $2 bln-plus sale of VirginPulse

The private equity owner of wearables-powered employee wellness vendor VirginPulse reportedly is preparing to sell the company for up to $2 billion.

Imprivata Acquires GroundControl to Expand its Mobile Solutions

Imprivata acquires GroundControl, which offers enterprise digital identity authorization and access management for mobile devices.

Intelerad to be sold to Hg

The private equity owner of imaging and radiology workflow systems vendor Intelerad sells a majority stake in the company to investment fund manager Hg Capital.

LabCorp security lapse exposed thousands of medical documents

TechCrunch notifies LabCorp that a since-fixed website vulnerability left its patient CRM system and at least 10,000 documents containing patient information exposed to Internet searches.

Austin’s Enzyme Health lands $13.9M, rebrands as Wheel

Telemedicine startup Enzyme Health rebrands to Wheel in the wake of a $13.9 million funding round that will enable it to expand its offerings for providers looking to bolster their virtual care offerings.

News 1/29/20

Top News

Allscripts-owned Practice Fusion accepted a $1 million kickback from (presumably) OxyContin manufacturer Purdue Pharma in return for allowing the drug maker’s marketing department to design EHR decision support rules that encouraged overprescribing of its opioid product, according to Department of Justice details about Practice Fusion’s previously announced $145 million settlement.

Practice Fusion also made similar arrangements with drug companies involving 13 other CDS rules.

DOJ also accused the company of allowing its users to inappropriately collect Meaningful Use payments by using its EHR, ONC certification of which was fraudulently obtained.

Reader Comments

From Timeliner: “Re: Practice Fusion. Previously fired CEO Ryan Howard says via Twitter that selling opioid-friendly decision support rules didn’t happen under his watch from 2005-2015.” The Department of Justice and the company’s own settlement indicate otherwise. I’ll take a refreshing counterpoint to the argument that Practice Fusion was unethical in working with Purdue Pharma to push OxyContin prescribing via EHR nudges, maintaining that it shouldn’t be much of a surprise when a struggling company with outsized IPO ambitions slides its hand shamelessly into the deepest of pockets:

• Purdue executives were scumbags who were happy to turn much of the population into opioid addicts for profit.
• Many of us had low opinions of Practice Fusion’s management, business practices, and Silicon Valley mindset in which patients were incidental to profits. Although, healthcare-specific ethical considerations aside, you could argue that businesses are supposed to do exactly that and are rewarded for doing so. We just unreasonably expect healthcare to be voluntarily different.
• Practice Fusion was clear in stating from the beginning that the point of its free EHR was a drug company advertising platform, i.e. it was paid to get prescribers to use a company’s drugs in situations where their own conclusions suggested they shouldn’t. As the old saying goes, if you aren’t paying for it, then you are the product.
• Purdue had money to burn and thus the $1 million payment to Practice Fusion was a rounding error and was probably not studied carefully for potential return on investment. There’s a high net present value in creating a loyal customer, whether the product is opioids or something else.
• DOJ termed the arrangement as “illegal kickbacks,” but I might make the same accusation against medical journals that accept drug company advertising. “Kickback” usually means sharing in the proceeds of illicit activity, and I’m not sure that selling fixed-cost advertising in any form fits that definition.
• If you believe Ryan Howard’s claim of innocence, then the blame must rest on his CEO successor Tom Langan, a former drug company sales rep, medical magazine ad salesperson, and president of a drug marketing company. With the Allscripts acquisition of Practice Fusion, he’s now CEO of the Allscripts Veradigm payor and life sciences analytics business, which among other activities helps drug companies “reach specific HCPs [providers] of interest within their point-of-care workflow through dynamic media solutions,” which I assume means pushing drug company ads at prescribers. Veradigm also sells Allscripts-held de-identified patient data to drug companies via Komodo Health.
• Or perhaps you believe that Allscripts knew that DOJ was coming for Practice Fusion no matter what and signed off on the settlement knowing that its allegations were untrue or misstated just to avoid future problems. The current administration seems intent on punishing EHR vendors for the $38 billion spent to get their products used and maybe Allscripts saw the writing on the wall along with the opportunity to throw previous management under the bus.
• The reported reduction in the Allscripts offer price for Practice Fusion nearly exactly matches the settlement amount, which Allscripts obviously knew about from doing its due diligence. Allscripts says it expects to recover some of the money from unidentified third parties, although the possibility of lawsuits can’t be ruled out.
• Practice Fusion’s EHR certification was awarded by ONC-Authorized Certification Body Drummond Group, which also awarded certification to EClinicalWorks and Greenway Health under similarly phony circumstances, resulting in DOJ settlements of $155 million and $57 million, respectively.
• The real question is how many doctors accepted the nudge of prescribing opioids inappropriately since the DOJ settlement only said that “numerous prescriptions” were issued after the doctor received the loaded CDS guidance. We don’t know how many of those prescriptions were inappropriate or whether those prescribers were already prescribing outside of medical guidelines even in the absence of EHR influence, especially since Practice Fusion’s target market was small practices looking for a Meaningful Use payday with minimal commitment.
• Allscripts has claimed that other companies have behaved similarly and the DOJ settlement requires the company to report the competitors that are doing so. I wouldn’t be surprised if other EHR vendors aren’t called out soon given the trend of clawing back a small percentage of Meaningful Use money by going after vendors rather than providers.

From Goody Three Shoes: “Re: Epic’s problems with the interoperability rule. You didn’t give an opinion.” My thoughts:

• Epic is correct that allowing patients – who are just as clueless as any other consumer in regularly exposing their own information in return for immediate electronic gratification – will create a Facebook-like situation in which companies that have otherwise been blocked from sketchy activities that require patient data are cheering at the opening of an unregulated back door.
• As a counterpoint, patient advocates maintain correctly that it should be the patient’s choice, although the skeptic in me keeps remembering that nobody ever went broke underestimating the intelligence of the American people.
• Bottom line: we as a nation have fallen behind our European counterparts that have adopted wide-ranging consumer data protection, so we’re expecting HIPAA – which was passed in the pre-Internet year of 1996 – to protect health data even though its loopholes don’t even ensure that providers, much less anyone else, will find it burdensome in their pursuit of profitable activities.
• I say pass HHS’s rules instead of awaiting perfection, then see what happens and act accordingly when a few big scandals come to light that might belatedly send us to a much-needed, GDPR-like law.
• Epic placed itself in an awkward position when it registered its concerns late in the legislative process, failed to anticipate public skepticism of its motivations as a huge technology company, and was hurt by its PR-averse practices that left it red-faced when mass media uncovered its letter to customer CEOs that urged them to oppose regulations that would benefit their own organizations as well (health systems, as the chief information blockers, have every reason to love the status quo). Epic’s objections are pretty much the same as AMA’s except Epic isn’t complaining about excessive EHR vendor connectivity fees, but only Epic is taking the black eye.

From Justin Time: “Re: health IT article. Does this look like a paid placement to you?” I’ll only say broadly that I dismiss any article or review about a company, product, or person that doesn’t include at least one negative statement. That covers an additional situation beyond paid collusion, that being journalistic incompetence.

Webinars

January 29 (Wednesday) 2:00 ET. “State of the Health IT Industry 2020.” Sponsor: Medicomp Systems. Presenters from Medicomp Systems: Dave Lareau, CEO; Jay Anders, MD, MS, chief medical officer; Dan Gainer, CTO; Toni Laracuente, CNO. Despite widespread adoption of EHRs, healthcare professionals struggle with several unresolved systemic challenges, including the lack of EHR usability, limited interoperability between disparate systems, new quality reporting initiatives that create administrative burdens, and escalating levels of physician burnout. Join the webinar to learn how enterprises can address current industry roadblocks with existing market solutions and fix health IT’s biggest challenges.

Previous webinars are on our YouTube channel. Contact Lorre to present your own

Acquisitions, Funding, Business, and Stock

The private equity owner of wearables-powered employee wellness vendor VirginPulse reportedly is preparing to sell the company for up to $2 billion. The company was founded in 2004 by Sir Richard Branson’s Virgin Group and has since acquired RedBrick, Blue Mesa Health, SimplyWell, and Preventure.

The private equity owner of imaging and radiology workflow systems vendor Intelerad sells a majority stake in the company to investment fund manager Hg Capital, which acquired the Rhapsody integration business from Orion Health Group in October 2018. Intelerad had been looking for a buyer since mid-November.

Sales

• CommonSpirit Health chooses Premier for clinically integrated supply chain management.

People

Access promotes Cody Strate to VP of marketing.

Brian Taylor (MCG Health) joins First Databank as VP of sales.

PatientPing hires Jitin Asnaani (CommonWell Health Alliance) as VP of strategic partnerships.

Industry long-timer Joe Carey, who held executive roles at Allscripts and Livongo, has died at 62.

Announcements and Implementations

Surescripts releases a Specialty Patient Enrollment service that automates the specialty drug prescribing process. Several EHR vendors, including Cerner, will implement it.

Northwell Health develops a premature infant growth chart application, with SMART on FHIR and InterSystems HealthShare making up the underpinnings. The health system says it took just six weeks to develop the app.

Government and Politics

A Health Affairs blog post notes the problems of the Indian Health Service in its continuing use of its obsolete RPMS EHR and enterprise system, which relies on the VA’s VistA platform that is being replaced with Cerner:

• IHS has received its first-ever IHS health IT budget item ($25 million in FY2020) to determine how it will proceed with the VA rug pulled from under it.
• IHS facilities experience perpetual staff shortages, including IT, and often don’t even have Internet or Wi-Fi access.
• IHS has followed the VA’s model of customizing each instance of RPMS, making it hard to support and train users.
• Facility customization prevents IHS facilities from exchanging patient information with each other.
• Patients lack the ability to view or download their own data.
• IHS IT is underfunded and received no additional budget to comply with federal initiatives such as Meaningful Use and ICD-10.
• The VA and DoD were given many billions to move to Cerner, but IHS has received nothing versus its estimate of $3 billion needed over 10 years to modernize its health IT platforms.
• A November 2019 report from IHS IT recommended that the federal government honor the federal-Tribal relationship, establish governance, create a patient portal, study end user needs, provide interoperability among IHS facilities, improve analytics, modernize infrastructure, and strength security.

Privacy and Security

TechCrunch notifies LabCorp that a since-fixed website vulnerability left its patient CRM system and at least 10,000 documents containing patient information exposed to Internet searches.

Other

Epic explains its opposition to HHS’s proposed interoperability rules, saying that EHR vendors would be forced to send data to any app of a patient’s choosing and many of them have been found to sell or misuse patient data. The company is also concerned that some parts of the medical record, such as the family history, contain the information of people other than the patient themselves who did not necessarily give their permission. 

Cerner expresses its support for HHS’s proposed interoperability rules.

A New York Times article questions how China will deal with a potentially huge number of coronavirus patients when its hospital-centric healthcare system is already too overwhelmed to meet even basic healthcare needs. Experts question whether patients are even being tested for the virus before being sent home to spread it to others. Videos show chaotic hospital hallways crammed full of patients, both living and dead. The government says it will complete construction of a new 1,000-bed coronavirus hospital within 10 days and another 1,300-bed hospital in two weeks, using rapid response plans developed during the SARS epidemic of 2003. 

A Lancet editorial warns that despite headlines proclaiming AI’s value in analyzing mammogram and other diagnostic images, AI doesn’t work well in diagnosing cancer in real world settings, with just 14 of 20,000 studies justifying possible clinical use. The authors call for clinical trials and making sure that the systems are trained on diverse patient populations for broad applicability. They also question whether proprietary algorithms, such as those developed by Google Health, can be trusted without external validation.

Good timing related to the Practice Fusion settlement news: a JAMA Network-published study finds that ED doctors prescribed fewer doses of opioids for discharged patients when the default prescription quantities were reduced. Patients were ordered 0.19 tablets more for each one-tablet increase in the default prescription quantity.

Weird News Andy says the BioFabrication Facility will indeed be the BFF for organ recipients. A commercial microgravity company 3D prints human heart cells on the International Space Station that were then returned to Earth in a SpaceX capsule, with executives concluding that “our BFF has the potential to transform human healthcare in ways not previously possible” in creating an entirely space-based industry.

Sponsor Updates

• Imat Solutions announces that its Clinical Reports module has achieved NCQA ECQM certification.
• AdvancedMD publishes a new e-guide, “7 Key selection criteria for outsourcing RCM for VBC.”
• Artifact Health will exhibit at the Florida ACDIS Quarterly Meeting February 1 in Jacksonville, FL.
• Elsevier creates a free information center to bring together the latest clinical research on the Novel Coronavirus 2019-nCoV.
• CI Security’s Drex DeFord will present at the AHA Rural Health Care Leadership Conference February 2 in Phoenix.
• The local paper covers the development of the new, 15-acre CoverMyMeds campus in Columbus, Ohio.

Blog Posts

• OR Delays Cost Hospitals Time and Money (Access)
• 2019 Product & Technology Wrap-up Positive Changes (AdvancedMD)
• Susy Liem: My First 30 Days at Avaya (Avaya)
• Health IT Predictions for 2020 (Datica)
• Easing Physician Burnout: Helping Physicians be Physicians Again (ChartLogic)
• Alarm Fatigue in Nursing (Spok)
• Webinar recap: How to reduce the burden of quality reporting (Nordic)
• Third Party Risk Management for Healthcare Cybersecurity (CI Security)
• How ACOs are Taking Advantage of Home Health (Collective Medical)

Contacts

Mr. H, Lorre, Jenn, Dr. Jayne.
Get HIStalk updates.
Send news or rumors.
Contact us.

Morning Headlines 1/28/20

Epic Supports Patients’ Access to Their Data, Proposes ONC Rule Solutions to Protect Privacy

Epic posts its concerns about HHS’s proposed interoperability rule on its homepage, concluding that while it rarely comments on national policy issues, “We must speak out to avoid a situation like Cambridge Analytica.”

Electronic Health Records Vendor to Pay Largest Criminal Fine in Vermont History and a Total of $145 Million to Resolve Criminal and Civil Investigations

The Department of Justice wraps up its investigation into Practice Fusion, which will pay $145 million to resolve allegations that it used its EHR software to illegally influence the prescribing practices of its end users for the benefit of opioid manufacturers.

Tidelands Health named in class action lawsuit after December malware attack

A Tidelands Health (SC) patient files a class-action lawsuit against the hospital after a December ransomware attack disrupted services and potentially exposed patient data.

Canadian health tech company to relocate to Reno, create 300 jobs

Medication adherence and disease management technology company DayaMed will relocate its headquarters from Canada to Nevada.

Details of Practice Fusion’s $145 Million DOJ Settlement Include Opioid Prescribing Kickbacks

The Department of Justice today announced details about the previously announced $145 million settlement by Allscripts-owned Practice Fusion. Practice Fusion admits in the settlement that it:

• Solicited and received a million-dollar kickback from an opioid manufacturer in return for allowing the drug company’s marketing department to design EHR clinical decision support alerts that encouraged opioid prescribing outside of accepted medical standards.
• Solicited 13 other agreements in which drug companies paid the company to influence CDS alerts to increase their prescription drug sales.
• Obtained ONC EHR certification fraudulently by falsely claiming to the certification body that its software met 2014 Edition portability requirements, after which it disabled the feature and advised users to contact the company if they needed patient data exported.
• Allowed providers to falsely claim Medicare and Medicaid EHR incentive payments when its product did not incorporate standardized vocabularies as HHS requires.

A Deferred Prosecution Agreement requires Practice Fusion to make compliance changes, obtain independent oversight, report any evidence of kickback violations by other EHR vendors, and to make details of the company’s unlawful conduct available to the public on a website. The oversight organization must also approve any sponsored CDS rules before they are implemented.

The Northern California US Attorney said in the announcement, “Prescription decisions should be based on accurate data regarding a patient’s medical needs, untainted by corrupt schemes and illegal kickbacks. In deciding what is best for patients, electronic health records software is an important tool for care providers. It is critically important that technology companies do not cheat when certifying that software.”

The $145 million settlement amount was announced by Allscripts as a tentative agreement in August, but specific details were not provided. Allscripts said in its Q2 earnings call that the $145 million settlement was in line with what other EHR vendors have paid to settle DOJ charges, but also added that “we expect to have recoveries from a variety of third parties that will help offset a portion of the amounts we have agreed to pay the government.”

Allscripts acquired Practice Fusion in January 2018 for $100 million after withdrawing a previous offer of $250 million. Practice Fusion had been previously valued at up to $1.5 billion.

Epic Lists Its HHS Interoperability Rule Concerns

Epic posts its concerns about HHS’s proposed interoperability rule:

• The rule would require health systems to send data to any app that a patient requests.
• 79% of healthcare apps have been found to sell or share patient data.
• Those app vendors would not be required to ask the patient for approval to use their data for other purposes.
• The patient’s data might also include family member data, such as family history, that the patient doesn’t realize, and those family members would not necessarily approve of having their information disclosed.
• The proposed rule does not limit the extent of information that an app can request or how its developer can use it.

The company concludes that while it rarely comments on national policy issues, “We must speak out to avoid a situation like Cambridge Analytica. The solution has a clear precedent in HIPAA protections, and creating similar protections that apply to apps would make a difference in the privacy and well-being of millions of patients and their families.”

Meanwhile, HHS Secretary Alex Azar said in his keynote speech at ONC’s annual meeting on Monday:

Health records today are stored in a segmented, balkanized system, and it’s not just affecting the patient and provider experience—it’s affecting care. This has to change, which is why, last year, we proposed ONC’s bold interoperability rule, as well as accompanying rules from CMS. I want to briefly lay out the context of the interoperability rule, which is the result of years of thinking about what’s needed to deliver on the potential of health IT.

The rule was authorized and required by the 21st Century Cures Act, a piece of legislation that passed on a nearly unanimous, bipartisan basis, and a law that I know many of you in this room either worked on or advocated. The details of the rule may be complex, but the goal is very simple: It’s about access and choice. Patients should be able to access their electronic medical record at no cost, period. Providers should be able to use the IT tools that allow them to provide the best care for patients, without excessive costs or technical barriers. 

This sounds like a pretty intuitive, appealing standard. Unfortunately, some are defending the balkanized, outdated status quo and fighting our proposals fiercely.I want to be quite clear: Patients need and deserve control over their records; interoperability is the single biggest step we can take toward that goal.

In determining how to implement it, we will take very seriously all input from our stakeholders, including all of you in this room. We extended the comment period for the interoperability rule, and have done extensive in-person outreach as well. We will pursue the goal of patient empowerment while providing robust enforcement of and protection for these same patients’ privacy.

This is not about one software system design or the other. This is about ensuring that patients have access to information about their own health, and that providers have a choice in tools and solutions to provide the best possible care. Our work toward that end will in no way limit patients’ privacy protections.

Look at the status quo: Patients cannot easily access their medical records, providers on different systems cannot effectively communicate, and those holding patient data have prevented new market entrants from participating in this space. Defending a system like this, defending that status quo, is a pretty unpopular place to be … scare tactics are not going to stop the reforms we need.

Curbside Consult with Dr. Jayne 1/27/20

The healthcare IT universe is atwitter (both figuratively and literally) about Epic’s opposition to the proposed HHS rules regarding information blocking. Although the rules are designed to speed sharing of patient data among hospitals, medical practices, and other care delivery entities, there are concerns that they don’t go far enough to protect patient privacy.

Opponents are claiming that relaxed rules will allow sharing of data with third parties that aren’t bound by HIPAA, resulting in patients losing control of their protected health information. HHS counters with the assertion that they “want the public to have computational right of access to health information so they can have control over apps of their choosing.”

Although choice is a lofty goal, the reality is that patients (and consumers in general) aren’t going to read the disclosures of how their data is used or what permissions an app might need to operate, which could open the floodgates of information sharing in ways they might not fully appreciate. On the other hand, data sharing is important for better healthcare – improved coordination of services, reduced duplication of testing, greater understanding of the patient’s whole condition, and more.

I see patients who regularly pull up their patient portal accounts and just hand me their phones, hoping I can make sense of their medication lists or what lab testing has been done recently. They know that the big health systems in town refuse to play nicely with independent providers, but they want us to have the whole picture.

It’s the digital equivalent of what the military did with charts for years. The patient would pick up their chart and take it with them to their appointments so that everything was at the provider’s fingertips. I used to love seeing those recently discharged military members in practice because it meant continuity in a way that I couldn’t get via fax or mail in the olden days before electronic data sharing.

I think it’s important for patients to understand that if they share their health information with third party apps that their data is no longer protected. This is the current reality for a good chunk of health data. Patients are giving their PHI freely to apps tracking fitness, fertility, calorie intake, sleep patterns, biometric factors, lab data, and more. They’re giving away their genomes to commercial testing providers without a second thought, mostly because they haven’t read the fine print.

I’ve heard the call for protection of health information regardless of whether it’s in the hands of a HIPAA-covered entity or not. That is starting to look like a good idea. Maybe it’s time to broaden the definition of PHI and hold everyone who handles it accountable for keeping it protected.

Maybe it’s also time for HHS and other agencies to fight information blocking in ways that don’t involve vendors. My state’s HIE is one of the most pathetic in the nation, with high costs to hook up to it and other barriers to participation. Although the big health systems are feeding it data, it’s cost prohibitive for small organizations or independent providers to connect. How about some grants to eliminate those barriers? Or how about tax breaks for providers who want to connect for better patient care? How about allowing individual providers to go through a credentialing process to be able to log in to see whatever patient data they need to get the job done, just like they do now for prescription drug monitoring programs? Why all the mystery about having to have a practice or institutional login? It drives me crazy, because when I moonlight at the hospital I can access the HIE, but when I’m out at the little practice on the prairie where the data would be most beneficial, I’m in the dark.

There are more pieces to the puzzle then just requiring vendors to jump through interoperability hoops. We need to require healthcare providers to actually comply with existing laws regarding records release and data sharing. Right now, there is little enforcement and little recourse for patients who are caught without their information.

Let’s also spend some money educating patients about their health and the importance of keeping track of their data, even if they have to do it manually. Sure, it’s cooler to do it on your phone or with an app, but even just keeping a file with copies of important labs is better than nothing. Three-ring binders aren’t sexy, but they’re cheap and you can still access the data when you forget to plug in your phone.

Patients don’t realize how important it is to keep track of their health when they’re healthy. I routinely have to restart people’s hepatitis vaccination series because they’ve lost the records of their immunizations and the pediatrician has long since retired. People become sick and realize they need “the binder” or “the spreadsheet” or whatever mode of data gathering they arrive at, but it’s too late.

Some argue that we shouldn’t put the onus on the patient. I would say that’s the only way to make sure their information is accurate.

I did a little View Download Transmit experiment on my own medical records at several different practices and found upwards of two dozen errors. There were diagnoses I’ve never had, medications I haven’t been on in years, and even a couple of lost pathology specimens. Managing that shouldn’t be entirely the patient’s responsibility, but there could be a better partnership between patients and providers to ensure that everyone had the information they need. There are simple workflows that enable this that very few practices do, such as sending the patient a copy of their health summary prior to the visit and asking them to bring any corrections to the visit. You could even (gasp) give the patient a printout of the information when they check in for their visit, ask for a markup, and then review it together. Seems easy, but there’s too often a lack of resources or lack of will to even make these small changes.

Although this is a hot topic for HIStalk and Politico and others, many people in the trenches have no clue. I had lunch with a CMIO friend today and she wasn’t even aware of the situation with Epic despite her role in an Epic-using organization. She works for the biggest information blocker in town, whose staff often refuses to talk to me after I refer patients to their hospitals. Go figure. I guess she wasn’t in Judy’s contacts list. Similarly, no one is fired up in my forums for women physicians or medical school alumni.

It has been interesting to educate people about this issue. I hope they start following what’s going on in healthcare beyond their daily survival routine.

Let’s put on our patient hats for a minute and reflect on what we think about the proposed HHS rule. Do you give it a thumbs up or down, regardless of how it impacts your working world? Leave a comment or email me.

Email Dr. Jayne.

Readers Write: Alert and Alarm Fatigue: It’s Not Just For Clinicians Any More

Alert and Alarm Fatigue: It’s Not Just For Clinicians Any More
By Drex DeFord

Drex DeFord, MSHI, MPA is a healthcare strategy consultant and adviser to CI Security of Bremerton, WA. 

I’d like to say that we are lucky now that we have all adopted EHRs and used them to drive better, faster, cheaper, safer, easier-to-access care for patients and families. But based on my post-Meaningful Use experience, “luck” is one of the last words used by doctors, nurses, and other frontline caregivers.

The EHR came with a lot of noise. Distracting, aggravating, and even dangerous noise. There was some good stuff, too, and we thought we were doing the right thing. We had good intentions. But along with the good, EHRs have generated a bunch of unintended consequences.

One of those is alert fatigue, which contributes to physician burnout. In fact, most providers suffer from some level of alert and alarm fatigue. One of the most referenced articles from the past year was Atul Gawande’s New Yorker piece describing how doctors hate their computers. EHRs are a work in progress, and the challenge is enormous.

Just like the patient-facing folks, the cybersecurity team has its own seriously debilitating case of alert fatigue. It comes from the beeping and buzzing that is emanated by the multitude of security systems that we have purchased and installed.

They get alerts for things big and small. A staff member plugs a new device into the network. Someone logs in from another country. A user types their password incorrectly three times. 

Somewhere in these alerts is an actual intruder and a real problem. Or even worse, it’s an intruder who is already in the network, biding their time in an effort to quietly find the organization’s data crown jewels, snag them, then quietly exit the electronic premises.

If you have a CISO and a dedicated cybersecurity team, then good for you. In many hospitals and most clinics, the responsibility for maintaining and managing cybersecurity tools is distributed across a small group of information technology professionals who have other, full-time day jobs, such as managing the network, storage systems, or applications.

Watching for cybersecurity alarms generated by this plethora of systems and then reacting to them – figuring out which ones are real versus false – has become a major burden. It is another unanticipated consequence of adding more technology, with the best intentions, to solve complicated problems. 

Based on the number of breaches in healthcare, one can imagine that those tasked with watching cybersecurity alerts are feeling overwhelmed, a lot like their patient-facing teammates. What may be just as bad is that cybersecurity alarm distraction increases the likelihood that IT operators will make mistakes or have an accident – miss a patch or misconfigure a server – and cause the organization to suffer a self-inflicted breach.

Cybersecurity work is massively stressful. For the delivery of modern healthcare, these cybersecurity professionals are critical. One missed alert and entire hospitals can shut down. Physician practices have had to close their doors entirely.

Being a first responder (that’s what cyber-security professionals really are) is one of the most difficult jobs in the world. It takes unique skills, courage, and grit. And there aren’t enough cyber professionals to go around. Unfortunately, all the stress also takes a toll on the professionals themselves, especially when they are spread too thin across too many responsibilities.

When it comes to cybersecurity, there are better ways to manage both organizational and individual risk. For example, managed detection and response services can shift the burden of answering and investigating all those alarms to cybersecurity professionals who do this for a living, all day, every day. They are experts at figuring out what’s real and what’s not. Some can even integrate products that specifically target the Internet of Medical Things, doing both discovery and security analysis. They can do it all incredibly quickly using a combination of well-tuned technology and human review.

By pushing more of this responsibility to managed service organizations, a health system’s IT team can reclaim control of their time. They can shift attention back to the major IT initiatives that can help their organization grow and succeed. Maybe they will even have more time to work on projects to reduce healthcare burnout and alarm fatigue for everyone else in the organization.

Readers Write: ONC Regulations: Why Epic is Wrong and Judy is Right

ONC Regulations: Why Epic is Wrong and Judy is Right
By Chinmay Singh

Chinmay Singh, MSE, MBA is co-founder and president of Asparia of Saratoga, CA.

In August 2018, a highly satisfied medical practice customer of a company I co-founded decided to join a large, multi-state group. As part of this deal, they were required to switch to Athenahealth’s EHR, which was used by the large group. My company was an Athenahealth More Disruption Please partner, so I thought we would get an opportunity to go live across thousands of practices.

My jaw dropped when I got the email below from the medical group’s vice-president of clinical informatics, indicating that the group had decided not to integrate our solution:

This is not the only case where my startup suffered due to information blocking. As any other health IT startup founder can attest, my mailbox is Exhibit A for proving that information blocking is rampant. Thousands of patients can also attest that such blocking impacts their wellbeing.

Despite of all of this, I ended up siding with Epic CEO Judy Faulkner last week.

As many of you know, Judy (my mom in India would be aghast if she knew I was addressing a 75-year-old woman by her first name) asked customers to oppose ONC’s proposed interoperability regulations, which are expected to be announced as soon as next month. CNBC published a series of articles that singled out Judy and hijacked the issue. The tone of the articles and associated tweets was similar to the partisan rhetoric that we regularly see on some national TV channels.

The article ignored Judy’s concerns about patient privacy. The Twitter world competed to paint the most successful health IT entrepreneur — a woman who has not taken a penny from VCs or from the stock market — as the villain.

Epic has done the right things by opening up App Orchard and enabling over 600 APIs. But is that enough? The answer is no.

App Orchard requires a company to pay a hefty membership fee and then a per-API call fee. There is no justification for the fee model. As an entrepreneur, I think the fee is arbitrary and excessive. The hefty membership fee does not make any meaningful contribution to Epic’s revenue (did someone at CNBC say $3 billion?) The only thing it does is to give ammunition to Epic’s opponents.

Similarly, Epic wants hospitals to use its software as the single source of truth. Unfortunately, by charging for each API call, Epic is encouraging the developer community (defined as “API Users” by ONC) to minimize use of such APIs, leading to the creation of new data silos. Why in the world you would develop 600+ APIs and not want them to be used is beyond my comprehension.

Epic’s flat-footed response does not end here. A few months back, the company decided to revoke developer access to all the APIs. Epic wants developers to contact Epic TS with their use case, who in turn will expose APIs on a case-by-case basis. You guessed it right — Epic will charge for this consultation.

Information blocking has hurt me and my company financially. Despite media portrayal of entrepreneurship, it is not fun to drive a rear-ended, 11-year-old Kia in Silicon Valley.

So why do I side with Judy? (sorry mom!) Because she is right to express privacy concerns.

I think everyone agrees that health information data is valuable. Mined at scale, it has the potential to help discover new treatments and reduce costs. At an individual level, interoperability can provide significant relief to patients as they seek treatment from a team of clinicians for conditions such as cancer. I have no doubt that the proposed ONC regulations will allow this. But patient privacy will suffer, and in the end, we will get overpriced and lower quality care.

The proposed regulations mention “API user” 40 times. As far as I can see, the regulations do not ask the API user to sign a business associate agreement or anything equivalent. Not once.

Not only this, the regulation requires “health IT developers” (aka Epic or Athenahealth) to approve the API user rather than their use case. Moreover, the regulation requires that such approval should not take more than five business days.

Who else, other than entrepreneurs like me, will get access to your health data?

Let’s start with law firms. Would malpractice premium jump because law firms will be mining such data at scale to find that one instance where a physician slipped? If that happens, will we continue to attract the best possible talent for medical schools?

Now imagine a cancer survivor who exchanges their health information for a free ride after chemo. Will they be discriminated against in job interviews because of publicly available information? Will politicians pit them against ALS patients in seeking votes?

What if this free ride was given to a teenaged incest victim from an underserved community who went for an abortion? Would the shaming ever end for her?

That is why Judy is right. But I do understand that she may not have said this as eloquently as a fellow Blue Devil from The Fuqua School of Business – “privacy is not an afterthought.”