On February 25, Jeffrey Shuren, the director the FDA’s Center for Devices and Radiological Health, announced that his agency had received reports of 6 deaths and several dozen injuries associated with electronic health records (EHRs) in the previous 2 years.

Shuren subsequently proposed that the FDA should regulate the safety of EHRs. The FDA could implement a post-market surveillance program, or even classify EHRs as medical devices, he suggested.

The latter strategy would subject EHRs to the same pre-market regulatory scrutiny as, say a defibrillator goes through. Each EHR vendor would have to prove to the FDA that its product is safe and efficacious before it goes to market.

ehrbloggers.com said at the time that Shuren’s pre-market regulatory strategy would effectively kill ONC’s rapid dissemination plan for EHRs. We advocated for rigorous post-market surveillance of EHR safety, and suggested that regulatory control should vest with ONC, not the FDA.

New developments suggest that’s exactly what is happening. Last Friday, a subgroup of ONC’s HIT Policy Committee proposed creating a national EHR safety database into which clinicians could contribute information regarding safety issues they encountered while using the technology.

The subgroup’s recommendations for post-market surveillance include:

1) Establishing a national health IT reporting system for EHR safety. An as-yet unnamed organization would assume responsibility for the program. Providers would submit data to this organization for all bona fide safety incidents and “near misses” as well. The organization would subsequently analyze the events and disseminate its findings.

2) Adding new safety criteria the Stage 2 Meaningful Use/EHR certification requirements (with Stage 2 going into effect in 2013).

3) Requiring EHR vendors to include “feedback” buttons in their systems that facilitate safety reporting by providers.

4) Considering additional patient safety oversight in the form of an entity like the National Transportation Safety Board (an idea originally proposed by Sittig and Classen that we endorsed here).

5) Promoting patient engagement in the EHR safety program, such as can occur when a patient notices potential problems with data in her medical record.

6) Requiring ONC-funded Regional Extension Centers to train providers how to handle and report EHR safety problems.

The subgroup’s recommendations will be taken up by the HIT policy committee later today.

So, how are we doin’ so far?
Very well, thank you. It’s clear the Feds understand their obligation to assure EHRs are safe and effective. It’s also clear they understand that post-market surveillance is the proper way to do this, given the circumstance. And we remain hopeful that ONC, not the FDA will be tapped to oversee EHR safety. Just on these three items alone, we’ve tripled and are headed home on EHR safety.

The remaining step for the Feds is to flesh out their thinking on safety-related EHR certification criteria: what they might look like, and when they would be enforced.

Right now, ONC’s IFR (now in the sausage making phase) is light on patient safety concerns in Stage 1. In fact the only Stage 1 IFR criterion that directly addresses patient safety is the one requiring medication reconciliations.

ehrbloggers can live with that for Stage 1, but we’d like to see these criteria beefed-up for Stage 2. An “enhanced” criteria set for EHR safety should (as originally proposed by Settig and Classen) require vendors to:

-- Demonstrate that they follow good software engineering practices, including performing hazard analyses of their products, designing for safety, and verifying their systems work as designed.

-- Demonstrate that they have addressed all relevant issues identified by the national hazard reporting system described in this post.

-- Present data collected from multiple implementations describing their system's reliability and response time.

We are confident the Feds are going to nail this.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

The 60-day open comment period for both the Meaningful Use NPRM as well as the Certification IFR are now over. These documents, which have accrued thousands of comments from a whole spectrum of stakeholders and interested parties, now will be digested by the Centers for Medicare and Medicaid Services (CMS) and the Health and Human Services (HHS) department. We’ll see how long it takes for the final guidelines to be published.

Interestingly, the Certification IFR has drawn criticism from CCHIT (the legacy certifying body which had done all the certification work since 2006). In comments filed with the Office of the National Coordinator (ONC) on March 12, CCHIT said that the IFR might result in an “unintended deceleration in the pace of adoption.”

The rationale that CCHIT gives for its worries are that the ONC’s certification process does not jibe with what CCHIT has been doing historically. In order to mold the CCHIT certification process to match what the ONC has determined as “what really matters,” numerous modifications need to take place.

For instance, CCHIT claims that the HL7-based standard for laboratory reporting is “widely accepted.” Our own experience with importing laboratory tests from a variety of sources had shown that the standard vocabulary for referring to a particular lab test (referenced as a LOINC code) is nowhere near universally adopted – many local systems, and even many regions within Quest Laboratories (a major national laboratory) use their own internally-crated coding and not the “universal standard.” We can write EHR software that “speaks this language” but many systems with whom we want to connect do not (the problem is on their side of the interaction). The ONC recognizes this and has backed away from forcing this standard in its rulings – we believe this is simply acknowledging reality.

Another example that CCHIT cites is that more than one standard for clinical summary data exchange is supported by the IFR – both the CCD standard (favored by large legacy vendors and by CCHIT) as well as the CCR standard (favored by more modular and open-platform “health 2.0” vendors) are given equal weight by the ONC. There has been considerable controversy as to the roles that each of these standards should play, but (rather than seeing them as useful in different contexts) CCHIT seems to believe them to be competitive to each other.

It is clear that CCHIT’s perspective on EHR certification remains centered in the large, legacy, client/server “big iron” systems that dominate hospitals and large clinics. It is through this shade of rose that their comments are made, believing that their “certification universe” represents the reality of the overall EHR space. In fact, modular, consumer-centered, web-based “health 2.0” tools are emerging very rapidly, and are largely (seemingly) outside of CCHIT’s radar.

Fortunately, CCHIT’s monopoly on certification is also a thing of the past. Drummond Group, for example, has declared its intent to apply as an ONC-Authorized Testing and Certification Body this year. They have studied the ONC documents, and have the ability to build their certification process around the ONC guidance (rather than try to fit ONC guidance around their legacy process, as it seems CCHIT is doing). We welcome Drummond into the realm of EHR certification. Though their actual impact remains to be seen, the fact that CCHIT is no longer a monopoly is a welcome breath of fresh air.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Over the weekend, a team of neuroradiologists and behavioral experts from UC San Francisco performed fMRI testing on Matthew Douglass, the Vice President of Engineering at Practice Fusion, to determine how he can possibly be so productive.

Douglass (see photo) has become a legend at the headquarters of the SoMa-based start-up. Co-workers have observed him developing strategic plans, coding, participating in a conference call and eating chicken tikka masala at the same time without splattering cream sauce on his monitor, for example. They have also noted his ability to work for long periods without relieving himself and unusual hypervigilance to sound, especially when working late nights in the office.

“It didn’t seem possible,” lead investigator Judith B. Thalamus, MD, told reporters. “We asked him to donate his brain to science but he refused, so we teed him up for an fMRI instead.”

Functional Magnetic Resonance Imaging (fMRI) is used to measure blood flow changes and neural activity in the brain, usually while a subject carries out specific tasks. In the last 2 decades, fMRI has become the diagnostic tool of choice for brain mapping since it is non-invasive, not associated with radiation exposure, and widely available.

According to Thalamus, the weekend test went off without a hitch. Douglass was restrained with soft padding during the 2-hour procedure, but he did not require a bite bar. While the cameras were rolling, Douglass was asked to perform several tasks independently, such as handling a call from Surescripts, LOINC-code mapping, reading user suggestions for improving the EHR, and selecting menu items from a local restaurant.

After baseline fMRI images had been obtained, the scientists asked Douglass to carry out two, and then three of the tasks simultaneously, once again while the cameras rolled.

Thalamus told reporters that Douglass’ baseline studies gave predictable results. The Surescripts call, for example, was associated with increased blood flow to Douglass’ amygdala, an almond-sized structure in the medial temporal lobe that is associated with the processing of emotion. Similarly, the LOINC-code mapping exercise triggered increased blood flow to Douglass’ right-brain, which is involved with creative and non-linear thinking.

But Thalamus was dumbstruck by the fMRI results when Douglass was asked to multitask. When reviewing user suggestions and simultaneously ordering from the take-out place for example, Douglass’ brain blood flow patterns resembled a butterfly in flight, with harmonic waves arcing across multiple brain regions and an orange-yellow scatter-matrix (see photo) that Thalamus swears she’s never seen before.

In another inexplicable finding, Douglass’ fMRI showed that his blood actually ran cold when scientists asked him to recount his favorite moment in Texas Rangers’ post-season baseball history.

Ultimately, Thalamus said her study was inconclusive. “I’ll be damned if I know how he does it,” the scientist marveled. “He’s just a freak.”

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

Today’s Five Question Friday interview is with Anand Popuri, a medical student at the New York College of Osteopathic Medicine at the New York Institute of Technology. He shares his perspective on EHR use, and Practice Fusion in particular.

As a preface, tell us a little about yourself. My understanding is that you are a medical student – what kinds of EHR exposure is found in medical school curricula currently?

The relationship between personal information, medial data, and Protected Health Information (PHI) has been a subject of some confusion. Our hope here is to shed some light on this complex relationship, and add clarity.

PHI
Protected Health Information is defined as individually-identifiable health data, which is (by definition) exquisitely sensitive. Being linked to an individual, PHI can only be shared with the permission of the individual. PHI is covered by the HIPAA Privacy Rule.

PHI can be thought of as having two components: (1) personal identification, and (2) health data. Health data includes diagnoses, medications, allergies, immunizations, and procedures done.

PHI is kept within Electronic Health Records (EHR), as well as within laboratory systems, insurance company data (including the government via the Center for Medicare and Medicaid Services – CMS), regional Immunization Registries, Health Information Exchanges (HIEs), and public health agencies.

EHR companies are custodians of the PHI records created by their customers (clinicians), and are bound by the same HIPAA Privacy Rules that apply to the clinicians using the system. PHI is only shared among clinicians for the purpose of furthering the quality of individual health care. PHI can also be rolled up into reports for use by the clinicians (quality metrics reports that identify specific patients needing follow up).

Personal information
When personal identification is completely de-coupled from any health data, then it is simply “personal information” – not PHI. Personal information (not personal health information) – like individual names and email addresses – are items collected routinely by many commercial web sites. Given that this information is not covered by HIPAA, separate privacy rules exist that obligate the commercial vendor to disclose their privacy policy – whether their customer list is re-distributed to other vendors, for example. Some non-health personal information is also very sensitive (such as banking and financial information) and is subject to privacy regulations in order to minimize the risk of identity theft.

Some technology vendors are able to approximate health data simply by tracking internet usage behavior. For example, Google Flu Trends tracks search activity for flu, which (although it reflects simple consumer interest in, or fear about, the topic) matches CDC reporting of influenza incidence fairly accurately. No HIPAA-protected PHI is utilized here.

Health data
Health data has been collected for a long time, long before EHRs – health plans have been collecting health data through claims for many decades. Health data is extracted, ultimately, from PHI – but once it is de-identified, the data is no longer PHI, and therefore (not being linked with any individual) does not need individual permission in order to share. De-identification of PHI is spelled out in the HIPAA Privacy Rules, and needs to be sufficiently “scrubbed” so as not to be re-identifiable (see further discussion here).

Medical data is extremely important, and is the basis for health policy and many strategic decisions. For example, when an insurance company claims that “only 35% of women ages 18-26 have been screened for Chlamydia” (a HEDIS metric), or when a laboratory states “10% of all Pap smears are positive for papilloma virus” – these, ultimately, are drawn from data stores that, when linked with specific individuals are PHI, but when extracted without individual identification are not PHI and can be used in whatever way is seen fit. They become the drivers of health policy, and of efforts to improve public health.

Medical data – not linked to individual identification, therefore not PHI (though ultimately extracted from PHI sources) – is sometimes aggregated very specifically. Quality metric compliance (which can be extracted from health plan data) can be drilled down to the region, hospital, medical group or individual physician level – and report cards of these findings are available publicly. Another example: drug companies know prescribing activity for their product at the individual-physician level, and use this data for marketing and detailing. When medical data is linked to physician behavior, but not to patient identification, it is not PHI.

The relationship between personal data, health data, and (when the two are linked together) PHI is complex. Small wonder that there is confusion about it. Our hope is that this discussion will help add some clarity to the understanding of this fundamental issue.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Physicians that use file sharing software can inadvertently expose their patients' health and financial information, according to a study in the Journal of the American Medical Informatics Association.

The study, by Khaled El Emam and colleagues at Children's Hospital of Eastern Ontario, is the first to quantify the risks associated with physician use of file-sharing applications, which are typically used to access and share music, videos and porn.

Over the course of one year, El Emam’s group used popular file sharing software including Limewire, BitTorrent and Kazaa to access and download more than 23 million files from computers in the US and Canada.

They found personal health and financial information in 2%, or tens of thousands, of the Canadian files and 5%, or hundreds of thousands of US files.

The information included medical authorizations containing patient insurance information, Social Security numbers, phone numbers, dates of birth, medical histories and current medication lists. Other files contained financial information like credit card numbers, passwords and PINs.

In addition, El Emam’s group found evidence that outsiders were actively searching for files containing personal health and financial data. "There is no obvious innocent reason why anyone would be looking for this kind of information," El Emam told Healthcare IT News.

These file sharing tools "are not completely intuitive and can thus lead to errors as to which files or folders are set-up for sharing. Without additional protection on the health records, like encryption or elevated access controls, it is entirely possible that a misconfigured file sharing tool could access the records," Robert Grapes, Cloakware’s chief technologist added.

The scientists advised that file-sharing tools can make health and financial documents vulnerable to fraud or theft, and that unless all office personnel understand how to operate the security settings on such software, it’s best not to use it on computers where such information is housed.

"A significant amount of information is leaking and I think it's important for the public to be aware of the risks of running those programs," El Emam told the Montrael Gazette.

Simon Morris, VP of marketing and products at BitTorrent said that inadvertent file sharing of the sort described by El Emam is impossible on BitTorrent because files are only shared when they are downloaded. Morris did concur such breaches were possible with other file-sharing software.

"The problem is that consumers in the past, have sometimes not understood what it means to 'share' a folder, and sometimes accidentally shared folders (or folders within folders) which contain all sorts of private information (tax returns, etc.)," Morris said.

The issues raised above are new to health care, but they have already affected other sectors. Federal government personnel have inadvertently exposed sensitive government and personal information by having file-sharing software on their work computers.

The information known to have been lost in this manner includes lists of people with HIV, FBI photos of a Mafia hit man, the names of people in the federal witness protection program and the safe-house location for Laura Bush, according to testimony provided last summer to the House Oversight and Government Reform Committee.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

At last week’s HIMSS trade show, one of the clear messages that emerged is that SaaS-based (software-as-a-service) Electronic Health Records (EHRs) are stepping onto the main stage as the most likely way that smaller and solo practices will be able to adopt EHRs in a meaningful way, in time for the 2011 ARRA/HITECH incentive moneys. Dana Blankenhorn (from ZDNet) commented on this, as did John Halamka (CIO at Harvard and member of the Health IT Standards Committee).

SaaS-based software has also been referred to as cloud-based computing, web-based software, ASP-delivered software, and other terms (not all exactly the same from a technical standpoint, but often used interchangeably). So what is this new “hot buzz” all about and why is it important in the world of Health IT?

Elimination of IT burden
SaaS-based software is internet hosted, and accessed through an ordinary web browser. That means that the vendor, not the clinician, bears the burden of all the back-end heavy lifting – servers, always-available access, security and safety of data, and backup of data are all issues that are removed from the clinician.

This is a significant difference compared to legacy client/server software, which require a local installation onto a server, the maintenance of a secure local network (with perhaps a Citrix layer to access it from outside the confines of the office and network), and local policies for safety and security, as well as data backup. This generally requires the need to hire an IT consultant, and adds “hidden” cost to the whole EHR installation.

An interesting side-note here is that the computers which run the software (the clients) can have less expensive operating systems with a SaaS approach. In a local area network (a LAN), all the workstations that access the local server need to be able to become members of a Domain, which is established by the server. Windows (any version) Professional version needs to be installed; the Home versions of the operating system is not able to join Domains. There is generally about a $100 additional cost for the Professional version of operating systems, compared to Home versions. With a SaaS-based EHR, all one needs is a browser and an internet connection – joining a domain is not required. Therefore, any off-the-shelf computer with a pre-installed Home version of the operating system will work.

Version control
Another limitation of a locally installed legacy client/server system is that, once it is installed, then it is “set.” Upgrades and bug fixes require the application of a patch, or installation of a new version. Often, a fee (per upgrade, or per year) is charged by the vendor for this support.

From the standpoint of a vendor, support is challenged by this. When there are a variety of versions of a product locally installed “in the field,” then support is more difficult.

A SaaS-based EHR avoids this issue of “version control” – everyone, by definition, is on the same version. When changes or upgrades are deployed, everyone receives these changes on their next session log-on. From the standpoint of support, this is much easier, and feature fixes as well as bug fixes can be managed quickly, and deployed to everyone at once.

Customizable UI, per role, per specialty
One of the criticisms made about SaaS-based EHR products is that they are “one size fits all.” This may really limit the usability of a given product. Therefore, a customized, specialty-specific EHR may work better, given that the workflows faced by different specialties are, in fact, quite different.

Using modern technology, it is possible to capture many elements of a user upon login, and create a product that delivers a view (the User Interface, or UI) that can be very individualized. Within a given medical practice, different users have different needs, depending on their role – what a front-office check-in staff member and scheduler needs are different than a back-office nurse, which is different from what the clinician needs.

Similarly, what a Family Physician needs from an EHR may be quite different from what an Orthopedist needs, or what an Oncologist needs. Such workflow needs are beyond simply presenting a different set of charting templates (though that is certainly a start). Though not fully actualized presently, modern SaaS-based technology can move in this direction – the result being that, upon login to a SaaS-based product, the features presented by default (the UI) will vary depending on specialty, role, and individual preferences.

Learning curve
One of the biggest fears about moving from a paper medical record environment to an electronic one is the concern about a prolonged learning curve and a consequent dip in productivity. This dip in productivity (i.e. income stream) can be significant (e.g. 20%) and can last a long time (e.g. months). This is especially concerning for small primary care practices that run very close to the margin – small perturbations in income stream can mean running at a loss. In a fee-for-service system, life as a primary care physician is often a mad hamster-wheel life, with little time for much else other than processing high patient volumes through the office (worthy of an entire tangential blog topic thread). Anything that introduces a slowdown in this frenetic pace is worrisome.

Yet these precise practices are the ones that the Office of the National Coordinator (ONC) wants to get on board with EHRs. Even if the EHR is SaaS-based (minimal IT infrastructure costs), and free, the worry about work slow-down during the adoption phase is an obstacle to adoption and use of an EHR in a meaningful way.

Thus, regardless of the style of EHR deployment, the burden is on EHR developers and vendors to create products that minimize the learning curve. Usability is paramount. Incorporation of user suggestions into the product is very important.

A lightweight, intuitive, responsive EHR is the goal for all us of who are creating the tools needed in order to achieve the transformation of U.S. healthcare from a paper-based legacy to a modern electronically-connected one.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

The United States is an unquestioned world leader in medical innovation. The fruits of our creativity can be seen in astoundingly clear MRI images and in expressions on the faces of organ transplant recipients that have regained fulfilling, productive lives.

Medical innovation also creates jobs for US citizens. The medical device and health information technology sectors are particularly hot in this regard right now. Practice Fusion for example, expects to hire nearly 100 new people this year, tripling our current headcount.

And medical innovation creates new knowledge and highly-skilled workers which will prove critical to our nation’s success in an increasingly competitive global economy.

But the news isn’t all good about medical innovation. For one thing, it drives up the cost of health care. Thirty years-worth of public demand for the newest medicines and latest high-tech devices has pushed medical cost inflation far beyond what has been observed in other sectors of the US economy. This spiral was thought to be unsustainable even before the current era of enormous public deficits and sluggish economic growth.

Is it wise to be developing ever more sophisticated – and expensive – imaging technology and surgical implants that have low marginal benefits compared with existing versions? Do we care that such innovations widen access disparities to the highest quality healthcare in our country?

Thought of this way, medical innovation is a double-edged sword: we can cut payment for innovative products that improve care but at a high marginal cost, but doing that will dampen the job creation and knowledge-development that our economy desperately needs.

Is There Another Way?
What we need to do is re-examine how and where we innovate. We need to abandon or at least reduce our focus on "incremental innovation," in which we strive to produce ever-more sophisticated versions of existing technologies, and focus instead on innovations that either reduce the cost of health care delivery or make it more accessible.

Telemedicine, remote monitoring devices and portable ultrasound devices hold promise in this regard. They let more people get treatment, make better use of medical manpower, and shift treatment to less expensive settings.

Beyond this lies something I’ll call Strategic Innovation. Strategic Innovation means redefining business models so as to promote deployment of new products and services at lower costs to providers—and hence the government, which uses taxpayer dollars to pay for them via Medicare, Medicaid, SCHIP and so forth.

This is what Practice Fusion has done by offering a fully-functioning EHR for free to providers. In an instant, our ad-supported product eliminates license fees, training fees, transaction fees and update fees that providers, and ultimately the government, previously had to absorb. In an instant, solo and small group practices can access quality improving, cost reducing EHR technology that had previously been unaffordable for them…and leverage it on behalf of their patients.

There’s more. Practice Fusion’s Strategic Innovation aligns our interests with those of the providers we serve. We don’t get paid unless providers use our EHR, so we listen when providers tell us how we can be better. And we are driven to help providers use the EHR more and more…which is exactly what the government wants.

In contrast, the traditional EHR vendor business model creates few incentives for vendors to be customer-focused. Is it even in their interest to promote utilization of their systems once they have made a sale?

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

#HIMSS10 in Atlanta is done and dusted.

The conference was an exhausting but gratifying experience for Emily, Kellie, Ryan and me, the 4 folks from Practice Fusion who were lucky enough to attend. We met so many people who wished us well and want us to succeed…it was overwhelming. We thank each and every one of you for your kind wishes.

And we 4 owe a heart-felt ‘thank you’ to every other member of the Practice Fusion team who could not attend HIMSS: your energy and creativity are driving our rapid rise.

The massive conference left attendees with a million memories: it was part carnival, part inspirational and part heartburn (unless you normally eat breakfast at Papa John’s).

A highlight for us was ONC-boss David Blumenthal’s visit to the Practice Fusion booth. Long ago, I reported to Dr. Blumenthal when he was Sr. VP for Clinical Affairs at Brigham and Women’s Hospital in Boston. We even published a paper together in JAMA back in the day. The man hasn’t changed at all: his reasoned approach to things, his listening skills, and his unwavering commitment to public service and the greater good were present 20 years ago and they’re still there.

It feels to me like Dr. Blumenthal has been prepping for his entire career to fill the role he now holds, and he is not about to swing and miss.

And the man has surrounded himself with an exceptionally talented staff—many of whom we met at HIMSS as well. These people believe they can make a difference in health care, and they are doing just that. I was stunned to learn at HIMSS that ONC has only 55 employees right now, but after meeting these folks I have some understanding for how such a small number of people can manage to have made such a profound impact in so short a period of time.

Almost as striking to me was the World's Fair atmosphere in the exhibit hall, which was created by palatial booths of many legacy EHR vendors. Some of these booths were larger than my home. They were bathed in soft backlighting. They featured perfectly coordinated color schemes, plush carpeting, and more HD TV screens than a sports bar on Super Bowl Sunday.

In short, they were waaay over-the-top, and they represented everything that is wrong in HIT today.

These exhibits reminded me of the spectacle that unfolded 16 months ago when the CEOs of the big three automakers flew to Washington on private luxury jets to plead for $25 billion in taxpayer money to avoid bankruptcy.

What can these EHR vendors be thinking? Indeed, what must Dr. Blumenthal be thinking when he sees these cathedrals?

HITECH, lest we forget, is a taxpayer-supported program that was born out of the Great Economic Crisis of 2008, a near-disaster that is only now easing, and not all that fast, either. Millions of US citizens are out of work and down on their luck, and a central premise behind HITECH and the ARRA legislation it belongs to was to help these folks get back on their feet.

Now, it’s certainly not the fault of the legacy EHR vendors that the promise of HITECH cash has fueled investor speculation and soaring HIT stock prices. But the idea that part of this investment has found its way into the designer booths and Armani suits of legacy EHR vendors is abhorrent.

Surely a toned-down display would have been more appropriate given the hard times so many millions of Americans face right now. Surely some of that shareholder money could have been used to create more jobs or fueled more innovation by these companies so they could cut prices on their systems, enable more providers to afford them, and ultimately to allow more US citizens to benefit from the promise of HIT.

The contrast I witnessed in Atlanta, between the right-minded, super-capable public servants that came by our booth, and the large shadows these other booths cast over our modest footprint at HIMSS was something I’ll not soon forget.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

On Tuesday, March 2nd, the Office of the National Coordinator (ONC) for Health IT released a new Notice of Proposed Rulemaking (NPRM) detailing how Certifying Bodies will go about testing and certifying EHRs. Using HHS-certified EHRs is required for physicians to have access to ARRA/HITECH incentive funds that will begin to become available in 2011.

Previously, the Centers for Medicare and Medicaid Services (CMS) had released a Meaningful Use NPRM, which is currently in the 60-day open comment period. This proposal specifies the 25 different categories of Meaningful Use that a physician needs to demonstrate in order to be eligible for incentive money – although these proposals have undergone modification and won’t be finalized until after March 15th.

Simultaneously, the ONC released an Interim Final Rule (IFR) on Certification, which details the capabilities an EHR system must have in order to become certified. Notably, the IFR introduced the concept of “Certified EHR Technology,” acknowledging that it may be unlikely for a single product to be able to address all 25 categories. Certified EHR Technology can be achieved either through a single Certified EHR (which does everything in one package), or through a collection of EHR Modules, each of which are certified to accomplish one or several of the categories and which can be mixed-and-matched to achieve the desired overall functionality.

What was missing was the process of designating ONC-Authorized Testing and Certification Bodies (a new acronym in the space: ONC-ATCB). Up until now, CCHIT and Drummond have expressed interest in becoming such Certification Bodies, though others may also follow suit now that the process is better defined. An easier-to-manage bookmarked copy of the NPRM can be found here.

This new document introduces a new concept. Given that the time is short before certification of EHRs need to be in place before the 2011 deadline (and we have expressed our concern about this previously), the new NPRM describes (1) Temporary Certification, and (2) Permanent Certification.

The Temporary Certification for ONC-ATCBs is a short-term stopgap, and the open comment period for this part of the NPRM is 30 days (it is 60 days for comments on the Permanent Certification portion of the NPRM). It is intended to cover the period from Q2 2010, and sunset after Q1 2012; Permanent Certification will begin Q1 2012 and continue on an ongoing basis subsequently.

We certainly applaud the release of the detailed process by which EHR Certification can proceed, and understand the reasoning behind a quick Temporary process, to be followed by a Permanent process down the road.

The main concern I would pose is this one: when the doors open up and one or more ONC-ATCBs are designated, there will be a crush of vendors (estimated 180+ different vendors in the EHR space) cramming to get in the door simultaneously, seeking certification. What if a vendor fails one or more Modules? Do they have to go to the back of the line for re-examination? Will that impede the designation of Certified EHRs and hamper overall EHR adoption (which is, after all, the whole purpose behind this process)?

A method to consider is how the Joint Commission for Accreditation of Healthcare Organizations (JCAHO) goes about accrediting hospitals and other healthcare organizations. The accreditation process is intensive and detailed, as anyone who has been through a JCAHO survey will attest. Few hospitals, who fail the testing process significantly, will lose their accreditation status. Few hospitals, on the other end of the spectrum, will become accredited with no contingencies. Most hospitals will have a few findings that don’t quite “make the mark” in some areas, but will be granted accreditation “with contingencies” – these contingencies will subsequently be re-addressed by a focused follow-up survey to ensure that compliance with the regulations has been met.

This may be a good model to follow. If Temporary Certification in a given module is pretty close (is “90% there”), then Certification “with contingencies” may still allow for designation of Certification status (and thus allow the vendor to help physicians meet Meaningful Use in time for 2011) – and the contingencies need to be cleaned up in a short, focused period of time (perhaps by the time of Permanent Certification).

Exactly how each ONC-ATCB will function remains to be seen. We’ll see how certification happens in a way that balances “getting very good product out the door quickly” with certifying EHRs that are safe and effective. Following the JCAHO model of accreditation (with or without contingencies) might be a good lesson to learn from experience in an adjacent field.

But the gates are open, and candidate organizations that wish to become Authorized Testing and Certification Bodies are now able to step forward.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

We have argued previously that ONC has an obligation to assure that EHRs are safe and effective, and that a two-part regulatory strategy could achieve this goal without hindering ONC’s primary mission to foster rapid uptake of EHRs by US providers.

In Monday’s post, we reviewed the first part of this strategy, which is to extend EHR certification to include more patient safety criteria than they do currently. Here, we outline the second part, a post-market surveillance system governing EHR safety.

Introduction
HITECH is based on the assumption that EHRs can help achieve many of the goals we share for improving our health system, including improved quality, reduced costs and efficient responses to public health emergencies.

Few believe this assumption is flat-out wrong, but the scientific literature contains surprisingly few studies which confirm that EHRs are safe, and these are offset by others showing EHRs actually cause safety incidents and patient harm.

Concerns about EHR safety were raised recently by Jeffrey Shuren, the director of the FDA’s Center for Devices and Radiological Health. He noted in public testimony last week that his agency received reports of 6 deaths and dozens of injuries associated with EHRs in the last 2 years alone.

The incidents included patient mix-ups, misfiled test results and failure to display allergy information, among other things.

The frequency of such incidents might be expected to increase as HITECH incentives drive hospitals to adopt EHRs. This is because legacy EHR vendors have neither the manpower nor the platform/software flexibility to handle the flood of customization projects required to accommodate local workflows.

Post-Market Safety Surveillance for EHRs
To address the problem, ONC should implement a mandatory EHR/Patient Safety reporting system that requires providers and vendors to report safety-related issues to a national clearinghouse, whether they have caused harm to patients or simply have the potential to do so.

The idea of a national clearinghouse for EHR safety--which is a form of post-market surveillance--was first proposed by Walker et. al. In their proposal, vendors can see all incidents in the data base, in anonymized form. Scientists have access to the anonymized data as well.

The clearinghouse should categorize safety issues to facilitate analysis. Although a proper taxonomy of EHR-related safety issues has not yet been developed, it should be possible to leverage related work in the narrower field of computerized physician order entry to develop such a system.

Once an EHR-related safety concern has been logged into the clearinghouse, ONC must alert several groups including affected customers and, if the concern is generalizable to other EHRs, their users as well. Of course the EHR vendor must then also address the issue to the satisfaction of ONC.

In addition to a clearinghouse, Settig and Classen recommend that ONC establish an EHR Adverse Event Investigation Board which can investigate and publicize serious adverse events or hazards involving EHRs. This agency would function like the National Transportation Safety Board does when it investigates airline disasters.

In particular, it would analyze the complex, sociotechnical interactions between clinicians and EHRs that lead to the mishap, and report its findings to ONC, EHR vendors, providers and the public for learning purposes. The board would have unlimited access to all aspects of the EHR, including system backups and change logs.

Conclusions
Frankly, neither EHR vendors nor the regulatory agencies overseeing them have systems in place to assure that EHRs are safe. EHRs profoundly impact clinical workflows and provider communication patterns, especially in hospital settings, so it is essential to establish mechanisms assuring they are indeed safe. A post-market surveillance system can meet this objective without impeding the government-desired roll-out of EHRs throughout the US health care system.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

Step by step, the Office of the National Coordinator (ONC) for health IT has been opening the door and embracing modern technologies, as it tries to knit together a network of interconnected Electronic Health Records (EHR) systems.

The most recent step in this direction was the unveiling on February 26th of a free, open-source tool called “popHealth” which can be used by healthcare providers and EHR vendors to pull clinical data from their own systems and do their own population care analysis.

The goal of popHealth is to simplify the reporting of summary quality measures and streamline the exchange of such data. One of the measures of Meaningful Use requires the reporting of quality measures and public health data – this tool is designed to help providers submit such data as part of their existing workflow.

Of note, this new prototype tool uses established standards, and is web-based. For web-based EHR vendors, incorporating such a tool is relatively straightforward and can be rolled into a combined offering to physician end-users. For more legacy EHR software vendors, this tool may need to sit side-by-side with their non-web-based user interfaces, but it should still piggy-back onto legacy systems (though it may require the help of IT support staff or consultants to get it all hooked up right).

Taking a step back, the release of such a web-based, open-source solution by the ONC represents a trend that is quite heartening. Traditionally, the ONC has supported the build-out of the Nationwide Health Information Network (NHIN), which is a “network of networks” comprised of multiple local and regional Health Information Exchanges (HIEs). HIEs have been traditionally supported by legacy EHR vendors, and upload of data to them has been difficult to implement – the result has been that large sums of money have been spent on creating and supporting these regional databases, yet to date no “galloping herds” of local physicians have been uploading their EHR data to them.

At the same time, the ONC has begun to embrace the concept of the “Health Internet” – a more consumer-focused platform comprised of discrete, substitutable, modular applications, rather than the traditional HIE approach of massive, consolidated (and somewhat proprietary) networks. The Health Internet is web-based. It is also more market-driven, develops rapidly, and looks to the ONC mainly for standards definition rather than for subsidy.

The release of a web-based, open source tool by the ONC to assist in quality metric reporting is another step towards embracing a “Health Internet” approach. It is a step toward the goal of an interconnected, coordinated electronic health infrastructure that can support the development of a transformed health delivery system. Plug-and-play, modular, web-based pieces of health IT will likely be more successful in achieving this goal than will build-out of increasingly massive, and increasingly expensive legacy systems and networks. We applaud the ONC in this step forward.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Last Friday, we argued that the Feds are obligated to assure the safety and effectiveness of electronic health records, since they are using taxpayer dollars to accelerate their dissemination (via HITECH).

We also argued that pre-market approval--the regulatory strategy used by the FDA to assure safety and effectiveness of medical devices--is not a viable strategy to use in the case of EHRs, since it would interfere with the HITECH-mandated goal of rapidly deploying EHRs throughout our health system.

Finally, we argued that the Office of the National Coordinator for Health Information Technology (ONC) should be responsible for assuring that EHRs are indeed safe and effective.

So how can ONC assure EHR safety while meeting its primary mission to foster rapid dissemination of EHRs?

We recommend that ONC deploy a two-part regulatory strategy. The first part involves bolstering EHR certification criteria to address safety more fully than they do now (addressed below). The second part is to institute a post-market surveillance program that detects, reports on and reacts to EHR safety problems as they develop in the field (addressed in the next post).

Enhanced EHR Certification
Current EHR certification criteria are outlined in ONC's Interim Final Rule, a document that is now just 2 weeks from finalization. The IFR, which we believe to a visionary tour-de-force that will reshape the entire HIT industry, is nevertheless relatively light on patient safety concerns.

Arguably, the only IFR criterion that directly addresses patient safety is the one requiring that medication reconciliations be undertaken when patients transfer from one locus of care (e.g. a hospital) to another (e.g. her PCP).

As ONC considers how to beef-up patient safety in its IFR, we recommend that it should consider suggestions made by Dean Sittig and David Classen in a recent JAMA article titled, "Safe Electronic Health Record Use Requires a Comprehensive Monitoring and Evaluation Framework."

Sittig and Classen’s paper contains a section titled, "Enhanced EHR Certification." The recommendations contained herein can be added to existing IFR criteria with ease, and would go a long way towards assuring the safety and effectiveness of EHRs.

Sittig and Classen's recommendations are that:

-- All EHR vendors should have demonstrated that they follow good software engineering practices, including performing hazard analyses of their products, designing for safety, documenting these designs, and verifying that their systems work as designed.

-- All vendors should be prepared to demonstrate that they have successfully addressed all critical software issues identified within (their proposed) national hazard reporting and investigation system within the previous year.

-- All EHRs should be "load tested" to simulate its response time when multiple users are accessing the system simultaneously.

-- All EHR vendors should be required to present data collected from multiple implementations describing their system's reliability and response time as implemented.

-- All systems should have their user interfaces tested for usability.

“In summary,” the authors conclude, ”EHR vendors must demonstrate that their applications have been designed for safety, developed correctly, work as designed, and had all their defects fixed.”

We think this is an excellent list and encourage others to weigh-in on it.

The one criterion we’re conflicted about is usability testing. In many circumstances, it is best to let the market decide for itself about usability—regulatory oversight isn’t needed and not advisable.

The problem here is that very bad things can happen when EHRs haven’t been configured to meet local workflows (customizability being a dimension of usability, after all). So, at the end of the day, since the Feds are obligated to assure quality and efficacy of EHRs, it seems to us that usability should indeed be subject to regulatory scrutiny.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

HHS Secretary Kathleen Sebelius probably wishes she never left Kansas.

She’s got one department—the Office of the National Coordinator for HIT (ONC)—that’s passing out HITECH money faster than a street-hawker with peep show tix in order to hasten the dissemination of EHRs.

And she’s got this other department—the Food and Drug Administration—that wants to regulate the dang things because of safety concerns…an idea that, depending on how it’s implemented, would completely gum-up what ONC is trying to do.

The FDA currently has nothing to do with electronic health records. Yet, according to Jeffrey Shuren, who directs the FDA’s Center for Devices and Radiological Health, it’s received reports of 6 deaths and several dozen injuries associated with EHRs on-the-fritz in last 2 years alone.

The mishaps have included mixed-up patients, misplaced test results, missing medical information, and failure to display allergy information, among other things.

“Because these reports are purely voluntary, they may represent only the tip of the iceberg,” Shuren warned. “We believe that a framework of federal oversight of HIT needs to assure patient safety.”

Shuren should only know that any mad dash for EHR cash on the hospital side will overwhelm the legacy EHR vendors who have neither the manpower nor the platform/software flexibility to handle the ensuing flood of customization projects that would be required to accommodate workflows at each hospital...that’s more accidents waiting to happen.

In prepared testimony for an FDA hearing on the matter yesterday, Shuren suggested the FDA could pursue 3 possible regulatory strategies for EHRs:

- Require that EHR vendors register with the FDA, voluntarily report adverse events and fix problems when they arise (Let's call this “Post Market Surveillance Lite”)

- Same as above, but with mandatory adverse event reporting. Additional requirements can be added at the FDA’s discretion: e.g. vendors must show they have software QC systems in place (“Post Market Surveillance”)

- Classify EHRs as Medical Devices, which would make them subject to the same pre-market regulatory scrutiny as, say a defibrillator goes through. In this instance, EHR vendors must prove to the FDA that its product is safe and efficacious before it can go to market (“Pre Market Approval”)

What’s Going to Happen
If nothing else, the FDA’s hearings have called attention to the Feds’ obligation to assure EHRs are safe and effective. After all, they’re spending taxpayer dollars to hasten EHR dissemination via HITECH.

But since the Feds are indeed committed to The Great EHR Roll-Out, they need to select a regulatory strategy that doesn’t gum it up. That pretty much eliminates Pre Market Approval.

So the Feds are left with the first 2 options. They can take their pick, knowing that the first is toothless and subject to capture by EHR vendors, and the second will take one to 2 years before it’s underway.

But…the FDA?
Why in the world do we have one HHS department turning the safety of EHRs into a public concern at the same time another is trying to promote their dissemination? Assuming HITECH provisions give ONC proper leeway, the job of assuring safety and efficacy of EHRs should be given to ONC, not the FDA. Sebelius should tell ONC to get it done and call off the dogs over at Food and Drug. It’ll just work better.

To be fair, in January, ONC released an RFP to address “undesirable and potentially harmful unintended consequences” of EHRs. But the FDA didn’t even wait to see how that played out. Do these guys talk to each other?

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

No one thought health reform would just go away after Massachusetts released “Guess Who’s Coming to Dinner” starring Scott Brown, but the Bay state’s stunning decision to let an unknown Republican fill the shoes of Ted Kennedy was a haymaker so big, it knocked the lights out of the process for 5 full weeks.

It was a refreshing break indeed, but now health reform is back. Right where it left off, it turns out.

OK, it’s different in that President Obama released a complete plan of his own this Monday. That’s something he’d not done before, even though he admits health care is Numero Uno on his domestic agenda.

But the President’s plan looks a lot like the bill passed by the Senate last December. It has no Public Option. It extends coverage to 25 million uninsured Americans using subsidies and an expansion of Medicare and Medicaid. It costs about the same as the Senate Plan ($950 billion), and it eliminates the most egregious practices of the private insurers (A comparison of the President’s bill and the Senate bill appears here).

So after tomorrow’s Health Summit, Congress will be dealing with more or less the same bill that many House Democrats abhor and that squeaked through the Senate on a razor-thin margin that no longer exists, thank you Scott Brown.

So what will happen next? Well, the Republicans think they have won the public argument (that is, they have backing of the centrists, the swing-voters): Obama’s plan is government-run health care…end of discussion. So they’re going to stand pat.

"There is no negotiation when it comes to either the House or the Senate bill," Eric Cantor, the second-ranking House Republican told the Washington Post. In fact, he said, "I don't look at (tomorrow’s Summit) as negotiation. I look at this to see if the president wants to come clean and start over."

Republicans know it’s not politically viable for either party to “start over”—there is a country that needs to be run after all. But given the hand they have to play, they will be content to stand back and watch the Dems do a very bad thing…whatever it turns out to be. They win the game, according to their calculations, in November.

Meanwhile the Democrats believe they’ve made considerable concessions already (bagging the Public Option and the surtax on high-income Americans to pay for expanded coverage) and that has led to exactly zero Republican support, let alone a willingness to negotiate. And they believe voters would be seriously POed if they didn’t at least try and run a play to get the ball into the end zone. It is, after all, on the one.

So for Democrats, it’s, “either we do this ourselves or it’s not getting done.”

Now, given the Scott Brown calculus this all comes down to the Dems trying to pass health reform using a parliamentary mechanism known as reconciliation, in which a simple majority of 51 Senators can do the deed. The biggest hurdle to this scheme is in the House, where Speaker Pelosi has to figure out how to get enough votes for the Senate bill despite its abortion language, which many find abhorrent.

Oh and if they can paste the Republicans for being the “party of no” or coax them into producing a detailed plan of their own that they can shred to bits, so much the better.

"The question is, does policy matter or has this become completely political?" said John Rother, AARP's executive vice president for policy and strategy.

We know the answer to that one.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

Health information privacy and security is a central focus of HIPAA, and is one of the non-negotiable pieces of Meaningful Use and Certification for Electronic Health Records (EHRs). Breaches of Protected Health Information (PHI) – the theft or unauthorized access to such data – needs to be disclosed to those affected, per HIPAA Privacy Rules.

Today, the Office of Civil Rights, which is a part of the Department of Health and Human Services (HHS), dropped the hammer and did what they said they would do all along – publish the names of covered entities and business associates who are involved in data breaches.

Part of the American Recovery and Reinvestment Act (ARRA) of 2009, the HITECH section (specifically section 13402) specifically requires a covered entity (i.e. a physician, clinic, hospital, dentist, insurance company) or a business associate (like an EHR vendor, billing agency, IT consultant, etc.) to notify the HHS and mass media of breaches of unprotected PHI involving more than 500 records.

PHI that is encrypted is considered protected and, therefore, provides a safe harbor against breach notification.

The new listing of breaches not only includes providers, it also lists business associates – generally, IT service providers to covered entities – and these providers are not only listed, but are named.

Is there any pattern to the kinds of data breaches that are in this list? Almost all of them involve the theft of a computer, backup records, server, hard drive or other device onto which is loaded un-encrypted PHI. Some of the breaches are of paper charts, postcards and mailings, or emails.

Hospitals, private practices, universities and health plans are all included in the list. Size of organization is no protection against such missteps. What can a practitioner do to minimize this risk?

Every practice, hospital, or any other covered entity should have a specific plan for protecting PHI. Data encryption needs to be implemented for any “data at rest” wherever practical. Databases and other file systems that contain PHI need to be identified. In particular, data backup devices – tape, CDs, and the like – need to be encrypted, to guard against data breaches in the event of theft.

Practice Fusion, being a web-based EHR, has paid particular attention to data privacy and security. While being a web-based service reduces many of the vulnerabilities that are present with locally-held data – backup devices, laptops with local PHI, and local server hardware are not needed, and therefore not exposed to theft – there are different challenges faced in the cloud. Practice Fusion has undertaken an extensive security audit in order to identify vulnerabilities internally and externally, and has devoted extensive resources to implementing its security plan.

Besides ensuring that the databases are secure and compliant with safe harbor provisions of the HIPAA Privacy Rule, and ensuring that 3-key logon results in highly encrypted transmission of data, Practice Fusion offers a level of security that would be difficult to achieve with a locally-installed system in a small practice setting.

The main areas of vulnerability worth pointing out, however are these: (1) make sure than no unsecured email containing PHI is exchanged with patients. Though not yet built and deployed, secure messaging using the Patient Fusion PHR is a way of communicating with patients in a way that avoids PHI data breaches. (2) Make sure that any files that are intended for upload to Practice Fusion – scanned documents, Word files, etc. – are deleted from the local computer once they have been uploaded. That way no PHI remains on the machine used for upload.

PHI breaches and HIPAA security are significant, and the HHS has demonstrated it intends to add teeth to its enforcement of these. Providers can protect themselves, but it involves addressing privacy and security, having a specific plan, and implementing it. Practice Fusion can help, and can work with you if you have questions.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Apple’s tablet computer, the iPad, hits the stores in 2 months. It seems destined to compete successfully in the market for e-readers and netbooks, and some have suggested it will find a niche in health care as well.

The iPad certainly has features that make it attractive to clinicians. It is priced reasonably, for example. In addition, thousands of doctors use iPhones in clinical settings, and for them there is no learning curve. These doctors suspect the iPad’s gorgeous 9.7-inch interface will enhance viewing of patient records and medical images, which are vexing challenges on the iPhone. Doctors will like the iPad’s finger touchscreen for data entry, or if not they can always use an external keyboard (optional).

Even so, surveys taken at the height of last month’s Apple iPad Public Relations Extravaganza suggest that most people doubt the iPad will be a difference-maker in health care, at least short term.

For example, in a reader survey by Healthcare Technology Online, just 5% of respondents thought the iPad would have a major impact in health care. Nearly 20% thought it would have a moderate impact, and 75% thought the iPad would have little or no impact.

Another survey by Epocrates found that 22% of physicians planned to purchase an iPad within a year, a number that is actually quite low given the marked selection bias associated with this survey (Epocrates sells clinical decision support tools in the Apple app store).

A third survey of 178 clinicians and HIT professionals by Software Advice helped explain the lukewarm reaction to iPad health care.

In this survey, 34% of respondents said they were very likely to purchase a tablet computer during the next year, but that 34% figure includes all tablet computers, not just iPads.

That’s important because the Software Advice survey also asked respondents what features were “must-haves” for a health care tablet, and the iPad doesn’t have most of them (see figure below).

Illustration from Software Advice

The iPad has these “must-haves”:
Wi-Fi access
Lightweight hardware
Ergonomic design

The iPad does not have these “must-haves”:
Resistance to dust and liquids
Wide selection of medical software
Fingerprint access
Barcode scanning
Voice-to-text dictation
Integrated camera
RFID reader

So-called “toughbook” tablets for health care typically feature sealed ports, can be disinfected and can withstand spills and drops. These features substantially increase the cost and the weight of the tablet, by comparison to the iPad.

In addition, the iPad also lags behind other tablets when it comes to medical software selection, according to Software Advice. Although there are thousands of medical apps in Apple’s App Store, there’s nothing in there that looks like a “Meaningful Use ready” electronic health record.

It’s also well to remember that the iPad’s battery is not replaceable. If it dies during the day, it can't be swapped out. The only option is to recharge the device. iPads also lack a microphone, a USB port, and the ability to do multitasking, which pretty much describes what doctors do every minute of their working days.

Conclusion
iPhones and other smart phones have made an impact in health care as drop-in-your-pocket reference tools, but compared with this, the marginal benefit of an iPad seems small, at best. Frankly, I doubt Apple was even thinking about health care when it released its snazzy, consumer-oriented, media-consumption device.

This Just in:

Apple is reportedly working on new product, tentatively called the iShoe. Secret photograph (right) shows early prototype -->

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

The Department of Veterans Affairs is looking for vendors to help it modify VistA, its electronic health record, so that it can better track physicians’ responses to patient care-related alerts that have been generated by the system.

Currently, a component of VistA known as the computerized patient record system (CPRS) generates these alerts, primarily in response to abnormal diagnostic test results. CPRS also captures whether or not physicians click to acknowledge receipt of the alert, but the information stream runs dry after that.

VA officials want CPRS to track physicians' follow-up actions in response to the alert. Such activities might include notifying patients about the abnormal findings, repeating the test, or ordering additional tests. The officials also want to track timeliness of follow-up by physicians who have received an alert.

The officials anticipate the work will require a redesign of the CPRS interface. In their RFP, they also indicate they are looking for vendors to provide source code for three functional and documented prototypes over the next 16 months.

Background
VistA is among the most comprehensive, respected and widely deployed legacy EHR systems in extant. It was developed using the MUMPS language/database.

The current plan to design an alert-driven physician behavior tracking system comes just months after the release of a study by Hardeep Singh and colleagues. They looked at what happened when VA physicians were prompted by an alert that had been triggered by abnormal findings on a medical imaging study.

It turned out that more than 18% of the alerts were never even opened, and nearly 8% of the affected patients did not get timely follow-up. In many cases, the lack of timely follow-up was associated with a deterioration in the patient’s condition.

Needed: A Clinical Decision Support Strategy
VistA has its own problems, being MUMPS-based and all (What? You thought the VA should be able to fix its own EHR? Or at least have a vendor that can help ‘em out?).

But the challenges identified by Singh are just as acute for all EHR system architects. Alerts after all, are just one kind of clinical decision support (CDS) tool. Reminders (for example, to order a mammogram on a 65 year old female that hasn’t had one recently) are another kind, as are structured order forms and clinical guidelines—at least to the extent they can be presented to clinicians during the course of their work.

In her recent review of clinical decision support for the Agency for Healthcare Research and Quality, Eta Berner of the University of Alabama wrote:

“…although EHRs…can improve accessibility and legibility of information, it is unlikely that there will be major improvements in the quality and cost of care from the use of health IT without proper implementation and use of CDS.”

This easier said than done. The set of all possible alerts, reminders and so forth is infinite, and a decision to add any one of them into a physician’s normal cognitive processes and workflow risks causing frustration. And should too many alerts be added, the comfortably numb physician might just ignore them all. So how do you choose which ones implement? Should you let an “administrator” turn alerts on and off?

By the way, when alerts interrupt normal cognitive patterns, they can have the perverse effect of creating new and different errors. For example, imagine trying to type a blog post while being forced to check your email inbox every single time you heard that “ding.” That blog post is going to take forever to write, and it’ll have more errors in it than one that was written with the benefit of some peace and quiet.

So no, this is not easy, but as per Dr. Berner, the quality-enhancing potential of EHRs is on the line here.

Good luck to those VistA consultants!

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

On December 30, 2009, the Office of the National Coordinator (ONC) for health IT released two documents that tried to define “meaningful use of certified EHRs” needed to access stimulus incentive money earmarked in the HITECH section of the American Recovery and Reinvestment Act (ARRA) of 2009.

One of these documents, referred to as the Meaningful Use NPRM (“notice of proposed rule making”), describes the things that a physician or hospital needs to demonstrate beginning in 2011 in order to access ARRA bonuses. Closely tied, the Certification IFR (“interim final rule”) describes the features an EHR product needs to have in order to become Certified.

Both of these documents were opened for a 60-day public comment period, and to date over 5,000 comments have been received and reviewed by the ONC. Half-way through the process, the ONC’s Policy Committee has made recommendations for changes, based on input from multiple stakeholders and the comments received. Granted that the Centers for Medicare and Medicaid Services (CMS) has final say-so over the NPRM, but input from the Policy Committee is certainly very influential.

The changes proposed are significant. There are 12 different recommendations made by the ONC to CMS, which can really change what physicians (and EHR developers) need to do. The recommendations can be summarized as follows:

(1) Reinstate the inclusion of Progress Note documentation for Stage 1 Meaningful Use definitions. The need to demonstrate electronic capture of progress notes was curiously missing from the NPRM, and is a central feature of most EHRs. Inclusion of this is now recommended.

(2) Remove certain core measures from Stage 1. The concept of “core measures” is defined by the National Quality Forum (NQF), but some of these measures (NQF 0013, 0022, 0028) are process measures or lack adequate consensus, and are thus proposed to be dropped.

(3) Reinstate the recommendation to produce Quality Metric reports stratified by race, ethnicity, gender, primary language, and insurance type.


(4) Problem lists, medications and allergies need to be up-to-date.

(5) Reinstate the recommendation to include the recording of Advance Directives as a Stage 1 Meaningful Use for physicians as well as hospitals.

(6) Physicians and hospitals should report on the percentage of patients for whom the EHR was able to suggest patent-specific education resources

(7) Reinstate the recommendation to include measures of “efficiency” for Stage 1 – including capturing the percent of prescriptions that are for generic medications (where generic options exist in the relevant drug class).

(8) CMS should create a glide path for Stage 2 and Stage 3 expectations, and advance the timelines where possible to allow ramp-up time for vendors and providers.

(9) Computerized Physician Order Entry (CPOE) must be entered by the physician directly

(10) Preventive health service reminders requirements should be amended to be more focused – so that reminders relevant to the physician specialty are the only ones expected.

(11) Define more clearly what is meant by “transition of care” – movement of a patient from one setting of care to another (hospital, ambulatory PCP practice, ambulatory specialty practice, long-term care, home health, rehab facility). Medications review needs to happen at each such transition of care.

(12) Most importantly: allow some flexibility in Meaningful Use criteria. This is a move away from the “all or nothing” which we (and others) have criticized in the past. Providers should be “given credit” for movement towards the goal. There are some criteria (e.g. safety and security of data) that are required, regardless. But other criteria can be “deferred.”

Though we are mid-way through the open comment period for the NPRM and IFR documents, it is clear that these represent “moving targets.” Unfortunately, both physicians and EHR developers and vendors will need to adjust their expectations, and their products offered, based on how this all plays out in the end. The open comment period is up March 15, 2010, and finalized rules should be ready by then.

The task is also a challenge for organizations that want to become Certifying Agencies, which will grant HHS Certification to EHR products. As the criteria and the rules shift, how these organizations prepare is also a bit of shifting-sands.

We will keep our eyes closely on these developments, and remain committed to offering an EHR product that is both Certified and easy-to-use, so that physicians can easily document their Meaningful Use in time for 2011 incentive payment availability.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Health information technology stocks were market darlings in 2009. They soared because analysts foresaw strong prospects for revenue growth in the sector once President Obama signed the stimulus bill into law (exactly one year ago, today).

That’s because the bill includes the Health Information Technology for Economic and Clinical Health (HITECH) Act which sets aside nearly $20 billion in federal funds to promote the utilization of electronic health records by providers.

But this year, things have turned a bit sour for HIT stocks. Athenahealth dropped 12% in January, Quality Systems dropped nearly 20%, and Cerner, which soared from the $30s to the $90s in 2009, dropped to $75 at one point recently.

There are systemic reasons and company-specific reasons for the fallback. With respect to the former, HIT stocks rose because their fortunes were tied to a law that had already been enacted (HITECH) a distinct contrast from other health care sub-sector stocks which were subjected to the vexing twists and turns associated with healthcare reform, a link that rendered those sectors unattractive.

But now that hopes for reform have faded, analysts see these previously beaten-down stocks to be more attractive. This has prompted many to recommend booking profits from HIT stocks and moving into the stocks of big insurers and providers.

On the company-specific side, Athenahealth announced just 2 weeks ago that it was changing the way it reports its non-GAAP net income. The announcement drove its share price down as analysts reduced estimates for the company’s future earnings. One analyst, Brean Murray, estimates Athena’s earnings overstatement at 17% for 2009 and 10% of its forecasts for 2010, according to a story in thestreet.com.

Most analysts do not believe that the extent of the accounting restatement warrants an SEC investigation, which is the good news for Athena.

As for Cerner, the Kansas City-based EHR vendor saw its stock nearly triple last year, in part because analysts thought it was positioned to cop a share of the large hospital market that many felt would make the earliest stimulus-motivated push into EHRs. Cerner delivered on this expectation by landing contracts with Tenet Healthcare Corp. and Universal Health Services.

So What’s the Net?
The net on this is that no one knows how hospitals--which are the target markets for these HIT companies--will respond to HITECH incentives. Many of them have no plans to go forward with an EHR right now.

This uncertainty creates the context around which the market will value HIT companies. The companies and the analysts who recommended their stocks a year ago set an expectation that the flood gates would be visibly opened (if not in "full flood mode”) by the end of 2009. To the extent these expectations have been met, the stocks have done fine.

But the pressure to hit revenue targets will grow for these HIT companies with each earnings season. A miss by 2 or more companies next quarter may well prompt some analysts to change their view from “stimulus cash to drive continued, robust sales” to “provider reticence and regulatory delays to hamper EHR roll-out.”

We know what would happen after that.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

The American Recovery and Reinvestment Act (ARRA) of 2009 contained billions of dollars aimed at moving U.S. healthcare onto an electronic platform. Much of it, described in the HITECH section of ARRA, is earmarked for incentive payments to physicians for demonstrating “meaningful use of certified EHRs,” paid out through Medicare and Medicaid.

In addition to these direct incentives, additional money is set aside for building the infrastructure needed to support the migration to Electronic Health Records (EHRs). Last week, the Health and Human Services (HHS) Secretary and the Department of Labor (DOL) Secretary announced the release of $1 billion in ARRA awards to help build (1) health information exchanges (HIEs), (2) regional extension centers (RECs), and (3) training programs for jobs in health IT.

With all of this money flowing into health IT, what will its impact be on day-to-day life in healthcare? Will we see any change?

For physicians and other providers of healthcare, the main attention has been around reimbursement methods for direct healthcare delivery – threats of Medicare reimbursement cutbacks for fee-for-service care, private insurance premium hikes and the impact on the percentage of patients who are no longer insured, federal health insurance reform and the impact on reimbursement rates, experiments in more coordinated delivery strategies such as the Patient Centered Medical Home, and the like. These areas of healthcare are not affected by the HITECH funds that have been released.

The money released will be felt rather indirectly by physicians and other healthcare providers. But those involved in health IT infrastructure will notice a change. Of the money disbursed, $386 million goes as grants to 40 states and qualified state-designated entities for building HIEs. These are data repositories that “sit in the background” and support EHRs in their ability to exchange clinical data about a given patient, and report on findings amassed from such collected data. Comparative effectiveness research will be aided by such improved real-time clinical data collection.

One of the categories of Meaningful Use of EHRs is the ability to exchange clinical data with others, and to upload quality metrics to public health and other centralized sources. As EHR developers ourselves, we have been surprised at the poor state of readiness of centralized registries (e.g. HIEs, Immunization Registries, etc.) – we have commented that as a web-based EHR developer, we would likely be ready to exchange data sooner than “the other end of the pipeline” will be ready to receive it. Infusing money into local HIEs may help this overall state of readiness (at least, that is the hope).

Another $375 million is being granted to 32 non-profit organization to support the development of RECs. This may actually be something that healthcare providers will see in day-to-day life. The RECs represent “feet on the street” that are intended to assist health professionals as they move to adopt EHRs in their clinical practice. The RECs will function as consultants for practices independent of EHR vendor representatives, though one can certainly expect that EHR vendors will be pressuring RECs to make sure to include their products in the list of options they recommend to physicians. This is a new program, not previously in existence, set up under HITECH/ARRA – our hope is that this service will rapidly mature, not make too many “rookie mistakes” and result in offering accurate advice to physicians about the true values available in the EHR realm.

An additional $225 million in DOL grants will be used to train 15,000 people in job skills needed to access careers in healthcare. It does not offer the actual jobs; but it goes to training programs that will teach the skills needed for anticipated jobs in the sector – e.g., jobs in HIE agencies, and local RECs. Through existing partnerships with local employers, the recipients of these grants have already identified roughly 10,000 jobs that will become available in the next two years in nursing, pharmacy technology and health IT.

These kinds of stimulus grants will certainly help U.S. job growth creation, and will add to the ranks of those involved in the health IT sector. That is a good thing. It does not guarantee that the build-out of an EHR platform across the country will go smoothly, however. Standards for HIE data exchange need to be technologically forward-looking and progressive, embracing new technologies (e.g. web-based interfaces) rather than protecting legacy vendors. This discussion is unaffected by the current funds disbursement. RECs need to make sure that they understand all the value propositions in the space, as they are changing rapidly, and not simply settle on recommending large, expensive, burdensome legacy systems. Time will tell. At the very least, however, we are heartened by the attention and support going toward this sector, as the build-out of an interconnected EHR platform is crucial to any meaningful healthcare delivery reform in the future.


Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

This Week’s Guest:
Michael Russo, Managing Partner
Innovative Health Care Solutions
Rocky Hill, Connecticut (Servicing NY, CT, MA, RI, NH)

Editor’s Note: In response to user requests, Practice Fusion established a Certified Consultant Network. Michael’s organization belongs to this Network. For physicians in solo- and small-group practices, Practice Fusion Certified Consultants act like your own personal IT department: they fix things and answer questions, and help you with workflow design issues that might arise with respect to EHR utilization.

Practice Fusion’s Consultant Network is growing rapidly, and now includes more than 40 Certified Consultants in the US. Certified Consultants use training and promotional materials designed by Practice Fusion to support our users. We have no financial ties with them, and receive no money from them. For more information about our Certified Consultant Network, please go here.

Michael’s Vision:
We are not simply a technology company, we are healthcare providers that know how to implement an EMR without losing focus on what really matters...patient care.

Michael in his Own Words:
I formed Innovative Healthcare Solutions to address the needs of small/medium sized physician practices in the Northeast who want to leverage technology to increase the efficiency, clinical effectiveness and profitability of their business. A major aspect of this is implementing an intuitive, comprehensive EHR solution. My experience and training as a Physician Assistant give me insight into the effects technology implementation on health care delivery systems. This insight, combined with my Master’s Certificate in Lean Six Sigma Healthcare, allows me to provide advanced technological solutions that improve efficiency, effectiveness and profitability.

Thank you Michael, for agreeing to participate in our series about electronic health records (EHRs) and their impact on health care professionals. We want an honest appraisal of your interactions with us. We value advice that helps us improve what we do. So let’s begin!

--What's it like out there for a person in your business?
There is a tremendous amount of interest in EHRs out there but a lot of confusion and misunderstanding as well. In talking with many practices, HITECH seems to be driving a significant portion of the interest, but there is a large knowledge gap regarding the required compliance with the meaningful use criteria needed to obtain that money.

This situation has created a market for consultants to guide these clinicians through the EHR selection process, and with the help of HITECH compliance guarantees similar to the one Practice Fusion offers, assure them the full rebate offered.

--What are the things that your clients care about in deciding which EHR to go with? Things they're looking for, things they want to avoid?
The needs and requirements of small practice clinicians seem to be focused most on ease of use and intuitiveness of the platform. I have heard many folks ask for something that is as easy to navigate and use as their favorite websites. Most individuals have basic web navigation skills, so they are comfortable with that platform. This comfort level will help expedite the learning curve for new users.

As a clinician, my feelings mimic those expressed by my clients. I want to be able to work on a familiar-looking platform that enhances my practice rather than something that requires a complete overhaul of it. This anticipation of a steep learning curve and the thought of devoting already precious and stretched time is a concern for clinicians.

The cost factor is also always a concern but the HITECH rebate, the possibility of increased productivity and a free EMR like Practice Fusion help mitigate that concern.

-- Tell me about your search for an EHR that you believe would be a fit for your small office target clients:
Through my career I have seen and used many different EHRs. When I began looking for one to work with exclusively, I knew first that I wanted to go the way of SaaS (Software-as-a-Service), which helped narrow my search.

I know my target demographic. I know that individuals who are worried about how to restart their computer would not be interested in maintaining a server in their offices. I wanted something that was maintenance-free from the user side as well as one that was intuitive and easy to use. If I was unable to sit in front of a platform and proficiently navigate through basic functions within a few hours, I could not expect my clients to do so.

Another criterion was customer support. I have spoken with many EHR vendors regarding functionality issues I encountered with their systems over the years, and they gave me what I consider to be the worst answer in the IT world… “Sorry, can’t do it.”

This to me was an immediate deal-breaker. One of the things I was looking for in a vendor was a willingness to work with and for the user.

--How did you come across Practice Fusion?
I came across Practice Fusion when I entered what I figured would be a shot-in-the-dark web search for “free EMR.” From a business standpoint, I wanted to find something that would have a unique sell point and there is no better sell point than “It’s free!!”

Of course, I was skeptical, hearing my father’s voice in my head reminding me that, “you get what you pay for.” This could not be further from the truth. After the five minutes it took me to sign up for the trial I began to navigate through the software with ease. There were clearly labeled tabs that contained the fields I expected them to. Absent were the 40 abstract icons that usually clutter the top of the screen leading you on a wild goose chase to find the information you need. Present was a clean, intuitive platform that was a refreshing surprise. I was an instant believer.

What do you like best about the Practice Fusion EHR? What don’t you like?
Bar none, the most impressive aspect of Practice Fusion is the “request a feature” tab. Having this tab present on the corner of every page and then getting a prompt response to a request, to me, indicates the dedication of a company to be client focused, innovative and open minded. These three traits, I believe, are the keys to success regardless of what industry you are in.

There is nothing so far that I have found that I do not like about Practice Fusion. But going forward, I would love to see them take on these two things:
1) utilization of mobile device platforms to integrate point of care testing and evaluation into the software making the platform even more efficient (Editor’s note: Coming, but probably not until Q4 the earliest.), and
2) inclusion of a kiosk-like page for tablets or laptops allowing patients to electronically sign common office forms, indicate their chief complaint, and access reliable peer reviewed medical information during a visit all while sitting in the waiting room. (Note: We are evaluating possible partnership deals with vendors who provide this functionality. Stay tuned.)

--What do you need from Practice Fusion to be successful in your consulting business?
Practice Fusion has already provided me with all that I need for a successful consulting business. I have a free product and a platform backed by and innovative, open minded medical-focused company. I truly look forward to continuing to work with you to promote this platform and bring it to many practices through the Northeast.

Thanks for that, Michael. Good luck!

Interviewed by Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion

Clinical decision support is a feature of Electronic Health Records (EHRs) that is felt to be central and crucial to contemporary, certified EHR technology.

In fact, both the Meaningful Use NPRM (notice of proposed rule-making) and the EHR Certification IFR (interim final rule) define a Qualified EHR as something that (A) includes patient demographic and clinical health information, such as medical history and problem lists; and (B) has the capacity to (i) provide clinical decision support, (ii) support physician order entry, (iii) capture and query information relevant to health care quality, and (iv) exchange electronic health information with, and integrate such information from other sources.

Unfortunately, the concept of “clinical decision support” is not precisely defined, and means different things to different people. Often, when engaged with other individuals and companies in the Health 2.0 space, conversations about “clinical decision support” are muddied by different assumption of what, precisely, that means.

Simple clinical decision support. The simplest form of clinical decision support (CDS) is alerting against drug-drug, and drug-allergy prescribing errors. Quite simply, alerting a practitioner against prescribing a medication to which the patient has a past declaration of allergy constitutes CDS. Helping the practitioner avoid medication errors like this is an important feature of EHRs, and is, technically, CDS.

However, Meaningful Use expects more than this. In fact, it specifically requests that a “meaningful user” implement 5 “clinical decision support rules (in addition to drug-drug and drug-allergy contraindication checking) according to specialty or clinical priorities that use demographic data, specific patient diagnoses, conditions, diagnostic test results and/or patient medication list.”

Compliance with quality metrics. The central concept referenced in the CDS intent for Meaningful Use is tied to working with clinical quality metrics. A “quality metric” would be something like “diabetic patients should have a glycohemoglobin blood test done within the past year (or more often).” An EHR technology should be able to present to the clinician an alert in the individual patient record stating “this patient is a diabetic, but has not had a glycohemoglobin done within the past year – he/she is due for one.” Alternatively, the EHR technology should be able to generate a report – a list – of all patients (using the same example) who are diabetics but have not had a glycohemoglobin done within the past year.

Quality metrics are widely accepted through a rigorous evidence-based process. There are two main sets of quality metrics in use: (1) PQRI (physicians quality reporting initiative), which is overseen by CMS (the center for Medicare and Medicaid services), and (2) HEDIS (healthcare effectiveness data and information set), which is developed by the NCQA (national committee for quality assurance).

PQRI measures are used for Medicare pay-for-performance, which has been in place prior to ARRA/HITECH Meaningful Use incentives. There are over 170 PQRI measures, grouped into 13 different categories. Their thrust tends to be more Medicare-focused – for example, in the Preventive Care Measures Group in PQRI includes adult/senior-oriented measures: (1) screening for osteoporosis, (2) screening for urinary incontinence, (3) influenza vaccination for patients >50, (4) pneumonia vaccination for patients >65, (5) mammography screening, (6) colorectal cancer screening, (7) screening about tobacco use, (8) advising tobacco users to quit, (9) body mass index screening, and (10) screening for unhealthy alcohol use.

By contrast, the HEDIS data set has been adopted by many HMO and other private health insurers in private-sector pay-for-performance activity. The HEDIS measures include measures more appropriate for children and adolescents (not generally addressed by the Medicare-centered PQRI measures). For example, the Effectiveness of Care domain in HEDIS includes measures such as (1) childhood immunization status, (2) immunization for adolescents, (3) lead screening in children, (4) Chlamydia screening in young women, (5) appropriate testing for children with pharyngitis, and so on – the HEDIS measures also include many of the PQRI measures, such as BMI testing, breast cancer screening, colorectal cancer screening, etc.

Because Meaningful Use incentives are being deployed through CMS, and paid out via Medicare or Medicaid channels, their assumptions on quality metrics lean towards PQRI. Not surprisingly. For EHR technology, it makes sense to start with adopting and implementing PQRI measures, and then later expanding to include HEDIS measure as well.

Diagnosis support and expert systems. Some individuals and companies, when they talk about Clinical Decision Support, are actually referring to Diagnosis Support – given a patient with “symptom set x” and with “lab test results y,” give me the likely diagnoses, with percent probabilities of each one, and recommended further testing to distinguish between them.

Companies have been trying to build these kinds of Expert Systems for many years, and have been challenged either by limited scope (“our expert system only is valid for patients with certain kinds of kidney disease”), or by limited adoption. Not being integrated into tools used day-to-day, they have been relegated, at best, to be side-bar applications. Some clinical disciplines make more use of such Expert Systems – oncology, for example, uses look-up of available newest recommended protocols for tumor x. Sometimes these systems are simply look-up portals (for example, Up To Date, which is a popular one) that allow physicians to review the current literature around a given situation.

From the standpoint of the current state of Qualified EHR Technology as defined by Meaningful Use, however, “clinical decision support” is not referring to using Expert Systems. It is referring to implementing compliance with Quality Metrics.

Systematic use of Quality Metrics (regardless of which measure set is used) will go a long way to improving general health care quality. One of the reasons for less-than-top-quartile quality seen in U.S. healthcare (compared to that of other developed countries) is the lack of tools that allow physicians to measure their own quality performance at the point of care. Including these kinds of features in modern EHR technology is part of the vision of a transformed healthcare system.

Robert Rowley, MD
Chief Medical Officer, Practice Fusion, Inc.

Recently, I argued that volatility in the EHR market affects all vendors in the sector, and that large size does not shield companies from market-disruptive trends like technological innovation (Web-based EHRs), new business models (free), and the remarkable new vision for HIT that has been articulated by ONC and CMS in the form of EHR Certification and Meaningful Use criteria, respectively.

Large companies like Bear Stearns, Lehman Brothers, AIG and GM either disappeared or required massive government bailouts to survive last year’s financial crisis, for example. And General Electric—which markets the Centricity EHR—nearly died during the crisis as well, due to severe underperformance in its financial services division.

No one knows what would have happened to Centricity had GE tanked, but service levels and product update schedules may have been affected, perhaps severely.

What is worse, it appears that Centricity users and GE shareholders may have been mislead by company executives during the crisis, according to assertions made recently by former Treasury Secretary Henry Paulson.

In his new book, "On the Brink: Inside the Race to Stop the Collapse of the Global Financial System," Paulson claims that GE’s CEO Jeffrey Immelt repeatedly reassured shareholders that it could access credit markets and refinance its enormous debt, even as he expressed serious concerns about these matters to Paulson in private meetings.

Paulson claims that during at least 4 such encounters, Immelt expressed doubts about GE’s short-term debt—known as commercial paper—and implored Paulson to extend government programs to cover GE’s guarantees against the debt.

For example, on September 15, the day Lehman Brothers tanked, Paulson wrote that he was "startled" when Immelt told him directly that GE was essentially unable to sell short-term debt "for any term longer than overnight."

The day before, GE sent investors a letter saying its ability to sell commercial paper was "robust."

Paulson's assertions could complicate GE’s defense in several civil court cases brought by shareholders, who claim Immelt and others mislead investors about the company’s finances during the crisis, a direct violation of SEC laws.

GE denied the allegations in a statement obtained by the Washington Post.

"During the period in question, GE confirmed through its public statements the widely known fact that the CP (commercial paper) markets were under great stress. The company also disclosed that, despite this stress, it was able to meet its funding needs throughout the crisis," GE’s statement said. "In these circumstances," GE told the government "market intervention was important."

Paulson’s book is based on call logs and his own recollections. There are no recordings or documents that support or refute his assertions.

In his book, Paulson claims he took Immelt’s pleas to heart and subsequently helped convince FDIC Chairman Sheila Bair to extend traditional commercial bank protections to financial institutions like GE Capital. Not long thereafter, the FDIC guaranteed more than $70 billion in GE debt, including the short-term commercial paper it needed to cover operating costs.

The shareholder lawsuits focus on the circumstances surrounding GE's sale of $15 billion in stock shortly Lehman tanked. In support of that public offering, GE filed documents with SEC in which Immelt said, “We continue to successfully meet our commercial paper needs."

The sale was successful, but GE’s stock price continued to nosedive and billions of investor dollars evaporated as a consequence.

By the way, Immelt and Paulson are no strangers to each other. Paulson headed Goldman Sachs before taking over at Treasury. Goldman had long served as GE's investment banker. "I've known Jeff for years," Paulson writes, "and admired the cool, unflappable demeanor he had displayed as CEO of the biggest, most prestigious company in America."

Let's Be Clear: Large EHR companies--prestigious or otherwise--should not expect government bailouts as the EHR market shakes out over the next few years. In fact, ONC’s and CMS’ visionary rule-making, and their subsequent efforts to maintain vendor neutrality stronly suggest that the Feds will let the market decide which EHR vendors will live and which will not.

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion