Latitudes and longitudes
The U.S. health care community is not alone in its struggles with privacy, standards and other challenges to the health
information technology agenda
- By Bob Brewin
- Sep 12, 2005
As countries worldwide start to develop national electronic health record (EHR) systems, the hope is that those systems will help eliminate medical errors and save lives as well as increase efficiency. Yet countries face common challenges with policies, standards and technologies.
E-health leaders and industry vendors believe they can find common solutions to what they see as global rather than national challenges.
Dr. David Brailer, national coordinator for health information technology at the Department of Health and Human Services, said he agrees that the challenges facing health care IT are indeed global, and the United States can learn from other countries.
The nation, Brailer said, "can learn a lot about technical architecture" from the Connecting for Health project of the United Kingdom's National Health Service (NHS), which awarded contacts for a nationwide e-health system two years ago.
Dan Garrett, vice president and managing partner of Computer Sciences Corp.'s Global Health Solutions Division, which has a $1.7 billion contract from NHS to provide an EHR system in the North West and West Midlands regions of England, said he agreed, adding that countries working on EHR systems "don't have to reinvent the wheel."
The United States, for example, is interested in developing a patient identifier system based on a master patient index rather than unique health ID numbers. This concept, new to many people here, is old hat in New Zealand, which has had such a system in place for two decades, said Debbie Chin, deputy director-general of corporate and information at the New Zealand Ministry of Health (see "Master index pitched as patient ID alternative").
But the exchange goes both ways.
Dr. Ian Reinecke, chief executive officer of Australia's National E-Health Transition Authority (NEHTA), funded and backed by the Australian federal, state and territorial governments, sees definite similarities between the United States and Australia in the need for both governments to develop standards and define terms of EHR interoperability.
Both Australian and Canadian health IT experts would like to follow the example of the United States in licensing a standardized clinical terminology database.
In 2003, HHS signed a $32.4 million agreement with the College of American Pathologists to license its Systematized Nomenclature of Human Medicine Clinical Terms database, and HHS plans to make the database freely available to U.S. health care organizations. Reinecke said Australia could take such an approach in developing what he calls a common language for health care.
Richard Alvarez, chief executive officer of Canada Health Infoway, the federally funded nonprofit corporation spearheading e-health in Canada, views e-health as a "global initiative" that requires nations to share knowledge to help solve common problems. "We all need to learn from each other," Alvarez said.
Health IT leaders and vendors take this global view beyond talk. They make the effort to travel globally to exchange ideas. For example, Richard Granger, director general of the Connecting for Health project, has spoken at e-health conferences in the United States, Canada and Australia. Experts' conversations range widely, but inevitably certain themes surface repeatedly, including legislation, funding and public support. But the most common topic is privacy.
The primacy of privacy
Global leaders agree that if e-health systems are to succeed in their respective countries, patients must be assured that the privacy and security of planned EHR systems are the key elements of their design and use. "We have to get privacy right or it's not going to happen," Reinecke said.
The Australian press criticized EHRs because of questions about the privacy and security of pilot projects in Tasmania and New South Wales, which began in July.
New Zealand's Chin said the privacy and security of EHRs are major issues in her country, too. She added that health officials have a strong duty to ensure that information about a condition such as mental illness remains confidential and protected.
Mike Leavitt, HHS secretary, has made privacy and security of EHRs the primary goal of plans to develop a nationwide system in the next decade.
Brailer said privacy is the first principle governing development of a National Health Information Network (NHIN).
Privacy activists in the United States agree that Brailer and HHS need to put privacy first.
In a letter to Brailer earlier this year, Linda Ackerman, staff counsel at Privacy Activism, and Beth Givens, director of the Privacy Rights Clearinghouse, wrote, "in order to be effective, a national network of health records would have to include all available data on individuals in a system: examinations by any health care provider, including mental health providers, surgeries and other procedures."
This "staggering amount of information," the letter states, "would be considered extremely private by most people." Ackerman and Givens go on to say that a key barrier to NHIN "is whether the privacy and security of so much information can be maintained."
But Brailer has a different perspective. He believes EHRs are far more secure and provide more privacy than paper records, which are often left stacked at nurses' stations in hospitals or in physician offices, where even janitors could flip through the records.
E-records, on the other hand, will have built-in access controls and audit trails, he said.
Consumers have far less faith in the privacy or security of EHRs, according to a poll conducted in the United States earlier this year by the Center for Social and Legal Research and Harris Interactive.
Alan Westin, director of the center's Program on Information Technology, Health Records and Privacy, told a meeting of the National Committee on Vital and Health Statistics that the poll showed that 70 percent of Americans are concerned that sensitive medical information might be leaked because of weak data security. Sixty-nine percent worry that medical information could be shared without their knowledge, and 65 percent believe EHRs could increase rather than decrease medical errors.
The survey also indicated a close to even split in public opinion on whether the benefits of EHRs outweigh the privacy risks. Westin said 49 percent of respondents believe the benefits outweigh the risks, while 47 percent said the risks outweigh the benefits. The remaining 4 percent were undecided.
A tough sell
It's a slightly different story in Britain, which is further along with EHRs, but the same concerns surface.
Three out of four people surveyed by research firm YouGov for the British Medical Association (BMA) said they would not mind a central computer system holding their health information. But 75 percent of respondents also said they have concerns about information security, and 81 percent worry that people other than health care professionals could access their information.
"Patients recognize the value of having their health record held centrally but are concerned about who will have access to it and for what purposes," said Barbara Wood, co-chairwoman of the BMA's Patient Liaison Group.
The United Kingdom's NHS is in the second year of a 10-year, $20 billion EHR project. Connecting for Health will provide 50 million NHS patients in England with EHRs that are accessible by about 30,000 doctors.
Westin said the results of his survey indicate that HHS faces a tough job selling EHRs to the American public.
"If a national [EHR] program is to get anywhere with the American public and ... with Congress and the state legislatures asked to appropriate big bucks for [EHR] projects the half of the American public that say privacy risks outweigh the benefits will have to be persuaded," Westin said.
Both Brailer and Reinecke used the same phrase to describe what they need to do to convince a citizens reluctant to embrace EHRs: They said their agencies need to engage in a "social dialogue" to win over public opinion.
Australia, Canada and the United States must deal with privacy laws not only on a national level, but also on a state, territorial or provincial basis.
The thicket of laws and regulations is further compounded by privacy policies within institutions, such as insurers, hospitals and medical practices. The United States has taken the most organized approach to trying to determine how to develop an interoperable EHR within this legal and regulatory jungle.
By the end of this month, HHS plans to award a contact valued at $11.5 million for privacy and security solutions for an interoperable health information exchange.
The winning contractor will work with at least 40 state or territorial governments to examine the impact of their business policies and state laws on security and privacy practices and assess the degree to which they pose challenges to a national health network, according to HHS' request for proposals.
In a conference call with potential bidders, Brailer emphasized that the contract will serve at the intersection between privacy and technology. The privacy contract dovetails with contracts HHS plans to award in September for developing six prototype NHIN architectures, Brailer said.
One of the key goals of the privacy contract is to determine "how we can make data available in a way that still preserves flexibility and protects data privacy," he said.
The involvement of individual states is critical in the privacy contract, Brailer said, because "we don't want to see the dialogue begin by saying, 'What should Washington do about the problem?' We want to be able to see what could be done and that's able to be done by the states."
The economics of interoperability
Assuming the United States and other countries are able to allay public concerns about the privacy of EHRs, they still face numerous political challenges to their adoption, not the least of which is the development of EHR standards.
Interoperability and standards are global issues, Brailer and Reinecke have said, with both the United States and Australia benefiting from progress made by the United Kingdom in developing Connecting for Health's technical architecture.
Both countries plan to use the market power of government health organizations to push standards development, which Brailer said suffers from too many ambiguous standards (see "Mixing, matching and missing," Page s34).
Canada is beginning to take a hard line on interoperability. Alvarez said that Canada Health Infoway will no longer accept vendors' assertions that they have interoperable e-health software. Before Infoway awards a contract, Alvarez will require companies to demonstrate their products' interoperability and standards compliance at a lab Infoway is setting up in partnership with the Centre for Global eHealth Innovation, which is backed by the University Health Network in Toronto.
Brailer said that until recently health IT vendors developed proprietary systems based on a business model that worked for them. But he suggested that those vendors might want to emulate the approach taken by the wireless local-area network vendors and its standards-setting body, the Wi-Fi Alliance. Brailer said standards turned wireless from a niche technology into a mass-market phenomenon, to the benefit of every vendor in the industry.
Brailer said he believes that standards and the development of certified EHR systems could help spur widespread EHR adoption in the United States, where only 20 percent to 25 percent of the country's 650,000 doctors use EHRs due to high costs, which run into the thousands of dollars.
New Zealand has a population of about 4 million people, yet 80 percent of the country's estimated 9,000 doctors use EHR systems, said Ian McCrae, president of Orion Systems International. The company's products are widely used in that country, in Australia and in Alberta, Canada, where Orion has a contract to provide a province-wide EHR system.
New Zealand has such a wide adoption rate because a competitive market has driven down monthly licensing costs to about $100 per general practitioner for EHR software offered by the roughly half-dozen companies active in the New Zealand market, McCrae said.
HealthLink, a company in which Orion owns a majority interest, has established a nationwide network to pass clinical information to and from physician and hospital EHR systems on an equally affordable basis, said Tom Bowden, HealthLink's CEO.
HealthLink, which uses the Health Level 7 standard to ensure interoperability, charges about $50 a month for its basic service, which includes 128K encryption and digital certificates, with an additional $13 for the same service operating over a virtual private network, Bowden said.
HealthLink has signed up about 4,000 physicians for its service in New Zealand and about 3,000 in Australia, Bowden said. Both Orion and HealthLink planned to bid on the U.S. NHIN contracts, but McCrae and Bowden declined to say if their companies would act as prime contractors.
In an effort to stimulate EHR adoption by physicians, the Centers for Medicare and Medicaid Services started providing open-source software for a nominal fee in August. It is based on the Department of Veterans Affairs' Veterans Health Information Systems and Technology Architecture (VistA) software.
Capt. Cynthia Wark, acting deputy director of the information systems group at CMS' Office of Clinical Standards and Quality, said CMS wants to use the new VistA-Office software, developed in conjunction with the VA, to remove cost as a barrier to EHR use. Wark estimated that VistA-Office could save doctors as much as $20,000, the cost of commercial software for a small clinical practice.
Reinecke said he expects open-source software to play a role in the country's nationwide EHR system and cited openEHR software backed by the Australian company Ocean Informatics, as one likely open-source candidate for Australia.
Canada, on the other hand, has all but ruled out the use of open-source software.
Speaking at a conference in May, Alvarez said open-source software was not mature enough for systems he described as "the lifeblood of our way of doing business."
Likewise, Granger shut the door on the use of open-source software in the Connecting for Health project. Speaking at a conference in Toronto earlier this year, he called open-source software "a good competitive instrument" that helped him drive a better bargain with Microsoft, whose software powers NHS' desktop PCs.
A global imperative
Still, the economics of health IT remains daunting, officials say.
Granger said large-scale e-health projects worldwide face a shortage of health IT professionals. He said can't find enough skilled personnel who understand the complexity of clinical software systems and the process change they require.
Alavarez said the biggest challenge he faces is competing for funding in a dollar-starved health care market, which requires convincing stakeholders that it is more worthwhile to put money into an EHR system they cannot see or touch rather than patient beds.
"We have to convince all the stakeholders and decision-makers that e-health is not something that would be nice to do, but something that is absolutely essential to do."
Funding at the federal level in the United States lags behind both Canada and Britain, which have much smaller population bases. While Alavarez has a war chest of about $1 billion to develop a pan-Canadian EHR system through investment partnerships with the country's provinces, Granger manages a $20 billion project. HHS had to fight to keep its fiscal 2006 health IT funding level at the $125 million requested by President Bush.
But despite funding, privacy and standards issues that still must be resolved, health IT has a national and global imperative, Brailer said.
He views health IT as a technology that will go a long way toward empowering patients, freeing doctors from the tragedies of adverse drug interactions and serving as the basis for biosurveillance systems that can track and monitor diseases and pandemics. Those benefits make the effort worthwhile.