Earlier this year, ”The Daily Show” host Jon Stewart aired an entire segment on the lack of interoperability between the electronic health record (EHR) system used by the US Department of Defense (DOD) and that of the US Department of Veterans Affairs (VA). Stewart pointed out that, while this might be expected between competitors in the private sector, it’s “not the relationship you expect from the part of the government which takes care of our disabled veterans and the part of the government that creates them.”

Gallows humor aside, Stewart’s nearly-seven-minute segment had an effect. Following subsequent coverage by Nextgov.com —“Did Jon Stewart Foil the Pentagon’s Health Records Plan?”— it appears the Military Health System has halted their plans to beef up the Armed Forces Health Longitudinal Technology Application (AHLTA), possibly opting for the Veterans Health Information Systems and Technology Architecture (VistA) to become the EHR for both the DOD and the VA.

What does this all mean? First, the idea of digital health being a means to improve health care has gone mainstream. Second, you no longer have to be in the health care industry to realize there is an inherent need for improved interoperability.

A Common Goal to Bring Data Interoperability to Health Care

It’s great to see efforts toward better health care data interoperability in the private sector, especially by the recently formed CommonWell Health Alliance, a non-profit organization represented by athenahealth, Allscripts, Cerner, Greenway, McKesson and RelayHealth. These health IT vendors are working to create industry-wide access to patient health information by the use of existing unique identifiers, such as a patient’s cell phone number, e-mail address or driver’s license. This effort by six of the nation’s more prominent health IT providers will certainly go a long way toward fostering EHR interoperability and leveraging the value of digital patient data.

A Call for Unique Patient Identifiers

The government could also play a key role in enabling interoperability in the private sector, but there’s a missing piece: Congress has actually prohibited the Department of Health and Human Services (HHS) from establishing standards for that unique patient identifier. In his petition to the Obama Administration, health IT evangelist, Brian Ahier points out that Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996, which included provisions requiring HHS to “adopt national standards for electronic healthcare transactions” and “a standard unique health identifier for each individual, employer, health plan, and health care provider for use in the healthcare system.”

But, in 1998, Congress passed a law that prohibited HHS from spending any funds to promulgate or adopt any final standard for an individual’s unique health identifier until legislation is enacted approving the standard.

The Healthcare Information and Management Systems Society (HIMSS) has identified cost savings and safety benefits associated with a unique patient identifier and has recommended to Congress that they should permit HHS to develop standards—especially if doing so could increase efficiencies and prevent medical errors. As further pointed out by HIMSS:

“in the absence of a nationwide patient data matching strategy, the states, HIEs, large health plans, various consortiums, and individual electronic health record vendors have had to develop individual patient identity solutions that do not necessarily work well across systems. As our nation moves forward with greater urgency toward system-wide health information exchange, this essential core functionality to ensure the accurate match of a patient with his or her information remains conspicuously absent. The multitude of different solutions and the lack of a national coordinated approach pose major challenges for our health information infrastructure and result in millions of dollars of unnecessary costs. Patient safety, privacy, and security depend on getting this core element right, and soon.”

While the creation of a national unique patient identifier may not be in the immediate future (the petition had just over 100 signatures of the 100,000 required at the time I started writing this and is no longer listed on petitions.whitehouse.gov), it could complement and amplify the efforts of the CommonWell Health Alliance.

Maybe if Jon Stewart were to feature the equally challenging situation that the private sector faces with health care data interoperability, we just might see a change in government position and actions here, too.

Paul Sonnier is the Head of Digital Health Strategy at specialty consulting firm Popper and Company, Founder of the 17,000+ member Digital Health group on LinkedIn, an XPRIZE judge for the Nokia Sensing XCHALLENGE, and a mentor at digital health startup accelerator Blueprint Health.

I recently connected with the HL7 Standards blog’s Chad Johnson (@OchoTex) for a fun “5 question” Q&A. We touched on CommonWell, the athenahealth Code of Conduct, cloud security, the unique characteristics of athenahealth culture that allow us to be so engaged in policy conversations, and the always-around-the-corner “Big EMR Switch.” I’ve included some highlights from our conversation below, but you can also check out the full interview.

If you feel compelled to ask, “Dan, how much did you pay Chad to ask these softball questions?” that would not be an unfair question. But I assure you, Chad came up with these all on his own.

1. What do you think the CommonWell Health Alliance will have accomplished a year from now?

When it comes to CommonWell, “where will you be in a year?” is exactly the correct question. The first stage of the Alliance is a one-year pilot program, to test the basic assumptions about the model and ensure that it works the way the founding companies intend. At the end of that first year, we expect the members to be sharing data between and among their systems. If we didn’t expect that, athenahealth would not be involved. A lot of work will go into making that happen.

The CommonWell Health Alliance represents a real effort to snap together some of the vertebrae to create that national information backbone. After years of annual conferences where executives of the big electronic medical record (EMR) companies stood up and solemnly pledged to solve the interoperability problem that still plagues health IT, this year at HIMSS some heavy-hitters finally took a tangible step toward that goal. We’re pleased and excited to be a part of that. We view it as a step more than a solution in and of itself, but it is an important and necessary step.

2. What struck me as interesting about the Code of Conduct was the first provision, which is a vow to pay for and facilitate the transfer of a provider’s clinical data if they choose another EMR vendor, which can be a huge endeavor. Why did athenahealth think this challenge was necessary? And do you think your competitors will sign on?

Here’s the thing about our proposed Health Information Industry Code of Conduct: it isn’t a challenge. We aren’t daring our peer companies to sign on; we’re asking them to agree to a core set of very simple principles that we believe can, if broadly adopted, help pull our industry into the 21st century. No legalese, no weasel-words, no out-clauses. Just five basic principles that we think and hope our industry can get behind. When one of our peer companies signs on we put its logo right up there on the signatory page with ours. It isn’t supposed to be “an athenahealth thing.”

Because we were able to ask ourselves a simple question–what basic propositions do we think could materially impact our industry?—and then reduce those principles to a clear, concise, one-page document, we think we managed to put forward a proposed Code that is easily understood, broadly appealing, and capable of attracting support from a wide range of forward-thinking industry stakeholders. We are also able to push on our industries in a way that consensus groups cannot do.

The provision you asked about is a perfect example. We believe absolutely that no doctor should be locked into an EMR out of fear of having to lose his or her clinical data, or having to start from scratch with a new system. That kind of ‘lock-in-by-incompetence’ model wouldn’t be accepted in any other industry in 2013. It should not be accepted in health care. A company that is confident in the quality of its services should have no problem committing to pay for data transfer for a client who decides to move on.

3. Security is a prime concern in health IT and cloud offerings are often the target of criticism. John Halamka even described it as “your mess run by someone else.” What steps are you taking to assure your clients and prospects that clinical data is just as secure in the cloud as it is in a hosted solution?

Done correctly, cloud-based services are “your mess, cleaned up and run by someone else.” Underlying the athenahealth vision is a basic approach that characterizes every service we provide to doctors, and every service we contemplate providing in the future: we look constantly for new and better ways to take administrative burdens out of care provider workflows so that they can concentrate on patient care. It allows us not only to organize our clients’ information but also to actually do the work for our clients, in real time. Moreover, while we’re doing that work, our clients have real-time, always-available access to their information. The impact of that difference in approach cannot be overstated. Cloud services aren’t an alternative to a hosted solution. Cloud services are a different proposition entirely.

As to security, clinical data is not “just as secure in the cloud as it is in a hosted solution.” Assuming one is dealing with a competent, responsible cloud provider, it can be more secure. Do a Google search for news stories on health data breaches and you find story after story reflecting the same basic incident patterns: institutions printing out medical records and losing track of the paper, which no technology can solve; and human beings misplacing portable media (laptops and thumb drives) containing PHI. Cloud services obviously eliminate the possibility of the latter because protected data is stored remotely, on highly-secure servers, not locally on any media that can be left in a cab.

4. athenahealth representatives seem more willing than other EMR vendors to engage in public conversations and “make waves.” That’s definitely refreshing, but I imagine it causes your marketing team to stock up on antacids. What is it about your company and its culture that fosters this type of open dialogue with the health IT community?

Stated simply, it starts from the top. We have a CEO, Jonathan Bush, who shoots from the hip all day long, every day. He’s the last person who would ever come down on an employee for maybe getting a little bit too enthusiastic in communicating our company point of view on the important issues impacting our industry. In fact, not only am I free to engage in the public conversations you ask about, but it is part of my job. We want athenahealth to be part of those conversations. On any number of issues, we have a point of view that is markedly distinct from—sometimes diametrically opposed to—the rest of our industry. So in a very real sense we need to be part of those conversations. We cannot rely on others to make our arguments for us.

5. I’ve read that Black Book has named 2013 the “year of the great EMR vendor switch.” Since switching EMRs is no small task — especially if the provider intends on migrating old data – do you think this prediction will come true?

I certainly hope it will. I don’t think an impartial observer would argue with the proposition that there are a lot of lousy products out there, and a lot of fed-up care providers stuck using them. In my Capitol Hill wanderings, I often say that health IT lags a decade behind the rest of the information economy. The next time you are in a doctor’s office, take a look over the check-in desk and tell me I’m wrong. In some offices, the technology being used is more than a decade behind.

I have to believe that, at some point, a critical mass of doctors will not accept that the technology they are forced to use in their professional lives is so exasperatingly inferior to the technology they (and their kids!) use in every other aspect of their lives. At that point, they will finally start to demand better of their vendors. That inevitability, in my view, is the best hope for an eventual “great EMR vendor switch.”

Of course, it would help if the government would stop paying doctors to buy static software-based technology that should have gone the way of the dodo around the end of the last century… but that is a whole other set of questions.

I welcome any and all questions regarding our work down in D.C. Comment below or find me on Twitter at @DanHaley5.

While walking the mile-long (literally) HIMSS main exhibit hall two weeks ago in New Orleans, I found it hard to avoid the conclusion that our industry is running out of words. Booth after booth, company after company, virtually everyone’s catchy slogan is a variant of someone else’s catchy slogan. Everybody is enabling something or empowering someone. Put it this way: If an attendee took a sip of beer at each appearance of the word “innovation,” he or she would be unconscious on the floor barely a quarter of the way through the hall.

If 2013 is indeed to be the year of the long-awaited HIT consolidation wave, it might be triggered by nothing more than the fact that our marketing consultants have exhausted their warehouse of available verbs.

At the athenahealth booth, I was relieved to see our long-time company slogan: “There is a better way.” In a mile-long sea of sameness, that unique simplicity was refreshing—all the more so given the strikingly convincing evidence we received this week for its veracity.

Our 2012 Meaningful Use Results
Today we formally announced that, for the 2012 Stage 1 Year 1 Medicare Meaningful Use (MU) program, an astounding 96% of athenahealth’s participating providers successfully attested. We don’t know yet how that compares specifically to the rest of our industry, but allow me to put the figure in perspective: in 2011, for Stage 1 of Medicare Meaningful Use, roughly 85% of our participating providers attested, compared to an industry average in the low 40% range.

Another telling point of reference: Last month the New England Journal of Medicine (NEJM) reported that a stunningly low 12% of eligible Medicare providers nationwide have successfully attested to Meaningful Use (find the details here). 12%!

Shortly thereafter, a counterpart of mine at one of athenahealth’s major competitors helpfully pointed out that the NEJM article only took into account attestations through May 2012. Figures through December 2012, he wrote, support an attestation rate nationally of roughly 22% of eligible Medicare providers. He typed this as if it were a good thing!

So I asked our internal big brains: Is that comparable to our athenahealth statistic? When we talk about our Medicare providers who have successfully attested, are we talking apples to apples with the national measurement? Well, I’m obliged to provide an emphatic caveat: we don’t actually track that particular metric since the true measure of our success is the attestation rate of our providers who actually participate (that’s the 96% rate above). So those big brains did some napkin calculations to come up with comparable numbers. And the figure we put up next to that 12% (or 22%) national rate is… greater than 70%.

There really is, it seems, a better way.

A Stage 3 Slowdown
In related news from HIMSS, acting Administrator of the Centers for Medicare & Medicaid Services (CMS), Marilyn Tavenner, announced that CMS will not be issuing a Meaningful Use Stage 3 final rule in 2013, as originally scheduled. Instead, they will convene a stakeholder summit in May to discuss how learning from Stage 2 should inform the eventual Stage 3 rule.

As always, we at athenahealth chafe at any deceleration in the slow national struggle for the health care system to catch up with the rest of the information economy. Contrary to many of our competitors, who insist the government is pushing too fast for standards that are too high, we believe our own results demonstrate, beyond a doubt, not only that current standards are achievable, but also that the pace of change is entirely appropriate. If, and only if, the technology providers choose to “meaningfully use” belong here in the 21st century.

As long as the government keeps subsidizing the use of technology that belongs in a museum, we will continue to see the kind of disappointing attestation rates that the NEJM featured two weeks back. Perversely, those very numbers are then used to support the proposition that the entire health care system needs to slow down and wait for HIT vendors to catch up to the modern world.

No number of flashy exhibition hall booths and catchy slogans will solve that problem. But taking a look at precisely how flexible, cloud-based services are achieving such strikingly different—and better—results is a good start.

Last week on the blog, we talked about athenahealth’s comments to the ONC’s Patient Safety Action and Surveillance Plan. As Dan Haley explained in that post, there was a major point-of-view running through our comments: To inform the industry on the “proper steps” (regulatory or otherwise) toward improving the safety of health IT, more and better information on patient safety and health IT is needed. Furthermore, the development of these proper steps must recognize the importance of fostering innovation and avoiding regulatory duplication as a means of protecting patients.

Now, Part 2 on this topic…
The “proper steps” have now been addressed. On February 13, the Washington, D.C.-based think tank Bipartisan Policy Center (BPC) released its recommendations calling for a risk-based, flexible framework that both protects patient safety and promotes continued innovation in health IT. This framework was the result of a collaboration of more than 50 health systems, provider groups, patient groups, patient safety organizations, industry experts, and health IT developers, including athenahealth. We support this proposal and are committed to implementing its recommendations and next steps.

Quick summary: A large cross-section of the health care industry just came to consensus on those “proper steps” to protect patients by fostering innovation. You can find the complete BPC report here.

Patient Safety is a Shared Responsibility
One of the most important aspects of the report is its emphasis on patient safety as a shared responsibility. Our health care ecosystem is comprised of people (e.g., clinicians and patients), processes (e.g., clinical workflow), organizations (e.g., health systems), external forces (e.g., government), and, more than ever. technology. Patient safety cannot be ensured by any single part of that ecosystem alone. HIT is just one type of technology within that ecosystem, and should always be viewed as part of the broader conversation about delivering safe and quality care, not as some separate concept that exists in a vacuum.

athenahealth takes its role in promoting patient safety very seriously. That is why we actively collaborated with myriad contributors and stakeholders in the BPC’s development of these recommendations. As former Senate Majority Leader and BPC Health Project co-leader Tom Daschle said at the event releasing the recommendations, “promoting patient safety in health IT requires national focus and public and private sector leadership, collaboration and commitment.” Leadership, collaboration, and commitment are exactly what the health care industry, including vendors, just brought to the table.

Innovation is the Key to Long-Term Patient Safety
The BPC’s recommendations make clear that continued innovation is the key to improving the quality, safety and cost-effectiveness of care. The report is not about protecting patients while also fostering innovation; it is about protecting patients by fostering innovation. The two goals are not at odds with one another.

Adoption of health IT by health care providers and hospitals is only now reaching a rate where the true potential of health IT can begin to be realized. During her opening remarks at the BPC event, Dr. Carolyn Clancy, Director of the Agency for Healthcare Research and Quality, said, “technology is not the problem, it is the solution.”

Of course, we want to assure the safety of patients through all stages of health IT adoption. But the real promotion of patient safety will come through further innovation, when we can infuse “big data” into the point of care and implement cutting-edge care protocols through the use of health IT, whether at rural one-doctor practices or massive academic medical centers.

To stifle innovation through heavy-handed regulation would be to stifle the continual improvement of the safety of health IT. As the BPC’s recommendations demonstrate, that is not the direction in which we should move. Patient safety is an imperative shared by every stakeholder in the health care system. Continued innovation is, and will always be, crucial to realizing the goal of continuous improvement in patient safety.

“The proper steps to improve the safety of health IT can only be taken if there is better information regarding health IT’s risks, harms, and impact on patient safety.”

So reads the first sentence of the “Learn” section of the Health Information Technology Patient Safety Action & Surveillance Plan, which was released for public comment by the Office of the National Coordinator for Health Information Technology (ONC) in December 2012.

athenahealth recently submitted our comments on the ONC Plan, focusing on two core themes: (1) emphatic agreement with the statement above, emphasizing the pressing need for “better information” before moving to implement a regulatory scheme that could, if not based on credible data, potentially exacerbate problems it intends to fix; and (2) the importance of recognizing that any regulation of Health Information Technology (HIT) must be “risk-based,” protecting patients while fostering innovation and avoiding unnecessary regulatory duplication.

Three core convictions underlie our comments:
1. Proper use of well-designed HIT enhances overall patient safety.
2. Regardless of the magnitude of risk to patient safety associated with HIT, all industry stakeholders should be united behind the proposition that improvement is always a goal to be aggressively pursued everywhere when it comes to patient safety.
3. Continued innovation is crucial to realizing HIT’s potential to improve patient safety (or, put another way, a regulatory scheme that stifles innovation will ultimately harm patients).

“The proper steps to improve the safety of health IT can only be taken if there is better information…”

Two things are true about the currently available data on HIT and patient safety. First, the available data is limited, largely gathered while providers’ adoption of HIT was still building. And second, the existing data strongly suggests that the risk to patients posed by HIT is quite low.

According to Institutes of Medicine (IOM), as cited in the ONC Plan, “a review of seven papers using large databases of reported errors found that health information systems were involved in less than 1 (one) percent of reported errors.” The Plan also references a more recent advisory notice by the Pennsylvania Patient Safety Authority, which “found that only 3,900 of 1.7 million reports [of adverse patient safety events] were found to involve health IT.” Of those, 81% “involved medication errors.” In other words, the Pennsylvania PSA report underscored that HIT-related events comprise less than one percent of all adverse patient safety events.

A perfectly rational response to this might be “So what?” After all, any danger to patients specifically associated with the use of HIT is a problem that must be addressed. No argument here. I cite the current data not to argue that the problem is too small to merit a response, but to underscore the need for better data on the magnitude (and nature) of risk, to avoid implementing a regulatory scheme that inadvertently worsens the risk instead of mitigating it. If the baseline from which improvement will be measured remains unmeasured, how will we know whether a future regulatory scheme makes things better… or worse?

athenahealth enthusiastically supports the elements of the ONC Plan intended to support collection and analysis of patient safety information, with the laudable goal of a “learning system” that improves continuously, based on real data and substantive analysis. We applaud ONC for its active leadership in the effort to achieve that vision. There is much in the ONC plan to like.

However…

The ONC Plan Needs Greater Focus on the Role of Innovation in Protecting Patients

As cloud-based innovators on the cutting edge of HIT, athenahealth appreciates that the ONC and its leadership consistently support private sector innovation. Indeed, ONC leadership often identifies empowering innovation as a core mission of the agency. Given that focus, the ONC Plan’s lack of emphasis on innovation is all the more striking.

As we stated in our comments,

The ONC Plan responds directly and in great detail to a set of patient safety recommendations published in 2011 by the IOM. In contrast, the ONC Plan only passingly mentions the subsequent patient safety mandate issued by Congress in July 2012. In the FDA Safety and Innovation Act of 2012 (FDASIA) Congress instructed FDA, ONC, and FTC to collaborate within 18 months to propose a “risk-based regulatory framework” for HIT that: (1) protects patient safety, (2) fosters innovation, and (3) avoids unnecessary regulatory duplication. See Pub. L. No. 112-144 § 618, 126 Stat. 993, 1063 (2012).

Although the ONC Plan is intended only to fill the gap until the anticipated 2015 implementation of the framework mandated by Congress, in many important respects the Plan is itself a regulatory framework. It considers a certification structure, post-market surveillance, and an investigation and incident resolution process, for example. As a regulatory framework (that could very well form the foundation for a lasting structure) the Plan is subject presumably to Congress’s FDASIA instruction to foster innovation and avoid regulatory duplication while protecting patients. Our thinking: The Plan should be more explicit about those intertwined imperatives.

Again, from our comments:

Continued innovation is a necessary condition for continued improvement in patient safety… If fostering innovation and avoiding duplicative regulation are not explicit objectives of the ONC Plan, there is a risk that the central objective—continuous improvement of the safety of health IT—will be eventually undermined by insufficient attention to supporting the innovation required to power that continuous improvement.

Congress’s recognition of that danger is clearly reflected in the FDASIA. The second two prongs of the three-part mandate for a risk-based framework stand essentially as a Hippocratic Oath for would-be HIT regulators: “First, do no harm.” We strongly urge that this concept should be integrated more explicitly and fully into the ONC Plan.

The athenahealth Commitment
athenahealth is deeply committed to patient safety. We strive every day to be our clients’ most trusted service, a status we cannot hope to maintain without unflagging dedication to safety and continuous improvement. And, of course, we have first-hand interest, as we and our families are often patients ourselves.

That is why we have an athenahealth team dedicated 100% to patient safety. It is why we are actively involved in a patient safety collaboration under the auspices of the respected Bipartisan Policy Center (stay tuned for more on that soon). It is why we have committed publicly to affiliate with a Patient Safety Organization within a year.

While we strongly believe that our services significantly enhance patient safety—a belief that finds ample support in the ONC Plan—we strive always to improve that safety and recognize that, in a dynamic system, the impossibility of perfection maintains constant room for improvement.

The ONC Plan represents a good first step toward the much-needed goal of measuring the patient safety risks and benefits of HIT. Greater focus on that objective, and on the crucial need to foster innovation while mitigating risk, will ensure that the next steps taken are the “proper” ones.