The Kübler-Ross Model of EHR Adoption

Elisabeth Kübler-Ross, MD

For over a hundred years the paper chart has been a trusted partner and best friend to many physicians and nurses. The paper chart was born the day a new patient walked into the office, a pristine, crisp and neatly color-coded folder, with just the right markings in carefully shaped calligraphy on its covers. As the years went by, the paper chart grew in size, acquired meaning and wisdom, and like most of us, became a bit tattered around the edges and heftier in the middle. It felt good to hold the elderly paper chart in your hands and its voluminous physical presence inspired confidence and trust. The paper chart is dead. In some places the paper chart’s pages are still turning slowly, but we all know its long, productive life has come to an end and someone should pull the plug and call it. Or do we?

In 1969 Elisabeth Kübler-Ross proposed a 5 stage model for typical grieving behavior. The various reactions from the clinical community to the apparent demise of the paper chart exhibit almost textbook adherence to the Kübler-Ross model, with each clinician advancing through the five stages of grief at his/her own pace*.

Denial – This is a joke. These people don’t understand medicine and this entire Obamacare thing will soon go away and we’ll return to normalcy. My practice is doing just fine on paper and my patients get all this fancy medical home care right here and always had. They actually get better care. Besides, I have patients to see and I am too busy to tinker with these fads that come and go every five years or so.

Anger – This is a cruel joke. This EHR thing is just a government ploy to punish doctors and enslave them. There’s nothing in this for me and you want me to pay for it?? We are all going to stop taking Medicare, Medicaid and all your government plans, which don’t even pay for my receptionist, see what you do then. Heck, why stop there? There will be no doctors left, period, because nobody is going to accept such humiliation and no bright students will choose medicine as a career. We can all do much better doing other things. I didn’t go through ten years of medical school and residency and pissed my entire youth away just so I can become your personal data entry clerk. You want data? Enter it yourself and feel free to treat yourself too. Go Google it, or go to an NP at the grocery store. Not to mention that these EHR contraptions are killing thousands of people every day because nurses are tending to EHRs instead of patients. Is that what you want? Suit yourself. I’m out.

Bargaining – This is not happening to me. This does not have to happen to me. I am a doctor. If I stop playing their game, they’ll have no way to touch me. I will only take cash, at least for a while, until this thing blows over. My patients love me and I will take better care of them than any computer can. They know that. They are willing to pay for a true doctor/patient relationship and my undivided attention. I have friends that switched to concierge practice and they’re doing great. I’ll practice good medicine, and in time everybody will come to their senses and see that this is the right way to care for people. They will see the errors of their way and everything will be back to normal. I just have to make it through the next couple of years.

Depression – What’s the point? Why did I have to sacrifice my entire life and work like a dog for these ungrateful people? There’s no respect any more. There is no gratitude. There’s no money in this either. I should have gone to law school and spent my time ripping everybody off like those shyster lawyers do every day. They want me to be a cog in their Toyota production line for people. I don’t know anything about computers. I can’t even type. Why should I? Doctors don’t type. There is no point. Can’t even give this practice away, let alone sell it; might as well just walk out right now. I have a little money. I don’t need to work. I’ll retire early. I’ll play golf all day. Maybe go into consulting for those thieving insurers. One thing’s for sure: no child of mine is ever going to medical school. It’s over. 

Acceptance – This EHR is really primitive. Costs a fortune, but the hospital kicked in for most of it. They want to measure my performance; fine with me. I’m a good doctor and I take good care of my patients. I don’t like using the computer in the exam room. My nurse does though, but you should see her texting, and my receptionist says it’s better than the old system. I wish I could get the hospital labs, but they’re still faxing them over. They say it will get better. I don’t know. I have an iPhone and it has an app for medications, which is really nice. I have email and some patients use it. Not too many, but it’s nice too. I signed up for this new telehealth program starting in the fall. My father practiced for 40 years down in the valley. He wasn’t home much, but sometimes he took me along on house calls. Saw the first baby born when I was eight. I don’t think you can deliver a baby on telehealth, can you? Well maybe if there’s a midwife out there and you watch just in case… Never mind. I love practicing medicine. It’s hard right now, but I think I have another ten-fifteen years left in the tank, and if it gets much tougher, maybe I’ll just go work for the hospital. They already have my charts anyway.

But here’s the deal, folks: the chart is not really dead. It just underwent major reconstructive surgery. It has new legs and new organs and a new face, because, unlike people, they can do that for charts nowadays. Sure, it looks terrible right now, all stitched up and bruised and so very helpless, hooked up to wires and machines. It can’t do anything for itself. It moves slowly and sometimes just collapses under its own new weight. You will have to teach it how to use its new legs and train it to engage all those brand new bionic organs. It will take time and lots of physical therapy. It is a big commitment and there will be setbacks and more surgeries down the road. You could just walk out and leave it to its fate and to others to nurture it back to a useful life. Or you could take it home and tend to it, and every day be amazed at small miracles and watch it slowly get stronger, better and more beautiful, surpassing your wildest expectations, until it becomes the indispensable, trustworthy  and useful friend it always has been, with a brand new lease on life for you both.

*All first person utterances in this post are fictitious. Any resemblance to what anybody may have said or communicated to the author during times of great frustration is purely coincidental. 

Shared Sacrifice

The Internet is abuzz with Attestation fever. CMS has officially opened its website service for physicians and Hospitals to attest to achievement of Meaningful Use for 2011. It is expected that stimulus incentives, as mandated by ARRA’s HITECH Act, will soon be flowing out to the new Meaningful Users to the tune of $20 Billion (or more) over the next five years. Meaningful Users are a very diverse population and range in scope from a solo practice in the middle of nowhere with a rickety EHR purpose bought for these incentives, to Kaiser Permanente with thousands of employed physicians, dozens of hospitals and gold-plated enterprise technology worth many billions of dollars, purchased and implemented years before HITECH saw the light of day.

Last year Becker’s Hospital Review published a list of “52 Not-for-Profit Hospital Systems to Know”. Those are the largest and most excellent integrated health delivery systems in the country. Between them these 52 leaders in health care delivery have about 900 hospitals of various sizes and most have hundreds and thousands of employed physicians, both in inpatient and outpatient practice. Many of these organizations are faith based and were founded years ago with the goal of providing care and comfort to the sick. Today, these non-profit systems are leading the way in quality improvements, adoption of health care information technology and innovative ways to provide better and more cost-effective medical care, and most, if not all, have healthy and profitable bottom lines, while actively engaging in charitable contributions to their communities.

As CMS is gearing up to disburse the ARRA stimulus incentives, it stands to reason that a significant portion of the money would go to these non-profit leaders of our health care system. As anyone trying to figure out the exact amount of incentives for any given hospital knows, the exact calculations are rather cumbersome. HIMSS estimated that the Medicare incentives for a hospital could range from $3.5 million for a 75 bed facility to over $11 million for a 750 bed hospital, over the entire stimulus period. It is worth noting that, unlike physicians, hospitals can qualify for both Medicare and Medicaid incentives, significantly increasing the estimated amounts for Hospitals with a large enough Medicaid population. What follows is a very conservative attempt to estimate the percentage of the proposed $20 Billion ARRA incentive that will more than likely flow to these 52 non-profit Hospital systems.

Let’s assume that the average hospital in this group will collect only $5 Million from both Medicare and Medicaid, which puts the average hospital at about 200 beds and accounts for some hospitals that will not be able to qualify for incentives. Let’s also assume that an outpatient physician has 5000 patient visits per year (which is very high), and when encounter data is not available, let’s assume that only half of employed or affiliated physicians qualify for incentives under Medicare, and none qualify for the higher Medicaid stimulus. For very large systems, where data is not readily available, let’s assume that there are no eligible professionals and all incentives will come from the Hospital side of the house. Based on these very conservative assumptions and any 2010 annual report data found on various systems websites, here is how some numbers shape up:

• Kaiser Permanente – 35 hospitals and 36.6 million doctor visits – is looking at about $0.5 Billion total incentive payments.
• Trinity Health – 45 hospitals and about 8000 physicians – will collect around $0.3 Billion in the next five years
• Sutter Health – 25 hospitals and 3500 physicians – comes in at around $0.17 Billion in incentives
• Providence Health – 26 hospitals and 7 million visits – will qualify for almost $0.2 Billion
• North Shore LLJ – 14 hospitals and 7500 physicians – should obtain over $0.2 Billion in stimulus payments
• Intermountain – 23 hospitals and 750 physicians in their medical group – will receive well over $0.1 Billion

All in all, if we just consider the 900 hospitals these systems have in common, and ignore the outpatient payments, the total incentives due are around $4.5 Billion total. This number will go up significantly if we account for the various eligible professionals payments, running at $44,000 per physician under Medicare.

In the large scheme of things, a few Billion dollars is not that much money. Withholding those billions will not fix the deficit and will not put a visible dent in our health care expenditures. No single act of savings will solve the dire problems present in our health care system and the country in general. President Obama is calling for us all to contribute to a solution and share the sacrifices needed to rectify the situation. In a perfect world, Shared Sacrifice is not something that should be imposed by government. It should be a grassroots effort where everybody agrees to give up a little and come together in one unified force for the public good, but someone has to go first, someone has to step forward and make the first sacrifice. Today is Good Friday.

To these 52 benevolent paragons of health care, in the spirit of the selfless and saintly men and women who, many years ago, founded your organizations with the single mission of aiding and comforting the sick: Don’t take the money. 

And if you must take the money, because of irrelevant legislative technicalities, turn around and give it all to the poor and sick and needy people in your community. A few billion dollars will not solve the big problems, but a few dollars may be enough to provide a sick elderly person one more hot meal, or buy one more pair of glasses for a child so he can stay in school, or provide one more bottle of prenatal vitamins to a pregnant woman and maybe even allow for one more hospice day for a dying man. And above all, you will set an example for us all, and maybe even change the spirit of this country, so we can all do better by doing good first.

The Health Insurance EHR

Kaiser Health News recently published excerpts of an interview with the CEO of Aetna, Mark Bertolini. Interesting article and interesting subject, but one thing Mr. Bertolini said in connection with Aetna’s acquisition of Medicity, a vendor of Health Information Exchange (HIE) platforms, caught my attention: “We are as much a health information technology company as an insurer”. United Healthcare has also been engaged in significant HIT acquisitions for quite some time. They bought an EHR, Care Tracker, and an HIE vendor, Axolotl, amongst other things. According to the Aetna CEO, in order to create a system that functions properly, insurers “have to be able to provide an infrastructure”.  So is this the future? Will health insurance giants be providing insurance coverage to customers, and HIT infrastructure, including EHR software, to physicians and hospitals?

Most HIT experts are forecasting consolidation in the EHR market, which is currently fragmented into hundreds of less than optimal disparate software products, but is anybody seriously contemplating that the emerging forces in health care technology will be the payers? If you think about this for a moment, and if you remember doctors’ plight that EHRs mostly benefit payers, this outcome doesn’t seem so far-fetched. After all, selling health insurance and selling EHRs follows pretty much the same paradigm.

• Company Website – Health insurance companies have beautiful websites loaded with pictures of happy people and the cutest babies. EHR vendors have equally high-gloss websites with lots of Flash banners, happy doctors holding shiny tablets in pristine clinics, and, strangely, some also have the cutest babies and toddlers bouncing on every page. Neither one has any useful information for someone shopping for a product unless, of course, you provide them with your contact information, in which case you will be getting a very energetic sales call.
• Price Transparency – When you buy an insurance policy, all you know for sure is what premium you will have to pay every month. Most folks don’t realize until it is too late that they will have to pay for all sorts of other things that are “not covered”. Similarly, when you buy an EHR for $399 per month, little do you know that there is at least the same amount of hidden charges, and unexpected “upgrade” fees imposed whenever the vendor feels that it needs to improve its top line.
• Contracts and Policies – Health plans have notoriously long and convoluted policy documents aimed at confusing the buyer. I don’t know too many people who are competent enough to read and understand their content. EHR vendors are a bit ahead of the game here since they also have carefully staged vaporware demos and their contracts, although shorter, are as good as the payers’ policies in obfuscating real terms and conditions, which become painfully evident only when disaster strikes.
• Freedom of Choice – Most people, including the vast majority of employed citizens, has increasingly little to say about which health insurance plan they end up with. Employers, who pay a large portion of the cost, either pick a plan based on business considerations, or just self-insure. Employees are forced to do the best they can with whatever they were dealt. As more and more independent physicians are being acquired, and salaried, by large systems, they too have very little to say about what EHR will end up in their exam room. Those who are still somewhat independent, but herded into various affiliations, are rarely able to check a gift horse in the mouth and end up taking whatever the large system is providing under Stark law relaxations.
• Rationing – Health insurance is expensive. The wealthy and those with large and conscientious employers are able to gain access to fairly decent insurance coverage. Some may even have so called Cadillac plans. The poor and unemployed must shop for insurance with no bargaining power and their dollar usually buys a lot less coverage. Large hospitals and specialty medical groups can afford to buy the fancy gold-plated EHRs and they often do. Small and rural primary care practices can’t even come close to being able to afford an EHR from an industry leader. And similar to the private insurance market, a solo doc, with no bargaining power, will end up paying more than a physician in a large practice for the exact same EHR.
• Government – Unless you live on a deserted island, you know that by 2014 the individual mandate will be kicking in and everybody will have to buy insurance or pay a penalty. Also by 2014, every American is supposed to have an EHR, which means that every physician will have to buy EHR software, or pay a penalty in the form of reduced Medicare reimbursement down the road. Both regulations may be viewed as voluntary since you could choose to pay the penalty, which is much lower than the price of the mandated products. And in both cases Government proposes to determine the minimum requirements for what you can buy to avoid penalties.
• Product Design – We all know that health insurance policies are designed by bureaucrats and bean-counters to maximize payer profits, with complete disregard for patients’ lives and doctors’ advice (or at least that seems to be the common wisdom). The parallel mythology asserts that EHRs and HIT products are created by “programmers” and other “geeks” with no knowledge of, and no respect for, established clinical workflows and with the same disregard for patients’ lives and safety.
• Good Ole’ Days – Ah, those days gone by, days of beautiful simplicity, when Government minded its own business, and everybody paid for medical care out of their own pocket, except those who had nothing in their pocket. Those days of wonder when the most medicine could offer was lancing boils and mustard plasters in return for a hefty slice of rhubarb pie, and an amputation went for a couple of chickens. The olden days with hospitals run by selfless nuns in full habit, doing God’s work on earth, where the very sick were freely admitted, but nobody was ever discharged. A gentler era when people died at home from romantic ailments like consumption, surrounded by family and friends, or succumbed en-masse to plagues with mysterious “putrid” origins. The days of golden fountain pens and neatly stacked notecards in little clinics manned by workaholic doctors and spinster nurses clad in white starched uniforms.  Yeah, well, that’s over now.

We are entering the Big is Beautiful era in health care. Big government with big regulations, created in deference to big corporations, will only allow big insurers and big health care delivery systems to thrive. They will be using big computer programs with big algorithms simulating big artificial knowledge and intelligence, administering to the big needs of big populations with big risks and big payoffs. Not to worry though, big insurance has figured this all out, as evident from Mr. Bertolini’s big vision:

“We will shift risk (financial responsibility for medical costs) to the provider system. We’ll provide them cover with capital as re-insurers. We will be the Intel-inside, if you will. We have dozens of these conversations going on with major systems. We spend $400 million a year on new developments: We are as much a health information technology company as an insurer. Our U.S. health system is not really a system as much as a bunch of independent players. How do we create a system that functions properly? When my dry cleaner knows more about the whereabouts of my shirts than my doctor knows about the whereabouts of my X-rays, we have a problem. We have to be able to provide an infrastructure. ”

Yes, just like dry cleaning. We find the X-rays and we’re all good. Brilliant!

Patient-Centered EHR

The term patient-centered has become a serious contender for the most flippantly used term in health care publications and conversations. Of course meaningful use is still #1 on the popularity charts, with ACO quickly moving up, but even meaningful use and ACO are almost always accompanied by patient-centered as a way to add legitimacy and desirability to the constructs.

Even Paul Ryan’s new recipe for fiscal Nirvana is touting patient-centered health care as one of a litany of fictional achievements made possible based on an array of wishful thinking assumptions. But perhaps the most common usage of patient-centered terminology is the Patient Centered Medical Home (PCMH), which is touted as the ultimate patient friendly solution to our health care difficulties. Since PCMH is heavily reliant on Health Information Technology (HIT) to achieve patient-centeredness, and since Meaningful Use of Electronic Health Records (EHR) is being increasingly aligned with this goal, it may behoove us to explore the features and functionality that would qualify an EHR to support a patient-centered approach to health care delivery.

But first, what exactly is patient-centered health care? From reading the NCQA medical home specifications, the Meaningful Use definitions, the HIT suggestions from PCAST and the brand new ACO regulations, all of which assert a patient-centered approach, one would conclude that patient-centered care is made possible by providing all patients with timely electronic access to the entirety of their medical records including lots of patient education, electronically coordinating a multitude of transfers of care, empowering non-physicians to provide most medical care, measuring a bewildering array of health care processes and constantly evaluating and reporting on population metrics, while somehow allowing patients and families to express their wishes regarding the nature of care within the boundaries specified by each proposal. I am excluding the Ryan budget proposal here, since other than having “patient-centered” typed in various spots, there is no reference to actual health care delivery, or what is left of it after most seniors, sick and disabled folks are reduced to begging for medical care. Computers and EHRs can, and to some extent already do, support many of the above activities, but is this truly patient-centered (singular) care, or should we add an “s” and refer to a plurality of patients-centered, or population-centered, care?

In 2009 in a landmark Health Affairs article, Dr. Berwick summarized patient-centeredness as follows: “The experience (to the extent the informed, individual patient desires it) of transparency, individualization, recognition, respect, dignity, and choice in all matters, without exception, related to one’s person, circumstances, and relationships in health care” and he very much liked the Harvard maxim “Every patient is the only patient”, since it implies an “attitude of “guest” in the patient’s life, and it also expresses confidence in the feasibility and desirability of customization of care to the level of the individual”.

When articulated this way, patient-centeredness becomes more of a mindset directive for those who provide medical care and those who design health care delivery systems. There is precious little that an EHR can do to ensure patient-centered care, and most all it can do is act in a supporting role, as it always should, for patient-centered health care providers. This is not to say that the computer-enabled capabilities to evaluate, manage and measure population health indicators, such as registries and clinical process measures are not beneficial, but these computerized aggregation and management tools have almost nothing to do with the concept of patient-centeredness as expressed by Dr. Berwick.

EHRs are more than an electronic chart. Even for small practices, EHRs are also enterprise/business management software. In both capacities, EHRs can contribute their fair share to a patient-centered approach to health care. The following list is not intended as a complete EHR design document; instead it is a collection of technical features and functionalities that could be rather easily added to existing software in an attempt to help place the individual patient at the controlling center of health care provision, according to Dr. Berwick’s vision of patient-centeredness.

• Transparency – A well-documented medical record shared in its entirety with patients through a Patient Portal would go a long way to provide transparency into medical treatment decisions, but in its current form an EHR may be too lengthy and too complex for most patients (and most physicians too) to follow and comprehend. Many of today’s EHRs include patient education materials regarding a particular disease following diagnosis, a medication that was just prescribed, or a particular diagnostic test ordered. It would be infinitely more conducive to transparency if Patient Portals would include full subscriptions to such sites as UpToDate and test results documentation, including reference ranges and abnormals for each test resulted in the chart, in plain and simple language. Another patient-centered feature available in many EHRs is the longitudinal record (or flowsheet), but this is rarely, if at all, available to patients. Providing ability for patients, particularly those with chronic conditions, to obtain and customize longitudinal views of their health records would allow patients to understand how various therapies and various behavior modifications are affecting their wellbeing and their disease progression. If and when, the business side of the house allows it, EHRs can be extremely helpful with price transparency, since computers are best at calculating various options and optimizing figures. I can see price calculators sprouting up in Patient Portals allowing patients to locate and compute the most affordable treatment option for their individual circumstances.
• Individualization – I am pretty sure that Dr. Berwick was referring to much more consequential events here, but in a small way, EHRs can contribute to tailoring experiences to individual needs. For example, an EHR should know the age and education attainment level of an individual patient. As a result, it could display very little text and lots of pictures for the very young, and perhaps larger fonts and more advanced content for the retired professor, or more numeric data and statistical information for an engineer. Something as simple as making sure every graphic has an alternative textual description and every mouse action has an equivalent keyboard action, would be very helpful for patients with impaired vision. An EHR would also know if the patient started a new medication recently, so it could preemptively solicit patient input on how things are working out and provide that information back to the nurse. Generally speaking, there is a wealth of personal information in an EHR that with some creative thinking could be used to provide individualized experiences to each patient.
• Recognition, Respect, Dignity – These are a tall order for a piece of software to facilitate. Nevertheless, there are little things that could help. Even the most thoughtful clinician cannot remember everything about each patient at all times. How about allowing the patient to insert one short reminder in the EHR, to be displayed each time someone opens their chart? A simple thing like “scared of room with clown picture” will save mom, baby and doctor a lot of trouble during a routine visit. Or relating to Dr. Berwick’s fear of being called Donald by an anonymous nurse in a hospital, a chart could have a little reminder to address the patient as Dr. Berwick or Don. Trivial to implement. And here is something to alleviate the “anonymous nurse” problem. Remember those patient photos that every self-respecting EHR has in the chart? How about having photos of all treating clinicians also display in the patient chart? Most folks have no trouble remembering what their doctor looks like, but if the patient is very young, or very old, or in the care of many specialists, it may be very helpful at times to have a visual record handy, and this is trivial to implement as well.
• Choice in all matters without exception – EHRs cannot make policy, but as described above they can aid patients with obtaining information to make the choices allowed by the system they find themselves in. It is important that the information provided to patients through EHRs should have no administrative bias, and I would prefer an unedited, reputable third party source. For example if a brand new ACO decides to cut expenses by increasing utilization of palliative services, patients should not be covertly influenced to forgo other, more expensive, options with a carefully selected collection of education materials. Basically, EHRs should maintain integrity of clinical information and not allow management manipulation of vulnerable patients for financial gain. I believe regulatory intervention should be required.
• Related to one’s person – The first thing that comes to mind here is advanced directives, and Meaningful Use is moving in the direction of requiring all EHRs to have the capability of creating and storing advanced directives. Coupled with advances in information exchange, this feature should ensure that folks are treated the way they want to be treated when the end is near. Much care needs to be exercised when those directives are available to the patient and his/her family online to create and modify.
• Related to circumstances – Most privacy and security minded EHRs have a mechanism for allowing physicians emergency access to records for patients who are not under their care. This type of access, termed “breaking the glass”, is logged and audited to prevent improper access. Patients have emergencies too and many times they don’t know who to call or what to do. This is not about the 911 type of emergency, or the midnight earache when one can call the exchange. This is about truly unusual circumstances, when you know something is very wrong, perhaps during a hospital stay, and speaking with your physician or surgeon is imperative. EHRs could provide this safety valve, with appropriate telephony forwarding rules and controls to prevent abuse.
• Related to relationships – By definition relationships are between people, but once relationships are selected, EHRs can help solidify and formalize their existence. For example, the original PCMH definition listed a personal physician at the top of the list of core features of a PCMH. Although the current NCQA requirements for PCMH certification do not explicitly pose this requirement, an EHR can help an individual patient who is fortunate enough to have a personal physician make good use of this feature. An EHR should display the personal physician name on every screen where patient specific data is displayed. All patient data should be tagged with the personal physician identifiers for purpose of clinical data exchange so that anyone viewing a patient’s records will immediately know who is the patient’s trusted advisor, advocate and representative, and where all medical information needs to be sent. The originating EHR should automatically copy all orders, results, procedure notes, admissions and discharges to the personal physician.

Finally, remembering that “every patient is the only patient”, we need to consider what EHRs should not be allowed to become. EHRs should resist the temptation of surrounding physicians with layers and layers of electronic data and communications, until each patient becomes nothing more than another blip of bits and bytes in an endless stream of the same. EHRs should not be constructed with a primary mission of collecting research and evaluation data points, either about patients or their doctors. Those who build EHR software, and those who regulate what is being built, should remember that if a treating physician is a guest in a patient’s life, researchers, population managers and governments are very much uninvited guests, and as such should humbly wait by the door, hat in hand, and respectfully accept whatever patient-centered care can spare for their secondary uses of data.

The ACO Rules & Privacy

One day before the first of April, HHS published the much anticipated rules defining the creation and operations of Accountable Care Organizations (ACO) spanning 429 pages of business regulation, analysis of various options available, proposed solutions and ways to measure and reward (punish) success (failure) in achieving HHS seemingly incompatible goals of providing better care for less money. I am fairly certain that health policy experts, health care economists and the multitude of industry stakeholders will be dissecting and analyzing the hefty document in great detail in the coming weeks. I started reading the document with an eye towards the ACO implications for HIT, which as expected are many, but something on page 108 made me stop in my tracks. HHS is proposing to share personally identifiable health information (PHI) contained in Medicare claims with ACO providers unless patients “opt-out”.

Beginning on page 108 and through 22 pages of tortured arguments, HHS makes the case for the legality and benefits of providing ACOs with PHI contained in Medicare claims, unless the patient actively withdraws consent for this type of transaction. The argument for the legality of claim data sharing rests on the nebulous HIPAA clause which allows disclosure of PHI for “health care operations” within a web of covered entities and business associates connecting the ACO with Medicare and other providers of health care services for a particular patient. HHS is proposing to make available four types of medical information to participating ACOs:

1. Aggregated Data, including ACO generated and non-ACO generated data, stratified and analyzed to obtain quality measures, population risk scores and indicative behaviors such as emergency room visits, hospital discharges, prescriptions and physician visits. Although this data is presumably de-identified, in a small ACO with 5000 patients, it shouldn’t be too difficult to attribute this data to particular patients. HHS proposes to provide such data to ACOs on a quarterly basis.
2. Four Personal Identifiers – name, date of birth, gender and Medicare ID – for all historically ACO-assigned patients included in the aggregate data reports above. To circumvent the Privacy Act which prohibits Federal records systems from disclosing identifiable information without written permission, HHS is invoking the allowed exception for purposes of “routine use”, which requires a notice to this effect to be published in the Federal Register, after which these four identifiers may be released without consent.
3. Personally Identifiable Claim Data – Here HHS is proposing to provide participating ACOs, upon request, Part A and Part B claim data on a monthly basis. The data elements that will be provided are: “procedure code, diagnosis code, beneficiary ID; date of birth; gender; and, if applicable, date of death; claim ID; the from and thru dates of service; the provider or supplier ID; and the claim payment type”. This data will be provided for patients who have had a visit with a primary care physician participating in an ACO during the performance year. Alcohol and substance abuse records are excluded from disclosure.
4. Prescription Data – A subset of Part D medications claims data is also proposed to be disclosed similar to Part A and Part B data above. The minimum set includes “beneficiary ID, prescriber ID, drug service date, drug product service ID, and indication if the drug is on the formulary”.

The first two disclosures (aggregated data and the four identifiers) are proposed to occur regardless of patient consent or lack thereof. The ACO rules propose an opt-out mechanism for patients who want to prevent disclosures in items #3 and #4 above, and it seems that the opt-out option is not a legal requirement, instead it is based on a belief system at HHS: “Although we have the legal authority within the limits described previously to share Medicare claims data with ACOs without the consent of the patients, ………. We nevertheless believe that beneficiaries should be notified of, and have meaningful control over who, has access to their personal health information for purposes of the Shared Savings Program”. [Since the Medicare ACO model is intended to be adopted by payers other than CMS, one is left to wonder about the belief systems prevalent at those private organizations.]
The actual opt-out process proposed in the document consists of a conversation with a provider during which “the beneficiary would be given a form stating that they have been informed of their physician's participation in the ACO and explaining how to opt-out of having their personal data shared. The form could include a phone number and/or email address for beneficiaries to call and request that their data not be shared”. So it’s not as simple as checking a box in your doctor’s office.

For over a year ONC’s Policy Committee has been grappling with privacy issues as evidenced by the tremendous work occurring both in the Privacy & Security Policy group and Privacy & Security Tiger Team. The issue of consumer/patient trust in Health Information Exchange (HIE) and Electronic Health Records (EHR) has been repeatedly recognized as a necessary ingredient to widespread HIT adoption, and much effort has been invested in devising policies and standards to allow consumers control of their medical records in general and sensitive parts of their medical records in particular. The recent report from the President’s Council of Advisers on Science and Technology (PCAST) includes recommendations to allow patients to attach privacy controls to each separate data element in their medical records. An ONC specially appointed workgroup tasked with analyzing the PCAST report has identified privacy as an issue of concern in a possible implementation of the PCAST recommendations.

What is the purpose of all this hard work, all these committees and workgroups, all expert testimonies and public comments, hearings and debates, if CMS, in its capacity as a payer, can assume legal authority to bypass all privacy controls embedded in EHRs and HIEs and disclose medical records information, as reflected in claims data, based solely on what CMS, or any other payer, believes is necessary and proper at a particular time?

In Defense of EHR Weapons of Mass Destruction

Remember the fear mongering rhetoric about weapons of mass destruction and all sorts of other bogey men that sometimes led to war death and true destruction and other times to just animosity, hatred and counterproductive waste of time and resources? This is exactly what we are witnessing today in Health Information Technology (HIT). Granted this is only a sideshow, while the main stage is occupied by the unprecedented Federal push to computerize medicine, but it has a very shrill voice and it seems to be confusing many good people. There are many legitimate questions that need to be asked, many strategies that should be debated, many errors that must be corrected, but the unsubstantiated, dogmatic and repetitive accusations directed towards HIT in general, EHR in particular, and chiefly at technology vendors and their employees, are borderline pathological in nature.

To be clear here, there are many practicing physicians and nurses who are either forced by an employer to use an EHR they dislike, have tried to use an EHR and didn’t enjoy the experience, or are opposed to the EHR concept on principle because the software has no return on investment in their situation, is not “ready for prime time” or is too closely aligned with the goals of the Federal government. These are all valid points of view and should be listened to and considered by policy makers as well as technology builders, and I have to confess that I do agree with much of what these practicing folks write and say, and as I said many times in the past, practicing physicians, i.e. those who see patients every day, are dangerously underrepresented in all HIT policy and technology decisions being made now at a federal level. Unfortunately, the practicing doctors’ message is being obscured and tainted by the “naysayers who predictably and monotonically chant the “HIT is evil” mantra at every opportunity” (quoting the famed HIT blogger, Mr. Histalk). These “self-proclaimed experts” and their incendiary and largely self-serving monologues are making it very easy to dismiss legitimate problems present in HIT policy and technology.

The #1 allegation against EHRs and those who build them is probably the one contending that EHRs kill people. HIT is supposedly an unauthorized human subject experiment which should be halted due to so many deaths and injuries. There is no evidence to support this assertion. Yes, there are several deaths documented, which have been associated with EHR software in one way or another, all in hospitals, but there is no documented evidence of mass injuries. The ugly truth is that people die in hospitals due to preventable errors of all types. They died before EHRs were introduced and they are still dying at similar rates after EHRs were installed. For every error attributed to software malfunction, there is a parallel error that can be attributed to lack of software or utilization of paper charts in general. For example, a software bug could cause records to end up in the wrong chart. How many times do paper records get filed in the wrong chart? How many times do paper records get misplaced never to be found again? How many times do paper charts disappear for long periods of time?  Of course since paper is a passive medium, all errors arising from paper charts usage are directly attributable to users. When an EHR is used, some errors, not all and not most, are attributable to the software. Ergo, EHRs kill people while prior to EHRs people killed people. Net effect is the same, although fixing software bugs is a lot easier than remediating people’s error prone behaviors.

The #2 inflammatory allegation is squarely directed at the business entities that build and sell EHRs, and individually towards anybody associated with IT, whether at a hospital level or a vendor level. Supposedly, these dim-witted IT folks have no understanding of medical practice and a complete disregard for patient safety and human lives. I have no doubt that some IT folks would not score very well on Mensa tests and others may have little interest in anything other than their paycheck, and this is true about any randomly selected group of people, including clinicians. However, EHR vendors are for-profit technology companies, and as such have an overriding interest in creating revenue. You do not benefit your long term top-line by purposely selling defective products. Suggestions that EHRs should be produced by non-profits are a bit naive considering that this is health care we are talking about, and we all know how selfless, charitable and patient safety oriented other non-profits are in this industry. I would also like to point out the few and far between health care providers who are willing to treat Medicaid patients due to financial and business considerations. How are the sacred patient safety and human life considerations ranked by those providers? I would assume they come in right after staying in business, keeping the doors open and perhaps even an acceptable profit level. EHR vendors are no different.

As to hospital IT folks, the ones I had the pleasure of meeting always listed patient safety as their main concern. Was it just lip service? I don’t think so, but all I have is anecdotal evidence. In any case, the incompetence and profit concerns of hospital administrators who drive EHR deployments in hospitals and health systems, to the extent that they exist, are not indicative of HIT being murderous or evil. They are indicative of the need for transparency and learning from those that manage to deploy the same HIT tools successfully, and those do exist.

Moving on to #3, we find the widespread platitude contending that EHRs should be built “by doctors for doctors”. Guess what? Many are, and it doesn’t make those EHRs any better. Amongst the larger EHR vendors, there is none that does not employ physicians and some have dozens of MDs on staff and hundreds of other clinicians. Many medium and smaller EHR companies were founded, and some are still owned, by physicians. There are two issues here. One is that most physicians fully employed by technology companies are not practicing anymore and I am not certain they ever did after residency. I have personally witnessed multiple times the huge disconnect between the professional IT physicians and those seeing 30 patients each day. Couple that with the “I’m a doctor, so I know best” attitude, and you are guaranteed an academic product that will have little value in the “real world”. The second issue is that most physicians know as much about IT as engineers know about medicine. With very few exceptions, commercial EHRs should not be built by doctors as a side hobby. They should be built by professional software designers and builders with extensive input and guidance from customers, just like quality products are built in all other industries. And by customers, I don’t mean “ivory tower informatics experts” who happen to have an MD after their name. I mean hard working, six days a week, frazzled and discouraged, practicing doctors and nurses.

Finally the #4 issue is the perpetual cry from various quarters that EHRs should come under FDA supervision. I strongly agree. Any instrument used in the delivery of medical care should be supervised to an appropriate degree, and maybe such transparent supervision would put an end to the fictional assertions that EHRs are guilty of mass murder. Done right, FDA supervision will definitely help folks make better product choices and deploy and use EHR technology in more beneficial ways. With the recent proliferation of “certified” EHRs, triggered in large part by the glow of HITECH money, FDA supervision could also serve to separate the wheat from the increasing amounts of chaff. It is also useful to remember that people are killed every day by FDA approved drugs and devices due to improper use, human error, negligence, criminal intent and product faults that the FDA missed.

In conclusion I would be remiss if I did not mention the multiple legitimate complaints regarding EHR usability and utility. While there is much work to be done, many errors to be addressed and much technology innovation to be applied, the form and function of EHRs is ultimately dictated by the environment in which they are used. The business of medicine (a.k.a. billing) dictated most of the box-clicking nature of older EMRs and the new population health, cost cutting and research focus emanating from the Federal government will just increase the demand for structured data elements and the accompanying clicking on boxes. EHR vendors will build whatever customers are willing to buy. It is infinitely easier to build an EHR without click-boxes and templates, than it is to build one that records and maintains hundreds of templates, customizations, vocabularies, cross-walks, guide-lines, protocols and analytics to slice and dice everything. Vendors would be more than happy to just give you a blank text box where you can type, scribble or dictate to your heart's content. But guess what every single physician looking to buy an EHR is asking right after the price question? “How many templates does your system have for my specialty?” The structure of EHRs is a symptom of quite a different problem and it will not be resolved until the root cause is addressed. So the lunatic fringe notwithstanding, EHR vendors are not out there to torture you or kill your patients. They are out there to sell you products and services and make some money in the process - just like Apple, Microsoft, Google, IBM, and you - and they build the products based on what the customer says he wants and what the Government says they must.

And no, you don’t have to buy one if you choose not to………

Unjust Enrichment

A new lawsuit has been filed this month in an attempt to curtail the unconsented and currently legal traffic of de-identified medical records, this time against pharmacy giant Walgreen. The class action suit brought by Todd Murphy, a citizen of the State of California, on behalf of his children, is alleging that Walgreen’s sale of prescription histories to data mining companies, servicing the marketing efforts of pharmaceutical companies, is an unfair, unlawful and deceptive business practice allowing Walgreen Co. to unjustly enrich itself while depriving the rightful owners of the data of their ability to benefit from the commercial value of their prescription records. There is no mention of privacy violations anywhere in the brief, and this is what makes this legal action very unique and potentially a landmark in the effort to control unauthorized sales of medical records.

The deceptive business practices are pretty straight forward to understand, since it seems that Walgreen makes all customers sign a privacy notice stating unequivocally that Walgreen will not disclose patient information without first obtaining authorization from the patient. Furthermore California law prohibits pharmacists from disclosing prescription information to unauthorized third parties, which arguably makes the sale of data also unlawful. The bulk of the brief is describing the injury to plaintiffs caused by “detailing”, i.e. targeted in-person marketing by pharmaceutical reps to physicians, which is substantially aided by information extracted from plaintiffs prescription patterns. Detailing is portrayed as a ruthless drug company strategy to increase sales of newer and more expensive brand-name drugs, thus increasing the costs of health care, endangering patients and harming the doctor-patient relationship.

And here is where the complaint gets interesting. The plaintiffs are arguing that “As a direct and proximate result of Defendant’s unfair business practices related to the sale of Plaintiff and the Class’ prescriptions as outlined above, Plaintiff and the Class have suffered injury in fact, lost money and/or property by paying money to Walgreen to fill their prescriptions, and been deprived of the commercial value and business opportunity inherent in the contents of Plaintiff and the Class’ prescriptions.” First, tangible injury is (hopefully) established. Second, if prescription data indeed has monetary value, and according to Walgreen’s SEC filling it is worth about three quarters of a billion dollars, then that money really belongs to the plaintiffs, which are seeking “That Defendant pay restitution, damages and / or disgorgement as proven for Walgreen’s conversion of Plaintiff’s prescription, and/or for restitution of monies paid Walgreen for filling prescriptions, and/or profits to be disgorged as unjust enrichment, and/or for the amount found to be due from defendant to plaintiff as a result of the accounting and interest on that amount from and after filing suit.”  If this action is successful, and it is established that medical data, whether identified or de-identified, is the property of the patient, and any proceeds from the sale of such data should flow back to the rightful owners, there will be very little incentive for Walgreen or any other medical records hosting entities to engage in wholesale of electronic health records.

The State of Vermont has a different opinion regarding data ownership. After a US Appeals Court ruled Vermont’s ban on the sale of prescription data unconstitutional on grounds of First Amendment violation, the US Supreme Court agreed to review the case. Vermont’s main concern is the sale of Prescriber Identifiable (PI) data and the ill effects of the resulting “detailing” on cost of care, physician privacy and doctor-patient relationship. Several “friend of the court” briefs filed in support of Vermont’s plea are also raising patient privacy issues and pointing out that de-identification, as performed by data-mining companies, is very likely reversible. Just like the recent Maine and New Hampshire laws, Vermont’s ban on prescription data sales to data-mining companies is enforced at the prescriber level (New Hampshire has a complete ban on sales, Maine allows prescribers to opt-out and Vermont proposes to allow doctors to opt-in).  While both Maine and Vermont laws assign control of PI prescription data to physicians, neither one proposes actual ownership, including commercial value compensation, to anyone other than those collecting the data in the first place. New Hampshire’s total ban on sales for detailing purposes implies that the State is in control of the data and nullifies any commercial value associated with this type of activity.

While the US Supreme Court review of the Vermont case is most certainly welcome, I don’t believe it will settle the general questions surrounding ownership of medical records. Watching Murphy v. Walgreen Co. winding its way through the various courts, as it certainly will unless summarily dismissed in San Diego County, should provide better intelligence, particularly regarding a legally acceptable definition of injury which is paramount to the success of this lawsuit. Hopefully others will bring similar actions and expand the scope beyond just prescription data. Physicians in particular would be well advised to consider the unjust enrichment of technology companies packaging and selling medical records composed by physicians who are investing large sums of money in the technology itself and are experiencing revenue losses due to decline in productivity and other software mishaps, all under threat of regulatory government penalties in the very near future. If this does not qualify as injury in a court of law, I don’t know what would.