Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

July 30 2011

Report from Open Source convention health track, 2011

Open source software in health care? It's limited to a few pockets of use--at least in the United States--but if you look at it a bit, you start to wonder why any health care institution uses any proprietary software at all.

What the evidence suggests

Take the conference session by University of Chicago researchers commissioned to produce a report for Congress on open source in health care. They found several open source packages that met the needs for electronic records at rural providers with few resources, such as safety-net providers.

They found that providers who adopted open source started to make the changes that the adoption of electronic health records (or any major new system) is supposed to do, but rarely does in proprietary health settings.

  • They offer the kinds of extra attention to patients that improve their health, such as asking them questions about long-term health issues.

  • They coordinate care better between departments.

  • They have improved their workflows, saving a lot of money

And incidentally, deployment of an open source EHR took an estimated 40% of the cost of deploying a proprietary one.

Not many clinics of the type examined--those in rural, low-income areas--have the time and money to install electronic records, and far fewer use open source ones. But the half-dozen examined by the Chicago team were clear success stories. They covered a variety of areas and populations, and three used WorldVistA while three used other EHRs.

Their recommendations are:

  • Greater coordination between open source EHR developers and communities, to explain what open source is and how they benefit providers.

  • Forming a Community of Practice on health centers using open source EHRs.

  • Greater involvement from the Federal Government, not to sponsor open source, but to make communities aware that it's an option.

Why do so few providers adopt open source EHRs? The team attributed the problem partly to prejudice against open source. But I picked up another, deeper concern from their talk. They said success in implementing open source EHRs depends on a "strong, visionary leadership team." As much as we admire health providers, teams like that are hard to form and consequently hard to find. But of course, any significant improvement in work processes would require such a team. What the study demonstrated is that it happens more in the environment of an open source product.

There are some caveats to keep in mind when considering these findings--some limitations to the study. First, the researchers had very little data about the costs of implementing proprietary health care systems, because the vendors won't allow customers to discuss it, and just two studies have been published. Second, the sample of open source projects was small, although the consistency of positive results was impressive. And the researchers started out sympathetic to open source. Despite the endorsement of open source represented by their findings, they recognized that it's harder to find open source and that all the beneficial customizations take time and money. During a Birds-of-a-Feather session later in the conference, many of us agreed that proprietary solutions are here for quite some time, and can benefit by incorporating open source components.

The study nevertheless remains important and deserves to be released to Congress and the public by the Department of Health and Human Services. There's no point to keeping it under wraps; the researchers are proceeding with phase 2 of the study with independent funding and are sure to release it.

So who uses open source?

It's nice to hear about open source projects (and we had presentations on several at last year's OSCon health care track) but the question on the ground is what it's like to actually put one in place. The implementation story we heard this year was from a team involving Roberts-Hoffman Software and Tolven.

Roberts-Hoffman is an OSCon success story. Last year they received a contract from a small health care provider to complete a huge EHR project in a crazily short amount of time, including such big-ticket requirements as meeting HIPAA requirements. Roberts-Hoffman knew little about open source, but surmised that the customization it permitted would let them achieve their goal. Roberts-Hoffman CEO Vickie Hoffman therefore attended OSCon 2010, where she met a number of participants in the health care track (including me) and settled on Tolven as their provider.

The customer put some bumps in the road to to the open source approach. For instance, they asked with some anxiety whether an open source product would expose their data. Hoffman had a little educating to do.

Another hurdle was finding a vendor to take medication orders. Luckily, Lexicomp was willing to work with a small provider and showed a desire to have an open source solution for providers. Roberts-Hoffman ended up developing a Tolven module using Lexicomp's API and contributing it back to Tolven. This proprietary/open source merger was generally quite successful, although it was extra work providing tests that someone could run without a Lexicomp license.

In addition to meeting what originally seemed an impossible schedule, Tolven allowed an unusual degree of customization through templating, and ensured the system would work with standard medical vocabularies.

Why can't you deliver my data?

After presentations on health information exchanges at OSCON, I started to ruminate about data delivery. My wife and I had some problems with appliances this past Spring and indulged in some purchases of common household items, a gas grill from one company and a washing machine from another. Each offered free delivery. So if low-margin department stores can deliver 100-pound appliances, why can't my doctor deliver my data to a specialist I'm referred to?

The CONNECT Gateway and Direct project hopefully solve that problem. CONNECT is the older solution, with Direct offering an easier-to-implement system that small health care providers will appreciate. Both have the goal of allowing health care providers to exchange patient data with each other, and with other necessary organizations such as public health agencies, in a secure manner.

David Riley, who directed the conversion of CONNECT to an open-source, community-driven project at the Office of the National Coordinator in the Department of Health and Human Services, kicked off OSCon's health care track by describing the latest developments. He had led off last year's health care track with a perspective on CONNECT delivered from his role in government, and he moved smoothly this time into covering the events of the past year as a private developer.

The open-source and community aspects certainly proved their value when a controversy and lawsuit over government contracts threatened to stop development on CONNECT. Although that's all been resolved now, Riley decided in the Spring to leave government and set up an independent non-profit foundation, Alembic, to guide CONNECT. The original developers moved over to Alembic, notably Brian Behlendorf, and a number of new companies and contributors came along. Most of the vendors who had started out on the ONC project stayed with the ONC, and were advised by Riley to do so until Alembic's course was firm.

Lots of foundations handle open source projects (Apache, etc.) but Riley and Behlendorf decided none of them were proper for a government-centric health care project. CONNECT demanded a unique blend of sensitivity to the health care field and experience dealing with government agencies, who have special contract rules and have trouble dealing with communities. For instance, government agencies are tasked by Congress with developing particular solutions in a particular time frame, and cannot cite as an excuse that some developer had to take time off to get a full-time job elsewhere.

Riley knows how to handle the myriad pressures of these projects, and has brought that expertise to Alembic. CONNECT software has been released and further developed under a BSD license as the Aurion project. Now that the ONC is back on track and is making changes of its own, the two projects are trying to heal the fork and are following each other's changes closely. Because Aurion has to handle sensitive personal data deftly, Riley hopes to generalize some of the software and create other projects for handling personal data.

Two Microsoft staff came to OSCon to describe Direct and the open-source .NET libraries implementing it. It turned out that many in the audience were uninformed about Direct (despite an intense outreach effort by the ONC) and showed a good deal of confusion about it. So speakers Vaibhav Bhandari and Ali Emami spent the whole time alloted (and more) explaining Direct, with time for just a couple slides pointing out what the .NET libraries can do.

Part of the problem is that security is broken down into several different functions in ONC's solution. Direct does not help you decide whether to trust the person you're sending data to (you need to establish a trust relationship through a third party that grants certificates) or find out where to send it (you need to know the correspondent's email address or another connection point). But two providers or other health care entities who make an agreement to share data can use Direct to do so over email or other upcoming interfaces.

There was a lot of cynicism among attendees and speakers about whether government efforts, even with excellent protocols and libraries, can get doctors to offer patients and other doctors the necessary access to data. I think the reason I can get a big-box store to deliver an appliance but I can't get my doctor to deliver data is that the big-box store is part of a market, and therefore wants to please the customer. Despite all our talk of free markets in this country, health care is not a market. Instead, it's a grossly subsidized system where no one has choice. And it's not just the patients who suffer. Control is removed from the providers and payers as well.

The problem will be solved when patients start acting like customers and making appropriate demands. If you could say, "I'm not filling out those patient history forms one more time--you just get the information where I'm going," it might have an effect. More practically speaking, let's provide simple tools that let patients store their history on USB keys or some similar medium, so we can walk into a doctor's office and say "Here, load this up and you'll have everything you need."

What about you, now?

Patient control goes beyond data. It's really core to solving our crisis in health care and costs. A lot of sessions at OSCon covered things patients could do to take control of their health and their data, but most of them were assigned to the citizen health track (I mentioned them at the end of my preview article a week ago) and I couldn't attend them because they were concurrent with the health care track.

Eri Gentry delivered an inspiring keynote about her work in the biology start-up BioCurious, Karen Sandler (who had spoken in last year's health care track scared us all with the importance of putting open source software in medical devices, and Fred Trotter gave a brief but riveting summary of the problems in health care. Fred also led a session on the Quantified Self, which was largely a discussion with the audience about ways we could encourage better behavior in ourselves and the public at large.

Guaranteed to cause meaningful change

I've already touched on the importance of changing how most health care institutions treat patients, and how open source can help. David Uhlman (who has written a book for O'Reilly with Fred Trotter) covered the complex topic of meaningful use, a phrase that appeared in the recovery act of 2009 and that drives just about all the change in current U.S. institutions. The term "meaningful use" implies that providers do more than install electronic systems; they use them in ways that benefit the patients, the institutions themselves, and the government agencies that depend on their data and treatments.

But Uhlman pointed out that doctors and health administrators--let alone the vendors of EHRs--focus on the incentive money and seem eager to do the minimum that gets them a payout. This is self-defeating, because as the government will raise the requirements for meaningful use over the years, and will overwhelm quick-and-dirty implementations that fail to solve real problems. Of course, the health providers keep pushing back the more stringent requirements to later years, but they'll have to face the music someday. Perhaps the delay will be good for everyone in the long run, because it will give open source products a chance to demonstrate their value and make inroads where they are desperately needed.

As a crude incentive to install electronic records, meaningful use has been a big success. Before the recover act was passed, 15%-20% of U.S. providers had EHRs. Now the figures is 60% or 70% percent, and by the end of 2012 it will probably be 90%. But it remains to be seen whether doctors use these systems to make better clinical decisions, follow up with patients so they comply with treatments, and eliminate waste.

Uhlman said that technology accounts for about 20% of the solution. The rest is workflow. For instance, every provider should talk to patients on every visit about central health concerns, such as hypertension and smoking. Research has suggested that this will add 30% more time per visit. If it reduces illness and hospital admissions, of course, we'll all end up paying less in taxes and insurance. His slogan: meaningful use is a payout for quality data.

It may be surprising--especially to an OSCon audience--that one of the biggest hurdles to achieving meaningful use is basic computer skills. We're talking here about typing information in correctly, knowing that you need to scroll down to look at all information on the screen, and such like. All the institutions Uhlman visits think they're in fine shape and everybody has the basic skills, but every examination he's done proves that 20%-30% of the staff are novices in computer use. And of course, facilities are loath to spend extra money to develop these skills.

Open source everywhere

Open source has image and marketing problems in the health care field, but solutions are emerging all over the place. Three open source systems right now are certified for meaningful use: ClearHealth (Uhlman's own product), CareVue from MedSphere, and WorldVistA. OpenEMR is likely to join them soon, having completed the testing phase. vxVistA is certified but may depend on some proprietary pieces (the status was unclear during the discussion).

Two other intriguing projects presented at OSCon this year were popHealth and Indivo X. I interviewed architects from Indivo X and popHealth before they came to speak at OSCon. I'll just say here that popHealth has two valuable functions. It helps providers improve quality by providing a simple web interface that makes it easy for them to view and compare their quality measures (for instance, whether they offered appropriate treatment for overweight patients). Additionally, popHealth saves a huge amount of tedious manual effort by letting them automatically generate reports about these measures for government agencies. Indivo fills the highly valued space of personal health records. It is highly modular, permitting new data sources and apps to be added; in fact, speaker Daniel Haas wants it to be an "app store" for medical applications. Both projects use modern languages, frameworks, and databases, facilitating adoption and use.

Other health care track sessions

An excellent and stimulating track was rounded out with several other talks.

Shahid Shah delivered a talk on connecting medical devices to electronic record systems. He adroitly showed how the data collected from these devices is the most timely and accurate data we can get (better than direct reports from patients or doctors, and faster than labs), but we currently let it slip away from us. He also went over standard pieces of the open source stacks that facilitate the connection of devices, talked a bit about regulations, and discussed the role of routine engineering practices such as risk assessments and simulations.

Continuing on the quality theme, David Richards mentioned some lessons he learned designing a ways clinical decision support system. It's a demanding discipline. Accuracy is critical, but results must be available quickly so the doctor can use them to make decisions during the patient visit. Furthermore, the suggestions returned must be clear and precise.

Charlie Quinn talked about the collection of genetic information to achieve earlier diagnoses of serious conditions. I could not attend his talk because I was needed at another last-minute meeting, but I sat down for a while with him later.

The motto at his Benaroya Research Institute is to have diagnosis be more science, less art. With three drops of blood, they can do a range of tests on patients suspected of having particular health conditions. Genomic information in the blood can tell a lot about health, because blood contains viruses and other genomic material besides the patient's own genes.

Tests can compare the patients to each other and to a healthy population, narrowing down comparisons by age, race, and other demographics. As an example, the institute took samples before a vaccine was administered, and then at several frequent intervals in the month afterward. They could tell when the vaccine had the most powerful effect on the body.

The open source connection here is the institute's desire to share data among multiple institutions so that more patients can be compared and more correlations can be made. Quinn said it's hard to get institutions to open up their data.

All in all, I was energized by the health care track this year, and really impressed with the knowledge and commitment of the people I met. Audience questions were well-informed and contributed a lot to the presentations. OSCon shows that open source health care, although it hasn't broken into the mainstream yet, already inspires a passionate and highly competent community.

June 27 2011

Open source personal health record: no need to open Google Health

The news went out Friday that Google is shutting down Google Health. This portal was, along with Microsoft HealthVault (which is still going strong) the world's best-known place for people to store health information on themselves. Google Health and Microsoft HealthVault were widely cited as harbingers of a new zeal for taking control of one's body and becoming a partner with one's doctors in being responsible for health.

Great ideas, but hardly anybody uses these two services. Many more people use a PHR provided by their hospital or general practitioner, which is not quite the point of a PHR because you see many practitioners over the course of your life and your data ought to be integrated in one place where you can always get it.

Predictably, free software advocates say, "make Google Health open source!" This also misses the point. The unique attributes of cloud computing were covered in a series of articles I put up a few months ago. As I explain there, the source code for services such as Google Health is not that important. The key characteristic that makes Google Health and Microsoft HealthVault appealing is...that they are run by Google and Microsoft. Those companies were banking on the trust that the public has for large, well-endowed institutions to maintain a service. And Google's decision to shutter its Health service (quite reasonable because of its slow take-off) illustrates the weakness of such cloud services.

The real future of PHRs is already here in the form of open source projects that people can take in any direction they want. One is Indivo, whose lead architect I recently interviewed (video) and which is also covered in a useful blog about the end of Google Health by an author of mine, Fred Trotter.

Two other projects worth following are OpenMRS and
Tolven (which includes a PHR).
People are talking about extending the Department of Veterans Affairs' Blue Button. Trotter's Healthevet (the software behind Blue Button) is also an open source PHR.

Whatever features a PHR may offer are overshadowed by the key ability to accept data in industry-standard formats and interact with a wide range of devices. A good piece of free software can be endlessly enhanced with these capabilities.

So in short, there are great projects that are already open source and worth contributing to and implementing. The question is still open of who is best suited to host the services. I'm not picking winners, but as we get more and more sensors, personal health monitors, and other devices emitting data about ourselves, the PHR will find a home.

July 27 2010

Wrap-up of the health care IT track at O'Reilly's Open Source convention

The first health care track to be included in an O'Reilly conference covered all three days of sessions at last week's Open Source convention and brought us 22 talks from programmers, doctors, researchers, corporate heads, and health care advocates. We grappled throughout these three days--which included two popular and highly vocal Birds of a Feather gatherings--with the task of opening up health care.

It's not surprising that, given this was an open source conference,
the point we heard from speakers and participants over and over again
was how critical it is to have open data in health care, and how open
source makes open data possible. Like most commercial fields, health
care is replete with managers and technologists who don't believe open
source software can do the job of powering and empowering busy
clinicians in high-risk situations. Some of the speakers spent time
challenging that view.

I decided over the course of the week that the health care industry
has two traits that make it more conservative than many fields. On the
one hand, the level of regulation and certification is mind-boggling.
Hardly any technical job can be taken without a particular course of
training and a certificate. Privacy regulations--which are interpreted
somewhat differently at every clinic--get in the way of almost anyone
doing anything new. Software has to be certified too, not something
that software firms in most domains are accustomed to. All these
controls are in place for good reason, and help you feel safe
proffering your arm for a needle or popping the pills each day your
doctor told you to take.

Paradoxically, though, the health care field is also resistant to
change because the actors in it are so independent. Health care is the
most fragmented industry in the country, with 80% of medical practices
consisting of one or two physicians.

Doctors don't like to be told what to do. A lot of them are not
persuaded that they should supplement their expert opinion with the
results of evidence-based medicine and clinical decision support, the
big campaigns right now among health care researchers and leaders
within the Administration, notably the recent appointee Donald Berwick
at the Centers for Medicare and Medicaid Services.

And even medical researchers are hard to gather around one set of
standards for data, because each one is looking for new ways to cut
and crunch the results and believes his or her approach is special.

So these are the conditions that software developers and vendors have
to deal with. Beckoning us forward are the Administration's
"meaningful use" criteria, which list the things a health care record
system should do to improve health care and cut costs.

Open source definitely needs more commercial champions to bridge the
classic gap in packaging and support between the developer community
and the not-so-computer-savvy health care teams. We heard from three
such companies at the conference: href="http://www.mirthcorp.com/">Mirth, href="http://www.vxvista.org/">vxVistA, and href="http://medsphere.org">Medsphere.

Of the major projects in electronic health records presented at the
conference --VistA, Tolven,
and openEMR--two were developed for
purposes outside the mainstream U.S. health care industry (VistA for
the Veterans Administration and openEMR for developing countries).
Although all these projects can point to successful installations in
mainstream organizations, they haven't hit the critical mass that
makes inherently conservative health care practices feel comfortable
adopting them.

But in this specific area of electronic records, I think the
proprietary software vendors are equally challenged to show that they
can meet the nation's needs. After some thirty years, they have become
common only in large hospitals and penetrated only a small number of
those small providers I mentioned before. The percentage of health
care providers who use electronic health records is between 18 and the
low 20's.

Licensing can easily be $15,000 per year per doctor, which small
practices just don't have. I won't harp on this, because converting
old records costs more than the licenses, and converting your whole
workflow and staff behavior is harder still. More disturbing is that a
large number of providers who go through the strain of installing
electronic records find that they don't produce cost savings or other
benefits.

Electronic records have been a success at huge providers like Partners
in Massachusetts and Kaiser Permanente in California, but one speaker
reported that Kaiser had to spend one billion (yes, that's a "b")
dollars to implement the kinds of data exchange and quality control
functions specified by the meaningful use criteria.

But we have to look pass the question of who would win the race to
digitize the offices of doctors in the U.S.--and around the world--and
envision a more open health care system where data can drive
high-quality care. I covered the first two days of the health care
track in the following blogs:

href="http://radar.oreilly.com/2010/07/day-one-of-the-health-care-it.html">
Day one of the health care IT track at O'Reilly's Open Source
convention

href="http://radar.oreilly.com/2010/07/vista-scenarios-and-other-cont.html">
VistA scenarios, and other controversies at the Open Source health
care track

and I'll summarize the tracks from day 3 here.

Open source for the things that keep you alive


Karen Sandler, a lawyer from the Software Freedom Law Center,
spoke
about the hundreds of thousands of devices--pacemakers,
insulin delivery devices, defibrillators, and others--that are
implanted in people's bodies each year. These devices fail sometimes,
and although reports do not classify which failures are caused by
software problems, some of them pretty clearly are.

The FDA does not audit software as part of the approval process for
devices, although it occasionally requires the manufacturer to show it
the software when failures are reported. Devices are also controlled
by unencrypted messages over ordinary wireless connections. (The
manufacturers avoid encryption in order to spare the device's
battery.) In short, software with control over life and death is being
installed in millions of people with essentially no regulation.

Sandler's key policy call is to force the source code open for
auditing purposes. She also would like to see open hardware and give
the patients the right to alter both hardware and software, although
these are more remote possibilities. Sandler's talk, based both on
careful research and painful personal health experiences, drew a
sizeable audience and excited fervent sympathy. The talk was aptly
timed just as the SFLC released a href="http://www.softwarefreedom.org/news/2010/jul/21/software-defects-cardiac-medical-devices-are-life-/">report
on this issue.

HealthVault and open data on the web

Two brief talks from Microsoft programmers, href="http://www.oscon.com/oscon2010/public/schedule/detail/15292">
Vaibhav Bhandari and href="http://www.oscon.com/oscon2010/public/schedule/detail/14952">Teddy
Bachour, did a nice job of introducing key standards in the health
care field and showing how flexible, carefully designed tools could
turn those standards into tools for better patient and doctor control
over data.

I felt that standards were underrepresented in our health care track,
and scheduled a BOF the night before where we discussed some of the
general issues making standards hard to use. Bhandari showed a few of
the libraries that Microsoft HealthVault uses to make standards useful
ways to store and manipulate health data. Bachour showed the use of
Microsoft toolkits, some open source in CodePlex.

As an example of what programmers can do with these libraries and
toolkits, the Clinical Documentation Solution Accelerator enhances
Microsoft Word enhanced so that, as a doctor enters a report of a
patient visit, Word can prompt for certain fields and offer a
selection of valid keywords for such fields as diagnoses and
medications.

Data mining with open source tools

David Uhlman, who had spoken on Thursday about VistA and his company
ClearHealth, ended the
health care track with a href="http://www.oscon.com/oscon2010/public/schedule/detail/15242">dazzling
tour applying neural network analysis, genetic algorithms,
visualization, and other tools to basic questions such as "How many of
my patients are likely to miss their visits today?" and common tasks
such as viewing multiple lab results together over time.

Every conference has to have a final session, of course, and every
final session suffers from decreased attendance. So did Uhlman's
scintillating talk, but I felt that his talk deserves more attention
because he goes to the heart of our job in health care IT: to take the
mounds of new data that electronic records and meaningful use will
generate and find answers to everyday problems bedeviling
practitioners.

Luckily, Uhlman's talk was videotapes--as were all the others that I
reported in my three blogs--and will be put on the Web at some point.
Stay tuned, and stay healthy.

July 23 2010

VistA scenarios, and other controversies at the Open Source health care track

The history and accomplishments attributed to VistA, the Veterans
Administration's core administrative software, mark it as one of the
most impressive software projects in history. Still, lots of smart
people in the health care field deprecate VistA and cast doubt that it
could ever be widely adopted. Having spent some time with people on
both sides, I'll look at their arguments in this blog, and then
summarize other talks I heard today at the href="http://www.oscon.com/oscon2010">Open Source Convention
health care track.

Yesterday, as href="http://radar.oreilly.com/2010/07/day-one-of-the-health-care-it.html">I
described in my previous blog, we heard an overview of trends in
health care and its open source side in particular. Two open source
free software projects offering electronic health records were
presented, Tolven and href="http://www.oemr.org/">openEMR. Today was VistA day, and
those who stayed all the way through were entertained by accolades of
increasing fervor from the heads of href="http://www.oscon.com/oscon2010/public/schedule/detail/15291">vxVistA,
href="http://www.oscon.com/oscon2010/public/schedule/detail/15255">Medsphere,
and ClearHealth. (Anyone
who claims that VistA is cumbersome and obsolete will have to explain
why it seems to back up so many successful companies.) In general, a
nice theme to see today was so many open source companies making a go
of it in the health care field.

VistA: historical anomaly or the future of electronic medical systems?

We started our exploration of VistA with a href="http://www.oscon.com/oscon2010/public/schedule/detail/15274p">stirring
overview by Phillip Longman, author of the popular paperback book,
Best Care Anywhere: Why VA Health Care is Better Than
Yours
. The story of VistA's development is a true medical
thriller, with scenes ranging from sudden firings to actual fires
(arson). As several speakers stressed, the story is also about how the
doctors at the VA independently developed the key aspects of open
source development: programming by the users of the software, loose
coordination of independent coders, freedom to fork, and so on.

Longman is convinced that VistA could and should be the basis of
universal health records in the U.S., and rains down omens of doom on
the comprehensive health care bill if it drives physicians to buy
proprietary health record systems.

VistA is much more than an electronic health record system, and even
bigger than a medical system. It is really a constellation of hundreds
of applications, including food preparation, library administration,
policing, and more.

The two main objections to VistA are:


That it is clunky old code based on an obsolete language and database technology

As a project begun by amateurs, VistA probably contains some fearsome
passages. Furthermore, it is written in MUMPS (standardized by ANSI as
simply M), a language that dates from the time of LISP and
COBOL. Predating relational databases, MUMPS contains a hierarchical
database based on a B*-tree data structure.

Supporters of Vista argue that anything qualifying as "legacy code"
can just as well be called "stable." They can also answer each of
these criticisms:

  • The code has been used heavily by the VA long enough to prove that
    it is extendable and maintainable.

  • It is strangely hypocritical to hear VistA's use of MUMPS criticized
    by proprietary vendors when so any of them are equally dependent on
    that language. Indeed, the best-known vendors of proprietary health
    care software, including Epic and InterSystems, use MUMPS. Need I
    remind readers that we put a man on the moon using 1960s-style
    FORTRAN?

    It's interesting to learn, however, that ClearHealth is migrating
    parts of VistA away from MUMPS and does most of its coding in
    higher-level languages (and many modern programmers would hardly offer
    praise for the language chosen for ClearHealth's interface, PHP).

  • Similarly, many current vendors use the Cache hierarchical
    database. Aspersions concerning pre-relational databases sound less
    damning nowadays in an age of burgeoning interest in various NoSQL
    projects. Still, Medsphere and the community-based href="http://www.worldvista.org/">WorldVistA project are
    creating a SPARQL interface and a mechanism for extracting data from
    VistA into a MySQL database.


That it works well only in the unique environment of the Veterans Administration

This critique seems to be easier to validate through experience. The
VA is a monolithic, self-contained environment reflected in VistA. For
instance, the critical task of ordering prescriptions in VistA depends
on the pharmacy also running VistA.

Commercial pharmacies could theoretically interact with VistA, but it
would require effort on the part of those companies, which in turn
would depend on VistA being adopted by a substantial customer base of
private hospitals.

Several successful deployments of VistA by U.S. hospitals, as well as
adoption by whole networks of hospitals in several other countries,
indicate that it's still a viable option. And the presence of several
companies in the space shows that adopters can count on support.

On the other hand, the competing implementations by vxVistA,
Medsphere, and ClearHealth complicate the development landscape. It
might have been easier if a single organization such as WorldVistA
could have unified development as the Apache or GNOME foundation does.

vxVistA has come in for particular criticism among open source
advocates. In fact, the speakers at today's conference started
out defensive, making me feel some sympathy for them.

vxVistA's developers, the company DSS, kept their version of VistA
closed for some time until they had some established customers.
Speaker Deanne Clark argued that they did this to make sure they had
enough control over their product to produce some early successes,
warning that any failure would hurt the image of the whole VistA
community. I don't know why a closed development process is necessary
to ensure quality, but I'll accept her explanation. And DSS seems to
be regarded highly for its quality work by everyone, including those
who embroil

More galling to other open source advocates is that when DSS did
release vxVistA as open source, they did so under an Eclipse license
that is incompatible with the GPL used by WorldVistA.

I wouldn't dare guess whether VistA will continue as a niche product
or will suddenly emerge to eat up the U.S. market for electronic
medical systems. But I think it's definitely something to watch.

The odd position of the VA as the source for new versions of VistA, as
well as its role as VistA's overwhelmingly largest user, could also
introduce distortions into the open source development pattern outside
the VA. For instance, commercial backers of VistA are determined to
get it certified for meaningful use so that their clients can win
financial rewards from the Department of Health and Human
Services. But the VA doesn't have to be certified for meaningful use
and doesn't care about it. (As David Uhlman of ClearHealth pointed
out, nearly everything in the meaningful use criteria was done thirty
years ago by the VA using VistA.)

The VA even goes through periods of refusing bug fixes and
improvements from the outside community. Luckily, the VA lets some of
its programmers participate on WorldVistA forums, and seems interested
in getting more involved.

Other presentations

Attendance varies between 30 and 70 people for today's health care
session. Roni Zeiger of Google brought out a big crowd for his href="http://www.oscon.com/oscon2010/public/schedule/detail/15272">discussion
of Google's interest in health care, with a focus on how its API
accepts data from devices.

Zeiger pointed out that we lead most of our lives outside doctor's
offices (unless we're very unlucky) and that health information should
be drawn from everyday life as well. A wide range of devices can
measure everything from how fast we walk to our glucose levels. Even
if all you have is a smart phone, there are a lot of things you can
record. Collecting this kind of data, called Observations of Daily
Living, is becoming more and more popular.

  • One app uses GPS to show your path during a run.

  • Another app uses the accelerometer to show your elevation during a
    bike ride.

  • One researcher uses a sensor, stuck into an inhaler, to feed data to a
    phone and collect information on where and when people have asthma
    attacks. If we collect a lot of data from a lot of people over time,
    we may learn more about what triggers these attacks.

  • On the fun side, a Google employee figured out how to measure the
    rotation of bike pedals using the magnet in an Android phone. This
    lets employees maintain the right aerobic speed and record what how
    fast and their friends are peddling.

You can set up Google Health to accept data from these
devices. Ultimately, we can also feed the data automatically to our
doctors, but first they'll need to set up systems to accept such
information on a regular basis.

Will Ross href="http://www.oscon.com/oscon2010/public/schedule/detail/14944">described
a project to connect health care providers across a mostly rural
county in California and exchange patient data. The consortium
found that they had barely enough money to pay a proprietary vendor of
Health Information Exchange systems, and no money for maintenance. So
they contracted with
Mirth
Corporation
to use an open source solution. Mirth supports
CONNECT, which I described in
href="http://radar.oreilly.com/2010/07/day-one-of-the-health-care-it.html">yesterday's
blog, and provides tools for extracting data from structured
documents as well as exchanging it.

Nagesh Bashyam, who runs the large consulting practice that Harris
Corporation provides to CONNECT, href="http://www.oscon.com/oscon2010/public/schedule/detail/15267">talked
about how it can lead to more than data exchange--it can let a doctor
combine information from many sources and therefore be a platform for
value-added services.

Turning to academic and non-profit research efforts, we also heard
today from href="http://www.oscon.com/oscon2010/public/schedule/detail/15279">
Andrew Hart of NASA's Jet Propulsion Laboratory and some colleagues at
Children's Hospital Los Angeles. Hart described a reference
architecture that has supported the sharing of research data among
institutions on a number of large projects. The system has to be able
to translate between formats seamlessly so that researchers can
quickly query different sites for related data and combine it.

Sam Faus of Sujansky & Associates href="http://www.oscon.com/oscon2010/public/schedule/detail/15275">recounted
a project to create a Common Platform for sharing Observations of
Daily Living between research projects. Sponsored by the Robert Wood
Johnson Foundation to tie together a number of other projects in the
health care space, Sujansky started its work in 2006 before there were
systems such as Google Health and Microsoft Health Vault. Even after
these services were opened, however, the foundation decided to
continue and create its own platform.

Currently, there are several emerging standards for ODL, measuring
different things and organizing them in different ways. Faus said this
is a reasonable state of affairs because we are so early in the
patient-centered movement.

I talked about standards later with David Riley, the government's
CONNECT initiative lead. HHS can influence the adoption of standards
through regulation. But Riley's office has adopted a distributed and
participatory approach to finding new standards. Whenever they see a
need, they can propose an area of standardization to HHS's
specification advisory body. The body can prioritize these
requests and conduct meetings to hammer out a standard. To actually
enter a standard into a regulation, however, HHS has to follow the
federal government's rule-making procedures, which require an
eighteen-month period of releasing draft regulations and accepting
comments.

It's the odd trait of standards that discussions excite violent
emotions among insiders while driving outsiders to desperate
boredom. For participants in this evening's Birds of a Feather
session, the hour passed quickly discussing standards.

The 800-pound gorilla of health care standards is the HL7 series,
which CONNECT supports. Zeiger said that Google (which currently
supports just the CCR, a lighter-weight standard) will have to HL7's
version of the continuity of care record, the CCD. HL7 standards have
undergone massive changes over the decades, though, and are likely to
change again quite soon. From what I hear, this is urgently
necessary. In its current version, the HL7 committee layered a
superficial XML syntax over ill-structured standards.

A major problem with many health care standards, including HL7, is the
business decision by standard-setting bodies to fund their activities
by charging fees that put standards outside the reach of open source
projects, as well as ordinary patients and consumers. Many standards
bodies require $5.00 or $10.00 per seat.

Brian Behlendorf discussed the recent decision of the NHIN Direct
committee to support both SOAP versus SMTP for data exchange. Their
goal was to create a common core that lets proponents of each system
do essentially the same thing--authenticate health care providers and
exchange data securely--while also leaving room for further
development.

July 22 2010

Day one of the health care IT track at O'Reilly's Open Source convention

I think the collective awe of health care aficionados at the href="http://www.oscon.com/oscon2010">Open Source Convention came
to a focal point during our evening Birds of a Feather session, when
open source advocate Fred Trotter, informally stepping in as session
leader, pointed out that the leaders of key open source projects in
the health care field were in the room, including two VistA
implementors (Medsphere and href="http://www.worldvista.org/">WorldVistA), href="http://www.tolvenhealth.com/">Tolven, and href="http://wwwf.oemr.org/">openEMR--and not to forget two other
leading health care software initiatives from the U.S. government, href="http://www.connectopensource.org">CONNECT and href="http://nhindirect.org/">NHIN Direct.

This meeting, which drew about 40 doctors, project leaders,
programmers, activist patients, and others, was the culmination of a
full day of presentations in the first track on health care at an
O'Reilly conference. The day's sessions unveiled the potential of open
source in health care and how dedicated implementors were making it a
reality, starting with an scene-setting talk by Tim O'Reilly that
attracted over 75 people and continuing through the next seven hours
until a dwindling hard core delayed drinks and hors d'oeuvres for half
an hour to hear a final late talk by href="http://www.oscon.com/oscon2010/public/schedule/detail/13943">Melanie
Swan on DIYgenomics.

Nine talks representing the breadth of a vital programming area can't
be summarized in one sentence, but for me the theme of the day was
open source advocates reaching out to solve pressing problems that
proprietary vendors will not or cannot address.

Tim O'Reilly's talk laid out key elements of the health care
revolution: electronic records, the quantified self (measuring one's
bodily activities), and the Internet of things that allows one to track
behavior such as whether a patient has taken his medicine.

Talk to me

We were honored to have key leaders from Health and Human Services
speak at today's conferences about its chief open source projects. href="http://www.oscon.com/oscon2010/public/schedule/detail/13257">David
Riley and Brian Behlendorf (known best for his work on Apache)
came from the Office of the National Coordinator along with lead
contractor href="http://www.oscon.com/oscon2010/public/schedule/detail/15304">Arien
Malec to show us the current status and--most exciting--the future
plans for CONNECT and NHIN Direct, which are key pieces of the
Administration's health care policy because they allow different
health care providers to exchange patient information securely.

I have href="http://radar.oreilly.com/2010/07/health-and-human-services-fina.html">written
recently about "meaningful use" for health care records. Malec
provided a homespun and compelling vision of the problems with the
current health care system: in contrast to the old days where doctors
knew every patient personally, modern health care is delivered as
episodic interventions. As Fred Trotter said in his talk, we've
reached the limit of what we can achieve through clinical efforts.
Doctors can do miracles compared to former times, but the problems we
suffer from increasingly call for long-range plans. Malec said that
health care systems need to remember us. That's what
electronic health records can do, combined with the data exchange
protocols provided by NHIN.

Riley, in what is likely to be one of the most revisited talks of the
conference--yes, we recorded the sessions and will put them
online--rapidly laid out the architecture of CONNECT and what's
planned for upcoming releases. Requests between agencies for health
care data have gone from months to minutes with CONNECT. Currently
based on SOAP, it is being refactored so that in the future it can run
over REST, XMPP, and SMTP.

NHIN Direct, the newer and more lightweight protocol, is also based on
digital certificates and uses S/MIME with SMTP over TLS. Parties can
do key exchange themselves or work through a trusted third party. It
seems to me, therefore, that CONNECT and NHIN Direct will eventually
merge. It is as if the NHIN Direct project was started to take a big
step back from CONNECT, look at what it achieved for the government
agencies that produce or consume health care and how the same benefits
could be provided to health care providers all over the country, and
to formalize an architecture that would become the new CONNECT.

NHIN is an even more impressive case of open government and
collaborative development than CONNECT. The public was involved from
the earliest design stage. Some people complained that established
vendors bent the process to preserve their advantages, but they
probably had less success this way than if HHS followed normal
government procedures. NHIN already has reference implementations in
Java and C#. If you're inspired to help bring health records to the
public, you can read the wikis and attend some training and contribute
reference implementations in your language of choice.

In addition to supporting the NHIN Direct protocol, some of the
upcoming features in CONNECT include:

  • Identity management services. This will probably be based on a
    voluntary patient identifier.

  • Support for meaningful use criteria.

  • Support for structured data, allowing the system to accept input in
    standards such as the CCR or CCD and populate documents. One feature
    enabled by this enhancement will be the ability to recognize sensitive
    health data and remove it before sending a record. (CONNECT can be
    used for all health-related data, not just personal medical records.)

  • Moving to the Spring Framework.

Riley has done some pretty rigorous cost analysis and determines that
careful management--which includes holding costs down and bringing
multiple agencies together to work on CONNECT--has reduced development
costs from over 200 million dollars to about 13 million dollars.
Recent code sprints drew heavily from community volunteers: 4 or 5
volunteers along with 12 contractors.

In an href="http://www.oscon.com/oscon2010/public/schedule/detail/15296">overview
talk, Deborah Bryant of OSU Open Source Lab raised the issue
continuity in relation to NHIN and CONNECT. Every open source project
has to figure out how to keep a community of volunteers interested so
that the project continues to evolve and adapt to changing
circumstances. Government-backed projects, she admitted, provide
funding over a sustained period of time, but this does not obviate the
need for community management.

In addition, CONNECT is run by a consulting firm with paid contractors
who have to learn how to accept community input and communicate with
outsiders. Behlendorf said that simple things like putting all code
in Subversion and all documentation on a wiki helps. Consultants are
also encouraged to request feedback on designs and to talk about the
goals of sprints as far as possible in advance.

IntraHealth International manages the basic health care resource: people

The problems of the developing world were represented most directly by
the open source human resource information system href="http://www.intrahealth.org/">IntraHealth International,
presented by href="http://www.oscon.com/oscon2010/public/schedule/detail/15268">
Carl Leitner. IntraHealth International helps many Sub-Saharan and
South Asian countries manage one of their most precious and dwindling
resources: health care professionals. The system, called iHRIS lets
individual hospitals as well as whole nations determine where their
most pressing staffing needs lie, break down staff by demographic
information such as age and gender (even language can be tracked), and
track their locations.

Training is one of the resources that must be managed carefully. If
you know there's a big gap between the professionals you need and ones
you have, you can direct scarce funding to training new ones. When
iHRIS records expenditures, what do countries often find? Some
administrator has splurged on sending himself to the same training
program over and over, just to get the per diem. Good information can
expose graft.

Open source is critical for a system like iHRIS, not just because
funds are scarce, but because localization is critical. Lots of
languages whose very existence is hidden from proprietary vendors need
to be supported. Each country also has different regulations and
conditions. IntraHealth International holds regular unconferences,
mentoring, and other forms of training in its target countries in the
hope of (in Leitner's words) putting themselves out of business. Of
course, trained IT staff tend to drift into higher-paying jobs, so the
organization tries to spread the training over many people.

OpenEMR and Tolven

The overarching challenge for any electronic health record system, if
its developers hope it to be taken seriously over the next couple
years in the United States, is support for meaningful use criteria.
Proprietary systems have, for several decades, met the needs of large
institutions with wads of cash to throw at them. And they will gain
certification to support meaningful use as well. But smaller providers
have been unable to afford these systems.

The need for an open source solution with meaningful use certification
is pressing, and two project leaders of OpenEMR devoted href="http://www.oscon.com/oscon2010/public/schedule/detail/14893">their
talk to their push to make their system ready. They estimate that
they have implemented about 80% of the required functionality, but
more slowly than expected. Extraordinary measures were required on
many fronts:

  • Medical experts had to read thousands of pages of specifications as
    they came out, and follow comments and debates to determine which
    requirements would likely be dropped or postponed, so as not to waste
    development time.

  • Contractors were hired to speed up the coding. Interestingly, the
    spike in productivity created by the contractors attracted a huge
    number of new volunteers. At one point openEMR became number 37 on
    SourceForge in terms of activity, and it is still up around 190. The
    project leaders had to upgrade some of their infrastructure to handle
    an increased number of commits. They also discovered that lack of
    documentation was a hindrance. Like the CONNECT team, they found that
    maintaining a community required--well, maintenance.


  • Project leaders had to go to Washington and argue with government
    bureaucrats to change requirements that would have essentially made it
    impossible for open source projects to meet the meaningful use
    requirements. They succeeded in removing the offending clauses, and
    believe they were also responsible for winning such accomplishments as
    allowing sites to certify modules instead of entire stand-alone
    systems. Nevertheless, some aspects of certification require
    contracts with proprietary vendors, such as lab interface, which is
    done through a proprietary company, and drug-to-drug and
    drug-to-allergy interactions, which require interaction with expensive
    databases.

Tony McCormick pointed out that the goal of meaningful use
certification provided a focus that most open source projects lack.
In addition, the government provided tests (called scripts) that
served as a QA plan.

Meaningful use, as much as it represents an advance over today's
health information silos, does not yet involve the patient. The
patient came to the fore in two other talks, one by href="http://www.oscon.com/oscon2010/public/schedule/detail/13943">Melanie
Swan on her company DIYgenomics and the other by href="http://www.oscon.com/oscon2010/public/schedule/detail/15051">Tom
Jones on Tolven.

Swan summarized the first two generations of DNA sequencing (which
went a bit above my head) and said we were on the verge of a third
generation that could bring full genome sequencing down to a cost that
consumers could afford. A part of the open science movement,
DIYgenomics helps patients combine with others to do research, a
process that is certainly less rigorous than controlled experiments
but can provide preliminary data that suggests future research. For
many rare conditions, the crowdsourced approach can fill a gap that
professional researchers won't fill.

In addition to providing access to studies and some other useful
apps--such as one that helps you evaluate your response to
drugs--DIYgenomics conducts its own longitudinal studies. One current
study checks for people who do not absorb vitamin B12 (folic acid)
properly, a condition to which up to half the population is
vulnerable. Another study, for which they are seeking 10,000
participants, covers aging.

Jones's talk centered on privacy, but spread its tent to include the
broader issues of patient-centered medicine. Tolven simultaneously
supports records held by the doctor (clinical health records) and by
the patient (personal health records).

In a system designed especially for the Netherlands--where privacy
laws are much stricter and better specified than in the United
States--Tolven stores medical records in large, centralized
repositories because it's easier to ensure security that way. However,
strict boundaries between doctors prevent them from viewing each
other's data. Even more significantly, data is encrypted during both
transmission and storage, and only the patient has the key to unlock
it. Audit trails add another layer of protection.

In this architecture, there are no release forms. Instead, the patient
explicitly approves every data transfer. (Patients can designate
special repositories to which their relatives have access, in case of
emergencies when they're not competent to make the transfer.)

That was one day of health care at OSCon--two more are coming up. We
started our evening BOF with introductions, but more and more people
kept coming in the room, and everyone was so interesting that the
introductions ended up taking the entire hour allocated for the BOF.
The sense that our health care system needs to change radically, and
the zeal expressed to take part in that change, brought energy into
the room. This was a great place to meet like-minded people.

Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl