CCHIT to meet with FOSS community

Recently, I was asked by several community members to begin ‘activating’ the community at large against certain threats to FOSS in healthcare. Dr. Valdes and I have been planning on doing this for years, and, in our own ways, have both begun to attempt to make the public aware of the issues that our community (FOSS Health IT) faces. Dr. Ignacio Valdes has been publishing several articles on the subject at LinuxMedNews , which have meet with considerable success. One of his posts on the subject have been slashdotted.
While Ignacio has been taking a hard-line Free (as in freedom) Software approach, I have been (in a twist for me) taking an ‘Open Source’ approach. The people who approached me at DOHCS were unanimous in their belief that what FOSS needed from the government was merely a level playing field, so that we could compete, and win, on our own merits.

The largest single threat to the future of FOSS in healthcare in the US is the certification process mandated by the stimulus act. The language provides funding for -certified- EHR systems and eventually penalties for not using -certified- EHR systems.

The best established certification body is CCHIT. They have not been named as the certification body, but they are likely lobbying for that role. However, CCHIT has had an anti-FOSS stance for years. For years, I and other activists in the community have chosen
to largely ignore this bias. Simply because CCHIT was an optional certification. Now, things have changed. It is possible that the government will mandate a certification program that is either CCHIT or similarly unfriendly to FOSS.

Recently I submitted my complaints to Dennis Wilson (associated with both the FOSS Laika project and employed by CCHIT) who put me in touch with Mark Leavitt. As a main result of that discussion, Mark has agreed to have a meeting with the community-at-large about this issue at HIMSS (please see the forwarded message from the CCHIT e-newsletter below).

Granted, this is like offering to meet with the Rebel Alliance at the annual Death Star conference. Even more overtly than CCHIT, HIMSS is decidedly anti-FOSS. HIMSS has actively attacked and defamed the FOSS movement. For example, HIMSS EHR Vendor association continues to limit membership to vendors who “design, develop and market its own proprietary Electronic Health Record (EHR) software application.” Further HIMSS has specially advocated against the US government funding of FOSS EHR solutions, which implicitly includes VA development of VistA. There is also great concern about the ties between CCHIT and HIMSS/EHRVA. Leavitt himself was employed by HIMSS immediately before his current position and is currently a fellow of HIMSS. CCHIT maintains that the two organizations are independent, everyone else seems to understand the dangerous familiarity between the two organizations. (update 3-30: Dennis Wilson has noted that this meeting will be held ‘with’ but not ‘at’ HIMSS… You do not need a HIMSS badge to attend)

However, Mark has also agreed to provide some kind of remote access capability for those of us who cannot afford the time, cost or moral compromise required to attend HIMSS. For this reason, and because of their willingness to meet at all, I am asking the community to attend the CCHIT/FOSS meeting. In person if at all possible, by remote access if not.

The meeting will be held at HIMSS on  Monday, April 6, Room 10d, Session #2  2:00  – 3:00 PM

I have heard from several of the HIMSS ‘regulars’ in our community that they will be going. However, it is critical that we have a show of force within the community from precisely those people who have the most to lose with regards to the certification issue: small support companies and individual consultants.

We are becoming more ‘organized’ as we speak. Please watch this space for more announcements on how you can participate to keep the US government from making anti-FOSS blunders now and in the future.

Best,
-Fred Trotter
http://www.fredtrotter.com

———- Forwarded message ———-
From: Sue Reber <sreber@cchit.org>
Date: Fri, Mar 13, 2009 at 3:07 PM
Subject: FW: CCHIT eNews: Seeking volunteers, Expansion,
Interoperability and Open Source
To: fred trotter <fred.trotter@gmail.com>
Cc: Dennis Wilson <dwilson@cchit.org>

Fred – see below “Commission Hosts Interoperability and Open Source
Roundtables on Certification” in our regular electronic newsletter.

C Sue Reber

Marketing Director, CCHIT

Certification Commission for Healthcare Information Technology

503.288.5876 office | 503.703.0813 cell | 503.287.4613 fax

sreber@cchit.org

— majority of newsletter removed for brevity —

Commission Hosts Interoperability and Open Source Roundtables on Certification

In addition to its annual Town Hall at the upcoming  HIMSS09 Annual
Conference in Chicago, the Certification Commission will be  hosting
two technical roundtables, co-located with the conference, for health
IT vendors and developers. The first, “Interoperability 09 and Beyond:
a look  at CCHIT’s roadmap for the future”, will present the
Commission’s  interoperability roadmap and explore the standards and
testing tools with  which developers need to be familiar.

The second, “Open Source  Forum: a dialogue on certification for open
source EHRs”, is designed to  continue the discussion with open source
developers with an interest in  certifying EHRs. This session will
allow an open exchange of the challenges  and opportunities for making
certified open source EHRs available to  providers.

The times and locations of sessions are below. Both Health IT
Technical Roundtables will also be available via free remote access.
Details will be available at cchit.org prior to the date.

CCHIT Town Hall at HIMSS09 Annual Conference
Sunday,  April 5
Room W192b, McCormick Convention Center, Chicago
9:45 – 11:15  AM

Health IT Technical Roundtables at Hyatt McCormick Conference Center
Monday, April 6
Room 10d, Hyatt McCormick Conference  Center, Chicago

Session #1  1:00 – 2:00 PM
Interoperability 09  and Beyond: a look at CCHIT’s roadmap for the future

Session #2  2:00  – 3:00 PM
Open Source Forum: a dialogue on certification for open source  EHRs

— sections removed for brevity —-

Contact : eNews@cchit.org | www.cchit.org

Copyright © 2005-2009 Certification Commission for Healthcare
Information Technology
Privacy Policy   |   Terms of Use   |   Contact

______________________________

__

If you no longer wish to receive these emails, please reply to this
message with “Unsubscribe” in the subject line or simply click on the
following link: Unsubscribe

________________________________

Certification Commission for Healthcare Information Technology
200 S Wacker Dr
Suite 3100
Chicago, Illinois 60606
US

A Little Law Lecture

I have been asked to give a lecture at the University of Houston Law school about PHRs and HIPAA.

I originally hooked up with the law program there because they publish interesting things on the collision of Open Source and Healthcare IT law, an issue that I care about.  Now I am being invited to talk about PHRs, HIPAA and other interesting things at a Law class. When I was a student I loved it when a speaker brought notes, so that I could focus not on the information content of what he was saying but the validty of his arguments. Apparently (ironically really) I am qualified to talk about things that I blog about, so I wanted to point out some of the medico-legal topics I have covered in my various posts, in some kind of formal way. I hope this benifits others.

But first, I must invoke that wonderful acronym of amateurism IANAL.I am not a legal expert at all, no matter how smart I sound. This is OK because I am much less concerned with how the law does work, than with how the law should work. I think of the law as “applied moral philosophy”, which means that I can ignore lots of the legal issues especially when it is stooopid. When you think the law in a given area is stoopid, like our copyright law, (at least Colbert knows) then you respond with licenses that make some kind of sense, like the GPL or Creative Commons. I am not really an expert in these licenses either, but I am shocked at how often legal experts totally trash the concepts that our community was trying to protect when we wrote these licenses. For instance I have heard file-sharing compared to Creative Commons and Open Source as similarly respectful of copyright.

I care about Free and Open Source licenses in Healthcare IT. I also care about user agreements and PHR privacy statements. So lets dive right in.

First when everyone else was in an uproar about Google Health and Healthvault not being covered by HIPAA, I came to their defence. PHR systems should not be covered by HIPAA and that is a good thing. 

I wrote an article on the difficulty of designing software around healthcare privacy laws.

I have written a pretty snarky little post on the definitions of the terms PHR/EHR/EMR, do not have much to say about that except that these terms are still abused by people who sell stuff. Its much more important to consider a feature set in when defining a term like EHR.

As I prepare for this lecture I wish I had written more on the “Robots attack” problem, where average people have unreasonable fears about technology, but I have talked some about how we focus on the wrong class of problems, with regards to security threats.

I have not yet talked much about the evils of health IT patents. But I should.

So hopefully, talking a look at all of this I should be able to come up with a good talk.

-FT

Computer Science should be required for Medical School

Hi,

Currently, in Texas,  one is required to take Physics I and II and Calculus I (or equivalent stats class) to apply for Medical School. That is not all, of course, but they are requirements.

So far, I have never meet a Medical Doctor who needed to use calculus. In fact the only ones that might need to really understand the subject are those who are doing high-level mathematical modeling for Bio-Informatics. For these researchers Calculus is not enough. Your average primary care doctor, *never* uses calculus. They also *never* use Physics! Of course they have all kinds of systems that obey the laws of physics, including blood pressure, syringes etc. But they never treat a patient and think “hmm.. what was the relationship between volume and temperature of a gas….”. They think in higher level abstractions like “When blood pressure is high that could mean X, or Y or Z depending on….”

The real benefit of Physics and Calculus is that they introduce you to new ways of thinking. That new way of thinking makes it easier to understand higher level concepts that you *will* use everyday as a doctor.

I recently had a conversation with a clinician about some work that I am doing on the NPI database which lists every doctor (that prescribes medicine) in the United States. The conversation went like this.

Fred: “I need to munge the data, I need to process the data in a different way than it is listed (a flat CVS file), I need to turn into a real normalized database before I am going to be able to use it effectively”

Clinician: “Wow… Ok… How long will that take you”

Fred: “Well you do not want me to work on this full-time do you? I only have about 5 hours a week I can work on this in my current schedule..”

Clinician: “Yea.. but your other projects are pretty important… given only 5 hours a week, how long would this take?”

Fred: “three months.”

Clinician: “Boy… that’s a long time… I know! Why don’t you just create a database with Texas doctors, instead of all the doctors in the United States! How long will that take?”

Fred: “three months.”

Clinician: “That makes no sense at all. How can that be possible?”

Fred: “Well making the database smaller does not really help me at all, that is the part of the problem that the computer takes care of, not me”

Clincian: “Cmon. A smaller database should mean a shorter time, this seems almost obvious to me. You should be able to do it faster than that. ”

Fred: “Ok.”

Clincian: “Ok, so how long for just a Texas-only database?”

Fred: “three months”

and so on…

Now lets point out… first of all… that this Clinician is not stupid. He was ignorant of how computers, and more importantly of the process of programming computers. This issue is worth discussing in detail because it really illustrates the thought gap between someone who knows how programming works, and someone who does not.

There are many NPI records, specifically in a recent (May 2008) release of the database there were 2,557,650  lines in the comma delimited file as revealed by “wc -l” (subtracting one to account for the first line in the file, which is full of labels… not a real NPI record)

The changes that I need to make to fix the NPI database are pretty complex (fodder for another post) but for now, I will just say that it is a “Complex Reordering of each Record”. Here is how my process for approaching this problem looks:

First I need how to process a single record. So I write a function to do that. For the sake of prose, I will call that function

complexReorderingOfEachRecord( $Record )

I will look at the one Record in the NPI database and then try to pass that Record into the function and see if it does the right thing. The complexReorderingOfEachRecord is a long function, it does lots of really complex things. So complex in fact that I really cannot keep all of its functionality in my head at one time. I use various ways of abstracting the problem so that I can think about the problem in useful chunks, and figure out if each chunk is working.

I am going to actually include some psuedocode in this post.  Psudeocode is code that is not exact enough for a computer to execute, but is clear enough that a human can read it and understand what it does. Programs are like recipies, they are simply exact  instructions that the computer will follow. I will use some basic programming elements in my examples (Note to programmers: this blog is also for clinicians… so you can safely skip this…)

  • Sequential execution – Each line of code is read and executed by the computer before moving down to the next line
  • Variables – a variable is a changing placeholder for information. Each time a program is run, it is possible that the variables will contain different values. I use php, so I mark my variables with dollar signs “$”. This ends of working alot like the “x” in an algebra problem, it can have different values depending…
  • Functions – It is often useful to merge many simple lines of code into a single function. Later you can execute all of the code inside the function by calling the function name and passing data to the function by putting inside the parens “()” after the function. It is basically a way to group useful bits of commands together.
  • If/Else statements – when the computer reaches an IF statment it looks at the contents of the paranthesis “()”beside the if statment. If the contents are “true” then the code inside the braket symbols “{}” following the if statement is run. If the statement in the parens “()” is “false” then the code in brackets “{}” following the ELSE statement is followed.

So the inside of the complexReordingOfEachRecord looks like this

function complexReorderingOfEachRecord( $Record){

reorderingStepOne($Record);

reorderingStepTwo($Record);

reorderingStepThree($Record);

}

(Note to Programmers: I am actually using an OOP design for my project, so in reality these would be function calls on objects, but I want to keep this on a procedural level to make my point)

complexReordingOfEachRecord, reordingStepOne,  reordingStepTwo, reordingStepThree are all functions. The contents of recordingStepOne are not shown, but they are custom functions, meaning that I wrote them. $Record is a variable. There are no IF statements yet.

Ok.. I write this code, test it, debug it about 15 times before it works to import 1 record. But then I run the code on the first 10 records my system blows up! Some NPI records are not for Doctors at all, they are for organizations that provide healthcare: Doh! I need to run the program differently for people vs organizations!

So I modify my function to look like this:

function complexReorderingOfEachRecord( $Record){

reorderingStepOne($Record);

reorderingStepTwo($Record);

$isAPerson = reorderingStepThree($Record);

if($isAPerson){

doOneThing($Record);

}else{

doAnother($Record);

}

}

Now the function has one IF statement that looks in the variable isAPerson and then executes either doOneThing or doAnother based on the contents of $isAPerson.

I have to code, test and debug this another 30 times to get it working. I have to test it more times because the new function calls doOneThing and doAnother do not work without modifications to reorderingStepOne and reorderingStepTwo. I have to switch between thinking about different part of the problem very quickly to make sure it works. To start, everything breaks, but as I discover why, by running the program again and again, I make small changes that eventually make the whole process work correctly. The shorthand for this process is code, test, debug, repeat.

As I am working I start to run the program on the first 100 records. I notice that often the person in the record is not an M.D., there are also dentists and other clinicians who are in the database ! But my work is focused only on M.Ds. So I modify the code again:

function complexReorderingOfEachRecord( $Record){

reorderingStepOne($Record);

reorderingStepTwo($Record);

$isAPerson = reorderingStepThree($Record);

if($isAPerson){

$isAnMD = doOneThing($Record);

if($isAnMD){

processMD($Record);

}else{

processNonMD($Record);

}

}else{

doAnother($Record);

}

}

Now I have a “nested” IF statement, an IF statement that exists in another IF statement.

As before all of the other functions must be modified to make my two new functions processMD and processNonMD work correctly. This requires 50 repetitions of code, test and debug. Sometimes one code, test and debug cycle takes 30 seconds. Usually it takes about 5 minutes. Sometimes it takes as much as 15 hours.

Now I am testing against 1000 rows of the NPI database, and it works perfectly! I have put in about 40-50 hours (or about 3 months at 5 hours a week)

But now what! I have only imported only 1000 rows of the database. Now I will explain how I ran the code on one row, 100 rows and then 1000 rows. I will introduce the WHILE statement to my simple psuedo code.

$i = 1

while($i < 1000){

$Record = getANewRecord()

complexReorderingOfEachRecord($Record);

$i = $i + 1

}

The “while”is just like an if statement, except that when the contents of the curly brackets “{}” are done, then the contents in the parens “()” are re-evaluated. If they are still true, then the contents of the “{}” are run again. The $i variable starts at 1, and then grows by one every time the contents of the curly braces are run “{}”

So how do I import the whole NPI database? I change to code to look like this:

$i = 1

while($i < 2557650){

$Record = getANewRecord()

complexReorderingOfEachRecord($Record);

$i = $i + 1

}

Then I start the program and go to sleep. In the morning, all 2,557,650 records are correctly processed.

Once I had done the work to determine “How to change an NPI record” the computer simply repeated that process for as long as I wanted. Computers are so fast now, that even very very complex processes can be repeated very quickly.

You see *I* never import any data. The computer does that part. *I* the programmer tell it *how* to import that data. Like doctors, when programmers have a simple concept with big implications, we create an important sounding word for it. The important word for *how* to do an information task is “algorithm“.

If you get an algorithm right, computers do just what you want. If you get the algorithm wrong… computers do other things. If you get the algorithm badly wrong… God help you.  This is why computers often seem to have a “mind of their own”; when programmers tell them to do the right thing, they do exactly that. When programmers tell the computer to do the wrong thing… they do exactly that.

Any programmer reading this is likely going blind with boredom. But someone who has not programmed might likely be asking “Wait… what’s a function?” This is actually a pretty terrible introduction to programming. For something more real, I suggest you start here.

My point is this, computers make some types of tasks really easy. Getting to them to do those tasks, without making a serious mistake, is pretty difficult and time-consuming work. If you, as a clinician, do not understand what tasks are hard, and what tasks are easy, then it is almost impossible to evaluate the software you are using. I cannot tell how many times a clinician has requested a “simple change” that has taken me three weeks of programming. On the other hand, I cannot tell you how many times I have seen clinicians (or more often clinicians staff members) subject them selves to terrible software designs that would be trivial to fix.

To create an algorithm you need to understand two things:

  • What the computer can do
  • What the computer should do

There are some people, like my friend Ignacio Valdes, who have been extensively trained in Computer Science and Medicine. These people are amazing, because you can watch them switching back and forth between one part of healthcare IT (Clinical know-how) and the other (Computer Science know-how). But even these few gems (rare as hens teeth), cannot actually hold the complexity of even a single clinical IT problem in their head at one time. That is just not the way that programming, clinical care or anything truly complex works! Programmers must ignore parts of a program to improve on any given part. Clinicians must ignore parts of a patients body to address a problem with one part. (Most heart surgeons, for instance, remain unconcerned about the flaky skin problem while their patients are in open heart surgery.) Knowing what to ignore, and what deserves attention is often the true test of expertise.

The only way to deal with Healthcare IT is to create teams of people to manage the complexity together. The problem with that is that for any given problem domain, there is a danger that the communication cost will grow exponentially in relation to the number of participants. It is common for the communication costs to totally destroy all productivity in a given group. But at the same time, it is simply not possible for a single person to correctly navigate the complexity of even a simple Health IT software project.

The solution to this problem is found in the VA VistA development model. Here are the rules:

  1. You do not work on “the system”, you work on part of the system. VistA is actually hundreds of programs that work together.
  2. Whenever possible you work in pairs. Any more gets unmanageable.
  3. One person must understand everything they need to about the programming of the clinical issue. We can call this person the Programmer. (In the VA this is a Programmer or a CAC)
  4. It helps if the Programmer has a basic healthcare vocabulary.
  5. Another person must understand everything they need to about the clinical problem itself. We can call this person the Clinician.
  6. It helps if the Clinician understands, basically, what is easy, what is hard, what is possible and what is impossible with computers.
  7. You rely on other pairs to address other clinical problems.
  8. You intentionally have redundant “programming pairs” so that you are forced to compete to make better solutions.
  9. When another pair makes a better solution to your problem, you celebrate that and adopt their code as the new starting point.

Its number 6 that this article is focused on. It would be really helpful if Physicians in particular were required to know what a “for loop” meant. Just like calculus and physics they will rarely, if ever, use that information. But for the time being, the fundamental lack of understanding of computer science in clinicians is holding healthcare back. Can you imagine speaking to your doctor if he or she had no idea what the word “pressure” meant in the phrase “blood pressure”. As it stands, most doctors do not really understand what the implications of the word “Information” in the phrase “Health Information Systems”.

What scares the hell out of me is not that the clinician above did not know how the programming process worked. Ignorance has a simple cure: learning. What scares me is that he was willing to pressure me to speed up the schedule, even after I explained how things worked. Trying to force a programmer to take short-cuts to make a deadline is a very very bad idea (see point number 4 here). Doctors, like military officers, often fail to recognize that in “being in charge” is contextual. It does not matter if a Doctor is right about a clinical issue, if they are wrong about a software design issue. The resulting software will fail to perform, despite its clinical correctness. Doctors cannot “be in charge” in software design the way they can in an operating room or in clinical practice. That does not mean they are not vital, it just means they should not be in charge. The programmers should not be “in charge” either. The “Clinical Pair Programming” that I am describing above is a description of the peer thinking that is required to solve these problems. When someone is “the boss”, (meaning they actively back only their own priorities) the system breaks.

The irony is that the few Doctors I know who are my peers with regards to computer science education, are often more hesitant to challenge me regarding my information systems opinions. Do not get me wrong; they often disagree with me, but not more than any programmer would disagree with any other programmer.

This is why I support an undergraduate computer science prerequisite for medical school.

-FT

We need a conference

So I am going to run a conference. I figured this was about as bad a time as I could pick, since no one has any travel budget, and people are getting laid off left and right! However, I have been wanting to do this for long enough that I have decided to something about it.

So why a conference? Here are my thoughts.

  • Free and Open Source in Healthcare has come into its own.
  • Serious players like DSS, e-MDs and Misys are now taking a hybrid FOSS/proprietary approach.
  • Pure plays like ClearHealth and Medsphere are kicking butt and taking names.
  • Grant writers are starting to favor Open Source in their grant applications
  • Huge policy decisions are being made by law makers regarding Health IT, some proposals, most notably Stark’s, strongly favor open source software.
  • Mature Open Source efforts are impacting every aspect of Health IT, including EHR, Bio-Informatics, HIE, Imaging, PHR, etc, etc…
  • Despite having many mature projects we are still operating as a dispersed community.

I have the privilege of being known, and at least a little respected by members of several of the most important FOSS Healthcare projects. Projects like:

  • Tolven
  • Medsphere
  • ClearHealth
  • Mirth
  • WorldVistA
  • OpenEMR
  • OSCAR
  • Misys HIE projects

In fact, I am probably one of the most well-connected people in FOSS healthcare. I think part of the reason is that after I left ClearHealth as project manager, I decided not to start another codebase. I also think that as the original developer of FreeB (a library rather than a standalone project), I have some credibility as a contributor to the movement generally, rather than being loyal to a particular project or group.  Thats fine by me. It also puts me in a really good position to highlight the competition between the projects! I win no matter which project comes out on top! But while competition is healthy, FOSS is also about collaboration, and we do not have enough of it.

Healthcare IT is, probably even more than IT generally, an ecosystem. We need software to do hundreds of very different tasks, and that means tens of thousands of programmers all need to be working in some kind of coordinated manner. There are several areas where collaboration in Health IT is critical:

  • Interoperability
  • Web Services
  • Service Oriented Architecture
  • Library-ization of critical functionality
  • Good ideas moving between projects

My own project, FreeB, was one of the first Health IT specific FOSS project to be useful to several other FOSS projects. Now Mirth, from Webreach, has taken the title of “most helpful project for other projects”. We need more of this kind of cross-project code, that other people can rely on and build on.

Meeting together gives us common direction, allows us to reduce duplication of effort, and is generally fun. I would love it if I could abandon projects because better stuff that I did not know about was out there! The projects listed above are doing really well and almost all of them have communities that they are building! But I get a call every month from a legitimate project or a new effort from a standing project that says “How do we build community”. I am also humbled by new projects taking on different problems (Like Trisano) or by companies that seem to “get it” out of the blue and take the plung into FOSS (like DSS)

WorldVista and OpenMRS are the only two projects that I know of that are large enough and successful enough to have their own community meetings. Both of these communities rave about the level of progress that is made during large community meetings. I have been to the WorldVistA meetings and they are a tremendous amount of fun! One of my personal goals in life is to one day attend an OpenMRS meeting in Africa or South America!

But other projects are too small to make a community meeting worthwhile. You have to rent the space, sort out the food, sell tickets, provide t-shirts… It is daunting to do a community meeting and it is not worth the effort if only 5 people from your project can make it.  The problem is that it takes meetings to jump-start community and community to make meeting worthwhile.

So I am starting a conference, which I hope will at least be held yearly,  that will do three things.

  • Provide one-stop shopping for people interested in using, developing, selling or buying FOSS software in healthcare.
  • Provide a place where projects meet, compete and collaborate.
  • Provide a place where projects of any size can hold face-to-face community/development meetings without worrying about the details.

With that in mind I am happy to announce FOSS in Healthcare. This conference will be held in the Summer of 09 (July 31 – Aug 2) in Houston T.X. Click here to register.

There are two big issues I need to address:

1. I need to know how many people are coming so that I can escalate my facilities if I need to and 2. I need to make this conference affordable to the individual FOSS enthusiast.

With that in mind, we are offering 1 month of early-bird registration at $60 a person.  After that the fee goes to $250 per ticket. Basically, that means that if you register now, the sponsers (contact me if you want to be one) will be paying your way, but if you wait… its all on you!!

I might offer some kind of middle ground like $120 per ticket the month after the $60 deal runs out… but there are no guarentees. I can promise you that $60 a ticket is as cheap as it gets.

Please drop me a comment about what you would like from a FOSS Health IT conference! At this stage I might be able to accomidate a really good idea!!

-FT

DSS frees vxVistA, changes the VistA game

According this press release on LinuxMedNews   DSS will be releasing vxVistA under the EPL in association with the Open Health Tools group.

This is huge news. DSS has been a proprietary VistA company for years. They have a tremendous amount of respect in the VistA community for technical competence and they have been slowly building important extensions to VistA for a long time.

vxVistA is a culmination of many of those improvements. DSS has many proprietary components, and not all of them will be released with vxVistA. I understand that DSS will soon have information published through its website that clarifies what is being released and what is not. They have already said that the version that will be released will not be CCHIT certified, although the codebase will largely be the same.

Still I have it on good authority that the release will be substantial. This is important because there are many missing components of FOIA VistA that vxVistA could address. It is not unreasonable to speculate that vxVistA could be the most technically advanced variant of VistA available under any license.

If they know what is good for them, Medsphere and ClearHealth will be paying careful attention. The moment this release is realized is not unreasonable to say that DSS is now the top company for open source VistA. They have more customers than either ClearHealth or Medsphere. They have extensive functionality in vxVistA that is not found in WebVistA (ClearHealth), OpenVistA (Medshere) or WorldVistA. DSS has a much deeper pool of VistA talent than any other single company that I know of. Do not get me wrong, Medsphere and ClearHealth have very experienced developers, but DSS has focused on MUMPS and VistA for years longer than either company has even been in existence.

It remains to be seen if DSS knows how to be an Open Source company. But they have always been straightforward, honest and open about their opinions and business strategies, and that is probably the most difficult lesson to learn.  If they can create a community portal that can compete with Medsphere.org (which is the best community site in the health FOSS industry) there may be no stopping them.

This is a game-changing announcement. At least I will have some fresh material for my next “State of the Source” talk.

EPL is a solid license, approved by both the FSF and OSI. That makes it both “free” and “open source”.  It is the license of choice for the OHT which will be hosting the code base. It is specifically designed to handle a project that has a FOSS core that will not be a threat to proprietary modules. Since DSS will be a hyrid proprietary/FOSS company for the foreseeable future, the reason for choosing the EPL should be obvious. So far, OHT has done little of substance, given the caliber of partners and resources that it has.  Many of us have been wondering when OHT would do something significant.

The fact that DSS has chosen to release its code through OHT brings a new relevance to OHT. There should be no confusion however; OHT is relevant because it is working to release DSS code, not the other way around. The code that DSS is releasing has the potential to be vastly more valuable than anything OHT has even attempted.

I want to point out that the devil is in the details. I have been assured by DSS President Mark Byers that the release will be significant, but I am not enough of a VistA expert to be able to determine to what degree this is true, even when DSS clarifies what they are releasing.  Because so much is available in FOIA VistA it might be difficult for a novice like myself to determine what the real value of DSS really is. Thankfully, the Hardhats community will quickly asses the value of the DSS release, and let MUMPS-outsiders like myself in on the evaluation in short order.

No matter what, this marks the entrance of DSS as a serious FOSS health IT vendor. To which I can only say “Welcome!”

-FT

The Tridgell Effect

If you follow Linux Kernel Development, you may have heard of git. Git is a de-centralized source code management system that is famous for its speed.

Git was originally developed specifically for the Linux project by Linux founder Linus Torvalds. But other projects have begun using it. X.org, Ruby on Rails, and WINE are all listed as users. Recently, the perl project has announced that it has migrated to git, which prompted this story.

Git was created because the Linux project lost its costless license to the proprietary BitKeeper product. The company behind BitKeeper had been donating licenses to the Linux project members for the sake of publicity for its product. BitKeeper revoked this license because of the work of Andrew Trigell, a famous free/freedom software developer. Trigell is most famous for his reverse engineering work as part of the Samba project, which allows GNU systems to share files with Microsoft Windows systems.

The creation of Git, and the recent successes that it has had, is an example of what I like to call “the Tridgell effect”.

The Tridgell effect is what happens in the development community as the result of developers who are motivated by primarily by freedom. It might be summarized by the phrase:

“Developers who crave freedom over functionality will initiate projects to replace proprietary applications, even when those proprietary applications work correctly. Once these projects are initiated other members of the FOSS community, including developers who are not primarily motivated by freedom will make these projects successful”

There are many who develop freedom respecting software for reasons other than the respect of freedom. They do it because its fun, they want to have software that does things themselves, and countless other reasons. Often developers who develop freedom respecting software who have motivations other than freedom, call themselves “Open Source” developers. Torvalds himself falls into this catagory.

Lets look at the chain of events that lead to git.

  1. The Linux project, based on the leadership of Linus Torvalds, is satisfied with a proprietary source control product, Bitkeeper.
  2. Tridgell pisses off the Bitkeeper company and Linus by developing a freedom respecting implementation of a Bitkeeper client.
  3. The Bitkeeper company revokes the Linux projects licenses.
  4. After getting used to the features of Bitkeeper, Linus finds current freedom-respecting source control applications wanting.
  5. So he writes a new source control application, git, that has many of the features that were found in Bitkeeper, but also respects freedom.
  6. git becomes a powerful project in its own right, powering the source control for many important large FOSS projects.

Looking at this sequence we see several things: Tridgell rocked the boat and was unpopular for doing so. As the result of his actions, but not as a direct result of his own programming, a new freedom respecting source control system for the Linux project emerged. I believe that git could be properly termed as a “fork” or “rewrite” of the original FOSS Bitkeeper client project that Tridgell initiated. The irony here is that the “client” was trivial.

By starting a trivial development effort, but then sticking to his guns on the matter, Tridgell spawned a whole new project, substantially decreasing the communities dependence on a proprietary project.

This is why FOSS projects will win in the end. Only a few of us need to be absolutely convinced that software freedom is important. There are enough people who need software and software freedom, that “if we build it they will come”.  In the end, freedom respecting software wins.

-FT

What does it mean to have a hospital EHR?

People talk about EHR, and EMR as though these things always mean the same things. Generally what qualifies as an EHR varies greatly. When you say the word “car” do you include trucks? trucks with 18 wheels? tanks? airplanes when they are on the ground? boats with wheels?

The frustrating thing about both the word “car” and “EHR” is that they can both be used as a “class” of things as well as a specific instance within that larger class.

Technically any “Practice Management System” is an EHR because its on a computer (electric) it has a record of what happened to a patient (health record). Most people specifically do not mean a Practice Management System when they say EHR. CCHIT is one effort to correct this, by creating a set of standards that EHR systems must live up to.

What happens when you specifically define an EHR in terms of functionality? You find out that almost no one has one.

Everyone is talking about the “bad news” that was just released at AHIC. But most industry insiders have know that deep adoption of EHR technology is laughable. What is interesting about the results above is how they defined an EHR, and how reasonable that definition is!

Here are the results.

Feature Comprehensive EHR EHR Lite EHR Really Lite
Patient Demographics X X X
Problem Lists X X X
Medication Lists X X X
Discharge Summaries X X X
Lab Reports X X X
Radiology Reports X X X
Medications X X X
Physician Notes X X
Nursing Assessments X X
Advance Directives X
Radiology Images X
Diagnostic Test Results X
Diagnostic Test Images X
Consultant Reports X
Lab Tests X
Radiology Tests X
Consultation Requests X
Nursing Orders X
Clinical Guidelines X
Clinical Reminders X
Drug Allergy Alerts X
Drug-Drug Interaction Alerts X
Drug-Lab Interaction Alerts X
Drug Dosing Support X

And the results out of the hospitals surveyed:

Comprehensive EHR Lite EHR Really Lite
1.7% 7.9% 12.0%

The whole point of EHR “Really” Lite was to get the score as high as possible… Even then the usage scores are very poor.

But consider this:

Jha noted in an aside that the percentage of U.S. hospitals with fully implemented EHR systems would double if the Veterans Health Administration at the Veterans Affairs Department were included, because virtually all of the VA hospitals have a comprehensive EHR under the survey standards.

According to this survey, at least, half the hospitals in the country that have comprehensive EHRs, are VA hospitals running VA VistA.

01-26-11 Update:

It is important to remember that one of the authors of this study was none other than David Blumenthal, currently the National coordinator for Health IT. He is the person most responsible for defining “meaningful use” which, supposed to fix precisely this problem.

-FT

Wikipedia weak on drug information

Reuters is covering the news that Wikipedia is missing critical information about medicines that it covers. Specifically the following results were found:

(researchers) found few factual errors in their evaluation of Wikipedia entries on 80 drugs. But these entries were often missing important information,

and

The researchers compared Wikipedia to Medscape Drug Reference (MDR), a peer-reviewed, free site, by looking for answers to 80 different questions covering eight categories of drug information, for example adverse drug events, dosages, and mechanism of action. While MDR provided answers to 82.5 percent of the questions, Wikipedia could only answer 40 percent.

This is an interesting result. The strength of wikipedia has long been it comprehensiveness. You could find reasonably reliable information there on relatively obscure subjects. The weakness of wikipedia, alternatively, has been its accuracy. So while you might be able to find information on attempts to recreate extinct species, the article might be innacurate in unpredictable ways.

There has been a movement within the wikipedia community to improve the overall quality of the articles. This has resulted in many articles being deleted because they are written in a loose, unreferences style that would have been tolerated in earlier versions of the site.

Apparently, for drug information, the issue is not accuracy, but a lack of comprehensive information.

This has implications for those of us who are intersted in using collaborative, social approaches to Health Information. Depending on what you mean by Health 2.0, this may have important implications for that movement.

Of course, I have to wonder: how do you code around this type of problem?

-FT

My wife attends the University of Houston.

Normally, I reserve this space for discussing Health IT matters, but in this case I must make an exception. UH is one of the most frustrating institutions I know of. I believe, that UH has one of the most ineffective Information Infrastructures I have ever seen. So I am devoting a new topic in my blog to discussing my frustrations with it. My wife (Laura) and I have been having multiple, serious frustrations for some time, and each time I imagine that I should write something about it. But I do not want to start yet another blog, so I am going to use a category of this blog for now.  Perhaps I will use RSS etc to turn this into a separate blog. If you are interested in my Health IT posts… please skip this.

Today vnet.uh.edu is down. Vnet is the portal for students to receive course materials from their professors. Why? As best I can tell, it is down because it is test-time. The university education website is down… when it is needed most. It is probably down because it is being flooded with users. It is being flooded with users since so many students have a test tomorrow.

In short, vnet is exactly the sort of tool that breaks when you need it most.

There is little that vnet does, that Moodle does not do. Moodle, because it runs on Linux, can happily sit in the cloud at Amazon or Rackspace, which means that it can scale (in an automated fashion) to the point that entire countries could hit the website at the same time.

But instead it is being hosted either by the school or by vnet. In either case, it breaks constantly. According to this video vnet “leverages open source”. However, the vnet website has no mention of downloads, community or license. That usually means that the application is 100% proprietary. Further, it is easy enough to conclude that VNET was primarily developed by UH.

I am sure that VNET has some features that Moodle does not. But instead of adding to Moodle, and using a known-good platform, UH has decided to use a platform that they built themselves.

Now my wife cannot get to her documents. And I am sitting here pressing “refresh” in the hopes that I will be able to get onto the site, so that my wife can pass her Genetics class.

-FT

Google Flu Trends and Privacy

Google.org, which is the philanthropic arm of Google, has released Google Flu Trends to great fanfare and criticism.

Google Flu tracks searches for flu symptoms on Googles search service. So if I type “achy headache” into Google, it might count the search as evidence that I, or someone I was caring for, had the flu. Enough people use Google for search that Google can use searches like this to track the spread of the virus across the country. The science of tracking diseases is called epidemiology.

Currently epidemiologist use anonymized data from several sources to track the outbreak of disease. They can get data from pharmacy purchases, or from Emergency Room visits. They merge this data against other information like weather patterns. Using these data sources the Centers for Disease Control and Prevention (CDC) can get a pretty good picture of what is happening in the US regarding the outbreak of disease. It should be noted that these “traditional methods” allow the CDC to watch out for far more than just influenza. They use the system to ensure that any number of potentially catastrophic diseases to silently spread across the planet. What is interesting about Google Flu is that it is more effective than the methods mentioned above at predicting flu outbreaks by two weeks.

While I think that Google Flu Trends is fascinating, I am more interested in the privacy implications. I use gmail. I use Google Maps extensively ( I make map labelled with the cool things in my neighbourhood). Google has a photo of the front of my house on Street View. I have used Google Checkout to make purchases so Google knows my credit card information (or did). It is pretty obvious that Google is sensitive enough to make an educated guess that I might have influenza based on a search that I make. It is probably capable of making a guess that I have HIV, or Cancer, or Diabetes. All of this is independent of me using their Google Health application to track even more detailed information about allergies, procedures and drugs. “Google knows” is a bloody good assumption without evidence to the contrary.

Sounds pretty scary doesn’t it? The only reason I am even the least bit comfortable with this is the Google Corporate Motto: Don’t Be Evil.

Google takes this pretty seriously, you can tell because they loose money not offering gmail in China, where they cannot guarantee privacy of communications. They also told the Justice Department to shove off, when they asked for search histories. Both of these efforts cost them money so that they could live up to their motto.

That does not mean that I trust Google, it means that I do not trust them less.

I have been an on/off critic of Dr. Peel and her Patient Privacy Rights group for quite some time. But I must applaud her recent efforts to advocate for patient privacy rights regarding Google Flu Trends. 

In move consistent with their model Google responded to the Google Flu Trends concerns. Google specifically claims that their search data retention policy applies to the flu related data as well. That is very good news for people like me, who tend to obsess about the details of security and privacy of health information.

-FT