Really cool, and I love that they made a video.
But if you want to understand the meat of the story, better to read this Halamka post.
Really cool, and I love that they made a video.
But if you want to understand the meat of the story, better to read this Halamka post.
I decided to enter the Health 2.0 Developer Challenge.
My submission is toeleven.org
My goal was to find a way meet one of the challenges using some kind of integration with our new Audio PHR system Your Doctors Advice. (At the time of the writing its in a closed beta… you can sign in, but cannot use it yet) This has been the project that I have been working on for almost a year, with Cautious Patient. but I let time get away from me, and I could not find a way to get anything interesting done in time, that applied to any of the Challenge categories. Next year we will consider writing our own challenge.
But I discovered that a part-time project that I have been working on for the last month or so actually applied to a contest to re-implement some of the original Project HealthDesign applications. One of those applications was, specifically, an application designed to track Observations of Daily Living (ODLs) for people with chronic pain. I have friends and family with chronic pain, and I actually wrote this application to help one of them keep a pain/food journal more easily.
The contest had two requirements: re-implement one of the original designs from one of the videos, and use a “commercially available PHR service that can securely store the data”. What is a PHR? It is a personal (or “personally controlled”) health record. What the contest makers meant was to try and get new functionality available in Google Health, or HealthVault or Dossia or the like.
Well Google Health has been, until very recently been incapable of storing ODLs because it insists on the limited data that a CCR can encompass. Even with the new update, Google Health has limited abilities to store arbitrary data. Im not sure if I can easily include pictures of food in a Google Health app (this might have changed recently). HealthVault has famously supported the recordings of arbitrary data, but is so capable in this regard that there is little need to force the data into any standard at all. If I want to participate in either approach, I have to go through very extensive integration and approval process. Neither platform is truly open. Perhaps that makes them “safer” for patients, but perhaps that just makes them walled gardens with useless inscrutable iphone-app-store-like approval process that stifles true innovation… you know… one or the other….
I much prefer Twitter and Facebook as application platforms, who have far more open application approval processes. These platforms have realized that their success is tied to the openness of their networks. They are acting much more like “Internets with new protocols”.
But Twitter is not appropriate for health data… because it is essentially a public broadcast medium? Right? That is the way it is typically used, and it is certainly a broadcast technology. But it is not necessarily “public” broadcasting. You can change any twitter account into a protected account, that will ensure that only people you want to see it can see it. So Twitter is “commercially available” that can “securely store the data”, but is it a PHR? I think it is if you use it like one. In fact, it is probably one of the most popular platforms for logging health, wellness and fitness information on the planet.
I think an application that relies on Google Health or HealthVault faces an uphill battle, because that is not where people are tracking ODLs. People actually use Twitter and Facebook to track what is happening in their lives. They use it to record their mood changes, their stress levels and details about how their bowels are moving. Most importantly for my purposes people are already using Twitter as a food diary. If you want to save time you can just take pictures of your food and use that instead of trying to write down anything. If you are interested in finding out what food might cause pain you are more interested in ingredients than calories, and so food diaries that focus on accurately tracking calorie intake are overkill.
So I wanted a way to simply and easily track ODLs of pain, using Twitter, right beside the already smooth process of tracking food intake.
But I wanted to do this in a way that would be easy to data mine, so that I could take the food data, or pictures, and overlay that in a data-mining friendly way with the pain data. Obviously, I needed a good syntax for recording the pain information, and so I did some research on micro-blogging ODL syntax options. I ultimately settled on the grafitter syntax, because its site was actually up and doing cool data mining stuff. But I did not want my friend to need to actually learn any kind of “twitter syntax” to log her pain. Instead I wanted her to have a simple web form that she could use on her smart phone, that would allow her to quickly and accurately describe her pain. Just like the video from Project Health Design on Helena.
So what is Helena doing? In the video, she is recording which medications she is on. But that is one of the few things that doctors have (or should have) accurate data on. Other than recording that medication data, she is simply creating a ODL system that is customized to her world, allowing her to track -when- she takes the medications, which in her world is just “the yellow pill” or “the big pill”. Moreover, she wants to log three specific things that seem to impact her pain: sleep, yoga and the local weather. But the Twitter ecosystem already takes care of all of that. There are devices that track sleep, that can log the sleep quality data to Twitter. Helena could use fitbit which could log her movement during yoga workouts to Twitter. She can even use Twitter to track the local weather.
Helena and my friend, both have the ability to log very different kinds of data to twitter that are difficult and or time-consuming to acquire in any other way. All they need is a method to create and record their own “Pain Tracking Interface” that could be used to describe what they were going through. One of the project health design teams described one such interface, as part of the many things that the teams released.
So I built a new Twitter application to do that. Its easier to understand if you see it in action once, so here it is:
You can try the application yourself at toeleven.org
So this is not only a method for creating a “Pain Tracking Interface” but for tracking anything you want to perform careful date-stamped quantitative analysis. There is little that you could not track using the system, and it will perfectly interface with any other Twitter data stream so that you can perform data analysis on yourself easily, using Grafitter, or something else just like it.
I want to be clear. I did not write this application to win the contest. I wrote this application to help my friend. It is far enough along that my friend can do what she needs to figure out her pain. This idea can easily go farther, but this is not my main priority. I am going to talk about where this should go, but do not assume that I am going to be the one to do this. Competition and collaboration welcome.
I am releasing all of the php sourcecode for toeleven.org as Open Source as soon as I have the cycles. I think the following work needs to be done on the system.
I also did not submit the application to win the contest, as much as to try and reframe the problem. I want to make a difference in the world of Personal Health Information, and I know I am not alone in this. But we need to stop trying to force people into behaviors that they will never commit to. The largest single “addressable” healthcare issue is compliance. If we all did what we should know that we are supposed to do, then many of the difficult healthcare problems, like Diabetes, Heart Disease and even HIV would become rare events, and manageable for our society. I am overweight. So I have a compliance problem. I need to focus on losing the weight, which will protect my heart in the long run, rather than interfacing with some software that I have to comply with. Our goal with the Audio PHR, is to create an application that helps people do the right thing more than it creates new user burdens. I am not convinced that our PHR philosophies are simple enough. I am not convinced that toeleven.org or our Audio PHR is simple enough. But they are simpler. That is a step in the right direction.
Normally, I would also talk about how we need to be working together on open systems using open source software at this point. But Project Health Design and Robert Wood Johnson are absolutely the choir when it comes to that sermon. They understand the potential of Open Source. My goal with submitting this application is not to win, although that would be nice. My goal is to completely reframe the problem. I want them to see that their notion of PHR is trying to force people to move against the current. Facebook and Twitter applications, whatever else you want to say about them… are “with” the current. People are there, using those systems, that is where the action is. We need to bring the behavior changing healthcare innovations to the people, not the the people to the innovations. This is a big paradigm shift, but it is at the heart of Open Source. Essentially I am a developer on one of the Health Design projects, and I have made a pretty signifigant problem into what Torvalds calls a “shallow bug”. The bug is “How do we get people to signup to use this stuff?” I have solved half of that problem, people are already signed up to use Twitter, they just have to use Twitter in a new way… as a PHR.
Eric Raymond experienced this kind of paradigm-shift from a contribution with his fetchmail project. I have quoted this before and I will quote it again:
The real turning point in the project was when Harry Hochheiser sent me his scratch code for forwarding mail to the client machine’s SMTP port. I realized almost immediately that a reliable implementation of this feature would make all the other delivery modes next to obsolete.
For many weeks I had been tweaking fetchmail rather incrementally while feeling like the interface design was serviceable but grubby – inelegant and with too many exiguous options hanging out all over. The options to dump fetched mail to a mailbox file or standard output particularly bothered me, but I couldn’t figure out why.
What I saw when I thought about SMTP forwarding was that popclient had been trying to do too many things. It had been designed to be both a mail transport agent (MTA) and a local delivery agent (MDA). With SMTP forwarding, it could get out of the MDA business and be a pure MTA, handing off mail to other programs for local delivery just as sendmail does.
Why mess with all the complexity of configuring a mail delivery agent or setting up lock-and-append on a mailbox when port 25 is almost guaranteed to be there on any platform with TCP/IP support in the first place? Especially when this means retrieved mail is guaranteed to look like normal sender-initiated SMTP mail, which is really what we want anyway.
There are several lessons here. First, this SMTP-forwarding idea was the biggest single payoff I got from consciously trying to emulate Linus’ methods. A user gave me this terrific idea – all I had to do was understand the implications.
I really think the toleven.org Twitter-centric design is fundamentally more effective than the whole Common Platform effort. While I think both the Common Framework, and its top competitor the Indivo X modular architecture, have some value, they are fundamentally fighting a losing fight, trying to turn the masses into using PHR systems to log data. Forcing each application developer to write code to a separate API which does exactly the same thing in a different way is a non-starter. The only time that happens is when developers have a big motivation. An API is only useful when it has users behind it, and lets be honest, HealthVault and Google Health do not have users. Neither do Indivo X (which is still alpha/beta) or any implementation of the Common Platform. The only PHR systems that actually have any users are the MyHealtheVet application from the VA and the Kaiser PHR. Both of those applications are gateways into deep connection into those respective integrated healthcare delivery systems, something Google Health and HealthVault are not (although they might be someday soon.)
My grandfather once advised me “Never play a man at his own game”. I have taken that to heart. I now live by a modified form of that advice:
If I am failing and cannot see why: change the game or change the rules.
That is why I work with Open Source. It allows me to change the rules. I want to thank Robert Wood Johnson for their commitment to Open Source. The information that their project released made the application that I built for my friend more capable. It allowed me to flesh out the design and prevented me from building a special purpose application. Thanks to Michael Botsko for making a good jQuery Form builder. People like him build tools that let people like me try and make a difference.
My father, Clayton Trotter, is running for congress in San Antonio, T.X.
He has won the Republican Nomination against incumbent Democrat Gonzalez. He has the support of the local Tea Party.
My father is a true conservative both socially and fiscally. A federalist in the tradition of Ron Paul. My personal opinions often go against my father. Like the majority of Americans I tend to be financially conservative but socially liberal.
I doubt the rest of my immediate or extended family will be following my lead. They do not support my fathers complete conservative bent. They seemed shocked to learn that I would be supporting my father. I am also very close to many liberal friends who also might be baffled by my decision. How could I support my father when we diverge on so many issues?
The answer is simple. My father, whatever is political stance, is far more qualified to represent San Antonio and Texas in the United States Congress. It is not because he is a legal scholar of the first rank, though he is, and it not because of his conservative politics (which I can assure you are sincere.)
Losing him broke my heart. It broke my fathers heart. It devastated my family.
I will support my fathers campaign to run for congress because his broken heart qualifies him to decide whether the United States should go to war. His broken heart qualifies him to monitor and approve defense spending. My father is qualified to prevent a defense spending program that allowed defense contractors to make billions, even as national guardsman were self armoring vehicles in Iraq. I believe that he will read those bills a little more carefully, that he will pay closer attention when generals and admirals testify, and he will work harder than the thousands of congressmen who have no concept of the real consequences of even their smallest decisions. I know that he will do this in peacetime as well as during war, so that our soldiers, sailors, marines and airmen have what they need before they are sent to fight for us. I know that he will not tolerate the Washington bullshit that puts our service members at risk. I know that he will not put politics, even Republican politics, before the military. I know that he would happily give up his political career to save the life of even one soldier; someone-else’s Byron.
Our minor political differences pale in comparison to this single issue.
My father did not know it, but he prompted me to write this post by leaving the following message on my google voice account. He decided to visit my brothers grave at Arlington national cemetery today (the anniversary of 9/11) on his visit to Washington. While he was there he left this message for me. I am publishing this without his permission, because I want to give you insight into the man he truly is. I want you to see him as I see him, formidable, but also deeply vulnerable. His own words are the deepest endorsement I can make for him. I hope he does not mind too much.
Like all politicians, he needs contributions to win, please consider helping him.
Recently I have been approached by a clinic in Austin that operates under the assumption that there is a causal relationship between childhood vaccinations and autism.
This will not the first foray into the thick of bio-ethical debates. I have, in the past, advised both planned parenthood and catholic clinics on how to use open source healthcare software.
My policy for organizations like this is simple: I almost always help them. My software or software ideas can improve the experience of patients at any clinic, even if that clinic is taking a position on an ethical issue that I am unsure about or against. Most importantly there is nothing that I can do to change the position of the clinics in question, one way or another.
I hope that in the end, open source software will help to resolve some of these ethical debates by providing a cheaper means to get better quality data. While my opinions cannot change policy better data can.
So will I help this clinic? Probably. Will I allow this clinic to advertise my help as any kind of endorsement? Definitely not. Which is basically the same position I take on any reasonably complex bioethical issue where I can see both sides of an issue. Of course many in my community would say that members of the anti-vaccine community do not deserve this kind of benefit of the doubt.
Before climate-gate I might have agreed. But now I am much more sympathetic to arguments that run contrary to modern scientific consensus. I fell very betrayed that centrally referenced climate data was fudged by respected scientist in order to support a very specific conclusion. Because of the pharmaceutical corporate interest I am afraid that vaccine safety data might have been similarly fudged.
It is my hope that providing a clinic with a dramatically different agenda than the main stream medical community with cheap and effective tools to do advanced data gathering and analysis that I might provide them with a kind of truth-over-pressure. If vaccines can cause autism, then they should be able to generate some reproducible data that shows that. If vaccines do not cause autism then by giving this clinic better data tools I hope that I might be able to create a kind ideological implosion within the organization. I hope that I am not enabling an organization that is torturing kids with invasive, traumatizing procedures for nothing. But unfortunately I am not in a position to make that determination.
I hope, truly, that I am right to take this approach. I hope that the assumption that transparent code plus transparent data can create pressure to find the truth for other difficult issues is right. It feels like, more and more like I am betting more than my career on this idea of open source software in healthcare… I am betting my conscience too.
I would like your comments about my approach generally and about this situation specifically.
Once more, the debate about “whether” to migrate VistA from MUMPS has come up again in main stream press.
This always makes me sad because it shows just how fundamentally ignorant people are of what VistA is.
So lets get something straight. If you are not using MUMPS, in some form or fashion, it is not VistA. It is a new software project. New Software projects to develop comprehensive EHR solutions, do not work. Ever. That is called “Big Bang Development” and it is utterly doomed to fail.
In order to create an EHR system you have to grow one. You start with a system that is not comprehensive, you use it anyway, and then it grows into something that is a comprehensive EHR system. You cannot take a comprehensive EHR and assume that you can re-write it, from scratch in another language and that it will work. That is just unfathomable.
This has been tried, several times, and consistently failed.
So the reason that it is not “an option” is that it will fail. Thinking about it as an option is simply madness.
It is very like saying, “We need the Linux Kernel to improve, so we will recode it in Java.. not enough people are trained in low-level C programming” The folly and hubris should seem clearer now perhaps?
You might try drastically reinventing what MUMPS is, like ClearHealth, but you cannot simply “get away from it”.
Another example might be “New York has proven that the street + subway system is effective, the city planners of Venice should adopt that in place of the canal system that they currently use. Obviously New York shows that these modern features are capable of moving far more people…” The reason Venice does not consider a subway system is that it -cannot- work. The city planners there know that, so they never try.
It is ironic that people who say “we should move away from MUMPS” consistently consider those of us who actually understand the architecture and design of the system, and insist that we continue with MUMPS as a kind of “particularly obstinate political faction”, from the link above:
“Is MUMPS the right entity? I think the obvious answer is ‘no,’” Meagher said. “It just happens to have a bunch of very committed people who want to stay in that environment.”
When an engineer says “I can think of no way to achieve near light speeds in our lifetime”, he is not taking an obstinate political position. It is not “pro-light-speed” vs “against-light-speed”. The engineer is taking a position based on what he understands to be achievable.
When I say “VistA must stay with MUMPS”, I do so based on the only relevant evidence’ efforts to move away from MUMPS have consistently, and expensively, failed. I do not like MUMPS at all, but I have a pretty solid understanding of software engineering and you simply do not simply migrate to a new language for a codebase as large as this.
Recently I have had several people who have asked me for advice and council on how to do Internet Marketing. It looks like my day job is considering taking the plunge as well. As a blogger, I know an opportunity to kill two birds with one blog post when I see one. So here are my thoughts on Internet Marketing in the age of social media.
First, a little history. It used to be that Internet Marketing was all about communicating effectively with a web site and email communications.
For a website, the general advice was that you wanted it to be important in Google’s eyes, essentially the process of SEO. You wanted to make sure that your domain name was easy to type, and easy to spell. You wanted to make sure that your users could find what they wanted on your web site. A website needs great analytics tools so that you can track how your web site is being used.
For email communications you had to decide if you wanted to have only an outgoing email campaign (broadcast only), or a mailing list (communication between everyone). If you wanted and email campaign you wanted to make sure that you had beautiful html emails that degraded gracefully into text emails. You needed to be sure that your html emails worked in the most common mail clients (harder than it sounds). For a mailing list you wanted to make sure that no one was added by mistake, and that no one was spamming people through your list.
Anyone who knows about these types of marketing systems can tell that I am barely scratching the surface on these issues. Moreover, it is also clear that while so-called “Social Media” has become really important, these older modes of communication are not less important, they are just… older.
So that is the backdrop, in brief, for the Social Media revolution. What is the big deal about Social Media? Way out of scope for this post, but I will inline probably the best video proving the point that I have seen. If you have not seen it, then watch it. If you have, then you probably already know why Social Media is a big deal.
The question posed at the beginning of this video is “Is it a fad or is it a revolution?” As is often the case to questions like that, the answer is “Yes”. Social media has lots and lots of people connecting meaningfully with lots and lots of people, but that does not mean that you will be able to get your message across using Social Media. All it means is that there are people there. Its a lot like Lubbock, Texas. For whatever reason, there are hundreds of thousands of people living in what appears to be a desert. Why would you want to live there? Because there are hundreds of thousands of people there. There is probably a reason why the original people made that city, but no one moves there now because of scenery, they move there because there are already people living there. This is much different than something like Las Vegas. Its a city in the desert that was built specifically so gambling could be legal. That is why people moved there. (I also do not understand Phoenix…)
So the next question is “What is your message?”
Social Media people often “sell” Social Media as “the new business requirement”. They say things like “You have to be on Facebook” or “You need to have a Twitter account”. But that is really not the first question. The first question is “What is your message?”. Unless you can define your message, clearly, in a sentence or two then nothing else I am going to say is going to make sense. For fun, and because we are going to talk about Twitter soon, see if you can put your message into 140 characters. That is basically two short sentences or one really long one. Its OK if you need to go over a little, but if you need to have four or five 140 character blocks then that should be insight that you have more than one message. That is OK, but you need to recognize that you might need to follow significantly different strategies for each of your different messages.
So do you have your message(s) in your head? OK then.
To make an impact you have to learn to use the Internet Marketing tools well and then you have to apply them in meaningful way. This is a lot like a carpenter’s toolbelt or a musician’s set of instruments. First you have to master the tool and understand the deep implications that subtle details of each given tool. Just because a tool is a type of hammer does not mean you can use it do mount photos (imagine using a sledgehammer to tap a nail into drywall). Just because it is an instrument does not mean that you will fit in with a given band (imagine bringing a tuba into a rock band). The first level of tool mastery is understanding how to use the right tool for the right job. the second stage of mastery is knowing when to ignore what you learned in the first phase (for instance, Ska is a movement, within rock music, to embrace brass instruments).
Note that true mastery of a tool is being able to use the tool to do something else amazing. When Michelangelo was painting the ceiling… there were thousands of painters who knew how to use a paintbrush as carefully as he did. But they were probably painting signs, or the sides of barns. The ability to use the paintbrush is only the first step towards being Michelangelo.
This should sound obvious. But here is how I think this basic tool mastery is playing out in Internet marketing.
OK, so what does these phases mean? First I should admit that I was inspired to make this chart by two different sources, one is Meatball Sundae: Is Your Marketing out of Sync? By Seth Godin. The other is a blog post entitled: The multiple phases of social media integration which is where I borrowed my three phases ( of course as a computer scientist, I must count from zero).
Obviously, what everyone wants is to make an impact with their marketing. To leave people with a message burned into their minds, and happy that it happened. Once people see the Sistine chapel (on my bucket list) they will never never think about it the same way, and they will never forget the experience.
Is this possible with Internet Marketing? Yes. I will give you two examples.
First, if you have bought a book recently online and you immediately typed in Amazon.com then you have experienced this effect. The word “Amazon” has nothing to do with books. Yet when you want to buy a book on the Internet you probably go there automatically. Why? Because you have had a Sistine Chapel- style experience there and you will always remember it. Note that this is a great example of a company that was able to achieve this with just a website and without any kind of Social Media. Ebay and Google are other good examples.
Rather than just talk about the second example I will show you. Blendtech is a company that makes really good blenders. That is their message. That is what they want burned into your brain. After you watch the following videos, you will always remember that Blendtech is a company that makes really good blenders. You will be unable to remember the name of any other blender manufacturer, but you will never again think about where you would get a really good blender… if you needed a really good blender. Please watch the following two episodes of “Will it Blend”.
Its two things that are great by themselves but still do not go together. Meatballs and Whipped Cream/Chocolate. This is the worst case scenario for Internet Marketing efforts. This is what happens when you fail to recognize that Internet Marketing and/or Social Media (two terms for the same things nowadays) really does change things deeply in in your industry, but you are unwilling to make the fundamental changes needed to make the leap.
This is actually a fundamental mistake that happens often in Health IT, which is what I like to call “Technology as Paint”. The basic notion is that technology can be liberally applied to make any existing thing better. This is the way you use paint. My wife and I recently bought a desk for $35. It was banged up and looked awful. We painted it. Now it looks like it cost $350. Paint is awesome like that!
But technology is not paint. You cannot take something that works without technology, merely make it “online” or “computerized” and assume that it will be better than the original system. the cardinal example of that in health IT is the we- are- going- to- computerize- the- dumb- doctors. Here is how the plan unfolds:
Doctor: “Hey business man, I want you to computerize me.”
Business Man: “That’s great! I have my favorite coder here with me, and we can help.”
Coder: “I can easily computerize you! I just did it for a Gas Station last week! No more paper forms at the Gas Station!! All I need to do is see all of your paper forms, and then I will computerize you by making computer versions of those forms.”
Doctor: “OK, here are the ten forms I regularly use.”
Coder: “OK I will be back in a week with your computer system built!!”
Five years pass…
Coder: “The system is almost ready, I have just finally got the ontology mapping tool together, you can go live next week!!”
Doctor: “You are fired. You have been charging me for five years to code and you have nothing to show for it. I still have to use paper because your system does not even to 10% of what the paper system does. Now I have five years worth of data in both paper and electronic records, and I can no longer afford to maintain the electronic system. I am sooo screwed, but at least I am going to stop paying you!”
This happens again and again and again in Health IT because so many technologist view technology as paint: Standard technology, liberally applied, solves all problems.
Seth Godin’s book is really required reading. It details, very explicitly how Social Media is not technology paint for marketing purposes. Any good summary of his points will show that you have to figure out if, and when your message is right for the Internet Medium in question. So when you hire someone to help you with Social Media, and they fail to show you how a given Social Media platform is good for your message, then they have failed. A pretty good idea of when you are getting bad advice here is that they are recommending that you go with the usual suspects. If they say: “you should be on Youtube, Twitter and Facebook” without discussing how your message will play in those environments, then you need to take a step back.
It would be much better for you to do what Blendtech did, which is to find the one medium that allows you to create a super-compelling version of your message, and make that medium into the “Sun” in your marketing “Solar System”. Sure Blendtech uses Twitter, and Facebook, but they do that to funnel people to their awesome videos, which in turn funnel people into buying an awesome blender.
What follows is a little more conjecture. I am pretty darn sure about the notions I have explained above. But without dealing with a specific message, it is difficult to know what the right center-of-gravity medium might be. But still here are some guidelines that make sense to me:
I hope this is helpful to people that I am trying to counsel on Social Media. Its not just about using it, its about finding a way to use it in a compelling way!
One of the things that I love about conferences like OSCON is that you met people who are doing really interesting things coming out of left field. I often feel like I “know everyone” in Open Source healthcare, but every time I hear about something like this I am reminded just how big the world is. People are reworking Open Source tools to work in healthcare all the time!
The most recent example is from the Funambol project. That project is made to sync cell phone data, like calendars and contacts. But the Funambol teleport project instead uses the stack to move healthcare data around. I would go into detail, but there is no need, since Simona does a much better job:
As clinicians, doctors and other healthcare providers are the stewards of their patients data. But what happens when they lose control over that healthcare data? Most people focus on what happens when that private data becomes too available. But far more commonly healthcare data becomes trapped. Far too often, it becomes buried in one way or another, lost forever and useless to patients.
I am probably the most vocal proponent of the notion that software freedom, the heart and soul of the Open Source movement is the only way to do healthcare software. Over that time I have tried to highlight the threat posed by vendor lock-in with healthcare software. But “vendor-lock” is not the only way that healthcare data can become buried. Ignacio Valdes was the first to make this case clearly against ASP healthcare solutions with his post about how Browser Based EMR’s Threaten Software Freedom . That was written in 2007.
So you can imagine the types of concerns Ignacio and I had as we built Astronaut Shuttle (very much beta) together. Ignacio had the VistA EHR chops and I had enough cloud experience to create the first-ever cloud based EHR offering. Its a simple system, you can use a simplified web interface to launch cloud-based instances of an EHR. The main difference between this kind of web interface, and something like RightScale, is that the launching system performed whole-disk encryption, allowing you to ensure that Amazon could not access your healthcare data. As far as I know, no one else has built anything like this but us (love to hear otherwise in comments).
Why are we some of the few people trying things like this? For one thing , encryption is pretty difficult to do in the cloud, there are lots of approaches and it is pretty easy to brick a cloud instance with an improper encryption configuration.
But more importantly, there is a perception that storing private healthcare data in the cloud is a bad idea, dangerous because it meant putting all of your eggs in one basket.
Given how concerned Ignacio and I were about vendor lock, and ASP lock, you can imagine our feelings about cloud lock. We had to be sure that our customers, doctors and other clinicians, would be able to restore linux images containing precious EHR data off-site using off-site backups.
When we looked out across the available cloud options we decided to implement our service using Amazons ec2 service, specifically because of Eucalyptus an open source implementation of the Amazon cloud hosting infrastructure.
However, we have been deeply concerned about this approach. Currently, you might say that Amazon has a “friendly” relationship with Eucalyptus, which of course means that Amazon has not crushed it like an itty-bitty bug. For Amazon, being able to point out that there were FOSS implementations available made it easier for ec2 to acquire certain customers. At the same time by refusing to treat the ec2 and other AWS api’s as open standards, or to specifically state they would not sue an open source implementation of their API, Amazon could always ensure that Eucalyptus would never be a threat.
“What a minute!” you might say… “Amazon is a Linux-friendly company! They would -never- betray the community by going after Eucalyptus…”
I think the Open Source community needs to wake up to corporations whose basic legal stance towards Open Source projects is to leave open the “smash if they succeed” option.
IBM has been a “friend” to the community for years. IBM even promised not to use specific software patents against us. They assured us that they are not a threat. But then they broke that promise. The broke it because someone in the community decided to implement software that threatened to break their monopoly on mainframe implementations. IBM turned on our community just as soon as our freedom started to threaten their bottom line. You are kidding yourself if you think Amazon will lose a billion dollars to Eucalytpus without reacting. Amazon has been very aggressive in acquiring software patents and will use them if Open Source implementations ever really get good.
I think Eucalytpus is an awesome project but it lives at the whim of a corporation who tolerates it precisely because it is not a business threat.
It was with great trepidation that Ignacio and I built a health data infrastructure that we knew relied on the whim of a really big bookstore. (When you say it like that… you can see the problem more clearly)
With that said, I am happy to support and endorse the new OpenStack project. OpenStack is a move by Rackspace Cloud, the number one competitor to Amazon, to completely Open Source their cloud infrastructure. They will be releasing this work under the Apache license.
Open Source license are the only trust currency that I, as health software developer, can trust to ensure that no one can ever trap health data with software that I have recommended. “Probably won’t trap” or “Open Source friendly” simply do not cut it after IBM. Simply put, a full Open Source release is the most extreme thing that Rackspace can do to win my trust in their cloud infrastructure.
I have also been discussing with the Rackspace team about the importance of building in support for cloud-initiated-encryption and cloud audit (thanks for the tip samj) into Open Stack. These are must-have features to make healthcare data in the could a viable option.
As soon as we have the dev cycles available, we will be moving Astronaut Shuttle over to the Rackspace Cloud. I invite anyone who gives a damn about Software Freedom, or health information software generally, to follow us over.
I am just home from the first ever amazing health IT track at OSCON. The quality of the content is simply amazing, and soon, you will be able to see the many talks available (thanks to Robert Wood Johnson for paying for the videos)
As I think about what I will be blogging about, I wanted to post some quick links to those who are already thinking about what was said and what it means. First the conference organizer, or at least from the health IT point of view, was Andy Oram. He already has two posts, one on the first day, and one highlighting the VistA controversies exposed at the conference.
Most of all, I wanted to point to this awesome interview with the leaders of the NHIN open source projects: NHIN CONNECT and NHIN Direct.
This is well-deserved recognition. Tolven has an extremely innovative architecture, that dispenses with many of the bad assumptions that other EHR platforms make. The first is that an EHR platform should only be an EHR platform. Tolven is a combined EHR and PHR.
The second is a well-thought out encryption at rest strategy.
Hopefully a recording of the presentation will be available after the meeting.