I have just submitted a comment to the HITPC governance working group regarding there process for making governance recommendations to ONC. I make the argument that for the most part, comments from HITPC regarding privacy and security architecture have been largely counter-productive because they fail to account for what the chosen NW-HIN (the artist formerly known as NHIN, shortly to be known as the Health Internet) protocols dictate regarding security and privacy architecture. Here is my comment:
Thank you for your work on this project. As a minor note, I am pretty sure you mean “governance of the nationwide health information -network-” as opposed to just “nationwide health information”. Your link for “how to participate” does not actually have information about how to submit a comment. I must assume that comments to this post is what you mean, because there does not appear to be any other detectable process for commenting here.
I worked on the Security and Trust Working Group for the Direct Project, which forms one of the two approved protocols on the NHIN. I am somewhat informed regarding the other project CONNECT and the IHE protocols it implements.
In the Direct Project Security and Trust working group, we took -great- care to ensure that our work, would not trample the ability of HITPC or ONC to make reasonable (or for that matter unreasonable) decisions about how trust, security and privacy should be made. However, out of necessity, we did have to choose a technology stack and specific protocol configurations in order to get any kind of working system in place. Those decisions were not intended to limit your ability to make policy decisions, except in one important way; to quote the current version of the introduction to our Direct Project Security Overview: “In some cases, these protocols and technologies will come with specific configuration options that will have policy implications and may also present constraints that Direct Project will force on the trust policies of its users.”
In short, we asked that you implement your policy decisions in terms of the technology choices that we made. Most specifically we chose X.509 as a protocol for managing trust relationships. This is the same underlying trust architecture that is implemented in IHE and CONNECT. Rather than honor this basic request, to speak in relevant technological terms, HITPC has largely decided to recommend ‘in the abstract’. HITPC has ignored the fact that the fundamental designs of both Direct and IHE dictate that certain security and policy issues -must- be answered, and renders other issues irrelevant.
For instance, your document asks: ‘When is exchange not considered NW-HIN and, therefore, not subject to NW-HIN governance? ‘ While this may be a relevant question for those under the IHE protocol, the Direct protocol ‘Circle of Trust’ concept supersedes this questions basic premise. Its not the ‘answers’ the question… it just makes it irrelevant. With Circles of Trust participating in the ‘official NW-HIN’ is a fluid concept. Nodes will float freely in and out of any given definition of what ‘official NW-HIN’ means.
However, in your “what to do plans” you note that you expect to: “Establish technical requirements to assure policy and technical interoperability.” With all due respect, that work is largely done, and what little remains will be finished by participants in the Direct and CONNECT projects. Moreover, any ‘governance’ of these issues, that cannot influence the contents of reference implementations of the IHE and Direct protocols is mostly just blowing smoke. ‘policy and technical interoperability’ will be 100% dictated by what the Direct and CONNECT programmers put into those projects. Which means that for any governance body to get ‘policy and technical interoperability’, that body will need to be deeply linked in with the developers of those projects. So far there has been a substantial breakdown between what we the developers have asked for as far as policy guidance and what we have been given. Most of the advice from the Security and Privacy Tiger Team, while well-intentioned, made extremely poor technical assumptions and did not begin to approach the actual issues that we needed to address. For the most part, HITPC discussions of Security and Privacy have been a distraction to those of us actually deciding how things where going to be implemented.
Which brings me to what I think is the really only relevant issue here: Who should be on the governance board for the NW-HIN.
The answer to that question is pretty straight forward to me: You need to have at least one representatives from the Security and Trust developers from each of the two projects. Preferably the people who are actually involved with the implementation of the relevant portions of the code. (which rules me out sadly).
Moreover, -every- other member of the governance body should be well-versed in X-509. This means that it should be made up -entirely- of people who are both technology and policy fluent. If the members of a governance board are uncomfortable discussing revocation lists, and CA chain of trust or cross-certification intelligently, then they do not belong on the governance body for any portion of the NW-HIN. There are enough clinicians, who are capable of meeting those requirements that we have no reason not to expect this level of competence. Moreover, you should fully expect that the governance body will largely ignore your abstract questions and recommendations, and instead focus on those security and privacy issues that bubble up from our protocol choices, and start to ignore those that issues that are largely handled in-protocol.
I have just purchased a Withings scale. Indeed, as I discussed in my original article, it will only let me twitter my weight instead of my body fat. How frustrating. But, you can customize the static portion of each tweet. I will be tweeting my weight with a bit.ly link ( http://bit.ly/gS05Nz )to this article and @withings in each post. Eventually, they will get tired of this and reply to my blog post or otherwise acknowledge this issue.
They also ask for my twitter password, which is no longer the right way to authenticate…
I originally blogged this while hanging out with Alan from videnitity.com ( originally met at health 2.0 ) at an mhealth conference. I should have mentioned videntity before.. they do cool work with Django and python for life streaming. In fact the discussion that I am about to go over prompted him to cover, in detail, some of the work he did using the Wii balance board to lifestream your weight. Hardware hacking for healthcare. Pretty cool stuff.
Almost immediately on seeing Alan again, our conversation turned to our mutual interest in quantified self. We are both interested wifi enabled scales.
But almost immediately I stumbled upon a mutual frustration. The most popular and well-known wifi scale in the space is the withings scale. The withings scale measures both weight and body fat percentage (impedance method). We were both frustrated with the default ability for the device to post to Twitter.
I do not need to bother to tell my readership ( clinicians and health interested IT folks) the problem with this. Our culture continues to have an obsession with weight at runs contrary to health. My own life is a great example. I weigh about 270 pounds. I am overweight, but my relatively high level of physical activity ensures that much of my weight is muscle. If I could manage to lose 10 pounds of fat and gain 10 pounds of muscle it would be better for me long term (as my muscle helped accelerate further weight lose) than just losing 10 pounds of fat. There is some debate about whether BMI or body composition is a better measure, but pretty much everyone agrees that thinking in terms of either BMI or body composition are vastly superior to simple weight measurements, because both take height into account (explicitly or implicitly).
So here we have the basic ethical quandary.
Focusing on weight contributes to an unhealthy obsession with a single number that cripples our ability to compare two people effectively. This obsession can merely be inconvenient for people like me, who are capable of seeing past the number but are frustrated that I have to constantly do that work… Or it can be dangerous for those with certain eating disorders.
The withings scale is capable of publishing both the body fat percentage/BMI and/or weight to Twitter providing social pressure for those who seek to manage their health.
The withings scale chooses to publish only weight to Twitter.
To add insult to injury, salt to the wound, spittle to the slap, and gratuitous cliches to the sentence: Withings knows that its users are requesting body fat percent in the tweet stream, they know they are requesting full templating of tweets, and they are taking a poll on what users want, but the poll does not have full templating (which would allow tweeting of body fat) or simple body fat tweeting as poll options.
Withings is playing “the users are too stupid” card on this one. From the comments of the blog post in question, in response to Paul who suggested a templating system:
Hi Paul, we first wanted to do so but as I said in the post above, we noticed that fully customizable tweets are too confusing for non computer-skilled users.
Moreover, a fully cuztomizable tweet can lead to unrelevant tweets.
Lets say youre trying to lose weight and your tweet is my current weight is %wc% and I only have %wo% to lose to reach my objective.
If ever you pass your objective on a specific weigh-in, the tweet will be unrelevant (it will say you still have -2 lbs to lose for instance) unless you think of changing the default tweet message just before weighing in…
Oh thank you pointy haired bosses at Withings. You have answered a tremendous consumer demand with a technology that further perpetuates fundamental healthcare mythologies. You have given us something at is 95% similar to what we need, but now serves a subtle destructive force instead of what you could have done which would be to apply social pressure to the right problem…and now as your user community suggests methods to allow us to fix your mistake… You tell us that we are not smart enough to do handle the tools we need to do that… Oh thank you from saving ourselves from ourselves!
This is the fundamental problem with Health IT today: we as health IT programmers are constantly making very subtle ethical decisions, and we regularly flub them up. More importantly, we ignore our users when they urge us to fix ourselves…
Withings made an ethical mistake in having the default tweetable data weight instead of body fat. Their UX justifications would be valid if they had made the right ethical decision to start. If I could only get body fat percent… That would be a frustration, but I could deal… As it stands they are just wrong.
But I understand why. Imagine the meeting:
Developer: we should integrate with Twitter
Pointy haired boss: cool do it.
Developer: we do not have time to do a complex integration. We can use weight, body fat percent or BMI…
Pointy haired boss: no one understands body fat percentage or BMI. This is a weight scale. People understand that… Lets go with that….
Developer: but body fat percentage….
Pointy haired boss: would not be as popular. This is a marketing and time question. We only have time for one of the two and most people will want weight…
The pointy haired boss is right. The fact is that people do understand weight better. Withings has probably sold more scales by choosing just to only tweet weight. This is not just a principle vs. profit issue. Assuming scales make a difference for people, more scales equals more difference. Frankly I do not blame Withings for starting with this decision. They were wrong, but their heart was in the right place.
But the arrogant position on templating systems and the fact that the poll they setup on the issues did not even give an option to chose body fat percent as an option is pretty unacceptable.
The other problem that Alan pointed out is that to get at the Withings scale data, you currently had to integrate with the Withings server rather than with the scale itself. So you have a device that records data about you, and then to get at that data, you need the by-your-leave of the device manufacturer… Not OK.
This device should be a “home health appliance”, and it should integrate with the Withings server -as a convenience- not as a requirement. I should be able to point this system anywhere I like. I should be able to easily point the data that the device generates anywhere I want to.
Withings need to take the following steps, and soon.
Support templating as a fundamental method of data export.
Support sending that templated data to any Internet location via simple POST, without going through Withings servers
Support full XML and JSON data export with those posts
Make body fat percentage the default measure sent to Twitter and give users the option to change it back to weight
If you support this idea… Please leave me a comment here, and retweet this article, with the @withings tag. I am pretty sure withings watches twitter.
The Health Internet by extension is the “largest Internet devoted to Healthcare Data”.
Here are the basic features of the Health Internet:
You will be able to ’email’ your doctor.
Your doctor will be able to ’email’ you.
Faxing health records will go away.
Eventually, your medical records will auto-magically follow you around the country, appearing when they are most needed in a moments notice.
All of this will be done securely and in a way that fully supports peoples legitimate need for privacy.
New innovative services will appear, that leverage the Health Internet data channel to create applications that were previously unthinkable.
How is this being accomplished? Simple as one two three:
The EHR stimulus money will be given out in response to “meaningful use” standards which include interoperability requirements, which will require connecting and sharing data, without specifying a specific technology stack. These standards will become more and more pronounced as time moves forward.
The Federal Government will expose its considerable health data resources (i.e. DoD and the VA) using these two protocols. Agencies which accept the reporting of meaningful use measures will accept that reporting using one or both of these two protocols.
So are these protocols being mandated? No. But then neither were HTTP, STMP, SSH, SSL, or DNS. Its just what everyone uses. The VA has the single largest pile of detailed health records in the history of mankind. They will be available using either CONNECT-complatible IHE or Direct-compatible Direct protocol. They will probably not be available using your-favorite vendors idea of a proprietary health data exchange protocol.
This is going to happen. Hell, it already is happening. These reference implementations are entirely Open Source. They are designed to eventually handle the cases of communicating across national boundaries. This is going to the start of a international Health Internet. First with Canada and Mexico, and nations promoting Medical Tourism and then everyone else. It will take time. Adoption might be slow. But there will be a Health Internet, it will use these protocols. It is only a question of how long this will take to be adopted, and how long it will take people to stop talking in the abstract about the issues of Health Data Exchange.
So I wrote a new facebook application that gives you credit for supporting my fathers congressional campaign. My father is running in Texas District 20 (the Alamo District), and I am writing this article as a specific guide to his supporters with iphones/ipads and facebook accounts. (If you do not have a facebook account… now is the time to signup!!)
But no matter where you are this election day, you should use Facebook Places to checkin at your polling station. Why? because anyone building a facebook political applications (like me) will be able to use your checkin to prove that you were at a voting station. This very simple piece of information, where, when and most importantly the -implication- that you actually did vote means that you are a player in what will soon become a very very active political space on facebook.
Remember, there will be a host of facebook applications that check for this data in the coming years. You can be an early adopter of this type of technology even before knowing what application you will be using. This is also good advise no matter who you support politically!!
For many of you, this could be the first time you have used facebook places to check-in anywhere. So I thought I would write you a little guide to checking in. This guide will assume that there is already a location available for you to check-in to, but if there is no such location available, you can follow my instructions to create a Facebook places location to make one for yourself.
First you need to load your Facebook application. These instructions are identical for the iphone and ipad, and should be similar on the Android. If you have not installed the application yet, you need to search for “facebook” in the app store application and download it. Then you should see an application icon like this one on your iphone:
Next you need to checkin. The simplest way to do this is to click the little geo-tag icon to the right of the text field:
After you click there you choose which location you want to check-in too. In this example I am checking in to campaign headquarters. If there is a not already a facebook location for your polling station, you should add one.
Obviously your polling place will not be called “Trotter for Congress Headquarters”. It will be something like “the Smith elementary school”. It does not really matter to much where exactly that you check in to… the application will specifically store your latitude and longitude. Any half-way intelligent facebook application will be able to tell that you were at a voting station, even if you actually check-in at the Burger King across the street. Still better to check in at your actual polling station, even if it means creating a new location in Facebook Places.
Then you will be presented with the check-in interface, which looks like this:
You can put anything you want in the “What are you doing?” field (including nothing at all). However, while an application can understand the implications of your latitude and longitude, your facebook friends might not. You might give a little context to your check-in by saying “Here to vote” or “Dropping my mom off to vote” or whatever. My facebook social election game, does not attempt to figure out if you actually voted, you can score in the game if you just show up at a polling station on election day. It does not matter if you are under-age, or not voting, or vote for the other guy… I cannot say for sure, but I think other vote-oriented facebook applications that exist to serve a particular political candidate will probably follow suit. Otherwise, someone will try to claim that the application “rewards” voting a particular way, and is somehow illegal/unethical.
However, I imagine that you will also see a large number of facebook applications that are not associated with a particular candidate that will ask about exactly how you voted. These style of applications will turn Facebook places into a kind of real-time location-aware exit polling engine… lots of potential uses for that type of application.
But none of these apps can operate without data. In this election (2010) this will be new, and we will struggle to get the word out… but in 2012 and beyond.. this will be more than normal.
So originally MirrorMed was a fork of ClearHealth. It was done to satisfy my need to get certain features done… but now ClearHealth has moved far past it… the usefulness of the “fork” part of this has diminished to nothing.
Still there were a few useful things in MirrorMed that have not been replicated in ClearHealth or anywhere else that I know of.
The most useful of these was a tool that I built called mm2mm
mm2mm is a Medical Manager to MirrorMed integration engine. Basically it a php parser for the medical manager data files that allows you to seamlessly move to MySQL. I have used this tool more than any other part of MirrorMed, and so I am now releasing it Open Source (AGPL 3) and completely costless. You can download it from the MirrorMed sourceforge site.
For those who are interested in Medical Manager, you might enjoy reading the history of Medical Manager, which I maintain. Recently someone reminded me that there have now been convictions in the Medical Manager dealership scandal.
Medical Manager was my family business for many years. My Aunt and Uncle still work tirelessly to support clients and my grandfather, now deceased, helped them start the business. The Medical Manager dealership scandal, where Medical Manager ousted small dealerships and apparently accepted bribes to buyout the larger dealerships originally taught me that nothing but Open Source was viable in healthcare informatics.
The release of mm2mm has brought me full circle with Medical Manager. It makes it trivial to use a FOSS EHR like ClearHealth, OpenEMR, OpenVistA or Astronaut VistA on top of an instance of Medical Manager but most of the people who have used mm2mm as beta testers were interested in creating a web-archive of the medical manager database or in entirely migrating away from Medical Manager.
Medical Manager was a great product, but years of neglect and proprietary thinking have doomed it. It might be possible to save if it was released as Open Source now, but it is probably too late.
However, instead of using Google Health or HealthVault as a platform, Fred used Twitter. Fred had the notion that people already use Twitter to track what is happening with their lives, so why not track what is happening to their health? That builds upon another key finding from Project HealthDesign: help people track their health information by incorporating the process into their existing daily routine, not adding something new
So basically, while they did not chose me to win the contest, they got the point I was making. If I had time to add some graphical goodness to the app, then I think I might have been able to make a better stab at being more competitive from a user experience standpoint, and I think I might have done better. There is always the next contest.
Still I have made strong headway with the notion that the quantified self movement, is merging with the PHR movement. The quantified self guys are pushing this logging to Twitter thing pretty hard. And toeleven.org is one idea about how to fully move Twitter into the PHR space. We will see how that community reacts to these ideas.
I think it is inevitable that the notions of the “life stream” as per facebook and twitter and the notions of traditional PHR will begin to merge. It is not a question of whether?, but rather when?, and how?
toeleven.org is an Open Source app looking for a project manager.. contact me if you are interested in owning the project…
My goal was to find a way meet one of the challenges using some kind of integration with our new Audio PHR system Your Doctors Advice. (At the time of the writing its in a closed beta… you can sign in, but cannot use it yet) This has been the project that I have been working on for almost a year, with Cautious Patient. but I let time get away from me, and I could not find a way to get anything interesting done in time, that applied to any of the Challenge categories. Next year we will consider writing our own challenge.
But I discovered that a part-time project that I have been working on for the last month or so actually applied to a contest to re-implement some of the original Project HealthDesign applications. One of those applications was, specifically, an application designed to track Observations of Daily Living (ODLs) for people with chronic pain. I have friends and family with chronic pain, and I actually wrote this application to help one of them keep a pain/food journal more easily.
The contest had two requirements: re-implement one of the original designs from one of the videos, and use a “commercially available PHR service that can securely store the data”. What is a PHR? It is a personal (or “personally controlled”) health record. What the contest makers meant was to try and get new functionality available in Google Health, or HealthVault or Dossia or the like.
Well Google Health has been, until very recently been incapable of storing ODLs because it insists on the limited data that a CCR can encompass. Even with the new update, Google Health has limited abilities to store arbitrary data. Im not sure if I can easily include pictures of food in a Google Health app (this might have changed recently). HealthVault has famously supported the recordings of arbitrary data, but is so capable in this regard that there is little need to force the data into any standard at all. If I want to participate in either approach, I have to go through very extensive integration and approval process. Neither platform is truly open. Perhaps that makes them “safer” for patients, but perhaps that just makes them walled gardens with useless inscrutable iphone-app-store-like approval process that stifles true innovation… you know… one or the other….
I much prefer Twitter and Facebook as application platforms, who have far more open application approval processes. These platforms have realized that their success is tied to the openness of their networks. They are acting much more like “Internets with new protocols”.
But Twitter is not appropriate for health data… because it is essentially a public broadcast medium? Right? That is the way it is typically used, and it is certainly a broadcast technology. But it is not necessarily “public” broadcasting. You can change any twitter account into a protected account, that will ensure that only people you want to see it can see it. So Twitter is “commercially available” that can “securely store the data”, but is it a PHR? I think it is if you use it like one. In fact, it is probably one of the most popular platforms for logging health, wellness and fitness information on the planet.
I think an application that relies on Google Health or HealthVault faces an uphill battle, because that is not where people are tracking ODLs. People actually use Twitter and Facebook to track what is happening in their lives. They use it to record their mood changes, their stress levels and details about how their bowels are moving. Most importantly for my purposes people are already using Twitter as a food diary. If you want to save time you can just take pictures of your food and use that instead of trying to write down anything. If you are interested in finding out what food might cause pain you are more interested in ingredients than calories, and so food diaries that focus on accurately tracking calorie intake are overkill.
So I wanted a way to simply and easily track ODLs of pain, using Twitter, right beside the already smooth process of tracking food intake.
But I wanted to do this in a way that would be easy to data mine, so that I could take the food data, or pictures, and overlay that in a data-mining friendly way with the pain data. Obviously, I needed a good syntax for recording the pain information, and so I did some research on micro-blogging ODL syntax options. I ultimately settled on the grafitter syntax, because its site was actually up and doing cool data mining stuff. But I did not want my friend to need to actually learn any kind of “twitter syntax” to log her pain. Instead I wanted her to have a simple web form that she could use on her smart phone, that would allow her to quickly and accurately describe her pain. Just like the video from Project Health Design on Helena.
So what is Helena doing? In the video, she is recording which medications she is on. But that is one of the few things that doctors have (or should have) accurate data on. Other than recording that medication data, she is simply creating a ODL system that is customized to her world, allowing her to track -when- she takes the medications, which in her world is just “the yellow pill” or “the big pill”. Moreover, she wants to log three specific things that seem to impact her pain: sleep, yoga and the local weather. But the Twitter ecosystem already takes care of all of that. There are devices that track sleep, that can log the sleep quality data to Twitter. Helena could use fitbit which could log her movement during yoga workouts to Twitter. She can even use Twitter to track the local weather.
Helena and my friend, both have the ability to log very different kinds of data to twitter that are difficult and or time-consuming to acquire in any other way. All they need is a method to create and record their own “Pain Tracking Interface” that could be used to describe what they were going through. One of the project health design teams described one such interface, as part of the many things that the teams released.
So I built a new Twitter application to do that. Its easier to understand if you see it in action once, so here it is:
So this is not only a method for creating a “Pain Tracking Interface” but for tracking anything you want to perform careful date-stamped quantitative analysis. There is little that you could not track using the system, and it will perfectly interface with any other Twitter data stream so that you can perform data analysis on yourself easily, using Grafitter, or something else just like it.
I want to be clear. I did not write this application to win the contest. I wrote this application to help my friend. It is far enough along that my friend can do what she needs to figure out her pain. This idea can easily go farther, but this is not my main priority. I am going to talk about where this should go, but do not assume that I am going to be the one to do this. Competition and collaboration welcome.
I am releasing all of the php sourcecode for toeleven.org as Open Source as soon as I have the cycles. I think the following work needs to be done on the system.
Create a replacement data analysis tool for grafitter, with more functionality, specific to ODLs
Improve the iphone and android specific interfaces to the ODL forms
Build in facebook integration for those that do not want to link twitter to facebook
Create much better form-builders that make it more obvious how to build forms for different things, specially targeting HTML5 (I feel doing fancy work in the HTML4 world is a waste of time at this stage)
Allow users to share their ODL forms that “standardized” ODL forms might become popular based on some kind of crowd-sourcing approach.
The interface is a little sparse, could be improved alot with some good design work.
I also did not submit the application to win the contest, as much as to try and reframe the problem. I want to make a difference in the world of Personal Health Information, and I know I am not alone in this. But we need to stop trying to force people into behaviors that they will never commit to. The largest single “addressable” healthcare issue is compliance. If we all did what we should know that we are supposed to do, then many of the difficult healthcare problems, like Diabetes, Heart Disease and even HIV would become rare events, and manageable for our society. I am overweight. So I have a compliance problem. I need to focus on losing the weight, which will protect my heart in the long run, rather than interfacing with some software that I have to comply with. Our goal with the Audio PHR, is to create an application that helps people do the right thing more than it creates new user burdens. I am not convinced that our PHR philosophies are simple enough. I am not convinced that toeleven.org or our Audio PHR is simple enough. But they are simpler. That is a step in the right direction.
Normally, I would also talk about how we need to be working together on open systems using open source software at this point. But Project Health Design and Robert Wood Johnson are absolutely the choir when it comes to that sermon. They understand the potential of Open Source. My goal with submitting this application is not to win, although that would be nice. My goal is to completely reframe the problem. I want them to see that their notion of PHR is trying to force people to move against the current. Facebook and Twitter applications, whatever else you want to say about them… are “with” the current. People are there, using those systems, that is where the action is. We need to bring the behavior changing healthcare innovations to the people, not the the people to the innovations. This is a big paradigm shift, but it is at the heart of Open Source. Essentially I am a developer on one of the Health Design projects, and I have made a pretty signifigant problem into what Torvalds calls a “shallow bug”. The bug is “How do we get people to signup to use this stuff?” I have solved half of that problem, people are already signed up to use Twitter, they just have to use Twitter in a new way… as a PHR.
Eric Raymond experienced this kind of paradigm-shift from a contribution with his fetchmail project. I have quoted this before and I will quote it again:
The real turning point in the project was when Harry Hochheiser sent me his scratch code for forwarding mail to the client machine’s SMTP port. I realized almost immediately that a reliable implementation of this feature would make all the other delivery modes next to obsolete.
For many weeks I had been tweaking fetchmail rather incrementally while feeling like the interface design was serviceable but grubby – inelegant and with too many exiguous options hanging out all over. The options to dump fetched mail to a mailbox file or standard output particularly bothered me, but I couldn’t figure out why.
What I saw when I thought about SMTP forwarding was that popclient had been trying to do too many things. It had been designed to be both a mail transport agent (MTA) and a local delivery agent (MDA). With SMTP forwarding, it could get out of the MDA business and be a pure MTA, handing off mail to other programs for local delivery just as sendmail does.
Why mess with all the complexity of configuring a mail delivery agent or setting up lock-and-append on a mailbox when port 25 is almost guaranteed to be there on any platform with TCP/IP support in the first place? Especially when this means retrieved mail is guaranteed to look like normal sender-initiated SMTP mail, which is really what we want anyway.
There are several lessons here. First, this SMTP-forwarding idea was the biggest single payoff I got from consciously trying to emulate Linus’ methods. A user gave me this terrific idea – all I had to do was understand the implications.
I really think the toleven.org Twitter-centric design is fundamentally more effective than the whole Common Platform effort. While I think both the Common Framework, and its top competitor the Indivo X modular architecture, have some value, they are fundamentally fighting a losing fight, trying to turn the masses into using PHR systems to log data. Forcing each application developer to write code to a separate API which does exactly the same thing in a different way is a non-starter. The only time that happens is when developers have a big motivation. An API is only useful when it has users behind it, and lets be honest, HealthVault and Google Health do not have users. Neither do Indivo X (which is still alpha/beta) or any implementation of the Common Platform. The only PHR systems that actually have any users are the MyHealtheVet application from the VA and the Kaiser PHR. Both of those applications are gateways into deep connection into those respective integrated healthcare delivery systems, something Google Health and HealthVault are not (although they might be someday soon.)
My grandfather once advised me “Never play a man at his own game”. I have taken that to heart. I now live by a modified form of that advice:
If I am failing and cannot see why: change the game or change the rules.
That is why I work with Open Source. It allows me to change the rules. I want to thank Robert Wood Johnson for their commitment to Open Source. The information that their project released made the application that I built for my friend more capable. It allowed me to flesh out the design and prevented me from building a special purpose application. Thanks to Michael Botsko for making a good jQuery Form builder. People like him build tools that let people like me try and make a difference.
He has won the Republican Nomination against incumbent Democrat Gonzalez. He has the support of the local Tea Party.
My father is a true conservative both socially and fiscally. A federalist in the tradition of Ron Paul. My personal opinions often go against my father. Like the majority of Americans I tend to be financially conservative but socially liberal.
I doubt the rest of my immediate or extended family will be following my lead. They do not support my fathers complete conservative bent. They seemed shocked to learn that I would be supporting my father. I am also very close to many liberal friends who also might be baffled by my decision. How could I support my father when we diverge on so many issues?
The answer is simple. My father, whatever is political stance, is far more qualified to represent San Antonio and Texas in the United States Congress. It is not because he is a legal scholar of the first rank, though he is, and it not because of his conservative politics (which I can assure you are sincere.)
I am supporting him because he knows the price of war. My brother John Trotter, (Byron to his family) was killed in Iraq during Fallujah II while fighting in nearby Ramadi.
Losing him broke my heart. It broke my fathers heart. It devastated my family.
I will support my fathers campaign to run for congress because his broken heart qualifies him to decide whether the United States should go to war. His broken heart qualifies him to monitor and approve defense spending. My father is qualified to prevent a defense spending program that allowed defense contractors to make billions, even as national guardsman were self armoring vehicles in Iraq. I believe that he will read those bills a little more carefully, that he will pay closer attention when generals and admirals testify, and he will work harder than the thousands of congressmen who have no concept of the real consequences of even their smallest decisions. I know that he will do this in peacetime as well as during war, so that our soldiers, sailors, marines and airmen have what they need before they are sent to fight for us. I know that he will not tolerate the Washington bullshit that puts our service members at risk. I know that he will not put politics, even Republican politics, before the military. I know that he would happily give up his political career to save the life of even one soldier; someone-else’s Byron.
Our minor political differences pale in comparison to this single issue.
My father did not know it, but he prompted me to write this post by leaving the following message on my google voice account. He decided to visit my brothers grave at Arlington national cemetery today (the anniversary of 9/11) on his visit to Washington. While he was there he left this message for me. I am publishing this without his permission, because I want to give you insight into the man he truly is. I want you to see him as I see him, formidable, but also deeply vulnerable. His own words are the deepest endorsement I can make for him. I hope he does not mind too much.
Recently I have been approached by a clinic in Austin that operates under the assumption that there is a causal relationship between childhood vaccinations and autism.
This will not the first foray into the thick of bio-ethical debates. I have, in the past, advised both planned parenthood and catholic clinics on how to use open source healthcare software.
My policy for organizations like this is simple: I almost always help them. My software or software ideas can improve the experience of patients at any clinic, even if that clinic is taking a position on an ethical issue that I am unsure about or against. Most importantly there is nothing that I can do to change the position of the clinics in question, one way or another.
I hope that in the end, open source software will help to resolve some of these ethical debates by providing a cheaper means to get better quality data. While my opinions cannot change policy better data can.
So will I help this clinic? Probably. Will I allow this clinic to advertise my help as any kind of endorsement? Definitely not. Which is basically the same position I take on any reasonably complex bioethical issue where I can see both sides of an issue. Of course many in my community would say that members of the anti-vaccine community do not deserve this kind of benefit of the doubt.
Before climate-gate I might have agreed. But now I am much more sympathetic to arguments that run contrary to modern scientific consensus. I fell very betrayed that centrally referenced climate data was fudged by respected scientist in order to support a very specific conclusion. Because of the pharmaceutical corporate interest I am afraid that vaccine safety data might have been similarly fudged.
It is my hope that providing a clinic with a dramatically different agenda than the main stream medical community with cheap and effective tools to do advanced data gathering and analysis that I might provide them with a kind of truth-over-pressure. If vaccines can cause autism, then they should be able to generate some reproducible data that shows that. If vaccines do not cause autism then by giving this clinic better data tools I hope that I might be able to create a kind ideological implosion within the organization. I hope that I am not enabling an organization that is torturing kids with invasive, traumatizing procedures for nothing. But unfortunately I am not in a position to make that determination.
I hope, truly, that I am right to take this approach. I hope that the assumption that transparent code plus transparent data can create pressure to find the truth for other difficult issues is right. It feels like, more and more like I am betting more than my career on this idea of open source software in healthcare… I am betting my conscience too.
I would like your comments about my approach generally and about this situation specifically.