My wife attends the University of Houston.

Normally, I reserve this space for discussing Health IT matters, but in this case I must make an exception. UH is one of the most frustrating institutions I know of. I believe, that UH has one of the most ineffective Information Infrastructures I have ever seen. So I am devoting a new topic in my blog to discussing my frustrations with it. My wife (Laura) and I have been having multiple, serious frustrations for some time, and each time I imagine that I should write something about it. But I do not want to start yet another blog, so I am going to use a category of this blog for now.  Perhaps I will use RSS etc to turn this into a separate blog. If you are interested in my Health IT posts… please skip this.

Today vnet.uh.edu is down. Vnet is the portal for students to receive course materials from their professors. Why? As best I can tell, it is down because it is test-time. The university education website is down… when it is needed most. It is probably down because it is being flooded with users. It is being flooded with users since so many students have a test tomorrow.

In short, vnet is exactly the sort of tool that breaks when you need it most.

There is little that vnet does, that Moodle does not do. Moodle, because it runs on Linux, can happily sit in the cloud at Amazon or Rackspace, which means that it can scale (in an automated fashion) to the point that entire countries could hit the website at the same time.

But instead it is being hosted either by the school or by vnet. In either case, it breaks constantly. According to this video vnet “leverages open source”. However, the vnet website has no mention of downloads, community or license. That usually means that the application is 100% proprietary. Further, it is easy enough to conclude that VNET was primarily developed by UH.

I am sure that VNET has some features that Moodle does not. But instead of adding to Moodle, and using a known-good platform, UH has decided to use a platform that they built themselves.

Now my wife cannot get to her documents. And I am sitting here pressing “refresh” in the hopes that I will be able to get onto the site, so that my wife can pass her Genetics class.

-FT

Google Flu Trends and Privacy

Google.org, which is the philanthropic arm of Google, has released Google Flu Trends to great fanfare and criticism.

Google Flu tracks searches for flu symptoms on Googles search service. So if I type “achy headache” into Google, it might count the search as evidence that I, or someone I was caring for, had the flu. Enough people use Google for search that Google can use searches like this to track the spread of the virus across the country. The science of tracking diseases is called epidemiology.

Currently epidemiologist use anonymized data from several sources to track the outbreak of disease. They can get data from pharmacy purchases, or from Emergency Room visits. They merge this data against other information like weather patterns. Using these data sources the Centers for Disease Control and Prevention (CDC) can get a pretty good picture of what is happening in the US regarding the outbreak of disease. It should be noted that these “traditional methods” allow the CDC to watch out for far more than just influenza. They use the system to ensure that any number of potentially catastrophic diseases to silently spread across the planet. What is interesting about Google Flu is that it is more effective than the methods mentioned above at predicting flu outbreaks by two weeks.

While I think that Google Flu Trends is fascinating, I am more interested in the privacy implications. I use gmail. I use Google Maps extensively ( I make map labelled with the cool things in my neighbourhood). Google has a photo of the front of my house on Street View. I have used Google Checkout to make purchases so Google knows my credit card information (or did). It is pretty obvious that Google is sensitive enough to make an educated guess that I might have influenza based on a search that I make. It is probably capable of making a guess that I have HIV, or Cancer, or Diabetes. All of this is independent of me using their Google Health application to track even more detailed information about allergies, procedures and drugs. “Google knows” is a bloody good assumption without evidence to the contrary.

Sounds pretty scary doesn’t it? The only reason I am even the least bit comfortable with this is the Google Corporate Motto: Don’t Be Evil.

Google takes this pretty seriously, you can tell because they loose money not offering gmail in China, where they cannot guarantee privacy of communications. They also told the Justice Department to shove off, when they asked for search histories. Both of these efforts cost them money so that they could live up to their motto.

That does not mean that I trust Google, it means that I do not trust them less.

I have been an on/off critic of Dr. Peel and her Patient Privacy Rights group for quite some time. But I must applaud her recent efforts to advocate for patient privacy rights regarding Google Flu Trends. 

In move consistent with their model Google responded to the Google Flu Trends concerns. Google specifically claims that their search data retention policy applies to the flu related data as well. That is very good news for people like me, who tend to obsess about the details of security and privacy of health information.

-FT

Should CCHIT survive?

The incomparable Joseph Conn has an article up about the potential fate of CCHIT under the Obama administration.

I do not believe that it should be refunded under its current form. For several reasons.

Some quotes from Josephs article to support my position:

“I bet we’ve spent a quarter of a million dollars in development costs just to get around the functionality that is being forced into the system,” Oates (Randall Oates is a physician who is founder and president of SoapWare) said. He argues that more than half of the functionality CCHIT requires could be moved out of the core system requirements into extensions.

Oates said that to make EHR systems usable, they have to be tailored “to make them suitable to the various niches in healthcare,” Oates said. “You can’t have one-size-fits-all. Things that could be straightforward and easy have to be bloated and cumbersome. It really has hurt the progress for adoption.”

SoapWare is famous for a reasonably priced low-end EHR for small practices. I wish it were open source but it does target practices that are largely ignored by the big vendors.

I have documented the story of AcerMed, a CCHIT certified EHR that had to close its doors because of a lawsuit.  I should note that Dr. Valdes of LinuxMedNews, has also criticized CCHIT.

CCHIT, rather than creating a “seal of approval” is a millstone around the neck of the HIT industry. It is totally incompatible with the concept of low-cost/high-quality EHRs. Rather it increases costs and in some cases decreases quality.

Something needs to be done.

-FT

VA VistA is not “Old”

Recently ComputerWorld released an otherwise good article entitled: Old code proves key to modern IT at Midland Memorial Hospital.

The first paragraph reads in part:

For Midland Memorial Hospital, this came in the form of 1970s-era code unearthed via the Freedom of Information Act.

This is really frustrating. VistA is old. But it is not older than Unix which is the basis for Linux AND Windows.  It is not older than C which is the basis for C++, C#, Mono, .Net and to a lesser extent Java, PHP, Python, Ruby (in terms of syntax and overall structure).

The VA updates VistA every year. The version that Midland Memorial uses is the same version that has been recently improved by the VA.

This article makes it sound like it was literally dug up by an archeologist.  It paints a picture of David Whiles in his Indiana Jones hat with a shovel. Digging up the EHR artifact that an ancient advanced civilization used. As David wipes of the dirt he exclaims “Oh my… this is a little rusty… but it just might work!!. Then he takes the code back home to Midland, sprays it with WD-40 and gets it to run!!

This happens all the time. People hear that VistA has been in use since the 70’s and the cannot let go of how “old” it is. Hate to break it to you, but almost every core technology that you use on a daily basis has its roots in the 70’s.

Please do not tell me “Oh but HTML (or insert your technology here) came much later”. Yea but HTML does not work that well without HTTP, and for that you need a robust network. Guess when that started becoming available. Its not like VistA has been siting idle either. VistA has features that were developed in the 80’s. It has features that were new in the 90’s. It has features that are being developed now!

Meeting VistA for the first time is like visiting Australia for the first time. You see all of these marvelous creatures who have evolved in a different way, because they evolved independently. You see different “designs” or the application of the same “designs” in different ways. The one thing you should not say when seeing the strange lifeforms in Australia is “Wow, these animals must be very very old species”

No Rufus-brain. The species in Australia are not any “older” than any species in the rest of the world. What is exceptional is that this species evolved separately. Different? Yes. Backward? Maybe. Original? Definitely. But not “Old”.

VA VistA newbies constantly assume that VistA is a single instance of a program, rather than the latest instance of a program, in a long history of instances of that program. They see it as a single Tortoise that lived for forty years, rather than the latest bunny rabbit, in chain of forty one-year generations of bunny rabbits. But even this picture is inaccurate.

Another hallmark of the VistA-ignorant is to talk about VistA as though it were -one- thing. In reality it is a whole suite of technologies, that are evolving together in isolation. VA VistA is a lot more like the whole biological sphere of Australia, with lots of different species that are evolving together, all of them evolving differently than the species in the rest of the world.

Please do not call VA VistA “old” out of context. This is a mark of ignorance and is independant of whether you like VistA or not.

-FT

Announcing NPIdentify

A while ago I was contacted by the folks at Health IT Transition (Now defunct.) regarding some NPI development. We decided to collaborate. They turned me on to the intricacies of the NPI database, and I have been doing skunkworks on the NPI database ever since. Sadly, they have been waiting on me since then, hopefully when I come out of skunk works mode, they (and you) will be pleased with the results. But those guy have been far from idle, I am pleased to prompt their announcement of NPIdentifiy.com

The site already does some pretty amazing things. It has a mechanism for viewing NPI taxonomy statistics and a tool that allows you to search through the NPI records for your state.

Soon, it will be the most advanced way to manage National Provider Identifier information on the web. Also see the new button on my side menu!!

(updated Feb 18, 2011) Note that my NPI work is now available at docnpi.com You can still download the same applications from npidentify.com.. if you want that type of interface. If you want really powerful National Provider Identifier search capabilities, docnpi.com is the best available!

-FT

On Being Threatened

Express Scripts, one of the nations largest pharmacy benefit management companies, is being blackmailed with the release of private health information. The blackmailer proved that he/she has access to the data by providing information on 75 Express Scripts customers.

The company has done a fine job of swallowing this bitter pill. They have done exactly the right thing by making a public announcement. This is not their fault and by choosing not to hide it they are demonstrating strong ethics in a tough situation.

I would much rather have my PHI with a company that will tell me when something like this happens rather than one that makes me “feel safe” by telling me nothing. I am a big fan of “the devil that you know”.

It bears mentioning that this is a real threat, rather than the dubious “lost laptop” problem. I have had a laptop with patient data stolen, but thanks to gpg, I have nothing to worry about. Laptops are easy to steal and easy to fence. Thankfully, there is no way for the average criminal to even know that there is potentially valuable PHI on a laptop when they steal it out of the back of a car. It is much more likely that the operating system will be reinstalled from scratch by a fence to ensure that there is no way that the laptop can be traced back to the original owner.

That means that when a laptop containing PHI is stolen, 99 times out of 100, there is nothing to worry about.

The 1 out of 100 times is when the thief already knows the PHI is on the laptop. Which is to say that a healthcare organization is the subject of a focused attack. Other security researchers are already guessing at how the blackmailer got the data. Here is my guess:

  • 65% chance this is an inside job. A rouge former or current employee is getting revenge.
  • 25% chance this is a foreign hacker. Siciliano (from the link about) correctly points out that only a foreigner would think that a US company would not go straight to the FBI after being blackmailed. A US hacker would have just sold the social security numbers to identity thieves.
  • 5% chance its a US hacker.
  • 3% chance it was a stolen laptop.
  • 2% chance something else happened.

It will be interesting to see how this plays out. If they catch the blackmailer or otherwise discover the attack vector, it will be informative for people like me, who obsess over the best way to protect health information.

If this happened because a laptop was stolen, I will eat my shorts.

-FT

Medsphere Growing in the right direction?

An important part of the reason why (some) people respect what I have to say with regards to FOSS Healthcare IT is that I do not pull punches. I also do not hesitate to admit when I am wrong.

Recently, Mike Doyle from Medsphere called me. I have a lot of respect for Mike, just about everything Medsphere has done since his arrival has been right-on. He has empowered other people at Medsphere that I have respect for. He was calling to let me know that some of the information in my recent post about Medspheres layoffs, was incorrect.

Most significantly, he said that the layoffs were part of the whole company moving away from proprietary land and towards open source. He maintained that Medsphere has been commiting more and more employees to Medsphere.org, thier new community portal. I must admit, it is one of the best portals available. Matched only by the OpenMRS portal in my opinion. According to Mike, the sum total of “new hires for open source” vs. “retiring proprietary efforts” is a positive net gain of employees for open source.

The only difference between growth and decay is which parts change, and which parts stay the same.  If Medsphere is truly “retooling” its employees towards open source community members then much of my previous criticism is invalid.

It is not hard to tell that Medsphere is making an investment in the FOSS community. This is especially true in the mono community. They have hired several mono engineers and they are spending bug reports and sponsoring work. They have also been supportive of Dr. Valdes efforts to cross the streams between WorldVista and Medsphere CIS.

Doyle argues that, rather than decay, I should interpret the layoffs as growing pains. He made a good case, and so I am now forced to eat a little crow (at least it is still warm).

-FT

Trust but Verify and Trust but Fork

I have enjoyed participating in the National Dialogue about Health IT. One of the challenges put forward to my suggestion that decision makers should insist on FOSS in Health IT, was the following comment:

 in terms of privacy, there’s nothing inherent in FOSS that makes it superior to all proprietary products.

I have discussed this issue before, mostly when discussing HealthVault, but my comments have been spread out over several articles.

There is an inherent benefit to privacy, confidentiality and security for FOSS health IT systems.

There is another idea on the National Dialogue site that I thought was useful. It separates the concepts of privacy and confidentiality. Most people blur the concepts of privacy, security and confidentiality and talk about them in the same mouthful. For now I will consider that “privacy” is the ability to control who gets to see your data. Although my points apply to confidentiality and security as well.

FOSS Health IT  are inherently better ways to respect privacy because they support “trust-but-verify”, while proprietary systems just support trust.

The only way to know what a program is doing is to read the most human-readable version of that program, which is typically called sourcecode. There are countless examples of programs doing things other than what they appear to be doing. Viruses, Spyware, Monitoring features and Bugs are classic examples of this.

When a proprietary Health IT program says it respects your privacy, there is no way to know for a user to know if this is true directly, he must trust the proprietary vendor. The fact that most proprietary vendors are honest is irrelevant. The trouble with dishonest people is that you cannot tell the difference between them and honest people. We cannot know which proprietary Health IT vendors are respecting privacy and which are not. Also, the same large organizations who you might normally “trust” have in fact a very poor history of abusing privacy; Microsoft being the best example.

So does HealthVault respect privacy? Probably. But there is no way to be sure without reading the code.

Does Dossia respect privacy? Probably. But we can check by auditing the sourcecode of Indivo, because Dossia is based the FOSS Indivo project. Suppose that you believe that Indivo does not do a sufficient job of respecting privacy, or you find a back door (unlikely). You can fork the code, remove or change the offending portions of Indivo, and then run your own Indivo server with the privacy features that you want.

FOSS supports both trust-but-verify and trust-but-fork which is the only way to absolutely certain that privacy is maintained.

Therefore FOSS does have a fundamental advantage over proprietary software with regards to privacy concerns.

-FT

A National Dialogue is a site for proposing and commenting on ideas in Health IT created by the National Academy of Public Administration. (among others) The site is only open for a few days, and I have put forward my basic thesis:  Insist on Open Source in Health IT that my readers are used to seeing.

If you are fond of my arguments, then please rate this idea up and post friendly comments on it. We need to get this idea in front of the government decision makers and this is a great opportunity.

-FT