Archive for the 'patient safety' Category

Mar 24 2010

Deborah Peel: “Your Medical Records Aren’t Secure”

Here is  Wall St. Journal Op-Ed piece by Deborah Peel arguing that our medical records aren’t secure.

I did a video interview of her a while back:

She was watching a video I had posted earlier by Esther Dyson, who explained her reasoning about having her personal genome and medical records published openly:

These are two very intelligent, accomplished women, both of whom I have great respect. It’s amazing to see how diametrically opposed they are on the issue of patient privacy.

I stand somewhere in the middle between these two positions. The #1 thing to do, I think, is to reduce or eliminate the downside potential of getting medical information… reducing the risk involved lowers the cost of the security. This is not possible for all information, but we can do a lot to make this better.

I also take exception to Deborah’s use of “security” as if it is an absolute go/no go term. All security is a tradeoff between risk and reward. It is more a matter of how much someone is willing to pay to get the information. Security raises the cost of getting the information, but to have absolute security, we would have to shut down all access.

The other issue I think is relevant is that computer-based security systems can track who accesses the information, so there can be an audit trail that John Smith accessed Mary Jones’ record. With paper-based systems, John Smith can copy the record on a copy machine, slip it into his pocket, and walk out completely undetected.

I designed the information security systems for both the VA’s VistA and DoD’s CHCS systems, and defended the architecture to visitors in black suits, sunglasses and no names from unnamed agencies in the DC area – something out of a b-grade movie. These systems have been operational for over 20 years now, supporting about 10% of the US hospital information. To my knowledge, all privacy leaks have been from legitimate users leaking the data manually. I have not heard of any electronic attacks to get the data.

This might change, but at the moment, I think that the security risks are a people problem, not just a computer problem. The way forward, I think, is to mediate access to the medical record by a person-specific system. We need to have a personally controlled health record, something that I’ve been advocating for 15 years now.

Here are some comments Esther Dyson sent me after I posted this entry:

I wouldn’t say we are diametrically opposed. I published my *own* records, not other people’s…. I understand there are reasons many people want to keep them private, and they should have that right (and ability). At the same time, I think it’s more important to fix the system so that having your records leak out isn’t financially dangerous, even though it may still cause people genuine harm as a breach of privacy. (That will also reduce the incentive to use the records except as they apply to celebrities.)

so.. I think we should have good security. I think people should be able to decide for themselves what happens to their records. I do not think loss of privacy is the worst harm that could happen to someone… but people who disagree should be able to act on that belief. However, people who are willing to take that risk will benefit not only themselves – better support and treatment – but also others, when their data is used (under conditions they consent to, understanding that security is not perfect) as the basis for medical research.


No responses yet

Feb 25 2010

My Reactions to Health Summit at the White House

Published by under Heath IT,patient safety

I watched an hour or two of the Health Care Reform Summit at the White House today.   My overwhelming reaction to it was how much effort was being expended on just a tiny part of the whole equation.  First of all, it should be called Health Insurance Reform, for it has little to do with the health process at all.  Second, it treats health care as an industry, as if it were a factory taking in sick people and producing well people.  All that we need to do is figure out faster/better/cheaper ways to run the assembly line, and make room for more people to get on it.  It is firmly locked in to the notion that health care is something the system does to the person, patients are “consumers” and doctors are “providers.”  We have transactionalized health care – defining disease/billing codes that shape doctor behavior.  If someone cures their depression by taking up running on the beach, they generate no transactions, incur no medical costs, and improve their health in many other ways.  If they get an antidepressant and go back to sit on a couch to wait for their depression to clear, this generates many transactions, incurs potential side effects, and may diminish their health in other ways.  Unfortunately, our health care system only recognizes the latter… things that don’t get transactions don’t get recognized.  Things that cause health transformations (such as running on the beach) are lost below the radar of the disease industrial complex.

Addiction is one of the great health problems of our time, and Alcoholics Anonymous is the premier organization for treating it.  I recently had dinner with a man celebrating his first year of sobriety, and he was glowing about AA, and has turned his life around.  He is an enthusiastic mentor for 5 others.  AA generates no medical records, no master patient index, and incurs no costs.  The more members it gathers, the more members it can support – members help themselves stay sober by helping others stay sober.  AA in San Francisco has over 700 active groups meeting weekly, yet is has only a tiny staff of 10 to organize it.

So, here is one of our most pernicious health care problems that is being solved virtually cost-free in a self-organizing, self-propagating manner.  It is a transformational approach to health – utterly outside of the transactional provider/consumer model that dominates all health care reform discussion.

The 600 pound gorilla in our health care system is ourselves.  Obesity, smoking, drugs, alcohol, and sedentary lifestyle drive a huge portion of our health care costs… and these are personal life-style issues, not things that “providers” do to “consumers.”

People don’t necessarily “consume” health care when they get healthier.  AA members help others when they become sober – its “baked in” to their 12 step process.  People can get healthier, and in so doing, make other people become healthier.  The fact that your immune system fought off TB today makes everyone else around you a little healthier.

AA attributes their success in part to the fact that that they were underfunded when they got started:

Mr. Rockefeller decided to turn down the request for the money requested by Frank Amos. He reiterated, “I am afraid that money will spoil this thing”… Both Bill and Dr. Bob could access this account and funds could be withdrawn as needed. Rockefeller warned them that despite his help, the movement must become “self-supporting” in order to eventually become a success.

Jonas Salk (in Anatomy of Reality, Columbia University Press, NY, 1983, p. 122) spoke of the need for health care reform to be framed as “Creating an Epidemic of Health.  Only a few are needed to visualize and to initiate a process that would become self-organizing, self-propelling, and self-propagating, as is characteristic of evolutionary processes.”  AA could be viewed as an example of the kind of transformational, “viral” models of health that Salk was talking about.

Are there other self-organizing, self-propelling, and self-propagating models of health out there?  I don’t know.  But I do know that the transaction health industry would not be the place to look for them.  Pharmas are not going to fund products that decrease their dependency on them.  Nephrologists who are sitting on dialysis “gold mines,” despite stated good intentions, would worry about the financial ramifications of a treatment that diminished the need for dialysis.  A approach based exclusively on the notion of health as something the system does to the consumer would not see much virtue in their “consumers” running off and doing things independently of them.

This dependency relationship is exactly what Rockefeller saw when he refused to fund the local chapters of AA… and yet it is the glue that our system is based on.

Vvaleo group at Airlie Conference Center 1999I participated in a health care reform effort called Valeo about 10 years ago.  It was an effort to apply Dee Hock’s theory of “Chaordic” organization to health care reform, coupled with David Cooperrider’s “Appreciative Inquiry”   We ended up in a summit meeting of about 180 stakeholders from the entire health care field.  My Duh! moment from this event was that gathering all the stakeholders in a perversely incentivized system and asking them to self-organize into a more efficient system is not a recipe for success.  Asking some to jump off the gravy train so that others can ride more comfortably is not going to attract many volunteers.

I don’t recall any political stakeholders in the group – certainly nothing like I saw today at the White House.

Health insurance reform is but the tip of a very large iceberg of reform.  Given the enduring complexity of the problem, I have to wonder whether its humanly possible to come up with an effective solution.  Perhaps we need to declare a “complexity crisis” and rethink ways of minimizing complexity, rather than fixing problems.  Maybe adding 2700 pages of legislation to 125,000 pages is not going to create a workable system.  If so, how much is too much?  If we got to 1 million pages of legislation, would we have solved the crisis?  Or would it be an indicator of intractable complexity?

Here are some thoughts towards simplifying health care:

1.  Decouple the employer relationship from the health care system.  Employers don’t buy our car insurance, why should they buy our health insurance?  This would remove a huge load of issues relating to insurance portability, privacy, unemployment, big- vs small business, and taxes.

2.  Give up on the notion that we have a “system.”  It is just too big and too diverse to think of it in the factory model – that there is One Correct Way to push things down the assembly line.  Rather, we should frame things as a Health “Space” – much in the way that the web was designed as a “space for information to exist” rather than a “system for retrieving information.”

3.  Start with a communications-oriented approach rather than a records-oriented approach.  The problem is that we have a failure to communicate, not that we haven’t standardized, organized, and shared our file cabinets in the proper way.  One form of communication is the medical record,  but not the only one.

4.  Start with the transformational notion of health.  Health is something we all do, and are primarily responsible for it ourselves.  Providers are the edge, people are the center.  Let’s discover all kinds of new approaches to this, to communities of health, to buddy-systems, and the like.  Patients Like Me is a great example of this kind of thinking.

5.  Free up telemedicine.  While its nice to have the super hi res, high bandwidth hi-tech telemedicine systems I’ve seen pitched for decades now, the fact is that a lot of good can come from a simple cell phone photo or video.  There are lots of legal (and some would say ethical) issues to be dealt with, but I think that this should be a basic notion for any future system of health.  We need to design from a state of connectivity.

So, my advice to President Obama: make whatever simple changes that can be agreed upon today, but declare a complexity crisis and move to a new model specifically designed to be a simpler, more adaptive, and more resilient health care system focusing on the transformational rather than the transactional nature of health.


Comments Off on My Reactions to Health Summit at the White House

Apr 22 2009

Swine Flu is back…

Published by under patient safety

CDC announced that there have been two cases of swine flu in San Diego County.  This is an interesting disease from several points of view:

It has a great name.  If it were called Iowa Flu, folks wouldn’t have gotten excited about it.  Swine Flu, on the other hand is disgusting.  Preventing a Swine Flu outbreak is going to get a lot more attention than preventing an Iowa Flu outbreak.  The all time best name for a disease is Flesh-Eating Bacteria.  This is a truly mediagenic name – far better than necrotizing fasciitis.

We successfully fought off an epidemic of it in 1976, with 40 million people being vaccinated.  However, this very success resulted in its being criticized.  It seems the pandemic didn’t materialize after the vaccination – a great example of public health policy:

The cases triggered fear of a pandemic – largely because the lethal 1918 flu pandemic was thought at the time to be a result of a swine flu mutation – that resulted in more than 40 million people being vaccinated. The program was later criticized when a swine flu pandemic did not materialize and a number of cases of vaccine-related side effects were reported.

My mother and father both lost siblings to childhood infections.  My mother-in-law had a life in pain and partially paralyzed due to polio.  The great advance in American life expectancies in the 20th century was largely due to advances in infectious disease control.

Yet it seems we are forgetting the value of public health vaccinations.  The very notion that a vaccination program is criticized because the pandemic didn’t occur is indicative of a much deeper issue – how can we attach value to things that don’t happen?  We only have metrics for the things that become serious to solve as a problem.  Dissolving problems before they exist does get any credit.


Comments Off on Swine Flu is back…

Mar 31 2009

The Disease Industrial Complex: Health Insurers Keep Blacklist

Published by under Heath IT,patient safety

If you go to a restaurant, its very common to find the wait staff swiping a security card before they order your food.  The kitchen computer prints out a perfect copy of your order, and at the end of the meal, you have an itemized list of everything you’ve ordered.  This is an amazingly efficient and secure system – the management doesn’t want the staff slipping their friends free hamburgers or whatever.

If you go to a hospital, however, it’s likely that your doctors orders are hand written, and perhaps faxed to the pharmacy over a public phone line.  This information, which may have life-critical implications, may have no security, no computer verification, be delayed in transmission, misinterpreted by the staff, or misdirected to the wrong patient.  Computer order entry systems have been a hot topic for decades, and the cost of manual system in patient safety has long been recognized. (See 200,000 preventable deaths per year? and The National Health Emporer has no clothes)

If we accept the conclusions of the Institute of Medicine’s study To Err is Human then preventable medical errors (44,000 per year) are one of the leading causes of death in the US)

Why should even mom-and-pop restaurants have secure, online order entry systems to protect their food orders when hospitals dealing with life-critical information, prone to fatal errors still use clumsy, manual, insecure systems?

Having designed hospital computer systems for 30 years, I understand that a hospital order entry system is a complex task, much more complicated than a restaurant.  But with the right initiatives, it can be done.  The VA has been doing online order entry for decades.

The industry IS capable of maintaining integrated data bases… For example, see Health Insurers quietly keep blacklist.  The insurance industry has an extremely efficient blacklisting system that maintains files on you:

Trying to buy health insurance on your own and have gallstones? You’ll automatically be denied coverage. Rheumatoid arthritis? Automatic denial. Severe acne? Probably denied. Do you take metformin, a popular drug for diabetes? Denied. Use the anti-clotting drug Plavix or Seroquel, prescribed for anti-psychotic or sleep problems? Forget about it.

What’s more, you can discover that if you lie to an insurer about your medical history and drug use, you will be rejected because data-mining companies sell information to insurers about your health, including detailed usage of prescription drugs.

So, when it comes to figuring how to deny coverage to you, the industry has managed to create seamlessly integrated, state-of-the-art information systems.  When it comes to protecting patient safety, well, they are still trying to figure out how to deal with this… for over 20 years.

Restaurants and insurance companies didn’t require any federal agency or stimulus money to be stimulated install state of the art secure systems they did it out of their own (possibly nefarious) self-interest.

The problem is a lack of incentives, not lack of stimuluses.

The problem is that we are dealing with a Disease Industrial Complex, not a Health care system.


Comments Off on The Disease Industrial Complex: Health Insurers Keep Blacklist

Jul 21 2004

The National Health Emperor Has No Clothes

Published by under patient safety

National Heatlh Information Infrastructure 2004 Conference was just held last week in Washington, DC:

“In an Executive Order issued on April 27, 2004, President George W. Bush called for widespread deployment of health information technology within 10 years. As part of this announcement, he formed the Office of the National Coordinator for Health Information Technology (ONCHIT). An important aspect of the President’s initiative is the development of a nationwide interoperable health information technology infrastructure that can facilitate improvements in safety, quality, efficiency, and care coordination.”

This is my old briar patch, having spent 30 developing two of the largest hospital information systems in the world, for the Veterans Administration and the Department of Defense hospitals world wide.

I really am trying to be optimistic about this, and all of the surface rhetoric is great, about improving care, “tipping points” and all that.

However, I am greatly concerned that the deep structure of our health care system – the structures which have lead it to become an industry whose preventable errors are now one of the leading causes of death in America – are are still very much at work. Making the forces of this deep structure more “efficient” with “improved” information technology could easily end up making things get worse faster.

Our doctors have 1.2 million terms for how to be sick, yet virtually none to describe health, a list that is growing 5% per year.

We have a disease industry, not a health care sector. It is based on supply and demand of disease. Regardless of whatever nice, soft images your local hospital might put on billboards, their business is for you to be sick enough to come there.

A hospital that invests in a patient safety system which reduces readmissions would see its revenues drop, forcing them to be “altruistic” to save lives. The grocery industry has been using bar code scanners for decades for cookies and magazines; medicine is just now moving towards them – for drugs which have life-threatening consequences. Why has this taken so long? (And why are they moving to paper-based labels instead of RFID?)

Every provider and organization in the US probably has a vision statement which includes something stating that they are “patient centered.” The subtext of this should read, “You come first, after me.” The organization is at the center of their world, the patients are at the periphery. The standardization process, HIPPA, and a whole zeitgeist are structured around stovepiped, organization-centric models to which the patient is peripheral.

In our litagous age, the value of a wide spread electronic record would be far greater to malpractice lawyers doing Monday morning quarterbacking than doctors improving our health. This will lead to an upsurge in defensive medicine, as docs are drawn to ever-greater scrutiny. I suspect that these investments are little more than an income transfer scheme from health care to the trial lawyers. The chances of improving our health in all of this.

I wish I could imagine otherwise, but it sure seems to me that we are trying to get out of hole by digging it deeper.

For some of my musings on how to get out of this hole, see HealthSpace , Health and the Devil’s Staircase, A Transformational View of Health, Towards a Language of Health, and Creating an Epidemic of Health.

P.S. Very little of this rant applies to the VA health care system, largely due to the fact that their “deep structure” is aligned – they really do benefit from having healthier vets.


No responses yet

Apr 22 2004

200,000 preventable medical errors per year?

Published by under patient safety

I just read an article in the Wall St. Journal “Report Card to Rank Hospitals on Safety”

“The incidence of medical errors is higher than some patients might think. The Institute of Medicine reported in 2000 that medical errors cause as many as 98,000 deaths annually, but some safety experts now say the report actually understates the problem. Charles Denham, a physician and founder of the nonprofit Texas Medical Institute of Technology, which designed the new survey, says a more realistic number may be as high as 200,000 deaths per year.”

The Institute of Medicine is part of the National Academy of Science; a fairly respectable organization. There is a lot of controversy over these numbers; I’ve asked former Surgeon Generals and IOM members about this, and they basically don’t really know. It seems the range is between 20,000 and 200,000 deaths per year.

Yet even the low end of the IOM study, 44,000, puts deaths due to preventable medical errors on a par with automobile deaths. This equates to the carnage of a 9/11 every month, that we are systematically inflicting on ourselves.

Continue Reading »


No responses yet

Creative Commons License
Images by Tom Munnecke is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
Based on a work at
Permissions beyond the scope of this license may be available at