Wednesday, May 19, 2010

Trustworthy Information Systems for Healthcare

I'm an advisor to the Dartmouth Trustworthy Information Systems for Healthcare (TISH) project, a National Science Foundation funded effort to address emerging areas of information security in healthcare. Specifically, TISH will examine novel approaches to the protection of clinical information while ensuring clinicians can access the information they need when and where they need it. The work also focuses on the collection of sensor data through personal sensor devices including both physiological and activity data to enable monitoring of patient outcomes while giving patients control over their privacy.

We heard 4 presentations today that framed the scope of research ahead:

mHealth - how can we use wireless sensor networks on the body or in the home to gather telemetry that can be used to monitor or improve health? How do we maintain integrity of that data? What patient controls over data uses should be included? How can we guarantee the authenticity of the data, ensuring it came from the right person?

Economics and Risks - how can we reduce fraud including falsified billing, stolen pharmaceuticals/supplies/equipment schemes, or medical identity theft? How do we mitigate the risks of security failures such as stolen laptops, deceptions, and inadvertent disclosure that might occur through accidental search engine exposure or through the use of peer to peer file sharing? Will HITECH help?

Access Control - What is the current state of access control practices among various industries? How often are complex access rules used in practice? How often do users circumvent control mechanisms to get their work done? Can we express security policies by specifying who is using what and why (user/action/resources) with allow/deny settings?

Social Informatics - What is the patient perception of uses of their healthcare data? How does this compare to actual IT practices? What is the pattern of data flow for the average patient. For example, in 1997, an Institute of Medicine study For the Record identified that patient data is sent to 27 different groups in the course of treatment.

I look forward to participating in this effort, since answers to these questions will empower the policy and technology work we're doing nationally, regionally and locally.

4 comments:

Donald Green MD said...

I must insert a caveat. This distant approach could dilute out the professional human contact with the patient.

It either inserts another technician between doctor and patient or gives incentive to lessen attention to the patient by the physician. More onus is shifted to the sick or about to be sick. These data sets will require extra support that may be more readily supplied by a trip to an attentive provider. One of the greatest risks to our collective health is either inability to see a physician or a decision to put it off because it costs too much. A piece of technology is as yet no substitute for this.

If the technology enhances the clinician's ability to examine, this is pay dirt. If it has the unintended impetus to remove the decision maker from more direct involvement, it should be carefully reevaluated. Monitors no matter how sophisticated as substitutes for direct care have not had an excellent history.

Medical Quack said...

As always,great word of wisdom spoken here at your blog and we appreciate it and how you get out there and roll up your sleeves and are so "hands on". That means a lot today!

Mobile devices and senors I think are going to be a big calling for the 2000's. I just had little mention today on my brainstorming idea that I have blogged about a few times and MSDN gave me a little coverage, granted it is a Microsoft technology but I would have done the same if it had been anyone else's too. We need a way to better find recalls and this was my idea which could maybe even live in a cloud someday if is determined to be workable.

http://blogs.msdn.com/tag/archive/2010/05/19/do-microsoft-tags-belong-in-healthcare.aspx

If nothing else it might get some folks thinking and talking at minimum if nothing else.

jonathan krasner said...

With regards to social informatics, there is some experience on this from Great Britain. You can attend a seminar on this on Thursday in Boston:

> Towards Meaningful Use of Health Information - Lunch and Learn Session

PA Consulting Group, is a leading management, systems and technology consulting firm, is presenting a “Lunch and Learn” session where George MacGinnis, who has been embedded in the NHS for the past four years leading their Telehealth Program, and Chris Steel, the US Country Head for PA Consulting Group, will share insights from their work inside the NHS. The discussion will be relevant for organizations seeking to invest in eHealth solutions in the United States as well as those considering offering their solutions in the UK market. Time: 12:00pm – 2:00pm. Locations: Washington DC – 19th May, New York – 20th May and Boston – 21st May. For more information please contact Stefan Lysak (212-973-5918) or stefan.lysak@paconsulting.com

Anonymous said...

There is so much opportunity to incorporate technology in healthcare, especially data collection.

Working in an ICF-MR long-term care program that cares for intellectually disabled adults, one technological tool that could greatly aid psychiatric assessments and developing program supports would be smart restraints or protective devices (e.g. padded helmet) that transparently capture details about device application (e.g. date and times the device were applied or removed). Such a device could be fitted with an intelligent buckle that when fastened or released would trigger the collection of data.

This technology already exists too! Take for example a SportBrain pedometer that uses a pendulum actuator to record data transparently to the user and can be uploaded to the web to view the quantitative outcomes. One goal in the collection of clinical data is to make the collection of data transparent to the user and autonomously performed by computers. Business rules are created and programmed to route arising healthcare needs to the attention of caring physicians and psychiatric doctors and others.

The same concepts would apply to medical data (e.g. collection of blood pressure readings and any other charting details). How do we incorporate the autonomous collection of data into EMR systems so that doctors and nurses can spend less time recording data and spend more time assessing and treating those that need care?