What Keeps Me Up at Night, FY12 Edition

Every year I write about the projects and trends which keep me up at night.   Here's my list for FY12:

1. Workforce recruitment/retention - $27 billion in stimulus funds from HITECH have increased demand for experienced IT staff to implement and support electronic health records.   In many ways, it's a mini "dot com" boom for healthcare IT experts.    This makes recruiting and retaining qualified staff even harder.  Tomorrow, I'm meeting with a consulting team to formulate an FY12 workforce strategy.

2. 5010/ICD10 -  5010 describes a set of X12 standards used for administrative transactions (benefits/authorization. referral authorization, claims).   Payers and providers must support 5010 by January 1, 2012 or risk disruption of the revenue cycle.   BIDMC completed all its 5010 work and is now in final testing with every payer.   Most payer and provider stakeholders will meet the deadline, but significant resources have been pulled from other projects.   ICD-10 implementation is required by October 1, 2013 and I've written about those challenges.  Billions will be spent, many healthcare IT projects will be deferred for the next 2 years, and the end result will be no cost savings (coding costs are likely to increase 50%), no quality improvement, no increased safety, and no efficiency gains.  If we complete the ICD-10 project on time, no one will notice, but customers will all be angry at the IT department (and the CIO) for the work on other projects that was deferred.

3. Vendor Product Quality - over the past year, I've had several bad experiences with infrastructure and application vendors which delivered products that did not have the reliability, security, or performance promised.   Why?
* the pace of innovation is so fast, that time for quality assurance is diminished.
* the economy has stressed companies and they are focused on making as many sales as fast as they can while controlling development  and support costs
* the end result is less satisfied customers.

4. Storage growth - BIDMC is approaching 2 petabytes of clinical data and Harvard Medical School has exceeded 3 petabytes of research data.   Balancing transactional performance, reliability, and the cost of storage at petabyte scale is very challenging.   In FY12, I'll continue to introduce new storage technologies and management tools (including chargebacks to sustain the cost of storage growth), with the hope that I'll be able to keep up with demand.

5.  Analytics/Business Intelligence - We have petabytes of data but users want information, knowledge and wisdom.    In FY12, I have a five part strategy to support analytics:

a.  For comprehensive ad hoc analytics with quality assurance, BIDMC has an expert data mining team which can explore any clinical or financial data while reviewing the accuracy of the underlying data.

b.  For less rigorous ad hoc analytics, we have a self service query tool which enables users to explore data themselves.   However,  such self service queries are unlikely to filter out data of questionable quality (men having babies, women having prostate procedures etc)

c.  For reports that are run frequently, we're developing a new set of business intelligence tools that use Microsoft SQL Analysis and Reporting services.

d.  For our Blue Cross Alternative Quality Contract and our Accountable Care organization activities we have a  Quality Data Center that aggregates clinical data.  We also have an all payer claims data warehouse.

e.  For unstructured data we plan to experiment with a new generation of natural language processing tools

6. Healthcare Reform and Mergers - Accountable care organizations require substantial IT investments and new processes to coordinate/manage care across the community.  Smaller organizations may be unable to implement all that is needed so they may seek mergers with a larger organization.   Today I oversee the IT requirements for 2 hospitals and multiple clinician groups.   Over the next year, I believe the number of affiliated organizations requiring IT support will increase, requiring new investments in healthcare information exchange and analytics.

 7. Mobile devices/consumer IT - We have 1000+ iPads accessing our web-based applications today.  Clinicians are mobile people and need to view results, enter orders, and communicate with team members at the bedside.     Increasingly they'll want to use their own devices, which creates support and security challenges.

8. Governance - Governance is essential to maintain satisfaction in budget constrained times.     In all IT organizations, the supply of resources is fixed, but demand is infinite.   There’s an direct relationship among project scope, project timing, and project resources.   Governance and communication are the best tools to reduce scope, limit demand, and keep satisfaction at reasonable levels.   Here’s how BIDMC does it.

9. Compliance/Regulatory Pressures -  At the same time that Meaningful Use empowers care coordination, population health, and public health with health information exchange, the penalties for privacy breaches have increased.   Thousands of new regulations have been enacted in the US during my 15 years as CIO.  With nearly 25% of my IT organization working on some aspect of compliance, the amount of time left for innovation is diminishing.

10. Security - The internet has become a swamp with nearly 50% of internet devices infected with some type of malware.  The most basic freedoms we've enjoyed on the internet  - the ability to visit any site, experiment with new applications, and share media with friends, is now a threat to the privacy of business data. The next year will require us to rethink how consumer computing and business computing can co-exist.

That's an intimidating list.  However, there is always hope and we'll make progress in all these areas over the next year.   By FY15, we will not even remember the events of FY12.   Accelerating challenges come with the territory of being an IT leader.  Keep smiling.

reade more... Résuméabuiyad

Cool Technology of the Week

On November 18, I'm giving a lecture about technologies that educators can use to mentor their students.

My experience running Harvard's Mycourses taught me that social networking for student/faculty interaction works very well.    Blogs, wikis, chat rooms, and interactive simulations are useful, but structured community question/answer requires a more powerful tool.

I recently heard about Piazza, a Silicon Valley startup that supports over 900 school campuses and ten thousands of students with a free online collaboration platform.

It has received investment from several venture capitalists, no doubt because it has attracted a large number of devoted users who spend hours per day using the site.

It provides a faculty platform for managing queues of questions, triaging crowd sourced answers to questions, and entering answers.

Also, there's a student platform for reading answers and sharing ideas with other students.

A social networking platform for students and faculty that empowers students to master difficult concepts together.   That's cool!

reade more... Résuméabuiyad

Acne Scars: Treatment and Prevention

Acne scars are one of the most pervasive dermatological problems. They are common for people of all ages. Typically, they are a result of inflammation that occurs when bacteria, dead cells and access oil combined together and started pressing on the walls of the skin pore and breaks the follicle wall. Up to 80 percent of people in their teenage years are getting affected by acne. While many of these people recover from the said skin condition without permanent effects, some are left with scars.

There are a few topical skin care medications that can help improve mild scarring. Most acne scars can also be treated by means of skin resurfacing and surgical procedure combinations.

Treatment Options

Not all scars can be avoided even with careful treatment. But the good news is there are now a number of treatment options that you can choose to minimize the appearance of acne scars. Your doctor will check how severe your scars are and may recommend you any of the following treatment options:

• Dermabrasion. This is a kind of skin smoothing surgery where the skin's top layers are removed. A special device is used in this treatment option to gently sand the surface of the skin to normal and healthy skin. Normally, an antibiotic ointment or petroleum jelly is applied on the skin to lessen scaring and scab formation.

• Chemical Peels. In this procedural treatment, a chemical or exfoliating agent is applied on the skin. Among the most common agents used include lactic acid, trichloroacetic acid, glycolic acid, carbocilic acid and salicylic acid. Chemical peels usually range from light to deep strength, depending on the chemical agent used and how much time it should stay on the skin. How much peeling should be made also depends on the skin condition and expected results. Chemical peels are often suggested to those who have mild acne scars.

• Laser Treatments. There are two (2) categories of laser that are used to treat acne scars. These are ablative or resurfacing laser and non-ablative lasers. Ablative lasers take off the skin's outer layer, burning scar tissues and tightening the dermal collagen. Through this way, the visibility of the scar is reduced. In laser resurfacing, erbium YAG laser and ultrapulsed carbon dioxide laser are commonly used. Since the skin is damaged and unprotected tissues are exposed, effort should be exerted in wound care and avoiding infection. The skin may redden for a couple of months or even a year afterwards.

Non-ablative lasers sets off changes in the dermis without damaging the epidermis. The newest FDA approved laser for this kind of treatment is called "smoothbeam."

• Filler Substances. For shallow and saucer-shaped acne scars, filler substances are commonly used. There has been an increase in the amount of filler substances used in plumping up acne scars. Cosmoderm, Fasciian, Restylane, Artecoll, Cymetra and bovine collagen are available.

Acne Scar Prevention Tips

As soon as acne develops, treat it! The most effective means in avoiding acne scars is by preventing the development of acne into a severe form. Do not wait for acne to go away on its own, but start treating it right away. Consult a dermatologist to know if your acne is unresponsive to topical medications or over-the-counter treatments. As possible, avoid doing things that could irritate your skin like using harsh skin care products and aggressive scrubbing.

Still having trouble getting rid of acne scars? Click to learn how to get rid of acne scars NOW!

reade more... Résuméabuiyad

A Personal Experience with 4G LTE

Steve Berry, BIDMC's Director of Academic and Research Computing, wrote this guest blog entry, about his experience with 4G LTE:

"I've had the Verizon MiFi 4G LTE card for 6 months.

In a 4G network area, the access and speed is incredible.  It is so good that you can exceed the 5GB monthly service cap in 4-5 hours!

Once you limit your new found flexibility, it is like having your Ethernet access everywhere. It even worked well while driving long distances.

In a limited 4G network (like the commuter rail line between Boston and Worcester), it is very problematic.    When the 4G signal is low and a 3G is available, the device switches modes. This drops the existing connection and  3G takes 20-30 seconds to activate.  If you happen to come back into a 4G area (signal level above the 3G value), it switches modes again taking another 30 seconds to establish an active link.  In the 1 hour Worcester to Boston route, I used to lose 3G connectivity twice and lose about 2 minutes while the SSLVPN and MiFi resynchronized.  Since moving to the 4G, I lose 30 minutes of the 1 hour commute due to continuous mode changes.

There is no ability to force the unit into 3G or 4G only mode. There is no standard for setting up a new connection before dropping an existing connection.  Recent firmware updates have not improved performance.

If you have not yet upgraded to 4G LTE, it's important to first study your usage patterns and the 3G/4G coverage in your area.  Moving through a mixed area is actually the worst of both worlds.

On my recent vacation, my daughter found that the iPad easily linked to the MiFi (all LTE in Tampa). She happily watched her Netflix videos for several days and I was none the wiser until a month later when the monthly bill came and I was being charged for 25GB of data activity. I had no idea what caused the overage until I reviewed the dates!"

Thanks for your insights Steve.

My iPhone 4S arrives soon and should not have this problem because it does not yet support LTE.  By the time Apple releases an LTE phone, 4G wireless should be more ubiquitous in Massachusetts.

reade more... Résuméabuiyad

Miami Dolphin Brandon Marshall's New PSA for Borderline Personality Disorder

In July 2011, Brandon Marshall revealed that he was diagnosed with Borderline Personality Disorder (BPD). According to the National Education Alliance for Borderline Personality Disorder, this serious mental illness centers on the inability to manage emotions effectively. The condition which has strong heritability (68%) and a high suicide rate (10% of adults with BPD die by suicide), produces symptoms such as impulsivity, anger, and chaotic relationships.

When Brandon announced his condition this summer, he vowed to become the face of borderline personality disorder. He seems to be following through on his promise, as he has just released a public service announcement (PSA) in collaboration with the National Education Alliance for Borderline Personality Disorder. The 33-second video is primarily focused on 3 key messages:

1. Prevalence of this condition is high (15 million Americans)
2. There is hope (treatment exists for those who suffer and education exists for families coping with the disorder)
3. There are resources: visit the NEABPD website or follow Brandon on Twitter (@BMarshall19) for more information

I like the PSA for several reasons. It is simple with clear messages (above). The messages are delivered both verbally by Brandon and visually with key words appearing on the screen. The "call to action" is clear. Viewers are directed to the NEABPD website and Brandon's Twitter feed for more information.

I also like that this particular health issue has found a champion or spokesperson. Unlike other mental health conditions like depression with several celebrity spokespeople (e.g., Brooke Shields), less is known about BPD and those who suffer from it. Experts in mental illness stigma like Patrick Corrigan state that there are several strategies for reducing stigma...and one of those strategies is called "Contact". Contact challenges public attitudes about mental illness through direct interactions with persons who have these disorders. The contact does not have to be face to face, but instead can occur through a channel like a PSA.

The strategies that I see for improving this PSA are focused less on its composition, but instead on its distribution/promotion. Although the video has been on YouTube for 6 days, it only has 309 views. Announcements about the PSA are located primarily on football blogs (e.g., Shut Down Corner) or BPD specific websites. It does not seem that the PSA has been picked up by mainstream media or health blogs. This is in sharp contrast to PSAs I've spoken about previously on Pop Health, like in July 2011 when I discussed Kim Kardashian's ovarian cancer research spot which currently has 33,431 views.

Readers- please weigh in: which mental health advocacy organizations would have the best "reach" in promoting this PSA? What other strategies could they use for distribution/promotion?

reade more... Résuméabuiyad

It Takes a Village

In 2008, four people stopped by my BIDMC office to chat about the future.   They were Farzad Mostashari, Todd Park, Aneesh Chopra, and Peter Basch.   They had a vision to change the world through technology, EHR adoption, and data liquidity.

Little did I know that at the meeting, I was chatting with the future National Coordinator for HIT, the future CTO of HHS, the future CTO of the US, and an influential policy thinker at the Center for American Progress.

Since that meeting, I've stayed in touch with them to exchange ideas, seek their advice, and share lessons learned.

In 2009, I became co-chair of the HIT Standards Committee.   Little did I know that the HIT Standards Committee would become the most functional, most productive, and hardest working federal advisory committee in the Obama administration.  Its experts have helped me enhance IT capabilities in all my technology roles.

In 2010, I worked with Brian Biles and Steven Morrison of the Center for Strategic and International Studies on Japanese healthcare IT policy.   Little did I know that the work would become a foundation for earthquake/tsunami recovery IT planning.    Brian and Steve inspired several trips to Japan and meetings with numerous government, academic, and industry leaders.

In 2011, I began working with Rick Shoup, Manu Tandon, and Micky Tripathi on Healthcare Information Exchange planning for Massachusetts.   Little did I know that together they would create a unified Healthcare Information Exchange strategy for the Commonwealth that integrates public sector and private sector priorities with multiple funding streams into a single, extraordinary work plan.   It has become one of my favorite projects.

On Friday, I'm co-leading a design session for public key infrastructure (PKI) in Massachusetts.  I called my friend Dixie Baker at SAIC, my friend Arien Malec at RelayHealth, and my colleagues in government to share their experiences creating a trust fabric for large groups.   Massachusetts will succeed by seeking the wisdom of others.

When I was young, I thought I had to be smart enough to solve every problem myself.  In today's world, I'm convinced the best way to make a difference is surrounding yourself with people who are smarter than you.  The best solutions take a village.

I've said that my tombstone will hopefully read "he made a difference".   After the past few years of working with smart people, I'm convinced it would be better as "he was part of a village that changed the world."

reade more... Résuméabuiyad

The Healthpad Panel at AMIA

Yesterday I was in Washington DC at the American Medical Informatics Association annual meeting in Washington to join a panel with Dr. Henry Feldman, Dr. Larry Nathanson, and Janet Meyers RN discussing the use of tablet computers in medicine - Session S36 "Tablets in Healthcare: No Just for Pills Anymore"

Dr. Feldman began the presentation with great showmanship, pulling his iPad from a bucket of water, illustrating how the FrogSkin protects even a submerged iPad.   He discussed his iPhone sterilization experiments.   As a busy hospitalist, he explained the value of the iPad in providing "everywhere" computing - access to healthcare records, provider order entry, and clinical documentation applications at the bedside.   He illustrated patient education materials that he uses to consent patients and explain care plans.  He noted that the iPad's touch screen keyboard is good enough and that he has never used his physical keyboard dock.

Dr. Nathanson described his early adoption of the iPad to manage workflow in the Emergency Department.   Over the past year we've worked on a streamlined web-based provider order entry application from the Emergency Department which brings one click ordering on the iPad to all our ED docs.   Clinical documentation is fully functional on the iPad.   Dr. Nathanson cleans his iPad with alcohol wipes and notes that he drops it at least once shift, with no discernible damage to date.

Janet Meyers RN presented an overview of Airstrip technologies, noting that they make perinatal telemetry available anywhere anytime to clinicians.

I presented an enterprise view of mobile technologies, highlighting they importance of infrastructure, mobile-enabled applications, an organizational culture which fosters adoption of new technology, and a willingness to invest in enhanced security protections to address the security risks of supporting consumer technologies on hospital network.

I'm a great champion of mobile devices and I truly believe the future of all clinician workflow is mobile, but that enthusiasm has to be tempered by the risks of commingling "Angry Birds" with clinical lookup on the same device.  I highlighted the need for applications such as Good Technologies which separate the memory space/storage of work related applications from consumer applications.   Only through the use of advanced intrusion detection/prevention, restrictive firewalls, web content filtering, web application firewalls, and security education can we keep mobile devices safe enough for use with clinical applications.

A great discussion with the important take home lesson - tablet/pad-based computing in healthcare is the future, but it must be implemented and managed prudently.

reade more... Résuméabuiyad

The October HIT Standards Committee Meeting

The October HIT Standards Committee meeting included recommendations for privacy/security certification criteria, a discussion of next steps for the Standards and Interoperability framework priorities, and a review of the comments received from the Metadata Advanced Notice of Proposed Rulemaking.

We began with a discussion of the challenge of writing certification criteria for privacy and security, since the security of EHRs should depend primarily upon infrastructure assurances (networks, servers, storage, client devices, operating systems) and specialized security services.  The EHR itself should provide only those security services which are specific to protecting the confidentiality, integrity, and availability of the electronic health information it manages.

The certification criteria that the Privacy and Security Workgroup developed are all  “addressable”.  To meet the criteria, each Complete EHR or EHR Module submitted for certification needs to either:
– Implement the required security functionality within the Complete EHR or EHR Module(s) submitted for certification or
– Assign the function to a third-party security component or service, and demonstrate how the certified EHR product, integrated with its third-party components and services, meets the criterion

We discussed the important topic of securing data at rest and recommended encryption for data on end-user devices controlled by EHR.   However, we recognized that encryption of data in data centers is a risk management decision and out of scope for certification criteria.

We discussed audit trails and recognized that applications collect audit data in different formats using different architectures.    The real value of an audit trail is the events it captures, not the format it stores them in.    We selected the ASTM E2147-01 standard which specifies auditable events, leaving implementation details to each vendor.   At some future time, it may be useful to standardize audit trail formats, but for now, there is limited value in imposing a standard audit trail format and architecture on existing products.

The HITSC approved the privacy and security certification criteria recommendations by consensus, with one small clarification of SHA-1/SHA-2 encryption requirements.

Next, we discussed the Standards and Interoperability Framework efforts on the NwHIN Exchange transport standards and transitions of care as well as a brief discussion of future work on radiology image exchange standards.

We agreed that additional testimony is needed from implementers of NwHIN exchange to understand their experiences with each component of the Exchange specification:
NHIN Messaging Platform Specification
NHIN Web Services Registry Specification
NHIN Authorization Framework Specification
NHIN Patient Discovery Specification
NHIN Query for Documents Specification
NHIN Retrieve Documents Specification
NHIN Access Consent Policies Specification
NHIN Health Information Event Messaging (HIEM) Specification
NHIN Document Submission Specification
NHIN Administrative Distribution Specification

We're developing a set of questions for implementers and will seek broad input from those in trenches who have coded or operated NwHIN Exchange environments.

We had a rich discussion about the consolidated CDA project.    Consolidated CDA enhances and further constrains CCD/C32.   Wes Rishel made the following comments:

Many standards experts who have been actively working on the Consolidated CDA project feel that it is a major accomplishment by HL7 to consolidate the specifications into a single document, organize them so that consistent XML structures are used for common data items in multiple document types, and to include well-specified data element names.

Many feel that the consolidated CDA alone will prevent as much as 50% of the programming errors found in C32 testing and that disagreements on the interpretations of the specifications will be far more easily resolved.

Programming, testing and resolution will all be enhanced again when the data element names are used in less highly nested XML and when Green CDA becomes accepted as the "over the wire" format.

HITSC will continue work on Consolidated CDA as it represents an important step forward for Transition of Care summaries.

Finally, we discussed the comments received about the Advanced Notice of Proposed Rulemaking. This input will be incorporated into the Notice of Proposed Rulemaking.

September and October were landmark meetings for the HITSC, with completion of the standards and certification criteria needed for Meaningful Use Stage 2.   What's next?   Based on my discussion with HITSC experts, I believe our work ahead includes:

Content
*Continued refinement of the Consolidated CDA implementation guides and tools to enhance semantic interoperability including consistent use of business names in "Green" over-the-wire standards.
*Standardizing DICOM image objects for image sharing and investigating other possible approaches.   We'll review image transfer standards, image viewing standards, and image reporting standards.
*Simplifying the specification for quality measures to enhance consistency of implementation.
*Query Health - distributed queries that send questions to data instead of requiring consolidation of the data

Vocabulary
 *Extending the quality measurement vocabularies to clinical summaries
 *Finalizing a standardized lab ordering compendium

Transport
*Specifying how the metadata ANPRM be integrated into health exchange architectures
*Supporting additional NwHIN standards development (hearings about Exchange specification complexity, review/oversight of the S&I Framework projects on simplification of Exchange specifications).   Further defining secure RESTful transport standards.
*Accelerating provider directory pilots (Microdata, RESTful query/response that separates the transaction layer from the schema) and rapidly disseminating lessons learned.

I look forward to our November meeting.

reade more... Résuméabuiyad

Cool Technology of the Week

In the aftermath of the Blackberry outage last week, many people have asked me about iPhone 4S and Droid devices.   As I wrote about yesterday, I chose the iPhone 4S to achieve a consistent user experience between my phone and my Macbook Air laptop.

Many of my staff use Android-based devices and are very happy with application availability and phone performance.

I polled my staff and asked them to identify the best Droids available today.   Here's what they said:

1. Droid Charge by Samsung

2. Droid Bionic by Motorola

3. Droid Incredible 2 by HTC

Also worth mentioning is the Galaxy S II by Samsung

I welcome your comments about these 4 devices.   My 500 staff have spoken and believe these are the best Android phones on the market - that's cool!

reade more... Résuméabuiyad

Reflections on My Daughter's College Experience

My daughter made the transition from high school to college about 2 months ago.  Already, she's matured emotionally, intellectually, and physically, becoming an independent adult.

When I reflect on my own college experience, it was not the math, science and engineering coursework that was transformative, but instead was the people I met and the independency I had to master.

In my case, I developed mentoring relationships with several professors and researchers.  I learned to shop for meals and cook for myself.  I learned how to become an advocate for my own projects and priorities.   I evolved from introverted geek to a convener of peers.

My daughter is going through the same transformation.   After two months, she's developed mentoring relationships with the Tufts faculty who are experts in Japanese language and culture.   She's advocating for a special educational experience during winter break in Japan.   She's been elected to the boards of the Tufts Japanese Culture Club and the Anime Club, making numerous friends and building relationships along the way.   She's cut her hair, replaced her glasses, and replaced her high school clothes with a look that gives her adult credibility.

Importantly, she's done this by herself - accepting all triumphs and setbacks as the consequence of her own actions.     She sets her own goals, a pace for meeting them, and the criteria for success.   Her internal motivation is responsible for getting up in the morning, triaging her activities, and defining the future.

To me, only a small portion of college is about grades and coursework.   After all, Steve Jobs and Bill Gates both dropped out.  Peter Thiel (founder of PayPal) will even pay the best and brightest to leave college and found companies to accelerate their life experience.

College is about building a desire for lifelong learning, becoming an advocate for yourself, and understanding the possibilities that life offers (both careers and relationships).

I'm extremely proud of her progress thus far.

reade more... Résuméabuiyad

The Technology I Own, 2011 edition

In 2009, I wrote about the technology I own.

In 2011, I own less.   My devices have converged and everything I need is available in two products:

1.  A Macbook Air 11" with 4G of RAM and 128 G of SSD running Mac OSX 10.7.2.  The only software I've added is Keynote, Pages, and Numbers.  Nothing more.

2.  An iPhone 4S on the Verizon network.   For 2012, I've concluded that CDMA is the best network in the US, while GSM/GPRS/EDGE/3G is the best network in the rest of the world.   The iPhone 4S is the first Apple product that enables me to leverage both technologies.   I've retired all my still and video cameras, my dictation devices, and most importantly, my Blackberry.

Starting in 2003, I was one of the first adopters of Blackberry technology, carrying the trusty 850 which was basically a push email device that looked like a pager.

From 2003-2011, I've sent over 3 million emails from these devices.   Unfortunately, my current needs are more than text messaging.   I need to read complex documents, access numerous web resources, and run a rich array of local applications.

The simplicity of owning two devices is that I carry only two small power supplies, a VGA dongle, and less than 3 pounds in my briefcase.

The iPhone weighs 4.9 ounces

The Macbook Air weighs 2.38 pounds.

The user interfaces, software applications, and engineering on the two devices is very similar, which means a fast learning curve and great synergy.

It's amazing that in 2012 I will not own any music equipment, any video equipment, any camera equipment, a desktop, or a land line phone.   All I will own is an Air and a 4S.  

As with many things in life, less is more.

Two years from now, my parsimony of devices (2) may converge further to a single device.   My prediction is that it will not be a Blackberry, which by 2013 is more likely to be associated with fruit sellers than IT organizations.

reade more... Résuméabuiyad

An Update on Massachusetts Health Information Exchange

As I've described previously, Meaningful Use Stage 1 was focused on the electronic capture of data into EHRs.  The standards we specified included content and vocabulary but not transport.

Stage 2 will be more focused on Health Information Exchange.  Transport standards will likely be included in the Notice of Proposed Rulemaking.

In order for Health Information Exchange to work, I believe we need
a.  A transport standard which can be implemented consistently for multiple senders and receivers (such as Direct)
b.  A certificate distribution infrastructure to secure the endpoints (such as via DNS)
c.  A directory for routing information between organizations (such as a RESTful API to a SQL database)
d.  Connections to the last mile -  sending/receiving directly into EHRs (such as via XDR/SOAP) or into a standalone web-portal as a short term solution while vendors build transport features into EHRs.
e.  Governance to guide the technology and policies that support the above

On October 17, the Massachusetts HIT/HIE Advisory Committee (think of it as the state equivalent of a Federal Advisory Committee) presented its recommendations to the HIT Council (the governance for Massachusetts HIT activities).   The Advisory Committee asked for the input of 88 stakeholders divided into 5 groups - legal and policy, technology and implementation, finance ad sustainability, consumer and public engagement, provider engagement and adoption.

The state HIE implementation plan we presented:

*Aligns with national interoperability standards and emerging MU stage 2 requirements
*Maximizes State Medicaid Health Plan/Medicaid Management Information System Federal Financial Participation funding,  a 9 to 1 match
*Focuses Medicaid funding on building infrastructure for statewide services, and the ONC Cooperative Agreement HIE funding for last mile implementation

What is last mile implementation?

1. Our regional extension center (REC) will do a pareto analysis of EHR adoption in Massachusetts to identify the most commonly used EHRs.  I believe that 20 EHRs are common but 5 EHRs (eClinicalWorks, AthenaHealth, NextGen, Allscripts, GE Centricity) cover 90% of the providers.   We'll negotiate with those vendors to create the software which is necessary to connect their EHRs to the statewide Direct backbone in 2012.  Yes, we could wait until 2013 when Meaningful Use Stage 2 requires them to implement transport standards, but coordinated procurement now will accelerate HIE integration.

2.  We'll provide System Integrator services to support on boarding of small practices and subnetworks of clinicians to the state HIE backbone.

3.  We'll provide education and training to foster adoption and use of HIE services.

4.  We'll devise grants and subsidies that serve as incentives for HIE adoption

5.  We'll facilitate the addition of value added services to the backbone such as public health reporting, clinical registries, and quality measurement services

As I've spoken with vendors, many have noted that State HIEs tend to build central infrastructure but assume endpoints will connect to it on their own.   My experience is that a centralized project management office and a single coordinated plan is needed to connect the endpoints.  Once every provider, payer and patient is connected, the value proposition of the HIE will increase significantly per Metcalfe's law.

We agreed that by November the Advisory Committee will complete:

*Initial State Medicaid Health Plan Implementation Advanced Planning Documents (IAPD) for review by Advisory Committee workgroups and the Secretary of EOHHS before submission to CMS
*An outline of Statewide HIE Policy Guidance that complements the technology to be built via IAPDs
*A high-level plan for entire project, so that all stakeholders understand what we're creating

I'm extremely optimistic - we have a plan with alignment of support, appropriate funding, and mature technologies that are low risk for failure.   The HIT Council, MeHI,  and Federal government stakeholders are reviewing our recommendations over the next few weeks and we'll seek their approval to move forward in November.

The momentum for Health Information Exchange in Massachusetts is building among payers, providers, patients, government, and industry.   2012 will mark the tipping point that enables us to stop talking about barriers to Health Information Exchange and instead focus on the accelerators.

reade more... Résuméabuiyad

Exploiting Privacy Breaches

I've described information security as a Cold War, requiring constant investment and vigilance to innovate faster than the hackers and criminals who are stealing data to commit identity theft.

I'm spending an increasing percent of my resources on regulatory compliance and data protection.

Over the past year, Federal and State governments have

1.   Specified standards to protect healthcare data during transport
2.   Required encryption of data at rest.

3.   Required breach notification to patients and prominent media 

4.   Created policy to define meaningful consent and other important patient privacy rights
5.   Launched a new initiative on data segmentation in an effort to support more granular healthcare privacy preferences

CIOs and Chief Information Security Officers are working as hard as they can, hackers are intensifying their attacks, and the world is accelerating its adoption of mobile technologies that make perfect control of data more challenging.  Despite all our efforts, breaches will occur.   Even the most sophisticated security companies have been breached by increasingly sophisticated malware.

There's a dark side to all of this that is the subject of today's blog post - using the new privacy breach reporting laws for personal gain.

There are many good attorneys.   My parents are attorneys (patent and business law).    Some of my favorite colleagues are attorneys working hard in the public interest (Deven McGraw at CDT, Jodi Daniel  at ONC).

As with any profession there are those attorneys who use the law for personal gain.    Here's a list of privacy breach class action suits, comparing payments to attorneys versus their clients.

There are many good  investors.    Accelerating new technology by providing funding to those who can build high value businesses is a good thing.     As with any profession, there are investors who put profits ahead of societal benefits.

I've heard discussion about an alarming new business model.   Investors paying attorneys to file class action suits related to privacy breaches in return for a portion of the profits.

Prviacy Breach reporting is now public.   Identifying a class is easy.

However, if the risk of harm from the privacy breach is low, attorneys may not want to bear the expense and burden of filing a suit, given that recoveries might be minimal.   If investors underwrite the risk, realizing that most healthcare organizations will want to settle rather than spend time and resources on litigation, we'll likely see a lawsuit following every reported privacy breach.

To me, there are different kinds of privacy breaches - those which are caused by true carelessness and those which occur because of sophisticated attacks that the Pentagon could not even repel.   We should hold organizations accountable for implementing best security practices to protect privacy.   We should report breaches to patients and prominent media, since breach reporting regulations provide a great incentive to invest in appropriate security.   However, we should do this in an effort to enhance the society we live in, not generate profits.

As we all work together on electronic health records and healthcare information exchange, let's try to create regulations that do that right thing

1.  Protect the data
2.  Respect patient privacy preferences
3.  Recognize the difference between hard to prevent breaches and those that occur because basic protections were not in place

Investing in class action suits that asymmetrically benefit the finance and legal professions is not something that benefits society.

As the eternal optimist, I'm convinced we can all work together for the common good and make every day better than the last.   If you hear about someone using privacy breach reporting for their own personal gain, shout out that it's the wrong thing to do.

reade more... Résuméabuiyad

Pink Fatigue? JCPenney's Sexist Merchandise. Smoking and its Box Office Impact. What Am I Reading This Week?

Here are the top 5 stories I'm following this week:

1. Amid breast cancer month- Is there pink fatigue? A very important public health story. "Awareness" does not equal behavior change (e.g., increased screenings or access to medical care). A related story appeared last week in Upstream: A forum on interdisciplinary health communication.

2. JCPenney CEO responds to petition to stop selling sexist clothing marketed to young girls like "I'm too pretty to do homework". The company is using this incident as a "teachable moment".

3. The use of social media in street protests can be effective for both protesters and police. A story in ScienceDaily.

4. Smoking is a drag at the box office. An analysis of top-grossing movies from the past decade shows that films with smoking make less money.

5. Video game can reduce fatigue in African American women with lupus. A pilot study to explore using Wii Fit to reduce fatigue.

What are you reading this week?

reade more... Résuméabuiyad

Cool Technology of the Week

Big data has arrived.   At BIDMC, I oversee 1.5 petabytes of clinical and administrative data.   At HMS, I oversee nearly 3 petabytes of research data.

As Blackberry's recent outage illustrates depending on single monolithic infrastructure has its risks and impact of failure can be enormous.

How can we leverage commodity hardware infrastructure, reduce risk, and meet user demands for mining big data?   Apache Hadoop is a cool technology worth knowing about.

Hadoop is an open source framework that allows for the distributed processing of large data sets across clusters of computers, designed to scale from a single server to thousands of machines.  Rather than rely on hardware to deliver high-availability, Hadoop detects failures and automatically finds redundant copies of data.  The Hadoop library includes

*The Hadoop Distributed File System (HDFS), which splits user data across servers in a cluster.

*MapReduce, a parallel distributed processing system that takes advantage of the distribution and replication of data in HDFS to spread execution of any job across many nodes in a cluster.

Microsoft has just introduced support for Hadoop into SQL Server 12  as part of their  end-to-end Big Data roadmap.

A fault tolerant distributed file system using commodity hardware for big data that is even integrated into mainstream data mining tools like SQL Server.  That's cool!

reade more... Résuméabuiyad

Columbus Day in New England

Every Columbus Day, my family visits New Hampshire for hiking, apple picking, and autumn color at peak.

Here's my ideal Columbus Day Weekend:

1.   Climb Mount Monadnock via the Marlboro trail - it's the road less traveled that includes easy rock scrambling, great views, and beautiful foliage.  I've climbed Mt. Monadnock over 100 times.

2.  Pick Apples and buy fresh chestnuts at Old Cider Press Farm in Westmoreland, NH.   My favorites are Gala, Empire, and Black Gilliflower.

3.  Spend the night at the Inn at East Hill Farm in Troy, NH - we've rented the upper floor of Sugarhouse on Columbus Day weekend for the past 15 years.

4.   Have a vegetarian lunch at the Zeppelin and Kaliedoscope in Marlborogh, NH.    My favorite is the Falafel platter.

5.  Meet artists throughout Southern New Hampshire as part of the Friends of Dublin Art Colony Columbus Day weekend open studios.

It's quintessential New England.   Robert Frost would be proud.

reade more... Résuméabuiyad

The Impact of Consumer IT on the CIO

I've written about the implications of staff bringing their own devices to the office instead of using corporate desktops and the challenges of keeping mobile devices secure.

I own a Blackberry Bold 9700, first released on December 18, 2009.  Since I do not read email when I drive, I hand it to my wife who instinctively tries to navigate my email by gesturing on the screen (it does not work).  I receive one email every 30 seconds (over 1000 per day), many of which contain web sites and attachments.   Reading them on a Blackberry Bold is not a satisfying experience.   It's a messaging device, not a comprehensive mobile platform.

In 2007, owning a Blackberry was cool and RIM interviewed me about the my mobile lifestyle.

The iPhone 3GS was released on June 19, 2009 and since then Blackberry has become less cool and RIM has lost $30 billion in market value.

Market changing consumer products are introduced every 6 months.  In the same timeframe, I've been working on hundreds of important enterprise initiatives.  The average hospital IT project, given limited resources and large scope, takes 18 months.

The consumer IT marketplace moves at such a fast pace, applying thousands of people to create a single device, that the average employee now expects every hospital IT project to proceed in the same manner, even though only one person may be working on a niche project that serves a small number of users.

I sometimes describe the job of the CIO as a quest to minimize negative reinforcement - "I only received 100 challenging emails, it's been a great day".  The accelerated pace of consumer IT multiplies impatience, intolerance, and emotion.

It would be great if mobile devices and the Cloud solved all our problems, but unfortunately, the enterprise world has compliance requirements, security constraints, complex business processes, controls, and workflows that are not addressed by consumer technologies.

What's a CIO to do?

1.  Embrace mobile devices and the cloud when they make sense.   We do support iPhones and Android devices for email.   We do support the cloud for image exchange and a private cloud for hosting community physician electronic health records.  BIDMC Information Systems is considered "consumer device friendly", which helps my reputation.

2.  The expectation of new infrastructure and applications every 6 months tempered by the reality of 18 month hospital project plans requires intense communication.   This week, I sent my staff a plan to create  "IT concierges" for our key stakeholders, ensuring that monthly project updates keep users informed and better align expectations with reality.

3.  Meetings with disgruntled stakeholders are really important to maintain credibility.  "Presence" of the CIO can really make a difference when customers perceive the pace of enterprise IT innovation to be slower than the consumer marketplace.

4.  Maintaining agility and flexibility without being dogmatic ensures the CIO is not the rate limiting step to innovation.  I've always said that if emerging companies can provide superior service at lower cost to any product we have currently, we should openly evaluate it.   Customers will appreciate that IT has a culture of innovation even if product life cycles are longer than the consumer marketplace.

5.  CIOs need to accept that 10% of users will dislike you on a given day because enterprise technologies are unlikely to keep pace with consumer technologies.   Rather than get frustrated, realize that by focusing on continuous measured progress, you'll create a trajectory that prudently moves forward, balancing security, innovation, and functionality.   As my daughter would say, Ganbatte!

Complexity, unrealistic customer expectations, and resource limitations make the job of CIO increasingly difficult.   By focusing on the possible, communicating your plans broadly, and accepting consumer technologies for the use cases that make sense, the CIO can continue to thrive.

reade more... Résuméabuiyad

Dr. Pepper Ten: A "Manly" Campaign That Promotes Gender Stereotypes Instead of Health for Men

Yesterday while on the elliptical machine at the gym and watching ESPN (surprise! women watch ESPN), I had the displeasure of seeing the new commercial for Dr. Pepper Ten no less than five times.

Dr. Pepper Ten is a new 10-calorie drink being rolled out by the Dr. Pepper Snapple Group Inc after their client research revealed that men are hesitant to drink diet drinks because they aren't "manly" enough.

The TV commercials that I watched showed men with huge muscles driving through the jungle, shooting guns, and battling snakes. The men say things like, "Hey ladies. Enjoying the film? Of course not. Because this is our movie and this is our soda, you can keep the romantic comedies and lady drinks. We're good."

According to several online reports (e.g., the MSNBC link above), the campaign also developed a Facebook page which contains an application that allows it to exclude women from viewing content. In addition, the page includes games and videos aimed at being "manly." Several twitter users also report that the campaign encourages viewers to "rat on their friends for not being manly". If true, I have no idea how "unmanly" behavior is being reported.

My analysis:

It is great that advertisers are using focus group and other data to develop products and ad campaigns. They taught many of us in public health the importance of these strategies and we are forever grateful. However...

This campaign promotes strict gender stereotypes: Men act like this and women act like this- no exceptions! This dangerous norm contributes to serious public health problems. For example, the traditional ideology of masculinity has been explored for its relationship to negative outcomes like bullying and high risk sexual behaviors.

This campaign attempts to encourage men to drink a "healthier" soda (less calories, real sweeteners) without making them feel like they are dieting...because after all- dieting is only for women. Too bad the obesity rate is hovering between 32-35% for both men and women.

I have seen weight loss/health for men done much more effectively by other companies without insulting viewers. For example, after they saw their services being utilized by more men, Weight Watchers and NutriSystem rolled out men's programs. Weight Watchers presents strategies for making healthy choices in settings where men may find themselves socially (e.g., at a BBQ or at the bar). To reduce the social stigma around participation, they recruited strong male role models like former NFL quarterback Dan Marino. An ABC story on the companies' programs says "Calorie Counting Can Be Macho".

The strategy used by NutriSystem and Weight Watchers to reduce the stigma around healthy behaviors will be much more effective long-term than simply tricking people into being healthy.

For those readers who think I'm only offended by the campaign because I'm a woman, please see a few tweets from Tuesday night...authored by men. The first by my husband, who wrote multiple posts on Dr. Pepper Ten before I ever voiced my disgust with this campaign:

@jeff_underscore: "Dr. Pepper 10 - I think your ad campaign is insane, insensitive and sexist and unfortunately everywhere".

@sorryeveryone: ".@drpepper i really liked your soda but you know what I like more? treating women like they're human beings and letting men be themselves".

Readers: What do you think of this campaign? Do you think it will be effective in getting men to drink these "healthier" sodas?

reade more... Résuméabuiyad

The BIDMC FY12 Operating Plan

This is my 1000th blog post.  Readers have visited the geekdoctor blog over a million times.   The discipline of writing every day has helped me become a better communicator in my work and personal lives.    Thanks for being a part of it.

Today, I'm publishing the BIDMC FY12 Information Systems Operating plan which includes all the high priority projects I identified in my earlier post about preparing for a new CEO.    

In the Clinical Information Systems area there are numerous important goals, but five that deserve a more focused discussion:

ICD-10 - A challenging and expensive compliance project that must be done because 70% of the revenue cycle is at risk.  The scope of the project includes BIDMC, it's community hospital affiliate BIDH-Needham, the owned physician group APG, the academic affiliated group HMFP and the private physicians in BIDPO.    The likely budget - $5-10 million.   The likely safety, quality, efficiency improvements - none at all.   Many in the industry recognize ICD-10 as a colossal waste of time and effort.  I've tried very hard to communicate this broadly and will continue that effort in articles, lectures and personal meetings in Washington.

Clinical Documentation - although all the ambulatory areas and ICU areas of BIDMC have online documentation, progress notes in the wards are still written on paper.   In order to improve care coordination, decision support, and provide the granularity necessary for ICD-10 coding, we will work hard to create multi-disciplinary documentation in our ward areas.

Electronic Medication Administration Records - We're redesigning  medication management from the supply chain to the bedside.   We'll adopt innovative tools to automate the new idealized processes.

Healthcare Information Exchange - Accountable Care Organizations will require increased health information exchange analytics.   All the stakeholders in Massachusetts have worked together on an HIE plan that connects every provider, payer and patient.   Now we need to build it.

Analytics - Turning data into information, knowledge and wisdom will require a new generation of analytics.   We're building those now.

The Fiscal Systems area includes several important compliance goals such as 5010 and enhancements to our human resources management systems.

Knowledge services will continue curation of our electronic library resources.

Media Services will enhance our streaming and conference room infrastructure.

In the Infrastructure area, there are important 15 important themes:

Data Protection - Develop and implement a strategy for protecting BIDMC authentication credentials and sensitive data accessed from personally owned computers including mobile devices.

Patch Management - Improve patch management sufficiently to reduce vulnerabilities by 50 percent or more on I.S. managed systems.

Voice Mail System - Replace the current voice mail system that supports over 6,000 accounts with a more up-to-date, IP-based system without incurring extended disruption of service or loss of old content.

Clinical Systems Service Level - Implement high availability features using Cache ECP and Red Hat Enterprise Linux clustering technologies.  Increase service levels from 99.9 percent to 99.99 percent due to Cache or Linux related problems.

DR Data Network - Virtualize the distribution layer of the data network in the disaster recovery center to permit more flexible repositioning of assets without regard to VLAN assignment.

Life Cycle Management - Replace one-third of the approximately 120 data network access switches in the east and west campuses with more up-to-date and efficient devices.

Security Dashboard – Develop metrics that in combination provide a way to quantify the risk, by subnet, of devices attached to our data network.   Using this information, apply security measures that are tailored to the relative risk each subnet presents.

Vulnerability Assessments – Deploy a commercial Vulnerability scanner along with updated processes and procedures to enhance our ability to identify and remediate vulnerable systems network wide.

Windows 7 – Upgrade all kiosk/public managed workstations to Windows 7 to enhance the user experience, improve security, and take advantage of better management features.   Upgrade at least 50 percent of business builds to Windows 7 with the balance targeted for FY13.

SQLServer Enterprise Edition – Migrate two-thirds or more of the 32 data bases still using Standard Edition to Enterprise Edition.   EE provides higher availability, larger hardware, improved auditing, and other features.

Rights Management – Improve the utility of the Varonis rights management system to include surveillance of unusual access patterns that may indicate a security issue.

Exchange 2010 – Plan the upgrade and deployment from Exchange 2007 to Exchange 2010.

Internet Access – Develop and implement a strategy that reduces the exposure of BIDMC IT technical resources and sensitive data to Internet-based malware that strikes a workable balance between the security threat and business need for Internet access.

Service Level Monitoring – Extend the use of Nagios software monitoring to 75 percent or more of the data center assets to improve the reliability, granularity, and accuracy of system alerts.

Storage – Migrate all new image acquisition PACs to Atmos and begin conversion of all Centera assets to Atmos.

We'll do all of this within the FTE, operating budget (less than 2% of the BIDMC Operating budget) and capital budget assigned.

I look forward to a great year ahead and share with all of you the lessons learned along the way.

reade more... Résuméabuiyad

#NoHomos on Twitter, "50/50" looks at Cancer, Johnny Depp's Rape Comments, Chris Christie's Weight, and Steve Jobs: What Am I Reading This Week?

Whew- it has been a busy week for Pop Health! Here are the top 5 stories I've been reading:

1. Twitter is no place for #NoHomo: Should Twitter take a more proactive stance regarding hate speech that can result in trending topics?

2. "50/50"- A Hollywood movie takes on cancer: Cancer has been a theme in many movies (e.g., "Funny People") and TV shows (e.g., "The big C" on showtime)- how does this movie compare?

3. Johnny Depp offers apology for rape remarks: Depp offers an apology for comparing being chased by paparazzi to being raped. Forgivable?

4. Chris Christie's Weight- Big problem or none of our business?: Although Gov Christie has recently announced that he will not run for President in 2012, the conversation continues about his weight and its influence on his ability to be a successful Governor or President. What do you think?

5. Steve Jobs and Pancreatic Cancer: There have been many stories about the death of Steve Jobs and the contribution of pancreatic cancer to his passing. I thought Celebrity Diagnosis did a nice job of guiding readers through his diagnosis.

Please use the comment box to tell me what you think about these stories and about others that you are reading this week!

reade more... Résuméabuiyad

Cool Technology of the Week

As the discussion of the functionality to be included in a Nationwide Health Information Network (NwHIN) continues, there are 3 different secure transports being evaluated:

Exchange:  “NHIN Messaging Platform Specification”, which uses SOAP for transport and WS-I Basic Security Profile for security (TLS + XML signature + WSDL + AES + X.509 + SAML)

Direct:  “Applicability Statement for Secure Health Transport”, which uses SMTP for transport and S/MIME for security (AES + X.509)

Secured REST:  specification to be done, but will use HTTP for transport; candidates for security include TLS, X.509, and OAuth.

Each has different characteristics and different strengths.   The barrier to RESTful implementation is lack of a consistent implementation guide.

The folks at MITRE have implemented project hData  noting that "Current electronic health data standards are complex, hard to implement, and difficult to manage”.

hData separates transport and packaging from content – something the HIT Standards Committee has supported.   This FAQ provides more details.  Clearly hData is still in development and not yet adopted, but I do think they are pursing an appropriately simple approach to transport.

The hData content format has been balloted by HL7 and a Draft Standard for Trial Use (DTSU) is expected this month.  The hData transport format (RESTBinding) is in the Open Management Group comment resolution phase.

A RESTful implementation guide for healthcare that separates content and transport, providing easy to implement,  secure transport.    That's cool.

reade more... Résuméabuiyad

The Vortexes of Sedona

Last weekend, I gave a keynote address at the eClinical Works National User Conference in Phoenix, Arizona.   As is usual when I travel, I look for interesting places to explore in the natural world within driving distance of conferences.    I flew in at 2am on Saturday morning, giving me the entire day on Saturday to explore before my Sunday morning lecture and redeye back to Boston.

Sedona is 120 miles north of Phoenix and is well known for its red rock vistas, its spirituality, and great hiking trails.

Most intriguing to me was the concept of the Sedona "vortexes", which have been described as swirling centers of energy emanating from the surface of the earth.  

Whether or not you believe in the physical manifestation of such energy centers, there are 4 great hikes to visit the vortex locations.

As you enter the Sedona area on Highway 179, you'll pass Bell Rock and Courthouse Butte.   There's a trailhead on the right side of the highway with access to numerous loop trails from 1 mile to 4 miles in length.   I highly recommend the Courthouse Butte loop, which passes the Bell Rock Vortex.

The photo above is the Cathedral Rock Vortex which is accessed via a .7 mile walk/climb accessed from Back-O-Beyond Road off Highway 179.   It's easy slab climbing and a 700 foot elevation gain from the parking lot to a beautiful vista.   I'm not sure if it recharged my spiritual batteries, but the breeze cascading through the pillars at the peak was refreshing on a 100 degree day and the shade of the Cathedral Rock walls boosted my hiking endurance.

The Airport Vortex is located on Airport Road off Highway 89A.   The view of Sedona from Airport Mesa is spectacular.

The Boynton Canyon Vortex is located at Dry Creek Road off Highway 89A.  I'm a fan of old Juniper trees (said to be an indicator of strong vortex energy) and you'll find plenty in Boynton Canyon.

After climbing/hiking 4 vortexes, I enjoyed a vegan lunch in a shaded outdoor garden at the Chocolatree Cafe , a very hip spot on Highway 89A.  Highly recommended.

Sedona proved to be a very invigorating place, well worth the day trip from Phoenix and preparing me for the double redeye flights of the weekend.

reade more... Résuméabuiyad

A Moment for Steve Jobs

Earlier this evening, I emailed my staff about the passing of Steve Jobs.   Many responded that they were genuinely sad.

It's not about being Apple "fanboys" or disliking the competition.   It's about recognizing the possibilities for what might have been if Steve had lived longer.

In some ways, his death seems like Faustian bargain - revolutionize the world with products beyond our imagination, then die too young.

In my life, I crossed paths twice with Steve Jobs.

As an undergraduate at Stanford from 1980-1984, I met Steve Wozniak and Steve Jobs at the Stanford Computer Club and saw early demonstrations of Apple II, III, and Lisa products.   I taught the first undergraduate personal computer course at Stanford in1981, using Apple products in an era when the Stanford Computer Science department told me that personal computers were a fad that soon would end.

In 1983, Steve Wozniak's mom called me and asked me to design an electronic greeting card for the Woz's 33rd birthday.    To this day, I hold the patent on all e-cards, both the paper type that play music and those you send over the internet.

Steve Jobs was at the party where my card was demonstrated for the first time.

I bought a Mac SE30 in 1990.

I was an early adopter of the NeXT cube and used it to develop all my early web applications at BIDMC when I first arrived in 1996.

My Windows years were limited to 1995-2006.   Since then I've used MacBooks, iPads and iPods as my hardware devices.    This year, I'll retire my Blackberry and replace it with an iPhone 4S.

Thanks Steve, you really made a difference.

reade more... Résuméabuiyad

(Dis)Connected: MTV Explores the Impact of Digital Drama on the Health and Safety of Young People

On Sunday October 10, 2011, MTV will premiere "(Dis)Connected". The movie will explore the experiences of four young people. They have never met in-person, but their lives collide online and are forever changed by their digital interactions.

The film supports the network's "A Thin Line" campaign which empowers youth to stand up against digital abuse of all kinds (e.g., bullying, discrimination, etc).

The movie is inspired (in part) by the tragic death of Abraham Biggs in 2008. Biggs, a 19-year old college student, live streamed his suicide on the internet, with some users egging him on and some trying to talk him out of it.

(Dis)Connected supports an ongoing discussion in public health regarding the question: "Does technology help us or hurt us when it comes to issues such as bullying or suicide?" The answer is not clear. There are examples on each side. One year ago today, I wrote the post "Bullying: Is Technology Helping Us or Hurting Us?" The post was inspired by the dialogue of how technology may have contributed to the suicide of Tyler Clementi but also how it was being used in a positive way to prevent bullying in the aftermath (e.g., the "It Gets Better" project).

On her blog "Promoting Hope, Preventing Suicide", Elana Premack Sandler writes about research and advice for preventing teen and adult suicide. Just in the past year, she has extensively explored the issue of technology/social media and its impact on suicide prevention. Some example posts include: Facebook Support Networks (September 21); YouTube Prevents Suicide? (May 4); and Promoting Hope Through Social Media (April 13).

Let's all check out (Dis)Connected on October 10 and let the dialogue continue.

If you or someone you know is in crisis, please call the National Suicide Prevention Lifeline at 1-800-273-TALK or visit their website here.

reade more... Résuméabuiyad

The Responsibility of Formal Authority

You probably expected me to write about the new iPhone 4S today, but the press has analyzed it well, especially Computerworld.  Next week I will write about the impact of accelerated consumer IT product releases on CIOs, including managing customer expectations for business IT innovation.

In the meantime, a few thoughts on the wise use of formal authority i.e. that job description we were handed when we first became CIOs.

In previous blog posts I've reflected on the fact that none us of really have authority.  Instead, we have responsibility and risk.

The work that I do in all my lives - Federal, State, BIDMC, Harvard Medical School, and my home life as father/husband/son - do not rely on formal authority.   They rely on my informal authority to inspire, align, and communicate.

I have never "ordered" a change.   The best I can do is to facilitate consensus and follow Harvard Business School Professor John Kotter's principles for change management:

1. Establish urgency.
2. Form a powerful guiding coalition.
3. Create a vision.
4. Communicate the vision.
5. Empower others to act on the vision.
6. Plan for and create short-term wins.
7. Consolidate improvements, creating more change.
8. Institutionalize new approaches.

Relationship building and fostering trust bring me the informal authority I need to lead people through change.

Although the formal authority I have is never used, there are behavioral responsibilities that come with the title CIO.   I have to be careful what I say, who I speak with, and what I do, because the hierarchy of the organization assigns power relationships to the role I serve.   There are five guidelines I've assigned myself:

1.   Respect hierarchical boundaries - if I bypass my direct reports and communicate directly with their direct reports, I always ensure the communication includes everyone in the chain of command.   If I did not do this, I would disempower my managers and directors.

2.   Communicate consistently with everyone - it's bad behavior is to tell different versions of the truth to  people based on what you believe various audiences want to hear.    By communicating consistently, I create a culture of collaboration.  The last thing I want to do is create discord in the organization by encouraging people to work against each other or foster dissension among teams.

3.   Work via standard processes - it may seem expedient to invent your own processes, bypass hierarchies, or work around established lines of communication in an effort to accelerate projects.   My experience is that such an approach causes confusion, misalignment of priorities, and wasted effort.   Just as I respect hierarchical boundaries, I follow standard processes when problems need to be resolved.  

4.   Communicate broadly and honestly - if there is problem in the organization, I communicate it to all stakeholders.   It is far better to over communicate, even if the news is challenging/difficult, than to work in silos and try to hide failures for fear of embarrassment.

5.   Work openly and transparently - we've all worked in organizations with office politics that happen behind the scenes.   Back channel conversations, blind cc's on email, escalation around hierarchical boundaries, different conversations in the open verses behind closed doors, and undermining the authority of others can occur in any organization.    If someone suggests solving a problem by working on it clandestinely, I refuse.  Problems should be solved openly and transparently with all the stakeholders in the room.

These are the responsibilities of formal authority.   Although you may never use the power you've been given in your job description, your actions every day can impact your peers and your staff in subtle ways.   Once you understand that your every word and behavior can inspire, influence, or irritate, you'll have mastered the responsibility of formal authority.

reade more... Résuméabuiyad

Simvastatin Safety and Information Systems

The following is a broadcast email written by Dr. David Feinbloom, Medical Director, Medication Safety and Information Management at BIDMC.  It nicely illustrates the collaboration among clinicians, pharmacists, and Information Systems:

To all –

I am writing to update you on the simvastatin patient alert process that was initiated in July. As you will remember, this initiative was prompted by the recent Food and Drug Administration (FDA) warning for patients taking simvastatin because of an increased risk of muscle damage when taken at high doses or in combination with several other medications.

In response to this alert, the Medication Safety Subcommittee, in concert with Healthcare Quality, decided that an institutional response was warranted and we proceeded with the plan described in the original email below. In brief, we reached out to all stakeholders, developed a data query to help providers identify these patients, allowed sufficient time for providers to reach out to these patients, and then sent letters to all the remaining patients who were still taking simvastatin, at a high dose and/or in combination with several other medications. Last Monday we sent  2800 letters to the remaining patients.

This size of this initiative was unprecedented for BIDMC, and although it was largely successful, there were many important observations and lessons learned which will inform our process going forward; these include:

1. The volume of alerts, and the number of patients affected, continues to grow (see the recent FDA warning on Celexa and abnormal heart rhythms).
2. Sorting through the level of evidence and clinical relevance of these alerts is difficult and time consuming.
3. Running queries on our patient’s medication lists with sufficient sensitivity and specificity to meet our provider’s needs is not always possible.
4. Provider preference on how, or whether, to address each alert with their patients is variable.
5. Resources, at both the institutional and provider level, are insufficient to support this work.

We have assembled a group to evaluate how to meet this challenge, and anyone who would like to join is welcome. I will provide you with updates as they become available.

Thanks for your help and support.

David Feinbloom

----------
Email to Providers

As you know, the Food and Drug Administration (FDA) recently issued a new warning for patients and healthcare professionals regarding simvastatin because of an increased risk of muscle damage when taken at high doses or in combination with several other medications.

(FDA Drug Safety Communication: Simvastatin). Although it is not uncommon for the FDA to issue safety warnings when surveillance data identifies unanticipated adverse drug effects, this case is somewhat unique because simvastatin is such a common medication among our patients at BIDMC. In addition, we know from previous medication safety initiatives in that past that most of providers do not have the time or resources necessary to identify and contact all of their patients who may require notifications. For these reasons, we are proposing the following strategy:

Healthcare Quality will work with IT to generate of list of patients that have an active simvastatin prescription, either at a dose, or in a combination identified by the FDA to be associated with an increased risk for adverse events (see Search Query below). We will then send a list to each provider by email to give them an opportunity to reach out to their patients and update their medication list.

In several weeks time we will run the same query on all patient medications again. Patient that still have a prescriptions for simvastatin in a dose or combination of concern will then be sent a standard letter asking that they contact the prescribing provider to discuss whether any medication changes should be made (see Patient Letter below).

If you have already contacted your patient and made changes to their medication list such that they no longer have a dose or combination of concern, they will not be receiving a letter. Unfortunately, if you have made the clinical decision to continue your patient on a dose, or in a combination of concern, we will not be able to suppress the letter. We expect this will happen infrequently, and if it does, the language of the patient letter is clear that if they have already discussed this you they need not re-contact you.

Your list may include some patients for whom you are not the primary provider, or may omit some patients who you consider to be part of your panel. Similarly, problems may occur for patients whose medication list is not up to date, contains errors, or includes prescriptions for split doses.

Please let me know if this plan is acceptable to your practices.  The queries we are running include

1. All patients in who have an active prescription for simvastatin 80 mg prescribed < 1 year ago.

2. All patients in who have an active prescription for simvastatin > 10 mg and any of the following medications:

·          Amiodarone
·          Verapamil
·          Diltiazem

3. All patients in who have an active prescription for simvastatin > 20 mg  and any of the following medications:

·          Amlodipine
·          Ranolazine

4. All patients in who have an active prescription for simvastatin (any dose) and any of the following medications:

·          Itraconazole
·          Ketoconazole
·          Posaconazole
·          Clarithromycin
·          Erythromycin
·          Telithromycin
·          Amprenavir
·          Atazanavir
·          Darunavir
·          Fosamprenavir
·          Indinavir
·          Lopinavir/ritonavir
·          Nelfinavir
·          Ritonavir
·          Saquinavir
·          Tipranavir
·          Cyclosporine
·          Danazol
·          Gemfibrozil
·         Nefazodone

----------
Letter to Patients

Dear Patient –

You are receiving this letter because according to our records you are currently taking the cholesterol-lowering medication simvastatin. Simvastatin is also sold under the brand name Zocor, and is found in the combination medications Vytorin and Simcor.

The Food and Drug Administration (FDA) recently issued a new warning for patients and healthcare professionals regarding simvastatin because of an increased risk of muscle damage when taken at high doses or in combination with several other medications.

The risk of muscle damage is low and we do NOT recommend that you stop any of your medications without first talking to your healthcare provider.  Simvastatin is an excellent cholesterol-lowering medication and in many instances continuation of the medication is appropriate. However, we are recommending that you contact the provider who prescribed the simvastatin to discuss whether any medication changes should be made. You may have already had a discussion with your healthcare provider about this issue; if so,  it is not necessary for you to re-contact him or her. You should immediately contact your healthcare provider if you experience muscle pain, tenderness or weakness, or dark or red colored urine.

reade more... Résuméabuiyad