Free Hospital EMR and EHR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to Hospital EMR and EHR for FREE!

HIPAA Breach at Kaiser

Healthcare IT News reported that Kaiser had it’s Fourth HIPAA breach. Here’s a part of their description of the breach:

Some 5,100 patients treated at Kaiser Permanente were sent HIPAA breach notification letters Friday after a KP research computer was found to have been infected with malicious software. Officials say the computer was infected with the malware for more than two and a half years before being discovered Feb. 12.

We have confirmed that the infection was limited to this one compromised server, and that all other DOR servers were and are appropriately protected with anti-virus security measures,” said Tracy Lieu, MD, director of the division of research at Kaiser Permanente, in an emailed statement to Healthcare IT News. “It is important to note that the compromised server is used specifically for research purposes at the DOR and is not connected to Kaiser Permanente’s electronic health records system.

It’s quite interesting that in one part they say that the computer was infected with malware and that caused the breach. Then, they note that the antivirus software wasn’t being updated properly because of a “human error related to configuration of the software.”

This is a little disturbing to a tech person like me, because the person doesn’t know the difference between anti-virus software which works to stop and prevent viruses from infecting your computer and malware which usually isn’t covered by anti-virus software. They do have malware software to prevent malware, but it’s only so so in my opinion. It’s fighting a losing battle, but an important battle nonetheless.

I bet if we went into any hospital today, we’d find dozens of their computers infected with malware. Would be an interesting study for someone to do. I know many hospitals lock their computers down and block them from surfing many internet sites to try and deal with this problem. That can be pretty effective, but you do make many of your users angry in the process. The IT security people don’t mind that at all. Luckily, with phones people can still get their Facebook IV drip without having to infect the hospital computer. That is until the personal mobile phone gets compromised and infects the hospital network. That’s coming down the road as well.

April 14, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Kaiser Sales and IT Implementation Process

I was really impressed by this blog post by Danielle Cass, Innovation Evangelist in Kaiser Permanente’s Innovation & Advanced Technology Group (sounds like a fun, but tough job) on the HBR blogs. If you’re trying to sell something to hospitals, then you should really take the time to read the whole blog post.

Danielle opens with the crux of the challenge that any healthcare innovation meets when they try to get a hospital to adopt their technology.

No matter how many creative solutions we drum up to improve quality of care and service in the U.S. health system, they won’t do much good if only a few clinicians and institutions know about them and apply them.

But how do you overcome obstacles to spreading innovation, like fear of change, resource constraints, and slow, consensus-based decision making? By connecting people so they can quickly and easily share insights, collaborate on prototypes, and draft off one another’s enthusiasm and momentum. As Atul Gawande put it in a recent New Yorker article, “Human interaction is the key force in overcoming resistance and speeding change.”

In the rest of the post, Dannielle goes through the process of how a new innovative technology was introduced at Kaiser. It provides as clear a look as I’ve ever seen into the challenge of selling into hospitals and getting the technology implemented. It’s a slow process with a lot of challenges.

No doubt Kaiser is a unique institution, but from my experience many hospital systems experience some of the very same problems. It’s very easy to talk about innovation, but it’s a harder thing to get that innovation to diffuse through the organization.

Maybe this is just top of mind as I plan the first ever Healthcare IT Marketing and PR Conference, but it really illustrates the challenge that health IT companies face selling their product into hospitals. It’s a major process to find the right people and get the right people on board with the vision of your product.

January 14, 2014 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Epic to Epic Conversion

Gabriel Perna has a great article on Healthcare Informatics discussing an EHR conversion that I hadn’t considered. What happens when a hospital system acquires another hospital system and they both use the Epic EHR? Here’s the challenge as described in the article:

“As we got into it, we realized Epic had done [a conversion from] IC Chart [InteGreat from Med3000] before, they had done Cerner-to-Epic conversions, they had done McKesson-to-Epic conversions. They had done those before, and they do them well. They hadn’t done Epic-to-Epic before. That was the area where they were least experienced in. It was a lot more work to do,” says [Bob] DeGrand, who assumed the position of CIO [of Froedtert Health] in January of 2009, a few months after the West Bend affiliation became official.

As we continue on our path of hospital system consolidation, this is going to become more and more of an issue. As those familiar with Epic know, every Epic installation is unique. I was recently told by someone that even within the all Epic Kaiser there are multiple Epic installations and they have a challenge communicating with each other. Now think about what that means if you’re trying to merged two different Epic installations.

The article also points out that one of the biggest challenges in a merge like this is overlapping patients and ensuring that you merge them properly. Patient identity is a big challenge in any hospital system, but even more important when you’re looking to merge two large hospital systems that have relatively close proximity with similar patient populations.

I’d be interested to hear from other people who might have gone through an Epic to Epic conversion. What challenges did you face? Would you have rather had a Cerner to Epic conversion?

December 30, 2013 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Kaiser Permanente Branch Joins Epic Network

Though it apparently held out for a while, Kaiser Permanente Northern California has signed on to Epic Systems’ Care Everywhere, a network which allows Epic users to share various forms of clinical information, Modern Healthcare reports.

Care Everywhere allows participants to get a wide range of patient data, including real-time access to patient and family medical histories, medications, lab tests, physician notes and previous diagnoses. The Care Everywhere network debuted in California in 2008, and has since grown to a national roster of more than 200 Epic users.

Many of the state’s major healthcare players are involved, including Sutter Health, as well as prominent regional players such as Stanford Hospital and Clinics, USCF Medical Center and UC Davis Health System, according to Modern Healthcare. Kaiser Permanente Southern California also participates in the network.

According to Epic, the Care Everywhere system allows patients to take information with them between institutions whether or not both institutions use the Epic platform. Information can come from another Epic system, a non-Epic EMR that complies with industry standards, or directly from the patient.

But of course, the vendor likes to see Epic-to-Epic transmission best, as it notes on the corporate site: “When an Epic system is on both sides of the exchange, a richer data set is exchanged and additional conductivity options such as cross-organization referral management are available.”

Care Everywhere also comes with Lucy, a freestanding PHR not connected to any facility’s EMR system. According to Epic, Lucy follows patients wherever they receive care, and gathers data into a single source that’s readily accessible to clinicians and patients. Patients can enter health data directly into Lucy or upload Continuity of Care Documents from other facilities.

While connecting 200+ healthcare organizations together is a notable accomplishment, Care Everywhere is not going to end up as the default national HIE matter how hard Epic tries. As long as the vendor behind the HIE (Epic) has a strong incentive to favor one form of data exchange over another, it cuts down the likelihood that you’ll have true interoperability between these players. Still, I’ve got to admit it’s a pretty interesting development. Let’s see what healthcare organizations have to say that try to work with Care Everywhere without owning an Epic system.

P.S. It’ll also be interesting to see whether Epic is actually “best” for ACOs, as a KLAS study of a couple of years ago suggested. More recent data suggests that best-of-breed tools will be necessary to build an ACO, even if your organization has taken the massive Epic plunge.

December 26, 2013 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies.

EMRs Can Reduce ED Visits, Hospitalizations For Diabetics

Using EMRs is associated with a drop in ED visits and hospitalizations among diabetics, according to a study covered in iHealthBeat.

The research, which appeared in the Journal of the American Medical Association, involved analyzing all of the 169,711 records for patients enrolled in Kaiser Permanente Northern California’s diabetes registry.

Researchers drew on data collected between 2004 and 2009. During this period, in 2005, KP began to stagger EMR implementations across the region’s 45 outpatient facilities, iHealthBeat reports.

The study found that EMR implementations were associated with the following results, according to iHealthBeat:

  • 10.50% decline in hospitalizations for preventable, ambulatory-care sensitive conditions, or about 7.08 fewer hospitalizations per 1,000 patients annually;
  • 6.14% decline in non-elective hospital admissions, or about 10.92 fewer admissions per 1,000 patients annually;
  • 5.54% decline in ED visits, from an expected 519.12 per 1,000 patients to 490.32 annually; and
  • 5.21% decline in hospital admissions, from an expected 251.6 per 1,000 patients to 238.5 annually

That being said, EMR implementation had no effect in certain areas. The number of physician office visits per year held steady at six; the frequency of times patients saw diabetic exacerbations remained level; and how often patients developed cardiovascular diseases remained the same, iHealthBeat noted.

The researchers concluded that these results represented not only an improvement in diabetes care, but also “the cumulative effect of EHRs across many different pathways and conditions.

This study is one of a growing body of evidence that effective EMR  use can reduce readmissions and improve outcomes.  For example, a recent study appearing in BMJ Quality & Safety recently concluded that EMRs can help reduce hospital readmissions of high-risk heart failure patients.

In that case, researchers used EMR-based software to sort high-risk from low-risk heart failure patients, using 29 clinical, social and behavioral factors within 24 hours of admission for heart failure. Using this tool, researchers were able to cut readmissions rates for the 1,700 adult inpatients study from 26.2 percent to 21.2 percent.

September 16, 2013 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies.

Patients Accessing Online Medical Records Use More Services

In previous postings, I’ve noted that for various reasons, doctors using EMRs are tending to bill for more E/M services.  This has CMS in a bit of a tizzy, and definitely deserves attention from the industry. (See also this post about EMR and Upcoding)

Now, a study appearing in the Journal of the American Medical Association seems to have identified another vector for increased use of services. According to the study, patients with online access to medical records and clinicians consume more clinical services than those without access.

The JAMA authors drew this conclusion after studying the consumption of clinical services by members of Kaiser Permanente Colorado, a group model IDS.  The Kaiser unit was studied from March 2005 through June 2010, reports Becker’s Hospital Report. 

What made the Kaiser unit a good choice was that not only did it have an EMR in place, it also launched a patient portal in May 2006 allowing patients secure access to health records details such as test results, care plans and active medications.

Researchers found that members who used the MyHealthManager portal, which gave access to the EMR, had increased rates of office visits, telephone encounters, after-hours clinic visits, emergency department encounters and hospitalizations during the study period.

I was surprised to find out that JAMA researchers generated this data, especially the ED and hospitalization rates, which seem to have to been markedly different between the two groups.

It did occur to me that perhaps the sickest patients are using the portal, or that those who aren’t using the portal aren’t very engaged in caring for their health, but such relationships are rarely that simple. Besides, the researchers did group patients by “propensity scores” which took patient age, sex, utilization frequencies and chronic illnesses, so we aren’t looking at populations that simply self-selected into the sicker and more healthy.

In any event, I’m glad I stumbled across this study and could share it with you. Knowing that these patterns exist, just in case they turn up in your health system. They’re certainly worth bearing in mind.

November 29, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies.

Health Information Exchange

In an email response to my EMR and HIPAA post on HIE Waste, Edward Fotsch, M.D. and CEO of PDR Network offered these insights into the state and some history of Health Information Exchanges:

The fundamental question for HIEs is two-fold: 1) what is their purpose and 2) who benefits and will pay for them- the latter is a question of revenue model not grant funding which always runs out sooner or later. Relevant facts include:

1. HIEs are not a new concept. I was around when Community Health Information Networks; or CHINs (The ‘C’ in CHIN stands for communism where we all do the right thing because it’s for the good of the order) came and went. Then RHIOs came and went. Now HIEs. What these have in common is grant funding but generally no business model.

2. The idea of providers paying for the opportunity to share their patient (‘read “Client”) information with competitors is novel I must admit. But in the old days when I was seeing patients, when you sold your practice you largely sold your charts. It was the charts as much as anything else that kept patients coming to the new doctor after the sale- ‘it still works this way for many dentists. Now docs are supposed to pay for the privilege of having their charts opened to competitors? Now I know that the hospital execs all salute this flag when the discussion of HIEs occurs at the rubber chicken dinners. But when I was on the exec committee at a community based hospital we spent time trying to compete with, not empower, competing hospitals. You may say that is not right- but that’s a fact.

3. HIEs I’ve seen that have any hope serve a specific business purpose and often exist within an economic entity. Kaiser has a large HIE- they just don’t call it that.

4. Data exchange between competitors has worked in many venues- the obvious example is ATMs where competing banks collaborate. BUT this occurs because customers demand it. Unless or until patients/consumers begin to select healthcare providers who participate in some level (i.e. CCD-level sharing at least) of basic patient information exchange (i.e. refusing to go to providers who hand them a clipboard), the HIE concept is massively challenged. ‘Though it’s always fun right up until the grant funding runs out.

November 2, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Epic or Best-of-Breed? The Billion-Dollar Question

Ah, the Judy Faulkner stories. They’re beginning to be as numerous, and, uh, epic as those of Microsoft and Apple’s early days.  Imagine the average-looking, middle-aged Faulkner — Epic’s CEO, of course — walking into a room of hospital CIOs and telling them she’d come “to decide who she wanted as customers.”  Kinda makes you want to admire Faulkner even if you don’t.

But more importantly, such behavior brings up the question of whether Epic brings enough to the table to make such grandstanding tolerable.  As Zina Moukheiber, a Forbes contributor, notes in a recent article, Epic has certainly convinced a lot of CIOs that the answer is yes, largely because it offers a single ecosystem hospitals can deploy across the enterprise.

But like myself, Moukheiber seems very skeptical that Epic has justified its astronomical prices, which include:

* Partners HealthCare and Duke University Health System, $700 million each
* University of California, San Francisco, $150 million
* Dartmouth-Hitchcock Medical Center, $80 million

I’d also drop in a casual mention of Kaiser Permanente’s Epic installation, which allegedly hit $4 billion-ish before it was done.

Of course, the issue isn’t merely whether Epic is expensive, but whether it gets the job done in a way which can’t be done by less expensive systems.  That, clearly, is the billion-dollar question.

In response, Moukheiber notes that in a recent New England Journal of Medicine piece, published earlier this month, two Boston Children’s Hospital Physicians argue that “diverse functionality needn’t reside within single EHR systems.”  Children’s uses Cerner, Epic and best of breed software as needed.

Yes, that’s  the heart of the matter, isn’t it. If you believe that there’s less risk and more chance of success implementing one system — thinking embraced by many hospital boards — Epic is likely to be a smash.

But if you’re a best-of-breed CIO, you’re probably astonished that anyone trusts their whole enterprise to a single vendor. Honestly, I am too.

June 27, 2012 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies.

The Same Fate of ERP Software Will Happen with Hospital EHR Software

I’ve often thought of the challenge associated with selling an EHR or other related enterprise software to a large hospital. As I think about this purchase process it’s made me wonder why any hospital would change out that software. I’ve often said that Epic’s approximately $1 billion contract with Kaiser (along with a number of other similar contracts) is one reason that Epic is going to be in the healthcare IT business for a long time to come.

In fact, these contracts and the process of change in hospitals has often led me to feel like change in the hospitals is almost impossible.

The amazing thing is that the same arguments could be made for ERP software in large companies. I know some people don’t like the comparison, but I think there are a lot of really interesting similarities.

In fact, I was reading through this somewhat older article which talks with Aneel Bhusri and Dave Duffield who founded PeopleSoft which was taken in a hostile takeover by Oracle and Larry Ellison. Turns out that Aneel and Dave decided to start another company a few months after the takeover of PeopleSoft. As he describes it, “we had a lot of fun so should we start another one?”

Aneel offers this insight that they found with their new Workday software as it tries and competes with the larger Oracle and SAP ERP software systems:

The big vendors are vulnerable because they require big expensive upgrades. Workday doesn’t go into startups — it’s selling to big companies that have HR and financial software in place. But companies have to update this software periodically, and the traditional vendors like Oracle and SAP make it hard and expensive to upgrade. That’s when startups like Workday jump in.

Can you see the Hospital EHR fate the same as what’s mentioned above?

Sure, the other big hospital EHR vendors will continue doing business much like Oracle and SAP are doing in the ERP world. However, there is a great opportunity for the people that have the right connections and knowledge of the hospital world to do a startup hospital EHR company that steps in and gains some market share.

I will admit that it’s going to take a gutsy hospital CIO to make this happen, but you can be sure that it will happen. Many of these hospital CIO will be rewarded handsomely for the choice as well.

March 12, 2012 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.

Epic’s Success in the Hospital EHR Market

I took Katherine’s post about Epic Being a Victim of Its Own Success and posted it on Google Plus to see what kind of conversation would happen (Note: You can find me on Google Plus here). Turns out, it’s already generated 15 responses with a bunch of interesting points of view.

Dan Munro just left the following summary of Epic’s success that I thought was definitely worth sharing on this site since it was thoughtful and useful to consider.

1) The KP deal (started in 2003) is estimated to run $4B over 10yrs
2) Kent Gale, president of KLAS Enterprises, a research firm known in healthcare specifically for its customer surveys said “…there’s a huge gap between Epic and the other vendors. That is probably the biggest differentiator. They are able to keep their commitments better.”
3) Epic ranked No. 1 in seven out of 20 categories in one of KLAS’ most recent survey (and they don’t sell products for several of the categories).
4) “They have a reputation for doing the right things,” said Thomas Handler, a physician and research director at Gartner.
5) Founded in 1979 with an initial investment of $70,000, the company now is conservatively estimated by Wall Street analysts to be worth $1.2 billion (2008).
6) Epic has never done an acquisition, has no debt and has been known to turn away business.
7) The company historically has hired only 2% of all applicants.
8) Epic receives about 40,000 to 50,000 applications/year.
9) Epic’s software enabled Kaiser, the country’s largest health system (outside of VA?), to confirm that Vioxx increased the risk of blood clots, leading to the prescription painkiller being pulled from the market.
10) The company rarely negotiates on price. There is one exception: It has been known to give breaks, such as waiving its annual maintenance fee, to struggling hospitals.

Certainly Epic has been doing very very well. I’m not sure anyone would argue against that.

August 17, 2011 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 15 blogs containing almost 5000 articles with John having written over 2000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 9.3 million times. John also recently launched two new companies: InfluentialNetworks.com and Physia.com, and is an advisor to docBeat. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and Google Plus.