Chief Information Officers Roundtable: The challenges are getting tougher
The second of Modern Healthcare 2017 C-suite roundtable discussions--the CIO Roundtable--took place during February's Healthcare Information and Management Systems Society meeting in Orlando, Fla.
Editor Emeritus Merrill Goozner moderated a discussion that ranged across a variety of issues bedeviling healthcare systems and their vendors as they press toward fulfilling the promises made when the federal government provided more than $30 billion to computerize the nation's medical records.
The chief information officers sharing the stage at the Optum booth were Dr. John Halamka of Beth Israel Deaconess Health System in Boston; Marc Probst of Intermountain Healthcare in Salt Lake City; and Matthew Chambers of Baylor Scott & White Health in Dallas. The following is an edited transcript.
Modern Healthcare: A huge issue today is the usability of electronic health records. How easy are they for physicians? For nurses? It's causing burnout. What are you doing at the system level to make EHRs easier to use by frontline healthcare workers?
Dr. John Halamka: If you were to talk to Judy Faulkner (CEO of Epic Systems Corp.) or Neal Patterson (CEO of Cerner Corp.) or Howard Messing (CEO of Meditech) or any of the CEOs about their development pipeline, they must address regulatory compliance before they can address usability. We perfectly engineered exactly what we have: highly compliant, data-collection systems that are very challenging to use. What have we done? You'll hear a lot at this conference about FHIR (the Fast Healthcare Interoperability Resources data exchange framework) and various kinds of interoperability. We are surrounding the electronic health record with third-party modules that are adjuncts to these transactional compliance and regulatory systems that are much more pleasing to use. We use Apple products and send data to your phone. We use things like doctors and nurses developing workflow tools that meet their needs that connect to our EHR. I think we'll see over the next couple of years an ecosystem of external apps, not authored by the EHR companies, that accelerate usability.
Marc Probst: It's going to be third-party applications. We're going to have to be able to create some kind of middle layer that uses these applications quickly and easily. But what are we doing today? We're working within the boundaries that have been created by our vendor. We're doing as much as we can to tailor those systems to make documentation easier, but I don't think we've succeeded.
Matthew Chambers: We're seeing some of the same things. At Baylor Scott & White, a very physician-led organization, we're talking about restoring the majority of practice back to physicians. It's a physician-led effort and they're actually looking at workflow and how much they have to do. These are transactional systems that are made for regulatory compliance. They're not workflow enablers. They are checking a box and going through all of the different things you have to do for meaningful use. Most of them started out for capturing charges, right? They weren't really thought about for care. They were thought about for billing. We're unique in healthcare in that we take the most expensive, critical, human element of the value creation chain and we make them do all the data entry.
MH: There are two possibilities you've raised. One is re-engineering the workflow to accommodate the EHR. Or you can do bolt-ons —develop new technologies. Which is the more productive path?
Halamka: The answer is both. I'm an emergency physician. The emergency physicians of Beth Israel Deaconess used to see 2.5 patients per hour because of the burden of electronic health record data entry. We hired $30,000-a-year scribes to follow the emergency physicians and made them twice as productive. It's not elegant. But as a short-term fix, it enables you to return to the joy of practice and practice at the top of your license by doing a few of these interventions simultaneously.
Chambers: What we hope to create in the next couple of years is the best user experiences and the best user interfaces. They should be invisible. If you don't have to think about how to interact with it, and you just interact with it, then it's the best ever. We are betting the farm on making the interface go away. Let the physician talk with natural language processing. That's where we think it needs to go because the regulatory issues are never going away. The documentation issues are never going away.
Probst: I'm a little bit more hopeful that the regulatory issues will start to go away.
Chambers: You spend a lot more time in D.C.
Probst: These systems are old. They were built for something other than clinical documentation, patient flow and physician use. It's going to be really hard for us to get over that, particularly since we've spent $35 billion installing these systems over the past several years. Hopefully, there are some really smart minds building new applications that are going to replace these EHRs of today. Hopefully our current vendors are thinking about it. If regulatory issues go down, it'll open up a lot of creativity and opportunity to do it better.
MH: The 21st Century Cures Act has a whole section on EHRs that states, “promote interoperability; promote usability; promote patient-centric care.” It's all very general. What does this administration need to do to lower the regulatory burden yet achieve the promise of EHRs?
Halamka: I met with CMS officials this morning. This does not represent any official government policy. But what did the CMS say? Value-based purchasing is here to stay. They'll be less prescriptive of how you achieve that value and that outcome. Quality measures need radical revision because many of them are not relevant to workflow and are too complex. I think you'll see the private sector have an opportunity to innovate because the regulations will not say, “Buy a DVD player that's purple with two green buttons.” The regulations will say, “Play movies.” That's what the CMS is thinking.
Probst: Having worked with (HHS Secretary Dr. Tom) Price's office prior to his appointment, the sentiment is we have too much regulation. His staff wasn't very supportive of meaningful use. Having been on the original committees that worked on meaningful use, it's become a very negative influence on healthcare.
Chambers: I may be a bit of a cynic. Right now, one of our inpatient EHRs has to have an upgrade of several million dollars for new hardware just to avoid the stick. We're past the carrot. Now we're trying to avoid the stick of something like $12 million for meaningful use Stage 3 violations. We're spending a lot of money to avoid losing a lot of money. It's not incredibly productive.
MH: Does anyone hold out hope for the more prescriptive regulations in the 21st Century Cures Act?
Halamka: I was talking to two very notable senators and I asked them, “What is interoperability?” They said every data element in the electronic health record can be shared with every person for every purpose in real time, at no cost. If that is your definition of interoperability, we should just go home. Because, forget it—not going to happen. My definition of interoperability is the minimum information you need for reasonable quality care, available with reasonably low effort, at reasonably low cost. In Boston, we are at best an affiliated group of friends and family with six different EHRs in our health system. Therefore, what do we do? Sometimes we push data to a central repository to measure quality and outcomes. Sometimes we pull data for real-time clinical care coordination. And sometimes we do the quick and dirty, like when I'm in one EHR and I can view another EHR because all I want to see is what meds the patient is taking and that sort of thing. But there are a couple of other things we need. We do not have a good way to match patient identity. Although we do name, gender, date of birth and other combinations, it doesn't work, especially in areas like south Boston where the Irish-Americans named Maureen Kelly may have the same birthday on the same street. Having mixed medical records is dangerous. We need a patient identifier, or biometrics, or something. We don't have a doctor directory for the country. If I wanted to send data to Utah, I wouldn't have the first clue how to do it. Let's make sure our privacy policies are rational. I live in New England. The nearest state is just 20 miles away. Yet I cannot send data across that border because the policies are so heterogeneous.
Probst: We're not going to be interoperable at any level unless we get standards that are acceptable across the whole industry. There are 157 ways to represent blood pressure. That's not a standard. That means we're sending data that you might be able to interpret if you bring it up on the screen and you're a physician. But if you want the computer to do anything with it to make it more efficient, it doesn't have enough specificity. This must be a national priority for our national safety. Hundreds of thousands of people are dying every year needlessly because we don't interoperate well. Hundreds of billions of dollars every year are being wasted because we don't interoperate. I am about as conservative a guy as you're going to find. Yet I think the federal government has to take a very distinct and forceful role in ensuring that we get the standards over the next 10 years.
MH: How will a government-enforced common standard on medical data play down in Texas?
Chambers: I agree that it's going to take a federal mandate. They do have to get engaged. Houston is much like your Boston situation. There are 258 Maria Sanchez's with the exact same date of birth in their system. There's a lot of patient misidentification potential there. A national patient identifier is needed.
MH: I'm hearing two different views of regulation. In one case you want prescription—a patient identifier. But in another case, you just want a general overview and say, “Let us figure out how to do it.”
Probst: I'm OK if they tell you to drive on the right side of the road. I don't want them to tell you how to build every car that's on the road.
MH: Interoperability provides you with the ability to coordinate care, and coordinating care is all about the quality, safety and, ultimately, the financial performance of your organizations. Where are you on the journey to building the analytics and using data to support care coordination and deliver better care?
Probst: From a population health perspective, we're on the first mile of our journey. I think everyone is, whether it's in the technology underlying it or in understanding what we're going to do analytically with that data to really change healthcare. If you just extrapolate some of the best-practice care processes that happen in John's organization, and the lives that are saved because of that, the problem is that the knowledge won't transfer to Texas and Utah and other places. It's pretty unique to what he can do in his organization. The ability to share that knowledge is going to save lots of lives. Is that big data? It's just kind of general analytics and understanding how what we do to a patient impacts that patient, and being able to share that knowledge. That's what saves lives.
Halamka: I don't know what big data is. I work on small data. It's actually the new thing. (Laughter) How have I used that in clinical practice? My wife was diagnosed with Stage IIIA breast cancer in December of 2011, Korean female, Stage IIIA with HER-2 negative, estrogen-positive progesterone markers. The question I asked is, of the 10,000 patients like her who have been seen in the past, how were they treated and what were their outcomes? We actually did that across 17 Harvard hospitals, about 5 million patients. We queried and found that Asian females are very sensitive to Taxol. So we took the clinical trial data that said this dose of Taxol is good and divided it in half. She was treated, cured, and has no side effects or any residual issues. Why shouldn't every patient in America in the future get this treatment? The technology is there today.
Chambers: What's a viable financial model for these things to occur? We can lament the death of the state healthcare exchanges, but as soon as the federal funding went away, they went away. There was no commercial viability to those models. The financially integrated healthcare provider is uniquely positioned to address a lot of these issues … if we have per-member premiums. The payer side of the equation is the only way to fix this. If you look at huge disruptors in every place in the economy, it is based on a per-month, per-member model. … That's what healthcare needs. We need to be on PMPM so we can get that patient, make adjustments, interact with their behavior and have a financial model where we can actually reward them as well.
MH: What about managing populations within your health systems? Don't you already have the data from across the care continuum to do that?
Halamka: I'm from New England, and I am from your future. Today, 70% of the income at all of our clinical sites are risk-based alternative payment contracts with no fee-for-service. What do we have to do? It's a totally different IT. It's not the transactional bill. It's focused on quality and outcomes. We centralize data into a single store across the community, and then a team of care managers enroll, by disease, individuals into a guideline or protocol. We then manage them as customers to determine gaps in care and to ensure compliance. We've gone beyond that in some disease states like congestive heart failure. We bought them all bathroom scales with Bluetooth low-energy interfaces and get daily weights. If your weight goes up 7 pounds in a weekend, we double your Lasix (a diuretic) and take away your Doritos. If you're risk-based, you must treat patients as a customer in their homes and in their communities. We are the No. 1 accountable care organization in the country and saved Medicare $50 million last year.
Probst: We have been using data to drive the decisions on how we should care for our populations for a long time. If you have enough data, you can understand the best practices to care for any given population. At Intermountain, we're doing a really good job on chronic disease because we have a long history of data that we can use. We've organized ourselves around how to analyze that data, look at outcomes, and then improve that population. We're not as aggressive or understand yet how we can reach out to our population and take their Doritos away. But we're on our way. We believe in analytics. Whether it's big data, little data or whatever kind of data, we believe in having that data, being able to analyze it, and then showing proof of outcome. We've been able to change behavior of physicians and people.
MH: How are the Doritos police doing in Texas?
Chambers: I'm not from the future and if you lay your hand on another man's Doritos in Texas, boy, I'm going to tell you what. There's a lot of concealed handgun carriers in the state of Texas. In all seriousness, personal responsibility is the key. So you're obviously not appealing to their brain. They know that they shouldn't be doing it. So you're going to ding them in the wallet or ding them somewhere. Somebody in our system said recently, “We're addicted to the crack of the fee-for-service model.” We know it's going away. The question is when and how quickly? It's faster in New England, apparently
MH: The IT space is ripe for being used to interact with the consumer. There's a lot more than the portal going on. Are your patients or prospective patients using IT to help them have healthier lives or interface with the system?
Halamka: For us it's been a 20-year journey. In 1999, we first made available the entire electronic health record, labs and meds, and problems, to every patient via a web browser. Then, about five or six years ago, we added every note written about you by every person so that truly nothing would be done without your involvement as a shared team member. That was actually kind of tricky. This actually happened. I wrote the following note: “The asthma patient came to the emergency department with SOB.” That means shortness of breath. The patient thought I was referring to her husband. So it's a journey, right? Then we've moved from web to mobile, and 80% of the accesses of Beth Israel Deaconess data by consumers today are done through mobile applications. The web is dying and maybe even mobile will die in a couple of years and be replaced by Alexa and ambient listening in the home. The apps we've launched are such things as [email protected], and the internet of things, where a device in your home reports its data to us, subjective and objective data, surveys, how you doing, what's your mood. What a portal does is not actionable. You reschedule appointments, you get referrals, and you engage in almost social media-like interactions with your care team using mobile applications. That's the next couple of years for us. But we are doing the Alexa experiment as follows: If an ambient listening device in your home, with your consent, hears something like, “I need to see my doctor,” it then responds, using the Amazon Alexa API, “Next Tuesday at 3 there's an available appointment. Is that OK?” Booked! That's the kind of trajectory we're on.
Probst: We're just tooling right now for consumerism. We've done everything from portals to mobile, and we're playing with Alexa and looking at specific apps and piloting a lot of things. There are so many levels you have to work at.There's the technical level where we've got to figure out how they can interact with our legacy products because patients want to know about their medical records. They want to be able to order prescriptions. They want to be able to schedule things and a lot of that ends up landing inside of our legacy applications. We're working hard on a middle layer that's going to allow us to surface data in these more consumer-based applications. But applying technology to our current operational structure, even the way our buildings are built, is automating chaos. So you've got to have this very process-based, operations-based change. And then what's kind of unique is a mentality of marketing. How do we apply social media? How do we use these different pieces of technology and information to engage our patients better? It doesn't have to be through an app. It could be through a phone call. It could be through advertising that's appropriate. We're just in the tooling stage. We're building the journeys—that's the terminology today, patient journeys. We're looking at building those journeys and applying the technology to support them.
Chambers: We are so far behind every other industry that we can steal unabashedly. We're just now starting to understand that we need to interface with the patients the way they want to be interfaced with, as opposed to what we've traditionally done for the past hundred years, which is, “You will be here at this time and if you're late you don't get in and, oh, by the way, the doctor is already 30 minutes late.” We've all got a lot we can do to improve. Treat patients as if they have a choice, because they do. For a long, long, long time, we haven't treated them that way.
MH: A lot of people want to steal medical records. What are you doing to protect them? How much are you investing? How serious a problem is this?
Halamka: I wish I could tell you any of the details, but my chief information security officer told me not to. It's fair to say that over the past three years we've doubled security budgets, because the nature of the threats is far different than ever before. It used to be MIT freshmen. Now, it's cyberterrorists, organized crime and hactivism. Why? I have 2 million Social Security numbers. I spend about 2% to 2.2% of the operating budget of the organization on IT. Fidelity spends 35% of their operating budget on IT. So, if you're Willie Sutton and you want to steal Social Security data, are you going to go after Fort Knox or papier-mache? The answer is, you're going to go where no one spends money on security. Of course we're doing our very best. It's a huge focus. But the threats are real and increasing. The one message I'd give you is that your people are your worst enemy, because you're as vulnerable as your most gullible employee. True story: I sent the following email to the Harvard faculty, “You now password change,” and gave them the URL, “Change my password dot Nigeria.” (Laughter) You know what percentage of the Harvard faculty clicked? Thirty-one percent.
Probst: We spend about 7% of our IT budget on IT security. That's up from zero six years ago when it was password management, identity management. That's all we did for security. Six years ago we had two people involved in IT security. Today we have 50. We take it seriously. We're a soft target compared to financial services or some of these other organizations. But we're trying to stay on top of it. As an industry, I love the awareness that's come up over the past three years. Boards are talking about it. Management teams aren't arguing about it. They understand that we need to make the expense. But we've got a long way to go to catch up.
Chambers: Our experiences are quite similar. It's a board-level discussion and we've had similar growth and similar additional investment. I get the unique pleasure of sitting with our chief security officer and talking about our cybersecurity with the audit and compliance subcommittee of our board. They see the Yahoo breaches. They hear about the Target and the Home Depot breaches. Their question is, “Are we safe?” Well, no. We're never safe. I mean, getting out of bed is a gamble, right? But, we do have a certain amount of investment and we treat our patients' records with an abundance of caution. But I agree that the weakest link is people.
Send us a letter
Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.