The Adventures of an IT Leader

In January of 2003, F. Warren McFarlan and Robert D. Austin of Harvard Business School wrote a great case study about the CareGroup Network Outage.

One of my blog readers, Brian Ahier, suggested that I read the new book by one of the same authors, Robert D. Austin, called "The Adventures of an IT Leader" .

From the HBS website:

"Becoming an effective IT manager presents a host of challenges–from anticipating emerging technology to managing relationships with vendors, employees, and other managers. A good IT manager must also be a strong business leader.

This book invites you to accompany new CIO Jim Barton to better understand the role of IT in your organization. You’ll see Jim struggle through a challenging first year, handling (and fumbling) situations that, although fictional, are based on true events.

You can read this book from beginning to end, or treat is as a series of cases. You can also skip around to address your most pressing needs. For example, need to learn about crisis management and security? Read chapters 10-12. You can formulate your own responses to a CIO’s obstacles by reading the authors’ regular 'reflection' questions.

You’ll turn to this book many times as you face IT-related issues in your own career."

Imagine my surprise when I turned to page 48, where the main character Jim Barton is listening to the radio and hears a mini-biography about "a critical care physician who still took his turn in the ER; PhD from MIT in bioinformatics; former entrepreneur who had started, grown, and sold a company while in medical school; and former student of a Nobel Prize winning economist. He was the author of four books on computer programming and had written the first version of many of the hospital's software applications. This CIO earned kudos for his transparency during a network crisis...."

Thanks to Robert Austin for my first appearance in a "novel"!

It's a great book with many practical suggestions about IT leadership, governance, and budget allocation.

In the spirit of the book's Chapter 4 on budgeting, I'm sharing the document I used last week to justify my FY10 capital budget. I always present a narrative written in non-technical terms which supplements my budget spreadsheets by highlighting quality, safety, return on investment and strategic alignment. I hope you'll find the format useful for defending your own capital budgets.

When presenting my operating budget, I use benchmarks from HIMSS, the American Hospital Association, and the Association of American Medical Colleges. I benchmark growth of the entire organization and the growth of IT. Currently the IT organization is 1.78% of the BIDMC operating budget. BIDMC has grown by 38% over the past 5 yeas, but IT staffing has stayed constant, supporting growth in demands and technological complexity by working harder and smarter. IT is lean and mean. In tough budget times, presenting data rather than emotion is the best way to objectively justify a budget.

The ONC ARRA Implementation Plan

Yesterday, ONC released its implementation and operating plan in fulfillment of the 90-day deadline established by Div. A, Title XIII of ARRA.

The plan is posted to the HHS Recovery Website.

Here are a few highlights:

$24 million is budgeted for enhanced privacy and security including $9.5 million for the Office of Civil Rights and CMS for auditing and for complaint resolution.

$20 million is budgeted for NIST to test technical standards and establish a conformance testing infrastructure.

$300 million is allocated for Regional Healthcare Information Exchange, but no details are provided about timelines for distribution.

The plan for Standards is consistent with the charter of the HIT Standards Committee - HHS shall adopt and publish an initial set of standards, implementation specifications, and certification criteria by December 31, 2009. Today in the Federal Register, you'll find a Notice of the HIT Standards Committee Schedule for the Assessment of HIT Policy Committee Recommendations.

To refine the Federal HIT Strategic Plan, ONC will develop a draft update, receive input from stakeholders, review the impact on other projects, adjust the operating plan as needed, and publish the updated plan on the HHS website by December 31, 2009.

Additionally, a notification for funding availability for the regional extension center grants will be published by the end of FY 2009. Awards are anticipated to be made in early FY 2010.

And of course, meaningful use will be defined soon. HHS is developing milestones for major phases of the program’s activities with planned delivery dates.

With each passing day, more and more details of the new plan are published at a remarkable pace. The magnitude of the work ahead for ONC is summarized nicely by the document

"With the arrival of the new National Coordinator, decisions about how to best address standards development and harmonization, the certification and testing processes, privacy and security policy development, issues around governance, workforce training, and education for health care providers and consumers will be made. "

The Red Flags Rule

You may have seen the recent headlines "FTC delays Red Flags Rule implementation until August 2009". What is the Red Flags Rule and how does it relate to healthcare?

The FTC has a great website that it explains it all in detail.

Basically, the FTC requires most clinical offices, hospitals, and other health care providers to develop a written program to spot the warning signs of identity theft - “red flags”

If a patient's name on a photo ID and on their insurance card do not match, that's a red flag.

If a patient visited last week as John Smith but today is Fred Jones, that's a red flag.

If patient seems to travel from provider to provider seeking numerous expensive treatments, that's a reg flag.

The law was initially designed to cover creditors and it seems odd for healthcare providers to be considered creditors. The FTC defines a creditor as anyone who enables the customer to carry a balance after services are rendered. Unless a clinician asks for payment upfront (all balances not covered by insurance), the clinician is a creditor.

The FTC will be begin enforcement August 1, 2009, so it's important to develop policies and procedures to address red flags in healthcare settings.

What is BIDMC doing?

We are actively working to develop procedures and an educational plan. We created an interdisciplinary group that includes IS, Compliance, Finance, Patient Financial Services, clinicians, Human Resources , Ambulatory Services, Health Information Management, and others to examine Red Flags, but also the broader issues of HITECH/ARRA privacy provisions, and new Massachusetts Data Protection regulations. First, we will finish our Red Flags program and implement it, then we will move on to working on the other issues. We have not finalized our specific policy, but have already reported to the Board of Directors and to senior leadership about the issues and the work we are doing. As soon as the policy is finalized, I will post it on my blog.

If you have not begun a program to address compliance with the Red Flag rule, now is the time!

The First Meeting of the HIT Standards Committee

Today, Jonathan Perlin and I ran the first meeting of the new HIT Standards Committee. The members are:

Jonathan Perlin, MD, Chair
Healthcare Corporation of America

John Halamka, MD. Vice-Chair
Harvard Medical School

Dixie Baker, PhD
Science Applications International Corporation

Anne Castro
BlueCross BlueShield of South Carolina

Christopher Chute, MD
Mayo Clinic College of Medicine

Janet Corrigan, PhD
National Quality Forum

John Derr, R.Ph.
Golden Living, LLC

Linda Dillman
Wal-Mart Stores, Inc.

James Ferguson
Kaiser Permanente

Steven Findlay, MPH
Consumers Union

Douglas Fridsma, MD, PhD
Arizona Biomedical Collaborataive 1

C. Martin Harris, MD, MBA
Cleveland Clinic Foundation

Stanley M. Huff, MD
Intermountain Healthcare

Kevin Hutchinson
Prematics, Inc.

Elizabeth O. Johnson, RN
Tenet Health

John Klimek, R.Ph.
National Council for Prescription Drug Programs

David McCallie, Jr., MD
Cerner Corporation

Judy Murphy, RN
Aurora Health Care

J. Marc Overhage, MD, PhD
Regenstrief Institute

Gina Perez, MPA
Delaware Health Information Network

Wes Rishel
Gartner, Inc.

Richard Stephens
Boeing

Sharon Terry, MA
Genetic Alliance

James Walker, MD
Geisinger Health System

We began the meeting with introductory remarks from Dr. Blumenthal. He emphasized the need to improve care quality, efficiency, and the scope of healthcare coverage. He noted that technology is a tool that facilitates meaningful use and leads to better care. The goal is better health, not implementation of IT for technology's sake.

Jodi Daniel provided us with important statutory background on the committee. Here are few key points from her presentation and the discussion which followed

1. The purpose of the committee is to recommend standards, implementation specifications, and certification criteria to the National Coordinator for the electronic exchange and use of health information. The committee is not limited to standards selection, it covers the process from end to end - standards, implementation, and certification criteria. It will gather input from standards harmonization and development organizations, implementation guide writers, and certifying organizations to make recommendations which enable data exchange in support of meaningful use.

2. There are 8 areas of policy focus
-Technologies that protect the privacy of health information
-A nationwide health information technology infrastructure
-The utilization of a certified electronic record for each person in the US by 2014
-Technologies that support accounting of disclosures made by a covered entity
-The use of electronic records to improve quality
-Technologies that enable identifiable health information to be rendered unusable/unreadable
-Demographic data collection including race, ethnicity, primary language, and gender
-Technologies that address the needs of children and other vulnerable populations

You'll see a great deal of discussion in the HIT Policy and Standards Committees about these issues. These 8 areas are our guiding principles!

3. The HIT Standards Committee will have two standards adoption processes
- expedited, in support of the statutory deadline for HHS to publish an interim file rule on initial standards, implementation specifications and certification criteria by 12/31/09. For this process, we'll leverage the already approved/recognized standards.

- normal, the committee will receive guidance from the HIT Policy Committee and typically within 90 days will make recommendations. Note that these recommendations may include naming standards, identifying gaps, and asking standards harmonization/development organizations to do further work.

4. NIST will serve a role to test the standards. To clarify, this work is to ensure the standards are appropriately documented and technically adequate for their intended purpose. NIST will not certify products - that will be left to certification organizations.

5. The summary of the entire process is illustrated in picture above.

We then discussed the types of data exchanges which might constitute meaningful use. ONC and HHS have not yet provided official guidance on meaningful use, so these are contingencies - our best guess as to the data exchanges likely to enable meaningful use.

Clinical Operations - ePrescribing/medication management, lab ordering/resulting, clinical summary exchange (problem list, medication list, allergies, text based reports including op notes, diagnostic testing reports, discharge summaries)

Quality - Process, outcomes, treatment plans, medical decisionmaking, health behaviors

Security - Transport, secure messaging, authentication, authorization, auditing

We elected to form three working groups to focus on these areas. These groups will conduct phone meetings and include additional experts as needed.

In the discussion that followed a few major themes emerged:

a. We need a high level roadmap of milestones to ensure we meet our statuary deadlines for initial deliverables in time for the 12/31/09 interim rule.
b. We also need a roadmap which takes into account the other mandates/compliance requirements already imposed on healthcare stakeholders such as ICD-10 and X12 5010. We need to ensure our clinical work is in synch with administrative data exchange activities already in progress.
c. Although we should provide for the exchange of basic text, we should strive for semantic interoperability whenever possible, using controlled vocabularies which are foundational to decision support and quality reporting.
d. We should set the bar for interoperability higher than the status quo but also make it achievable, realizing that rural providers and small clinician offices have less capabilities than large academic health centers. We'll need to retrofit many existing systems - healthcare IT is not a greenfield and thus we need to be realistic about the capabilities of existing software, while also encouraging forward progress and innovation.
e. Meaningful use will change over time. Data exchange and the standards we select must evolve. To ensure successful adoption throughout the industry, our work must be continuous incremental progress with phased adoption of standards.

I will serve as Chair of HITSP and Vice-Chair of the HIT Standards Committee simultaneously, coordinating communication between these two organizations. I look forward to the work ahead.

More Vegan Dining

Over the past two weeks I've been traveling up and down the Northeast Corridor from Boston to New York City to Philadelphia to Washington for various meetings related to healthcare IT. When I arrive in a city and check into a hotel, I Google "vegan" followed by the city name. I scan the Google map that appears and walk to the most appealing vegan restaurant nearby. Here are a few of my recent finds:

Philadelphia
Mi Lah is a great mix of oriental vegan foods from Cambodia, Japan, and Thailand as well as classic ethnic dishes such as Greek butternut squash moussake and African peanut stew. I had the Cambodian Amok with spinach, eggplant, and tofu in coconut lemongrass sauce. Great service, a warm atmosphere, and an all vegan menu.

Horizons is an internationally famous vegan restaurant specializing in Mediterranean flavors. I highly recommend the tempeh and seitan dishes.

I recently had a wonderful evening with Dr. Sidney Zubrow and his team from Philadelphia Hospital. We dined at the classic steakhouse in Philadelphia, The Prime Rib. A steakhouse for a vegan? Surprisingly, steakhouses such as Morton's, Capital Grille, and The Prime Rib have great vegan side dishes including fresh broccoli, green beans, roasted tomatoes, spinach, and roasted potatoes. I order everything steamed and without butter or any sauce.

Washington DC
My favorite vegan restaurant in Washington is Vegetate near the Convention Center. The menu is divided into three sections: bites, small plates and large plates. Great small plates include golden beets, spring vegetable shepherd's pie, and seasonal salads. Great large plates are Sesame Crusted Tofu and Seasonal Vegetable Risotto.

I've not had much experience with Mezzes, small plates of Eastern Mediterranean food (similar to Spanish Tapas). Zaytinya is a fabulous restaurant with many vegan entrees. I had great humus, eggplant, couscous, and mushroom dishes. The staff is very vegan friendly and even brought me fresh cucumber slides for dipping instead of pita, which is made with dairy.

If you find me in a vegan restaurant sitting alone, you'll notice that I'm photographing every course on my Blackberry. I email them to my wife in real time, so that we can enjoy dinner together, even when I'm hundreds of miles away.

The BIDMC Problem List Vocabulary

In several blog entries, I've been discussing the adoption of SNOMED-CT as the vocabulary to support BIDMC problem lists and our Google Health interface.

The National Library of medicine has mapped 93% of BIDMC problem list terms to SNOMED. The International Health Terminology Standards Development Organization (IHTSDO) has given me permission to share the BIDMC problem list vocabulary and the SNOMED-CT codes on my blog via the following terms

"The SNOMED CT® identifiers are posted with permission from the International Health Terminology Standards Development Organisation (IHTSDO). SNOMED CT is available for use under the terms of the IHTSDO Affiliate License Agreement, which is also Appendix 2 of the License Agreement for Use of the UMLS Metathesaurus. Use of SNOMED CT is free in IHTSDO Member countries (12 countries as of May 2009, including the US), in an additional 49 countries characterized as low-income economies by the World Bank, and for qualifying research projects worldwide. The National Library of Medicine (NLM) is the US Member of the IHTSDO. For more information, those in the US should contact NLM. Those in other countries should consult the IHTSDO for appropriate contact information."

Our plan is to load these terms into our electronic health record and code all our matching historical problem list data into SNOMED-CT. Our Google and Microsoft interfaces will be changed to send SNOMED-CT so that all problem list data can be mapped to disease monographs and consumer decision support tools.

In June, the NLM will forward us their consolidated list of the 6000 SNOMED-CT coded problems from the leading early adopters of SNOMED in the US. If we find any gaps in this problem list, we'll work with NLM and IHTSDO to fill them.

I hope the BIDMC problem list is helpful to your applications and institutions!

The First Meeting of the HIT Policy Committee

Today, the HIT Policy Committee met for the first time. Dr. Walter Suarez, CEO of the Institute for HIPAA/HIT Education, and the co-leader of the HITSP Education and Communication Committee, attended on my behalf. Here are his notes.

The meeting began with an introduction by Dr. David Blumenthal. He highlighted six priority areas for the HIT Policy Committee
* Meaningful Use
* Certification
* Infrastructure
* Privacy and Security
* Health Information Exchange
* Public Health

A question was asked about the recent NCVHS meaningful use hearings. Dr. Blumenthal responded that the HIT Policy Committee will be the venue for discussion of the NCVHS report.

A question was asked about the Office of National Coordinator (ONC) Strategic Plan. Dr. Blumenthal responded that ONC must revise its plan to reflect the statuary requirements of ARRA. For example, by May 18 it must establish a process for identifying Regional Healthcare IT Extension Centers.

Jodi Daniels, ONC Director of Office for Policy and Research, briefed the Committee about ARRA.

* The HIT Policy Committee is expected to advise ONC on priorities
* The National Coordinator will ensure communication with the HIT Standards Committee
* ARRA calls for two standards-related activities for the HIT Policy Committee
- Identify where standards are needed, not setting standards
- Recommend a policy framework for adoption of electronic standards, including:
Meaningful use
Utilization of EHRs
Accounting for Disclosure
Using certified EHRs for quality improvement and patient safety
Technologies that render protected healthcare information unusable
Collection of demographic data including race and ethnicity
Data to benefit vulnerable populations including children
HIT and telemedicine
HIT and public health
HIT and home health care

Dr. Blumenthal discussed the priorities for early work
* ARRA includes an enormous mandate that extends from privacy and security to monitoring public health threats to getting doctors and hospitals to adopt certified qualified EHRs
* It is impossible to do everything at once. We need to set priorities.
* Congress has given guidance by setting some priority topics and deadlines, but also by allocating billions of dollars in payments to help support adoption, starting 2011 and extending through 2018
* These funds focus attention and create important benefits/risks
* This is the first time in history that Congress has acted to correct some of the market errors in the healthcare information technology industry
* There are a series of tasks that need to be accomplished to make meaningful use a meaningful idea
- First, define meaningful use. This is an unprecedented task. The HIT Policy Committee will need to pick-up where NCVHS left off. ONC also has an internal group working on this.
- Second, review certification, which is tied to meaningful use.
- Third, infrastructure. Congress has allocated billions to accelerate industry adoption including extension centers, money to support information exchanges, training workers, training health professionals who will use these technologies and funding to states to help providers not eligible for Medicare/Medicaid payments.
- Fourth, privacy and security. ONC will appoint a privacy officer
- Fifth, public health and disease surveillance

There were a few questions:
*Shall we build upon activities already in progress?
Dr. Blumenthal noted that the NCVHS work on neaningful use is important; Certification needs to be reviewed; privacy and security – a lot of work done; HIE – modest literature about RHIOs and local adoption.

*What happens when the HIT Standards Committee receives input from the HIT Policy Committee?
Dr. Blumenthal noted this is something ONC is working on. The Standards Committee must recommend to the HHS Secretary the standards to achieve meaningful use. The Secretary will publish interim rules by end of year. The HIT Policy Committee is charged with the areas where standards are needed and perhaps the general approach to standards but not to define the standards.

*Summary of Priorities
- First, privacy and security
- Second, how to define meaningful use in an effective way
- Third, designing a certification process that facilitates adoption
- Others:
Supporting research
Measuring quality
Training and education of workforce (such as extension centers)
Demonstrating and documenting success. Show Congress, the industry, and the public that this does make a difference
Need to keep an eye on implementation via an incremental approach
Need to involve the workforce from the beginning. Workforce training is a priority.

* Discussion of Goals and Principles of Working Groups
- HIT Policy committee is charged to make recommendation to ONC
- Workgroups will support the detail work that needs to be done, then brought back to the full Committee

*Is Meaningful Use, for example, a time-limited issue? As it deals with the immediate needs to define and set parameters and metrics, yes; but it will also need to be reviewed periodically

*Where are we putting HIEs? Meaningful Use or Infrastructure?
- There is an aspect of HIE that comes under infrastructure (there is funding tied to it, question is for what)
- There is also a Meaningful Use aspect – that is, what are the requirements HIE for meaningful use
- There is also a Certification component – that is, what are the certification aspects of HIE that are tied to Meaningful Use and EHRs

*Privacy
- Some concern expressed about creating a privacy and security workgroup, it should be foundational across all groups
- But perhaps it should be immersed into an Information Sharing Workgroup which covers architectural, functionality and covers also privacy and security

*Another cross-cutting element for all workgroups: Patient centeredness

*Summary of discussion: recommendation for four working groups
-Meaningful Use
-Certification/Adoption including infrastructure issues, workforce, adoption strategy
-Information Exchange/Sharing
-Cross-cutting issues - Privacy and Security, Patient centeredness, Measurement

*Message to the HIT Standards Committee
Tell the HIT Standards Committee that the HIT Policy Committee is working on Meaningful Use, Certification/Adoption, and Information Sharing. The HIT Standards Committee can identify standards to support these goals.

I look forward to the first meeting of the HIT Standards Committee on Friday. I'll summarize the meeting on my blog.