By Torrey Meeks
When pediatrician Dr. John Vogt walks into an exam room at Portland-based Martin's Point Health Care, the first thing he does after greeting the patient is turn to a computer. He types in a password and is greeted by name on the monitor, then must type his user name and password again to see patient data that includes name, age, sex, weight and chief complaint. Soon, though, he may be able to skip the first login and simply swipe a card through a reader on a terminal to gain access to the system, which will still require him to type his name and password before seeing patient data.
Welcome to the changing face of health services, one transitioning from the crinkle of paper to the glow of records on a computer screen, better known as electronic medical records. Martin's Point ˆ a three-facility health care organization spread throughout Maine and New Hampshire ˆ rolled out EMR systems at its Brunswick and Portsmouth facilities last year, and is planning to implement the system in Portland in May. But the advent of EMR systems in primary care facilities and hospitals comes with attendant privacy and security concerns ˆ namely, who has access to the records and what are the best technologies to keep records from prying eyes?
For the last several months, Martin's Point has been involved in field trials to pin down a feasible terminal access technology of its own, says Vogt, and has stumbled on some surprising results along the way. The challenge comes in figuring out how to maintain ease of access to electronic records without compromising security. "Going into an exam room you log in and log out, and the nurse logs in and logs out," says Vogt. "You can imagine that's a lot of logging in and logging out if you're seeing 25 patients a day."
The access question is one which hospitals and primary care facilities around the country are wrestling with, as more providers move to EMR systems, says Jack Price, vice president at Chicago, Ill.-based HIMSS Analytics, a firm that tracks health care technology trends. Nearly 40% of health care facilities said they were planning to install EMR systems this year, according to a survey released in February by HIMSS, the parent organization of HIMSS Analytics. And as states and regions increasingly work to develop networks that link individual health care facilities' record systems ˆ such as the Maine Health Information Network Technology project (see "Fresh MHINT," page 31) ˆ practitioners that haven't yet adopted EMR systems may feel a stronger pull to develop their own digital records. Facing the inevitable security questions, these providers may look to the experience of earlier adopters like Martin's Point to learn which technologies make the most sense in a medical setting.
To secure its own EMR system, the IT staff at Martin's Point settled on a two-tiered solution, says Kim Fallona, electronic health record implementation manager there. The system uses cutting-edge technologies to activate the record access terminals in lieu of the first password, and then a user name and password combination once the terminal is active that permits entry to the individual's medical file.
Some of the access technologies in question sound like James Bond gadgets that don't explode: "biometric scanners," or finger print readers, and "proximity sensors," which are thin cards broadcasting a radio signal that automatically logs users on to the system when they get close to a computer. Martin's Point decided to test those two systems, along with smart card technology currently slated for trials in its Portsmouth facility, because all three had become commercially and technically viable within the last ten years. But they also fit Martin's Point mission to "make a system that is as seamless to the users as possible," says Fallona.
As seamless as chip sensors and fingerprint readers sound in concept, though, when trialed in a real-time office setting, those technologies proved to be impractical. The reason, says Vogt, were the kinds of problems that only pop up during regular use.
Done in by handwashing
The first technology Martin's Point tested in Portsmouth between July 2005 and February 2006 was the biometric system, which featured a fingerprint scanner attached to the terminal. One of the drawbacks to the system, says Vogt, was that it required the entire staff to undergo a time-consuming fingerprint registration process. But the tipping point in the system's incompatibility stemmed from a procedure that is second nature to physicians: thorough hand washing.
"What happens to fingerprints when you wash 25 times a day is the hand gets a little swollen," says Vogt. "In wintertime we're using lotion, and when you're faced with the challenge of detecting a wet fingerprint with lotion on it, reliability begins to drop below 100%."
Shortly after implementing fingerprint scanners, Martin's Point moved to testing proximity sensors in a different part of the Portsmouth facility. Again the system hit a roadblock: "With proximity cards radio interference was the main problem," says Vogt. "When we didn't have it adjusted quite right in testing, we walked down the hall past three exam rooms and all three lit up."
The last option ˆ smart cards that will be swiped through a reader on the terminal ˆ haven't gone through field trials at Martin's Point yet. But with their successful use by other health care facilities in the state, Fallona says the Martin's Point IT staff is, "fairly confident that the smart cards are what are going to work because they're reliable every time you swipe."
In fact, a smart card system is the kind of security used by Eastern Maine Medical Center for its EMR system, which was developed in the late 1990's. Like Martin's Point, EMMC has multiple layers of security for its patient records, which starts with a card device known as a "SecurID" that users insert into a records terminal to gain access. Once the terminal is active, the practitioner can input a user name and password to see patient records. The SecurID system was EMMC's first choice, due to its reputation from use in other hospitals nationwide, and its ease of implementation with a large network, says Catherine Bruno, vice president and chief information officer at EMMC. "[SecurID has] worked well for us," says Bruno. "It added an extra piece of security so that someone couldn't guess a password."
Walking the line
To date, hospitals like EMMC have been the primary adopters of EMRs. In comparison, only 10% to 20% of primary care facilities in the United States run completely electronic systems, says Fallona. But the technological developments at Martin's Point may become more common due to recent trends in the health care industry's development of electronic records, says Price. Specifically, he cites ongoing discussion about the formation of so-called Regional Health Information Organizations.
A RHIO, according to Price, is an organization of primary care facilities, hospitals and states that stitches together independent EMR databases. In theory, a RHIO allows physicians to access a complete patient record ˆ from x-rays to lab workups ˆ in any situation, including when a patient is hospitalized far from his or her primary care physician. RHIOs also could allow greater communication between health practitioners and health officials at the Centers for Disease Control and Prevention, says Price, which could help track and isolate outbreaks of disease more quickly. "RHIOs have been progressing for the last five years or so in other parts of country," says Price. "Many of the efforts are running into problems related to funding, and maintaining business models that support efforts going forward. That's going to be the biggest challenge as time goes on."
The Manchester-based Maine Health Information Council, a nonprofit health data organization, is working on its own version of a RHIO known as the Maine Health Information Network Technology project. But that system, which is being developed with funding from state and private organizations, won't supplant existing systems and databases individual health care facilities have already created, says Suanne Singer, project director for MHINT and president of MHIC. "It is our intent to build interfaces between existing systems, so that MHINT will be able to provide attendant data to go with what physicians already have," says Singer.
The Martin's Point EMR system, for example, is being built with an eye on eventually interfacing with the MHINT project, says Fallona, though for security reasons the system will limit the amount of information disclosed to outside health organizations. For now, Martin's Point says it will share with the MHINT network only "de-identified data" ˆ information that is stripped of patient names or other identifiers ˆ to the CDC for general population health studies. That's why the success of efforts to allow greater information sharing between EMR systems also depends on health care practitioners solving the privacy and security issues currently faced in their own facilities, says Fallona.
What it boils down to ˆ be it a statewide system linking providers together or finding the best technologies for in-office record access ˆ is walking the line between accessibility and privacy. "Finding the delicate balance between a secure system," Fallona says, "that remains usable to the providers is our vision."
Fresh MHINT
In January, with the formation of a board of directors for Phase II of the Maine Health Information Network Technology project, Maine took a step toward being a national pioneer in electronic medical record development. "The only other state with a statewide initiative to bring together EMR networks is Hawaii," says Suanne Singer, project director for MHINT and president of the Maine Health Information Council in Manchester.
Conceived in July 2004, MHINT would create a secure network linking the patient records databases of individual health care facilities in the state (with access hinging on a patient's consent). The idea behind the project, says Singer, is to streamline health care delivery in Maine by creating better communication between disparate providers. Such streamlining, say MHINT supporters, could save money by cutting down on unnecessary hospital admissions, eliminating redundant exams and tests, or more quickly pinpointing disease outbreaks. "What this is going to do is give a very mobile population without strong primary care relationships better care," says Singer.
Cost savings could amount to $260 million a year, according to a MHINT feasibility study that took place during 2004 and 2005. With implementation costs estimated at $20 million, and anticipated yearly operation costs of $1 million, the project would still be saving the health care industry a significant amount of money, says Singer.
The project has received strong local support from hospitals that include the Maine General Medical Center and Eastern Maine Healthcare Systems, and the Maine Medical Association. So far, public and private organizations have donated a little more than $1 million toward the project.
While MHINT is going to make it easier for providers to talk to each other, it's not going to be an information free-for-all, says Singer. For example, a patient whose record exists on the Eastern Maine Medical Center database won't be available to every health facility participating in the MHINT network, says Singer. Instead, MHINT will create a secure network for health care providers to instantly transfer records when a patient changes hospitals or primary care doctors. There will be a contingency, however, that allows previously unauthorized physicians to access to a patient's records in an emergency situation when patients are not able to give consent.
When it comes to matters of security and privacy, the former isn't as difficult a problem to solve as the latter, says Singer. Sophisticated technologies, along the same lines the banking industry uses to keep account information secure, do an effective job of keeping unauthorized users from accessing electronic systems, she says. A bigger concern with a statewide network is simple human curiosity ˆ essentially, keeping authorized users from accessing records without reason. The way to combat curiosity and violations of privacy are strong business rules and internal audit programs, says Singer, which most hospitals with EMR systems already have in place. "What makes us different is this technology is available to anyone across the country," says Singer. "But the distinguishing factor is how you incorporate it securely into the fabric of your business and health delivery, and that's what Maine is trying to do."
Comments