Making Technological Leaps
This may sound straightforward enough when explained in this way, but making it happen using today's technology is not always easy. Halamka says that even when you get past the medical record number issue, there are other obstacles to overcome. "Once you know how to identify the patient, exchanging data from heterogeneous software systems is hard. The data may be in different formats. The vocabulary may be different. A physician may use hypertension in one place and high blood pressure in another. So you have all this data that is just not encoded in a consistent fashion; then you need to transport it and try to be consistent about that," he says.
In addition, Dr. Kevin Fickenscher, executive VP of healthcare transformation at Perot Systems, a consulting firm that builds medical records integration systems, says a lack of standards has impeded progress. But, he says, that is changing. "One of the primary issues is that because there is a lack of standards in the healthcare industry, that has created some problems historically around finding effective ways to get disparate systems to communicate. But this has been mitigated recently by open standard structures like Java and .net. What you can do with those languages is to create a platform to tie into information from a whole variety of disparate systems. That has changed over the last 18 months how organizations look at the Web to make it easier to use the Web to tie together information systems," Fickenscher says.
He adds, "I do believe that the Web is clearly going to be the method by which we foster communication within the healthcare industry in the future and these issues will be solved. It's only a matter of time, and we are actually in the process of creating tools. I think the Web is going to be the catalyst because it offers a more flexible tool set, and not only for physicians, but it also facilitates consumers having information and offers so much flexibility. And that's why you are seeing so much interest in this and why it is evolving quickly in the healthcare industry."
Another issue, according to Joe Miller, project director at the Massachusetts Health Data Consortium, an organization that helps facilitate data sharing among medical institutions, is that it is important to offer solutions that require the least investment and leave as much of the existing computer infrastructure intact as possible. Like Fickenscher, he sees the Web as the best way to achieve this. "We do not want to do a rip-and-replace model. We want to build on everything that exists. What you want to do via a Web services model is to grab data, and as we see it, that involves building gateways . . . We tag information at gateways, then the ‘search engine' (record locator service), goes looking, and you get a hit, and you are able to display a record. We need to build interface systems between legacy systems and the Internet and interfaces with this network," Miller says.
Private and Secure
Halamka says that the last great hurdle in moving medical data is privacy and security. Fickenscher agrees, saying, "Another issue is security and the ability to make sure that when I'm using the Web, I am confident that the information I'm sharing is not being tapped into, and that continues to be an issue, as it is for Web use in general. That extends to the issue of privacy, which is, ‘how do I know that the individual accessing the information should have access versus, is it somebody else?'" Fickenscher asks. He says there are ways to address this problem. "There are a number of tools available that give individuals a key, and when I enter certain numbers in a certain sequence, the system knows it's me that's signing on."
Halamka says that regardless of the solution, it is important that the patients maintain ownership of their medical data, meaning they decide who sees what. But in the medical world you also have to recognize that there could be emergency situations when it is essential that medical personnel see your information immediately. "The data is owned by the patient, and he or she should decide who sees it. But if you are brought in comatose, maybe you want to have a means that a physician could break the glass [get at your data without explicit permission], care for you, then have an audit trail of who saw the data." Of course Halamka emphasizes that it is essential to respect privacy and security above all else and points out that everything in our current medical system is based on patient consent. He adds that although people want to protect this data, they are willing to make it available for quality healthcare. "It has been our experience with medical data exchange that people recognize and understand it's audited. No one has refused to participate," he says.