• United States

Government updates national health network plans, focuses on implementation concerns

Feb 20, 20066 mins
Enterprise ApplicationsSecurity

Amid privacy, security and technological concerns, healthcare IT professionals got a progress report on the status of the Nationwide Health Information Network (NHIN) which seeks to improve patient care and reduce medical errors in implementing electronic health records systems.

SAN DIEGO – Amid privacy, security and technological concerns, healthcare IT professionals got a progress report on the status of the Nationwide Health Information Network (NHIN) which seeks to improve patient care and reduce medical errors in implementing electronic health records systems.

At the Health Information Management and Systems Society (HIMSS) show in San Diego, as many as 22,700 IT managers and CIOs listened as a number of individuals including Dr. David Brailer, national coordinator for Health Information Technology for the Department of Health and Human Services, described their visions of such a network, the current barriers to adoption and the progress toward the NHIN.

In April 2004, President George Bush charged the IT industry to build a system that would provide every citizen of the United States with an electronic health record (EHR) that could be accessed from any location by 2014. He appointed Dr. Brailer to coordinate this effort and establish the NHIN.

This last December, Brailer’s office awarded $18.6 million in contracts to four consortia led by IBM, Computer Science Corporation, Accenture and Northrop Grumman to develop prototype architectures for the NHIN. Each consortium consists of technology developers and hospitals, laboratories, pharmacies and physicians who must prove that EHRs can be exchanged seamlessly among entities. The consortia are using existing collectives of hospitals called regional health information organizations (RHIOs) to build these data interchange networks.

“These prototypes are the key to information portability for American consumers and are a major step in our national effort to modernize health care delivery,” says Dr. Brailer, in a statement.

Brailer envisions the architecture of the NHIN to be such that existing RHIOs can connect to it; other organizations and physician offices that are not part of a RHIO will be able to connect too.

“I did not start out by believing the national solution will be a network of regional networks,” says Brailer in his keynote speech at HIMSS. “Our goal with the national health information network is to allow those who do not want to participate in RHIOs to not have to do it.”

Two networks – those proposed by Northrop Grumman and CSC — consist of distributed peer-to-peer networks, which use a federated identity model that lets different organizations share identity data with trusted network access and authentication. Patient information would be identified by unique metadata tags and be exchanged among organizations using standard protocols.

Foremost in IT professionals’ minds in building out these networks is how physicians will be reimbursed for adopting information technology. Outside of that are concerns that adopting an EHR and nationwide health network will focus attention on a number of technological issues. Among those concerns are a lack of recognized standards, the security and privacy of patient health information and the trusted access and authentication of clinicians to EHR information.

Dr. John Halamka, CIO for Harvard Medical School and chair of the Health Information Technology Standards (HITSP) panel is charged with solving one of these concerns by coordinating the standards for medical vocabulary and electronic data exchange.

“You say we have standards for credit cards, but what are the standards for electronic patient health information,” asks Halamka. “We talk about content standards for vocabularies, structural standards like HL7 [Health Level 7] and security standards such as SAML [Security Assertion Markup Language]. Many people would agree that because the network will use the Internet that HTTPS would be a reasonable to exchange information.”

Part of NITSP’s work will be deciding what standards to use, whether they are DICOM (Digital Imaging and Communications in Medicine), HL7, .NET, SOAP, SAML or XML. The committee is expected to deliver its recommendations as early as June this year.

Another concern is building out EHR systems to support this network. In a HIMSS study released at the show, as many as half of the 205 respondents cited lack of financial support as a barrier to deploying IT projects and systems. Among the top two priorities were reducing medical errors and promoting patient safety and implementing an EHR system. Over the next two years, 46% of the respondents indicated that their top priority is implementing an EHR.

Only one-fifth of the respondents indicated that they have implemented a sign sign-on (SSO) system to give one-step access to the multiple applications they use. SSO is an essential component of an EHR, users say.

“Single sign-on is one of the first things you need to address,” says Linda Hill, manager for technical assistance at Sharp Healthcare, an 1,867-bed hospital collective in San Diego. “Then you need to look at the ownership of the information – who has it, who doesn’t, what we control access to.”

At Sharpe, Hill has “made a tremendous amount of progress in getting all the hospital information on a patient in one place at one time. Now we are rolling out a system for our clinics and will have to deal with how we get that information to go back and forth,” says Hill, who uses Courion’s Enterprise Provisioning Suite to do password synchronization among applications.

Hill also talks about how federation will play in accessing the NHIN.

“As we go with .Net or Web framework programs we aren’t going to see client-based programs anymore,” says Hill. “Applications are all going to be Web-based. This is an incentive to go to federated management because without that you can’t get on the NHIN and get to the records you need.”

As for who would operate the NHIN, Brailer says the government will not. He envisions management of NHIN through a series of companies or service providers that offer access, authentication and connectivity.

“Companies will start offering competitive NHIN service offerings not unlike Verizon and T-Mobile offer cellular connectivity,” says Brailer. “Electronic health records and connectivity could get packaged together.”

Brailer also doesn’t view NHIN as a client-server network the likes of the network the Department of Defense has implemented for its military personnel.

“[NHIN is] a lightly brokered network that has an index that says data on this person is at this location,” says Brailer. “That gets layered on with some very specific needs of brokered security. If we don’t have any existing trust relationships [or federation], how do I know who to trust getting the data,” says Brailer.

“Everyone has their data published on the Web, there’s not an intermediate store, a record locator service, an index, there’s nothing, it’s simply a peer-to-peer network.”

In the DOD network, clinicians log into a client-server network that uses a central repository of information. That information, which can see as many as 15,000 concurrent accesses, is based on a centralized, not distributed Oracle database. According to Col. Victor Eilenfield, program manager for the Military Health Service (MHS), maintaining the scalability of the network going forward is a challenge. The DOD network when fully implemented in December 2006 will support 9.2 million MHS beneficiaries.