Search the KHIT Blog

Thursday, January 22, 2015

DeSalvo gets a salvo

The natives are restless.

January 21, 2015 

Karen B. DeSalvo, MD, MPH
National Coordinator for Health Information Technology
Office of the National Coordinator for
Health Information Technology
U.S. Department of Health and Human Services Hubert H. Humphrey Building, Suite 729D
200 Independence Avenue, SW
Washington, DC 20201 

Dear Dr. DeSalvo: 

The undersigned organizations are writing to elevate our concern about the current trajectory of the certification of electronic health records (EHRs). Among physicians there are documented challenges and growing frustration with the way EHRs are performing. Many physicians find these systems cumbersome, do not meet their workflow needs, decrease efficiency, and have limited, if any, interoperability. Most importantly, certified EHR technology (CEHRT) can present safety concerns for patients. We believe there is an urgent need to change the current certification program to better align end-to-end testing to focus on EHR usability, interoperability, and safety. We understand from discussions with the Office of the National Coordinator for Health Information Technology (ONC) that there is an interest in improving the current certification program. For the reasons outlined in detail below, we strongly recommend the following changes to EHR certification:
  1. Decouple EHR certification from the Meaningful Use program;
  2. Re-consider alternative software testing methods;
  3. Establish greater transparency and uniformity on UCD testing and process results;
  4. Incorporate exception handling into EHR certification;
  5. Develop C-CDA guidance and tests to support exchange;
  6. Seek further stakeholder feedback; and
  7. Increase education on EHR implementation.
Entire nine page letter here (pdf)

"Ensuring patient safety is a joint responsibility between the physician and technology vendor and requires appropriate safety measures at each stage of development and implementation. While training is a key factor, the safe use of any tool originates from its inherent design and the iterative testing processes used to identify issues and safety concerns. Ultimately, physicians must have confidence in the devices used in their practices to manage patient care. Developers must also have the resources and necessary time to focus on developing safe, functional, and useable systems.
Unfortunately, we believe the Meaningful Use (MU) certification requirements are contributing to EHR system problems, and we are worried about the downstream effects on patient safety..."
Opportunities for EHR Science?


This is sad.
Ebola Is Wiping Out the World’s Gorillas
In just four decades, Ebola has wiped out one third of the world’s chimp and gorilla populations. If it continues, the results will be devastating.

While coverage of the current Ebola epidemic in West Africa remains centered on the human populations in Guinea, Sierra Leone, and Liberia, wildlife experts’ concern is mounting over the virus’ favorite victims: great apes. 

Guinea, where the epidemic originated, has the largest population of chimpanzees in all of West Africa. Liberia is close behind. Central Africa is home to western lowland gorillas, the largest and most widespread of all four species. Due to forest density, the number of those infected is unknown. But with hundreds of thousands of ape casualties from Ebola, it’s doubtful they’ve escaped unscathed.

Animal activists are ramping up efforts to find an Ebola vaccine for great apes, but with inadequate international support for human research, their mission could be seen as competing with one to save humans. Experts from the Jane Goodall Institute of Canada insist such apprehension would be misplaced. Two streams of funding—one for humans, one for apes—can coexist in this epidemic, they assert, and must.

“The media was really focusing on human beings,” Sophie Muset, project manager for JGI, says. “But it has been traumatic to [the great ape] population for many years.”...

The dwindling population of both species, combined with outside poaching threats, means Ebola poses a very real threat to their existence. To evaluate the damage thus far, the Wild Chimpanzee Foundation is conducting population assessments in West Africa, with the goal of getting a rough estimate of how many have died. Given the combined damage that Ebola has inflicted on this population, the results are likely to be troubling.

In a way, great apes are Ebola’s perfect victims. Acutely tactile mammals, their dynamic social environments revolve around intimacy with each other. Touching hands, scratching backs, hugging, kissing, and tickling, they are near constantly intertwined—giving Ebola a free ride...
Wow. It ain't all about us.


From Healthcare IT News.
The experience of interoperability thus far
Support from EHR developers for clinically relevant workflow will be critical

John Halamka
...HL7 messaging addresses lab result and public health use cases very well. Lab results interfaces are straight forward, however there is still some need to reduce optionality in implementation guides so that the average lab interface costs $500 and not $5000. Public health transactions for immunizations, reportable lab, and syndromic surveillance are standardized from a content perspective but  there is still a need to specify a single transport mechanism for all public health agencies.

CCDA documents address transitions of care use cases reasonably well. CCDA is easier to work and parse than CCD/C32 because it has additional constraints and specifications, but there is still enough optionality that merging CCDA data into an EHR can be challenging. In addition, most EHRs generate a CCDA automatically and include all data that may possibly be relevant. In some cases, this leads to CCDAs that are rendered at 50+ pages. We need to reduce optionality so that CCDAs are easier to generate correctly and parse. EHR workflow needs to better support the creation of clinically relevant documents with narrative and data more specific to transitions.

Direct was a good first step for transport -- we needed to pick something. We could have required sFTP, REST, SOAP, SMTP/SMIME or even Morse Code as long as it was completely standardized. Unfortunately, we picked multiple options. Some EHRs use XDR (a SOAP transaction) and some use SMTP/SMIME. Whenever standards have an "OR", all vendors must implement an "AND". XDR must be translated into SMTP/SMIME and SMTP/SMIME must be translated into XDR.  The reality of Direct implementation has shown us that this optionality provides a lot of plumbing challenges. Certificate and trust issues are still an ongoing project. Getting data from medical devices via Direct is challenging since devices tend to use heterogeneous transmission protocols. Finally, SMTP/SMIME was never designed for large payloads of multiple files, so sending datasets greater than 10 megabytes can be a struggle. The use of XDM for zipping files before they are sent is overly complex to use as part of a transport protocol.

Although Direct works, it is often not well integrated into the EHR workflow.

FHIR, as discussed in multiple recent posts, can help address these challenges and leverage the lessons learned. The FHIR concept is that every EHR will provide a standardized interface for the query, retrieval, and submission of specific data elements and documents using a web-based RESTful transport mechanism and OAuth security. This use case can easily support unique modules or “bolt on” application functionality to EHRs. It significantly simplifies the interfacing challenge, works for large payloads, and minimizes optionality. There are no multiple transport options, no certificates to manage, and the query/retrieve processes can occur behind the scenes, enabling smoother workflow.

FHIR can even be helpful as a transition strategy while Direct is still used for pushing payloads between EHR. If FHIR/REST/OAuth replaced the XDR/XDM options of Direct, that provides a glide path to the eventual end to end replacement of Direct with FHIR

Once FHIR is available, EHR vendors should design a user experience that follows the IEEE definition of interoperability -- “the ability of a system or a product to work with other systems or products without special effort on the part of the customer."...
 My concerns regarding FHIR® persist. Beyond seamlessly integrating these "interfaced" data into "clinically relevant workflows" in ways that [1] don't put more sand in the workflow gears, and [2] don't leave the "imported" data reposed somewhere outside the recipents' RDBMS -- begging the question of easily assembling of the most recently updated complete legal patient record (vis the clinician acting upon the imported data elements) -- who is going to have to pay for all of this coding and QA validation work? Will FHIR ex/im functionality come to be required for ONC EHR certification, on the vendors' dime?

While I would say "yes," color me dubious.

What about HIPAA audit trail "chain of custody" data considerations?

I'm just asking. Below, from survey findings I recently saw in "API Integrity is a 'Must-Have' in the API Economy."


Cheryl and I attended the ASQ East Bay Section 0618 meeting Thursday evening. Very nice.
Please welcome our newest distinguished guest, Ms. Ritu Ganguly of ServiceMax Inc.  She will be presenting on the topic of "Testing in the Mobile World?"

Ms. Ritu Ganguly will lend her professional perspective on the emerging challenges of bringing quality to a mobile connected world.  Areas of discussion will include:
  • Advantages and Disadvantages for QA engineers
  • Basic similarities to the status quo, but note the differences...
  • What skills sets are needed by mobile testers?
  • How is Automation planning affected?
Ritu Ganguly is an experienced executive with over 18 years of experience in Quality, Technical Program management, Release management.  Her experience is in varied industries including ERP, CRM, HCM, Service and Healthcare software.  Her key strengths are building effective teams, fixing organizational issues, change management, quality process and software delivery.  Her professional journey includes mentoring and coaching quality engineers and managers for the last 10 years.  Most currently she was a part of Tech women mentorship program sponsored by the U.S State Department.  In addition, she was filmed by Stanford University for She++ videos to promote women in computing.

Ritu Ganguly has a Bachelor’s degree in Computer Science and a Master’s in Medical Informatics.  Born in India, she and has lived in Europe, Middle East and the U.S.  Her professional experience has been working for large enterprises such as PeopleSoft, Oracle, Salesforce and John Deere, as well as small startups such as Health Quality.

Currently she is a Vice President of Quality and Strategic Ops at ServiceMax Inc. ServiceMax is a Leader in Field Service Management software.

Specialties include:

  • Software development and quality management.
  • Quality of service (QOS) for Cloud Computing and Software as a Service  (SaaS)
  • Agile methodology and Scrum
  • Talent management, Team building, Career planning and development
  • Public Diplomacy, Global mentorship
  • Women empowerment
Excellent, thought-provoking presentation and discussion. Given the increasing penetration of mobile digital tech ("mHealth") in the healthcare space, issues pertaining to software (and hardware) QA will be ever more critical. I worry that "QA" in Mobile "apps" is to a distressing degree reactive, i.e., done on the backs of customers in the wake of uploaded bug/crash complaints ("Ignore" / "Send Report" / "Restart"). As a fellow attendee put it, "everything is now always in beta."

I am not at all mollified by the dismissive assertion you often hear from some vendors (particularly those claiming to be "doing Agile"): "We're ALL in QA."

Show me the comprehensive, executed test plans and the upshot documentation. Show me your QMS Manual.

More to come...


  1. Some great points in there -- especially about EHR usability and the ONC Usability testing protocols and requirements.

    There are way too many EHRs that have been certified based upon very poorly conducted and reported studies -- see for example:

    We cannot believe that this report was approved!
    (note the Usability report is included as an attachment inside the PDF)

    Automakers are not allowed to sell cars in the US unless they have lamps, mirrors, seat belts, airbags, anti-lock breaks, and some states require annual safety inspections of vehicles.

    ONC needs to up its game and add some serious requirements to the MU certification process. It should not be like a toddler little league trophy -- every one gets certified just for showing up!

    Usability in Healthcare can save lives!

  2. Here is a direct link to the report

    The usability testing report is induced as an attachment to the PDF. You might need to click on a paperclip icon in order to find it

    Here is a recent blog post we wrote called "How to choose a usable EHR." It includes some guidelines for interpreting the MU2 usability reports