Friday, March 09, 2007

Looking at my data

It has now been almost a full year since I started using the EMR. I am starting to get some good cumulative data for individual patients. I am also learning to search for conditions in my whole practice, by using clinical reports.

This ability to search is essentially not available in paper records, and is a major benefit of EMR. Here is what I can search for:

-diagnostic conditions
-family history

I can also search by gender, and by age ranges. These searches can be combined by using boolean terms (and, or, not). The Report feature is fairly user-friendly, once you've worked with it a couple of times. The search query terms can be saved and reused, and I've used my saved searches to see how I am doing over time.

The Report feature is still limited, since I cannot search for lab results (example, give me all patients with cardiovascular disease AND LDL >2.0), or vital signs (all diabetics with BP>130/80). As well, I get a list of patients, but not the number of patients; I got around that by importing the file into excel and manipulating the data.

This brings up an interesting problem: we can save data to local machines (as I just did). The Hospital for Sick Children was recently severely criticised for losing some personal health data: a researcher took a laptop with patient data home, and the laptop was stolen from his car. Security for the EMR is very tight, especially for remotely hosted applications; however, this does not apply to data downloaded to my Tablet. I put passwords on Excel files, but I don't know if that is enough; I'm not sure what we should do for what is going to be an increasingly common issue. There will need to be a balance between data encryption to protect privacy, and the need to access files. Perhaps we should look at a large purchase of data encryption software for all physicians, rather than leave individuals to fund and buy this individually. I'm pretty sure Sickkids does not make each research buy the software themselves.

In a recent editorial in the New England Journal of Medicine (Performance Measurement in Search of a Path, Dr Hayward, March 1 2007), the author noted that "Perhaps our greatest barrier to developing a worthwhile performance-measurement system is our unwillingness to invest in it." He notes that the Department of Veteran's Affairs, a world leader in quality, does detailed reviews of electronic medical records. I think it is now possible to do this with current EMRs; we need to invest in data reporting, and target priority conditions. What you don't measure, you can't improve.

These are recent reports I've run:

Report Name Date Last Modified Modified By
Age 67 and over Jan 25, 2007 Michelle Greiver
Antidepressant prescriptions Jan 16, 2007 Michelle Greiver
ASA cad Jan 16, 2007 Michelle Greiver
asthma Jan 23, 2007 Michelle Greiver
Bipolar Jan 30, 2007 Michelle Greiver
depression, age 21 and over Mar 9, 2007 Michelle Greiver
Diabetes Feb 17, 2007 Michelle Greiver
diabetic on statin Mar 6, 2007 Michelle Greiver
family history of breast cancer Mar 2, 2007 Michelle Greiver
flu shots Mar 6, 2007 Michelle Greiver
Hypertension age 20 and over Mar 9, 2007 Michelle Greiver
kids shots age 15 Mar 6, 2007 Michelle Greiver
Meningitis Immunization, teens Jan 5, 2007 Michelle Greiver
Patients age 12 and over Jan 8, 2007 Michelle Greiver
Patients with CAD Mar 9, 2007 Michelle Greiver
Schizophrenia Nov 30, 2006 Michelle Greiver
Women age 21 to 72 Mar 9, 2007 Michelle Greiver



Anonymous said...

The investment issue is interesting. The investment itself is not trivial, but neither is it terribly daunting.
The problem is that the uninformed expect private practice physicians to invest in EHRs, and assume the ROI model is something like other technology investments. It's not. The near-term financial ROI is realized by others (health plans, purchasers). The near-term costs to practices of implementing a system after installation are very high, and are disillusioning. For many practices, which operate on very thin margins, this is not tenable.
The way to speed adoption is to share the investment and return among all stakeholders.

Michelle Greiver said...

There is no question about that. The benefit accrues to patients and to the system. I think it is wise for funders (in Canada, that means provincial governments) to subsidize the cost of buying EMRs. Several governments have done this, although not across the board.

I believe that the pay-for-performance movement will also help to fund EMRs; see recent posting on CanadianEMR on the subject.


Anonymous said...

Two points --

1. I believe that the ROI is low -- and the costs, ie. in training, time lost to downtime, etc. are high -- because the systems are poorly designed. By subsidizing the systems now, we're perpetuating a failed market. Of course, I'd be a fool to argue against those subsidies -- but I think it does physicians a disservice to assume that they're not adopting a tool for purely financial, or inertial, reasons (not that you were arguing that here - but it is a common argument), and I think it's important to recognize the opportunity cost of the subsidies. If the tools were valuable, and I believe they can be valuable and exciting as an aid to the practicing physician, then they would have much higher adoption rates already. Your EMR system is, I believe, much better in this regard than others.

2. With regards to encryption, a password on your Excel files is no protection against a genuinely determined attacker (I'm not sure about MS Office 2007, though, if that is what you're using). A better approach is encryption at the file/operating system level, which requires careful attention to password security. On Windows XP Professional and Vista, this "Encrypting File System" can be set up but it requires some technical knowledge and additional steps to prevent inadvertent exposure -- I'd recommend speaking to your vendor or tech support person. On Mac OS X 10.4, a system preference called "FileVault" will encrypt your entire 'home' folder -- the area where all documents, settings, etc. are stored -- transparently and painlessly. Again, though, strong password policies are vital to making this work. My point being, really, that these features are available on the systems we use -- the real challenge is making them invulnerable to human failure, ie. by making them easy enough and transparent enough that nobody minds or carelessly subverts the additional security measures.

Thank you for the time you put into sharing your experiences with EMR -- it's invaluable.

Michelle Greiver said...

Thank you. I think it is still early in the EMR's life span, and that most applications will tend to get more user-friendly with time. I still remember DOS and c:\

There are increasing numbers of users, which means more user groups and more suggestions. Some of these suggestions will get implemented. Computing speed and data transmission speed will increase. The "electronic island" phenomenon will likely lessen with time; the value of, and demand for, a data innovation is proportional to the number of people using it (much like email--early bulletin board systems opened up their proprietary mail systems). I do not think that health care will continue to be mostly paper based in 10 years' time.

As far as encryption, I agree with you that it has to be easy and transparent. The problem is how to do that. There are probably several good applications; some of my colleagues are using Jetico's BestCrypt,