Jonathan Bush, the forever loquacious, occasionally foul-mouthed and mostly unscripted CEO of cloud EHR company athenahealth, got the audience cracking up at the annual Stanford Medicine X conference in Palo Alto, California when he took the stage, declaring:
“Shit, I have nothing visceral or profound for you.”
He was referring to the unenviable position of having to follow the moving presentations of patients and artists that preceded his keynote on Saturday. This handicap notwithstanding, Bush managed to inform and entertain the audience with his tech-enabled vision for healthcare.
Later, in an interview with MedCity News, he talked about the future of information exchange and electronic health records. Here’s a slightly edited version of the conversation.
MedCity: If you were a hospital CIO, what would you demand of EHR vendors.
Bush: I don’t believe there should be EHR vendors. I believe records should be national networks like cable companies. I think if I were a CIO, I would sign on to a national network like athenahealth and I would not attempt to build my own biosphere of clinical information.
I would be humble enough to know that most of the time patients I receive have charts before they arrive [at my hospital] and I would like to be connected to wherever they came from. Most of the time patients I see will go somewhere else and would benefit from whatever information I added to the pile.
This is hard for CIOs because CIOs have gone from the back room to the board room over the past 20 years partly because of giant capital expenditures to build largely isolated offline electronic health records. And I agree that an electronic health record is better than a paper health record, but this is 2016. An electronic health record is not remotely as good as a national electronic record network.
MedCity: But given that Epic has a large market penetration, how do you contend with that? If you were a hospital CIO and you had Epic, what would you ask of them?
Bush: I think I would ask them to connect and that’s starting to happen. For years and years hospital CIOs were asking Epic not to connect because they thought, ‘We will buy up all the doctors and they won’t be able to escape and all their referrals would come to us because the only way you can refer anything is through Epic and the only thing on this copy of Epic is us. So we’ll get of our specialists, and we’ll get all the referrals.’
What hospitals found is that doctors would verbally tell the patient where to go and the patient would go wherever they want. And they also found that a lot of patients were being aggregated not by the primary care practices that they bought but new purveyors of primary care like retail clinics and urgent cares. The hospitals needed to connect to those because they wanted those referrals. So they suddenly went from how closed can you make us to how open can you make us.
What we’re doing now is that we are connecting to most of the Epic hospitals in the country and that’s been something that Epic has just allowed us to do in the last couple of months.
MedCity: So they are opening up…
Bush: They are opening up and I am cautiously optimistic. And we are providing services on top of that. So even if the hospitals is doing its record keeping on Epic, as long as we can get access to the clinical record data, then we can do population health, we can do patient outreach … and theoretically someday update the record at Epic.
I believe what will happen because Epic is largely run by good people and their customers are largely good people, is that the pressure has built to a degree that not only will they let us in to see the record but eventually start writing to it.
I don’t think doctors will hold EHRs in their hands in five years. I think they’ll be on Epocrates (used by docs to look up drug info) or some other app and they’ll call those records like you pull down a story on Audible or you pull down a movie to your device. So you stream it and then it goes back. You don’t keep it.
MedCity: Tell me what you can do with Epic today.
Bush: What they are letting us do is pull CCDs out of the Epic database. CCDs are continuity of care documents – it’s a government mandated, almost like a pdf. It’s like an electronic fax. Judy (Faulkner, CEO of Epic) has built a nonprofit that has a patient key that’s lets you figure out whether my John Smith is this same John Smith in Epic and match, and so we have built a matching service off of that.
MedCity: How does that help the patient?
Bush: So if you check into a cardiology practice here in town on athenaNet, we can quietly search all the Epic installations within 50 miles to see whether you have been in any of those facilities and then say ‘Ah I found you. This person has been to this hospital. This person has been to this hospital. Here’s what’s in the charts.’
MedCity: And how did that conversation come about with Epic?
Bush: Well for seven years, they told us to pound sand and (then) a series of events built. We’ve been getting more and more of the retail clinics, and the hospitals that are on Epic have been more and more needy of those referrals.
The other is that Epic lost the Department of Defense contract for doing the whole military after winning all of the feature function bake-offs because of their inability to suck in the charts of the soldiers from wherever they were.
And the third was the House Energy and Commerce committee started to subpoena Epic executives charging Epic of stealing federal dollars under the Meaningful Use Act (because their systems didn’t encourage data sharing). Epic didn’t steal under the Meaningful Use Act; they didn’t attest to the Meaningful Use Act. Epic’s customers did and it’s Epic’s customers responsibility.
And Meaningful Use doesn’t really require you to be that interoperable. So Epic did the technical, legal thing which is their only obligation, but lot of Congressmen and Senators were pissed because they thought they were getting something else.
MedCity: What’s the roadblock to interoperability?
Bush: I think the primary problem is the business model. There isn’t a way to profit from doing the extra mile that you would need to do to have integrated information. So the elaborate kind of final solution talk that you hear at all these conferences is to move everybody to full-risk contracts where suddenly you don’t want to do duplicate tests because that’s lost profit to you. That’s certainly true.
But there’s lot of simple things that could happen.
If a specialist gets a patient electronically from a primary care doctor, and actually you do a time-in-motion study on the work that that specialist’s staff has to do to get that person’s chart prepared and ready for the specialist to see, it’s like $45. What if the specialist could give the primary care doctor 20 blank fields and say, ‘If you fill these in for me, I will pay you $20 for a patient, and by the way here’s my calendar and you can book the patient?’
That’s illegal, but it doesn’t have to be illegal.
There’s a lot of things that are shy of turning a doctor into an insurance company. There are venture-backed companies that are starting up and growing quickly that are essentially buying primary care practices and trying to disrupt the insurance company. They are interesting and ambitious and they are going to be game changers.
But that’s a very complicated, risky, expensive way to get to clinical information integration. Just making it legal to pay someone for integrated clinical information would be a huge thing. And the number of people that are ready to take on the financial risk of being an insurance company is a much smaller number than the number of people that would be glad to figure out a way to pay for electronic information to leave their office in exchange for 20 bucks.
MedCity: You can now tap into Epic’s databases and eventually feel that you can even write on top of their medical records. What about the cybersecurity issues that naturally will arise?
Ten percent of all ambulatory care happens through athenaNet, but if we can get at all of Epic’s and Cerner’s databases we’re talking about most of medicine is available through athenaNet. That could change the pace of innovation not just for digital health but for providing healthcare, for providers.
Certainly we can afford better information security people than most community hospitals can (a reference to the California community hospital that got hacked using ransomware and which had to pay up to get their systems back online). The flip side of course is that if you hack us, you get a lot more access to data than a community hospital.
But that’s like saying if you build a super highway, won’t cars be going faster?Won’t therefore somebody be killed. Yes. But we all know that the benefits dramatically outstrip the risks.
The key is for athenahealth to be super vigilant to just over check ourselves so that we don’t slow down this inevitable movement to the cloud with some chilling, embarrassing event.
Photo: Stanford Medicine X
With all the data breaches and threats popping up all over by healthcare, expect the market for cybersecurity products and services in U.S. hospitals to grow by 13.6 percent annually between now and 2021.
That estimate comes from a new, lengthy and pricey report by research firm Frost & Sullivan on the U.S. market for hospital cybersecurity. Frost isn’t releasing dollar figures of its forecast to the media, but the Mountain View, California-based company isn’t holding back in identifying culprits in this expected market growth.
“There’s been a cultural naïveté about IT security in healthcare,” said lead author Nancy Fabozzi, Frost & Sullivan’s principal analyst for connected health.
Fabozzi said that many healthcare organizations have wrongly assumed that meeting HIPAA security requirements is enough. But the fact that, according to Frost’s research, there have been 1,437 large breaches of health data, affecting more than 154 million patient records, since 2009 illustrates that their efforts have been sorely inadequate.
More than 113 million of those records were breached in 2015 alone, so the threat appears to be growing. Of particular note, 98.1 percent of records breached last year were because of hacks or other malicious activity, according to Frost.
“Hospitals are finally now realizing that health data is so valuable,” Fabozzi said. Unfortunately, she added, until very recently, technology vendors have not had to prove that their offerings are sophisticated enough to meet the threats posed by hackers.
“In spite of a growing awareness of the problem of increased cyber threats, many healthcare organizations face considerable challenges as they gear up to do battle with cyber attackers. Hospitals’ lack of leadership, appropriately trained staff and adequate financial resources are critical concerns,” Frost explained in a PowerPoint presentation shared with MedCity News.
But they are starting to get the message. “Hospitals are transitioning from a reactive, piecemeal, fragmented approach to protecting privacy and security that is highly dependent on HIPAA compliance to an approach that is proactive, holistic and coordinated, anchored by integrated solutions designed to protect multiple endpoints (computers and connected medical devices),” the presentation said.
“The real opportunity here is for consultants — managed services and professional services,” Fabozzi explained.
In 2015, about 80 percent of healthcare security spending was on software and other products, with just 20 percent dedicated to services, Frost reported. Expect that mix to shift to about 70/30 by 2021.
With the HIPAA security rule now 13 years old — and based largely on a draft completed in 2000 — Fabozzi said that it’s likely there will be new legislation and regulation on healthcare cybersecurity in the near future, regardless of how the November presidential election plays out.
“There’s a risk in healthcare that goes far beyond anything in other industries, and that’s hacking into a medical device and harming patients,” Fabozzi noted.
Timing of this report couldn’t have been any better for Frost & Sullivan. The report — or at least the news release about it — hit the same week Phoenix-based Banner Health disclosed a major breach of payment terminals and other computer system and that Advocate Health Care Network in Illinois reached a record $5.55 million HIPAA settlement over allegedly lax security practices.
Here’s an infographic from Frost highlighting themes in the report:
Images: Frost & Sullivan, Flickr user El Hombre Negro
The surge in personalized medicine and the quantified self movement offers providers more tools than ever to engage patients. Mobile apps and online services now collect data for a deep dive into our health, from prevention to optimization.
In my years as a clinician and writer focused on preventive health, I’ve observed that simply relying on data does not always drive motivation. In fact relying on data alone may mean missing an opportunity to optimize patient engagement.
In today’s digital and mobile age, the following should be key tenets that drive engagement.
Comprehensive and Contextualized Information
While a single data point has value, there are additional pieces of data that help inform a patient even more about their health or disease risk. Consider the biomarker glucose. A high glucose level indicates elevated blood sugar levels to show early diabetes risks. If a patient’s glucose readings are out of the normal range, it could indicate a serious condition.
However, testing the biomarker HbA1c provides a more accurate understanding of blood glucose levels because HbA1c is a measure of average blood sugar over the last few months. A comprehensive look at related data points indicated a different level of risk. This contextualized view gives us a more complete picture of what is happening in the body.
Knowledge isn’t just power, it’s also empowering.
Consider a patient who learns they have elevated High-sensitivity C-reactive protein, or hs-CRP. Providing education about this biomarker to the patient tells them that hs-CRP measures inflammation, the body’s response to internal damage, and is associated with risk of certain future diseases.
Emphasis on education empowers the patient to understand they can lower their hs-CRP levels through avoiding smoking and constant high stress situations. Engaging in a moderate amount of physical activity, and eating a diet rich in anti-inflammatory foods, such as fruits, vegetables and fish, and avoiding more pro-inflammatory substances such as simple sugars, trans-fats, and alcohol can achieve the same result. These are tools that empower them make informed decisions about their health.
Therefore, technology or services that seek to educate patients with up-to-date information and research will do a more effective job in driving patient engagement can behavioral change than simply throwing numbers at them. Such education can arm patients with the knowledge to make healthy choices throughout their lifetime.
When thinking about digital patient engagement tools, it’s important to ask how a technology helps a patient use the data to make meaningful change.
Proactive Safety and Security
For a patient to feel engaged, they have to believe they can trust their health team and tools. Health companies are aware they must adhere to strict HIPAA compliance standards so that Protected Health Information (PHI) is kept safe, but it is in a health technology solution’s best interest to proactively reassure patients.
How costs in healthcare are calculated is neither straightforward nor particularly transparent. The experience is often frustrating because charges, price arrangements, and co-pays often vary.
When providing a consumer service, take pains to provide patients straight-forward, upfront billing.
According to the American Journal of Managed Care, a patient spends 20 minutes in front of their provider in an average visit. The time they’re not in front of their provider can be influenced to their advantage or detriment, depending on the type of tools and access they have to their data.
Patients can play a greater and more active role in their health if providers and technology companies enable them to have unrestricted, 24/7 access to their health plan of action.
To conclude, when digital health companies are hatching their next killer app to boost patient engagement, it’s important that they incorporate the above best practices. Only then can both providers and companies keep the patient front and center, and continue to improve health outcomes.
Photo: Getty Images, Paul Bradbury
Health IT costs for physician practices are soaring, yet there isn’t much evidence that all the spending has been worth it, a new report suggests.
In its annual report on cost and revenue for physician practices, the Medical Group Management Association found that physician-owned multispecialty practices spent $32,592 per full-time doctor on IT hardware, software, maintenance, staff and other needs in 2015. That is up 42 percent from $22,944 in 2009 and 19.5 percent from $27,285 in 2011, the Englewood, Colorado-based MGMA said.
The 2015 costs break down as $9,405 for IT staff and $23,187 for equipment, maintenance and supplies.
In recent years, providers have been hit with multiple federal mandates and programs that have necessitated health IT spending. These include the transitions to the ANSI 5010 standard for HIPAA transactions in 2012 and to ICD-10 in 2015, as well as Meaningful Use and the Physician Quality Reporting System. “It’s the sheer number of them,” said Robert Tennant, MGMA director of health IT policy.
And there has not been a solid return on investment, according to the report.
“They spend this money and they’re really not sure that they’ve gotten what they were promised,” Tennant said. The improved patient outcomes, reduced hassle and lower costs simply haven’t materialized, he explained.
“There’s really no correlation between the [Meaningful Use] program and improved patient care,” Tennant said. Usability has been a well-documented issue with electronic health records, too.
“Productivity is suffering,” Tennant added. “There’s a level of frustration with technology that I’ve never seen before.”
Healthcare has long been perceived as being far behind the rest of the business world when it comes to adopting information technology, but Tennant didn’t think that the need to play catch-up has been a major factor in the escalating costs.
“To be competitive in today’s healthcare environment, you have to offer all the bells and whistles,” he said. For medical practices, that means patient portals, 24/7 access to test results and the ability to schedule appointments and pay bills online. “In the D.C. market, that’s a huge selling point,” the Washington-based Tennant said.
Plus, he added, new physicians, who grew up in the digital age and used EHRs in medical school and residency, do not want to work at paper-based practices.
Photo: RoBeDeRo/Getty Images
The pro: Billing for transitional care management — services rendered for certain patients during their transition from an inpatient hospital setting to their home — boosts income for physician practices. In 2013, the Centers for Medicare and Medicaid Services began paying for TCM, which could, in some cases, yield physicians more than twice the reimbursement of a hospital follow-up office visit.
The con: Operational challenges make it difficult to meet regularly requirements.
These requirements state that physicians must provide initial contact with the patient within two business days of hospital discharge. Within seven or 14 calendar days (depending on the patient’s complexity), they must provide a face-to-face visit. In addition, transitional care management is for 30 days of services, so physicians can only bill TCM once every 30 days.
Dr. Lonnie Robinson, a family physician at Regional Family Medicine in Mountain Home, Arkansas, said that without the help of technology — specifically an easy-to-use TCM app called Phyzit — he would have had a difficult time meeting TCM requirements. In a busy practice of eight family physicians and three nurse practitioners, he said it’s difficult to track hospital discharges and meet the deadlines for patient contact. That’s where the app helps. And now he bills for TCM at least once a week.
“Care coordinators don’t have to sit down and figure out who’s due for a phone call, who’s due for an office visit and what day the billing has to take place for this all to work properly,” said Robinson.
Local hospitals send patient admission and discharge information to care coordinators working at the practice who then enter this information — along with patient demographic data — into the app. Coordinators also monitor the state’s health information exchange for admission and discharge information. The app handles the rest of the work for them, notifying them as deadlines approach.
“The care coordinators tell me it’s a good value for the price, and they would like to keep it,” he said.
Since Robinson began billing for transitional care management in March 2015, he has noticed a 40 percent increase in revenue for eligible hospital follow-up visits and a decrease in readmission rates from 13.1 percent to 8.2 percent. He said the cost of the app is minimal considering the short- and long-term payoff to ensure compliant TCM billing.
“I think TCM fits into the bigger picture of value-based reimbursement,” said Robinson. “A lot of our incentive programs are tied to a shared-savings model — especially Medicare. TCM improves your chances of achieving a Medicare shared-savings bonus if you’re involved in an ACO.”
Photo: Flickr user forayinto35mm