Monday, March 18, 2013

The impact of lacking IT expertise to support PACS/RIS systems.

Digital medical imaging systems such as Picture Archiving and Communication Systems (PACS) are complex and non-trivial to support. It requires PACS system administrators with expertise in both clinical and IT subject domains to maintain image and data integrity. Preferably, these imaging and information professionals are certified through either one or both of the certification agencies (PARCA or ABII).

There are many installations that rely very heavily on support by their imaging vendor. If the vendor has an on-site service engineer, that is fine, however, this practice is getting less common, and many of these systems rely heavily on remote support or an engineer who might take up to several hours or even a day to get on-site. The impact of the decreased support by vendors is that a hospital has become heavily dependent on in-house expertise.

What are the components of IT expertise for an imaging and informatics professional? The components include knowledge of information communications, which includes the network and application level protocols (DICOM, HL7). This will allow a professional to diagnose, and resolve any integration and communication issues. It requires possession of computer hardware and software skills to maintain and support these systems, which could include both Windows® as well as UNIX®. The professional also should be able to use troubleshooting tools to diagnose any potential issues (see related blog).

Most importantly, these professionals are responsible for the specification and adherence of PACS policies and procedures. There are many policies ranging from whom and where to import images from CD’s, to who is merging duplicate patient studies or fixing missing identifiers in an image header. IT-related PACS policies are critical, for example, who is doing back-ups, how often is a backup done, where is the back-up saved, etc. This does not only refer to backing up images or the corresponding database, but also configuration information, hanging protocols, audit trails, monitor calibration records, etc.

Policies of who has access to what external information is critical as well, as these mission-critical systems have to be extremely well protected from downloading viruses or other malware. In many institutions, the use of external memory sticks is forbidden, and computers are configured to disable these external inputs. Virus scanners, firewalls and intrusion detection systems are critical as well as the definition of Virtual Local Area Networks (VLANs) to restrict traffic, and VPN’s for any external connection. If an external connection is used by a vendor, for example, it should always be routed through an internally managed router, which supports audit trails, preferably using standards as defined by IHE (there is a so-called ATNA integration profile defined for audit trails).

In the US, I have heard of a couple of instances where a system was brought down for several hours or even one or two days because of virus infection, but that seems to be less and less common. I am convinced that the decrease is related to strict enforcements of policies, due to a heavier influence of IT in imaging departments. More PACS administrators are now reporting to IT, if only with a “dotted line” on the organization chart, and PACS administrators have also increased their skill sets, witnessed by the thousands of certified professionals.

By contrast, if I ask in my PACS training classes that I teach in emerging and developing countries, the number one PACS support issue is the constant fight against viruses and malware. There is no question in my mind that this is due to a lack of skills, too few certified professionals, and the absence or lack of enforcement of sound IT policies.

It is obvious that sub-optimal operation impacts the availability of timely and accurate information and ultimately patient care. To resolve this requires building awareness among the decision-makers for the implementation of these imaging and information systems, and stepping up their support for their professionals who seek to obtain these skills. Top-down management support is needed to enforce sound IT policies such as limiting the downloading of information from the Internet, disallowing the use of external media, and other critical policies affecting safety and security. Maybe it takes an incident, such as the case of a hospital in the Northwest United States that lost the images of hundreds of patients who had to be called back to the hospital to redo their exams.

In the meantime, the best thing I can do is keep on writing about this subject, promote the use of policies and procedures, and keep on teaching. Hopefully, I will be heard and people will start taking notice.

Friday, March 8, 2013

HIMSS 2013: My top Ten list of What’s in and What’s out.

The HIMSS2013 bustling exhibition

This year’s HIMSS meeting was held in New Orleans, a city that is still struggling to recover from Katrina as was evident from the many empty houses that are still around. This was especially clear when taking the back roads to the airport at peak traffic hour. According to the cab driver, 300,000 people never returned to the city, which ends up being close to 30 percent of its population. But, walking downtown, there was not much evidence of that as it was swinging with music, although it was a little bit hard to find authentic Jazz or the traditional Cajun music with the washboards and accordions.

The HIMSS meeting was bustling with health care IT professionals listening to a good line-up of speakers and educational courses. There were many demonstrations of new products and technologies; here is my (very subjective of course) list of significant developments as well as cool gadgets.

1.       The McKesson interoperability deal is in, Epic is out: Mckesson and Cerner announced a non-profit entity called CommonWell Health Alliance, and were joined by Allscripts, Athenahealth and Greenway. This organization intends to create standards allowing data sharing for patient information. This activity poses two questions: why is Epic, which has the major share of the EMR market absent from this alliance? Second, why replicate work that is already being done by the IHE organization that provides a platform and venue for testing for anyone not just five vendors. To me, this sounds a little bit like the agreement that Philips and Siemens made many years ago to support a mutual imaging format standard called SPI, which, fortunately, has been replaced by an open standard, i.e., DICOM. Another possibility for this alliance could be to counteract the IHE USA organization contracting with ICSA labs in a push for certification, which resulted in a meager eight vendors being certified at the recent Connectathon. It will be interesting to see if this effort will become more of a political than a technical endeavor.

Proximity badge and fingerprint scanner
2.       Fingerprints are in, passwords are out: Everyone agrees that passwords are a necessary evil. While being cumbersome to remember and maintain, combined with audit trails, they effectively meet HIPAA security and privacy requirements. Many institutions have implemented single sign-on, either using the CCOW mechanism as defined by IHE for that specific purpose, or using commercially available semi-proprietary solutions. However, it is still a pain, especially when they expire, have to be reset[MU1] , or, heaven forbid, are shared among practitioners. A better solution is using proximity detectors and fingerprint scanners. A problem with these fingerprint scanners has always been that they could not read through latex gloves, however the new scanners can do that. So, out with the passwords!

      3.       FHIR is in, MINT is out: The Medical Imaging Network Transport (MINT) standard got a bit of attention last year as an alternative to the DICOM communication standard. However, this seems to be fizzling out especially as new additions to the DICOM standard are being defined to facilitate internet based transports. In contrast, there is still a major issue with querying information using the HL7 protocol. HL7 is based on trigger events, for example a patient admission, arrival, or order placer, and not until recently was there a query capability. And, the query capability added to the later version of V2 has been poorly implemented, if at all. The Fast Healthcare Interoperability Resources (FHIR) initiative has developed a draft standard to address some of these limitations and a mini-Connectathon has shown good results. This standard uses web 2.0 and RESTful principles. As it is still a draft, there is quite a bit of work to be done, but this might actually facilitate extended functionality allowing EMR’s to communicate.

Virtual Hospital demonstration
4.       IHE showcase is in, virtual hospital is out: The IHE showcase was a blast this year; its location was in the middle of the conference rooms, instead of last year being in the basement, and it had its own dedicated ballroom. I had the honor of being one of the docents, [MU2] and was able to shuttle many groups from all over the world through the various use cases. The reactions from attendees ranged from “amazing” to “when can I have this in my product.” For example, one of the use cases showed how three EMR’s from a PCP, specialist and another PCP, are able to exchange information crossing two different domains (simulating state boundaries) and thereby using the appropriate HIE gateways, while exchanging documents with all kinds of patient information. If you missed it this year, make sure to look it up next year. The virtual hospital demonstration was also an excellent demo, however, it was more driven by commercial vendors showing applications such as in an ICU, OR, or other settings, and it was at the end of the exhibition hall, much harder to miss than the interoperability showcase. It seemed to get good attendance as well, but there was much less emphasis on the impact of open standards and interoperability.

    5.       Scooters are in, the sports cars are out: I remember when I first started to go to the HIMSS meeting, the give-aways were really over the top. It was even hard to schedule any meetings because you had to work around the various drawings for sports cars and other high-tech gadgets. Getting a chance to participate in a drawing for an i-Pad for allowing a company to get your business card seems to be the current trend right now, however most people already have a tablet (unless they like the i-Pad for their kids, or, maybe parents).  In any case, I typically don’t participate in the drawings, but this time I could not resist taking a chance for a Vespa scooter. It brought back good memories for me, driving with my spouse on the back from Amsterdam to Italy when I was young. If this sounds crazy, yes it is, but then ... when you are young you sometimes do stupid things.

Video of gait in left window,
clinical images on right
6.       Video is in, DICOM is out: Storing images in a DICOM format is simple and seems to have become a commodity now. PACS systems have been widely implemented, at least in the USA and Western hemisphere, and many institutions are already in the second or even third generation and/or vendor. The next challenge is to capture all those video’s that are being created and stored in many departments in a hospital. Some of them can be encapsulated in a DICOM format, such as those generated by endoscopy or surgery devices, however, many of the departments that create videos have no clue what DICOM is all about, and merely store videos on DVD’s. A good example is shown on this picture where a video is shown of a person’s gait, for example, taken before and after hip or back surgery or as part of a physical therapy program. Properly identifying these video clips with sufficient metadata so they can be managed, retrieved and displayed is somewhat of a challenge, and is typically done by using an enterprise archive (VNA) with viewers that have the capability to retrieve and display them. This is an area that will get a lot of attention over the next few years.

7.       Big DATA is in, MU is out: Last year it was all about Meaningful Use (MU), this year this seems to be “old” and it was all about the Big DATA and how to manage it. The US EMR Adoption model which is based on the HIMSS survey of EMR implementations and their functionality still shows that the majority[MU3]  of the hospitals are at stage 3 (38.3 percent as of the fourth quarter of 2012), which includes functionality such as nursing documentation (flow sheets), clinical decision support, and proliferation of PACS outside radiology. Stage 3 means the support of stage 2, 1, and 0 as well, which includes HIE connectivity, the use of medical vocabularies and lab radiology and pharmacy being integrated electronically. Therefore, most hospitals now  have at least some encoded data that can be exchanged. One also would find that some of the long neglected areas suddenly become very valuable data sources. For example, let’s take long-term care. Compared with a hospital, which has only information about the patient from the hospital stay, the long-term care facility will have many years of data. In addition, some of the academic institutions that have kept their patient data forever, instead of aging and deleting it after let’s say seven years, are now sitting on a gold mine of data (think the Mayo clinic). Now the question is, what we can do with this massive amount of data to improve the way we practice healthcare in the USA? I have not seen a good answer yet, and this is definitely going to be an area where we need expertise from other industries and domains. Big DATA, defined as too large, complex and dynamic for any conventional tools to analyze, will definitely be a major topic of discussion.

8.       Structured Report is in, retyping text is out: Almost all of the ultrasound devices, especially the high- end ones, are now creating the measurements in a standard electronic format using the DICOM Structured Report (SR) encapsulation. DICOM includes many templates that are geared towards specific applications, such as cardiovascular, cardiology, OB/GYN and many more. The problem is that the interpretation of these well-defined templates is not supported widely by the many reporting systems, therefore defeating the purpose of SR support. This is despite the major potential efficiency improvement provided by better-defined vocabulary and codes that prefill the information from these SR’s into the templates. To me this interfacing seems to be a no-brainer, but I guess that is not what these big reporting companies think. The good news is that there are other companies (PACSGear for example) that are filling this gap and creating interfaces to, in this case Powerscribe to make this happen.

9.       Kiosks are in, receptionists are out: Healthcare could use some of the innovations used by the airline industry and even some hotels and fast food chains by implementing kiosks for patients to enter their basic information. Many institutions are also starting to use tablets for a patient to enter his or her admission information, but kiosks are a little bit more versatile because one could also implement an identity card scanner. They are also less prone to be stolen as it would be harder to walk off with a kiosk, compared to a tablet, which might just fit in a big pocket or purse. I am probably not alone in not liking the impersonal nature of these devices but it sure is more efficient and supposedly more accurate. If the use of Personal Health Records (PHR’s) becomes more widespread, these  could be used to “check-in” and authorize the PHR access, instead of having to enter all of the patient information again. Another issue is the “digital divide,” between those who are computer illiterate and those who are fluent with computers. This will continue to require personal attention regardless of the data capture, but that divide is shrinking rapidly, if for no other reason than the widespread use of smartphones. The challenge is vendors will have is to make their user interfaces look like an i-Phone from which they still can learn a lot with regard to usability.

10.   And last but not least, Blackouts are in, water is out: Well, we did not have a blackout during the HIMSS meeting, but when I checked in at my hotel on Sunday morning there was no water. It took a few hours for the water to be back up and running, but then it was not safe to drink the water for another two days. The worst thing was that all of the coffee shops were not serving any fresh brewed drinks either. So, for the StarBucks addicts, including myself, it took some getting used to running on a low-caffeine diet. The official explanation of the event was that the power problem was caused by a fire at a sub-station. I think it was good old Voodoo telling all those high-tech professionals to make sure that we are not going to be too dependent on high-tech and making sure we always have a back-up (fresh water bottles in this particular example).

In conclusion, HIMSS 2013 was a blast, Orlando next year will definitely not have the same ambiance, we will miss the jazz and good food. There were no spectacular new products and services that I saw, but more of a continuation of the massive effort to implement EMR’s that have decent usability and make sense of all the information overload we are creating. We’ll see whether there are going to be some more intelligent solutions next year to deal with this.