10/29/2007

Vol. IV, No. 38

Health Information Technology Team
Brought to you by Thomas Jefferson University’s Department of Health Policy

Health IT Panel Releases Standards for Data Security, Privacy

The Healthcare IT Standards Panel, an HHS advisory group, has released security and privacy standards
intended to ensure the privacy of electronically transferred patient data. The “security and privacy constructs”
will protect data in various situations, including electronic delivery of lab results to clinicians, medication
workflow for providers and patients, and consumer empowerment. The security and privacy standards are part
of HITSP’s ongoing effort to ensure the interoperability of EHR systems nationwide. John Halamka, HITSP
chair, said the standards will be integrated “into our past, present and future interoperability specifications.”
The constructs, identified by ONCHIT as key prerequisites for exchange of clinical information among
providers, are expected to help coordinate care, reduce errors, and control costs. The requirements include
managing document sharing and ensuring document integrity, collecting and communicating security audit
trails, synchronizing network clocks, validating identity of people or applications accessing data, controlling
access to data; and managing patient consent directives. The panel noted that the constructs have gaps, e.g.,
“lack of standards to communicate the full access control policies and obligations in the fidelity that health
care ultimately needs.” (Government Health IT, 10/23; iHealthBeat, 10/24)

White House Calls on HHS To Develop Biosurveillance System

A new White House directive orders HHS to build a national biosurveillance system to detect public health
threats, relying on e Health IT where possible. Homeland Security Presidential Directive 21 calls on HHS to
build a system “that is predicated on state, regional and community-level capabilities and creates a networked
system to allow for two-way information flow between and among federal, state and local government public
health authorities, and clinical health care providers.” Within 6 months HHS must create an Epidemiologic
Surveillance Federal Advisory Committee working with the departments of Defense, VA, and Homeland
Security. The directive establishes the Cabinet-level Public Health and Medical Preparedness Task Force,
chaired by the HHS secretary, to develop the implementation plan. (Government Health IT, 10/19;
iHealthBeat, 10/22)
Kennedy Urges Health Agency To Finalize Patient Safety Rules
Sen. Edward Kennedy (D-Mass.) on Thursday sent a letter to HHS Secretary Mike Leavitt urging the agency
to finalize rules to implement the Patient Safety and Quality Improvement Act of 2005. Under the law, HHS
would establish through certified patient safety organizations a network of databases to gather and analyze
reports of medical errors and near-misses. HHS also would have to adopt standard formats for database
reporting. The databases are intended to help identify the causes of adverse events and develop methods to
reduce errors in health care facilities. Under the law, any analysis of regional and national statistics and trends
will be made public through annual reports. In the letter, Kennedy said he was disappointed by the delay in the
regulation review process, as well as by the department's slow response to a request he made more than four
months ago to give him a timeline detailing progress on the act. (Modern Healthcare, 10/18; Health Data
Management, 10/18; iHealthBeat, 10/19)

Pennsylvania Hospitals Form Regional Health Information Exchange

3 central Pennsylvania hospitals have formed a regional health information organization to share important
health information during emergencies. The project includes developing a secure list of community patients to
help physicians identify those who received care at one of the hospitals. Participating hospitals include
Bloomsburg Hospital, Geisinger Health System in Danville, and Shamokin Area Community Hospital in Coal
Township. A secure Web-based browser has been developed to link the patient data and allow emergency
department doctors to access information from all three participating facilities. (AP/Harrisburg Patriot-News,
10/17; iHealthBeat, 10/19)
Survey: More Hospitals Using Surveillance To Manage Infections
An October survey finds that more than 22% of hospitals are using an automated surveillance system to
manage hospital-acquired infections. The survey from Premier, a group-purchasing consortium of hospitals,
shows a nine percentage point rise in the use of surveillance for hospital-acquired infections since February.
An additional 47% of respondents also said they are considering adopting an automated surveillance system to
better manage hospital-acquired infections. The survey also found that 28% of respondents are participating in
the National Healthcare Safety Network hospital-acquired infection reporting and analysis database from
CDC, while 8% said they are enrolling in the database. The survey contained other questions about the
challenges of managing hospital-acquired infections. (Health Data Management, 10/18; iHealthBeat, 10/19)
Study: EHRs Can Boost Safety, But Further Research Needed
EHRs can provide benefits for patient safety initiatives, although EHRs and their impact must be better
understood before the benefits can be realized, according to a study by the Alberta, Canada Integrated Centre
for Care Advancement through Research. The study, “The Relationship Between Electronic Health Records
and Patient Safety,” found there are no EHR standards with evidence-based outcomes that directly affect
patient safety, despite the widely held assumption in the health industry that electronic data improves
workflow and safety. The study also found a cultural impact on organizations that adopt EHRs. The
organization reviewed 135 documents on EHRs and patient safety and interviewed stakeholders. (Health IT
Strategist, 10/23; iHealthBeat, 10/24)
IBM To Pay Employees for Enrolling Children in Web Health Program
IBM will launch a 12-week online diet/exercise training program to fight obesity in its employees’ children. It
will pay $150 to employees whose children complete the program and will not limit it obese ones. IBM reports
its wellness programs paying employees to improve health have saved $100-130 million annually; in 2002
62% of 128,000 U.S. employees signed up for fitness/exercise programs that paid for keeping online diaries.
(Wall Street Journal, 10/24; iHealthBeat, 10/24)
EHR Program Helps Identify Patients at Risk of Osteoporosis
An outreach program using electronic health records significantly improved follow-up care for patients who
sustained a fracture and are at risk of osteoporosis, according to a study by Kaiser Permanente's Center for
Health Research. Researchers examined the health records of 3,588 women, age 67 and older, who had a
qualifying fracture, which excludes a toe, finger, skull or facial bone.
Adrianne Feldstein, lead author of the study, said, "Often when a patient sustains a fracture, there is a
disconnect between the treating orthopedist and the patient's primary care physician." While medication can
reduce fracture risk in people with osteoporosis, many patients -- including those who already sustained a
fracture -- do not receive the necessary bone mineral density screenings and medication, according to
Feldstein. Under the Kaiser outreach program, primary care physicians received messages in patients' EHRs
that provided follow-up care advice and contact information. With physician approval, patients were contacted
by outreach staff, who advised patients about the risk of osteoporosis and future fractures. The staff also
ordered laboratory testing, medication or a bone mineral density test. The outreach efforts increased the rate of
fracture patients being evaluated or treated for osteoporosis from about 13% to 44%. Feldstein said, "It's likely
we can and should get above that" percentage. She added that "using [EHRs] to identify patients at risk, using
phone calls and e-mails to clinicians, can be done in almost any care setting." (Columbian, 10/24; iHealthBeat,
10/25)

Any questions regarding this newsletter can be directed to

Albert Crawford at albert.crawford@jefferson.edu or
Erin Whitesell at erin.whitesell@jefferson.edu.