44% of hospitals reported [to OIG] that they can delete the contents of their EHR audit logs whenever they'd like?

Modern Healthcare published an article "Feds eye crackdown on cut-and-paste EHR fraud" on Dec. 10, 2013 by Joe Carlson.

The article is about federal efforts to reduce the amount of clinician cut-and-paste from prior notes of a patient (which can even be done between charts of different patients), and result in overbilling for work not actually performed.  The practice can also result in no-longer-accurate date being carried forward; I have been consultant to cases where that phenomenon, in my opinion, contributed to grave patient injury in cases that have settled out of court.

It is at this link:  http://www.modernhealthcare.com/article/20131210/NEWS/312109965/feds-eye-crackdown-on-cut-and-paste-ehr-fraud?utm_source=articlelink&utm_medium=website&utm_campaign=TodaysHeadlines#

Subscription required, but googling the article title may allow reading it in its entirety.

The article begins:

Federal officials say the cut-and-paste features common to electronic health records invite fraudulent use of duplicated clinical notes and that there is a need to clamp down on the emerging threat. That concern is enhanced by the fact that it's too easy to turn off features of EHR systems that allow tracking of sloppy or fraudulent records.

In an audit report released Tuesday morning (PDF), [HHS Office of Inspector General, "NOT ALL RECOMMENDED FRAUD SAFEGUARDS HAVE BEEN IMPLEMENTED IN HOSPITAL EHR TECHNOLOGY"], HHS agencies confirmed that they are developing comprehensive plans to deter fraud and abuse involving EHRs, including guidelines for cut-and-paste features. The issue arises at a time when critics say federally subsidized digital patient record systems are sometimes being used inappropriately by providers to drive up reimbursement.

“Certain EHR documentation features, if poorly designed or used inappropriately, can result in poor data quality or fraud,” according a report from HHS' Office of the Inspector General.

None of this is a surprise to me, and to readers of this blog.

However, the real "money quote" in the article, I believe, is this:

"In addition, only 44% of hospitals' “audit log” systems could record whether cut-and-paste was used to enter data, and an identical percentage of hospitals reported [to OIG] that they can delete the contents of their internal audit logs whenever they'd like."

An audit log or audit trail is an automatically-generated dataset, invisible to most users, containing items such as who viewed records, the date/time/location of viewing, and editing/changes/additions/deletions they may have performed on the records, etc.

As an EHR itself is a collection of magnetized or optically encoded bits on some computer storage medium, it cannot be authenticated as complete and free from alteration by humans.

The audit trail is the only way to authenticate an EHR printout, however, as complete and free from alteration.

If an EHR printout cannot be authenticated as complete and free from alteration, its trustworthiness and perhaps even court admissibility as a business record under an exception to the hearsay rules regarding evidence may be damaged or invalidated.

My concern is that, if true, and considering the conflict of interest a hospital has regarding hiding potential fraud or malpractice that could cost them millions of dollars, a capability to "delete the contents of their internal audit logs whenever they'd like" is simply alarming.

I don't think the EHR pioneers intended EHRs to be used for purposes of allowing evidence spoliation without traceability ...

-- SS

Dec. 10, 2013 Addendum: 

From page 11 of the HHS OIG Report linked above:

(In 2006, ONC contracted with RTI International (RTI) to develop recommendations to enhance data protection; increase data validity, accuracy, and integrity; and strengthen fraud protection in EHR technology.)

... Hospitals' control over audit logs may be at odds with their RTI- recommended use as fraud safeguards:

RTI recommends that EHR users not be allowed to delete the contents of their audit log so that data are always available for fraud detection, yet nearly half of hospitals (44 percent) reported that they can delete their audit logs. Although these hospitals reported that they limit the ability to delete the audit log to certain EHR users, such as system administrators, one EHR vendor noted that any software programmer could delete the audit log.

RTI recommends that the ability to disable the audit log be limited to certain individuals, such as system administrators, and that EHR users, such as doctors and nurses, be prevented from editing the contents of the audit log because these actions can compromise the audit log's effectiveness. Hospitals reported they have the ability to disable (33 percent) and edit (11 percent) their audit logs, although they reported restricting those abilities to certain EHR users, such as system administrators or EHR vendors. All four EHR vendors we spoke with reported that the audit logs cannot be disabled in their products, but one vendor again noted that a programmer could disable the audit log.

-- SS

For Whom the Door Revolves - from For-Profit Contract Research Organization Leadership to Surgeon General?

The new nominee to be US Surgeon General is Dr Vivek Murthy, as announced in the Boston Globe White Coat Notes blog in November.  A Boston Globe article a few days described not only his "healthy lifestyle" which included ingestion of "unflavored almond milk, raw carrots, and high-protein grains," as well as the practice of yoga, but how he has

strived to use his medical degree to help patients beyond the hospital walls through starting health care companies and nonprofits. His supporters hope that his record stands out....

While the US Surgeon General has little power, occupants of the office have tried to use it as a bully pulpit, often for public health issues.  For example, Dr C Everett Koop was known for his campaign against smoking, and his advocacy for public health measures to combat HIV.   Most previous Surgeons General came from academic, public health, and/or practice backgrounds (Dr Koop was Physician-in-Chief of the Childrens Hospital in Philadelphia; his successor, Dr Antonia Caremello was in academic pediatrics, private practice, and at the NIH; then Dr M Jocelyn Elders also came from academic pediatrics, etc.)

Dr Murthy superficially seems to come from this tradition.  The Globe article noted his "professional life as a Brigham and Women's Hospital [a prestigious Harvard teaching institution] physician."

However, Dr Murthy was also described by the official statement nominating him to be surgeon general as "Co-Founder and Chairman of the Board of TrialNetworks, formerly known as Epernicus, since 2007."  The Globe called it a "software start-up company in Needham ... to help drug developers efficiently collect information from clinical trials."

But wait, an op-ed in early December in USA Today called him a "self described passionate entrepreneur" and "a part-time physician and a full-time businessman."  In fact, the TrialNetworks web-site describes a company that

provides sponsors and CROs the industry's only Clinical Trial Optimization System. Using this modern and intuitive cloud-based technology, customers such as Merck & Co. and Infinity Pharmaceuticals are able to transform the quality and efficiency of clinical operations at each stage of a trial from feasibility through closeout. Companies ranging from biotechs to Top-10 pharmas have implemented the TrialNetworks platform for use in Phase I-IV trials by more than 25,000 site staff in 60 countries.

Thus, TrialNetworks is a form of for-profit contract research organization in that it is apparently paid by drug and biotechnology companies to help them do clinical trials and other clinical research.

Its website includes customer testimonials from  Merck, Biogen Idec, Infinity Pharmaceuticals, and Ariad Pharma.

So apparently Dr Murthy, if approved, may be the first US Surgeon General to come through the revolving door from a leadership position in a company that is a variant on the for profit contract research organization theme, an organization that supports clinical research by the pharmaceutical industry, and has major pharmaceutical and biotechnology corporate clients.  As we have discussed, most clinical research is now sponsored, and effectively run by for-profit drug, biotechnology and device companies, and is devoted to efforts by these companies to assess their own products, often ostensibly as required for regulatory approval, but often influenced by marketing considerations.  Unfortunately, the domination of clinical research by those with vested interests in having the research turn out in favor of their own products has resulted in many examples of manipulation of the research, and suppression when that manipulation has failed to produce the desired results.

So the obvious concern about Dr Murthy would be whether he would use his bully pulpit only to support patients' and the public's health,  or would his prior experience in a leadership position in commercially sponsored pharmaceutical research influence him in favor of that industry's priorities?

As we have discussed, US health care is now dominated by for-profit corporations, and these organization can command the effort of multi-million or billion dollar marketing and public relations divisions to sell their products and the policy positions they favor.  These organizations hardly are in need of more bully pulpits.  Yet it seems that this new appointment will further increase the influence in government of big health care business, rather than that of health care professionals, patients, and the people in general.

Sadly, it seems that Dr Murthy's nomination is just the latest example of how leadership of health care in government and in the corporate world now overlaps, and how the role of "pure" health care practitioners and health care academics in government has waned.  As we previously noted,  the system in which government and big corporations largely overlap in terms of their leadership and presumably goals is called corporatism.  One can argue that such systems end up being run primarily for the benefit of corporate and government insiders.

 Until we dispel the fog of corporatism that has spread over the government that was once supposed to be of the people, by the people, and for the people, expect no real health care reform, and expect continuing rising costs, declining access, and worsening patient care. Obviously, true health care reform would start with the government and its officials putting patients' and the public's health first, way ahead of the financial comfort of corporate leaders.

I would note that neither the currently controversial and now operational Affordable Care Act, nor any of its opponents schemes for alternatives addresses this issue.

by Roy M. Poses MD for Health Care Renewal 

Does "Metabolically Healthy Obesity" Exist?

Obesity is strongly associated with metabolic alterations and negative health outcomes including diabetes, cardiovascular disease, and some types of cancer (1, 2, 3, 4).  Excess body fat is one of the primary causes of preventable health problems and mortality in the United States and many other affluent nations, ranking in importance with cigarette smoking and physical inactivity.  Obesity is thought to contribute to disease via the metabolic disturbances it causes, including excess glucose and lipids in the circulation, dysregulated hormone activity including insulin and leptin, and inflammatory effects.  This immediately raises two questions:

1. Does metabolically healthy obesity exist?
2. If so, are metabolically healthy obese people at an elevated risk of disease and death?

Does metabolically healthy obesity exist?

Read more »

Sickness in the Information Technology Sector: Technical problems, discord plagued Maryland health care site

Eye-opening, ground-level, no-holds-barred accounts of IT mismanagement and mayhem are too rare, considering the stakes in 2013.  The behind-the-scenes crap that goes on needs a great deal of sunlight. Below is such an account of great merit, in the Baltimore Sun.

First, I note physicians and nurses are generally able to collaborate to take care of sick patients.  They are natural "team players"; taking care of patients is their professional calling.  I did it all the time in my patient care years, especially in critical care settings, where lack of collaboration with colleagues could lead to dead patients.

IT personnel are another species entirely.  It's all about territory, competition, self-promotion, empire-building, drinking from the ever-flowing fountain of money, etc.; process matters more than results; and to hell with the end users, let alone patients.

Here is, in macro form, the Fifty Shades of Mass Dysfunction I've encountered any time my professional work intersected with IT personnel, whether in hospitals or industry.  And I was supposed to simply "shut up" about this crap - 

Technical problems, discord plagued Maryland health care site
http://www.baltimoresun.com/health/bs-hs-exchange-woes-20131207,0,6559272.story 

By Meredith Cohn and Andrea K. Walker, The Baltimore Sun 10:50 p.m. EST, December 7, 2013

Although state officials have provided the public scant detail about the troubled launch of Maryland's version of Obamacare, emails and documents show that the project was beset behind the scenes for months by an array of technical issues, warring contractors and other problems.

Since Maryland's online health exchange opened Oct. 1 for people to buy insurance under the Affordable Care Act — and immediately crashed — the two main companies in charge of the website have taken their fight to court, a corporate project manager was replaced and a high-powered consulting firm was quietly brought in to restore order. Though state officials initially said the crash of the online exchange was an unexpected and fixable problem, emails and documents obtained by The Baltimore Sun through state open-records laws outline serious issues before and after the launch.

The revelations came just days before Rebecca Pearce, the head of the exchange, resigned. State officials announced that move Friday night and pulled Carolyn Quattrocki from the governor's health reform office to serve as an interim replacement

I am going to reproduce some paragraphs that show just how chaotic are the processes - in any health IT endeavor, whether they be for the exchanges that are essential to getting insured, or to the hospital IT systems that are essential to getting out of the hospital in something other than a pine box.

Emphases mine:

Just two weeks before the launch, Pearce visited the prime contractor's Linthicum headquarters and found a room of empty seats. She fired off an email questioning the company's commitment to resolve problems and reminding the contractors of what was at stake: "Tonight, I am begging. I don't know how else to say it: we have got to make this a reality."

Despite her proddings, in-fighting between contractor Noridian Healthcare Solutions and a key subcontractor, EngagePoint Inc., disintegrated amid finger-pointing and accusations in court papers. At one point, after Noridian severed contractual ties between the companies but continued to ask for help, EngagePoint CEO Pradeep Goel emailed Noridian officials: "Are you people on crack cocaine?"

Contractors, subcontractors, all offering "solutions" in healthcare and all likely to have not a single soul on board with anything beyond a merchant-computing background.

And nice, friendly questions amongst the friendly, collaborative finger-pointing and accusations typical of the IT world when mass mayhem occurs.

And a begging boss?  How lovely.

... Pearce, who was hired in 2011 at a salary of $175,000, declined to comment on problems surrounding the exchange or her resignation.  [If I were her I would have resigned out of disgust with these idiots.  Oh wait - I did leave IT positions for reasons, in part, like that  - ed.]

The emails provided by the state covered the two weeks before and after the website launch. They give only a limited behind-the-scenes view of creating and launching the exchange. Officials withheld an unknown number of emails, saying state law exempts them from disclosure because they involved the decision-making process of high-ranking executive officials.

The troubles in Maryland mirror problems faced by other state exchanges, as well as the federal portal providing insurance options to consumers in 36 states.

 Emails withheld under claims of legal privilege means we'll never know all the dirt.

... In Maryland, Sharfstein said the complexity was compounded because of an aging state Medicaid computer system that needed to be integrated into the exchange. Officials also chose to customize existing technology that proved tougher to retrofit than expected, he said.

"Unlike buying a book online from Amazon, this process is more akin to applying for a passport, buying a home, and receiving an individually calculated tax credit all through a single web portal," O'Malley said Friday night. "We had more user glitches and user problems than we had hoped.

"A longer testing period might have allowed us to prioritize and address more of these problems before the launch date. Time and ultimate success will tell whether the decision to purchase off-the-shelf software and employ multiple contractor entities were good or bad decisions."

"Hope" is not a proper project management technique of which I am aware, especially in a project of the admitted complexity as this one.

"Tougher to retrofit than expected?" Expected by whom?  IT "experts" who believe in unicorns and the tooth fairy?  I point out that in medicine, such mistakes are called "malpractice."

A longer testing period might have allowed us to address more problems?  But they went live anyway?

... In early 2012, the state gave a $71 million contract to develop the website to a Noridian-led team that included Curam Software, IBM and Connecture. To save time in creating the exchange, the Maryland legislature exempted the contract from the normal procurement process, and North Dakota-based Noridian outscored three other bidders.

Sharfstein said Noridian will likely remain at work in its Linthicum offices beyond its contract's year-end expiration. The company has already been paid about $57 million but the state contract allows penalties for delays. State officials declined to comment on whether any penalties will be sought.

Noridian is ultimately responsible for delivering the system, Sharfstein said. EngagePoint, which is based in Calverton, was not included in the original contract and appeared to have been hired without the exchange's knowledge, officials said.

The state first learned of the companies' "deep strains" in the three months before the website launched, according to documents in U.S. District Court in Baltimore. The issues disputed included accounting, project management, intellectual property and payment.

Emails offer a glimpse at how their differences affected efforts to build the site and then fix post-launch problems. Pearce repeatedly questioned the contractors' commitment to the project after Gov. Martin O'Malley announced on national TV that Maryland's site would go live on time.

On Sept. 22, after Sen. Barbara Mikulski echoed the governor in publicly applauding Maryland's readiness, Pearce wrote the contractors: "It's time to get this right. Now. Period."

Noridian was also criticizing the subcontractor it hired. On Sept. 25, Noridian's project manager wrote to Goel, complaining that EngagePoint refused to perform critical work: "EngagePoint is responsible for 'designing and implementing [an exchange] system,'" the project manager wrote.

The 8 a.m. launch was supposed to allow the estimated 800,000 uninsured Marylanders to sign in and browse 45 plans from six insurers. Officials had warned of "bumps in the road," but the site crashed in minutes.

... "As the executives in charge of this program, I would like to understand from you exactly what is happening with the project and what you are doing to address the issues," she wrote to the contractors at 7:56 a.m. on Oct. 2. By 4:10 p.m., she questioned why 85,000 people had hit the "get started" button, but there fewer than 500 accounts had been created.

About a half-hour later, she wrote to the contractors, "Can you please provide an update on what is going on right now? Who is on site? What has anyone learned?"

Some of the companies' emails focused on achievements rather than dwelling on worsening problems.

Noridian CEO Tom McGraw wrote to state officials on Oct. 4, "We have seen increases in all aspects of the system performance over the last several hours and anticipate that these will start showing in the next report."

But four days later McGraw notified state officials that the project manager was being replaced.

Conflict, favoritism, fighting, "it's not my job", lies, spin, stonewalling, strife ... chaos.

"Efforts to build the site and then fix post-launch problems" is also typical of the IT world.  In health IT, especially clinical IT, those harmed or killed during the "fixing" process are considered a necessary sacrifice, a "bump in the road."

... Paul von Ebers, CEO of Noridian Mutual Insurance Co., Noridian's parent company, wrote on Oct. 10 that the consultants "expressed concern with ongoing coordination issues between the Noridian and EngagePoint teams." He requested a meeting to resolve "working differences" between the companies.

This was days before Noridian fired EngagePoint, sparking the angry email exchanges and dueling lawsuits between the companies. Noridian then sought to hire EngagePoint workers; EngagePoint sued and was met with a counter-suit.

"We are expected to do piecemeal work for Noridian after contract termination because you just woke up and decided you don't know what you are doing?" Goel wrote Oct. 26. "We are not going to respond to ridiculous emails from Noridian demanding our team members show up for work after being escorted out of the office."

That's the path to progress:  firing subcontractors and attempting to steal their employees, and lawsuits and countersuits.

I could go on, but read the entire postmortem account (itself rare in large IT projects) at the Baltimore Sun link above.

Some of the de-identified cases at my academic site on health IT difficulties reflect this type of discord; some are mine personally such as at http://cci.drexel.edu/faculty/ssilverstein/cases/?loc=cases&sloc=clinical%20computing%20problems%20in%20ICU , http://cci.drexel.edu/faculty/ssilverstein/cases/?loc=cases&sloc=Cardiology%20story and http://cci.drexel.edu/faculty/ssilverstein/cases/?loc=cases&sloc=Cultures%20of%20mismanagement%20toxic%20to%20healthcare%20quality.

I was expected to "go along to get along" with this BS, and was deemed "not a team player" when I spoke up for enduser (clinician) and ultimate customer (patient) rights.

In summary, the IT world is demonstrably dysfunctional, with the types of conflict as in the Baltimore Sun story more the rule than the exception, especially where healthcare is concerned.  Good, relatively brief resources for better understanding these issues are the following papers:

Social Informatics.  An introductory essay entitled “Learning from Social Informatics” by R. Kling at the University of Indiana can be found at this link (PDF).  The book “Understanding And Communicating Social Informatics” by Kling, Rosenbaum & Sawyer, Information Today, 2005 (Amazon.com link here) was based on this essay.

Pessimism, Computer Failure, and Information Systems Development in the Public Sector.  (Public Administration Review 67;5:917-929, Sept/Oct. 2007, Shaun Goldfinch, University of Otago, New Zealand).  Cautionary article on IT that should be read by every healthcare executive documenting the widespread nature of IT difficulties and failure, the lack of attention to the issues responsible, and recommending much more critical attitudes towards IT.  linkto pdf

“Defensive climate in the computer science classroom” by Barker et al., Univ. of Denver.  Link here(subscription required).  May help explain the control-seeking culture of IT personnel.   As part of an NSF-funded IT workforce grant, the authors conducted ethnographic research to provide deep understanding of the learning environment of computer science classrooms. Categories emerging from data analysis included 1) impersonal environment and guarded behavior; and 2) the creation and maintenance of informal hierarchy resulting in competitive behaviors. These communication patterns lead to a defensive climate, characterized by competitiveness rather cooperation, judgments about others, superiority, and neutrality rather than empathy.

If a person thinks this technology will "revolutionize" healthcare anytime soon, considering the "people issues" involved let alone the technical ones, then that person is either hopelessly naïve, or needs a mental health evaluation (colloquially, "needs their head examined").

-- SS

But Don't Worry, Your Health Information is Secure: the Enforcers are Themselves Incompetent and Broke

Another in my "But Don't Worry, Your Health Information is Secure" series (see http://hcrenewal.blogspot.com/search/label/medical%20record%20privacy) ... a promise blindly made by the healthcare information technology hyper-enthusiasts.

The Office of the Inspector General for HHS just issued a report finding that the Office of Civil Rights (OCR), which is charged with enforcing the HIPAA/HITECH law, had itself failed to adequately protect the security of the health information it handled. Specifically OIG found that OCR “focused on system operability to the detriment of system and data security.”

From “The Office for Civil Rights Did Not Meet All Federal Requirements in Its Oversight and Enforcement of the Health Insurance Portability and Accountability Act Security Rule”, p. ii (Nov. 2013).  http://oig.hhs.gov/oas/reports/region4/41105025.asp

Summary:

The Office for Civil Rights (OCR) did not meet certain Federal requirements critical to the oversight and enforcement of the Health Insurance Portability and Accountability Act Security Rule (Security Rule). OCR had not assessed risks, established priorities, or implemented controls for its Federal requirements to provide for periodic audits of covered entities to ensure their compliance with Security Rule requirements. In addition, OCR's Security Rule investigation files did not contain required documentation supporting key decisions made because management had not implemented sufficient controls, including supervisory review and documentation retention, to ensure investigators follow investigation policies and procedures for properly initiating, processing, and closing Security Rule investigations. Further, OCR had not fully complied with Federal cybersecurity requirements for its information systems used to process and store investigation data because it focused on system operability [I presume they mean 'interoperability' - ed.] to the detriment of system and data security.

We recommended that OCR (1) assess the risks, establish priorities, and implement controls for its HITECH auditing requirements; (2) provide for periodic audits in accordance with HITECH to ensure Security Rule compliance at covered entities; (3) implement sufficient controls, such as supervisory reviews and documentation retention, to ensure policies and procedures for Security Rule investigations are followed; and (4) implement the National Institute of Standards and Technology Risk Management Framework for systems used to oversee and enforce the Security Rule. In its comments on our draft report, OCR generally concurred with our recommendations and described the actions it has taken to address them. In specific comments on our second recommendation, however, OCR explained that no funds had been appropriated for it to maintain a permanent audit program and that funds used to support audit activities previously conducted were no longer available.

The enforcers are themselves negligent, incompetent and broke.  And hospitals are expected to keep electronic protected health information secure?

I comment no further.  What more could I possibly write?

-- SS

Dec. 9, 2013 Addendum:

This woman would probably agree that this is a problem

Dec. 9, 2013
http://www.thestar.com/news/gta/2013/11/28/disabled_woman_denied_entry_to_us_after_agent_cites_supposedly_private_medical_details.html

Disabled woman denied entry to U.S. after agent cites supposedly private medical details

A Toronto woman is shocked after she was denied entry into the U.S. because she had been hospitalized for clinical depression.

Ellen Richardson went to Pearson airport on Monday full of joy about flying to New York City and from there going on a 10-day Caribbean cruise for which she’d paid about $6,000.

But a U.S. Customs and Border Protection agent with the Department of Homeland Security killed that dream when he denied her entry.

“I was turned away, I was told, because I had a hospitalization in the summer of 2012 for clinical depression,’’ said Richardson, who is a paraplegic and set up her cruise in collaboration with a March of Dimes group of about 12 others.

The Weston woman was told by the U.S. agent she would have to get “medical clearance’’ and be examined by one of only three doctors in Toronto whose assessments are accepted by Homeland Security. She was given their names and told a call to her psychiatrist “would not suffice.’’

At the time, Richardson said, she was so shocked and devastated by what was going on, she wasn’t thinking about how U.S. authorities could access her supposedly private medical information.

“I was so aghast. I was saying, ‘I don’t understand this. What is the problem?’ I was so looking forward to getting away . . . I’d even brought a little string of Christmas lights I was going to string up in the cabin. . . . It’s not like I can just book again right away,’’ she said, referring to the time and planning that goes into taking a trip as a disabled person.

Richardson said she’d had no discussion whatsoever with the agent at the airport about her medical history or background.

Read the whole thing.

-- SS

On Hypervigilance Due to Bad Health IT: "Texting While Doctoring: A Patient Safety Hazard"

An Opinion piece "Texting While Doctoring: A Patient Safety Hazard" appeared in the Annals of Internal Medicine of 3 December 2013, authored by Christine A. Sinsky, MD and John W. Beasley, MD.  Dr. Sinsky is known to me to be what some would call a "heatlhcare IT iconoclast" (more accurately represented by the term "healthcare IT gadfly/realist" IMO).

In the piece the authors comment on the distractions caused by the technology, leading to doctors missing important cues in the exam room and to and impaired problem-solving.  This is part of a larger phenomenon that has been called "skill-degrading" or "de-skilling", e.g., see my April 16, 2010 post "Health Information Technology Basics From Calif. Nurses Association and National Nurses Organizing Committee" at http://hcrenewal.blogspot.com/2010/04/health-information-technology-basics.html).  

These effects are likely to be further worsened as more and more clerical tasks such as order entry, the authors point out, get shifted to medical professionals.  To new readers: note that computerized order entry is often a complex and convoluted process; the CPOE systems are most decidedly NOT mere "typewriters for orders."  See, for instance, part 6 of my series on "Mission-hostile health IT" at http://hcrenewal.blogspot.com/2009/02/it-makes-healthcare-easier-is-this.html.

Most of the Annals article is available as a free preview at http://annals.org/article.aspx?articleid=1784295 as of this writing and is worth reviewing.

Article preview, click to enlarge

I found one passage in particular striking, though.  In my ongoing discussions with computer scientist/informaticist/polymath Dr. Jon Patrick at U. Sydney (http://www.healthll.com.au/?page_id=440) , the issue of hypervigilance necessitated by bad health IT came up, and we arrived at the definition of same seen at my teaching site at http://cci.drexel.edu/faculty/ssilverstein/cases/:

Bad Health IT ("BHIT") is defined as IT that is ill-suited to purpose, hard to use, unreliable, loses data or provides incorrect data, is difficult and/or prohibitively expensive to customize to the needs of different medical specialists and subspecialists, causes cognitive overload, slows rather than facilitates users, lacks appropriate alerts, creates the need for hypervigilance (i.e., towards avoiding IT-related mishaps) that increases stress, is lacking in security, compromises patient privacy or otherwise demonstrates suboptimal design and/or implementation. 

Note this passage in Dr. Sinsky and Beasley's opinion piece:

"I am always multitasking ... I am entering orders, checking labs, downloading information while I talk to the patient.  It requires chronic hypervigilance, which is exhausting and demands conscious effort to stay in the 'present' with the patient" (Day S., Personal communication.)  Click to enlarge.

I don't know if Dr. Day had seen my materials, but I suspect the exhausting hypervigilance is all too common, just not much publicized due to the secretive, closed, retaliatory-towards-whistleblowers nature of the healthcare IT sector.

I ask:  is this what we really want, in pursuit of some uncertain cybernetic miracle?

I note that the healthcare IT experiment (and the technology is experimental), long usurped from the Medical Informatics pioneers who trained me and put in the hands of commercial interests and those of a mercantile/manufacturing/management computing background, is increasingly a failure.

-- SS

How Many Straws? - Johnson and Johnson Settles Again, Again, Again...

It seems like a minor case, but is another straw for the camel.

The Latest Settlement

Reported in most detail by Modern Healthcare,

Two executives at a subsidiary of Johnson & Johnson have agreed to pay a total of $50,000 to resolve allegations that they knowingly sold mislabeled products used in the sterilization of gastrointestinal scopes and surgical drills.  The settlement also calls for the J&J subsidiary, Advanced Sterilization Products, to pay $1.25 million to resolve a civil complaint filed by the Food and Drug Administration. ASP President Bernard Zovighian will pay $30,000, while Richard Alberti, quality and compliance vice president, will pay $20,000. None admitted wrongdoing.

'ASP's actions violated the law and put patients at unnecessary risk for infection,' Steve Silberman, director of compliance at the FDA Center for Devices and Radiological Health, said in a statement.

Last year, ASP announced two recalls affecting a product called the Cyclesure 24 Biological Indicator, which is used to make sure that medical equipment sterilized using ASP's Sterrad low-temperature cleaning machines is free of bacteria, fungi and viruses.

FDA inspectors, according to a civil complaint last July, uncovered evidence that the company sold the Cyclesure 24 tests with 15-month expiration dates even though ASP's internal studies had not established the product's safe shelf life was that long.

After the issue was discovered, ASP shortened the shelf life of the Cyclesure indicators to six months. The company also recalled all lots of the products manufactured between February 2008 and December 2011.

Dirty endoscopes used during colon cancer screenings, for example, have been implicated in the transmission of hepatitis C and many types of bacteria, according to ASP's own website. 

Note that this case involves not just legal technicalities, but failures of disclosure that could have put real patients at risk of significant harm.

The Context

This case comes only one week after we discussed a huge ($2.5 billion) settlement by Johnson and Johnson of allegations that it withheld data about major safety problems affecting metal-on-metal hip prostheses, and two smaller settlements of allegations that it withheld safety data about the drug Topamax.


It is noteworthy that in this much smaller current settlement, two admittedly relatively low-level executives had to pay fines amounting to 4% of what the company had to pay. This is unusual.  Usually corporate executives escape any negative consequences, even in cases involving large amounts of money or possible harm to many patients.  If last week's settlement were to have imposed proportionate fines on executives, those fines would have totaled $100 million

The latest settlement does seem to follow the usual pattern: relatively small time individual offenders pay a penalty, while very rich and powerful individual offenders avoid all penalties. (For example, look here to see how one US prosecutor handled the case of Aaron Swartz versus the cases of misdeeds by big corporations)   Impunity by rich and powerful leaders of big organizations, and failure to enforce laws broken by such people is a very old story in American history, but that pattern was interrupted briefly after the great depression through the 1970s.  Now impunity for the rich and powerful is back, and maybe that is why 43% of the American population think our health care system is corrupt (look here).


Of course, the current settlement involved no admissions of wrongdoing.  Like most legal actions against big health care organizations, it is thus paradoxical.  Fines are paid, but at least on paper, not because of any wrongdoing.  So what were the penalties for?  Who knows?  But allowing a settlement without an admission of wrongdoing allows the next settlement to be made as if it were dealing with an isolated problem. 

As we mentioned in our last post on Johnson and Johnson, the latest settlement should be added to an increasingly  long list of the company's legal woes, often involving allegations and evidence of other unethical actions, sometimes involving guilty pleas to charges of such actions (see compilation of the record through July, 2013 here.)  Yet each settlement or action seems to take place in a vacuum, with no attention to what appears to be the company's record of ethical recidivism.  Of course, since nearly every action eschewed admissions of wrongdoing, on paper, there was no legal record of recidivism.  The whole situation is becoming so absurd that Jon Stewart on the Daily Show parodied the ability of Johnson and Johnson, and other big corporations, to escape any meaningful negative consequences of their actions.

The Daily Show
Get More: Daily Show Full Episodes,The Daily Show on Facebook

As quoted on the Wrap

'Holy sh**t. They knowingly bribed doctors to give useless drugs to old people, the disabled and babies,' a stunned Stewart said. 'You’re not even allowed to do that in ‘Grand Theft Auto.''

When these issues start becoming subjects of popular parody, maybe I can entertain a tiny hope that something might be done.

 Conclusion

So I get to say again, again again...  many of largest and once proud health care organizations now have recent records of repeated, egregious ethical lapses. Not only have their leaders have nearly all avoided penalties, but they have become extremely rich while their companies have so misbehaved.

These leaders seem to have become like nobility, able to extract money from lesser folk, while remaining entirely unaccountable for bad results of their reigns. We can see from this case that health care organizations' leadership's nobility overlaps with the supposed "royalty" of the leaders of big financial firms, none of whom have gone to jail after the global financial collapse, great recession, and ongoing international financial disaster (look here). The current fashion of punishing behavior within health care organization with fines and agreements to behave better in the future appears to be more law enforcement theatre than serious deterrent.  As Massachusetts Governor Deval Patrick exhorted his fellow Democrats, I exhort state, federal (and international, for that  matter) law enforcement to "grow a backbone" and go after the people who were responsible for and most profited from the ongoing ethical debacle in health care.

As we have said before, true health care reform would make leaders of health care organization accountable for their organizations' bad behavior.

Roy M. Poses MD on Health Care Renewal 

EHR Pastel Madness: Cognitive Overload in Critical Care

It's hard to find public postings that show the crazy and dangerous complexity of EHR interfaces, but I found a presentation at http://www.uiowa.edu/~medtest2/picis/vo_picis.pdf (PDF slide presentation) that demonstrates ths problem well.

These are from a 2006 training presentation on an EHR for Critical Care , where doctors and nurses really don't have the time to wade through complexity like this.   

I can honestly and in fact, with great vigor, opine I would not have wanted to use a tool like this when I was working in intensive care units.  And I'm a Medical Informatics specialist x 21 years...


EHRs have not changed much; in fact with the higher commodity (cheap) screen resolutions available in 2013 compared to 2006, the problem is worse.

Some sample screens:

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

Click to enlarge

And there's more where these came from at the link above.

Insane, in my view, to subject busy, stressed out clinicians to a pastel nightmare like this. 

(And that's assuming the application doesn't lose or corrupt data.)

This is not to single out this particular seller.  Other EHR sellers' products are similarly visually and operationally complex.

But, if you, the reader, like these and think, the more that can be packed in the merrier, bring it on, that's fine with me.  It's your life and limb.

Actually, not - because my life and limb are at risk, too.

See the entire presentation for more.

-- SS

Healthy Hair on Youtube: KinkyStyles1980

It has been a while since I put up a "Healthy Hair on Youtube" post.  Well here is one featuring a Type 4 natural I just recently discovered - KinkyStyles1908. This past August she did a length check upon becoming 3 years natural. Her growth and length retention are impressive considering that she is only a couple inches from waist-length.  Her regimen consists of various protective styles (twists and mostly braid extensions).  Check out her hair below and view her other videos for more details about her hair care routine.

Study || Oil Pulling + Oral Health

Oil pulling is an old Ayurvedic practice that consists of gargling with (or holding a mouthful of) oil for several minutes to detoxify the body thus eliminating many health issues.  Some of us have heard about it.  Some of us practice it.  But is there any research that shows its efficacy against health issues?  Well, while I could find nothing concerning the effectiveness of oil pulling against migraines, diabetes, asthma, and many other claimed health benefits, I did find a study involving oral health.

This study was conducted back in 2008 with the use of sesame oil, to be exact, and 10 minutes of gargling daily for two weeks.  So what was the conclusion?  Oil pulling prior to brushing was effective in reducing bacteria related to tooth decay (specifically the Streptococcus mutans that was found in plaque).  Thus, oil pulling can be used "as a preventative home therapy to maintain oral health" [1].

SOURCES:
EFFECT OF OIL PULLING ON S. MUTANS COUNT IN PLAQUE ... (2008)
A REVIEW OF OIL PULLING AND OTHER HOLISTIC APPROACHES TO ORAL HEALTH (2011)

How Manipulated Clinical Evidence Could Distort Guidelines - the Case of Statins for Primary Prevention

The new American College of Cardiology (ACC)/ American Heart Association (AHA) guidelines on the primary prevention of cardiovascular disease, which we discussed here, continue to generate controversy. 

Articles in the media and online-first in medical journals underscored some of the issues we discussed before.  Jeanne Lenzer, in a news article in the British Medical Journal, found that the chair of the guideline panel had important past conflicts of interest that were not previously disclosed.(1)  The chair denied their significance (look here).   Guideline panel members continued to justify their efforts, but in my humble opinion, raised no new evidence or logic to support it (look here  and here)

Bigger Questions about the Validity of the Clinical Evidence

However, several new articles suggested the need for a deeper look at one particular aspect of this case, the validity of the evidence from clinical research about the benefits and harms of statins for primary prevention.

JAMA published a summary of the Cochrane review that provided a basis for the guideline developers' confidence in the worth of statin therapy in primary prevention.(2)

results suggest that the benefits of statin therapy outweigh serious life-threatening hazards.

However, almost as an aside, it noted,

Some trials included participants with CVD, but rather than exclude these trials, we included trials that contained 10% or fewer participants with documented CVD.

Primary prevention in this case is defined as prevention for patients without existing cardiovascular disease.  There is evidence that statins may well have benefits that outweigh harms when given to patients with known cardiovascular disease, particularly documented coronary artery disease (CAD).  Mixing such patients in any numbers into "primary prevention trials" would likely exaggerate the benefits of statins.  Yet such not quite primary prevention studies were included in a systematic review of primary prevention. 

In addition, a commentary by one of the guideline developers defending the group's work also underscored the fact that many of the supposedly primary prevention trials they used as evidence were not pure primary prevention trials.(3)

Notably, the 2013 cholesterol guideline cut points were derived from the placebo rates for myocardial infarction, stroke, and cardiovascular disease death observed in the 3 exclusively primary prevention statin trials, Air Force/Texas Coronary Atherosclerosis Prevention Study (AFCAPS/TexCAPS), Management of Elevated Cholesterol in the Primary Prevention Group of Adult Japanese (MEGA) study, and the Justification for the Use of Statins in Primary Prevention: an Intervention Trial Evaluating Rosuvastatin (JUPITER).[4-6]

The wording again suggests that all the other trials used as evidence about primary prevention were NOT "exclusively primary prevention studies," and hence, as I noted above, may have been biased so that they would likely exaggerate the apparent benefits of statins in primary prevention.

This suggested to me that the systematic review that provided a basis for the guidelines' aggressive recommendations about statins for primary prevention, and the trials on which it was based needed further skeptical, critical reviews.

The Cochrane Review: Was Evidence about Statin Benefits vs Harms Manipulated?

We have frequently discussed the manipulation of clinical research.  By that we have meant design, implementation, analysis or dissemination of research in ways likely to further vested interests.  In particular, when drug, biotechnology and device companies sponsor and control clinical research on their own products, they may set up the research in ways likely to make their products look better than they actually are.  

We looked through the most recent Cochrane review of statins for primary prevention(7) with a skeptical eye out for suggestions that the trials reviewed could have been so manipulated.  We found quite a bit.

First, we found that not all trials reported on the "hard" outcomes that one needs to consider when evaluating benefit vs harm of statins in primary prevention.

Data on all-cause mortality were provided in 11 trials.[of 19, and hence missing in 8].

And,

 Twelve trials provided data on adverse events.[and hence 7 did not.]

 Also, data on specific adverse events was often not reported: myalgia and rhabdomyolysis were reported in only 9/19 trials; new onset diabetes mellitus in only 2/18; hemmorhagic stroke in only 2/19; abnormal liver tests in only 10/19; kidney dysfunction in only 4/19; arthritis in only 2/19, and by implication, cognitive dysfunction in 0/19.  

  Failure to look for all the possible bad outcomes of treatment could obviously bias the study in the direction of minimizing the harms of the treatment.

A substantial number of trials either failed to report on crucial aspects of their methods, or admitted to flaws that could have induced important biases.: 3/19 did not described randomization methods; 4/19 did not use double-blinding; 6/19 did not use intention to treat analysis; 7/19 did not report their drop-out rates.

So it is very surprising to me that the authors concluded,

In general there was low risk of bias ... though all trials were either fully or partially funded by pharmaceutical companies.

In my humble opinion, the Cochrane review showed many trials that had flaws could have biased their outcomes, and hence the outcomes of the overall review.  Some of the flaws clearly could have lead to biases that would have made statins look more efficacious, or less dangerous than they might actually be.  I do not understand the conclusion that the risk of bias was slow, and the lack of discussion about the direction the bias could have taken.

 Review of the "3 Exclusively Primary Prevention Statin Trials"

Given the Cochrane review's apparent lack of skepticism about methodologic problems in the industry funded statin prevention trials, I endeavored to take a closer look at the three trials that Dr Robinson held out as the real primary prevention trials.  Instances of manipulation, as we defined it above, for each trial are described below

AFCAPS/ TexCAPS(4)

Narrow Patient Population - This study excluded many patient for whom the statins were not contraindicated or warned against: uncontrolled hypertension; type 1 or type 2 diabetes mellitus on insulin or with a HgBA1C at least 10%; and body weight more than 50% "desirable limit for height."  (Based on the official contraindications and warnings for commonly used statins, e.g., see contraindications for Lipitor here, active liver disease, pregnancy for likely to become pregnant, nursing mothers, hypersensitivity to the medicine; and warnings: use of cyclosprine or strong CYP3A4 inhibitors, uncontrolled hypothyroidism, renal impairment.)  Thus the results may not generalize to many patients who would otherwise be considered statin candidates.  By excluding such patients, the results may bias the study towards minimizing the probabilities of harms that might occur were statins used on a wide population for primary prevention.

Unknown Randomization and Allocation Concealment Procedures - According to the Cochrane Review, the study report did not explain how randomization or allocation concealment were accomplished.  

Early Termination/ Multiple Comparisons - The study was terminated early based on an early look at the number of outcome events.  Two such early or interim analyses were planned.  Taking multiple looks at the data over time raises a multiple comparisons problem, and may lead to exaggerating the benefits of the treatment.(8). Furthermore, stopping early decreases the sample size and hence the power to find adverse effects of treatment.

Implausible Dropout Rate, Missing Data - According to the Cochrane Review, the study reported no dropouts.  This seems somewhat improbable, suggesting skepticism about the accuracy and completeness of the data collection.  On the other hand, a study chronology suggests that of 6605 patients who started the study, 6540 had data on complete endpoint status, suggesting missing data.  Since dropouts and missing data may be due to different reasons in different arms of the study, they threaten the validity of data about benefits and harms.  

Adverse Effects not Reported - The study provided no data about development of diabetes, hemmorhagic stroke, kidney dysfunction, arthritis, or cognitive dysfunction, suggesting incomplete data about harms, and hence bias towards minimizing harms.    

MEGA (5)

Narrow Patient Population -  [The patient population was not described in the main report, but only in an earlier methods article.](9)  The study excluded patients with congenital or rheumatic heart disease; chronic atrial fibrillation, current diagnosis of malignancy; poorly controlled hypertension or diabetes mellitus; current use of oral or parenteral corticosteroids; and other conditions at the discretion of the physician.  These exclusions seem unrelated to the contraindications or warnings on the stain label.  Again, such a narrow patient population reduces the generalizability of the study results, and may bias the study to minimizing the harms of statins.

Only Single Blind - This was an open-label study, so patients and physicians knew who got statins and who got placebo.  Such knowledge could have biased patient management, including how diligently particular diagnoses and outcomes were pursued, and biased data collected from patients or physicians.

Adverse Effects Not Reported - The study provided no data about diabetes, hemmorhagic stroke, kidney dysfunction, arthritis, or cognitive dysfunction, again suggesting bias towards minimizing harms.  

JUPITER(6)

Narrow, Unusual Patient Population - The study was limited to patients without hyperlipidemia but with an increased C-reactive protein.  Thus it is not clear that its results would generalize to a more typically defined primary prevention population.  The study excluded patients receiving post-menopausal hormone-replacement; with diabetes; uncontrolled hyertension; cancer other than non-melanoma skin cancer within 5 years; recent history of drug or alcohol abuse; "another medical condition that might compromise safety or the successful completion of the study;" also patients with "inflammatory conditions such as severe arthritis, lupus, or inflammatory bowel disease...;" and also "patients taking immunosuppressant agents such as cyclosporine, tacrolimus, azathioprine, or long-term oral glucocorticoids."  Again, this narrow patient population would reduce generalizability and bias towards minimizing harms.

Early Termination/ Multiple Comparisons - This study was terminated early after an early look at the data.  Allowing for multiple looks at the data may exaggerate efficacy.  

Implausible Dropout Rate - According to the Cochrane Review, the study had no dropouts.  This value seems implausible, again suggesting data collection problems.  

Adverse Effects Not Reported - The study provided no data about hemmorhagic stroke, arthritis, or cognitive dysfunction, again suggesting bias towards minimizing harms.  [Revised December 9, 2013 - see comment below by Marilyn Mann.]

Summary

Aspects of the continuing controversy over the new ACC/ AHA guidelines for statins in the primary prevention of cardiovascular disease hinted that the clinical trials which provided the evidentiary basis for the guidelines, and for the use of statins in primary prevention in general, was more flawed than is widely appreciated.  The latest Cochrane Collaboration review of this data acknowledged multiple, important flaws affecting most of the studies.  Our more detailed review of the three studies held out as the purest found additional flaws.  Many of these flaws seemed likely to bias the studies towards exaggerating the efficacy and/or minimizing the harms of statins in primary prevention.  Since all these trials were funded, and presumably influenced by pharmaceutical companies that make statins, these flaws seem to be examples of manipulation of the clinical evidence.  Rather than being the result of simple mistakes, or inevitable trade-offs, they seem to be study features intended the support the vested interests of the study sponsors.

It is not clear why the Cochrane review did not temper its conclusions based on the flaws in the studies, and particularly by the possibility that these flaws represented study manipulation.  

The multiple flaws, possibly due to study manipulation, in the clinical evidence about statins in primary prevention suggest that we should be extremely skeptical about whether the benefits of such treatment outweighs its harms, and hence about whether the recommendations in the latest guidelines to give statins to all patients predicted (but perhaps not accurately) to be at even slightly elevated risk are warranted.

The flaws in multiple large studies of a very common clinical problem, and their effects on systematic reviews and clinical practice guidelines suggest that suppression and manipulation of research are rife in medicine and health care, presumably fueled by the pervasive web of conflicts of interest that spans health care.  We need extreme skepticism about the integrity of clinical research, especially research sponsored by those whose products and services are being studied, and who thus have vested interests in the research turning out to make their products and services look good.  

The good news is that we may not have to look too far to find ways to improve the trustworthiness of guidelines and the soundness of medical decision making.  Implementation of the Institute of Medicine's recommendations on reducing conflicts of interest (look here), and developing trustworthy guidelines (look here) might lead to the development of sound guidelines in the future.  

Furthermore, while endless discoveries of manipulated and suppressed research may have lead some evidence-based medicine advocates to despair, our latest exercise suggests that the principles of evidence-based medicine, unflinchingly applied, could really do good.  Review of the three statin studies above based on standard principles of critical review readily spotted the multiple signs of manipulation.  The problem with the Cochrane review was not that it missed these signs.  Rather, the reviewers for some reason noted most of them, but then did not react.  If systematic reviews were done with sufficient skepticism about the possibility of manipulation of clinical research, and were willing to call out when the emperor seemed short on fabric, then a lot of mischief could be avoided.  


References

1.  Lenzer J. Majority of panelists on controversial new cholesterol guideline have current or recent ties to drug manufacturers.  Brit Med J 2013.  Link here. 

2.  Taylor FC, Huffman M, Shah E. Statin therapy for primary prevention of cardiovascular disease.  JAMA 2013.  Link here.  

3.  Robinson JG.  Accumulating evidence for statins in primary prevention.  JAMA 2013;  Link here.

4.    Downs  JR, Clearfield  M, Weis  S,  et al; for the AFCAPS/TexCAPS Research Group.  Primary prevention of acute coronary events with lovastatin in men and women with average cholesterol levels: results of AFCAPS/TexCAPS. JAMA. 1998;279(20):1615-1622. Link here. 
5.  Nakamura  H, Arakawa  K, Itakura  H,  et al; MEGA Study Group.  Primary prevention of cardiovascular disease with pravastatin in Japan (MEGA study): a prospective randomised controlled trial. Lancet. 2006;368(9542):1155-1163. Link here.

6.  Ridker  PM, Danielson  E, Fonseca  FA,  et al; JUPITER Study Group.  Rosuvastatin to prevent vascular events in men and women with elevated C-reactive protein. N Engl J Med. 2008;359(21):2195-2207. Link here. 

7.  Taylor F,  Huffman MD, Macedo AF et al.  Statins for the prevention of cardiovascular disease. Cochrane Library 2013.  Link here.

8. Mueller PS, Montori VM, Bassler D et al.  Ethical issues in stopping randomized trials early because of apparent benefit.  Ann Intern Med 2007; 146: 878-881.  Link here.  

9.  Management of Elevated Cholesterol in the Primary Prevention Group of the Adult Japanese (MEGA) Study Group.  Design and baseline characteristics of a study of primary prevention of coronary events with pravastatin among Japanese with mildly elevated cholesterol levels.  Circ J  2004; 68: 860-867.  Link here.