Sunday, March 21, 2010

Should Personal Health Information Reside in Silos?

Over the past few weeks, I've been engaged in a conversation with an intelligent group of people about whether personal health information (PHI) should reside in disparate "silos" (repositories) that do not communicate with one another, or whether standards should be adopted that "bust" the silos by merging the information into a common warehouse (centralized database) that spans multiple unrelated healthcare organizations, agencies and practices.

Some argued that silo-busting centralization has benefits that include narrowing the number of places the data reside, improved auditability, and the ability trace and report access attempts and actual reads (i.e., "access/read tracing") more effectively than individual computers.

Others (including me) argued that silos have real value, as long at the PHI they contain can be readily and securely shared among "trusted partners," a model which I call "controlled silo-crossing." I proposed a novel and cost-effective way to do this through a federated, node-to-node, publisher/subscriber model we've developed, which is described at this link and elsewhere on this blog. Using this method for controlled silo-crossing provides major benefits, including the following:
  • Minimizes information loss. Busting silos leads to the loss of important information—i.e., data details and terminology/semantic nuances—because "local" data standards unique to different silos are destroyed in favor of "global" data standards required by monolithic centralized systems, as I discuss at this link.
  • Gives PHI control to the owners of that information. Both providers and patients should have their own silos and have control over who is allowed to cross them. That is, patients ought to authorize the individuals and organizations that have the right to obtain their PHI from their own PHRs and from their providers' EHR/EMRs. The authorized parties should: (a) get only information that meaningful/useful to them, (b) have that information delivered to them from any silos in which they reside, and (c) receive that information after it has been translated and transformed for use in their own respective silos. Also, if silos were busted, it presents the thorny issue of who should be in charge (be the boss) of the merged data?
  • Provides strong information security. Personally identifiable PHI in the physical possession of the parties owning and controlling it is inherently more secure than allowing third-party vendors to manage that information in centralized databases residing off-premises. This relates to the issue of "public cloud" security as I discuss at this link.
  • Enables auditing and access/read tracing. Auditing and tracing are handled effectively using node-based software residing in individual computers.
This all raises other questions: Who currently wants to cross silos and why?

Two entities are public health agencies and research (academic) organizations. Two others are Health Information Exchanges (HIEs) and the National Health Information Network (NHIN). They all require PHI from multiple silos to, for example, identify public health emergencies through biosurveillance (e.g., dangerous medications and medical devices, pandemics, bioterrorism, etc.), as well as to develop evidence based practice guidelines.

Another entity that wants to cross silos is healthcare providers who want to give their patients the best possible care by, for example, sharing PHI through patient centered medical homes, which I discuss at this link.

In addition, patients who understand the problems in healthcare would also support silo crossing. For example, anyone knowledgeable about the serious knowledge gap in healthcare—which I discuss at this link—would realize how important it is to have interdisciplinary teams of clinicians, their patients and researchers share information and collaborate to promote ever-better (higher-value, more cost-effective) care, and by having payers offer financial incentives to practices running certified medical homes.

To help realize this vision of controlled silo crossing, we ought to focus on revamping our culture into one in which value (cost-effectiveness) to the consumer is the upmost importance, and in which delivery of such value is a collaborative effort that is highly rewarded. The results, over time, would include:
  • Ever-better personalized evidence-based guidelines for prevention and care that patients and their providers use to improve results and lower costs by reducing waste, fraud, abuse, errors, omissions, ineffectiveness and inefficiencies would be dramatically reduced.
  • Providers would be more effective in diagnosing/testing, treating and preventing health problems in their patients, and would gain financially by doing so.
  • Providers would not have to worry about malpractice suits by following the evidence-based guidelines and offering sound justification for rendering alternate plans of care; this would also lower malpractice insurance premiums and the pressure for wasteful "defensive medicine."
  • Patients/consumers would be better able to manage their own health.
  • Payers would not have to pay for low value (expensive, unbeneficial) procedures and tests.
Bottom line: While centralized databases have their place, controlled silo-crossing is a key strategy for improving our healthcare system.

Discussion continued at this link

1 comment:

sallyhealthcaretech said...

From a patient perspective, I don't like the idea of my personal health information being stored on a static server, or any server for that matter. The only people who should have access to my health information period are me, my family, and my personal healthcare physician. End of story.