Like many of you, I made the annual pilgrimage to the HIMSS Conference last month but I didn’t write much publicly about it (I mostly wrote private analyst reports for specific clients). There’s so much noise at such a big conference that I like writing about HIMSS gatherings after a little time has passed and I can discuss the market landscape with vendors outside the craziness of the conference. Here’s what I learned while I was in Vegas and my takeaways for the rest of the year.
Major developments in Health IT for the rest of 2012
It was discussed a lot in the educational sessions and vendors didn’t talk about it much, but the new realities of complex business models (like PCMH and ACOs) mean that standardization of clinical workflows won’t really be possible for a while. The open secret is that most EHRs are not up to the task of handling the complexities of new business models, though. I believe the big shift to cloud computing and mHealth will mean that smaller and more nimble “apps” (both web based and mobile) will start to shoulder more of the burdens that are being thrown in by new business models. When you add more services (like smaller cloud apps and mHealth apps) more and more orchestration across services and apps is necessary (not larger apps). The common wisdom is that there will be fewer EHRs as consolidation occurs but that’s not going to happen – interfacing, interoperability, and real service based platforms will be created that can handle the next level of more sophisticated requirements. We’ll move from basic record keeping and document management to more refined patient management, patient engagement, social electronic health records, and collaboration-driven software. The older vendors will start to hear the collaboration siren songs and jump on board pretty quickly.
How the role of EHRs will change
The best EMRs will be those that become the central “dashboard” around the most complex healthcare workflows and begin to really become “coordinators” amongst multiple systems instead of a monolithic application. Clinicians really need to understand that their EHRs need to be their patients’ social health record and relationship management system and not just their chart management system. The role of the EMR must and will change to being the patient-centric collaboration and engagement driver and will just happen to store documents, charts, and MU records as a byproduct. When retrospective documentation becomes a byproduct of more collaborative care systems then we all win.
Developments in coordinated care
I’m not sold on coordinated care technologies “writ large” – the problem is that the government and vendors are making it sound as if this is the first time care has been coordinated. In reality, care has always been (at least minimally) coordinated in the physical realm – e.g. referrals have been used to coordinate care for decades. The level of technology coordination and the amount of measurements that have always been tough to define, implement, and secure continue to remain just as difficult. The good news is that we’re all in agreement that we need to coordinate care; the bad news is that we don’t really know what that means but we’re seeing vendors say they have systems that support it (which means they’re either misleading customers or they don’t know what they’re talking about). Care coordination is about clinical integration as opposed to record sharing and we have a long way to go to really implement seamless coordination even though we have the basic technologies available to do so now (the basic technologies are social media, e-mail, and the web, not EHRs).
Security challenges need more thought and attention
The privacy rules are getting tighter and tighter but the relationships between care providers are expanding farther and deeper. For example, now all IT vendors that used to be just contractors are in some respects HIPAA business associates – there are tons of implications for vendors that they’ve not started to grasp yet. Also, think about PCMH and ACOs – they create new business relationships and care models that create significant headaches for security professionals. The healthcare world, while it’s getting more complicated, wants to get more secure at the time and it’s not reasonable to think you can make business models more complex and at the same time have more security – something’s going to give.
Don’t think HIPAA means security
At HIMSS people kept tying security and HIPAA – as I reminded my readers last year, HIPAA is not really a security standard – it’s a compliance framework and provides general guidance. I continue to recommend that organizations expand their focus from HIPAA when constructing their healthcare security policy, and model their documents off of NIST (National Institute of Standards and Technology) and other resources. NIST actually provides measures, security controls, risk frameworks, and standards that can be followed. If you follow general NIST guidelines and have really secure systems based on NIST suggestions then meeting HIPAA regulations are a piece of cake.
Biggest HIT-related and healthcare changes that physicians should prepare for
HIPAA 5010, ICD-10, and MU Phase 1/2 will keep everyone busy; start to worry about converting all your vendors into HIPAA business associates and become experts at data integration and connecting multiple software systems. Forget your focus on vertical (e.g. EHR) applications and start to focus on best of breed, smaller apps, and integrating multiple apps.
Role of payers in setting technology solution standards
The role of payers in setting technology standards is growing and will be significant and consequential – in fact, without the payers driving the train nothing will really happen. Now that Medicare has taken the lead, the big payers will be right behind. The beneficiaries of ACOs are likely to first be payers, not just patients. I’ll be writing more about this in the future.
Now that we’ve had a month to think about it, what is your follow up advice from the HIMSS’12 Conference? Drop me a note below.