Wednesday, 30 March 2016

Medstar Health CEO basically admits EHRs are unnecessary after hackers take out its HIT

Medstar Health CEO basically admits EHRs are unnecessary after hackers take out its HIT

It's corporate spin, of course, but that's the plain meaning of what he says:

http://baltimore.cbslocal.com/2016/03/29/medstar-paralyzed-as-hackers-take-aim-at-another-us-hospital/
For a second day, the region’s second-largest health care system deals with a crippling computer virus. MedStar Health says it is making progress, but WJZ is learning some patients are still feeling the effects.

... Despite the challenges affecting MedStar Health’s IT systems, the quality and safety of our patients remains our highest priority, which has not waned throughout this experience. Fortunately, the core ways in which we deliver patient care cannot be altered, manipulated or harmed by malicious attempts to disrupt the services we provide [that is, by taking down the EHRs -ed.],” Stephen R.T. Evans, MD, executive vice president, Medical Affairs and chief medical officer, MedStar Health. “Our ability to serve our patients and their families depends first and foremost on our caregivers, and their expert knowledge and compassion focused on each patient.”

He likely does not realize just how correct his spin actually is.

-- SS

3/30/2016 Addendum:

This is not the first time for EHR outages at MedStar.

As in my May 16, 2015 post "Another day, another EHR outage: MEDSTAR EHR goes dark for days" at http://hcrenewal.blogspot.com/2015/05/another-day-another-ehr-outage-medstar.html, I cited Politico. 

The doctor's observation I highlighted below is of interest.

4/9/15
http://www.politico.com/morningehealth/0415/morningehealth17818.html

MEDSTAR EHR GOES DARK FOR DAYS: MedStar’s outpatient clinics in the D.C. and Baltimore area lost access to their EHRs Monday and Tuesday when the GE Centricity EHR system crashed. The system went offline for scheduled maintenance on Friday and had come back on Monday when it suffered a “severe” malfunction, according to an email from Medstar management that was shared with Morning eHealth.

“All of a sudden the screens lit up with a giant text warning telling us to log off immediately,” a doctor said. “They kept saying it would be back up in an hour, but when I left work Tuesday night it was still down.”

This doctor told us that the outage was “disruptive and liberating at the same time. I wrote prescriptions on a pad for two days instead of clicking 13 times to send an e-script. And I got to talk to my patients much more than I usually do.

But of course we didn’t have access to any notes or medication history, and that was problematic.” MedStar notified clinicians in the email that any information entered in the EHR after Friday was lost.

-- SS
Baca selengkapnya
Bad health IT at Medstar Health: FBI probing virus behind outage (And: ka-ching! ka-ching!  EHR costs continue their upward spiral)

Bad health IT at Medstar Health: FBI probing virus behind outage (And: ka-ching! ka-ching! EHR costs continue their upward spiral)

Once again, a definition of bad health IT:

Bad Health IT ("BHIT") is defined as IT that is ill-suited to purpose, hard to use, unreliable, loses data or provides incorrect data, is difficult and/or prohibitively expensive to customize to the needs of different medical specialists and subspecialists, causes cognitive overload, slows rather than facilitates users, lacks appropriate alerts, creates the need for hypervigilance (i.e., towards avoiding IT-related mishaps) that increases stress, is lacking in security, compromises patient privacy or evidentiary fitness, or otherwise demonstrates suboptimal design and/or implementation. (http://cci.drexel.edu/faculty/ssilverstein/cases/)

I observed bad health IT leading to HIT compromise, hospital chaos and paying of a ransom demand at my Feb. 18, 2016 post "Hollywood Presbyterian Medical Center: Negligent hospital IT leaders allow hacker invasion that cripples EHRs, disrupts clinicians ... but patient safety and confidentiality not compromised" at http://hcrenewal.blogspot.com/2016/02/hollywood-presbyterian-medical-center.html.

It's happened again, at least with regard to publicly-disclosed stories (there is no requirement for hospital disclosure, more on that below).

FBI probing virus behind outage at MedStar Health facilities - AP
By JACK GILLUM, DAVID DISHNEAU and TAMI ABDOLLAH March 28, 2016 10:04 pm
http://wtop.com/consumer-tech/2016/03/fbi-probing-virus-behind-outage-at-medstar-health-facilities/


WASHINGTON (AP) — Hackers crippled computer systems Monday at a major hospital chain, MedStar Health Inc., forcing records systems offline for thousands of patients and doctors. The FBI said it was investigating whether the unknown hackers demanded a ransom to restore systems.

A computer virus paralyzed some operations at Washington-area hospitals and doctors’ offices, leaving patients unable to book appointments and staff locked out of their email accounts. Some employees were required to turn off all computers since Monday morning.

A law enforcement official said the FBI was assessing whether the virus was so-called ransomware, in which hackers extort money in exchange for returning a victim’s systems to normal. The official spoke on condition of anonymity because the person was not authorized to discuss publicly details about the ongoing criminal investigation.


Not discussed is corporate accountability for deficient IT security.

“We can’t do anything at all. There’s only one system we use, and now it’s just paper,” said one MedStar employee who, like others, spoke on condition of anonymity because this person was not authorized to speak to reporters.

I note that if the cybernetic pundits were listened to, patients would now be considered at deadly risk due to paper records being used - not due to critical IT infrastructure being hacked and disabled.  Yet it's impossible to disable paper charts en masse.

MedStar said in a statement that the virus prevented some employees from logging into systems. It said all of its clinics remain open and functioning and there was no immediate evidence that patient information had been stolen.

These must be honest thieves.

Of course, we hear the "patient care has not been compromised" line once more (http://hcrenewal.blogspot.com/search/label/Patient%20care%20has%20not%20been%20compromised).

Company spokeswoman Ann Nickels said she couldn’t say whether it was a ransomware attack. She said patient care was not affected and the hospitals were using a paper backup system.

The absurdity of this claim is that if patient care is not affected by returning to paper, then why did the hospital invest hundreds of millions on EHRs?

(Considering a increasing evidence base of clinician distraction and disaffection e.g., the Jan. 2015 Medical Societies letter to ONC as at http://hcrenewal.blogspot.com/2015/01/meaningful-use-not-so-meaningul.html, EHR-related errors, many of which would likely not occur under a well-staffed paper system e.g., as at http://hcrenewal.blogspot.com/2014/04/fda-on-health-it-risk-reckless-or.html, and plentiful security breaches e.g., the many posts at http://hcrenewal.blogspot.com/search/label/medical%20record%20privacy, I would also ask if patient care is in fact improved by the return to paper [1].)

When asked whether hackers demanded payment, Nickels said: “I don’t have an answer to that,” and referred to the company’s statement.

Dr. Richard Alcorta, medical director for Maryland’s emergency medical services network, said he suspects it was a ransomware attack. He said his suspicion was based on multiple earlier ransomware attempts on individual hospitals in the state. Alcorta said he was unaware of any ransoms paid by Maryland hospitals or health care systems.

The rather calmly-stated "multiple earlier ransomware attempts on individual hospitals in the state" suggests that

  • Hospitals are being targeted in an organized fashion, and
  • Costs to implement proper security will draw even more capital and resources from direct patient care and from real brick and mortar facilities, such as entire new hospital wings that would cost less than an EHR, to cybernetics of increasingly dubious value.  (Past projected cost benefits are certainly being proven even more naive.)

Terrorism or just plain old crime, the medical driector asks...

“People view this, I think, as a form of terrorism and are attempting to extort money by attempting to infect them with this type of virus,” he said.

God help us if true terrorists get in the act of cybernetically paralyzing hospitals.

Alcorta said his agency first learned of MedStar’s problems about 10:30 a.m., when the company’s Good Samaritan Hospital in Baltimore called in a request to divert emergency medical services traffic from that facility. He said that was followed by a similar request from Union Memorial, another MedStar hospital in Baltimore. The diversions were lifted as the hospitals’ backup systems started operating, he said.

It used to be that patient diversions were due to doctors and nurses having too many sick patients they are caring for.  Here it seems due to doctors having to many sick computers to deliver proper patient care.

MedStar operates 10 hospitals in Maryland and Washington, including the MedStar Georgetown University Hospital, along with other facilities. It employs 30,000 staff and has 6,000 affiliated physicians.

That's a lot of paralysis.

Monday’s hacking at MedStar came one month after a Los Angeles hospital paid hackers $17,000 to regain control of its computer system, which hackers had seized with ransomware using an infected email attachment.

Hollywood Presbyterian Medical Center, which is owned by CHA Medical Center of South Korea, paid 40 bitcoins — or about $420 per coin of the digital currency — to restore normal operations and disclosed the attack publicly. That hack was first noticed Feb. 5 and operations didn’t fully recover until 10 days later.

Hospitals are considered critical infrastructure, but unless patient data is impacted there is no requirement to disclose such hackings even if operations are disrupted.

I won't even comment on why a US hospital is owned by a Korean medical center.  The statement "unless patient data is impacted there is no requirement to disclose such hackings even if operations are disrupted" implies yet another blind spot in the unregulated health IT industry.  Add that to the blindness towards close-calls and actual harms, and you have a field being pushed on the population under penalty by those somewhat deaf, dumb and blind to the downsides.


Computer security of the hospital industry is generally regarded as poor, and the federal Health and Human Services Department regularly publishes a list of health care providers that have been hacked with patient information stolen. The agency said Monday it was aware of the MedStar incident.

All I can hear is "ka-ching! ka-ching!" as the costs to fix the poor computer security in the hospital industry accrues. 

How much will patient care suffer as a result of the diversion of yet more resources to cybernetics?

As I've written before, stories like this support a serious rethinking of the entire healthcare IT hyper-enthusiast movement to whom the considerable downsides (even patient death) are just an unfortunate "bump in the road" (http://hcrenewal.blogspot.com/2012/03/doctors-and-ehrs-reframing-modernists-v.html), or perhaps more accurately, the healthcare IT hyper-enthusiast religion.

-- SS

[1] I've written that paper for many clinical settings, including highly specialized forms as I implemented highly successfully in invasive cardiology (http://cci.drexel.edu/faculty/ssilverstein/cases/?loc=cases&sloc=Cardiology%20story), needs reconsideration, relieving clinicians of clerical work and employing data entry clerks to enter the data.  This would be supplemented by far less expensive document imaging systems for 24/7 availability, and computerized lab results retrieval - the latter with appropriate humans on the receiving end to prevent the "silent silo" syndrome of lab results returned to a computer silo but missed by clinicians due to being very busy and due to unreliable/fatiguing cybernetic alerting.  A lot of workers can be paid for by saving $50 or $100 million on software.

3/30/2016 Addendum:

This is not the first time for EHR outages at MedStar.

As in my May 16, 2015 post "Another day, another EHR outage: MEDSTAR EHR goes dark for days" at http://hcrenewal.blogspot.com/2015/05/another-day-another-ehr-outage-medstar.html, I cited Politico. 

The doctor's observation I highlighted below is of interest.

4/9/15
http://www.politico.com/morningehealth/0415/morningehealth17818.html

MEDSTAR EHR GOES DARK FOR DAYS: MedStar’s outpatient clinics in the D.C. and Baltimore area lost access to their EHRs Monday and Tuesday when the GE Centricity EHR system crashed. The system went offline for scheduled maintenance on Friday and had come back on Monday when it suffered a “severe” malfunction, according to an email from Medstar management that was shared with Morning eHealth.

“All of a sudden the screens lit up with a giant text warning telling us to log off immediately,” a doctor said. “They kept saying it would be back up in an hour, but when I left work Tuesday night it was still down.”

This doctor told us that the outage was “disruptive and liberating at the same time. I wrote prescriptions on a pad for two days instead of clicking 13 times to send an e-script. And I got to talk to my patients much more than I usually do.

But of course we didn’t have access to any notes or medication history, and that was problematic.” MedStar notified clinicians in the email that any information entered in the EHR after Friday was lost.

-- SS


Baca selengkapnya

Friday, 25 March 2016

Will There Ever Be Enough Straws to Break Corporate Health Care Managers' Impunity's Back? - Novartis Settles Yet Again, This Time for Bribing Doctors

Umpteenth verse, same as the first...

As just reported by Bloomberg,

Novartis AG said it agreed to pay $25 million to settle a U.S. Securities and Exchange Commission case that claimed the Swiss drugmaker paid bribes to health professionals in China to increase sales from 2009 to 2013.

In particular,

The SEC detailed a number of Foreign Corrupt Practices Act violations where Novartis employees provided items of value to health-care professionals in China, under the supervision of complicit managers. It also cited examples of how the company improperly recorded as legitimate expenses payments employees made for travel and entertainment, conferences, lecture fees, marketing events, educational seminars and medical studies.

For some vivid examples,

In one example cited in the SEC order on Novartis, a sales representative at the drugmaker’s Sandoz China subsidiary submitted a $1,154 receipt to buy holiday gifts for 25 health-care professionals, which was instead used to pay for their spa and sauna sessions. A regional sales manager approved the purchase, the SEC said.

The SEC order also cited how Sandoz China sponsored 20 health-care professionals to attend a 2009 medical conference in Chicago. During the trip, the company paid for the group’s recreational activities such as a Niagara Falls excursions, $150 in 'walking around' money for their spouses, and cover charges to a strip club. The group was accompanied by a Sandoz China senior manager and other staff, according to the SEC.

So, thus far, the allegations were that Novaris bribed Chinese physicians to use their products, and the bribes includes gifts, travel money, and admission to a strip club.  It is likely that these bribes induced the physicians to unnecessarily or excssively prescribe Sandoz drugs to patients, leading to excess expenses, overtreatment, and quite likely adverse effects that should have been prevented.

As per the Wall Street Journal, and as usually happens in such cases, Novartis was allowed to settle without "admitting or denying the findigs." In the Bloomberg article, a Novartis spokesperson gave the usual vague response,

'The issues raised by the SEC, which relate to our subsidiaries in China and go back as far as 2009, largely pre-date many of the compliance-related measures introduced by Novartis across its global organization in recent years,' Novartis spokesman Eric Althoff said in an e-mailed statement Thursday.

The implication was that the company no longer does these bad things, but did not include a promise not to do them. And, of course, just like in many, many other health care cases, and in many, many other cases involving big, powerful, or influential organizations, no one at a top management level went to jail, or even suffered any negative consequences, even for such sleazy allegations as those in this case.  Finally, partially because the amount of this settlement was so small related to the financial bulk of the company involved, this case was relatively anechoic, only reported in the small items in the business press.

Summary

As we are distracted by bloviating billionaires and other spectacles on the US 2016 campaign trail, we continue to accumulate evidence of the corruption of large health care organizations and the impunity of their leaders.  Yet this evidence remains anechoic, even given the apparent recidivism involved.  For example, it was only in last November that we discussed what were then the latest misadventures by Novartis and its leadership.  At that time, our post included these section headings covering 2014-15:

-  Japanese Health, Labor and Welfare Ministry Found that Novartis Concealed Serious Adverse Effects
- Novartis Executive Pleads Guilty to Bribing Polish Official
- Novartis Subsidiary Sandoz Settles Allegations that it Misrepresented Pricing Data to US Medicaid
- Express Scripts Settles Allegations that it Accepted Kickbacks from Novartis
- Novartis Settles US Allegations of Kickbacks to Enhance Sales of Multiple Drugs

Furthermore, in that post we also documented Novartis' previous record.   In March, 2014, we had noted:
- Italian authorities had fined Novartis and Roche for colluding to promote the use of an expensive opthamologic treatment
- the NY Times published interviews with physicians ostensibly showing how Novartis turned them into marketers for the drug Starlix
- Japanese investigators charged Novartis with manipulating clinical research
- Indian regulators canceled a Novartis import license, charging the company with fraud.

Also,  in 2013, Novartis was fined for anti-competitive practices in its marketing of Fentanyl by the European Commission (look here), and in 2011 its Sandoz subsidiary settled allegations of misreporting prices in the US for $150 million (look here)   Other Novartis misadventures from 2010 and earlier appear here.  So Novartis has quite an impressive, if not infamous record of ethical failures.

Yet no Novartis top manager suffered any negative consequences then (although one apparent mid-level company manager at the Polish subsidiary did plead guilty), and all these previous episodes apparently did not suggest a pattern of recidivism to US authorities this time sufficient to attempt to impose any negative consequences on higher level managers.  Meanwhile, Novartis executives continue to be paid handsomely.  The 2015 Novartis executive compensation report listed over 51 million Swiss francs paid

Also, this goes on while large health care companies continue to pay out dizzying amounts to physicians, health care professionals, hospitals and academic institutions, which partially may secure their loyalty.  Novartis, for example, which ProPublica lists as only the 28th biggest payer to physicians, paid out $31.7  million in 2013-14 just to US physicians.    The 2015 Novartis board of directors included Dr Nancy C Andrews, the Dean of the Duke Medical School and Vice-Chancellor for Academic Affairs at Duke University,  Dr Dimitri Azar, Dean of the College of Medicine at the University of Chicago, Illinois, and Dr Charles L Sawyers, a professor and department chair at Weill-Cornell Medical School.   I am unaware that anyone of them have publicly raised any concerns about Novartis' recent misadventures, although I am also unaware whether anyone has publicly asked them such questions. 

No wonder that ordinary US (and other countries' citizens) feel that they are trapped in a hopeless economic situation by rigged systems designed to benefit from the corrupt insiders.  No wonder that someone of them are seeking the protection of some of those powerful insiders.  But I digress...

In terms of health care, as we have said like a broken record (if anyone remembers what that means), or, if you prefer, where every verse is same as the first...

There seems to be increasing recognition that the continuing rise in US health care costs is unsustainable, and that these costs are not buying us good health care.  There are calls to avoid unnecessary, and sometimes harmful care.  Yet there is a persistent disconnect between how continuing dishonest behavior by health care organizations, impunity of their leaders, and lack of accountability by their board members fuel rising costs, shrinking access, and bad outcomes for patients.

To truly reform health care, we will have to at least recognize the causes of the current dysfunction.  Recognizing how health care dysfunction is created by unaccountable, dishonest leadership should lead to true reform that would promote well-informed, honest, accountable leadership that puts patients' and the public's health ahead of personal gain.

Our musical interlude ("second verse, same as the first,") Herman's Hermits, Henry VIII



Baca selengkapnya

Monday, 21 March 2016

There They Go Again - the New England Medical Journal Publishes another Rant, this Time about Power Morcellation

There They Go Again - the New England Medical Journal Publishes another Rant, this Time about Power Morcellation

In 2015, we noted (here and here) that the New England Journal of Medicine seemed to have been reduced to publishing rants about "pharmascolds" who are paranoid about conflicts of interest. Now there they go again....

Background

The sad story about the risks of power morcellation for the treatment of fibroids has received considerable media attention.  The state of play through July, 2014 was described in a series of articles in the Cancer Letter of July 4, 2014. (Look here.)

Uterine fibroids are a common affliction of women.  Their preferred surgical management had changed from open surgery to minimally invasive surgery, sometimes robotically performed, and often incorporating a device called a power morcellator to pulverize the fibroids, allowing the use of small incision.  However, after a patient at the Brigham and Womens' Hospital (BWH) in Boston, part of the Partners Healthcare system, was found to have disseminated sarcoma post power morcellation, most likely because the machine spread tumor cells throughout her abdomen, the US Food and Drug Administration (FDA) issued an advisory against using the procedure morcellation, and despite some controversy, the procedure is now uncommonly used.

The patient so severely affected was Dr Amy Reed, an anesthesiologist at the BWH.  Her husband, a cardiothoracic surgeon at BWH, launched a campaign to reduce the use of power morcellation.  His pursuit of this campaign underlined an important part of the history, 

The use of power morcellation was effectively allowed by the FDA in the absence of any controlled trials meant to assess its safety or efficacy in this context.  The device was deemed moderate risk and approved through the 510(k) process because it appeared similar to previously allowed devices, even though older devices were not used to remove fibroids.  The Cancer Letter quoted Dr David Challoner, who was on a relevant Institute of Medicine (IOM) committee, saying allowing the device on the market was 

one more example of the clearance of a device for a use, not approval, based on predicates already in the market, that is, prior morcellators for other uses

The New England Journal of Medicine Weighs In - with a Special Pleading

Once again, NEJM national correspondent Dr Lisa Rosenbaum had a contrarian view(1).  As we discussed here and here, last year Dr Rosenbaum wrote three commentaries suggesting the importance of conflicts of interest in health care had been overblown, especially with respect to medical journals.

This time, she argued that the FDA overreacted to the tragic case of  Dr Amy Reed. In particular, she was afraid that the risks of power morcellation were exaggerated, and based on poor quality data,

Several experts argued that these risk estimates were too high and that it was riskier to expose 100,000 or so women per year to open procedures rather than laparoscopic ones. Since the rarity of LMS precludes a randomized trial, however, risk estimates had to be based primarily on retrospective case series of varying rigor. Some studies were poorly stratified for risk factors such as age, and others spanned decades during which diagnostic criteria for LMS had changed.

Dr Rosenbaum failed to mention that the lack of good data about the risks of power morcellation stemmed from the lack of any large, well designed randomized controlled trials done to assess its benefits and harms. Of course, since the device's use was allowed by the FDA 510(k) process without any requirement for trial data, there was no incentive for device companies, at least, to do such trials.

Nonetheless, Dr Rosenbaum also argued the benefits of power morcellation were downplayed. 

the benefits of morcellation are largely invisible and thus 'unavailable.' Who sees the women who undergo a minimally invasive procedure, recover quickly, and avoid losing income? What does a pulmonary embolus, a wound infection, or a hemorrhage that didn’t happen look like? You can’t post pictures of these nonevents on social media. But their nonoccurrence is why we ought to be celebrating.

A March 18, 2016 article asked my opinion about Dr Rosenbaum's use of the clinical evidence.

'She talks about the data concerning the possible harms of power morcellation and argues that that data comes from relatively low-quality studies, not randomized, controlled trials, and that it is hard to tell the actual rate of harms, in particular, the dissemination of cancer. On the other hand, Dr. Rosenbaum implies that the benefits of power morcellation are well known.'

'She writes initially that power morcellation allows the treatment of fibroids to be ‘done more efficiently and effectively,’ she later implies that power morcellation is less invasive, leads to quicker recovery, avoids income loss, and furthermore, reduces the likelihood of pulmonary embolus, wound infection, or hemorrhage.'

'However, she doesn’t provide any data about these ostensible benefits. A quick search suggested that there are no good randomized, controlled trials that assessed benefits. Her argument that we have abandoned a beneficial treatment based on poor quality and perhaps exaggerated the data about its harms—that does not seem to be supported by any clear data about its benefits.'

I rendered that opinion on March 18 before I read a Cochrane Collaboration review of minimally invasive surgery versus open surgery for fibroids(2).  However, that review does not seem to contradict my statements above.  The review included some patients who were treated using power morcellation, but apparently did not find any studies that assessed patients treated only with power morcellation with those treated only with an alternative.  Even so, it only included nine studies that enrolled a total of 808 patients.  Thus, I think it is reasonable to say that there have not been any large, well-done randomized controlled trials of power morcellation versus other treatments of fibroids.  Even so, while the review found some advantages for minimally invasive surgery versus open surgery in terms of short-term post-operative pain and length of hospital stay, it did not address pulmonary embolus, wound infection, or hemorrhage directly.  So while Dr Rosenbaum was right to say that the evidence from clinical research about the magnitude and nature of harms of power morcellation was relatively weak, the evidence about its benefits is also weak. Thus, Dr Rosenbaum's argument that the harms have been exaggerated while the benefits were overlooked was based on a logical fallacy, special pleading. 

This special pleading seemed the basis for her claim that

women may suffer more from its [power morcellation's] disuse.

So, as I was quoted by the Cancer Letter,

'The NEJM is perhaps the most prestigious, most highly regarded English-language medical journal in the world,' Poses said. 'It is, in many cases, viewed as the standard for scholarly medical journals. I am a bit surprised that it published a commentary by its own national correspondent that appears to make an argument—about benefits and harms of treatment and policymaking about treatment—that does not have a clear discussion of the data that support or fail to support either the benefits or the harms of the treatment.'

More Arguments, Less Justification

Dr Rosenbaum insisted that her concerns were about the question,

How do you use data to clarify tough trade-offs when the most compelling narratives paint evidence-based reasoning itself as an anathema?

However, she did not demonstrate an approach to policy making on power morcellation that was more evidence-based than what has transpired so far.

In addition, Dr Rosenbaum decried challenges to health care innovation from "the power of tragic stories," and the title of her commentary ("N-of-1 policymaking") suggested that the the FDA approach to power morcellation was based on a single tragic story.  Yet an FDA spokesperson insisted in the March 18, 2016 Cancer Letter article,

The FDA evaluated the available data at the time and determined that it was of sufficient quality and reliability to support our November 14, 2014 decision.


Furthermore, Dr Rosenbaum expressed concerns that power morcellation met its "demise" because of unwarranted concerns about the "greedy corporation," "medicine's corruption," and "industry greed."   Yet she ignored arguments that these concerns were not unreasonable.    

First, the commentary ignored claims that power morcellation procedures were very lucrative, e.g., those in the 2014 Cancer Letter article

'This is a very lucrative procedure.'  [Dr] Noorchashm, [Dr Reed's husband] said.  'The procedure itself bills $30,000 to $50,000, depending on the center.'

Nor did she argue against the assertion in the same article that device companies used political influence to promote their very expensive product,

There is a very strong pressure from the device industry to get into the market quickly.

The device companies have been able to make [the 510(k) process that allowed power morcellation] survive politically over the ensuing 40 years.

Also, Dr Rosenbaum's NEJM commentary failed to counter the assertion by Dr Noorchashm that the device manufacturers concealed the risks of power morcellation.

Device manufacturers clearly knew of the cancer risk.  You can see warnings about malignant tumors in the Ethicon and Karl Storz user manuals.  Clearly, their lawyers had warned them to put them there to avoid liability.  The bottom line is that these manufacturers knew of this hazard, but neither reported it back to the FDA, as would have been the safe and responsible thing to do.(3) 

Finally, according to the March 18, 2016 Cancer Letter article, while Dr Reed has apparently sued the BWH, and Dr Rosenbaum admitted she is on "faculty" at the BWH, neither she, the NEJM, nor the BWH will say whether she is currently being paid by the BWH.  Particularly,

the hospital declined to provide information on Rosenbaum's title and whether she is a full-time faculty member, citing personnel policies.

My response (in the Cancer Letter article) was

'I can see that the hospital would not want to reveal her salary, if in fact she has one, and that has privacy implications,' Poses said. 'But I don’t understand why the hospital would not be able to simply tell you whether or not she is employed there and in what capacity.'

Thus, the latest commentary in the New England Journal of Medicine by National Correspondent Dr Lisa Rosenbaum used special pleading to argue for an expensive medical device with dubious benefits but which no more dubious evidence suggests may cause cancer.  The commentary also decried the device's critics as unreasonably concerned about "greed" and "corruption," even though the device is clearly expensive, there are at least creditable allegations that the device makers used political influence to promote it and concealed its risks, and ironically the commentary itself obfuscated whether Dr Rosenbaum has a major financial relationship to the hospital that is being sued in connection with use of that device there.

Thus, this latest New England Journal of Medicinearticle, like those by the same author in the same journal which we have discussed before (here and here), seems more like a rant in a political blog than a scholarly article in the US' and perhaps the world's most prestigious scholarly medical journal.  What is going on at the NEJM? What has happened to its editorial standards?  Why should it continue to inspire such trust?    

ADDENDUM (22 March, 2016) - See also comments in the 1BoringOldMan blog


References

1.  Rosenbaum L.  N-of-1 policymaking - tragedy, trade-offs, and the demise of morcellation.  N Engl J Med 2016; 374: 986-990.  Link here.
2.  Chittawar PB, Franik S, Pouwer AW et al.  Minimally invasive surgical techniques versus open myomectomy for uterine fibroids. Cochrane Library 2014. Link here.
3.  Dyer O. US surgeon who campaigned against potentially dangerous device receives legal threat.  Brit Med J 2014; 349: g5577.  
Baca selengkapnya

Thursday, 17 March 2016

Criminal matter for the Attorney General of NY?  Hail the gods of medical computing, and the need for human sacrifice.  NYC’s $764M medical records system will lead to ‘patient death’: insiders

Criminal matter for the Attorney General of NY? Hail the gods of medical computing, and the need for human sacrifice. NYC’s $764M medical records system will lead to ‘patient death’: insiders

I believe the suffering and death of my mother in 2010-2011 due to EHR flaws - including but not limited to lack of essential confirmation dialogs on medication deletion at triage, lack of notification messages informing down-line staff of such action by unqualified personnel (inadequate support of teamwork), and other issues - lends me some moral standing to comment on the following as a horrifying and potentially criminal matter.  (See http://khn.org/news/scot-silverstein-health-information-technology/).


Two back-to-back articles appeared in the New York Post:


NYC’s $764M medical records system will lead to ‘patient death’: insiders
By Michael Gartland
March 15, 2016
http://nypost.com/2016/03/15/nycs-764m-medical-records-system-will-lead-to-patient-death-insiders/

and

Hospital exec [CMIO] quits, compares $764M upgrade to Challenger disaster
By Michael Gartland
March 16, 2016
http://nypost.com/2016/03/16/hospital-exec-quits-compares-764m-upgrade-to-challenger-disaster/ 


It is well-known and indisputable that this technology can and does injure and kill, especially when poorly designed, defective, poorly implemented, or all of the above.  See for instance the ECRI EHR risk Deep Dive study results at http://hcrenewal.blogspot.com/2013/02/peering-underneath-icebergs-water-level.html.

Any official in leadership of health IT who denies this - or sidesteps it - or makes excuses for compromises on health IT safety, especially in view of dire warnings from clinician experts - in 2016 is guilty of conduct of the type below:

http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html
What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.

Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.

The two articles reflect a good possibility that the politics of what I'd once termed "cybernetics über alles" has trumped patient safety concerns in NYC.

Here's details from the first article:

A new $764 million medical records system is launching at the municipal hospital system on April 2 — even though insiders warn it isn’t ready and patients will suffer.

The soft launch of the electronic system Epic is scheduled at Elmhurst and Queens hospitals.

“Sooner or later, it will crash,” said one source involved in the project. “There will be patient harm — patient harm and patient death.”

That sounds like insiders warning of far more problems than mere crashes causing patient harm and death, a brave act considering possible retaliation.

I wonder if the users of this EPIC system are having imposed on them the speech and though controls imposed on users at University of Arizona (see my Oct. 3, 2013 post "Words that Work: Singing Only Positive - And Often Unsubstantiated - EHR Praise As 'Advised' At The University Of Arizona Health Network" at http://hcrenewal.blogspot.com/2013/10/words-that-work-singing-only-positive.html).

Sources say Dr. Ramanathan Raju, who runs the municipal network, NYC Health + Hospitals, is under the gun from City Hall to meet the deadline and fears he’ll be fired if he doesn’t.

“Raju has said too many times to count that the Mayor’s Office has told him if April 1st doesn’t happen, then Ram will lose his job,” one source said.

The source added that Raju has threatened to fire top executives if the project doesn’t launch on time.

If this is true, than the "gun" from City Hall is aimed straight at patients, and if patients indeed are mortally affected, the responsible officials might be deemed accessories to murder.

I add that this type of situation represents fundamental and severe mismanagement, as I'd been writing about since the late 1990's at my academic site "Contemporary Issues in Medical Informatics: Good Health IT, Bad Health IT, and Common Examples of Healthcare IT Difficulties" at http://cci.drexel.edu/faculty/ssilverstein/cases/.

The hospital system is already on City Hall’s watch list, having required a $337 million bailout in January to stay afloat. 

Money for EHR's grows on trees.

Note other hospitals where EHR implementations led to financial disaster (e.g., http://hcrenewal.blogspot.com/2014/06/in-fixing-those-9553-ehr-issues.html, http://hcrenewal.blogspot.com/2013/05/clouded-visionary-leadership-wake.html, http://hcrenewal.blogspot.com/2013/06/want-to-help-hospital-go-bankrupt-get.html, http://hcrenewal.blogspot.com/2014/06/100-million-epic-install-dampens.html as examples).

Insiders contend that the only safe way to roll out Epic is to take more time — about three months — to address several key issues.

One is planning for a crash, which some consider almost inevitable because the new setup hasn’t been configured to work with systems at other hospitals or with some of its own internal billing and tracking software.

Existing patient data also has to be transferred from the old system — a process that would normally take six months, but which was shoehorned into less than one.

Going "live" with a half-baked EHR under such circumstances for political reasons, if these facts are true, would be, in my professional opinion, an act worthy of prison time if harm results.

“There are supposed to be all these dry runs,” a source said. “They haven’t been done.”

Again, if true, this reflects expediency at the expense of patient well-being, by rows of political hacks, fools and incompetents calling the shots in an area in which they have no business being involved.

City officials contend Epic remains “on-time and within budget.”

I have a feeling this will be revisited at some time in the future - in court.

A mayoral spokeswoman said there would be a round-the-clock effort to ensure there are no glitches. 

"No glitches?" 

That is a hollow promise that cannot be kept even under the best of circumstances.  Under the hellish circumstances described, such a statement is outright frightening. The Mayor truly has no clue about EHR "glitches", but I offer the many posts at query link http://hcrenewal.blogspot.com/search/label/glitch for his education.

Mr. Mayor, here's an example of EPIC and other EHR implementations under the best of circumstances.  These systems are so immensely complex, trying to be pressure-fit into a vastly complex, varying and changing environment, that to not heed CMIO and other expert warnings is the height of recklessness:


Of course, we are reassured that the crack team assigned the implementation duties will produce stellar results:

“NYC Health + Hospitals and its Epic implementation experts are prepared to implement the new system in Queens facilities beginning April 2, and have assembled a team of about 900 technicians and Epic experts who will work around-the-clock that week both in Queens and at remote data centers to ensure the transition to the new system goes as smoothly as possible,” said spokeswoman Ishanee Parikh.

EPIC experts like these?  From this link at the "Histalk" site on staffing of health IT projects, Aug. 16, 2010. Emphases mine:

Epic Staffing Guide 

A reader sent over a copy of the staffing guide that Epic provides to its customers. I thought it was interesting, first and foremost in that Epic is so specific in its implementation plan that it sends customers an 18-page document on how staff their part of the project. 

Epic emphasizes that many hospitals can staff their projects internally, choosing people who know the organization. However, they emphasize choosing the best and brightest, not those with time to spare. Epic advocates the same approach it takes in its own hiring: don’t worry about relevant experience, choose people with the right traits, qualities, and skills, they say. 

The guide suggests hiring recent college graduates for analyst roles. Ability is more important than experience, it says. That includes reviewing a candidate’s college GPA and standardized test scores. 

I bet many readers were taught by their HR departments to do behavioral interviewing, i.e. “Tell me about a time when you …” Epic says that’s crap, suggesting instead that candidates be given scenarios and asked how they would respond. They also say that interviews are not predictive of work quality since some people just interview well. 

Don’t just hire the agreeable candidate, the guide says, since it may take someone annoying to push a project along or to ask the hard but important questions that all the suck-ups will avoid. 

Epic likes giving candidates tests, particularly those of the logic variety.

The part about "not worrying about relevant experience" and about "hiring recent college graduates as HIT project analysts" is bizarre if true, and downright frightening.

Medical environments and clinical affairs are not playgrounds for novices, no matter how "smart" their grades and test scores show them to be. These practices as described, in my view, represent faulty and dangerous advice on first principles.  The advice also is at odds with the taxonomy of skills published by the Office of the National Coordinator I outlined at the post "ONC Defines a Taxonomy of Robust Healthcare IT Leadership."

The second NY Post article cited above is even more dire:

A senior official was so worried a new $764 million medical records system for the municipal hospital system was launching too early that he resigned, comparing it to the disastrous space shuttle Challenger launch in 1986.

In a “resignation and thank-you” email last week, Dr. Charles Perry urged colleagues at NYC Health + Hospitals — formerly the Health and Hospitals Corp. — to sound the alarm and press for an “external review” to stop the system from going live next month.

Perry was chief medical information officer of Queens and Elmhurst Hospital Centers, the first scheduled to get the new electronic medical data system.

When a CMIO - a role I held in the mid 1990s -  resigns under such circumstances, a project should be halted in its tracks and external examination begun.  Instead, it appears we have spin control.

In his email, Perry offered a comparison to the launch of the Challenger — aboard which seven crew members died when it exploded 73 seconds after liftoff on Jan. 28, 1986 — and cited a presidential panel’s report examining how the disaster occurred.

That is as dire and direct a warning as they come.  Unqualified individuals who second guess such a warning should be held legally accountable for adverse outcomes.

(Such a warning letter about EHRs now sits as "Exhibit A" in the lawsuit complaint regarding my dead mother.  It had not been heeded.)

“For a successful technology, ­reality must take precedence over public relations, for nature cannot be fooled,” Perry wrote in his ­email, quoting from the report.

But fools in leadership roles in health IT think they can fool Mother Nature.

Perry went on to urge a short delay despite “vehement entreaties to make the April 1st date by officials and consultants with jobs and paydays on the line.”

This is exactly how patients end up maimed and dead.

Agency president Dr. Ramanathan Raju has repeatedly told colleagues his job is on the line if the deadline isn’t met, sources said.

Perry, a medical doctor with an MBA, declined to comment.

Maybe Raju should quit, too.  He should know that Discovery over such matters would not be very pleasant, especially if I am assisting attorneys in such matters - which could very well occur.

“He [Perry] took a stand,” said one insider. “He wasn’t going to take part in something that was going to compromise patient safety.”

It's good to know someone in Medical Informatics still has balls.

The idea that we’d jeopardize patients to meet a deadline is simply wrong,” said Karen Hinton, Mayor Bill de Blasio’s spokeswoman.

“If a patient safety issue is identified, the project will stop until it is addressed.

“NYC Health + Hospitals and its Epic implementation experts have assembled a team of about 900 technicians and Epic experts who will work around the clock through the week surrounding the transition in both Queens and at remote data centers to ensure we shift to the new system as smoothly as possible.”

It's been said that one expert who truly know what they're doing will always outperform 1,000 (or 900) generalists following the finest of "process" who are in over their heads (to wit, 900 generic musicians could never exceed the work of Beethoven or Brahms).

In this matter, I take the CMIO's word over the 900 techies and "experts", once having voiced such concerns myself.

-- SS

What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.
Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.
- See more at: http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html#sthash.3YLT7ahF.dpuf

What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.
Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.
- See more at: http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html#sthash.3YLT7ahF.dpuf

What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.
Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.
- See more at: http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html#sthash.3YLT7ahF.dpuf

What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.
Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.
- See more at: http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html#sthash.3YLT7ahF.dpuf

What is Criminal Negligence?

Under some criminal law statutes, criminal negligence is defined as any type of conduct that “grossly deviates” from normal, reasonable standards of an ordinary person.  It generally involves an indifference or disregard for human life or for the safety of people.  Sometimes the definition for criminal negligence also requires a failure to recognize unjustifiable risks associated with the conduct.
Examples of criminally negligent behavior may include knowingly allowing a child to be in very dangerous conditions, or driving in an extremely irresponsible way.  Criminal negligence is less serious than intentional or reckless conduct.  Generally, reckless conduct involves a knowing disregard of risks, while negligence involves an unawareness of the risks.
- See more at: http://www.legalmatch.com/law-library/article/criminal-negligence-laws.html#sthash.3YLT7ahF.dpuf
Baca selengkapnya