News

Certification/MU tweaks to support patient subscriptions

This is a quick description of the minimum requirements to turn patient-mediated “transmit” into a usable system for feeding clinical data to a patient’s preferred endpoints. In my blog post last month, I described a small, incremental “trust tweak” asking ONC and CMS to converge on the Blue Button Patient Trust Bundle, so that any patient anywhere has the capability to send data to any app in the bundle.

This proposal builds on that initial tweak. I should be clear that the ideas here aren’t novel: they borrow very clearly from the Blue Button+ Direct implementation guide (which is not part of certification or MU — but aspects of it ought to be).

Continue reading “Certification/MU tweaks to support patient subscriptions”

Health App Privacy Policies Still Wild Frontier

Apple may have just tightened privacy requirements for developers who build apps on its HealthKit platform. But a broad assessment of the industry, published online last week in JAMIA, found that the iTunes and Google Play stores have a long way to go before such policies are readily discoverable and digestible to app users.

Improving patient access: small steps and patch-ups

In a blog post earlier this month, I advocated for ONC and CMS to adopt a grand scheme to improve patient data access through the SMART on FHIR API. Here, I’ll advocate for a very small scheme that ignores some of the big issues, but aims to patch up one of the most broken aspects of today’s system.

The problem: patient-facing “transmit” is broken

Not to mince words: ONC’s certification program and CMS’s attestation program are out of sync on patient access. As a result, patient portals don’t offer reliable “transmit” capabilities.

2014-certified EHR systems must demonstrate support for portal-based Direct message transmission, but providers don’t need to make these capabilities available for patients in real life. Today, two loopholes prevent patient access:
Continue reading “Improving patient access: small steps and patch-ups”

SMART Advice on JASON (and PCAST)

As architect for SMART Platforms and community lead for the Blue Button REST API, I’m defining open APIs for health data that spark innovation in patient care, consumer empowerment, clinical research. So I was very pleased last month at an invitation to join a newly-formed Federal Advisory Committee called the JASON Task Force, helping ONC respond to the JASON Report (“A Robust Health Data Infrastructure”).

We’re charged with making recommendations to ONC about how to proceed toward building practical, broad-reaching interoperability in Meaningful Use Stage 3 and beyond. Our committee is still meeting and forming recommendations throughout the summer and into the fall, but I wanted to share my initial thoughts on the scope of the problem; where we are today; and how we can make real progress as we move forward.

Continue reading “SMART Advice on JASON (and PCAST)”

It’s About Time: Open APIs Finally Burst onto Healthcare’s Sluggish Scene


Nuviun Blog, June 9, 2014 — Sue Montgomery
In the midst of the struggles that we face with interoperability, efforts that support open API use may well hold the keys to the HIT Kingdom…
READ MORE >

Advisory Committee Kickoff a Success

The SMART Advisory Committee had a high-energy kickoff meeting on May 15. Below are some scenes from the day, which featured presentations by Joshua Mandel and Clayton Christensen as well as demonstrations of apps to be deployed in the near future.
Continue reading “Advisory Committee Kickoff a Success”

Forbes Adds to Advisory Committee News Coverage

Today Forbes published Who’s Who Of Health Care Join Forces For SMART Technology, the latest in recent news coverage of the SMART Advisory Committee launch.

AC-inthenews_5

Other pieces include:
Continue reading “Forbes Adds to Advisory Committee News Coverage”

Aneesh Chopra’s New Book Points to Launch of SMART Project

Aneesh Chopra, America’s first Chief Technology Officer and member of the SMART Platforms Advisory Committee, has published a new book called Innovative State: How New Technologies Can Transform Government. The SMART Project’s kickoff ITdotHealth meeting in 2009 is among the formative events he describes in Chapter 4, “Opening the Playbook.” Here he is seen with Ken Mandl at the Harvard Book Store, where he discussed the book on May 21. A video of the talk is provided by WGBH.

Ken-and-Aneesh-post

Introducing the SMART Advisory Committee

Our new advisory committee, made up of member organizations with strategic interest in transforming how the healthcare enterprise uses data, will play a critical role in guiding the SMART Platform toward broad adoption and use.

Learn more

SMART Advisory Committee

Disturbing state of EHR Security Vulnerability Reporting

Last week I reported on a set of security vulnerabilities that affected multiple EHR vendors and other Health IT systems.

I initially discovered the vulnerability in a single Web-based EHR system and successfully reported it directly to that vendor.

But my subsequent journey into the world of EHR vulnerability reporting left me deeply concerned that our EHR vendors do not have mature reporting systems in place. Patient health data are among the most personal, sensitive aspects of our online presence. They offer an increasingly high-value target for identity theft, blackmail, and ransom. It’s time for EHR vendors to take a page from the playbook of consumer tech companies by instituting the same kinds of security vulnerability reporting programs that are ubiquitous on the consumer Web.

HL7 and EHR Vendors must address security reporting

I’ll lead with the key message here, and provide supporting evidence below: HL7 and EHR vendors need to institute security vulnerability reporting programs!
Continue reading “Disturbing state of EHR Security Vulnerability Reporting”