Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

Wearables Data May Prevent Health Plan Denials

Posted on August 27, 2015 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @ziegerhealth on Twitter or visit her site at Zieger Healthcare.

This story begins, as many do, with a real-world experience. Our health plan just refused to pay for a sleep study for my husband, who suffers from severe sleep apnea, despite his being quite symptomatic. We’re following up with the Virginia Department of Insurance and fully expect to win the day, though we remain baffled as to how they could make such a decision. While beginning the complaint process, a thought occurred to me.

What if wearables were able to detect wakefulness and sleepiness, and my husband was being tracked 24 hours a day?  If so, assuming he was wearing one, wouldn’t it be harder for a health plan to deny him the test he needed? After all, it wouldn’t be the word of one doctor versus the word of another, it would be a raft of data plus his sleep doctor’s opinion going up against the health plan’s physician reviewer.

Now, I realize this is a big leap in several ways.

For one thing, today doctors are very skeptical about the value generated by patient-controlled smartphone apps and wearables. According to a recent survey by market research firm MedPanel, in fact, only 15% of doctors surveyed see wearables of health apps as tools patients can use to get better. Until more physicians get on board, it seems unlikely that device makers will take this market seriously and nudge it into full clinical respectability.

Also, data generated by apps and wearables is seldom organized in a form that can be accessed easily by clinicians, much less uploaded to EMRs or shared with health insurers. Tools like Apple HealthKit, which can move such data into EMRs, should address this issue over time, but at present a lack of wearable/app data interoperability is a major stumbling block to leveraging that data.

And then there’s the tech issues. In the world I’m envisioning, wearables and health apps would merge with remote monitoring technologies, with the data they generate becoming as important to doctors as it is to patients. But neither smartphone apps nor wearables are equipped for this task as things stand.

And finally, even if you have what passes for proof, sometimes health plans don’t care how right you are. (That, of course, is a story for another day!)

Ultimately, though, new data generates new ways of doing business. I believe that when doctors fully adapt to using wearable and app data in clinical practice, it will change the dynamics of their relationship with health plans. While sleep tracking may not be available in the near future, other types of sophisticated sensor-based monitoring are just about to emerge, and their impact could be explosive.

True, there’s no guarantee that health insurers will change their ways. But my guess is that if doctors have more data to back up their requests, health plans won’t be able to tune it out completely, even if their tactics issuing denials aren’t transformed. Moreover, as wearables and apps get FDA approval, they’ll have an even harder time ignoring the data they generate.

With any luck, a greater use of up-to-the-minute patient monitoring data will benefit every stakeholder in the healthcare system, including insurers. After all, not to be cliched about it, but knowledge is power. I choose to believe that if wearables and apps data are put into play, that power will be put to good use.

Accenture: “Zombie” Digital Health Startups Won’t Die In Vain

Posted on August 24, 2015 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @ziegerhealth on Twitter or visit her site at Zieger Healthcare.

I don’t know about you, but I’ve been screaming for a while about how VCs are blowing their money on questionable digital health ventures. To my mind, their investment patterns suggest that the smart money really isn’t that smart. I admit that sorting out what works in digital health/mHealth/connected health is very challenging, but it’s far from impossible if you immerse yourself in the industry. And given how much difference carefully-thought out digital health tools can make, it’s exasperating to watch failing digital health startups burn through money.

That being said, maybe all of those dollars won’t be wasted. According to no less an eminence grise than Accenture, failing digital health ventures will feed the stronger ones and make their success more likely. A new report from Accenture predicts that these “zombie” startups — half of which will die within two years, it says — will provide talent and technology to their surviving rivals. (OK, I agree, the zombie image is a bit unsettling, isn’t it?)

To bring us their horror movie metaphor, Accenture analyzed the status of 900 healthcare IT startups, concluding that 51% were likely to collapse within 20 months.  The study looked at ventures cutting across social, mobile, analytics, cloud and sensors technologies, which include wearables, telehealth and remote monitoring.

While most researchers try to predict who the winners will be in a given market, Accenture had a few words to say about the zombie also-rans. And what they found was that the zombies have taken in enough cash to have done some useful things, collecting nearly $4 billion in funding between 2008 and 2013.

The investments are part of an ongoing funding trend. In fact, digital health dollars are likely to pour in over the next two years as well, with healthcare IT startups poised to take in $2.5 billion more over the next two years, Accenture estimates. Funding should focus on four segments, including engagement (25%), treatment (25%), diagnosis (21%) and infrastructure (29%), the study found.

So what use are the dying companies that will soon litter the digital health landscape? According to Accenture, more-successful firms can reap big benefits by acquiring the failing startups. For example, healthcare players can do “acqui-hiring” deals with struggling digital health startups to pick up a deep bench of qualified tech staffers. They can pick up unique technologies (the 900 firms analyzed, collectively, had 1,700 patents). And acquiring firms can harvest the startups’ technology to improve their products and services lineups.

Not only that — and this is Anne, not Accenture talking — acquiring healthcare firms get a wonderful infusion of entrepreneurial energy, regardless of whether the acquired firm was booking big bucks or not. And I speak from long experience. I’ve known the leaders of countless tech startups, and there’s very little difference between those who make a gazillion dollars and those whose ventures die. Generally speaking, anyone who makes a tech startup work for even a year or two is incredibly insightful, creative, and extremely dedicated, and they bring a kind of excitement to any company that hires them.

So, backed by the corporate wisdom of Accenture, I’ve come to praise zombies, not to bury them. While they may give their corporate lives, their visions won’t be wasted. With any luck, the next generation of digital health companies will appreciate the zombies’ hard work and initiative, even if they’re no longer with us.

WearDuino Shows That Open Source Devices Are a Key Plank in Personal Health

Posted on August 13, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://radar.oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

New devices are democratizing health. We see it not only in the array or wearable fitness gear that an estimated 21 percent of Americans own (and that some actually wear), but also in innovative uses for mobile phones (such as testing vision in regions that lack doctors or checking athletes for concussions) and now in low-cost devices that are often open source hardware and software. Recent examples of the latter include the eyeSelfie, which lets a non-professional take an image of his retina, and the WearDuino, a general-purpose personal device that is the focus of this article.

WearDuino is the brainchild of Mark Leavitt, a medical internist who turned to technology (as have so many doctors pursuing visions of radical reform in health care). I ran into Leavitt at the 2015 Open Source convention, where he also described his work briefly in a video interview.

Leavitt’s goal is to produce a useful platform that satisfies two key criteria for innovation: low-cost and open. Although some of the functions of the WearDuino resembles devices on the market, you can take apart the WearDuino, muck with it, and enhance it in ways those closed platforms don’t allow.

Traits and Uses of WearDuino
Technically, the device has simple components found everywhere, but is primed for expansion. A small Bluetooth radio module provides the processing, and as the device’s name indicates, it supports the Arduino programming language. To keep power consumption low there’s no WiFi, and the device can run on a cheap coin cell battery for several months under normal use.

Out of the box, the WearDuino could be an excellent fitness device. Whereas most commercial fitness wearables collect their data through an accelerometer, the WearDuino has an accelerometer (which can measure motion), a gyroscope (which is useful for more complex measurements as people twist and turn), and a magnetometer (which acts as a compass). This kind of three-part device is often called a “9-degree of freedom sensor,” because each of those three measurements is taken in three dimensions.

When you want more from the device, such as measuring heartbeat, muscle activity, joint flexing, or eye motion, a board can be added to one of the Arduino’s 7 digital I/O pins. Leavitt said that one user experimented with a device that lets a parent know when to change a baby’s diaper, through an added moisture detector.

Benefits of an Open Architecture
Proprietary device manufacturers often cite safety reasons for keeping their devices closed. But Leavitt believes that openness is quite safe through most phases of data use in health. Throughout the stages of collecting data, visualizing the relationships, and drawing insights, Leavitt believes people should be trusted with any technologies they want. (I am not sure these activities are so benign–if one comes up with an incorrect insight it could lead you to dangerous behavior.) It is only when you get to giving drugs or other medical treatments that the normal restrictions to professional clinicians makes sense.

Whatever safety may adhere to keeping devices closed, there can be no justification on the side of the user for keeping the data closed. And yet proprietary device manufacturers play games with the user’s data (and not just games for health). Leavitt, for instance, who wears a fitness monitor, says he can programmatically download a daily summary of his footsteps, but not the exact amounts taken at different parts of the day.

The game is that device manufacturers cannot recoup the costs of making and selling the devices through the price of the device alone. Therefore, they keep hold of users’ data and monetize it through marketing, special services, and other uses.

Leavitt doesn’t have a business plan yet. Instead, in classic open source practice, he is building community. Where he lives in Portland, Oregon a number of programmers and medical personnel have shown interest. The key to the WearDuino project is not the features of the device, but whether it succeeds in encouraging an ecosystem of useful personal monitors around it.

Live Hack of an Infusion Pump Medical Device

Posted on August 6, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

At the BlackBerry Security Summit, BlackBerry Chief Security Officer David Kleidermacher and Security Expert Graham Murphy showed how easy it is for hackers to take control of a medical device that’s not properly secured. Check out the video below to see the medical device hack:

What a compelling and scary demonstration!

I think most healthcare organizations assume that medical device manufacturers are taking care of securing the medical devices. Or that HIPAA will protect them from all of this. Many take the stance that “ignorance is bliss.” This demo should illustrate to everyone that you can’t leave security of your medical devices to the manufacturer or HIPAA. It takes both the medical device manufacturer and the healthcare organization to make sure a medical device is properly secured.

Doctors, Not Patients, May Be Holding Back mHealth Adoption

Posted on June 24, 2015 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @ziegerhealth on Twitter or visit her site at Zieger Healthcare.

Clearly, mHealth technology has achieved impressive momentum among a certain breed of health-conscious, self-monitoring consumer. Still, aside from wearable health bands, few mHealth technologies or apps have achieved a critical level of adoption.

The reason for this, according to a new survey, may lie in doctors’ attitudes toward these tools. According to the study, by market research firm MedPanel, only 15% of physicians are suggesting wearables or health apps as approaches for growing healthier.

It’s not that the tools themselves aren’t useful. According to a separate study by Research Now summarized by HealthData Management, 86% of 500 medical professionals said mHealth apps gave them a better understanding of a patient’s medical condition, and 76% said that they felt that apps were helping patients manage chronic illnesses. Also, HDM reported that 46% believed that apps could make patient transitions from hospital to home care simpler.

While doctors could do more to promote the use of mHealth technology — and patients might benefit if they did — the onus is not completely on doctors. MedPanel president Jason LaBonte told HDM that vendors are positioning wearables and apps as “a fad” by seeing them as solely consumer-driven markets. (Not only does this turn doctors off, it also makes it less likely that consumers would think of asking their doctor about mHealth tool usage, I’d submit.)

But doctors aren’t just concerned about mHealth’s image. They also aren’t satisfied with current products, though that would change rapidly if there were a way to integrate mobile health data into EMR platforms directly. Sure, platforms like HealthKit exist, but it seems like doctors want something more immediate and simple.

Doctors also told MedPanel that mHealth devices need to be easier to use and generate data that has greater use in clinical practice.  Moreover, physicians wanted to see these products generate data that could help them meet practice manager and payer requirements, something that few if any of the current roster of mHealth tools can do (to my knowledge).

When it comes to physician awareness of specific products, only a few seem to have stood out from the crowd. MedPanel found that while 82% of doctors surveyed were aware of the Apple Watch, even more were familiar with Fitbit.

Meanwhile, the Microsoft Band scored highest of all wearables for satisfaction with ease of use and generating useful data. Given the fluid state of physicians’ loyalties in this area, Microsoft may not be able to maintain its lead, but it is interesting that it won out this time over usability champ Apple.

Wearables Trendsetters Don’t Offer Much Value

Posted on June 1, 2015 I Written By

Anne Zieger is veteran healthcare consultant and analyst with 20 years of industry experience. Zieger formerly served as editor-in-chief of FierceHealthcare.com and her commentaries have appeared in dozens of international business publications, including Forbes, Business Week and Information Week. She has also contributed content to hundreds of healthcare and health IT organizations, including several Fortune 500 companies. Contact her at @ziegerhealth on Twitter or visit her site at Zieger Healthcare.

Today I was looking over my Twitter feed and this tweet popped up:

The referenced article appeared on the corporate site of Qmed, a supplier to the medical device industry. I found this interesting, as it’s pretty obvious that wearables and other mHealth toys will evolve into medical-grade devices over time.

But the choices the article made for hottest wearable firms, while worth a look, demonstrate pretty clearly that few wearables makers can point to any real, meaningful healthcare benefit they offer. (That’s obviously not Qmed’s fault — none of this is aimed at the editor who pulled this piece together — but it’s still a significant point.)

Some of the wearables listed are half-hearted medical device plays, others are fashionable eye candy for upscale geeks, and still others are tadpoles evolving from some other industry into a healthcare mode. Here’s some examples from the list, and why I’m skeptical that they deserve a high five:

* The list includes Apple courtesy of  its Apple Watch.  Right now nobody seems to know quite how the Apple Watch, or any smartwatch for that matter, serves anyone except gadget geeks with extra cash. How, exactly, will having a smartwatch improve your health or life, other than giving you bragging rights over non-owners?

* There’s Fitbit, which is undeniably the wearables success story to beat all others. But just because something is cool doesn’t mean it’s accomplishing anything meaningful. At least where healthcare is concerned, I fail to see how its cursory monitoring add-ons (such as automatic sleep monitoring and heart rate tracking) move the healthcare puck down the ice.

* The list also includes Misfit, whose $850K success on Indiegogo has vaulted it into the ranks of hipster coolness. Admittedly, its Shine is a lovely piece of wearables jewelry, and the Flash is cool, but again, should healthcare leaders really care?

* I admit to a certain interest in Caeden, a Rock Health wearables firm which apparently started out making headphones. The Qmed article reports that the company, which got $1.6M in funding this year, is creating a screenless leather wristband which does health monitoring. But I’m critical of the “screenless” aspect of this product; after all, isn’t one of the main goals of monitoring to engage patients in the process?

I could go on, but you probably get the point I’m trying to make. While the devices listed above might have their place in the consumer health device food chain, it’s not clear how they can actually make patients do better or feel better.

I do have to offer kudos to one company on the list, however. Chrono Therapeutics has an intriguing product to offer which could actually save lungs and lives. The company, which took in $32M in financing last year, has created a slick-looking wearable device that delivers doses of nicotine when a smoker’s cravings hit, and tracks the doses administrated. Now that could be a game change for consumers trying to beat nicotine addiction. (Heck, maybe it could help with other types of addiction too.)

I only hope other wearables manufacturers pick a spot, as Chrono Therapeutics has, and figure out how to do more than be cool, look good or sell to trendies.

Early Warnings Demonstrate an Early Advance in the Use of Analytics to Improve Health Care

Posted on May 4, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://radar.oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

Early warning systems–such as the popular Modified Early Warning System (MEWS) used in many hospitals–form one of the first waves in the ocean of analytics we need to wash over our health care system. Eventually, health care will elegantly integrate medical device output, electronic patient records, research findings, software algorithms, and–yes, let us not forget–the clinician’s expertise in a timely intervention into patient care. Because early warning systems are more mature than many of the analytics that researchers are currently trying out, it’s useful to look at advances in early warning to see trends that can benefit the rest of health care as well.

I talked this week to Susan Niemeier, Chief Nursing Officer at CapsuleTech, a provider of medical device integration solutions. They sell (among other things) a bedside mobile clinical computer called the Neuron that collects, displays, and sends to the electronic medical record vital signs from medical devices: temperature, pulse, respiration, pulse oximetry, and so on. A recent enhancement called the Early Warning Scoring System (EWSS) adds an extra level of analytics that, according to Niemeier, can identify subtle signs of patient deterioration well before a critical event. It’s part of Capsule’s overarching aim to enable hospitals to do more with the massive amount of data generated by devices.

For more than 18 years, CapsuleTech provided bedside medical device connectivity products and services that captured patient vital signs and communicated that data to the hospital EMR. Rudimentary as this functionality may appear to people using automated systems in other industries, it was a welcome advance for nurses and doctors in hospitals. Formerly, according to Niemeier, nurses would scribble down on a scrap of paper or a napkin the vital signs they saw on the monitors. It might be a few hours before they could enter these into the record–and lots could go wrong in that time. Furthermore, the record was a simple repository, with no software observing trends or drawing conclusions.

Neuron 2 running Early Warning Scoring System

Neuron 2 running Early Warning Scoring System

So in addition to relieving the nurse of clerical work (along with likely errors that it entails), and enhancing workflow, the Neuron could make sure the record immediately reflected vital signs. Now the Neuron performs an even more important function: it can run a kind of clinical support to warn of patients whose conditions are deteriorating.

The Neuron EWSS application assigns a numerical score to each vital sign parameter. The total early warning score is then calculated on the basis of the algorithm implemented. The higher the score, the greater the likelihood of deterioration. The score is displayed on the Neuron along with actionable steps for immediate intervention. These might include more monitoring, or even calling the rapid response team right away.

The software algorithm is configured in a secure management tool accessible through a web browser and sent wirelessly to the Neuron at a scheduled time. The management tool is password protected and administered by a trained designee at the hospital, allowing for greater flexibility and complete ownership of the solution.

Naturally, the key to making this simple system effective is to choose the right algorithm for combining vital signs. The United Kingdom is out in front in this area. They developed a variety of algorithms in the late 1990s, whereas US hospitals started doing so only 5 years ago. The US cannot simply adopt the UK algorithms, though, because our care delivery and nursing model is different. Furthermore, each hospital has different patient demographics, priorities, and practices.

On the other hand, according to Niemeier, assigning different algorithms to different patients (young gun-shot victims versus elderly cardiac patients, for instance) would be impractical because mobile Neuron computers are used across the entire hospital facility. If you tune an algorithm for one patient demographic, a nurse might inadvertently use it on a different kind of patient as the computer moves from unit to unit. Better, then, to create a single algorithm that does its best to reflect the average patient. The algorithm should use vital signs and observations that are consistently collected, not vitals that are intermittently measured and documented.

Furthermore, algorithms can be tuned over time. Not only do patient populations evolve, but hospitals can learn from the data they collect. CapsuleTech advises a retrospective chart review of rapid response events prior to selecting an algorithm. What vital signs did the patient have during the eight hours before the urgent event? Retrospectively apply the EWSS to the vital signs to determine the right algorithm and trends in that data to recognize deterioration earlier.

Without help such as the Early Warning Scoring System, rapid response teams have to be called when a clear crisis emerges or when a nurse’s intuition suggests they are needed. Now the nurse can check his intuition against the number generated by the system.

I think clinicians are open to the value of analytics in early warning systems because they dramatically heighten chances for avoiding disaster (and the resulting expense). The successes in early warning systems give us a glimpse of what data can do for more mundane aspects of health care as well. Naturally, effective use of data takes a lot more research: we need to know the best ways to collect the data, what standards allow us to aggregate it, and ultimately what the data can tell us. Advances in this research, along with rich new data sources, can put information at the center of medicine.

Where Medical Devices Fall Short: Can More Testing Help? (Part 2 of 2)

Posted on April 6, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://radar.oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

As we saw in the previous article, networks of medical devices suffer from many problems intrinsic to the use of wireless technology. But testimony at the joint workshop held by the FCC and FDA on March 31 revealed that problems with the devices themselves run deep. One speaker reported uncovering departures from the standards for transmitting information, which led to incompatibilities and failures. Another speaker found repeated violations of security standards. As a trivial example, many still use the insecure and long-deprecated WEP authentication instead of WPA.

Most devices incorporate generic radio transmitters from third parties, just as refrigerators use replaceable compressors and lawnmowers depend on engines from just a few manufacturers. When markets become commoditized in this way, one would expect reliability. Whatever problems radio transmitters may have, though, are compounded by the software layered on top. Each device needs unique software that can affect the transmissions.

The WiFi Alliance is a consortium of manufacturers that tests devices for reliability and interoperability. But because it doesn’t contain users or government representatives, some panelists thought it was too lenient toward manufacturers. The test plan itself is a trade secret (although it was described at a high level in the workshop by Mick Conley). Several speakers testified that devices could be certified by the Alliance and still perhaps fail to connect.

To my mind, testing is a weak response to design problems. It happens after the fact, and can punish a poor engineering process but not fix it. You can test-drive a car and note that the steering is a bit sluggish, but can you identify the software or the part that is causing the problem? And can you explain it to the salesman, presumably to be conveyed back to the engineers?

Cars tend to be reliable first because of widespread competition that extends internationally, and partly because lawsuits keep the managers of the automobile companies alert to engineering problems. It would be a shame to need lawsuits to correct technical problems with medical devices, but refusing to buy them might do the trick. Test beds do provide warnings that can aid purchase decisions.

Unfortunately, the forum produced no real progress on the leading question of the day, whether a national test bed would be a good idea. It was recognized generally that test beds have to reflect the particular conditions at different institutions, and that multiple test beds would be needed to cover a useful range of settings. Without further clarification of what a test bed would look like, or who would build it, a couple panelists called for the creation of national test beds. More usefully, in my opinion, one speaker suggested a public repository of tests, which are currently the proprietary sects of vendors or academic researchers.

So none of the questions about test beds received answers at the workshop, and no practical recommendations emerged. One would expect that gathering the leading experts in medical devices for seven and a half hours would allow them to come up with actionable next steps or at least a framework for proceeding, but much of the workshop was given over to rhetoric about the importance of medical devices, the need for them to interoperate, and other standard rallying cries of health care reform. I sometimes felt that I was in hearing a pitch for impressionable financial backers. And of course, there was always time taken up by vendors, providers, and regulators trying to point the finger at someone else for the problems.

Device and networking expert David Höglund has written up how the workshop fell short. I would like someone to add up all the doctors, all the senior engineers, all the leading policy makers in the room, calculate how much they are paid per minute, and add up the money wasted every time a speaker extols patient engagement, interoperability, or some other thesis that is already well known to everybody in the room. (Or perhaps they aren’t well-known–another challenge to the medical field.)

Personally, I would write off most of the day as a drain on the US economy. But I have tried to synthesize the points we need to look at going forward, so that I hope you feel the time you devoted to reading the article was well-spent.

Where Medical Devices Fall Short: Can More Testing Help? (Part 1 of 2)

Posted on April 3, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://radar.oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

Clinically, medical devices do amazing things–they monitor vital signs (which, as the term indicates, can have life-or-death implications), deliver care, and measure health in the form of fitness devices. But technologically, medical devices fall way short–particularly in areas of interference, interoperability, and security.

The weaknesses of devices, their networks, and the settings where they reside came up over and over again in a joint workshop held by the FCC and FDA on March 31. I had a chance to hear most of it via live broadcast, a modern miracle of networking in itself.

Officially, the topic of the gathering was test beds for medical devices. Test beds are physical centers set up to mimic real-life environments in which devices are used, hosting large numbers of devices from different manufacturers running the popular software and protocols that they would employ out in the field. The workshop may have been an outgrowth of a 2012 report from an FCC mHealth Task Force which recommended “FCC should encourage and lend its expertise for the creation and implementation of wireless test beds.” (Goal 4.4, page 13) I thought the workshop had little new to offer on test beds, however, as the panelists concentrated on gaps between clinical needs and the current crop of devices and networks.

Medical settings are notoriously difficult places to employ technology. One panelist even referred to them as “hostile environments,” which I think is going a bit far. After all, other industries employ devices outdoors where temperatures drop below zero or rise precariously, or underwater, or even on battlefields (which actually are also medical settings).

I don’t dispute that medical networks present their own particular challenges. Hospitals crowd many devices into small spaces (one picture displayed at the workshop showed 15 wireless devices in a hospital room). Some last for decades, churning away while networks, environments, and requirements change around them. Walls and equipment may contain lead, blocking signals. Meanwhile, patient safety requires correct operation, resilience, and iron-clad security. Meanwhile, patients and their families expect access to a WiFi networks just like they get in the cafe down the street.

And yet Shawn Jackman, Director of Strategic Planning at Kaiser Permanente IT, said that problems are usually not in the infrastructure but in the devices. Let’s look at the main issue, interference (on which the panelists spent much more time than interoperability or security) and then at the ideas emerging from the workshop.

All the devices we associate with everyday network use (the IEEE 802.11 devices called WiFi) are all squeezed into two bands of the radio spectrum at 2.4 Gigahertz and 5 Gigahertz. When the inventors of WiFi told the world’s regulators that they had a new technology requiring a bandwidth in which to operate, freeing up existing bandwidth was hard to do, and the inventors were mere engineers, not powerful institutions such as the military or television broadcasters. So they resigned themselves to the use of the 2.4 and 5 Gigahertz bands, which were known as “junk spectrum” because all sorts of other equipment were allowed to emit radio-frequency noise in those bands.

Thus, because the bands are relatively narrow and are crowded with all sorts of radio emissions, interference is hard to avoid. But you don’t want to enter a patient’s room and find her comatose while a key monitor was unable to send out its signal.

Ironically, at the request of health IT companies, the FCC set aside two sets of spectrum for medical use, the Medical Device Radiocommunications Service (MedRadio) established in 1999 and the Wireless Medical Telemetry Service (WMTS) established in 2002. But these are almost completely ignored.

According to Shahid Shah, a medical device and software development expert, technologies that are dedicated to narrow markets such as health are crippled from the outset. They can’t benefit from the economies of scale enjoyed by mass market technologies, so they tend to be expensive, poorly designed, and locked in to their vendors. Just witness the market for electronic health records. So the medical profession found devices designed for the medical bands unsatisfactory and turned to devices that used the WiFi spectrum.

In 2010, by the way, the FCC relaxed its rules and permitted new devices to enter the little-used spectrum at the edges of television channels, known as white spaces, but commercial exploitation of the new spectrum is still in its infancy.

Furthermore, the FCC has freed up the enormous bandwidth used for decades to broadcast TV networks, by kicking off the stubborn users (known with respect as the “last grandmas”) who didn’t want to pay more for cable. An enormous stretch of deliciously long-range spectrum is theoretically available for public use–but the FCC won’t release it that way. Instead, they will sell it to other large corporations.

Networks are unreliable across the field. How often do you notice the wireless Internet go down at a conference? (It happened to me at a conference I attended the next day after the FCC/FDA workshop. At one conference, somebody even stole the hubs!) Further problems include network equipment of different ages that use slightly different protocols, which prove particularly troublesome when devices have to change location. (Think of wheeling a patient down the hall.) And you can’t just make sure everything is working the first time a device is deployed. Changes in the environment and surrounding equipment can lead to a communications failure that never turned up before, or that turned up and you thought you had fixed.

Medical device and wireless expert David Höglund claims that WLAN can work in a healthcare environment for medical devices. He lays out three overarching tasks that administrators must do for success:

  • They have to understand how each application works and its communications patterns: real-time delivery of small packets, batch delivery of large volumes of data, etc.

  • They have to provide the coverage required for each device or application. Is it used in the hallways, the patient rooms, the labs? How about the elevators on which patients are transported?

  • They need to obey the application’s quality service requirements. For instance, how long is a failure tolerable? For a device monitoring a patient’s heart in the ICU, a five-second interruption may be too long.

Medical devices and hospital networks need to be more robust and more secure than the average WiFi network. This calls for redundant equipment, separate networks for different purposes, and lots of testing. Hence the need for test beds, which many hospitals and conglomerates set up for themselves. Should the FCC create a national test bed? We’ll look at that in the next installment of this article.

FTC Gingerly Takes On Privacy in Health Devices (Part 2 of 2)

Posted on February 11, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://radar.oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The first part of this series of articles laid out the difficulties of securing devices in the Internet of Things (particularly those used in the human body). Accepting that usability and security have to be traded off against one another sometimes, let’s look at how to make decisions most widely acceptable to the public.

The recent FTC paper on the Internet of Things demonstrates that they have developed a firm understanding of the problems in security and privacy. For this paper, they engaged top experts who had seen what happens when technology gets integrated into daily life, and they covered all the issues I know of. As devices grow in sophistication and spread to a wider population, the kinds of discussion the FTC held should be extended to the general public.

For instance, suppose a manufacturer planning a new way of tracking people–or a new use for their data–convened some forums in advance, calling on potential users of the device to discuss the benefits and risks. Collectively, the people most affected by the policies chosen by the manufacturer would determine which trade-offs to adopt.

Can ordinary people off the street develop enough concerned with their safety to put in the time necessary to grasp the trade-offs? We should try asking them–we may be pleasantly surprised. Here are some of the issues they need to consider.

  • What can malicious viewers determine from data? We all may feel nervous about our employer learning that we went to a drug treatment program, but how much might the employer learn just by knowing we went to a psychotherapist? We now know that many innocuous bits of data can be combined to show a pattern that exposes something we wished to keep secret.

  • How guarded do people feel about their data? This depends largely on the answer to the previous question–it’s not so much the individual statistics reported, but the patterns that can emerge.

  • What data does the device need to collect to fulfill its function? If the manufacturer, clinician, or other data collector gathers up more than the minimal amount, how are they planning to use that data, and do we approve of that use? This is an ethical issue faced constantly by health care researchers, because most patients would like their data applied to finding a cure, but both the researchers and the patients have trouble articulating what’s kosher and what isn’t. Even collecting data for marketing purposes isn’t necessarily evil. Some patients may be willing to share data in exchange for special deals.

  • How often do people want to be notified about the use of their data, or asked for permission? Several researchers are working on ways to let patients express approval for particular types of uses in advance.

  • How long is data being kept? Most data users, after a certain amount of time, want only aggregate data, which is supposedly anonymized. Are they using well-established techniques for anonymizing the data? (Yes, trustworthy techniques exist. Check out a book I edited for my employer, Anonymizing Health Data.)

I believe that manufacturers can find a cross-section of users to form discussion groups about the devices they use, and that these users can come to grips with the issues presented here. But even an engaged, educated public is not a perfect solution. For instance, a privacy-risking choice that’s OK for 95% of users may turn out harmful to the other 5%. Still, education for everyone–a goal expressed by the FTC as well–will undoubtedly help us all make safer choices.