Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and EHR for FREE!

ZocDoc’s Company Culture – What’s Been Your Experience?

Posted on August 17, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

Company culture has been in the tech news lately after this lengthy article looking at Amazon’s company culture. However, in the healthcare IT world, I was more interested in this recent article by Business Insider looking at ZocDoc’s company culture. The article paints a brutal picture of a “frat house” mentality together with sexism and drugs. Not a pretty picture and it pains me to even read stories like this. However, this part of the article really stuck out for me:

On the sales floor at ZocDoc, employees say there’s a phrase used over and over again: “churn and burn.” Former employees say this phrase indicates the competitive, often stressful nature of work in ZocDoc’s sales division.

“They are full steam ahead,” one former salesperson told Business Insider. “They have this arrogance in the company where the human capital is of zero value.”

A former employee at ZocDoc told Business Insider that employee turnover at the company is high. The company recruits and brings in batches of new employees regularly because so many end up leaving or quitting, the employee alleges.

I definitely know very little about ZocDoc’s company culture. I do know that they raised a lot of money, very quickly. That puts a lot of pressure on your company. First, you have to hire a lot of people over a very short period of time. That doesn’t leave much time to develop a quality company culture. Second, when you raise that much money, you face enormous pressure to scale the company and deliver results. That’s not an excuse for bad behavior (assuming the Business Insider report is accurate), but it could explain how their company culture got out of control.

Company culture aside, their description of their sales organization mimics what I’ve heard from a number of doctors about ZocDoc. I’ve only ever met one doctor who liked ZocDoc. That doctor felt that he got patients he wouldn’t have otherwise gotten and so it was worth it. Every other doctor I’ve talked to said that ZocDoc charged way too much for new patient referrals and so they didn’t use them.

Outside of doctors’ views on ZocDoc’s pricing model, some doctors told me how aggressive the ZocDoc sales people were with them. They’d tell me about being contacted all the time by their sales people. I remember one practice manager telling me that they would never do business with ZocDoc since they hated their sales approach. The practice manager didn’t talk about the ZocDoc product or service at all. The sales person had ruined ZocDoc with that practice.

After hearing so many practices talk about ZocDoc over the years, it resonated with me when the former salesperson described the “arrogance in the company.” That’s the impression I’d been given by the many practices I’d talk to myself. I’m sure the $97.9 million they’d raised in funding (and reports said they’re raising another $152 million) helped perpetuate that culture.

What’s been your experience working with ZocDoc? I’d love to hear from more doctors and practice managers.

A Mature API for an Electronic Health Record: the OpenMRS Process

Posted on August 14, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

By some measures, OpenMRS may be the most successful of the open source EHRs, widely deployed around the world. It also has a long experience with its API, which has been developed and refined over the last several years. I talked to OpenMRS developer Wyclif Luyima recently and looked at OpenMRS’s REST API documentation to see what the API offers.
Read more..

WearDuino Shows That Open Source Devices Are a Key Plank in Personal Health

Posted on August 13, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

New devices are democratizing health. We see it not only in the array or wearable fitness gear that an estimated 21 percent of Americans own (and that some actually wear), but also in innovative uses for mobile phones (such as testing vision in regions that lack doctors or checking athletes for concussions) and now in low-cost devices that are often open source hardware and software. Recent examples of the latter include the eyeSelfie, which lets a non-professional take an image of his retina, and the WearDuino, a general-purpose personal device that is the focus of this article.

WearDuino is the brainchild of Mark Leavitt, a medical internist who turned to technology (as have so many doctors pursuing visions of radical reform in health care). I ran into Leavitt at the 2015 Open Source convention, where he also described his work briefly in a video interview.

Leavitt’s goal is to produce a useful platform that satisfies two key criteria for innovation: low-cost and open. Although some of the functions of the WearDuino resembles devices on the market, you can take apart the WearDuino, muck with it, and enhance it in ways those closed platforms don’t allow.

Traits and Uses of WearDuino
Technically, the device has simple components found everywhere, but is primed for expansion. A small Bluetooth radio module provides the processing, and as the device’s name indicates, it supports the Arduino programming language. To keep power consumption low there’s no WiFi, and the device can run on a cheap coin cell battery for several months under normal use.

Out of the box, the WearDuino could be an excellent fitness device. Whereas most commercial fitness wearables collect their data through an accelerometer, the WearDuino has an accelerometer (which can measure motion), a gyroscope (which is useful for more complex measurements as people twist and turn), and a magnetometer (which acts as a compass). This kind of three-part device is often called a “9-degree of freedom sensor,” because each of those three measurements is taken in three dimensions.

When you want more from the device, such as measuring heartbeat, muscle activity, joint flexing, or eye motion, a board can be added to one of the Arduino’s 7 digital I/O pins. Leavitt said that one user experimented with a device that lets a parent know when to change a baby’s diaper, through an added moisture detector.

Benefits of an Open Architecture
Proprietary device manufacturers often cite safety reasons for keeping their devices closed. But Leavitt believes that openness is quite safe through most phases of data use in health. Throughout the stages of collecting data, visualizing the relationships, and drawing insights, Leavitt believes people should be trusted with any technologies they want. (I am not sure these activities are so benign–if one comes up with an incorrect insight it could lead you to dangerous behavior.) It is only when you get to giving drugs or other medical treatments that the normal restrictions to professional clinicians makes sense.

Whatever safety may adhere to keeping devices closed, there can be no justification on the side of the user for keeping the data closed. And yet proprietary device manufacturers play games with the user’s data (and not just games for health). Leavitt, for instance, who wears a fitness monitor, says he can programmatically download a daily summary of his footsteps, but not the exact amounts taken at different parts of the day.

The game is that device manufacturers cannot recoup the costs of making and selling the devices through the price of the device alone. Therefore, they keep hold of users’ data and monetize it through marketing, special services, and other uses.

Leavitt doesn’t have a business plan yet. Instead, in classic open source practice, he is building community. Where he lives in Portland, Oregon a number of programmers and medical personnel have shown interest. The key to the WearDuino project is not the features of the device, but whether it succeeds in encouraging an ecosystem of useful personal monitors around it.

ICD-10 Training Games and Lookup

Posted on August 12, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

NueMD has recently launched what they’re calling their ICD-10 Training Lab. To be honest, I wasn’t sure what to expect when they sent it over to me. They told me it was a free ICD-10 training lab. With ICD-10 breathing down our necks, I was interested to see what they’d put together.

If you’re looking for a full scale ICD-10 training course, then this isn’t it. I asked my HIM Manager friend, Erin Head, on Twitter about the training and she replied that “It’s very basic level but a good start. Still need to know how to code. Nice mobile view.”

Erin brings up a fine point. The ICD-10 training lab is not going to teach you to code. I don’t think that was NueMD’s intent. I think their intent was to provide a tool for those who already understand coding to be able to learn some of the new ICD-10 codes. In fact, since they’ve broken it out into specialties, my guess is that they really hope this ICD-10 training lab will help doctors to get up to speed on the most common new ICD-10 codes for their specialty.

My favorite part of the ICD-10 training lab is the ICD-10 Training games:
ICD-10 Training Games
What’s better than a game to learn something? Plus, when you’re trying to memorize something, repetition is a real key to learning. Games are great at providing a fun way to get in your repetitions.

The ICD-10 training lab also includes an ICD-10 code lookup. You can tell they’ve put in quite a bit of effort to make their ICD-10 code search work quite well. Although, it’s still just an ICD-10 code search. Something that should be incorporated in most EHR systems.

What Does e-MDs and AdvancedMD Under the Same Private Equity Mean?

Posted on August 11, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

The healthcare IT world has seen a lot of movement and investment lately. Kareo raised $55 million recently. Modernizing Medicine acquired gMed last month. Accolade secured $22.5 million in funding. medCPU closed $8 million in financing. BoardVitals raised $1.1 million to build the Wikipedia of Medicine. Premier acquired CECity. Plus, that doesn’t even mention the $1 billion acquisition of Merge healthcare by IBM. I’m sure that there are many more that people can share in the comments.

There’s a lot of investment going into healthcare IT. No doubt there’s a huge opportunity for health IT companies. However, I’ve been most interested in what’s happening with the EHR companies involved in these deals. For example, one recent transaction that I didn’t mention above was Marlin Equity Partners acquiring AdvancedMD from ADP. The ADP acquisition of AdvancedMD never seemed to work. The idea of doctors offices being small businesses and ADP offered a bunch of small business services kind of made sense, but most doctors offices treat their EHR purchase very different than other tech investments for their office. The EHR purchase is its own beast. So, it’s not surprising that ADP would divest itself of an EHR software company.

What’s more interesting about the deal is that Marlin Equity Partners had already acquired EHR vendor e-MDs in March of 2015 and merged it with MDEverywhere. Now Marlin Equity Partners has e-MDs and AdvancedMD under their umbrella. I asked them what their plans were now that they had two EHR vendors (competitors) in their portfolio. They declined to comment until the acquisition of AdvancedMD closed.

Something has to give. I can’t imagine Marlin Equity Partners continuing with two software companies. Hard to say whether e-MDs will win or AdvancedMD, but I expect we’ll see one of them being sunset in the next year or two. They’ll offerer a way to convert from one to the other, but switching EHR software is never fun. It’s even less fun when it’s being forced upon you by the vendor.

The crazy thing is that I think we’re just getting started with this kind of activity. 300 EHR vendors is not sustainable long term. I don’t think we’ll get to 5 EHR vendors like most suggest, but we could narrow it down to 100 and still have plenty of options. That’s a lot of doctors being left high and dry when their EHR gets consolidated.

Funny ICD-9 Codes Video – Putting ICD-10 Codes in Perspective

Posted on I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

In response to Jennifer Della’Zanna’s post on putting crazy ICD-10 codes in perspective, I wrote about the funny ICD-9 codes over on EMR and HIPAA. I guess ClinicSpectrum liked the post enough that the decided to create a video animation of the post. I thought it was pretty cool. Check it out:

ICD-10 is near. Are you ready?

OpenUMA: New Privacy Tools for Health Care Data

Posted on August 10, 2015 I Written By

Andy Oram is an editor at O'Reilly Media, a highly respected book publisher and technology information provider. An employee of the company since 1992, Andy currently specializes in open source, software engineering, and health IT, but his editorial output has ranged from a legal guide covering intellectual property to a graphic novel about teenage hackers. His articles have appeared often on EMR & EHR and other blogs in the health IT space. Andy also writes often for O'Reilly's Radar site (http://oreilly.com/) and other publications on policy issues related to the Internet and on trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business. Conferences where he has presented talks include O'Reilly's Open Source Convention, FISL (Brazil), FOSDEM, and DebConf.

The health care field, becoming more computer-savvy, is starting to take advantage of conveniences and flexibilities that were developed over the past decade for the Web and mobile platforms. A couple weeks ago, a new open source project was announced to increase options for offering data over the Internet with proper controls–options with particular relevance for patient control over health data.

The User-Managed Access (UMA) standard supports privacy through a combination of encryption and network protocols that have a thirty-year history. UMA reached a stable release, 1.0 in April of this year. A number of implementations are being developed, some of them open source.

Before I try to navigate the complexities of privacy protocols and standards, let’s look at a few use cases (currently still hypothetical) for UMA:

  • A parent wants to show the child’s school records from the doctor’s office just long enough for the school nurse to verify that the child has received the necessary vaccinations.

  • A traveler taking a temporary job in a foreign city wants to grant a local clinic access to the health records stored by her primary care physician for the six months during which the job lasts.

The open source implementation I’ll highlight in this article is OpenUMA from a company named ForgeRock. ForgeRock specializes in identity management online and creates a number of open source projects that can be found on their web page. They are also a leading participant in the non-profit Kantara Initiative, where they helped develop UMA as part of the UMA Developer Resources Work Group.

The advantage of open source libraries and tools for UMA is that the standard involves many different pieces of software run by different parts of the system: anyone with data to share, and anyone who wants access to it. The technology is not aimed at any one field, but health IT experts are among its greatest enthusiasts.

The fundamental technology behind UMA is OAuth, a well-tested means of authorizing people on web sites. When you want to leave a comment on a news article and see a button that says, “Log in using Facebook” or some other popular site, OAuth is in use.

OAuth is an enabling technology, by which I mean that it opens up huge possibilities for more complex and feature-rich tools to be built on top. It provides hooks for such tools through its notion of profiles–new standards that anyone can create to work with it. UMA is one such profile.

What UMA contributes over and above OAuth was described to me by Eve Maler, a leading member of the UMA working group who wrote their work up in the specification I cited earlier, and who currently works for ForgeRock. OAuth lets you manage different services for yourself. When you run an app that posts to Twitter on your behalf, or log in to a new site through your Facebook account, OAuth lets your account on one service do something for your account on another service.

UMA, in contrast, lets you grant access to other people. It’s not your account at a doctor’s office that is accessing data, but the doctor himself.

UMA can take on some nitty-gritty real-life situations that are hard to handle with OAuth alone. OAuth provides a single yes/no decision: is a person authorized or not? It’s UMA that can handle the wide variety of conditions that affect whether you want information released. These vary from field to field, but the conditions of time and credentials mentioned earlier are important examples in health care. I covered one project using UMA in an earlier article.

With OAuth, you can grant access to an account and then revoke it later (with some technical dexterity). But UMA allows you to build a time limit into the original access. Of course, the recipient does not lose the data to which you granted access, but when the time expires he cannot return to get new data.

UMA also allows you to define resource sets to segment data. You could put vaccinations in a resource set that you share with others, withholding other kinds of data.

OpenUMA contains two crucial elements of a UMA implementation:

The authorization server

This server accepts a list of restrictions from the site holding the data and the credentials submitted by the person requesting access to the data. The server is a very generic function: any UMA request can use any authorization server, and the server can run anywhere. Theoretically, you could run your own. But it would be more practical for a site that hosts data–Microsoft HealthVault, for instance, or some general cloud provider–to run an authorization server. In any case, the site publicizes a URL where it can be contacted by people with data or people requesting data.

The resource server

These submit requests to the authorization server from applications and servers that hold people’s data. The resource server handles the complex interactions with the authorization server so that application developers can focus on their core business.

Instead of the OpenUMA resource server, apps can link in libraries that provide the same functions. These libraries are being developed by the Kantara Initiative.

So before we can safely share and withhold data, what’s missing?

The UMA standard doesn’t offer any way to specify a condition, such as “Release my data only this week.” This gap is filled by policy languages, which standards groups will have to develop and code up in a compatible manner. A few exist already.

Maler points out that developers could also benefit from tools for editing and testing code, along with other supporting software that projects build up over time. The UMA resource working group is still at the beginning of their efforts, but we can look forward to a time when fine-grained patient control over access to data becomes as simple as using any of the other RESTful APIs that have filled the programmer’s toolbox.

Online Reputation Management for Doctors

Posted on August 7, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

As you know, I’m a sucker for an infographic. So, I couldn’t resist sharing this online reputation management strategy infographic for doctors that was posted by CureMD. There’s so much to chew on in this infographic, but my favorite part is the last image which shows the breakout of how people review doctors. It shows the physician reviews definitely skewing positive. What do you find interesting?
Doctor Online Reputation Management Strategies

Live Hack of an Infusion Pump Medical Device

Posted on August 6, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

UPDATE: Looks like the video was taken down. I can imagine the legal issues that went on with such an incredible demonstration.

At the BlackBerry Security Summit, BlackBerry Chief Security Officer David Kleidermacher and Security Expert Graham Murphy showed how easy it is for hackers to take control of a medical device that’s not properly secured. Check out the video below to see the medical device hack:

What a compelling and scary demonstration!

I think most healthcare organizations assume that medical device manufacturers are taking care of securing the medical devices. Or that HIPAA will protect them from all of this. Many take the stance that “ignorance is bliss.” This demo should illustrate to everyone that you can’t leave security of your medical devices to the manufacturer or HIPAA. It takes both the medical device manufacturer and the healthcare organization to make sure a medical device is properly secured.

AHCA Health IT Symposium Videos

Posted on August 5, 2015 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I’m a real fan of local healthcare IT events. They are usually more steeped in practical discussions and they are a great way to really connect with the people doing the hard work in healthcare IT. The larger conferences are great for me to attend as well, but they are usually a much higher level discussion and it’s hard for many in the trenches to make it to the larger events.

With that in mind, I was interested to check out the video from the AHCA Florida’s Health IT Symposium. You can check out all the videos from their sympoisum on the ACHA Florida YouTube page, but I was quite interested in what was said in the Practical Applications session of the symposium, so I’ll embed them here for you to enjoy as well:

And Part 2: