Don’t Forget About Connecting Smaller Healthcare Providers

What type of organization could design and implement a reliable, secure and interoperable nationwide healthcare information network (NHIN), which would allow critical medical data to be shared seamlessly and in a timely manner, while ensuring equal access to all ranges of healthcare providers?

Ray Patalano is a healthcare IT specialist at 3Com Corp., headquartered in Marlborough, Mass. Contact him at [email protected].

Much thought and discussion have been given to the handling of the actual patient data record, and what it should look like when sent over the NHIN. Considerably less thought has been given to the network infrastructure that will eventually carry and house this sensitive and critical data: Who will build it? What will it look like? How will it be secured?

Some argue that the solution is to let market forces and private companies develop network solutions through competition; then, the leader and best performer will naturally rise to the top. Others opine that any project of this nature and sensitivity should be run by government agencies so that strict controls would protect the patient, and profits would not drive decisions, which could adversely affect patients’ privacy and healthcare.

The best solution is to create an organization that operates autonomously as a nonprofit organization, is regulated by the federal government, and embraces operations that are transparent to the patient and the public.

The Focus Beyond Data
This NHIN organization would offer services via a “managed services/subscription-based” model that the large system integrators and network service providers, such as AT&T, offer today.

EHR, PACS and other critical medical data could be securely stored and shared from a secure, networked central location. The goal is to ensure that small and rural healthcare providers have the same access to medical information as the major teaching hospitals in large cities, and to help drive the standardization of health records and medical data much faster in the industry.

Healthcare organizations require a longer term technology outlook than a traditional business. Traditional businesses are trained much in the same way as Pavlov’s dogs: Every three to five years, the bell rings and they line up to upgrade operations with the newest and greatest technologies.

However, in the healthcare profession, network upgrades, patient data transfers, data storage and acquiring new technologies present much more risk than simply the possibility of an order being lost or a customer’s bill being incorrect. Some healthcare records require storage of 10 years or more.

Will the communications technology of 10 years from now be able to support older data that has already been stored? If patient data and information truly are to be shared among the entire healthcare community in a seamless manner, would it not make sense for the healthcare community to be able to utilize a seamless network? The sad fact is that not all healthcare IT communications are equal today.

Some hospitals and clinics are far ahead in implementing new networking technologies, such as wireless LANs and Voice over IP, or have advanced imaging capabilities, such as scanning and digitally storing X-rays and MRI images. How can smaller providers, that are not as technically advanced or graciously funded, expect to interact with more advanced institutions?

An NHIN that uses a standards-based infrastructure, accessed by any broadband or dial-up Internet connection, and charges a monthly fee instead of a large up-front investment in equipment, could level the playing field in healthcare and ensure that patients have access to their medical records, no matter what their location.

The NHIN Portrait
The NHIN infrastructure should be built upon the leading-edge security, data storage, remote access and data retrieval technologies in the industry. The NHIN should house patient information using SAN (storage area network) technologies and could be accessed through a standard Web-based interface.

Healthcare providers could connect to the network through technologies, such as virtual private networks via high-speed or dial-up connections. Any healthcare professional with the proper credentials, a PC and Internet access could view critical patient information from any location.

Likewise, patients with access via an Internet-connected PC could review and retrieve their medical records and be more involved with their healthcare decisions. Patients who do not have or cannot afford Internet access would still be able to request access to their records by giving key pieces of information, such as Social Security number and date of birth.

Security technologies, such as intrusion prevention and network quarantining capabilities, would proactively protect the network from external and internal threats such as security breaches, viruses and data theft. Although in theory, the network is in one central location, several mirror sites would exist simultaneously for disaster recovery purposes, data redundancy and to increase speeds of data retrieval.

A standards-based, multivendor network infrastructure would provide network availability, data integrity, data storage and unmatched data security that only the largest hospitals and clinics could afford if they had to do it on an individual basis.

The Tough Question: Who Pays?
The start-up phase of the NHIN would require government and tax payer funding for the initial build out. Once the network is able to take on subscribers, it would become a self-funding organization, capable of delivering services to its healthcare customers. In turn, profits would be invested back into the organization to refresh technology and attract top talent to run and manage the NHIN.

This is one model, and the purpose of discussing it is to spur thought and action forward, not just for the patient record itself, but also for the type of secure, converged network that will be required to safely and cost-effectively allow access to critical medical information.

Many questions about data integrity, access control, and securing a network of this size remain to be answered. But to only think about the data itself, and not the infrastructure that delivers and houses it, would be to overlook smaller healthcare providers who don’t have the time or resources to keep up with the dramatic changes on the IT horizon. Every stakeholder in healthcare must ensure the security of the health information network nationwide, no matter how big or small the healthcare providers are.

We must level the virtual playing field.