$$ - An Introduction To Secure Electronic Communication
This article provides an overview of what is and will undoubtedly remain the most important eHealth technology for the remainder of the decade and beyond: Secure Electronic Communication.
As would be expected, the importance of secure electronic communication within the health sector has long been pushed by eHealth vendors. Increasingly however, a growing number of doctors, practice staff, Divisions and other stake holders are starting to acknowledge the benefits that can result from more efficient and secure ways of communicating with their colleagues. As such, it came as no surprise to the author that no less than 9 of the 10 most popular responses to the IT/IM Innovations for General Practice Survey centred around improved communication and more effective access to patient records.
This article outlines the benefits secure electronic communication solutions can bring to practices and highlights some of the historical and present day issues with the technology.
In the true sense, electronic communication is so diverse a term that entrenched technologies including the telephone and fax machine could rightly be included under the banner. In the context of this article however, this term is reserved for discussion of computer based document/message transfer.
Extending this definition, secure electronic communication refers to computer based electronic messages that are protected in such a way that unauthorised recipients cant intercept and interpret them.
The benefits most commonly promoted by vendors of secure electronic communication solutions include:
Less Paper And Greater Efficiency
It is obvious that reducing the amount of paper used in the health sector has environmental benefits, however improving document processing efficiency is usually the primary motivating factor for practices. In a typical medical practice, secure electronic communication solutions promise to reduce the time and expense involved with several routine tasks including:
- Mail handling
Given that these tasks usually consume a large amount of practice staff time, the efficiency gains can be quite dramatic.
While the lack of security inherent in traditional paper based communication is well understood, this does not completely negate the underlying problems.
Some of the well-known security issues with paper include the possibility of patient records and other correspondence being lost or stolen and the lack of practical backup solutions. Further, it is usually not possible to selectively restrict access to paper records to the appropriate staff members within the practice.
With few feasible alternatives available historically, practices have had little choice but to utilise paper for the bulk of their correspondence and record storage. Now however, practices have a choice of several viable solutions that can significantly minimise the amount of paper and improve the security of routine correspondence with other health providers.
Unlike documents that arrive at the practice in paper form, secure electronic messages can be specially formatted by the senders clinical software to allow specific pieces of information to be efficiently processed by the recipients clinical software.
Not all electronic documents are ideally suited to this type of automatic processing (e.g. PDF, Microsoft Word and typical emails), however the health sector is fortunate to have a messaging format designed to allow disparate systems to send and receive clinical information effectively. This standard is called Health Level 7 (HL7) and is the foundation on which all viable secure electronic messaging solutions are built.
Given the importance of this standard, when ever possible, practices should elect to receive all electronic health correspondence in HL7 format. This option is usually offered alongside an inferior document type called Pathology Information Transfer (PIT). Because of technical limitations, PIT should be aggressively avoided by practices interested in realising the full potential of secure electronic communication.
Message Tracking And Audit Trails
Secure electronic communication solutions track the progress of the message through all the various stages of the journey, something that is essentially impossible to do with paper based communication. While the implementation of message tracking varies between solutions, ultimately all systems rely on message acknowledgements to automatically create an audit trail. In the case of referral letters and specialist reports, this audit trail affords the sender of the correspondence better medico-legal protection and makes it easier to ensure that the patient is receiving the best possible care.
PIP IT/IM Incentive
The revised PIP IT/IM requirements that came into effect in November 2006 highlighted the importance of securing the electronic transmission of patient information and clinical data. The final requirement of Tier 1 simply states that Encryption used for the electronic transfer of patient information and/or clinical data.
While this does not mean practices must send patient data via secure electronic means, it does require practices that choose to send patient information electronically to do so using an acceptable secure solution. Most practices should quickly realise the efficiency and economic benefits secure electronic messaging can deliver, however maintaining or achieving compliance with this government incentive will obviously result in additional financial gain.
With practitioners and practice staff spending less time processing paper, all the previously stated benefits of secure electronic communication should ultimately lead to improved patient care across the sector.
A detailed discussion of the various secure messaging solutions available to Australian medical practices will be deferred to a future article, however in broad terms, secure electronic communication products are essentially software programs that encrypt and decrypt electronic messages to prevent them being viewed by unauthorised third parties during transmission.
Secure electronic communication solutions are typically contrasted with traditional email due to their superficial similarities. Email however, is a fundamentally insecure technology that should not be used for the transmission of any patient information (unless suitable additional security measures are taken).
Many practices already have secure messaging solutions installed to facilitate the electronic retrieval of pathology and radiology results. Few may realise however, that in some cases these programs can be easily configured to allow referral letters, specialist reports and other documents to be transmitted directly from the practices clinical software package which may negate the need for the practice to install additional software.
Despite the widely acknowledged benefits secure electronic communication solutions can deliver and the array of viable solutions on the market, widespread adoption of the technology has been underwhelming in the Australian health sector.
While the outlook is improving, there are two major factors that continue to hamper the uptake of the technology:
- Limited Specialist Computerisation
- Limited Interoperability
Limited Specialist Computerisation
Compared to general practices, computer penetration in specialist practices is relatively low. This is due to various factors including a lack of government financial incentive and the absence of Division-like organisations with this goal on their agenda.
Of the 33 possible innovations listed in the IT/IM Innovations for General Practice Survey (Issue 3: February 2007, pp16), Widespread computerisation of Medical Specialist practices ranked 6th. The fact that the vast majority of respondents to this survey were GPs, points to a realisation that the great potential benefits secure messaging technology can deliver are greatly diminished in the absence of widespread technology adoption by specialist practices.
This can be contrasted with clinical software solutions, which can be successfully used by a practice regardless of how surrounding health providers are using their technology.
With the exception of Medical-Objects (that can communicate with GPs using Argus), there is little or no interoperability between the competing secure messaging solutions on the market.
To illustrate the effect this lack of interoperability has on the market, consider what the mobile telecommunications landscape would be like if it was not possible for Telstra customers to communicate with Optus customers and vice versa. Assuming this impediment persisted, customers of each mobile phone carrier would be faced with three options:
- Avoid the mobile phone system entirely and use an alternative technology (land line telephone, mail, email etc).
- Purchase either an Optus or Telstra mobile phone and encourage friends, family and business associates to use the same carrier.
- Purchase and use mobile phones from both companies.
While the scenario presented above is simplified and would not be tolerated by the market, the options available to these imaginary telecommunication consumers translate directly to the current options available to practices who are considering the implementation of a secure electronic communication solution. That is, specialist and GP practices can either:
- Not adopt secure communication technology and retain existing paper based workflows.
- Select one of the available solutions and encourage the organisations and health care professionals with whom they routinely communicate to adopt the same solution.
- Assess the intentions and current capabilities of the organisations with which they routinely communicate and deploy multiple solutions to facilitate to the highest possible number of secure transactions.
None of these options are ideal, with each scenarios obvious shortcomings highlighting the importance of standards-compliant, interoperable solutions.
Despite the challenges, both GP and specialist practices should begin (or continue) working towards the ultimate goal of secure, electronic, paperless communication. The benefits are real and so significant that the initial time and financial investment involved in setting up a secure electronic communication workflow will be recouped many times over. The increased awareness and acceptance of secure messaging technology provides a real opportunity for secure messaging providers and clinical software developers alike. During the coming year, expect to see many clinical software developers place a greater emphasis on tight integration with secure messaging solutions as they continually seek to differentiate themselves in a maturing market.
Small pockets of the health sector have been actively pursing secure messaging capability for many years, some with great success. Unfortunately however, the majority of the sector has grossly underachieved in this area.
As with all communication technologies, the usefulness of the solution scales proportionally with the number of participants. Before the true potential of secure electronic messaging is realised, an Al Gore style tipping point needs to be reached, where the uptake of secure electronic messaging will become self-sustaining. While it is inevitable that this will occur at some point, for secure electronic communication technology to reach critical mass in Australias health sector by the end of the decade, the following will need to occur:
While an efficient, unsubsidised market is ultimately desirable, in the short term, Government should not hesitate to intervene and do what ever is necessary to get practices to rapidly adopt secure messaging solutions.
Practices should have significant financial incentives to adopt secure electronic communication technology, which could be facilitated via minor extensions to the current IT/IM Practice Incentive Program requirements. Vendors who are able to demonstrate widespread adoption and usage of their solutions should also receive retrospective financial bonuses, which would allow them to aggressively market and deploy their solutions.
As occurred successfully with the rollout of Medicare Online (HIC Online), the potential end users of secure electronic communication need to be better educated about the benefits the technology can provide. In addition, decision makers at all bureaucratic levels of Government need to gain a better understanding of the underlying technology and organisational challenges faced by the end users of such technology to avoid repeating previous failures in this area.
Grass Roots Advocacy And Organisational Support
As is already happening, doctor-to-doctor advocacy must occur and be supported by organisations including the Australian General Practice Network (formerly Divisions of General Practice), the Australian Medical Association and the various specialist and GP colleges.
These organisations need to go beyond their traditional charter boundaries and work together for the common good of the industry.
Posted in Australian eHealth