Wes Rishel

A member of the Gartner Blog Network

Wes Rishel
VP Distinguished Analyst
12 years at Gartner
45 years IT industry

Wes Rishel is a vice president and distinguished analyst in Gartner's healthcare provider research practice. He covers electronic medical records, interoperability, health information exchanges and the underlying technologies of healthcare IT, including application integration and standards. Read Full Bio

Coverage Areas:

Simple Interop: Issues Associated with Automatic Processing

by Wes Rishel  |  January 4, 2010  |  4 Comments

In Simple Interop: Use Cases we have made a somewhat unorthodox proposition, to support mixed communication between people and automatic computer processing programs. We have done so because of the issues raised in Rant on Heath Information Technology Asynchrony . This proposition entails solving some issues. For example, what if

  • The email is never delivered to the recipient?
  • The email is delivered but cannot be processed?
  • The email is delivered but some of the attachments cannot be processed?
  • A recipient later claims it never got a message and cannot be liable for not having acted on it?
  • A sender later claims that it never sent a certain message, so it cannot be liable for erroneous contents?
  • Some of the attachments associated with the message don’t contain a structured patient ID? How do we know they are all about the same patient? Is there a way to allow the same message to contain information about different patients?
  • An automated message is routed to a recipient that is a person and needs some context to understand the messages.

There are probably other issues as well, and I look forward to hearing about them in the comments to this posting.

We believe that there are straightforward solutions to these issues that can be introduced without greatly adding to the amount of new technology that must be introduced to get started with this approach.

4 Comments »

Category: Healthcare Providers Interoperability Vertical Industries     Tags: , , , , , , , , ,

4 responses so far ↓

  • 1 Brian Ahier   January 4, 2010 at 10:36 pm

    One problem that currently occurs more often than we would like to admit is the message (usually a fax) is received by the wrong recipient. As a medical records director years ago, we regularly received faxes meant for other facilities. The law firm where my wife works has had the same issue.
    I wonder if some of the electronic transmissions might have the same difficulty of occasionally ending up in the wrong hands. Obviously there is always the possibility for human error, but what technological solutions might help?

  • 2 Wes Rishel   January 4, 2010 at 11:46 pm

    Thanks, Brian. I don’t think we’ll ever drive human error out of any human transaction.

    I will say this, though, if you are intended to send something to Marcus@Welby.com and are about to send to radar@mash4077.mil the error is obvious. If you are sending it to 7175551212 and it should be going to 3101215555 is is more likely to slip through.

    Also, our approach involves the two sites mutually authenticating one another with current digital certs, so the probability of the message going to a random person is greatly reduced.

    The main thing, though, is that we don’t really need to design the system to eliminate all error.

  • 3 David McCallie   January 5, 2010 at 12:34 am

    If we could afford the complexity of a widespread public/private key infrastructure (PKI) then we could simply encrypt each message with the recipient’s public key so that only that recipient could read it. But if we had widespread use of PKI, we could just use S/MIME email, which does all the encryption automatically.

    Absent PKI, it’s hard to think of a general purpose encryption model that meets the “simple” test. One rather manual option would be for the sending provider to zip the attachment and encrypt it with a secret password. Tell the recipient the password via a text message. This would work for really sensitive messages, but it’s too cumbersome for routine messages.

    There are many third party companies which provide email encryption alternatives to S/MIME, such as PGP. But these approaches are proprietary and add complexity if not adopted universally.

    One small saving grace — the secure email model guarantees that even if miss-addressed, the email could only be sent to a gateway that is approved to be on the secure health email network. Presumably, this would reduce the chances of misuse somewhat.

  • 4 Wes Rishel   January 5, 2010 at 1:20 am

    David has addressed your main comment, but let me add a couple of points.

    This approach does, in fact call for a public key infrastructure. It is based on organizations rather than individuals, thus simplifying the challenge by one order of magnitude in quantity and probably another order of magnitude in complexity.

    No system will ever take human error completely out of the equation. However, if you are meaning to send something to Marcas@medinfo.Welby.com and you are about to send it to Hawkeye@medinfo.Mash40777.mil this is a lot more obvious than wanting to send it to +17075551212 and being about to send it to +13101215555.

    As David mentions it is also comforting to know at least that the recipient works for an organization that understands its obligations to keep information private.