How I Spent my Summer Vacation

I've returned to Boston, to fast wireless networks, humidity, and traffic.

It's a marked contrast to my time on the John Muir trail. Not better or worse, just different.

On the trail, time slowed to the point that my measurement rubrics became dawn and sunset, the amount of water left in my hydration pack, and the time until my next snack.

I walked about 150 miles through the Sierra, up and down numerous peaks and passes. I gathered wild mushrooms (Leccinum, Lentinus, Agaricus). I ate numerous wild plants (waxy currants, gooseberry, swamp onion, mint). Temperatures varied from the 20's at night to the 60's during the day.

When I rested, I was joined by golden marmots, pikas, chickarees, Belding's ground squirrels, mule deer, and even a beaver, dragging an aspen branch across the trail at dawn.

During the day, my constant companions were Clark's nutcrackers, grouse, hairy woodpeckers, stellar jays, and the occasional great horned owl.

I stored my food in a 6 ounce Ursack, a kevlar bag approved for backcountry use everywhere along the Pacific Crest Trail except in Yosemite and Sequoia-King's Canyon. Since I never slept within the borders of those national parks, I was fine. No bears ever bothered the vegan food I was carrying.

My pack with food and water never weighed more than 10 pounds, enabling me to cover 20-25 miles per day with several thousand feet of daily elevation gain.

I only met two other north bound hikers along the trail but we walked at different paces, so I spent the time in solitude.

The physical challenge was not a problem - once I acclimated to 10,000 feet I had no problem with the hiking. The emotional challenge of being alone in the wilderness, with no one to speak with, no internet connection, and no pressure other than to keep warm and hydrated was admittedly a struggle.

Numerous studies have been done or are in progress to examine the effect of constant connectivity on our brains. We all develop a kind of ADHD, losing the ability to maintain focus, explore issues deeply, and savor the experience of the world around us.

The Last Child in the Woods explores the way our children have lost touch with the rhythm of the natural world.

It took a few days, but I regained the ability to sit on a rock, listen to the wind, and soak in the details of every flower, tree, and waterfall.

It's tempting to believe that I could maintain that reverie for months, living in that archetypal cabin in the woods that many of us dream about.

However, by the end of my trip, I realized that my highest and best purpose at this time in history is to share my technology, management, and problem solving skills with government, academic, and industry leaders to accelerate positive change. If I work hard enough, I can ensure my daughter and her future family never experience a medical error, a problem with care coordination, or a bankrupt healthcare system.

So, I'm back, recharged and rejuvenated, with a new sense of perspective. The world will continue to have its pessimists, its critics, and naysayers, some of whom will direct their ire at me. However, if I just think back to sitting on a rock in the Sierra, not knowing what time it was or having a to do list, I can keep it all in perspective. This time of Stimulus funding, healthcare reform, and meaningful use is creating high pressure, unreasonable deadlines, and unrealistic expectations for everyone. As long as we treat each other right and remind ourselves of the true cadence of the natural world around us, we'll be fine.

Into the Wild 2010

For 10 days every August, my family and I travel to an isolated canyon filled with aspen, pine, and wildflowers just north of Mono Lake in the Eastern Sierra.

This year, we'll hike, explore old mines, harvest sage, and study the complex ecosystem of the Mono Basin.

I'll also do a solo hike along 50 miles of the John Muir trail from Mammoth to Yosemite Valley.

From August 6-16, I'll have episodic web connectivity, so I will not be blogging.

By 6pm tonight, I'll be into the wild!

Cool Technology of the Week

On Fridays I write about emerging technologies that I experience at the office and in my day to day life.

Recently, I wanted to join a colleague for an elegant meal in Washington DC which would enable us to catch up on many strategic issues during our dining experience. (We went to Nora - it was fabulous.)

A few moments after we agreed on the restaurant, an email appeared in my inbox from OpenTable with all the details - where, when, how to get there etc. Really amazing integration of email, the web, calendaring, and restaurant table availability databases.

OpenTable has created a software as a service model for supporting in restaurant and customer facing workflow that is easy to use, convenient, and timesaving.

I was curious about their business model and technology. I did some searching on the web and found a discussion forum entry that seems to explain it all. This is not an official OpenTable communication, so it may not be perfectly accurate, but it seems reasonable.

"I use OpenTable at work, so I can explain it pretty well. I believe the restaurant pays a flat rate per person, and that rate is higher for an online reservation versus a reservation taken in person or over the phone. The "high point" (a kind of coupon) reservations are actually for restaurants that want to fill tables at off-peak hours. I would imagine that these reservations are going to cost the restaurant significantly more than a normal reservation, which is why these are generally seen only at higher end restaurants.

There isn't a certain number of tables that can be booked only through OpenTable. When I make a reservation for someone over the phone, I use an interface quite similar to the one that you use online. The difference is that I can look through the whole book and decide that we can fit in another table at 7:30. So, if you look online and don't see the time slot you want, you can always call the restaurant to see if you can get a table at your desired time.

We can also take notes about your reservation (birthday, anniversary, wants a booth, needs a high chair, et cetera), and also keep permanent notes on each guest (prefers a certain waiter, always gets Fiji water, VIP, etc.). When you put a comment in online, it automatically shows up in our reservation notes. Along with that information, we also see if it's your first time at the restaurant, and if you have OpenTable VIP status."

A web-based, software as a service that supports restaurant and customer workflow. That's cool!

Reacting to Controversy

I've written several posts about the need for civility, good karma, and a thoughtful process for every issue.

I have to react to negativity several times each day. As I review my email, I read numerous reports of challenges, frustration, and dissatisfaction. It's an expected part of being a senior leader in large, complex organizations and being a CIO.

Some of these emails have a controversial he said/she said character.

Responding to them requires tact and diplomacy. I want to support and protect my staff but also want to ensure we improve our processes in the interest of continuous quality improvement.

Recently, I read an article about the Shirley Sherrod case by Steve Adubato, who speaks and coaches on leadership and communication. His observations mirror many of the lessons I've learned when reacting to controversy.

*Don’t be so quick to judge if you haven’t heard the entire story.

*Due diligence is critical when it comes to communication.

*Realize how dangerous it is to assume.

*Get the whole message.

As my due diligence progresses, I find that many emails have the quality of Roseanne Roseannadanna (for you 1978-1980 Saturday Night Live Fans).

People misrepresent the facts, distort the truth to suit their own ends, and highlight events that are in their self interest and not the greater good.

It's really important to check out the facts from multiple stakeholders before drawing a conclusion.

It's really important to pick up the phone and talk through the issues, listening and taking an active interest in all sides of the story.

It's really important to suggest next steps, assign accountability, and deliver on your promises.

Understanding the facts, having a dialog, and meeting expectations for followup resolves most conflicts.

As with the Sherrod case, once you know the whole story, most controversies are not what they seem.

Commercial HIE Products

Recently at the Massachusetts Health Information Exchange (HIE) Ad Hoc Workgroup we made a list of the 7 services we intend to support in 2011 (Routing, Directories, Certificate management, Vocabularies, Population Health Aggregation, Quality Registries, and Consent) then we created a matrix of solution providers. HIE is an evolving market and I'm convinced that the next year will bring many new entrants. They key will be separating fact from fiction i.e. running software from powerpoint demonstrations. Here are a few thoughts from at the services list.

Routing - In Massachusetts we believe that machine to machine, EHR to EHR, and hub to hub routing is preferable to web-based portals since it ensures the workflow of health information exchanges happens inside the software that clinicians are using to deliver care. There are few machine to machine routing products available in the marketplace. Vendors offering general HIE products include Medicity, Axolotl, RelayHealth, Covisint, Epic, eClinicalWorks, GE, Orion, Medplus, Medseek, CareFx, Intersystems, Microsoft, dbMotion, HealthUnity and Patientkeeper. Of these I know of machine to machine solutions offered by Covisint, Epic, eClinicalWorks, General Electric, Orion, and Intersystems. Verizon is a new entrant and Ingenix is rumored to be preparing an offering. Surescripts offers medication routing and may be expanding into other areas.

Directories - an index of payers, providers, and public health entities is needed as part of routing to direct transactions to the right trading partner. I have yet to find a provider with a standards based (LDAP) or RESTful API for directory query and update. However, there are many sources of provider address data such as the Council for Affordable Quality Healthcare (CAQH).

Certificate Management - Public Key Infrastructure for organizations and providers is key to secure the endpoints in routing transactions. Providers of certificates and management tools include Verisign and Covisint, which has done work for the American Medical Association.

Vocabularies - the Federal Government is the major provider of vocabularies and code sets curated by the National Library of Medicine or licensed from Standards Development organizations.

Population Health Aggregation - There are existing public sector aggregators of data at the Federal (CDC), State (Department of Public Health) and City (local health departments) level. At the moment, I am unaware of commercial companies providing this functionality.

Quality Registries - Companies like Ingenix, and Healthcare Data Services offer aggregation of financial data. Community-wide repositories and specialty specific registries for quality reporting are an evolving marketplace largely comprised of self-built solutions.

Consent Management - Supporting patient controlled consent for health information exchange is key to building trust. There are a few emerging companies, including Private Access.

I welcome comments on other emerging companies in this space and experiences you have had with real world implementations of their products.

Troubleshooting Technology Problems

I recently joined my team while troubleshooting a complex infrastructure problem affecting our community EHR hosting private cloud.

From years of experience doing this, here are my lessons learned.

1. Once the problem is identified, the first step is to ascertain the scope. Call the users to determine what they are experiencing. Test the application or infrastructure yourself. Do not trust the monitoring tools if they indicate all is well but the users are complaining.

2. If the scope of the outage is large and the root cause is unknown, raise alarm bells early. It's far better to make an early all hands intervention with occasional false alarms than to intervene too late and have an extended outage because of a slow response.

3. Bring visibility to the process by having hourly updates, frequent bridge calls, and multiple eyes on the problem. Sometimes technical people become so focused they they do not have a sense of the time passing or insight into what they do not know. A multi-disciplinary approach with pre-determined progress reports prevents working in isolation and the pursuit of solutions that are unlikely to succeed.

4. Although frequent progress reports are important, you must allow the technical people to do their work. Senior management feels a great deal of pressure to resolve the situation. However, if 90% of the incident response effort is spent informing senior management and managing hovering stakeholders, then the heads down work to resolve the problem cannot get done.

5. Remember Occam's Razor that the simplest explanation is usually the correct one. In our recent incident all the evidence pointed to a malfunctioning firewall component. However all vendor testing and diagnostics indicated the firewall was functioning perfectly. Some hypothesized we had a very specific denial of service of attack. Others suggested a failure of windows networking components within the operating systems of the servers. Others thought we had an unusual virus attack. We removed the firewall from the network and everything came back up instantly. It's generally true that complex problems can be explained by a single simple failure.

6. It's very important to set deadlines in the response plan to avoid the "just one more hour and we'll solve it" problem. This is especially true if the outage is the result of a planned infrastructure change. Set a backout deadline and stick to it. Just as when I climb/hike, I set a point to turn around. Summiting is optional, but returning to the car is mandatory. Setting milestones for changes in course and sticking to your plan regardless of emotion is key.

7. Over communicate to the users. Most stakeholders are willing to tolerate downtime if you explain the actions being taken to restore service. Senior management needs to show their commitment, presence, and leadership of the incident.

8. Do not let pride get in the way. It's hard to admit mistakes and challenging to acknowledge what you do not know. There should be no blame or finger pointing during an outage resolution. After action debriefs can examine the root cause and suggest process changes to prevent outages in the future. Focus on getting the users back up rather than maintaining your ego.

9. Do not declare victory prematurely. It's tempting to assume the problem has been fixed and tell the users all is well. I recommend at least 24 hours of uninterrupted service under full user load before declaring victory.

10. Overall, IT leaders should focus on their trajectory not their day to day position. Outages can bring many emotions - fear for your job, anxiety about your reputation, sadness for the impact on the user community. Realize that time heals all and that individual outage incidents will be forgotten. By taking a long view of continuous quality improvement and evolution of functionality rather than being paralyzed by short term outage incidents, you will succeed over time.

Outages are painful, but they can bring people together. They can build trust, foster communication, and improve processes by testing downtime plans in a real world scenario. The result of our recent incident was a better plan for the future, improved infrastructure, and a universal understanding of the network design among the entire team - an excellent long term outcome. I apologized to all the users for a very complex firewall failure and we've moved on to the next challenge, regaining the trust of our stakeholders and enhancing clinical care with secure, reliable, and robust infrastructure.

Electronic Infrastructure for The Learning Healthcare System

On July 27 and 28, the Institute of Medicine hosted a workshop series, Electronic Infrastructure for the Learning Healthcare System: The Road to Continuous Improvement in Health and Healthcare, sponsored by ONC. Here's the agenda and the presentation materials.

The attendees included an amazing array of informaticians, professors, policymakers, scientists, and industry leaders.

I had the opportunity to serve as a panelist for Session 2: Technical strategies: Data Input, Access, Use and Beyond as well as to moderate Session 7: Perspectives on Innovation.

Here are few highlights from those sessions.

Technical strategies: Data Input, Access, Use and Beyond

Doug Fridsma (ONC) - We need a standards and interoperability framework that ensures accountability across the continuum of standards activities from business driven requirements to standards harmonization to implementation specifications to reference implementations to testing to certification. The National Information Exchange Model (NIEM) plus 10 RFPs from ONC will accomplish this. The RFP contractor selections will be announced in a few weeks.

Rebecca Kush (CDISC) - Re-use of data for multiple purposes is key. Rather than thinking of clinical research as a secondary use, we should put syntactic, semantic, and process interoperability in place with appropriate metadata and consent to facilitate data reuse for research with patient permission.

Jonathan Silverstein (University of Chicago) - Clouds are equivalent to remote hosting. Grids are equivalent to federated services. We should outsource complex and mundane tasks to cloud-based grid services providers to enable developers to focus on innovative functional modules.

Shaun Grannis (Regenstrief Institute) - The most important aspects of health information exchange are governance, value sets/mapping, and reassurance/trust in the community. Standards and use cases are not enough.

My summary of the five most important technical strategies for health information exchange:

1. There must be a business case for health information exchange. Meaningful use provides such a business case because stimulus funding depends upon it.

2. Policies must be developed in parallel with technology to build trust for health information exchange among stakeholders.

3. Standards for consent, vocabulary and especially transmission are a pre-requisite for interoperability

4. There is a need for metadata describing the source of data, where in the workflow it was captured, and who captured it.

5. Persistant consent controlled by the patient will enable data reuse as long as good metadata is included during health information exchange to enable opt-in release of selected data for a particular purpose by stakeholders in specific roles.

Perspectives on Innovation

Daniel Friedman (Public Health Informatics Institute) - There are no good data sources for functional status/well being. We need creative informatics solutions to bring together data from disparate sources to support novel applications for population health.

Molly Coye (Public Health Institute) - We need decision support, comparative effectiveness data, telehealth to connect patients/providers, and cloud/grid computing services.

Michael Liebhold (Institute of the Future) - We need "event driven medicine" that combines data just in time to offer decision support to providers. Resource Description Framework (RDF) subject/predicate/object syntax provides us with a toolset to bring semantic interoperability to the web.

Matthew Holt (Health 2.0) - We need navigators/advocates for patients. Social networks are powerful ways to bring together patients, providers, and payers.

My summary of the five most important technical strategies for innovation.

1. Decision support service providers in the cloud will become increasingly important.

2. Novel sources of data including patient sourced data will enable innovative approaches to population health.

3. Event Driven Medicine will enable us to turn data into information, knowledge and wisdom.

4. Social Networking applications are more than just a idle chat. They connect intellectual property, people, and ideas.

5. Identity management - figuring out how to uniquely identify patients and those who need to access data is key to innovative applications.

A great conference. I look forward to the next workshops and the IOM book that will result.