Dr Haikerwal, head of the National E-Health Transition Authority's clinical leads program, says a more integrated approach is needed if the community is to gain improved patient care and cost savings from e-health programs.
"To reap the benefits, the role of NEHTA must be matched with a national implementation arm with the ability to co-ordinate across the states, and across the myriad private providers that administer the bulk of healthcare to Australians," Dr Haikerwal said. "With the rubber now set to hit the health superhighway, health professionals urgently need technical capacity and expert guidance to ensure clinical relevance, utility, safety and acceptability of e-health systems."
NEHTA was established in January 2004 as a joint federal-state not-for-profit entity intended to deliver a nationwide health IT infrastructure.
Since it began operating in July 2005, NEHTA has made limited progress in achieving its goals, despite spending around $164,000 a day on its activities.
In the latest Medical Journal of Australia, Dr Haikerwal and Christopher Pearce, a GP and NEHTA clinical lead, say implementation of differing, incompatible systems within and between hospitals “compounds a dire lack of national co-ordination of effort”.
“Government programs underestimate the costs of change management and the need for training and technology,” Dr Haikerwal said. “Confusion reigns about responsibilities, but governments must ensure connectivity between healthcare providers and recognise that benefits will accrue into the future.”
While general practitioners are highly computerised, “creating the largest electronic database of clinical information in the country”, there is no mechanism for GPs to securely share patient information.
"This is despite the Practice Incentive Program e-health initiative encouraging the use of public key infrastructure (PKI) to encrypt information," Dr Haikerwal said. "It's a veritable superhighway to nowhere."
Last month, Health Minister Nicola Roxon brushed off claims that key protections were not yet in place for the Healthcare Identifiers service, which went live in July.
The Audit Office found GPs had been paid $83 million in the past year to use a messaging standard that did not exist, and the Medicare digital certificates issued to doctors could not be used to authenticate messages or access to patient data.
Ms Roxon's spokeswoman told The Australian it was incorrect to suggest audit trail capacity did not exist. "While originally designed for (business) communication with Medicare, its PKI is appropriate to encrypt messages and provide the required level of security," she said. "There are already 17,000 Medicare certificates in use, and this supports the tough penalties in the legislation (for misuse of HI information)."
Earlier this year, Dr Haikerwal told a Senate inquiry into the HI bill that doctor-patient confidentiality would be enhanced by the promised safeguards.
In a NEHTA press release in January, Dr Haikerwal said the system was designed so that "health professionals will have to be authenticated prior" to accessing it.
"There is also a very strict audit trail so that any individual can know that someone has accessed their record in the system,'' he said.
But NEHTA's Certificates and Secure Message Delivery (SMD) document released last week makes no reference at all to using Medicare's individual practitioner certificates.
Instead, it warns that the Medicare location certificates for healthcare organisations do not meet all of the SMD standard requirements, as they cannot be used for server authentication or WS-Security signing and encryption. As well, location certificates identify owners via their name and a Medicare-issued internal number, "which is not suitable for use as a healthcare organisation identifier".
"It should be noted that Medicare's policy currently does not support the use of these certificates for any purpose other than communicating with Medicare for claiming purposes," the paper says. "National Authentication Service for Health (NASH) certificates will (in future) identify organisations using their HI identifier. When they become available it will be possible to use a single certificate for SMD.
"In the interim, secure messaging can be deployed using a combination of certificates.
"Deployments will need to address the deficiencies of these interim certificates - they will need to establish an agreement about which issuers are mutually trusted, how health organisations are identified, and how that identifier relates to the certificate.''
However, NEHTA only released a tender for the entire design and build of the NASH smartcard and PKI user authentication system last month.
The whole infrastructure is supposed to be operational by mid-2012, to support the start of the Labor government's promised $467m personally-controlled e-health record (PCEHR) system.
Meanwhile, Dr Haikerwal and Dr Pearce warn that the "multiplicity of funding streams, jurisdictions and the lack of an implementation strategy" have combined to slow e-health progress. "Any individual area can hide behind the ‘it’s not my problem’ defence.”
“For instance, PCEHR funding resides with the federal government, and not NEHTA,” they say. “What role the states will play and now to integrate the exchange of health information are unclear.”
The authors say hospitals lack infrastructure, and historical underfunding of IT.
---
Autor(en)/Author(s): Karen Dearne
Quelle/Source: Australian IT, 05.10.2010
Bitte besuchen Sie/Please visit:
