10/16/00
E-Health: Deploying Internet Technologies
Patty Thierry, MBA, RHIA, CCS
Thank you to Advance Magazine for permission to use this article

The Internet has the potential to profoundly change relationships between patients, providers and payers. Payers and providers will use Internet technologies to improve the quality of service delivered to health care consumers. Consumers will use the Internet to actively manage their health and that of their family. Health information management (HIM) professionals have a unique opportunity to experience the e-health revolution from two aspects: 1) As consumers of health care and; 2) As employees of health care entities who deploy Internet technologies. Being aware of e-health Web sites and the security and privacy they implement are prerequisites for being empowered health care consumers and keeping HIM professional skills and knowledge current.

Keeping an Eye on E-Health
In May 2000, the First Consulting Group (FCG) released a report titled "Where Will the Road to E-Health Lead?"¹ This report identifies 10 e-health trends, which if actualized will transform the delivery of health care services. (For details, please refer to the report at www.fcg.com). An interesting trend identified by FCG includes the growing lack of trust between consumers and physicians and consumers and payers. There is evidence, however, that physicians and health plans are beginning to build "Internet communities" in anticipation of winning the trust of consumers. These providers and payers have realized early on that consumers will want to affiliate with an Internet entity that represents their interests. Let's take a look at two examples of how providers and payers are implementing e-health strategies:

Case Study: Medical Society Technology Cooperative
Earlier this year, a consortium of 12 health care associations joined forces with industry sponsors to design a powerful Internet communications platform. "When completed, this platform will connect professional associations with their members, health care providers with their peers, and health care providers with their patients," stated Bill Sheridan, chief technology officer of the American Osteopathic Association (AOA). The AOA represents more than 30,000 osteopathic physicians and is the largest member of the cooperative. "The base product is a commercial quality Web site for each association member with utilities to permit patients to access focused health care information as well as send and receive secure e-mail with their physician. The preliminary rollout of this solution is scheduled for the last quarter of this year," Sheridan stated.

An Internet initiative of this scope requires thinking on a large scale. Triple redundancy has been designed with three host servers distributed in different locations. These servers are mirrored locally and synchronized across all three sites to reduce the risk of loss of data or services. Each association is gearing up to meet the role of populating these sites with high quality content to meet the information needs of their members and their patients. This content will range from medical journal articles for the physician to self-help and educational materials for patients about their health issues.

Beyond the obvious content issues, the complete vision of this platform requires a dependable and secure electronic mail utility. The requirement for secure electronic mail operations led to a unique design. This design uses server-based encryption for messages sent to the physician from a patient or from a patient to their physician. The solution includes creating a firewall around the server that requires both the physician and their patient to have an ID and password as well as any third-party e-mail account.

The patient logs into the physician's Web site to send an e-mail message. When they send the message, it never leaves the controlled environment of the server. Instead, the server spawns a non-encrypted e-mail message to the physician's personal e-mail box stating that a patient message has been received...please log into the server to recover the message. When the physician responds to the question, the response is stored within the server and another e-mail message is spawned to the originating patient stating his response has been delivered to the server...please return to the physician's Web site to view the response. Both the physician and patient connect to their messages using the same host site and a standard encryption utility, and no sensitive information passes unencrypted onto the open Internet. A statement is made to the patient at the start of every message that electronic mail is not for use in an emergency. Normal non-emergency communications between the physician and the patient include: reinforcement of topics discussed in person, requests for prescription refills, appointment reminders, insurance questions and routine follow-up inquiries.

Case Study: Blue Cross & Blue Shield of Michigan
Earlier this month, 3.1 million adult members of Blue Cross & Blue Shield of Michigan were mailed usernames so that they can access www.personalpath.com. PersonalPath Systems Inc., based in New Jersey, signed a five-year agreement with the Chicago-based Blue Cross and Blue Shield Association to offer services to their member associations.² PersonalPath.com's features include: 100+ disease guides, disease risk assessment, personal health record, and hospital ratings and statistics. The site also includes a local health care calendar regarding education and service events, information about medications and various reference materials. A support forum is available for members with similar interests and concerns.

This is a wonderful example of what a payer is doing to retain members and show concern for keeping them well. PersonalPath .com provides a personalized experience for members and uses strict privacy and security methods. The agreement PersonalPath.com has with Blue Cross includes using claims data to personalize a member's experience. For example if a member is diabetic, when they log on to the Web site with the proper authentication, they will receive the latest information on diabetes as well as other information customized to their health issues. Members have the option of turning off the claims tracking feature if they desire.

Blue Cross and PersonalPath.com have taken privacy very seriously as evidenced by their privacy infrastructure. To protect patient privacy, Blue Cross does not send any patient identifiable data to PersonalPath.com. In fact, Blue Cross splits its data and sends it to two separate companies. All personal data, such as name, are sent to a company called Internet Privacy Solutions Inc. Blue Cross sends claims data to PersonalPath.com. The claims data contains ICD-9-CM codes and no patient identifiable data. Once a member registers on the site, both PersonalPath.com and Internet Privacy Solutions notify a third company who assigns a verification number. The verification is then matched to claims data and activates the personalization feature.

Learning Plan
As you can see from the above case studies, e-health is upon us! And these are just two examples. There are many more exiting changes occurring daily. Here are some suggested steps you can take to stay informed:

1. Read FCG's report "Where will the Road to E-Health Lead?" You can find this report at www.fcg.com.
2. Familiarize yourself with the "Operational Tenets for Protecting Privacy and Ensuring the Quality of Personal Health Information on the Internet" produced by AHIMA (www.ahima.org).
3. Visit e-health sites (an Internet search on e-health will produce plenty of reading). Check out popular sites such as www.Dr.Koop .com; www.webMD.com, www.medscape.com.
4. Get involved with e-health initiatives within your local HIM association.
5. Understand your employer's vision for deploying Internet tools and determine where you can offer your expertise...and then offer it!

References:

1. McGoldrick, C. and O'Dell , S. Where Will the Road to E-Health Lead? First Reports, May 2000, First Consulting Group.

2. Bennet, J. Blue Cross Offers Web Site for Insured. PersonalPath Will Give Customized Data; Sept. 29, 2000, Detroit Free Press.

Patty Thierry is chief information officer (CIO) at Care Communica-tions Inc., Chicago. She can be contacted via e-mail at pthierry@care-communications.com.