Barriers to EHR Implementation

You have been selected to be the project manager for a DOH project with the task of implementing a national EHR that all government hospitals will implement.  Select at least three barriers to EHR implementation from the article that you believe to be the most important ones that might adversely affect your implementation. Explain and provide supporting cases/articles/information.

The scenario above is what we have been tasked to discuss in this blog. This article was provided as a reference. As a disclaimer (for new readers out there), my only experiences working in a government hospital were the following: as a student nurse in Philippine General Hospital (3 years), as a junior OB intern in EAMC (1 month), and as a senior Pediatrics intern at Taguig-Pateros District Hospital (2 weeks). My PGH stint is the longest, although that we were only on duty for certain weeks of the school year. I have not encountered any type of EHR in any of those settings. I have, however, personal experience working with an EMR for the past 21 months the private multinational company I’m currently employed in. In addressing the scenario above, I will take both into consideration my experience, albeit limited, in EMR deployment in a private setup and how I think that would apply to the public hospital scenario, as well as from articles or personal stories I have come across.

In the article by Boonstra and Broekhuis (2010), they did a systematic review of journals exploring the barriers to the acceptance of electronic medical records by physicians. They identified 8 main categories, namely: financial, technical, time, psychological, social, legal, organization, and change process. The first three were considered as the primary barriers – those that are first to arise when physicians are faced with EMRs, while the latter five were considered as secondary barriers – occasionally subconscious, beneath the surface, and so not immediately mentioned. 

In a setup where a national EHR will be implemented, I think that the 3 top barriers to implementation will also be the primary barriers the article mentioned. First is the financial aspect of implementation. It could be assumed that since I was already tasked to implement a national EHR, then there already is a budget for this initiative. The health information system itself may be costly, but equally costly is the actual rollout of the EHR. Since the Philippines is an archipelago, the deployment of the EHR especially in geographically-disadvantaged areas can be costly, taking into consideration not just the HIS but the deployment of hardware, ensuring that internet connection is available, and capacity-building of the users. If the RxBox has taken more than a decade for it to be deployed in different parts of the Philippines, then the national EHR may take years as well.

The technical and times aspects of the EHR implementation, to me, are the most challenging of all. Even in my current setup, where an EMR has been deployed in the different business units (countries) where our company operates in, these prove to be the biggest hindrances and they go hand in hand. I could say that the other aspects of the EMR implementation in our company – change process, financial, social, legal – were not much of a problem. The technical and time parts, however, were the main barriers. Most users of our EMR were doctors and nurses aged 30 and above and those who were not previously exposed to any type of EMR. The capacity-building for said users is taking years (since the rollout is still ongoing). Of the users I have talked to, the physicians were the most resistant. While all of them were computer-literate, use of the EMR required a different set of skills that they had to learn. Not much time can be dedicated just for learning the system since the operations are continuous and there are constant deliverables that could not be delayed. A common concern as well was the increased time it took to enter data into the system. If paper charts took an average of 5 minutes to be completed, data entry into the EMR took at least twice as much time, sometimes even longer especially during the initial phases of the EMR implementation when users.

Related to the concerns above is the complexity of the system. One of the identified reasons why it was taking a long time to learn how to use the EMR was its complexity. This is because despite all of us working in the same company, the health needs of each business unit (country) are different. We have upstream, midstream, downstream, shipping, and shared services, and the processes of one group are not the same with the others. In an attempt to create an EMR that encompasses the needs of all stakeholders, the end product was an EMR that seemed overwhelming to use. The corporate support team has since tried to address the issue, but the current version that we have could still use some major improvement.

Based on those experiences, I also anticipate that similar issues will be encountered with implementation of a national EHR. Majority of public hospitals in the Philippines still employ paper-based systems. While the newer generation of health professionals are more tech-savvy and are mostly computer-literates, the older generation aren’t necessarily so. This will present as the challenge during capacity-building of the end-users. As it is, health care personnel in our government hospitals, especially the tertiary ones, have a lot on their plate (with nurse-to-patient ratio as high as 1:40, even worse for physicians). There is little time to learn the new system, and even much lesser time to use it if it means that using the new system will mean more needing more time for documentation. In addition, the workflow of government hospitals should be carefully studied as well. The same way that different business units in our company do things a little bit differently (aside from the core processes), the same is expected of the different government hospitals. A basic version may be deployed, but there should be options to customize some functionalities depending on the needs of the hospital. An EHR that is not congruent with the workflow of the users will encounter more resistance during implementation, and will not be maximized fully by the staff.

Aside from those mentioned above, I think that one of the legal aspects that is a big concern not just to the physicians but to the patients themselves is the security of data. I remember the #ComeLEAK issue in 2016 where voters’ data was hacked and reportedly later sold to the black market. It was regarded as “the worst recorded breach on a government-held personal database in the world”. Reports in 2017 revealed that the IP address was traced to the NBI. This incident then begs the question – how safe are our data? A computerized database on health will also mean that the data will be susceptible to hacks such as the Comeleak. Similar concerns on security were likewise raised with the proposed national ID system. More than convincing the users of the EHR that the data will remain secure, it is ultimately the patients – the Filipino people – that will have to be assured that their sensitive personal data will not be compromised.

Two critical targets of the Philippine eHealth Strategic Framework and Plan (2014-2020) of the DOH, under eHealth solutions, are implementation of an integrated health application or software compliance certification system and integration and harmonization of various electronic health record systems. Implementation of a national EHR, at least for government hospital, will working towards achieving these targets. While the barriers are to be expected, the ultimate goal is to improve the delivery of health care services to the Filipino people. If done right, this will usher us into a new era – a better era – of health service delivery, something which the Filipino people deserve.



HI 201 Journey – A Look Back

It has been a rollercoaster of a semester for me. I entered this course not fully understanding what I was getting myself into, but at the same time I was very hopeful that I would find my niche. And after 16 weeks of blogging and learning about the basics of this course, I can honestly say that I feel I belong here. I’m still struggling and I know there is still much to learn; however, I can now also see that there are so many opportunities for me in this field, opportunities which I am excited to explore.

Before moving on to the next semester, l’d like to look back at what has transpired over the last few months. Below are the highlights of each blog:

Week 2: Informatics, Global Health and eHealth
HI 201 - W2 Concept Map
Driving Question:
What is the relevance of informatics to global health and eHealth?

Highlights: Introduction to the very basic concepts which I had previously confused with. These concepts served as the foundation for this course.


Week 3: Health Informatics in the Philippines
HI 201 - W3 - Infographic
Driving Question:
How can we advance the field of health informatics in the Philippines?

Highlights:  I was honestly surprised when I discovered all the progress our country has had in terms of eHealth. It was my first introduction to RxBox, CHITS, and other local initiatives. Prior to this I was somehow pessimistic about the state of healthcare in the Philippines.



Week 4: Health Information Systems in Developing Countries
HI 201 - W4 - Mind Map Ver. 2
Driving Question:

How can health information systems be sustainable in developing countries?

Highlights: I was introduced to the concept of hybrids and learned about the ITPOSMO dimensions of health information system design-reality gap.


Week 5: Governance and Management in Health Informatics
Driving Question: 
Why are governance and management important in health informatics?

Highlights: I learned about the COBIT 5 business framework and how it relates to governance and management.



Week 6: Establishing the Philippine Health Information Exchange 
Driving Question: 
How can patients access their data from different healthcare providers as they transfer care?

Highlights: I learned more about the Philippine Health Information Exchange, which I thought was a very promising initiative and something which I hope I can actively get to be part of when I graduate this course.

Week 7: Enterprise Architecture in Healthcare
Driving Question: 
In a multistakeholder, multicomponent health information system, how can you ensure that all the players are doing their part?

Highlights: This assignment was a struggle for me and I had a difficult time understand what EA was, but I eventually got there! *happy dance*

Week 8: Electronic Health Records: Issues and Challenges
Driving Question: 
What are the issues and challenges in implementing electronic health records in primary care?

Highlights: This, for me, helped reinforced what I already knew about EMRs (not EHRs yet) since we are using one in the company I am working for.


Week 9: Personal Health Records
Driving Question: 
What features are considered critical or most useful by users of Personal Health Records?

Highlights: I was able to develop a scoring system for a PHR and use it to evaluate an app I bought from iTunes.


Week 10: Standards and Interoperability
Driving Question: 
How can healthcare institutions adopt standards to ensure interoperability?

Highlights: I learned about significance of standards and interoperability, and the role they will play in the successful implementation of the PHIE.


Week 11: Clinical Decision Support
chitsDriving Question: How can Clinical Decision Support Systems (CDSS) improve the quality of healthcare?

Highlights: Learning about the 10 commandments for CDSS was interesting for me. It was also fun trying to come up with a CDSS that can incorporated into CHITS, although it was challenging at the same time since I’m not really familiar with it.

Week 12: Knowledge Management and Information Retrieval
screen-shot-2016-11-28-at-12-12-25-amDriving Question: How can knowledge management improve access to healthcare research?
Highlights: I liked how the concepts above was explained. I used to mix up the concepts of data, information and knowledge. Answering this assignment also led me to the dengue vector eradication efforts in Pangasinan, which I thought was really interesting.

Week 13: Privacy, Confidentiality, Security and Trust
data-privacyDriving Question: What policies are in place to protect the Filipino patient’s privacy and confidentiality of health information?

Highlights: This assignment helped me educate myself further on the policies that were in place that protected the privacy rights of the Filipino patient. It was the perfect jumping board for the next blog, which had to do with the Data Privacy Act of 2012.

Week 14: Legal and Regulatory Issues in eHealth
Driving Question: 
Is the Data Privacy Act adequate to protect confidential health information?

Highlights: I have a couple of cousins who are lawyers, and it was enlightening discussing this Act with them. After reviewing this Act and its IRR, I have a couple of reservations as to how effectively this can be implemented. But I think it’s good that something like this exists, considering we are in the age where information and communication technologies are integral to the processes of many businesses, including healthcare.

Week 15: Telehealth
Driving Question: 
How can telehealth support healthcare delivery in the Philippines?

Highlights: I reviewed House Bill 4199 or the Telehealth Act of 2014 for this assignment. After reading the very comprehensive Data Privacy Act of 2012, I felt that this fell short in terms of comprehensiveness. I think this Act needs a lot of improvement before it can be implemented.

Week 16: mHealth

barriers_to_mobile_healthDriving Question: How can mobile applications be useful in primary care?

Highlights: I think that by the time I did this assignment, I was more or less convinced that my niche in health informatics is more of helping out the private sector, particularly the corporate world. While the general public, especially the underserved and the underprivileged need to be attended to, a population that also needs attention are the workers, especially those in the BPO or in similar industries. They present with unique health challenges, and this is what I would like to explore more in the future.

It was an incredible journey, indeed. I hope my blogs were informative enough. If you are medical student or an allied medical professional and you’re reading this, I hope I convinced you enough to give this field a shot. We need more like us!

As always, comments and questions are very much welcome. Leave them in the box below.


mHealth – How Can It Enhance Delivery of Care?

It’s the last blog (before the final paper)! *Does a happy dance.* For this final assignment, we will be talking about mobile applications. The question we were asked was…

“How can mobile applications be useful in primary care?”

We were tasked to propose an app idea for a primary health care scenario, and the app must not duplicate any application already available in the market.

Primary care, as defined by the American Academy of Family Physicians (n.d.), is “that care provided by physicians specifically trained for and skilled in comprehensive first contact and continuing care for persons with any undiagnosed sign, symptom, or health concern not limited by problem origin, organ system, or diagnosis. [It] includes health promotion, disease prevention, health maintenance, counseling, patient education, diagnosis and treatment of acute and chronic illnesses in a variety of health care settings (e.g., office, inpatient, critical care, long-term care, home care, day care, etc.).”

Mobile health or mHealth, on the other hand, is the use of mobile technology applications for healthcare (Qiang, et. al, 2012). It is a new and developing field with lots of untapped potential. The use of mobile phones has significantly skyrocketed starting the 2000s. Currently, there is an estimated 4.77 billion mobile phone users in the world (Statista, n.d.). Mobile phones have evolved from simply being a handy telephone to a more sophisticated device that can function similar to computers. It has allowed people easier access not only to their family, friends, or network of people but it has also afforded access to information that previously would have taken much effort to gather. It has shrunk the world (in a good way), and now information is at our fingertips.

How, then, can mobile phones improve the delivery of primary health care? For one, it has facilitated easier communication between healthcare professionals and patients. There are now more options on how to communicate, from email to call to messages. There are even applications on smartphones that allow free video calls, voice calls, or messages as long asscreen-shot-2016-12-11-at-3-10-46-pm a person has an internet connection. Many models of mobile phones are likewise equipped with cameras, which can be useful for documenting external conditions (e.g. skin problems). The messages can also be readily shared via several means. Aside from traditional uses, many applications have already been developed to aid in the collection and processing of health information. For example, iPhones have a built-in health app that could collect and monitor several health data. Data collection and analysis can be further enhanced by connecting it to other applications that supports the Apple Health App. These types of applications help in empowering patients to be more in charge of their health. On the other hand, healthcare professionals also benefit significantly from the use of mobile phones in healthcare. The same way patients gain increased access to information, so do the doctors. Knowledge from various sources like journals, clinical practice guidelines, etc. are now easier to get a hold of. Thousands of apps which enhance patient care are also present in the market. The CDC, for example, has applications on STDs, vaccination, and travel medicine which can help a healthcare professional make evidence-based decisions. Another advantage of mHealth is that it can reduce the cost of healthcare. By screen-shot-2016-12-11-at-8-11-06-pmimproving means of communication between HCP and patient, personal or face-to-face consultations can be reduced. A patient who needs monitoring may no longer need to be seen personally at frequent intervals if the monitoring can be done remotely. Continuity of care can also be enhanced by mHealth, because coordination of efforts among different providers can be done with mHealth. Better record-keeping is also made possible with mHealth, an advantage that is common with electronic processing systems. There are several other advantages of mHealth but the bottomline is better access and better delivery of health.

Like electronic medical records (EMRs) and electronic health records (EHRs), however, there are still many challenges when it comes to the use of mHealth. Since mHealth is a relatively young field, there are limited studies on their efficiency. Privacy issues are also present. Accountability and ownership of data is also an issue, especially since unlike EMRs and EHRs, mHealth is more accessible to patients. Standards and interoperability issues are also present, since mobile applications are not always interoperable and there are few standards on their creation and use. Nonetheless, there is much promise in this rapidly growing field. mHealth has much potential in terms of further improving the access and delivery to healthcare.

If I were to create an application for primary healthcare, I would develop something for my company’s use. I think that one of the best things about my company is the value we put on the health and safety of our employees. Aside from the primary care I deliver (with the clinic consultations), various health and wellness programs are in place that are either global initiatives or local initiatives. From what I know, developing an app for the company was already considered previously. However, it hasn’t been realized due to several concerns, particularly privacy and security of data that crosses transnational borders. But if I were to design the app and it would focus on health, it would have the following features:

  • Contains all medical and wellness offerings
    • Clinic
      • Option to schedule a consultation with available doctors (there are currently 3 in the company)
      • Option to schedule laboratory testing (since this is a service we can offer where employees can have some laboratory tests done in our own clinic)
    • Periodic medical examination (separate for employees and expatriates)
      • Schedules
      • Partner clinics
      • Guidelines
      • Results – to be reflected in app once they are available
    • Employee assistance program
      • Description/details of this employee benefit
      • Information on how to get in touch with the counselors
    • Vaccination
      • Calendar of vaccine offerings for the year
      • Information about the vaccines (locally adapted version of the Vaccine Information Statement from the CDC)
      • Guidelines – on how to sign-up, price, etc.
    • Wellness offerings
      • A calendar of activities to give an overview of the offerings
      • Description of the offerings, including the vendor or service provider we partnered with for the wellness offering
      • Sign-up option for activities
  • Feedback
    • Employees should be able to give feedback on the offerings clinic services and wellness offerings, as well as have the option to suggest activities which they would want us to offer

The idea is that the application will integrate all the services of the health and medical team, from the clinic services to all other health and wellness offerings. The mobile app should make it easier for employees to avail of the services, and more importantly to participate in health and wellness offerings. Features like notifications for new activities, sign-up options,  or reminders for due vaccinations will be part of the app. Ideally, the app should also be integrated to the EMR that we are currently using so that there are programs we can tailor fit to employees. For example, patients who are overweight may be targeted for our weight-loss initiatives, from learning sessions to gym memberships to in-house weight management activities. We also have a corporate program that include reporting of stress, and employees who scored high on those could be target for the stress-related initiatives that we have. The application should be able to generate reports, which we can then use to help evaluate how effective our activities are and give us an idea of the overall health of our employees. 

That is it for the last blog and assignment! What do you think? If you are working in a company, is the type of application I’m proposing (of course it has to be catered with what your company offers) attractive to you? Is it something that you’d use? As always, let me know in the comments below!



Telehealth – How Can It Change the Landscape of Health Care Delivery in the Philippines?

It’s the second to the last blog before the end of the semester. This week’s topic is all about telehealth. The question we were asked was…

How can telehealth support healthcare delivery in the Philippines?

To help answer this question, we were tasked to read and evaluate the Telehealth Act of 2014, and to suggest revisions, if any.

Telehealth, according to the Center for Connected Health Policy (n.d.) is “a collection of means or methods for enhancing health care, public health, and health education delivery and support using telecommunications technologies.” It is not a specific service but a term that describes the variety of technology and tactics to deliver virtual medical, health, and education services.

The practice of the use of telehealth services is more common in developed countries such as the US. In the Philippines, however, it is not as popular. Quite frankly, I finished nursing school and medical school without encountering a lecture on what it is and how it can be applied to our setting.

The Philippines is an archipelago composed of more than 7,600 islands. Our geography, while it has blessed us with incredible sights and natural wonders, has also made it more difficult for healthcare to be accessed and delivered. It is the same geography that constitutes the physical factors that characterize geographically isolated and disadvantaged areas or GIDAs. GIDAs are communities with marginalized population that are physically and socio-economically separated from mainstream society. They physical factors are mainly to geography and also includes difficult access due to weather conditions. Socio-economic factors, on the other hand, include high poverty incidence, presence of vulnerable sector, communities in or recovering from situation of crisis or armed conflict (Department of Health, n.d.).

With telehealth, the population that could potentially most benefit are those residing in GIDAs. The idea is that since they have difficulty access to healthcare, healthcare will be brought to them. This is one of the objectives of the Telehealth Act of 2014.

House Bill No. 4199, also known as the Telehealth Act of 2014, declares that “the State shall protect and promote right to health of the people and instill health consciousness among them. Henceforth, it is the intent of the Legislature to recognize the practice of telehealth as a legitimate means by which an individual may receive health care services from a health care provider without in-person contact with health provider. Telehealth or Telemedicine shall not be construed to alter the scope of practice of medicine or any health care provider or authorize delivery of health care services in a setting or in a manner not otherwise authorized by law.”

Aside from the objective I mentioned above, other objectives of this Bill are to reduce the costs, set standards and establish regulations regarding the field, and strengthen the health system and infrastructure.

There are 20 sections to this Act. I have chosen the following to evaluate.

Section 9. Database. – All telehealth center and originating sites shall coordinate with DOH for consolidation of pertinent databases. DOH shall maintain and manage a national database for consults on clinical cases as well as health and medical education exchanges. Considering how important documentation is especially for something like this, I feel as if this section is severely lacking.

Having read the comprehensive IRR of the Data Privacy Act of 2012 in the previous blog, this, to me, needs further details. At the very least, the basic contents of the database should be enumerated. I would like to know if there are other types of data that should be gathered/documented when a consultation is done via telehealth.

Section 16. Standard of care. – The standard of care is the same as regardless whether a health care provider provides health care services in person or by telemedicine. Telehealth or telemedicine shall not be construed to alter the scope of practice of medicine or any health care provider or authorize the delivery of health care services in a setting, or in a manner, not otherwise authorized by law. Telehealth shall not replace health care providers or relegate them less important role in the delivery of health care. The fundamental health care provider-patient can not only be preserved, but also augmented and enhanced. While I agree that the standard of care should be the same whether the consult is done in person or via telehealth, I think the Bill fails to capture the limitations on this type of service. Granted that the scope of medicine (or allied medical services) will not change in terms of what a doctor can do, it should also acknowledge that that the things a doctor cannot do. There  is a science to the practice of medicine (and other disciplines) that simply cannot be done via a video call or similar means. Section 5. Scope can be elaborated further to include limitations. Or limitations could be in a whole new section together, and in that section include what can and cannot be penalized. The way I see this Bill so far is that it is not healthcare provider-friendly. The providers are not protected the same way the patients are.

Overall, a good portion of the Bill, in my opinion, needs further refinement apart from the 2 sections I stated above. But the fact that it exists is promising, as this legitimizes the practice of telehealth (or telemedicine). This field will open up a lot of opportunities especially for patients and will help in positively changing the landscape of healthcare delivery to the Filipinos.

Have you read the Telehealth Act of 2014? What do you think? How open are you to the idea of using telehealth services? How do you think will that impact the way we practice medicine in the Philippines? Let me know in the comments below.



Privacy and Confidentiality – What Policies Are In Place?

We are nearing the end of the semester. For this blog, I am going to talk about privacy and confidentiality. The driving question we were asked was:

What policies are in place to protect the Filipino patient’s privacy and confidentiality of health information?

Additionally, we were tasked to pick a hospital evaluate their document on privacy and confidentiality, if they had any.

As always, let’s define a couple of things first.

Merriam-Webster (n.d) defines privacy as “freedom from unauthorized intrusion.” As a constitutional right, it refers to “to make certain crucial decisions regarding their well-being without government coercion, intimidation, or interference (West’s Encyclopedia of American Law, 2008).”

Confidentiality, on the other hand, is defined as the “nondisclosure of information except to another person” (Mosby’s Medical Dictionary, 2009). In healthcare, it is often referred to the “principle in medical ethics that the information a patient reveals toa  health care provider is private and has limits on how and when it can be disclosed to a third party” (Dorland’s Medical Dictionary for Health Consumers, 2007).

In the Philippines, there are several policies in place which protects the Filipino patient’s privacy and confidentiality. Under the Bill of Rights in the 1987 Constitution (Official Gazette, n.d.), the right to privacy is declared under Section 3, where it states that “the privacy of communication and correspondence shall be inviolable except upon lawful order of the court, or when public safety or order requires otherwise, as prescribed by law.” There are additional laws that expound on and further protect this right, specific to privacy and confidentiality of health-related information. The table below is adapted from the paper of Antonio, Patdu and Marcelo (2013) on Health Information Privacy in the Philippines: Trends and Challenges in Privacy and Practice. It includes excerpts on the statutes and rules of court and administrative rules pertaining to the patient’s right to privacy in relation to the healthcare system.

The Medical Act of 1959

Republic Act No. 2382

(June 20, 1959)

Section 24. Grounds for reprimand, suspension or revocation of registration certificate. Any of the following shall be sufficient ground for reprimanding a physician, or for suspending or revoking a certificate of registration as physician:

(12) Violation of any provision of the Code of Ethics as approved by the Philippine Medical Association.

Philippine AIDS Prevention and Control Act of 1998

Republic Act No. 8504

(February 13,1998)

Section 2. (b) (1) The State shall extend to every person suspected or known to be infected with HIV/AIDS full protection of his/her human rights and civil liberties. Towards this end, the right of privacy of individuals with HIV shall be guaranteed.

Section 3. (n) Medical Confidentiality – refers to the relationship of trust and confidence created or existing between a patient or a person with HIV and his attending physician, consulting medical specialist, nurse, medical technologist and all other health workers or personnel involved in any counselling, testing or professional care of the former; it also applies to any person who, in any official capacity, has acquired or may have acquired such confidential information

Section 30, Article VI: Medical Confidentiality. – All health professionals, medical instructors, workers, employers,recruitment agencies, insurance companies, data encoders, and other custodians of any medical record, file, data, or test results are directed to strictly observe confidentiality in the handling of all medical information, particularly the identity and status of persons with HIV.

Section 31, Article VI: Exceptions to the Mandate of Confidentiality

Medical confidentiality shall not be considered breached in the following cases:

(a) when complying with reportorial requirements in conjunction with the AIDSWATCH programs provided in Section 27 of this Act;

(b) when informing other health workers directly involved or about to be involved in the treatment or care of a person with HIV/AIDS: Provided, That such treatment or care carry the risk of HIV transmission: Provided, further, That such workers shall be obliged to maintain the shared medical confidentiality;

(c) when responding to a subpoena duces tecum and subpoena ad testificandum issued by a Court with jurisdiction over a legal proceeding where the main issue is the HIV status of an individual: Provided, That the confidential medical record shall be properly sealed by its lawful custodian after being double-checked for accuracy by the head of the office or department, hand delivered and personally opened by the judge: Provided, further, That the judicial proceedings be held in executive session.


Dangerous Drugs Act of 2002

Republic Act No. 9165

(June 7, 2002)

Section 36. Authorized Drug Testing. The following shall be subjected to undergo drug testing:

(a) Applicants for driver’s license.

(b) Applicants for firearm’s license and for permit to carry firearms outside of residence.

(c) Students of secondary and tertiary schools.

(d) Officers and employees of public and private offices.

(e) Officers and members of the military, police and other law enforcement agencies.

(f) All persons charged before the prosecutor’s office with a criminal offense having an imposable penalty of imprisonment of not less than six (6) years and one (1) day shall have to undergo a mandatory drug test; and

(g) All candidates for public office whether appointed or elected both in the national or local government shall undergo a mandatory drug test.

Section 40. Records Required for Transactions on Dangerous Drug and Precursors and Essential Chemicals.

(a) Every pharmacist dealing in dangerous drugs and/or controlled precursors and essential chemicals shall maintain and keep an original record of sales, purchases, acquisitions and deliveries of dangerous drugs,

Section 60. Confidentiality of Records Under the Voluntary Submission Program. – Judicial and medical records of drug dependents under the voluntary submission program shall be confidential and shall not be used against him for any purpose, except to determine how many times, by himself/herself or through his/her parent, spouse, guardian or relative within the fourth degree of consanguinity or affinity, he/she voluntarily submitted himself/herself for confinement,treatment and rehabilitation or has been committed to a Center under this program.

Section 64. Confidentiality of Records Under the Compulsory Submission Program. – The records of a drug dependent who was rehabilitated and discharged from the Center under the compulsory submission program, or who was charged for violation of Section 15 of this Act, shall be covered by Section 60 of this Act. However, the records of a drug dependent who was not rehabilitated, or who escaped but did not surrender himself/herself within the prescribed period, shall be forwarded to the court and their use shall be determined by the court, taking into consideration public interest and the welfare of the drug dependent.

Anti-Violence Against Women and Their Children Act of 2004 Republic Act No. 9262

(March 8, 2004)

Section 44. Confidentiality. – All records pertaining to cases of violence against women and their children including those in the barangay shall be confidential and all public officers and employees and public or private clinics to hospitals shall respect the right to privacy of the victim.
Revised Rules of Evidence, Rules of Court

(March 14, 1989)

Section 24 (c), Rule 128: Disqualification by reason of privileged communication. The following persons cannot testify as to matters learned in confidence in the following cases: A person authorized to practice medicine, surgery or obstetrics cannot in a civil case, without the consent of the patient, be examined as to any advice or treatment given by him or any information which he may have acquired in attending such patient in a professional capacity, which information was necessary to enable him to act in capacity, and which would blacken the reputation of the patient.
Department of Health Guidelines in the Planning and Design of a Hospital and other Health Facilities (2004) Auditory and Visual Privacy

A hospital and other health facilities shall observe acceptable sound level and adequate visual seclusion to achieve the acoustical and privacy requirements in designated areas allowing the unhampered conduct of activities.

Philippine Health Insurance Corporation Benchbook Self-Assessment and Accreditation Process Manual 3.b.1 Standard: The organization documents and follows policies and procedures for addressing patients’ needs for confidentiality, privacy, security, religious counseling and communication.

Criteria: The hospital systematically determines, monitors and improves the extent to which patients’ needs for confidentiality, privacy, security, counseling and communication are addressed.

1.5.b.1 Standard: The organization’s personnel discharge their functions according to codes of ethical behavior and other relevant professional and statutory standards.

Criteria: The organization identifies and monitors personnel compliance with the code of ethics relevant to their respective disciplines.

Note: Some clauses were edited for length. Violations for the policies were no longer included in the text.

Aside from the laws stated above, we also have the Data Privacy Act of 2012. Under Section 2. Declaration of Policy, it states that “It is the policy of the State to protect the fundamental human right of privacy, of communication while ensuring free flow of information to promote innovation and growth. The State recognizes the vital role of information and communications technology in nation-building and its inherent obligation to ensure that personal information in information and communications systems in the government and in the private sector are secured and protected (Official Gazette, 2012).” Its implementing rules and regulations were released in August 2016, and there are clauses there that also pertain to privacy of health information. This Act will be discussed further in the next blog.

Now that we are aware of some of the policies that are in place to protect the Filipino patient’s privacy and confidentiality of health information, let us proceed to answering the task.

Unfortunately, I was not able to secure a privacy and confidentiality document from a hospital. However, since I am currently working as a medical officer, I have decided to review our privacy policy of our company.

There are several policies in place which aim to protect the privacy of the employees. Although there is no dedicated policy for health information except for the confidentiality and NDA for the electronic medical record (see below), the existing policies already include them.

To start, the company has defined personal data as “information that can directly or indirectly identify an individual, including employees, contractors, directors, shareholders, customers and anyone else with whom [the company] does business.” Sensitive personal data (SPD), on the other hand, is defined as a subset of Personal Data that has the potential of causing harm to an individual and therefore requires heightened protection and care. SPD should only be collected or handled when there is a specific legal, regulatory, or compelling business requirement and may require registration with local Data Processing authorities. SPD requires heightened security, and it should only be collected or processed when there is a specific legal, regulatory, or compelling business requirement.” Data collected for medical purposes (ex. pre-employment/periodic medical exams, consultations, etc.) are classified under sensitive personal data.  

Before discussing the policies, let me briefly enumerate 3 of the most important privacy imperatives of the company:

  • Only collect the personal data you need.
  • Only use personal data for the reason it was collected.
  • Don’t share personal data with anyone who doesn’t need it.

Now let us proceed to examples of policies/agreement that relate to information and privacy.

Data Privacy Within the normal course of business operations, the Company collects and processes personal data of individuals with whom the Company has business relationships. These personal data either identify a person or provide characteristics of an identifiable person. The Company respects the sensitivity of personal data; it is corporate policy that personal data be collected, processed, protected, transferred, stored, disclosed and disposed of in accordance with applicable laws and Company approved procedures.

It is the Company’s policy to:

  • Collect personal data in a legal manner and for specified legitimate business purposes only.
  • Process personal data only as necessary for the specified purposes.
  • Collect and process personal data by lawful and fair means and, where required, with the knowledge or consent of the individual.
  • Keep personal data as accurate and complete as possible for their intended purpose.
  • Permit individuals to review their personal data and to request correction of factual inaccuracies in accordance with and subject to Company standards, procedures and appropriate verification.
  • Secure personal data by reasonable and appropriate information protection safeguards as set forth by corporate policy on Information Protection.
  • Retain personal data in accordance with the corporate policy on Information Retention and when no longer required for the stated purpose or by law, destroy personal data in a manner which protects the confidentiality of the data.
  • Comply with all data privacy laws and regulations applicable to our business operations.
  • Integrate data privacy principles into our business activities, including, as necessary, agreements and arrangements with third parties, Joint Ventures and other companies with whom we have a business relationship.
  • Institute and maintain processes to coordinate enterprise-wide data privacy compliance activities, recognizing that many aspects of data privacy compliance can be implemented only at the local level.
  • Where appropriate, review and comment on proposed data privacy legislation, regulations or policies that may significantly impact our business; cooperate with appropriate government agencies to facilitate timely, reasonable and business-oriented solutions for data privacy issues that may arise.
  • Audit conformity with this policy through a comprehensive compliance program, including self-assessments and internal audits.
Information Protection The information assets of the Company are vital resources. These resources include information in any form, whether acquired or developed by the Company, and any systems that store, process, or transmit information. It is the policy of the Company to ensure the availability, integrity, and confidentiality of these resources in a manner that is consistent with risk and business value. All [company] Corporation employees and contractors have responsibility for properly protecting these resources.

It is the Company’s policy to:

  • Comply with all information protection laws and regulations.
  • Integrate information protection principles into every aspect of its business activities, including the structure of agreements and business arrangements with its Joint Venture, Alliance, and third party relationships.
  • Take cost-effective measures to ensure the availability, integrity, and confidentiality of Company information assets, considering current, as well as emerging, business needs and technology.
  • Ensure that processes are in place to manage enterprise-wide information protection issues, recognizing that some aspects of information protection can only be addressed at the Reporting Unit level.
  • Comply with established standards, follow good safeguarding practices and guidelines, and apply principles of risk assessment to ensure that Company information protection activities are conducted responsibly.
  • Participate in the formulation of information protection legislation, regulation, or policy issues that may significantly impact our business. Work actively with the appropriate governmental agencies to ensure timely, reasonable, and cost-effective solutions for issues wherever possible.
  • Ensure conformity with this policy through a comprehensive compliance program, including a self-assessment process.
Information Retention It is the Company’s policy to retain information for the minimum period necessary to:

  • Satisfy the Company’s operating requirements
  • Substantiate the Company’s holdings
  • Protect the Company’s interest in asserting and defending claims and lawsuits
  • Assure compliance with the retention requirements of applicable Government, Federal, State, and local laws and regulations

If a document or other form of information does not satisfy any one of these criteria, then it is not a Company “Record” and is not subject to retention and should not be retained.

Confidentiality and Non- Disclosure Agreement You are about to access patients’ protected health information (PHI). The system should only be accessed by authorized users. By logging in and accessing PHI, you acknowledge that you are doing so in accordance with HIPAA and your organization’s policies and procedures. Access is monitored and you will be held accountable for any activity on your login.

Organizational information may include, but is not limited to, financial, patient identifiable, employee identifiable, intellectual property, financially non-public, contractual, of a competitive advantage nature, and from any source or in any form (i.e. paper, magnetic or optical media, conversations, film, etc.), may be considered confidential. Information’s confidentiality and integrity are to be preserved and its availability maintained. The value and sensitivity of information is protected by law and by the strict policies of your organization. The intent of these laws and policies are to assure the confidential information will remain confidential through its use, only as a necessity to accomplish your organization’s mission.

While the first 3 are general policies for privacy, they are the same rules that my team and I follow when it comes to handling health data, and are also the same guidelines all health care professionals in our counterparts in other countries are using. Although not comprehensive, it makes it clear to us how to collect, process, store and destroy health data that we encounter. We also ensure to comply with local policies/guidelines set forth by the Department of Health (ex. policies on data retention and destruction). The general rule is that local laws supersede those of the company’s. In addition, since we are a private company, we have partner service providers/institutions that handle our employee’s health data. Examples are clinics where the employee’s perform their annual physical examinations. While we do not have direct control over how they handle data, we ensure that we do regular audits on said providers. We assess and verify if they are compliant with Philippine and company standards when it comes to managing health data. If they fail the audit, we discontinue our partnership with them.

As for the last example in the table above, it is the only guideline that is specific to the protection of health data. The agreement is posted at the login page of the electronic medical record. There was mention of the Health Insurance Portability and Accountability Act or HIPAA since our EMR was developed in the United States. The “policies of your organization” it was referring to are the first 3 policies that I have already discussed above.

The company policies, even though they are general policies on privacy and information, are acceptable in terms of safeguarding the privacy and confidentiality of health information of the employees. By following additional international and local policies on health, our practices on privacy and confidentiality are strengthened. I feel that considering our company’s primary business is not the delivery of healthcare, our operations in terms of health data privacy and confidentiality are comparable to those hospitals and clinics with the best standards of care.

Comments, as always, are welcome. Let me know your thoughts!



Knowledge Management – What Is Its Role in Healthcare Research?

This week, we are diving into knowledge management, another new concept we can both learn together.

The driving question is…

How can knowledge management improve access to healthcare research?

To answer the question above, we were tasked to pick a local public health problem and answer the driving question in relation to the public health problem.

Let me break it down and introduce a few concepts first.

Knowledge management (KM) is a concept that was first introduced roughly around the 1990s (Koenig, 2012). According to the Association of State and Territorial Health Officials or ASTHO (2005), is defined as “a process used by organizations and communities to improve how business is conducted by leveraging data and information that are gathered, organized, managed, and shared.” The Gartner Group (2016) defined it as “business process that formalizes the management and use of an enterprise’s intellectual assets. [Knowledge Management] promotes a collaborative and integrative approach to the creation, capture, organization, access and use of information assets, including the tacit, uncaptured knowledge of people.” Its goal is to move from “not knowing what you know” and using that knowledge to improve organizational effectiveness and efficiency (ASTHO, 2005). The building blocks of KM are data, information and knowledge, which are represented by the figure below:


Data is defined as “unprocessed representations of raw facts, concepts or instructions that can be communicated, interpreted, or processed by humans or automatic means (ASTHO, 2005).” An example of data is the number of dengue cases in a region. When meaning is assigned to data or when data is categorized, filtered or indexed, it now becomes information. In the dengue scenario, an example of information would be the number of dengue cases per district or barangay in the region. Finally, when processes like critical thinking, evaluation, structure or organization are applied to support decisions or understand concepts, information becomes knowledge. Knowledge is dynamic and evolving. It also has two types, namely: explicit and tacit. The former is also known as ‘book knowledge’ and refers to the “ordering of data and information according to well-defined, formalized procedures or rules.” On the other hand, the later refers to knowledge that is informal and that which is gained through experience and training. An example of knowledge in the dengue scenario is understanding the patterns of illness well enough to adjust preventative measures in a particular area.

When pieces of information are linked in meaningful ways, the information’s relevance to the problem at hand is established, and the information at hand is understood in larger context, there is translation of information to knowledge. This can then lead to knowledge translation which occurs when knowledge is put into action. (Straus et. al, 2011). The concept of knowledge translation is especially important because despite the abundance of evidence-based data, it has been found that there is still large gap between what is known and what is used in practice. In addition, there is a failure to use health research evidence in making informed decision related to healthcare.

For an organization to adapt the KM approach, the following components must be examined: culture, content, processes and technology (ASTHO, 2005). Culture is the organization’s shared set of beliefs, values, and understandings, and therefore varies from one organization to another. It is reflected by how and organization envisions, measures, and carries out its mission and responsibilities. Content refers to resources of the organization, which can range from data to information to skills to expertise. Meanwhile, processes are methods by which an organization manages data and information. They can be formal or informal. The processes are in place to ensure that content is created, assessed, management and disseminated effectively. Finally, technology has to be assessed in the context of why and how effectively it is used in an organization.

The role of knowledge management in public health is critical. To do their jobs, public health practitioners require accurate data and the ability to access data quickly from different sources and transform said data into useful information and knowledge. The officials, in particular, need up-to-date information for them to conduct analyses, report and generate vital information, and to collaborate with other agencies. In addition, the knowledge generated will guide decision-making in addressing public health concerns. Through KM, there can be an efficient way of developing and disseminating best practices and of continually assessing said practices for improvement.

In order to illustrate KM further, let us use dengue as a public health concern as an example. The dengue epidemic has plagued the Philippines since 1953 and continues to be a significant public health concern (Interhealth Worldwide, 2016) despite the many efforts of the Department of Health.

There was a recent article published, however, that featured the elimination of dengue cases through the combined efforts of a data analyst, professor, and local agency director. The story was a feature piece in Manila Bulletin and the subheadline mentioned that the answer to the dengue problem was not medicine but big data. It recounted how Wilson Chua, a big data analyst, was able to analyze the raw data on the dengue cases in Pangasinan provided to him by the Department of Health. He noted that the district of Bonuan had the highest number of cases in Pangasinan for 3 consecutive years, and that most of those infected were children aged 5-15. In doing his research, he found out that there were two public schools in the area (specifically Barangay Bonuan Boquig) with large pools of stagnant water in between, which were assumed as the source of the dengue vector.  Once he was able to identify the problem, he crowdsourced through social media (Facebook in particular) and got in touch with Professor Nicanor Melecio, the project director of the e-Smart Operation Center of Dagupan City Government, and Wesley Rosario, director at the Bureau of Fisheries and Aquatic Resources. Their solution to the problem was two-pronged, which was release of mosquito dunks and mosquito fish. They were able to implement this through the help of the local government. Thirty days after intervention, there was still no report of dengue cases in the area (you can read the full story here).

This article caught my attention for several reasons. One, I found it amazing that they were able to find a solution that could help address the dengue problem in the country. While I am aware that their solution is not applicable to other areas (ex. urban poor areas where large pools of water are not present and mosquito fish release is not feasible), it still impresses me how they were able to collaborate and come up with a solution. Two, the initial efforts were not made by a public health professional but by an analyst who just happened to have a personal interest in the situation. Third, his collaborators were not from the Department of Health. Fourth, DOH gave him raw data. (It was mentioned in the article that he was given an file with 81,000 rows of data. Aren’t there data privacy concerns?) Lastly, it mentioned that ‘big data’ was the solution.

Let me take a quick detour and discuss that last point. Big data, according to Tech Target, is a term that refers to a voluminous amount of structured, semi-structured, or unstructured data that has potential to be mined for information. There is no consensus on what ‘voluminous’ equates to in terms of volume or size, although it often refers to terabytes, petabytes, or exabytes of data captured over time. It is often characterized by extreme volume of data, wide variety of data types, and the velocity with which the data must be processed.

Going back, it now makes me wonder about how DOH has handled the massive amount of data that they have. Have they thought of Mr. Chua and his team’s interventions before? Based on the article by Lomibao (2013) in the Philippine Inquirer, Mr. Rosario mentioned that mosquito fish has been in the country for decades. Mosquito dunks are also not a new concept. But is the two-pronged approach new? If it showed promising results in Pangasinan, are there efforts to disseminate the information and replicate it in regions with similar topography? Is further research being done to address the feasibility of this solution and its long-term effects?

Recalling the 4 components of KM, I’ll now discuss how each of those components would play a role in improving access to healthcare research given the scenario above. Organization in the following paragraph will refer to the Department of Health.

The ideal culture in an organization is one where leadership plays a strong role in establishing the cultural will to support and maintain practices such as data documentation and dissemination of results. Considering the nature of public health, leadership should also be able to effectively communicate and coordinate with other organizations. It will help in understanding how the practices of others might be leveraged. First, recognizing the efforts of Mr. Chua is imperative. Given his and his collaborators’ success, a more wide-scale feasibility study should be done on the intervention that they did. Long-term effects of said intervention should likewise be performed, since the Department of Environment and Natural Resources’ Protected Areas and Wildlife Bureau (PAWB) has already expressed their concern over the potential negative and irreversible impact on our fragile biodiversity (Lomibao, 2013). At least for this particular aspect of dengue vector control and management, the DOH should work with BFAR, PAWB and the local government.

For content, one of the most significant challenges is capturing tacit knowledge, which means making it easy for individuals to share what they know through training, collaborative opportunities, networking, and other personal interactions. Mr. Chua can be considered as a potential content resource of the organization. I assume that there are already people employed by the DOH who do what Mr. Chua does, but he can help by sharing his knowledge on how he analyzed the data that was given to him.

As for processes, the ideal scenario is that the data and information management processes that exist in the organization are driven by the needs identified from the agency’s business activities. Given the nature of the public health sector, the data it collects is usually shared with external organizations aside for its intended personal use. Because of this, data and information management processes should make it possible for the DOH to share their data in a way that is understable and meaningful to other sectors, such as the local government or BFAR.

Lastly, for technology, it is already a reality that the public health sector has been increasingly using electronic technology to collect, store, access, analyze, visualize and communicate data. However, there remains a gap in the availability of personnel who both have an expertise in information technology and in public health, or the so-called hybrids. If the gap in hybrids cannot be addressed for now since it needs specialized training, the DOH could continue its efforts to collaborate with experts in different fields to address the problem.

If the above core components are present in an organization such as the Department of Health, knowledge on dengue and means for vector control would be more accessible. It will also encourage and allow for further research to be done. 

That is it for week number 12 of HI 201. I have a couple of questions for you.

First, do you agree that big data was indeed the answer to the dengue problem (at least for Pangasinan)? Second, do you think your organization (if you belong to one) is ready to adopt knowledge management approach?

Let me know in the comments below.


Clinical Decision Support Systems – How Can They Impact Healthcare?

Let’s skip the intro and dive right into this week’s assignment. The driving question that we needed to answer was…

“How can Clinical Decision Support Systems (CDSS) improve the quality of healthcare?”

Aside from the question above, we were tasked to think of a clinical scenario and suggest a clinical decision support system embedded within CHITS to address this.

A clinical decision support system or CDSS, according to Jaspers et. al (2010) is a tool that provides “clinicians or patients with computer-generated clinical knowledge and patient-related information, intelligently filtered or presented at appropriate times, to enhance patient care.” Another definition was provided by Souza et. al (2011) which describes CDSS as “computerized matching of an individual patient’s characteristics with a knowledge base that then provides patient specific recommendations to healthcare providers.” Common examples of CDSS are those that check for drug-drug interactions among the medications of a patient or those that check for possible drug-disease precautions or contraindications, reminder and recall systems for immunizations, prompts for  clinicians to initiate smoking cessation interventions, blood pressure screening, or laboratory/radiology testing among others. CDSS can exist independent of electronic medical records (EMRs) or may be incorporated into them. The idea is that CDSS will provide decision support to users at the time they make decisions, which should result in improved quality of care. For example, it can alert a physician that his/her medication of choice has a drug-drug interaction with a patient’s existing medication. Or it could also alert the healthcare practitioner (HCP) that his/her choice of medication can potentially aggravate a patient’s condition. Other examples are reminders such as the need for mammographic screening in women older than 40 or 45 years old, or the recommended vaccinations for an infant who is 14 weeks old. In the paper by Bates et. al (2003), they identified 10 “commandments” for an effective CDSS. I will enumerate and briefly explain them below.

  1. Speed is everything. As mentioned above, the overall goal of CDSS is to provide decision support at the time the decision is being made. Bates et. al has found that the speed of an information system is the parameter that users value most.  A good IS, therefore, will less likely be seen as helpful if it takes time for decision support to be shown or accessed. I imagine this would be more applicable to settings wherein there is a long queue of patients who need attention.
  2. Anticipate needs and deliver in real time. This pertains to making the necessary information available to clinicians at the time they need it. An example of which is emphasizing high potassium levels in a patient receiving a potassium-sparing diuretic in a patient with hypertension or congestive heart failure.
  3. Fit into the user’s workflow. In one of my earlier blogs, I mentioned that one of involvement of the end users as early as the planning or design phase is one of the determinants for success of a health information system. Part of involving users is making sure that the proposed IS will work well with their current workflow. A new software (or CDSS in particular), even when equipped with excellent guidelines, will likely meet resistance when it significantly changes the workflow of the end users (unless the workflow is the actual problem and it NEEDS to be changed).
  4. Little things can make a big difference. This sounds cliché to me but its applicability, even to CDSS, cannot be ignored. Little things in the CDSS can spell the success or failure of the system. For example, requiring a physician to enter his/her diagnosis using ICD codes (with a drop-down button) as opposed to entering it in free text will better help in ensuring that diagnoses for the patients are entered in a standard way. If part of the CDSS, then, is checking for drug-disease interactions, the system will be more accurate in delivering such information because the diagnoses are standardized.
  5. Recognize that physicians will strongly resist stopping. For example, your CDSS tells the physician that no further tests are recommended for the patient. However, the physician has been used to ordering a chest x-ray for similar cases. Since the CDSS only mentioned to stop but did not offer an alternative, the physician will most likely override the said recommendation and continue to order the chest x-ray. The same is applicable for medications, such that giving no or an undesirable alternative to the physician prescribing the medication will most likely make him/her prescribe the medication he had intended to.  
  6. Changing direction is easier than stopping. This is in relation to the previous number. An example of change would be changing the default dose and frequency of a drug when a physician orders it. Unless the physician has specific reason to change the dose and/or frequency, he/she will be more likely to use the suggested/default dose/frequency.
  7. Simple interventions work best. An alternative to this statement would be less is more. The most important guidelines for a medication, for example, should fit in the HCP’s screen. It might be helpful to have it linked to a more comprehensive or complete list of guidelines, which should also be readily accessible to the clinician with a few clicks.
  8. Ask for additional information only when you really need it. In CDSS that are integrated into the EMR, there are patient data that are already available for use by the CDSS to be able to give decision support. If the data is insufficient, the HCP will be asked to enter additional data. In stand-alone CDSS, most data will have to be entered by the HCP. According to Bates, et. al, “the likelihood of success in implementing a computerized guideline is inversely proportional to the number of extra data elements needed.” Therefore, it would be best if the least amount of data is asked of the HCP to be able to provide meaningful decision support, as a system that requires an HCP to enter several data will be something that a clinician is less likely to use, especially considering the usually limited amount of time HCPs have in dealing with their patients.
  9. Monitor impact, get feedback, and respond. How likely are clinicians to accept the suggestions of the CDSS? How often do they overlook the suggestions? How do their actions impact process flow, or more importantly, patient care and patient outcomes? It is essential to know the answers to these, and make corrective actions even mid-course to improve the CDSS.
  10. Manage and maintain your knowledge-based systems. CDSS suggestions are most often based on local/international guidelines. Since medicine is dynamic (and so are the guidelines), CDSS should also be able to keep up with the changes. A decision support with outdated guidelines will defeat the purpose. It is also helpful to track the response of the users to the CDSS and evaluate the reports on a regular basis.

Now that we know more about clinical decision support systems, let us discuss CHITS. CHITS stands for Community Health Information Tracking System. It was developed by the National Telehealth Center (NTHC) to improve health information management at the rural health unit level. It was described as an “EMR for the health workers, by the health workers” since it was developed alongside health workers and was designed in such a way that it features a workflow that is similar to what is currently being employed in local health centers. It uses an open source software making it more flexible to the needs of both the RHU and the DOH. It was built to improve data-gathering at the RHU level to be able to generate more accurate reports, which will be later used to plan programs and effect changes on both local and national public health levels.

I was a student nurse rotating in the local health centers (in Metro Manila and Batangas) from 2006-2009 and I was a medical intern doing community rotation from 2012-2014. I have never encountered CHITS in any of the health centers I rotated at. There is limited information on what CHITS is and what is available so far (based on my internet search), so I will assume that my suggestions below are still non-existent.

In this scenario, barangay health worker (BHW) Dela Cruz is on duty at a rural health center. It’s vaccination day and Mommy Anna comes in with her children Karen and Nina, who are 2 years old and 9 months old, respectively. BHW Dela Cruz  briefly interviews Mommy Anna and gets pertinent data regarding her children. During the interview, she found out that Mommy Anna had just moved into the barangay and that her daughters have never received any type of vaccination. She was then asked by the mother which vaccines her daughters should receive. In the brief period that Dela Cruz has been a BHW, she has never actually encountered an infant or toddler who is naive to any type of vaccination.

I think that a useful CDSS in this scenario would be something that guides a healthcare worker (HCW) on the vaccinations a patient, particularly a pediatric patient, should receive. The minimum data required would be the patient’s birthday (the age should be computed automatically). When the software determines that the patient is a pediatric patient, the recommended vaccinations for patient based on age should be displayed. The HCW can then enter the date the vaccines were received (if any and if they were received elsewhere). It is at this point that any previous reactions to vaccines should also be documented. If there are none, as in the scenario above, the CDSS should show the recommended vaccines arranged by priority. The basis for the recommendation would be the guidelines based on DOH’s expanded program on immunization (EPI). Contraindications for vaccines in general or for a specific vaccine could also be shown. A trained barangay health worker (BHW) should be able to do a simple assessment, enter the birthdate, and identify which vaccinations a patient should receive. Once the vaccine has been administered, it is documented in the software. Ideally, if the vaccine is part of a series, the date for the next dose should be shown so that the BHW could inform the patient (or his/her guardian) on when to come back. The same CDSS should also be able to generate reports such as the type and quantity of vaccinations given on a daily, weekly, monthly, quarterly or annual basis or how many children are considered fully immunized. These types of reports could be married with statistics from the local government to determine the vaccine coverage in the area to assist in procurement of additional vaccines and to help plan for program that are related to vaccination.

Again, I have to admit that I am not aware if this is already being done in the RHUs. Considering the lack of healthcare professionals in the rural health units, particularly the geographically isolated and disadvantaged areas, this type of CDSS would be very helpful to the RHU healthcare workers and in helping attain the main goal of DOH’s EPI, which is to reduce the mortality and morbidity among children against the most common vaccine-preventable diseases.

I personally am using a vaccination application on my smart phone that was created by the Centers for Disease Control (CDC). It has recommendations based on age group or based on special populations (pregnant, person with HIV, etc.). As a standalone app, it has been very helpful to my in my practice and for my own personal use. Something similar could be incorporated to CHITS to help implement the immunization program of DOH.

That is it for week 11 of HI 201! Can you think of other clinical decision support systems that could benefit people especially in the remote areas where there is often limited access to healthcare? What do you think are pitfalls of CDSS?

As always, let me know in the comments below. I would love to hear and learn from you!



Standards and Interoperability – How Can These Be Adopted?

This week, we are diving further into the basics of health informatics. Our focus would be on interoperability, with the driving question…

How can healthcare institutions adopt standards to ensure interoperability?

We were tasked to pick among messaging, terminology, and imaging – the three broad categories of standards – and to prepare a master plan for its adoption in a government setting.

As always, let me start by defining some terms.

Standardization is defined by Investopedia as “a framework of agreements to which all relevant parties in an industry or organization must adhere to ensure that all processes associated with the creation of a good or performance of service are performed within set guidelines.” Adebesin, et. al. (2013) stated that this is the key to interoperability. eHealth Interoperability, in particular, is defined as the “ability of two or more systems or components and the business processes they support to exchange information and to use the information that has been exchanged.”

While there remains no consensus on the levels of interoperability, the European Telecommunication Standards Institute has identified 4 levels, namely: technical, syntactic, semantic, and organizational. Technical interoperability enables heterogeneous systems to exchange data. Syntactic interoperability, on the other hand, guarantees the preservation of the clinical purpose of the data during transmission among healthcare systems. Meanwhile, semantic interoperability is that which enables multiple systems to interpret the information that has been exchanged in a similar way through predefined meaning of shared concepts. Finally, organizational interoperability, the highest level of interoperability, facilitates the integration of business processes and workflows beyond the boundaries of a single organization.

I would like to focus on semantic interoperability. To me, when simply put, this means that different systems understand each other. It’s like different people speaking and understanding each other using English, for example, despite the fact that they have different nationalities. Of the three broad categories of standards, semantic interoperability focuses on terminology.

One example of a terminology standard is SNOMED-CT. The International Health Terminology Standards Development Organisation (IHTSDO) owns and distributes SNOMED-CT. The claim is that it is the world’s most comprehensive multilingual clinical healthcare terminology that enables consistent, processable representation of clinical content in electronic health records. Its goal is to facilitate the accurate recording and sharing of clinical and health-related information and the semantic interoperability of health records. The way it works is that the content is represented using three types of components – content, description, and relationship. First, the concepts in SNOMED-CT, which represent clinical thoughts, have a corresponding unique identifier. Each concept is also associated with a single unambiguous Fully Specified Name (FSN) that contains the semantic tag and identifies the hierarchy to which the concept belongs. A concept can have one or more descriptions, and descriptions also have a unique description identifier. Finally, relationships link concepts together and provide formal definitions and other properties of the concept. Below is an example of how the components are interrelated:

screen-shot-2016-10-25-at-11-32-46-pmIn more plain and basic terms, SNOMED-CT is like a comprehensive dictionary where health data are defined, and at the same time functions as a thesaurus where synonyms of terminologies can be found (although SNOMED-CT is definitely more than this).

When incorporated into an electronic health record, for example, it allows uniform entry and interpretation of data. The encoded data can later be reused and presented for a variety of purposes. For example, clinical records represented using SNOMED-CT can be processed and presented in different ways to support direct patient care, clinical audit, research, epidemiology, management, and service planning.

IHTSDO has been working with other standards bodies like the ISO and HL, and they map from and to other code systems. As mentioned earlier, it is also multilingual. These ensure not only the applicability of SNOMED-CT to different disciplines but it also reinforces its global applicability. At the same time, it is also scalable and flexible and could adjust to local requirements, if necessary.

In the local setting, part of the Department of Health has already outlined the Philippine eHealth Strategic Framework and Plan (PeHSFP) 2014-2020. We are developing our own National Health Data Dictionary, which will function similar to SNOMED and will be integral to the implementation of the Philippine Health Information Exchange (PHIE).

hie-2The above image illustrates the PHIE. Note that on the upper right corner, under health data standards, is terminology. This is where the National Health Data Dictionary comes in. It will be used to ensure good data quality among the different systems that will be integrated in the PHIE.

If a government hospital, then, needs to adopt this standard, how will they do so? In a previous blog, I enumerated and briefly described the 7 components of eHealth projects according to the PeHSFP, namely: (1) governance; (2) legislation, policy, and compliance; (3) standards and interoperability; (4) strategy and investment; (5) infrastructure; (6) human resource, and; (7) eHealth solution.

Because we are talking about a government hospital, most of the components will be coming not just from the board or the hospital administrators but through mandates of the national and local government. For example, the creation of the National Governance Steering Committee and Technical Group on eHealth and the National eHealth Governance Implementing Policies, Procedures and Guidelines will be through creation of administrative orders. The same applies for other mandates that will come from the national government. Examples of which are the National Implementation of Health Data Standards for eHealth Standardization and Interoperability, the Implementation of Software Data Compliance to National Health Data Reporting, Implementation of Philippine Health Information Exchange and its Implementing Policies, Procedures and/or Guidelines, and creation and updating of the National Health Data Dictionary. To comply, a government hospital would then implement said administrative orders. The electronic health system they will use will most likely be a software that was developed for government hospitals in the Philippines. In that scenario, the said system would also have already been compliant with the parameters set forth by the Software Data Compliance Body. In addition, encoding of data would also make use terminologies of the National Health Data Dictionary.

Let’s say, however, that a government hospital, for whatever reason, was not required to be part of the PHIE but would like to become one. It still has to start with governance, who will decide on the kind of eHealth system that the hospital will use. They should create the necessary policies and implementing orders for the said project, which would be better handled by a specialized team dedicated to creating, implementing, and maintaining the system. Part of the planning and design for the project would already involve sourcing for funds for the project, hiring and training the right people, and ensuring that the system has adequate infrastructure to run the software. Specific to terminology and in effect, ensuring data quality, is integrating the coded terminologies under the National Health Data Dictionary into the software. This will make the software interoperable with the other systems that are likewise part of the PHIE.

In ensuring interoperability in general, there has been a lot of discussion on the use of open source software. As the name implies, open source in terms of software development and licensing means that the source code is accessible and modifiable by the end user. This is in contrast to proprietary software wherein the source code is confidential and the end user can access and execute only the machine code. The argument, according to Reynolds and Wyatt (2012), is that “open source software (OSS) licensed HIS provide a key opportunity for the promotion of effective systems by enhancing clinical engagement in software development, fostering innovation, improving system usability, and reducing costs, and should therefore be central to a rational HIS procurement strategy.” With OSS, there will be lower entry barriers and developers would have to compete with implementation of the same standards. The ultimate beneficiary of these would be the consumers, since use of OSS would encourage innovation and lowered cost from developers. There would also be no fear of lock-in, and the consumers can freely switch to another product without losing their data. A real-life example of this would be the use of the Android operating system. The Android operating system is based from the Android Open Source Project (AOSP). There are a variety of mobile phones operating using Android OS, and a user can switch from one brand of cellphone to another and bring their data along with them, since there are numerous applications that run using the said OS. In the healthcare setting in the Philippines, this would translate to developers using the same source code in the development of their eHealth systems. The health data would be structured in the same way, even if different softwares are used. With the use of a common health data dictionary to code for the data to be entered into the system, the terminology would be the same as well. This means that even if a healthcare institution discontinues the use of a particular software and later on switches to another one, as long as the said software used is running on a similar source code or is compliant with the standards set forth by the PHIE, migration would be possible.

And that is it for this week’s blog! I had a rather difficult time understanding the concepts but I hope I was able to make some sense. I feel that as the course progresses and as I make more blogs, things are starting to become more cohesive. It’s also the reason why I’ve been referring to the content of previous blogs more often (especially that of PHIE). Let me know your thoughts and I hope we can discuss!



Personal Health Records – The Patient Tool

We’re more than halfway through the semester and I can honestly say that this course has been very enlightening so far. Over the first half of the semester, my preconceived notions about health informatics especially in the Philippines was basically shattered, and I am discovering that there is so much more to learn from this course than what I initially thought.

That being said, let us now dive into this week’s topic – personal health records.

The question we were asked was…

“What features are considered critical or most useful by users of Personal Health Records?”

In last week’s blog, I discussed electronic health records (EHR). In researching for that topic, it was only then that I realized that EHRs are not synonymous with electronic medical records (EMRs). I also learned that automated health records (AHRs) and computer-based patient records (CPRs) are also different. Now we will be adding patient health records (PHRs) to the mix.

According to, a personal health record or PHR is an “electronic application used by patients to maintain and manage their health information in private, secure and confidential environment.” The key phrase here is “used by patients”, since that is the main distinguishing feature of the EHR from the AHR, CPR, or EMR (Ideally in EHRs, there should be a component where patients can manage their data as well). Through PHRs, a patient can be more involved or proactive in the management of his own health since it allows him to enter, view and modify health data into the application. Aside from being a static repository of data, the more advanced PHRs have decision-support capabilities that assist patients in managing their conditions. They have the potential for to help analyze a patient’s health profile, identify health threats or deviation from normal at an earlier time which leads to prevention or early intervention, or provide improvement opportunities based on analysis of drug interactions, gaps in current medical care, and identification of medication errors. When the PHR is also made accessible to the clinician or health care provider, it facilitates communication between provider and patient for continuous exchange of health data.

With the rapid developments in technology also come numerous attempts at personal health record softwares or systems. However, PHRs have not received the same attention as EHRs and EMRs. There are several issues that arise when it comes to its adoption, and I believe that the two main issues are:

  • Quality of data – Since in PHRs patients are mostly the ones who enter the data, then how accurate are the data? Are they entered using medical or laymen terminology? Are the diagnoses accurate? Are the medications accurate? What about the laboratory and diagnostic results? Are they entered correctly? Abundant but poor-quality data defeats the purpose of the PHR.
  • Security and privacy of data – Most PHRs are web-based or mobile applications that were developed for commercial distribution and use. Unlike EHRs and EMRs with more robust security features since they are usually linked to bigger institutions, PHRs are, as mentioned, often web- or mobile-based. Data contained in a mobile app, for example, may only stored in the mobile device. If there is an option to store it elsewhere, it usually in a cloud-based storage (which is often another application not primarily intended to store medical data). Or the data could be exported as a PDF or Excel or Comma Separated Values file, and then sent to an intended user (ex. physician) via email. The transfer is usually not encrypted and therefore vulnerable to breach or exposure.

What, then, are the criteria for a good personal health record system or application? Kim and Johnson (2002), in their paper Personal Health Records: Evaluation of Function and Utility, reviewed and evaluated several web-based PHRs that were available the time based on several criteria. Under function, they evaluated the website application in terms of access, medical conditions, medications, laboratory test, diagnostic tests, and immunization. As for utility, they assessed whether the application could incorporate data to manage conditions at a basic and more comprehensive level of representation. The overall conclusion of the study was that the PHRs available then had limited functionality and therefore had limited ability to serve as adequate representations of medical information for use in clinical practice.

Basing on Kim and Johnson’s paper, the identified barriers to adoption and on my personal experience as well, I developed a scoring system for the evaluation of PHRs. This, in a way, also helps answer the driving question for this week “What features are considered critical or most useful by users of Personal Health Records?”


Each criterion is will be scored from 1 to 5, with 1 being the lowest and 5 the highest. The rating per category will be averaged at the end, and the overall score will serve as basis if the app will be recommended or not. PHRs that scored 5/5 will be highly recommended, 3-⅘ as recommended, and 1-⅖ as not recommended.

To explain further the scoring system I created, I signed up for personal health record. I was not able to find a PHR that was made or based in the Philippines. I settled for the top hit in Google, which is the application My Medical.

See slide presentation below for my review of the application.

I, personally, am very interested in PHRs because aside from the fact that I am a neat freak and I want to keep things organized, I am also a patient (under the care of multiple health care providers). I actually have a big binder at home documenting my health since 2007. It is a pain to carry it around whenever I have to visit my doctors, and after 9 years, the method is just not efficient anymore. The app I reviewed above will work for me because it appears more to be a static repository of data, which I prefer. However, non-medical personnel or laymen who want to use this to gaina more proactive role in the management of their health might find some of the features lacking, because it has limited decision-support capabilities and the means for communicating the health data contained in the app to a health care provider is also limited.
Disclaimer: The application is not sponsored and I paid for the app with my own money.
And that is it for this week’s blog! Do you agree with the scoring system I made? Are there other features you are looking for in a personal health record that were not part of my criteria? Given the features I showed above, is the app something you would consider using as well? Or have you tried other PHR applications?
As always, let me know in the comments below. Your input will be very much appreciated.


Philippine Health Information – How Can It Be Accessed and Exchanged?

Of the blogs I have had to publish in the last 5 weeks, I think this is the one I was most excited to do because the task relates to something I experience on a regular basis.

The question were were asked was…

How can patients access their data from different health care providers as they transfer care?

We were assigned to also draw a flowchart that details the information collected at every step for a patient with diabetes with a non-healing wound who consults at outpatient patient but subsequently admitted in the hospital.

Currently, there are only very few institutions in the country using electronic medical records. Most hospitals, clinics and centers, even the most advanced, still rely heavily on paper charts. While some components are through eHealth (laboratory results can be checked online, etc.), the actual patient encounters are still documented through paper and pen. No national program has been implemented that allows for transfer of and/or access to data among institutions, especially those between the private and public sectors.

For a patient, then, who will seek consultation in an outpatient clinic for the first time, the process can be tedious. Aside from providing general data, he/she will have to relay his/her entire medical history to the attending health care professional. Although the prudent thing to do, especially for physicians seeing patients for the first time, is to do a comprehensive history and physical examination, the process can be complicated as well. More often than not, patients – especially the elderly – are unable to give an accurate past medical history. Unfortunately, they also tend to be the ones with several comorbidities. They may not remember all the illnesses they were diagnosed with, the medications they are taking (especially the dose), the exact operations they underwent and in what year, etc., and some of those data can significantly impact their care. Afterwards, if they need to be admitted to a hospital where a different physician will have to attend to them, the whole process of eliciting the biographic data and entire medical history (from diagnosis to procedures to medications) has to be repeated. Generally speaking, manual systems like the one described above are inaccurate, cause delay, non-standardized, and use different terms for the same meaning or have different meanings for the same terms (Herbosa, 2015).

But if there was a standardized system data from different institutions (whether private or public) that can be accessed by health care providers attending to a singular patient, then the process would look something like the one shown below.


Assuming the diabetic patient has not had any previous consults, or his previous consults were done when there was still no standardized interoperable system, upon initial consult at the the outpatient clinic, he/she will be asked to register. The biodata entered should be able to generate a unique identifier for the patient, which will be used for future reference. An alternative would be using the Unified Multipurpose ID, which is a government-issued card that can be used for different government agencies (SSS, PAG-IBIG, PhilHealth and GSIS). This will be associated with a singular electronic medical record (EMR) for the patient, where all information will be in a single view at the point of care. The physician’s evaluation and management will then be documented in the EMR, from his complete medical history, physical examination, assessment and management plan. Ideally, the EMR should also be equipped with decision support tools and knowledge based information to guide the health care provider in managing the patient. If the patient needs to be admitted, he will only have to indicate his unique identifier code or present his UMID, which should allow the health care team in the hospital to pull up his EMR. Instead of doing the entire process and trying to elicit the entire history, what the inhospital physician could do is verify what was already written in the EMR. Not only does this save time and effort on both ends, but more importantly it allows for more accurate “endorsement” of medical care, since the physician could review the notes of the previous physician. While in the hospital, the patient’s course will be documented in the same EMR. After discharge, it is common especially for patients who have chronic illnesses to follow-up. During this time, the use of a unique identifier or UMID will help facilitate pulling up of records and enable continuity of medical care.

As I mentioned earlier, there is still no national program that has been implemented that allows for transfer of and/or access to data among institutions. However, efforts towards this have been in the works for several years.

The Department of Health (DOH) and Department of Science and Technology (DOST) have signed a Joint National Governance on eHealth. These two departments are the leads in attaining the vision of the Philippine eHealth Strategic Framework and Plan (PeHSFP).

The main purpose of the PeHSFP is to describe how the eHealth vision will be achieved to guide national coordination and collaboration, as well as set a clear direction and guidance to the ongoing future eHealth activities in the country.  And that vision is that …

By 2020, eHealth will enable widespread access to health care services, health information, and secure share and exchange patients’ information in support to a safer, quality health care, more equitable and responsive health system for all Filipino people by transforming the way information is used to plan, manage, deliver, and monitor health services.

In particular, one of the tools to achieve the vision will be through the Philippine Health Information Exchange (PHIE), which I already briefly discussed in this blog post. The key words here are standards and interoperability because the PHIE is a platform that allows authorized users to gain access to health information and share it across geographical and health sector boundaries. It is also a means for implementation of innovative ways to deliver health services and information. As long as the data are entered via a standardized format, they can be integrated into the system and later accessed. Examples of information which could be exchanged through the PHIE are demographics, health profiles, care plans, prescriptions, test orders and results, referrals, etc. Basically, it integrates all the different sources of health data (from the different EMRs – whether from private or public institutions, from urban or local areas – and different databases, etc.) into a national platform that is accessible to health consumers, health care providers, health care managers, policy makers, and researchers.


Health Information Exchange Diagram (DOH, 2014)

Specific to the health consumers, the idea is also for them (i.e. patients) to have controlled access to their individual health data, and for them to have the capacity to manage their health records. This step, I think, is crucial for empowering the Filipino people when it comes to taking charge of their health, since they will be more active players.

I sincerely hope that we achieve the eHealth vision by 2020. In particular, I’m very much interested in the full scale deployment of the PHIE because I think it would be a game changer in the way health care is delivered to the Filipino people.

That concludes this week’s blog post. It actually excites me to think that this is the direction we are headed. As a health consumer and a health care provider, I feel that the planned programs are promising.

As always, comments are welcome. Leave them down below and let’s discuss, yes?