Patients around the world are increasingly benefiting from emerging e-health technology, but can it offer similar benefits for medical professionals?
In 2011 UK Prime Minister David Cameron wrote in an article for the Times: "Fail to modernise, and the NHS is heading for a crisis." Although the warning might apply to a range of NHS activities, it is perhaps most relevant to the area of patient care ICT and the changes that are occuring as technology enables patients to take more responsibility for their own treatments.
The health industry already uses modernised high-tech systems, such as robotics, artificial-intelligence software and digital imaging systems used for X-rays. Patients are starting to use machine-to-machine (M2M) devices, enabling them to monitor themselves remotely yet still be able to communicate directly with medical carers (see 'Wellness connected', E&T May 2012). These e-health technologies can use a lot of mainstream ICT, and costs can be diffused and aligned with those IT lifecycles common to PC and Internet-connected medical devices, rather than very expensive specialist hardware and software. This, its fans say, benefits both physicians and healthcare finance offices.
However, if the healthcare sector is going to cope with the increasing number of patients with one or more long-term conditions, such as asthma, heart and lung disease, and diabetes (which is forecast to increase by 252 per cent by 2050), the NHS cannot rely on existing healthcare technologies, says the Department of Health. This ongoing digital makeover aims to deliver e-health strategies such as electronic patient files, M2M, mobile health, and virtual health carers.
While these technologies benefit patients, the impact it is having on hospitals, surgeries, clinics and doctors, nurses and carers can vary. Medical professionals are beginning to adapt and implement e-health initiatives such as 'bring your own device' (BYOD) and working with large influxes of 'big data' into their daily routines.
However, according to Theo Ahadome, senior analyst at IMS Research, it may take time for them to catch up with advancements. "There is no point modernising the health sector if the physicians and nurses are not aware or even trained," he says. "The danger will be that the systems become more modern than the users can keep up with. There have been instances where remote monitoring, although available at a Trust, was just never prescribed by physicians, so devices remained on the shelf."
Ahadome explains that not all physicians are prescribing remote-monitoring devices. They are mainly purchased at a Trust level from healthcare providers, therefore physicians are not aware of the availability and benefits, or haven't had the relevant training. Another issue arises if the patient won't use the device. If the patient is also unaware of the benefits or uncomfortable using the technology, the physician then becomes reluctant to prescribe devices and they remain unused.
Referring to this issue when speaking at Cambridge Wireless's 'Connect or Die' event (organised by the Connected Devices SIG and the IET) in November 2012, Mike Short, vice president of public affairs at Telefónica Europe, explained that healthcare will need to be supported in other areas, such as better measurement techniques, data analytics, and digital literacy. "When I talk to some of the health professionals' they are not trained, they are not certified in digital technologies," he said. "They may choose to use smartphones or tablets, but they are not trained and examined in those areas as much as they are trained in other areas like biology or care. So we need a bit more digital literacy in the professional institutions that support the healthcare industry."
Short added that use of social media has also become an integral element in e-healthcare: "Social media is already outstripping the ability of the health services to support it. [It] can be used by people sharing their conditions and their knowledge with others experiencing the same health problems. Now that doesn't fit the typical regulatory model, but the social media for healthcare is a dynamic area. If we can add measurements to it and have some clinical confidence to it, it could actually take us on another level."
Meanwhile, the Department of Health's objective is to create a paperless NHS by 2015 by converting patient data into electronic health records (EHRs). However, Ahadome explains that there are concerns that patient data may get lost, corrupted, accessed without proper authenticity or hacked and stolen, or that doctors may act on incorrect data or miss important information. These errors could potentially lead to malpractice lawsuits.
FairWarning – a supplier of healthcare privacy auditing solutions – revealed from its 2011 survey 'How Privacy Considerations Drive Patient Decisions and Impact Patient Care Outcomes' that 61 per cent of 1,001 respondents were worried about how their identity could be used to commit fraud.
Some 54 per cent have withheld or would withhold information about a sensitive personal medical matter from a healthcare provider with a poor record of protecting patient privacy, and 87 per cent believe a serious breach of personal data security would damage a hospital's reputation.
IT security firm Cryptzone supports EHRs, but warns that the two concerns are security and public confidence. Its vice president Grant Taylor says that patient records security demands a different order of importance: "We're talking about people's medical details here – a Windows password is about as much use as a chocolate teapot. Encryption is a must-have, as is the question as to whether this data should be on a laptop in the first place."
Taylor's comments follow reports that a laptop with no password holding unencrypted personal and medical data of to 1,500 patients was stolen from the podiatry Walking on Air clinic in Gosport, Hampshire. There have been several other NHS data breaches; in March 2011 the Central London Community Healthcare NHS Trust faxed 59 patient lists containing sensitive data of medical diagnosis to a member of the public for three months. The Trust was later fined £90,000. Torbay Care Trust in Devon was fined £175,000 when employees found details of their National Insurance number, pay scale, and date of birth online.
To maximise data protection, Cryptzone placed security around data on the move. AppGate, which separates data servers and applications from users and the front-end infrastructure, ensures no one can access anything unless permitted to do so. This is done by end-to-end encryption of all traffic, including login details, and prevention of phishing or man-in-middle attacks.
Another, less highlighted risk that EHRs are said to pose is third-party companies taking advantage of patients' medical problems. Analyst Jim Morrish from Machina Research explains how a health insurance company could potentially access any open patient data held in a range of computerised systems, including those supporting consumer applications. In return, they may provide more competitively priced cover, effectively excluding those with a pre-disposition to certain diseases.
New e-health centres
Speaking at the Global Health Policy Summit in August 2012, David Cameron explained "drug development relies increasingly on real-time data, and so the NHS and the data should be exploited as a resource". The government plans on changing the NHS Constitution, "so that the default setting is for patients' data to be used for research unless the patient opts out", he said.
An initiative being led by the Medical Research Council and members of the E-Health Research Initiative is investing £19m in setting up four e-health research Centres of Excellence in London, Manchester, Dundee and Swansea, due to be opened in the first quarter of 2013.
The Centres are jointly funded by the British Heart Foundation, Cancer Research UK, the Medical Research Council, the Chief Scientist Office (Scottish Government Health Directorates), Engineering and Physical Sciences Research Council, the National Institute for Health Research; the National Institute for Social Care and Health Research (Welsh Government); and the Wellcome Trust. Each Centre will use patient data sets available through the Clinical Practice Research Datalink (CPRD), a £60m service announced by the Medicines and Healthcare Products Regulatory Agency and the National Institute for Health Research in 2012.
Dr Janet Valentine from the Medical Research Council explains that to be successful the centres will need to host and develop multidisciplinary teams, where doctors, nurses, social workers and public health experts will work alongside data managers, software programmers and data analysts.
Is BYOD really feasible?
'Bring your own device' is a business policy allowing and encouraging employees to bring their own mobile devices, such as laptops and smartphones, into their place of work and use them to access company resources including email, intranet and company applications. BYOD is beginning to gain approval in the health industry.
The Liverpool Women's NHS Foundation Trust, which sees more than 3,000 outpatients per month, is under pressure to treat patients as quickly and efficiently as possible. Its IT infrastructure comprises 900 desktops and 50 laptops, with 150 PCs being added every year, which means IT administrators have regularly to update the equipment. The Trust is now trialing BYOD and providing employees with Windows tablets to access clinical systems and iPads for non-clinical staff.
"People already have the technology at home. If you can secure these in your new environment, and enable them to be used, you're eliminating all the duplication," says Dr Zafar Chaudry, CIO at the Trust. "We envisage clinicians carrying data in the palm of their hands, at the bedside and around the hospital. That should streamline services and improve patient care."
Regardless of this, there are still concerns over BYOD becoming a standard fixture in healthcare. The Royal College of Nursing (RCN) has advised nurses that it "does not support the use of staff using personal smartphones for routine provision of services". Though it has said smartphones are useful for communication, taking images of wounds and accessing guidelines and information via the Internet, nurses should not "bear the brunt of costs".
Alison Wallis, an e-health advisor for the RCN says: "The onus should probably be on the employers, as nurses aren't as well paid as consultants." The minimum starting salary for a registered nurse, according to the NHS Agenda for Change pay scales 2012/13, is £21,176.
Cost is not the only issue; health professionals deal with sensitive and personal information a daily basis. Mark Sutherland, president of IT asset management firm Kaseya, explains that the smart devices are easy to lose and vulnerable to theft, therefore a tracking system will be needed to identify missing devices. IT experts will need to be able to remotely lock, wipe and reset missing devices, mitigating the risk of sensitive data becoming public news.
"Healthcare has important privacy rules and access control rules, so you can't just store patient records on somebody's personal phone and let them walk out," says Sutherland. "This is where cloud matters. Storing data in a centralised place, where back-up planning, disaster recovery and access control can be easily controlled."
He continues: "So if data is never embedded on the actual device, BYOD could work very well." However, while these advancements free up time and allow medical professionals to think strategically, Sutherland adds that the training can be expensive and tough. "People can be resistant, especially in an organisation like the NHS, which can be slow to change as it is dealing with sensitive data."