Posts Tagged ‘SaaS’

While conducting research for the long overdue and nearly completed report on Personal Health Clouds (Dossia, Google Health and HealthVault) came across a recently published report by the European Network and Information Security Agency (ENISA) addressing cloud computing security.  Though quite long (over 120 pages) the report provides a very comprehensive overview of cloud computing, its benefits, risks and some very good risk assessment tools to assist one in evaluating a cloud solution offering including segmentation by SaaS, IaaS and PaaS.

With the rapid migration to the “cloud computing” paradigm in the healthcare sector, be it personal health clouds, HIE vendors transitioning to PaaS vendors (note: Medicity made their own PaaS announcement yesterday – more to follow in near future), EMR vendors offering hosted solutions, to move to manage and store images in the cloud, and various niche vendors such as Medcommons, who uses Amazon to host its service, a report such as this is quite valuable and instructive both for potential users of cloud services as well as those offering them.

If you have even a remote interest in this subject, trust me, just get the report as it is one of the best I’ve come across to date.

Read Full Post »

I got religion.

At least religion that part of the savior to today’s, and more importantly, tomorrow’s healthcare crisis lies on the Internet.

With the abysmal adoption of IT to date within the healthcare sector, I am a strong believer that this industry will simply leap-frog the traditional, three-tiered IT architectural model and move directly to an SaaS-type model (ala athenahealth or Salesforce.com) coupled with cloud computing.  Granted, this will not occur over night and most large hospitals and IDNs will be loathed to give up on their server farms and internally developed apps, but there is a very large percentage of care (some estimate it at 80%) which takes place outside these large healthcare facilities, and it is here where adoption of healthcare IT (HIT) is lowest and where we will see the Interent play the biggest role.

We are still very early in the game here and there are numerous issues to contend with from privacy and security to uptime, to control – not insurmountable, but issues that must be addressed nonetheless.  So to get up to speed on how some of these issues may be tackled, I’m of to Harvard University for the next couple of days to get some schooling on the topic.  The Berkman Center for Internet & Society is having a 10th anniversary conference and have put together a very interesting agenda.  Will report back any insights I garner.

Read Full Post »

Today, Google opened the doors to a Beta version of its consumer health site.  Based on that landing page, quite clear that unlike Microsoft, Google will offer a full fledged Personal Health Record (PHR) for the consumer.  In addition to the base PHR functionality they will be providing, Google Health Beta will also offer a secure repository to store one’s medical records, health and wellness information and a physician directory.

Off to a meeting now.  Will do a test drive of Google Health Beta later today and provide further analysis on the platform and its implications to the broader market.

Read Full Post »

B2C Dead in PHR Market?

The Personal Health Record (PHR) market is evolving rapidly undergoing a tectonic shift as the majority of PHR vendors shift their focus from Business to Consumer (B2C) sales & marketing model to Business to Business (B2B) model. This is particularly true for those who offer a hosted, web-based (SaaS) PHR solution.

In a series of interviews we have conducted over the last several weeks with a number of PHR vendors, both large and small, the over-riding trend is a refocusing of their marketing away from the consumer and towards larger enterprises, which can be broken down into three distinct markets: Employers, Health Plans and Providers.  PHR vendors are finding that these larger entities can be much more effective in promoting adoption of a PHR among their constituencies and it is far easier to target these organizations than the very broad and not terribly motivated end consumer market.

There are still a significant number of PHR vendors pursuing a B2C model, typically offering a desktop and/or USB solution.  These vendors, however, will see ever stronger headwinds as the PHR market moves to the Web as Web-based solutions can provide far greater functionality, are easier to update and will be delivered at ever lowering cost as these solutions scale.  Another challenge facing USB solutions is the reluctance of care providers to insert a USB into one of their networked computers for fear of inadvertently downloading a Trojan virus off the USB.  Thus, the utility of USB solutions is extremely compromised and consumers will look elsewhere.  For these reasons, PHR providers that offer only a desktop and/or USB solution will fade from the market within the next 3-5 years.

Our research on the PHR market will culminate in a comprehensive report that is scheduled for completion by the end of Q1’08.  If you wish to receive further information about this report, please contact us directly at: info@chilmarkresearch.com

Read Full Post »

Google’s new leader of the Health Group, Marissa Mayer gave a very mundane presentation yesterday at the Web 2.0 conference in San Francisco and from various reports, it sounds like it was a complete bomb.

Granted, Marissa only had ten minutes to work with but you would think that in that time she could provide more than simple homilies and a Letterman-esque Top Ten list. No demos, no screen shots, and apparently no visionary statements like Adam Bosworth, Google Health’s former leader who mysteriously departed Google in early September. Marissa only gave a plea to stay tuned as they will formally launch something in early 2008.

Quite obvious that there has been a major re-thinking within the Google Health Group as to what their offering should consist of as it was not that long ago that they were distributing screenshots of proposed Google Health platform. A half year delay plus is a long time in the software industry, especially when there are a host of competitors jumping into the same market. Now with the recent Microsoft HealthVault release, Google may be giving even more thought to their offering to both differentiate themselves from Microsoft as well as insure that when they do hit the market, they will be offering something more for the consumer than just another Health Search engine , which is about all Microsoft can offer the consumer today.

So where is Google focusing its energy?

Based on Marissa’s comments, it looks like three key areas.

  • Search: Obviously, though it will be interesting as to how they provide such search capabilities as the Microsoft HealthVault search engine is impressive.
  • Local Care Provider Directory with Mapping: This makes a lot of sense as well and something they are already providingfor other business centric searches on emay perform. Now what would really set them apart is if they could combine this feature with quality and patient satisfaction metrics.
  • Archive and Retrieve Records: Again a logical extension of some of the things that Google is currently quite good at.

Nothing here really gets me excited. Ho Hum indeed.

So what’s missing? Well, hard for me to tell as I am basing this write-up on third-hand reports but what comes right-off the top of my head is a lack of creativity and imagination. Is this really the best they could think of to say at this conference?

I can only surmise that maybe Google is having second thoughts about how grand a vision they wish to pursue in this market. Maybe they took a hard-nosed look at just how difficult and challenging it will be for them to be successful and have decided to limit their exposure. Whatever it is one thing is certain, the vision is gone baby, the vision is gone.

Read Full Post »

Had the opportunity last week to get an update from Will Crawford and Ken Mandl of the Children’s Hospital Informatics Program (CHIP), a joint collaboration of Harvard Medical and MIT. The objective was to learn more about the recent agreement between CHIP and Dossia, whereby Dossia will adopt Indivo as the Personal Health Record (PHR) platform, or what CHIP refers to as PCHR for Personally Controlled Health Record system.

Indivo has been one of those academic exercises where some interesting technology (a completely Open Source PHR) has been developed, tested and refined over the years (13 years and counting). The overall purpose has not been to create a product for the market per se, but to develop a platform that can be used to better understand the possible role of a PHR system in healthcare to improve outcomes. Over the years CHIP has addressed a whole host of platform development issues for Indivo from usability to interoperability, privacy, security and finally, consumer and physician adoption. But this has all been very much in an academic setting. Consequently, little real world testing has been done to date on Indivo platform and by real world I mean large-scale deployments and use. Note, they have done limited deployments at both Children’s Hospital, MA-SHARE, a regional RHIO, at MIT where they have a couple of hundred subscribers and in Canada where there are several hundred subscribers as well. They are also currently rolling it out at several other locations.

That is all about to change.

On Sept. 17th, Dossia announced that they had chosen Indivo as the platform for the 5 million plus employees, retirees and dependents, that Dossia’s employers represent. That is a massive leap forward and a huge vote of confidence for the folks at CHIP and their Indivo PHR. But a lot of questions have been raised as to how independent CHIP and Indivo will remain now that they have such a large client and even more importantly, there is a ton of cynicism regarding what the true motivations are of the employers that are sponsoring Dossia.

Will and Ken wanted to set the record straight. Following are a few highlights from our conversation (Note, these are NOT verbatim, but based on my quick notes):

Ques: How independent will Indivo Health remain? Does the agreement with Dossia put any restrictions on Indivo?

Ans: CHIP remains an independent non-profit entity directly responsible for Indivo. The Indivo platform will remain an Open Source platform and adhere to the conditions of the open source community for enhancements, distribution and use. There are no restrictions on CHIP’s ability to establish future partnerships/relationships with others. In fact CHIP maintains complete autonomy and can exit this agreement at any point in time.

One area that Dossia did insist on was for CHIP to establish a stronger governance model for developing and enhancing the Indivo PHR. This governance model will formalize the process by which enhancements are chosen for development, acceptance, QA/QC testing protocols and how such enhancements will be formally supported upon their release. (Ed. This makes good sense for as an academic exercise, this issue was not high on the priority list. Dossia’s insistence on this point will lead to a better product for the broader market.)

Ques: Who will actually operate and maintain the Dossia/Indivo PHR once it is live? When is go live date?

Ans: CHIP will be directly responsible for day-to-day operation of the Dossia PHR. They will be contracting with an outside hosting service to physically host the PHR. Data transmitted to and from the hosting service is completely encrypted, end to end, to insure security and privacy of employee records. They will roll-out Indivo to a small group of early adopters within the Dossia community later this year.

Ques: Will Dossia employers have access to employee data?

Ans: Employers will have absolutely no access whatsoever to employee data that is resident on the Indivo platform. Important to point out that according to Ken and Will, the employers insisted on this as well. (Ed. Enlightened employers are more concerned with helping their employees stay healthy, which provides a much greater contribution to their bottom line, than trying to weed-out those that may have health issues by digging into their records.)

Ques: What is the biggest challenge going forward?

Ans: This is just hard to do. It requires an in-depth examination of existing systems, addressing interoperability, developing mechanisms that autonomously and automatically update records (they’re experimenting with bots), enhancing the user experience and most importantly insuring privacy and security of the platform. A core operating belief at CHIP is to focus on the end user, the consumer/patient. This is reflected in what they prefer to call their PHR, a PCHR for Personally Controlled Health Record system with an emphasis on personal control. CHIP believes that if they can make Indivo work for the consumer, it will have a corresponding and positive impact on other healthcare stakeholders, chief among them, physicians.

Having worked in academia and in industry I have seen my fair share of such partnerships disintegrate due to diametrically opposing views on what the priorities should be. Academics typically want to pursue their research and get published (trust me, you don’t get published and receive the accolades of your peers by commercializing a product), while companies such as those associated with Dossia are interested in the product and not another paper for JAMIA.

But overcoming such differences will be relatively trivial compared to getting all stakeholders (providers, employees and payers) on-board the Dossia initiative adopting and using Indivo to produce better outcomes and health for the consortium’s massive employee base. But Dossia does represent massive buying power in the healthcare market and can use that to their advantage.

CHIP and Dossia are really breaking new ground here as this will be the first large scale deployment in the US of a multi-data sourced PHR serving such a large community nationwide. If they can move beyond some fundamental motivational differences there is a lot of potential here to really move the ball forward on consumer adoption and use of PHRs. But no doubt about it, we still have quite a ways to go and it will be hard work. Closely tracking this initiative will offer some important insights into the future of this evolving technology and the broader theme of consumer directed healthcare. Stay tuned.

Read Full Post »

Have you ever come home from a strenuous work-out famished and can find nothing in the cupboards or the refrigerator to satisfy your cravings? If so, then you have some idea of what I experienced on HealthVault.

Getting into HealthVault was a work-out. It all began with the need to establish a Microsoft Windows Live ID account, which is really just a re-branding of the universally disliked Microsoft Passport. Why Microsoft, do you feel you compelled to continually entrap us with such things as this? Claims of added security are unconvincing as I certainly do not have to go through such a process as this for my on-line bank accounts or Fidelity account, both of which are VERY secure.

Once I got into HealthVault, low and behold the cupboards were bare.

Upon entering, one finds a fairly clear, crisp and consistent layout with tabs across the top to get one started. First, you are prompted with a simple process to establish your account by creating a record. Records for loved ones can also be created at this time or later. Each record has a simple file structure that includes: Health Info, Document Library, Sharing, Programs, History and Profile.

The HealthVault experience begins with one creating a profile for a given record. The profile asks for very basic contact information, nothing more. It does not ask for one iota of health-specific information and therein lies one of the most fundamental problems with HealthVault today.

As a platform, it is but a repository of data. HealthVault relies on your documents that you might upload to your HealthVault account and its partner network to provide all health-specific data through connections to their applications and Web services, which HealthVault refers to as “Programs.” Thus, it is incumbent upon the consumer to create a health-centric ecosystem, including selecting HealthVault partners that are pertinent to their needs. This is a very arduous process and not recommended for the feint-of-heart.

Why so arduous?

First, it is not easy to determine which Programs one may want to add. Secondly, wouldn’t it be nice to know which Programs are actually worth subscribing to? Hey Microsoft, how about a user’s ranking system for these partners with comments ala Cnet? Third, you do not stay in the HealthVault environment when you pick a partner, instead, you hop out of HealthVault to a partner’s website. Once there, it is not at all consistent across the various partners as to how to connect the Program to HealthVault. For some, like the American Health Association’s blood pressure monitoring it was pretty straight-forward. For others, such as Healthy Circles, Peaksware or US Wellness it is a completely different story. When you arrive on their site, there is nothing that points you in the direction of how to incorporate their Program into HealthVault. With the majority of these sites, about the only thing I could easily find was their press release referencing their partnership with HealthVault. Not much help there!

Why Microsoft did not demand that partners create a separate landing page for anyone coming from HealthVault to a partner’s site to insure consistency and quality of the experience is a mystery to me. This is a monumental shortfall of HealthVault today and I cannot imagine any consumer having the patience I did in trying to navigate through this morass.

Another significant shortfall is that there are only 7 partners providing Programs for HealthVault and the majority are very small, niche players who are riding Microsoft’s marketing coattails. Sure, some of them may make it, but as a consumer, I’d be very cautious enlisting most of them until they get some traction in the market. Where are the bigger players Microsoft?

Not is all lost and there are indeed some redeeming features of HealthVault including the Sharing and History features as well as their privacy policies.

The Sharing feature of HealthVault allows one to establish specific guidelines on what health information in their record they are willing to share with outside parties such as another family member, their physician, a fitness coach, etc. Today, sharing is pretty basic and is tiered into three levels of access: View, View & Modify and Custodian. Custodian is very similar to administrator privileges on one’s computer. Within the next few weeks, Microsoft states that they will be updating Sharing capabilities to allow for sharing of data within user defined time-ranges, e.g., you may want to provide access for only 15 days to insure privacy. Microsoft also will be adding a “tagging” feature allowing one to tag very specific data and information for sharing (or keeping private), rather than granting full access to all information in one’s health record.

The History feature will also be useful as it tracks the complete history of not only their interaction with HealthVault, including uploads of data from health monitoring devices or an update of the record from their physician, but also all others who may have access to their HealthVault record. Therefore, one can quickly see whether or not their physician has visited their HealthVault record and even if they made any changes to the record. This is much simpler than trying to dig through one’s record to see what is new. Important to note that only the Custodian of the record has access to History, which is to insure privacy.

Microsoft has also taken great pains to insure the privacy and security of HealthVault and all who use it. Adopting the policies first put forth by the early pioneers at Children’s Hospital of Boston and MIT, the developers of one of the first Web-based personal health platforms (now called IndivoHealth), Microsoft is putting the consumer in control of their health records. Microsoft’s privacy policy clearly states that they will not, for any reason (unless legally-bound), share your information for any purposes. All data that is exchanged between a consumer and HealthVault is encrypted via https. Data is stored in encrypted format in servers that are logically and physically separate from other Microsoft Web service offerings (e.g., Hotmail). At anytime, a consumer can ask to have their HealthVault account, or a given record deleted. Microsoft also claims that all partners will adopt similar privacy policies. Congratulations Microsoft on promoting a privacy policy that puts the consumer firmly in control of their health information.

In conclusion, despite excellent privacy policies and some other nice features (Sharing and History), I find that HealthVault Beta is NOT consumer ready. It is incomplete on a number of levels, confusing at times and is not user friendly. As it is today, HealthVault Beta is best used to attract partners to enlist and not much else.

I am not entirely writing off HealthVault. On the contrary there is potential here but it is going to take time for that potential to develop. An important factor in HealthVault’s long-term success is contingent on the partners (both quality and quantity of partners) that Microsoft can enlist to build critical mass on the HealthVault site. Microsoft also must address the shortfalls I’ve pointed such as the user experience, which today is simply unacceptable.

Microsoft has taken a bold leap here with HealthVault, a leap that redefines the PHR market. But that bold leap also brings a lot of expectations and the Microsoft HealthVault team has quite a ways to go before they meet the expectations of this potential consumer.

Read Full Post »

Older Posts »