Friday, July 30, 2021

What must your Data Backup Strategy include?

Information is of critical importance to healthcare organizations. With the increase in pace of digitization in healthcare, the volume of health data is increasing exponentially. And...as with all digital data, the need to protect medical records against loss or corruption becomes even more critical.

Protecting electronic medical records and other forms of digital medical data is essential.
A robust data backup strategy can help you do just that

In todays times, Healthcare data backup and data recovery are critical components of every health IT infrastructure.

Hospitals cannot be careless about data backup. Their data is crucial for providing dependable care for patients.

Our Data Management team at Plus91 has put together this short set of pointers for you to get a gist of what a good data backup strategy should contain.


Onsite Backups:

When a server crashes or fails, it is helpful to have data backups on hand for easy restoration. Onsite backups are often faster to restore than cloud backups and almost always faster than offsite tape backups.

Offsite Backups: 

Onsite backups are valuable, but they cannot be counted on alone. Should something disastrous happen to the data center, it could also damage any backups you have in the building. For that reason, it is always wise to have copies of your backups offsite where they can be accessed manually or through the cloud. 

A Backup Schedule: 

Backups are not a one time activity. The data in your systems must be regularly and consistently backed up. For this it is effective to setup a clear defined schedule which is known by everyone within the IT team.

Backup Verification and Testing: 

Due to software and system glitches, a scheduled backup may fail sometimes. To ensure that everything is working smoothly, Backups need to be tested regularly. Also, the IT staff must be trained on how to access and restore their data backups as quickly as possible.

Organized Storage System:  

The storage repository/driver for backups must be well organized. backup files must be labelled appropriately. If the labeling system is clear and organized, the backups will be useful when needed faster. An IT  team shouldn't have to commit extra time digging through box after box of tape (or randomly labelled backup files on a drive) looking for a specific backup from a specific date several years ago.

 

Sunday, May 9, 2021

Benefits of signing up with NDHM for a Doctor

The National Digital Health Mission (NDHM) has been busy signing up doctors into the Digi-Doctor portal in 6 union territories and is being met with a mixed response. The Digi-Doctor Portal will act as a registry for the doctors and provide services to them and their patients. The services will be provided on the backbone of digital data portability initially related to patient demographic information and clinical data but later to expand to claims, prescriptions, and more. 



While voluntary, the government is urging doctors to sign-up. Before we do list the benefits of the NDHM framework for doctors it would be good to list the reasons the doctors may not want to sign-up as per a few snippets floating online. 
Three stand-out reasons put forth are:


  • Doctors in general, will not be comfortable sharing their treatments and protocols with others, either for reasons of knowledge protection but more importantly due to opening themselves to malpractice suits.


  • Some doctors who indulge in the same may feel their referral system under duress as NDHM ensures Diagnostic reporting is done a minimum number of times due to data being shared easily under consent.


  • Lastly, there is some talk of having a standardized price list (already attempted under the Clinical Establishment Act) having to be shared as part of the NDHM sign-up, which may affect what the doctors charge for their services. While this standardization attempt is still speculation in terms of how it will be attempted or what it entails, this particular point will affect all doctors and hospitals irrespective of them being signed up or not and hence becomes moot.


Now to another important factor. All good doctors believe in the Hippocratic oath. It is seen so vividly in their fight against the COVID-19 waves, going out of their way to help their patients, sometimes at the cost of their own lives. Assuming that NDHM is securely and constructively implemented as envisioned, their belief in their oath should be enough of a reason to sign-up. Because simply put, having clear historical medical data of a patient and access to the latest reports helps them and the next doctor (when they contribute) make better decisions and hence helps their patient. That should be enough. 


But if it's not enough, here are a set of clear benefits for the doctors. Note: Many of these benefits are dependent on the doctors signing up, providing growth via a feedback loop for an even bigger benefit as the network size increases.


Some of the Administrative benefits are:


  • License Renewal: What is promised a simplified license registration, license renewal, and NOC (No Objection Certificate) issuance when moving from one state to another now that there will be a single national registry as opposed to multiple councils and requirements they come with. With the process now online and digital with Digi-Doctor being integrated with various council systems, the pain many doctors feel today in renewing their license will be greatly reduced.
  • A barrier for quacks: The registration process and then subsequent listing in the authorized registry will weed out the quacks that cause harm not only to patients but also to the reputation of doctors in general. These quacks also cause a decrease in revenue, as patients flock to these places which offer cheaper services. But only if doctors do register in numbers, can the registry be effective in weeding them out.
  • CME Credit tracking: A new system will also be introduced to track CME (Continued medical education) credits effectively online to ensure Doctors are aware of where they stand and do not need to jump through hoops to get their credits counted.
  • Faster Insurance approvals: Getting Insurance for the clinic or hospital owned by the doctor or the doctor’s malpractice indemnity will become much easier and faster once a doctor is verified in the authenticated registry. 




The Patient and Work-related benefits are:


  • Access to Patient History: The main benefit of this whole exercise. Access to an accurate and complete history of the patient. As more doctors and organizations sign-up, a more complete picture of a patient’s medical history will form up. Access to this history will ensure better care for the patient through better decision making, lesser errors (e.g. medication adverse events) than what occurs today due to partial knowledge, and quicker response times due to having data readily available. Providing better continuity of care is a key benefit each doctor must consider.
  • Tele-Consultations: Accessibility and authorizations to conduct teleconsultations plan to be brought under the ambit of NDHM. NDHM registered Doctors will be showcased on various government portals and registries as providers of teleconsultations. 
  • Access to Global Standards: As a part of the digital framework Doctors will get access to various standards and protocols along with disease and drug registries.
  • Access to Government Programs and Studies: Verified doctors will be considered for or apply for various government grants or be part of government health programs, research studies, etc. 


The Business-related benefits are:


  • Online Presence: Greater discoverability of verified doctor profiles with their professional work history/journey instilling higher trust amongst patients on a national platform. They can share this profile link on social media or on other sites to increase their patient flow. Doctors will also be given recognition on the portal by the NHA based on various parameters, including the number of medical records contributed increasing their profile further.
  • Access to Additional services: The NHA (National health authority) is planning to roll out additional services or allow 3rd party secure vendors to roll out services for doctors registered on the Digi-Doctor platform. Almost like a private marketplace for Doctors. 
  • Storage of records: Using the Digi-doctor platform Doctor may get access to secured digital storage which can be used to store digital copies of their licenses, degree, and other critical credentials. Digitally verified versions of these documents will be considered legal to share.
  • Patient insurance claims: The flow of payments between Insurance ←→ Hospital ←→ Doctor will speed up considerably, once we experience quicker claim turnaround times when the e-claim process is in place. This will reduce cash flow problems which several doctors do face from time to time due to delays in claim processing. 


There is apprehension amongst the Doctor community as there is with any Government registration process on whether it will infringe on their rights or bring in regulation that is detrimental to their wellbeing or livelihoods. 


The NHA for its part has started outreach programs at least in union territories so far to allay these fears. Their framework and plans so far speak of the good intentions of the ministry of health and family welfare (MOHFW). 


The question remains, will all these benefits outweigh the few niggling doubts in the minds of our current day superheroes.


References:


  1. https://ndhm.gov.in/documents/ndhm_strategy_overview
  2. https://tmc.gov.in/ncg/images/NDHM_presentation_for_NCG.pdf
  3. https://www.medianama.com/wp-content/uploads/2021/04/draft_ndhm_implementation_strategy.pdf
  4. https://ndhm.gov.in/home/digidoctor_faq

This article is authored by Aditya Patkar, CEO at Plus91

Tuesday, May 4, 2021

Can we figure out who might become a superspreader?

SARS-CoV2 has a feature that is common with SARS-Cov and MERS. 

The majority of people who catch this bug don’t infect anyone else. Most of the transmission is done by a small number of people, potentially fewer than 20% of those who become infected. These people, who inadvertently are responsible for spreading the virus are termed "Super Spreaders"

Now a lot of epidemiologists don’t like the term "Super spreader". They prefer to talk about super spreading events. But, this is something who knows a bit about epi's will accept - they talk in terms of events more than people. In any case, the fact remains, a minority of people are responsible for a majority of cases.

In 2020, Dillon C. Adam, a visiting research fellow at the University of Hong Kong and Ben Cowling, a professor of infectious diseases epidemiology at the same university, co-wrote an opinion piece in the New York Times on the phenomenon, arguing that if authorities focused on preventing the types of activities that allow super spreading to occur — crowded events, sharing close spaces with others — more onerous measures wouldn’t be needed. Now Prof. Cowling wonders if there is a way to figure out the types of people who are more likely to be super spreaders.

It’s the question that weighs on Vineet Menachery’s , a coronavirus expert at the University of Texas Medical Branch, mind, too. “If we can decipher what makes a person a super spreader, it can change the dynamics of outbreaks and how we deal with them, now and in the future,”

What makes a few feel this could lead to a wild goose chase is that there aren’t obvious clues to pursue.

We know the virus that comes from super spreaders is not different in terms of its genetic sequence. We know there is no link with disease severity. And , there is no evidence for age, sex, or co-morbidity in the spread.

But - and this is a good but, these clues are not obvious yet. I believe that last set of lines should end with the words "so far". We have barely studied the data from the pandemic so far. Patterns and clues of some kind will emerge.

Also, these are not the only markers or clinical demographics so to speak.


References:

Just Stop the Superspreading 
https://www.nytimes.com/2020/06/02/opinion/coronavirus-superspreaders.html

COVID-19, SARS and MERS: are they closely related? 
https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7176926/

Hong Kong Quarantines a Few to Spare the Many. The Few Aren’t Happy.
https://www.nytimes.com/2021/03/17/world/asia/hong-kong-coronavirus-quarantine.html

How SARS-CoV-2 first adapted in humans
https://science.sciencemag.org/content/372/6541/466 

Clues to COVID-19 coronavirus's vulnerability emerge from an antibody against SARS
https://www.sciencedaily.com/releases/2020/04/200403103959.htm

Monday, May 3, 2021

An overview of NDHM's Technology

National Health Authority (NHA) has been working on a new-age ecosystem for healthcare data for India, one which allows seamless availability and interoperability of Personal Health Records to authorized people, they started designing the new ecosystem network such that data is available always to the patient all the time. Further, patients can choose to share their data with their health care providers securely.

Since the implementation was envisioned to be in a mission mode, the initiative was named, and is currently referred to as the National Digital Health Mission (NDHM). 

NDHM Architecture

NDHM is employing a federated architecture for its ecosystem. That means that management and data access occurs in a federated manner where different entities or systems will manage the health data.
There is no central data storage controlling and storing data.

Using the Federated Health Records Framework (FHR), patients can access and view their health records, and provide consent to any HIPs and HIUs to access their data.

To ensure smooth consented data sharing and time-bound data access, it is necessary to make the data traceable and auditable. Therefore the FHR Framework architecture leverages MeitY's Data Empowerment and Protection Architecture (DEPA) electronic consent framework, which is already being used in the financial sector.


















Here are some interesting technical features of the NDHM ecosystem

FHIR for all Medical Data

One of the prevalent problems in the healthcare software landscape is that software providers have their own proprietary data structures and way of dealing with medical data. Despite having various standards available in the industry, very few providers use them correctly. This affects interoperability between systems. That is why it was required that all the systems on the ecosystem use the same standards for medical data so that data is interoperable. This is why the FHIR(Fast Healthcare Interoperability Resources) Specification was chosen as the data exchange format.

Asynchronous APIs


All the APIs(Application Programming Interfaces) of NDHM are asynchronous APIs. That means that you do not get the response of your requests synchronously but the response is sent back to your endpoints as a callback once your request is processed. This is a pretty standard technique in large distributed systems, and its use is expected and welcomed.  As things start moving forwards, more providers will join and the number of transactions will grow exponentially. This model allows them to scale the network easily as we move forward.

It is also important to know that plenty of interactions happen between Health Information providers (HIPs) and each HIP software may handle requests differently. So making the API calls asynchronous, helps manage the variable serving capabilities of different HIP software graciously.

Patient Privacy & Security Features of NDHM


Privacy of the Patient Data is crucial and a lot of people are not comfortable with sharing their personal health data on central servers, especially sharing them with the government without their consent. The model that was adapted for this handles this concern very well. 

Let's see how this is handled to ensure patient privacy is ensured,  and it's the patient who owns the data.

HIPs can only create data if authorized by the Patient:

HIPs cannot create any data against a Health ID without first being authorized by the Patient. HIP obtains an Auth Code from NDHM Gateway by one of the following authorization methods:

  • Demographics Verification - Patient Demographics data supplied by HIP matches the Demographics data registered with the Health ID
  • Mobile OTP - Patient shares OTP sent to registered mobile number with the given health ID
  • Aadhar OTP - Patients shares OTP sent to the mobile number registered to Aadhar No associated with the given health ID
  • QR Code Share - Patient has the option to share their health ID by scanning the QR code available to the registration desk and the given HIP receives Patient Information and the Auth Code.
This ensures that no health data against a patient Health ID is being created without the patient’s approval.

An HIU(Health Information User) can only get past health records of other HIPs if consented by Patient

Other HIU's do not get a Patient’s past health records generated by other HIPs without the patient’s consent. If an HIU wishes to receive the past records, HIU needs to generate a Consent request with the following information:
  • Types of Health Data (OPConsultation, Prescriptions, Diagnostics Records, Discharge Summary & Immunization)
  • The purpose for Requesting Data
  • The date range of the data required
  • Consent Expiry - On consent expiry, this health data get destroyed from HIU’s system
As soon as this request is generated, the patient is notified about this consent request and he can review the request in the PHR app. The patient will be able to see all the data requested by HIU as mentioned above. Not only can the patient review the data but the patient also has the option to modify the request data( e.g. change consent expiry or type of data he/she wish to share or even change the date range of health records requested). This data is only shared with the HIU if the patient approves the consent request. If he denies the request, HIU does not receive this data.

Not only can patients review these things, but the patient can also decide to prematurely revoke access to any HIU‘s approved requests. If a patient decides to revoke access, the corresponding data will get destroyed from HIU’s system.

This mechanism ensures that patients always have control over their data.

Peer to Peer Data Transfer Between HIP & HIU

As mentioned earlier, a lot of patients are uncomfortable about their private health records being available to and accessed by the government. To avoid this altogether, NDHM never handles the data themselves. The NDHM Gateway only coordinates the connections between HIP and HIU. The actual data transfers happen between HIP & HIU directly and it is effected using a peer-to-peer connection. It does not pass through NDHM, and so there is no way NDHM can access the data.

Data exchange between the HIP & the HIU also happens using encrypted medical records above the standard TLS connection. This adds an additional layer of encryption for medical data.

The ECDH (Elliptic-curve Diffie–Hellman) key agreement protocol is used for this. The HIP & the HIU generate their own pair of public-private keys using curve25519 elliptic curve. This curve provides 128 bits of security for the data being encrypted.

The HIP will use its own private key and the HIU’s public key to compute a session key and encrypt the content using an AES GCM cipher. The HIU can use their private key and the HIP’s public key and compute the session key to decrypt the data. So even if the encrypted data is leaked, no one except these two parties can encrypt/decrypt the data.





Final Thoughts

The NDHM is a wonderful initiative by the government to streamline the healthcare landscape in India today. At this time, all the health data is available as silos within different solutions and systems. It is very difficult, if not impossible, to make the data interoperable between systems. Consequently, it is difficult for patients to access the data across these silos and manage it properly within a system of theirs choice. This project has the ability to revolutionize the industry. This could be the UPI of Healthcare.

It is one thing to have a concept and another thing to implement and execute it. So far NDHM seems to be going in the right direction.  And there is hope that it will continue to do so. 
Technology is being given equal importance to gain the trust of all players involved in this industry.

Privacy and Security have been a prime priority in the project as you can see from the above article, this is an oft-ignored aspect in old projects. Hope it continues to stay this way.

References


https://sandbox.ndhm.gov.in/docs/architecture

https://sandbox.ndhm.gov.in/docs/data_encrypt_decrypt


This blog post has been co-authored by Kishan Gor , Aditya Patkar and Nrip Nihalani


Monday, April 19, 2021

Why is India Facing a 2nd Wave of the Corona Virus

Till a few months back, we both were in awe of how our country had achieved remarkable control over the spread of Covid-19, across the nation. While a majority of the world was battling a 2nd wave of the virus, Indians had shown remarkable restraint and followed protocols for months on end. Something I have never experienced in our great country in my lifetime. This resulting in the divine union of central government directives with state government policy-making and bureaucratic action and departmental rule-making and the public following the rules, as well people helping the authorities enforce the rules by others.


Wow! This utopian behavior, was instrumental in India achieving among the best metrics in the world, in terms of how the fight with Covid is being measured. i.e. No of cases, No of active cases, The recovery rate, etc.

And then we as a country seem to have performed the hara-kiri that our cricket teams of the '80s and 90's were well known for. Before we had won the match, we started celebrating the victory, and seem to have lost the game. We didn't wait till Covid was completely under control. We started dismantling the specially created Covid Centers. We took our families to the malls and did not care about spraying sanitizers, before and after each interaction with something from outside our controlled environment. We started unmasking at will within our buildings and even at the Kirana stores. We started flying and driving around the country without masks and frolicking on the beaches of Goa. Our house parties were back on, and we destroyed the controlled zone that all India had worked so hard to become over a whole year. All, in less than a couple of months. And so it's back, worse than ever before, crippling our economy, our spirit, and making us feel bleak about the future. Except for this time, it doesn't look like everyone wants to tackle it together anymore.

The center and the states don't seem to get along. The media is pushing up the pitch and the amplitude of the hyperbole. Strangely, vaccines seem to be running out. People are still not masking up. Many are demonstrating utter and complete stupidity with regards to bending the rules. Construction sites are working in full sway as if there is no covid in this world. Watchmen in buildings aren't sure if they should let delivery in or collect them at the gate, so they do nothing. And the poor Kirana-wala is feeling weird about asking the people coming to his shop to mask up again. My neighboring Kirana-wala told me he is not done arguing with customers who are say "khaasi pehle nahin hui kya" (Translates to "Haven't you had a cold before?") Sounds like March 2020 again!

We both decided to formally put down our reasons for what has brought us to this stage. Policymakers must not let this happen again

1. The single biggest factor for the wave having arrived is how we have behaved in the recent past. 

  • People became complacent as the virus numbers fell. There was less social distancing, less effective usage of masks, and much more intermingling. 
  • The government helped create this complacency by changing the message they were spreading across the nation. Earlier it "Lets fight Covid together" and then in early 2021 we started hearing "We have the best recovery numbers, which within a short period started sounding like We have beaten Covid", and many Indians started hearing this as "We are invincible"
  • Even once the cases started to rise, people did not take it seriously as they believed the virus was already conquered given the vaccine roll-out happening in the background.
  • Teenagers and early twenties are a big factor in the spread this time. Many were unaffected by the last surge but the mutated strains affecting their age groups, coupled with the fact that these age groups in India at least are more likely to participate in social events and less likely to follow norms completely gave rise to a larger number of cases. 

2. Mutating Strains:

  • The nCov Virus can mutate quickly. This gives rise to multiple strains with differing characteristics. The strains doing the most damage are the ones where mutations allow for faster transmission of the virus. The second wave is mainly made up because of such slightly mutated strains which are harder to contain.
  • A new variant, called B.1.617, was initially detected in India with two mutations -- the E484Q and L452R. It was first reported late last year by a scientist in India and is the chief variant spreading in India which is highly contagious. It is also highly likely to evade the immunity provided by vaccines.
  • The Current strains affect a wider range of age groups. There is a larger number of cases, this time around, of children, teenagers, and pregnant mothers than in the previous wave. Hence a larger population is susceptible. 
  • The current strains though less damaging are highly contagious. The virus travels further and faster instead of causing more damage to the host. One of the reasons why Ebola does not travel far is its genetic makeup causes a very high and quick kill rate of the host, meaning if a limited number of hosts are contained it cannot travel very far as the host itself dies if not cured. This spread puts a lot of pressure on the public health infrastructure, crippling it beyond a point.
  • India was not sequencing enough SARS-COV2 genomes till late Feb 2021. Ref: https://science.thewire.in/the-sciences/india-sars-cov-2-genome-sequencing-roadblocks-resources-b117-n440k-variants/ and https://science.thewire.in/health/insacog-ccmb-igib-novel-coronavirus-variants-genome-sequencing-covid-19-surge/

3. The Vaccine rollout:

  • The ability to deliver a large number of vaccines in time and with proper delivery mechanisms is not yet perfect. There is scope for the production to be increased, and the delivery mechanisms improved. 
  • The fact that 2 doses are needed a few months apart for full efficacy gives the chance for the virus to take the person down in the long interim period. This interim period should have been defined as a period for vaccine takers to be extra careful.
  • The virus efficacy was never fully understood, and that the vaccine does not prevent the person infected from still being a carrier is still unknown to most.

4. Policy Changes 

  • Policy changes allowed weddings and parties to be carried out with an increase in the number of people allowed. It became impossible to control the social distancing protocols at these large events, and they eventually became super spreaders. The increase in Weddings, Parties, Election campaigns, etc went on unabated as restrictions were lifted just as the strains became harder to contain.
  • There is a distinct delay between policy change (Begin Again Initiative by the government) such as allowing opening of businesses or removing restrictions on gathering and movement of people to when these translate into numbers in COVID-19 analytics. An increase in the number of COVID-19 cases or admissions or even deaths is not seen immediately within the week or even 2 weeks but much later. The delay is much larger as the spread initially is limited to smaller circles but due to spreader events and clusters forming suddenly rise exponentially. So policy changes in the November-December period showed up as a sudden surge from February onwards, as policy change led to behavior change was fed back to appear in the population-level data.

 

This article is jointly authored by Aditya Patkar and Nrip Nihalani

 


Tuesday, April 6, 2021

In conversation with Aditya Patkar and Nrip Nihalani - Business Evangelist of India - Feature on Forbes India and B1TV

Healthcare is currently one of the most dynamic sectors witnessing rapid changes. 

In this feature  Nrip Nihalani and Aditya Patkar talk with Broadcast1 

  • about Plus91's journey over the past decade, 
  • about changing healthcare and being an integral part of the rise of digital healthcare 
  • and the crucial role Plus91 plays in the future of digital health. 

Includes our work on helping Healthcare organizations adopt digital tools, Predicting Epidemics, Creating and open culture and moving healthcare forward. Do Watch!

 

Here is a link to the feature - Business Evangelists of India

Monday, March 8, 2021

Using AI in Healthcare responsibly

Artificial intelligence(AI) is slowly demonstrating its ability to help, improve and transform medicine. Typical examples are

I am very optimistic about AI’s potential use within the medical and clinical business, both in terms of making these disciplines more efficient and effective, as well as in the long term, changing what they will mean and represent to the rest of the world. 

My worry though, is that, its being promoted almost as a fad in today's times. By promoting unrealistic expectations based on biased data, we run the risk of creating low levels of trust in the mindset of the users and everyone outside the immediate ecosystem, much like everything else within digital health has suffered from the very beginning.

A report published in JAMA  - Artificial Intelligence in Health Care: A Report From the National Academy of Medicine recommends that people developing, using, implementing and regulating AI for healthcare do seven key things
to ensure these technologies and tools are developed, implemented and maintained responsibly

  

Promote data that accurately represents populations with accessibility, standardization and quality.  - to overcome data availability biaseses ensure accuracy for all populations

 

Prioritize ethical, equitable and inclusive medical AI while addressing explicit and implicit bias. - to understand the potential of the Underlying biases to worsen or address existing inequity 

 

Clarify the level of transparency needed across a AI developers, implementation teams, users and regulators -   Contextualize the dialogue of transparency and trust, accept differential needs.

 

Focus in the near term on augmented intelligence rather than AI autonomous agents. - supporting data creation, data interpretation and decision-making by clinicians and patients is where opportunities are now

 

Develop and deploy appropriate Training Programs. - Training programs must be multidisciplinary and should engage AI developers, implementation teams, health care system leadership, front line clinical teams, ethicists, humanists, patients and caregivers

 

Have a robust and mature IT governance strategy in place before Health delivery systems use AI formally - Use and adapt existing frameworks and best practices for learning health care systems, human factors and implementation science.

 

Promote trust and balance innovation with safety through regulation and legislation - evaluate deployed clinical AI for effectiveness and safety based on clinical data.


The above is a mashup of original thoughts and ideas curated from:

Artificial Intelligence in Health Care: A Report From the National Academy of Medicine

https://www.ama-assn.org/practice-management/digital/7-tips-responsible-use-health-care-ai

https://www.ama-assn.org/practice-management/digital/10-ways-health-care-ai-could-transform-primary-care

 

Image credits: 

First Image via http://www.brother.co.uk/business-solutions/healthcare/future-of-hospital-technology

Second Image via https://www.vpnsrus.com