Medical histories on internet

By:Anna Caldwell and David Earley

AN alarming privacy breach by one of Queensland's biggest pathology labs has splashed patient medical histories over the internet.

The names, contact numbers and private details of at least 100 patients, and potentially hundreds more, were plastered on the website of Brisbane-based Sullivan Nicolaides.

The breach has cast serious doubt on the safety of electronic patient record systems, and angry patients were last night demanding answers.

The Courier-Mail yesterday viewed 102 patients' details before it alerted the lab to the security breach, which has been blamed on a processing error.

Kay Faulkner from Brisbane was devastated to hear the details of her recently deceased husband were so easily accessible.

"This is disgusting," she said.

"Dishonest people can easily misuse the details of someone who has died so for me this is a serious breach."

Rick and Cindy Gore from north Queensland said the security lapse was "completely unacceptable".

"We were never given a password or website to access so there is no reason for this information to be online - it is not like we could log on and check it ourselves."

The use of electronic records in medicine has jumped as software systems become more sophisticated. But the failure at Sullivan Nicolaides has shown the potential for online records to fall into the wrong hands.

All patients affected by the breach were referred to Sullivan Nicolaides by their GPs for the management of warfarin doses, a blood-thinning drug.

Most were from Queensland and northern NSW, with the files dating back to 2007 and 2006.

The records detail relevant medical history, current medications, as well as patient's next of kin.

Sullivan Nicolaides CEO Michael Harrison initially refused to reveal how many patients records were violated and accused The Courier-Mail of "acting like terrorists".

He later apologised and said 103 files were breached, although The Courier-Mail believes it could be many more.

Mr Harrison said the company had taken the security problem "very seriously", and within an hour of being alerted, the records were removed.

He said patients' details were only meant to have been accessed by authorised doctors and staff.

"Honestly, we are flummoxed (by the breach)," he said.

Despite the violation, Mr Harrison said e-health was the future of medicine. "I don't want this to be adverse publicity for e-heath because electronic health records are crucial to ensuring patients get the right care."

Chair of the Privacy and Security Forum and board director of the Health Informatics Society of Australia Peter Croll said that although private medical records should never be publicly available, there was nothing in the law requiring a breach to be reported.

"Obviously it's totally inappropriate," Mr Croll said.

IBA Health raising $124m to pare debt

HEALTH information technology firm IBA Health Group will seek to raise up to $124 million by issuing new shares to reduce debt.

IBA said yesterday it was offering two shares for every seven held by shareholders, at 55c per share -- a 29 per cent per cent discount to the closing price on Wednesday.

The institutional component of the offer, representing about $77 million, was committed.

IBA said its largest shareholder, AEP Financial Services Holdings, had committed to taking up its full entitlement, equivalent to about $32 million.

The balance of the institutional offer, about $45 million, is underwritten by ABN AMRO and UBS.

The retail offer, on the same terms as the institutional offer, is not underwritten.

IBA said it intended to use the proceeds of the offer to retire subordinated secured borrowings of $60 million from AEP, and other senior borrowings.

"The equity raising places IBA in a strong capital position to continue to benefit from investment in health IT by governments worldwide, and the computerisation of healthcare records," IBA chief executive Gary Cohen said.

"The outlook for the company is robust," he said.

IBA reconfirmed its 2009 full-year guidance for revenue of $540 million to $560 million and earnings before interest, tax, depreciation and amortisation of $120 million to $130 million.

"The company is well positioned to generate growth in the current economic downturn, with approximately 90 per cent of forecast revenues for full-year 2009 funded by governments either directly or indirectly," IBA said.

"Additionally, as at the end of January 2009, approximately 94 per cent of IBA's forecast full-year 2009 revenues were recurring, contracted and expected."

IBA shares, which were in a trading halt on Thursday, last traded at 77.5c.

BI key to e-health, says SWAHS staffer

By: Suzanne Tindal

Using integrated business intelligence software can help harness the benefits of introducing electronic health records, according to a senior IT staffer at Sydney West Area Health Service (SWAHS).
The forklift's running around there in a fairly empty warehouse.
SWAHS staffer Trevor McKinnon
"The biggest issue you have with the electronic health records is that nursing staff are providing the bulk of the entry," SWAHS business intelligence and web development director Trevor McKinnon said in a recent interview with ZDNet.com.au. The nurses felt that they were not getting any of the benefit and doing all the work, he said.
Indeed, most of the advantages of having electronic health records were seen downstream, he said, when, for example, doctors were able to see the information nurses had entered.
He hoped that in years to come, business intelligence could alter this perception by running text analytics on the data from the electronic records to make nurses' workload less and not more. Business intelligence would use text analytics to "get into what's written" and pre-write a report which the nurse simply had to review, instead of creating.
"Business Objects certainly has the potential to do that," he said, although he didn't believe it would happen until 2011. NSW Health has a whole-of-state contract with Business Objects and uses the company's Xcelsius platform. McKinnon is one of the leading drivers of its use, taking on not just business intelligence for SWAHS, but for other area health services within the state as well.
Just as business intelligence would help electronic health record acceptance, the progression of electronic health records would help business intelligence. Although the groundwork for electronic records in NSW had been done, McKinnon said, only the emergency departments and intensive care were recording patient information electronically. In other departments nurses were still writing reports by hand.
This limited the breadth of data which McKinnon had at his disposal to run statistics using the business intelligence, with only information such as admissions and outpatient services available for use. "The forklift's running around there in a fairly empty warehouse," McKinnon said, although he admitted that the information being gathered already was prolific enough to keep him very occupied.
This data is currently used to measure performance for the hospitals, and Sydney West Area Health Service uses dashboards built on the information to benchmark how staff are performing. It also is used on the patient side. If a "frequent flyer" patient comes into the emergency department, the business intelligence application can inform the employees which professional the patient saw previously — this often allows cases which don't need hospitalisation to be given other treatment and sent home, freeing up beds.
McKinnon looked forward to when most patient records were being entered electronically so that business intelligence could carry out functions such as finding keywords in records which could alert a doctor to the fact that a patient may need attention, increasing the level of care. "We can't wait," he said.