Working Through the Promises and Pitfalls of Electronic Health Records

Working Through the Promises and Pitfalls of Electronic Health Records

Electronic medical and health records have been widely adopted, but today, security, interoperability, and basic usability are still issues for medical professionals. Part two of a three-part series on EMRs.

Written by Omar L. Gallaga

For Matthew Kull, the senior vice president and chief information officer of Dallas-based Parkland Health & Hospital System, implementing electronic medical records has been a huge and ongoing endeavor that started 10 years ago. It has never been optional.

For a hospital system that treats a million outpatient visits a year and serves as a safety net for Dallas County, Kull said transitioning into digital patient records early and continuing to improve Parkland’s systems was a necessity. Doing so saves lives in measurable ways.

Matthew Kull

“To us, we measure efficiency in terms of seconds,” Kull said. “When we have half a million inpatients, those seconds become substantial: They add up. If I can make a discharge more efficient through technology, that adds up to years of available beds. In many ways, it’s critical to being able to support the volume of patients we see.”

In the last issue of Texas Hospitals Magazine, Texas Hospital Association looked at the last 10 years of electronic health record implementation, which were beset with expensive, difficult-to-use systems from major vendors tasked with meeting government-set standards while creating flexible software that could, in theory, communicate with systems from rival companies. It turned out to be a rough and rocky road.

Despite major problems that are still being addressed, electronic medical records appear to be coming out of a major transition period with improvements being rolled out more quickly. The technology is beginning to catch up with some of the promises that were made more than a decade ago.

The Data Promise at Parkland

The $28 billion electronic health record market, made up of more than 1,000 vendors, continues to be very fragmented, with established health-industry players, new startups and even major tech companies (such as Round Rock-based Dell) in the mix.

Sidebar: EHR Vendors

Epic Systems Corp., based in Wisconsin, has about a quarter of the acute-hospital care market, according to Klas Research. It’s the software maker used by Parkland among other major hospitals and hospital systems statewide.

Along with another giant in the space with about 25 percent of the market, Kansas City-based Cerner Health, Epic has been improving its health records software steadily while also trying to get other records vendors to agree to more open standards that would allow patients and hospitals to more easily access information.

The challenge is a big one – allowing one patient’s records in one provider’s EMR system to successfully “talk” to another provider’s system – but would move the industry a big step forward to optimizing efficient care and cost-savings across the health care experience. Both big players, Epic and Cerner, have made strides to a make interoperability a reality, including new platforms that give patients the ability to grant access themselves to providers. Industry experts say that while a step in the right direction, most fall short of truly moving data around.

For Parkland, Kull said, success in the hospital’s use of Epic’s software comes down to three contributing factors:

• Early adoption.

• Keeping the systems very stable by staying close to Epic’s blueprint, which he said make upgrades easier.

• Having additional staff to make sense of the vast amounts of data Parkland is collecting.

“It’s less about EHR functionality and more how we’re addressing big data,” Kull said. “We have a small core team of technologists who work hand in hand with departmental resources to educate and train in the use of these tools.”

By doing that, EHRs at Parkland have moved from record keeping to predictive medicine: Data can help determine in advance who will be most likely to need emergent care and how those situations can be prevented. Kull said EHRs have helped create better treatment for suicide screening, medication adherence and other applications. This part didn’t come from Epic, although Kull said he knows the company is working on advancing that kind of technology itself.

“We’re starting to see these capabilities emerge and we tend to be ahead of it because of our early EHR adoption,” he said. “(Our physicians) are becoming very hungry for information. They’re becoming very savvy on how to process it.”

Interface Frustrations and Trade-offs

Austin Regional Clinic is another organization that uses software from Epic Systems, though its adoption came later than Parkland. Dr. Manish Naik, the chief medical information officer at ARC, said he has many of the same complaints that other practicing physicians do about the transition to electronic medical records.

“The biggest challenge is dealing with the interface,” he said. “Even today, after so many years and feedback from organizations like ourselves, the user interface is still not physician friendly. The screens are busy, there are still a lot of clicks” and require lots of digging to get to information, said Naik.

Manish Naik
Manish Naik

In addition, the data input required, he said, takes time away from patient care. “Some of that happens in the exam room, which takes attention from the patient in front of you,” he said.

And one of his biggest complaints is interoperability with records outside of ARC.

From his words, one might gather that Naik carries a certain disdain for EHRs. But he sees the benefits of the transition from being able to access lab tests and X-rays more quickly to the new communication channels EHRs open with patients.

“The continuity of care within our own health community has gotten better because of EHRs,” Naik said. “There’s logic built in that has helped us here.”

Patti Parker, vice president for population health at ARC, has been managing the organization’s clinical and quality data since they were still on paper in 2010. As the person responsible for reporting outcomes for 250 primary and specialty care doctors, she said, “The advent of EMRs has been nothing short of a miracle.

While the transition has been “painful” for both physicians and IT personnel, Parker said it has been worth the trouble. From improved communication within the network to creating ways to analyze data that could never be done with paper charts, EHR implementation has allowed for more accountability.

Patti Parker

The time spent on training and data entry may have increased, but EHRs may also save a physician time that in the past would have been spent researching drug interactions, making weight-based calculations or physically looking up in-house records.

Parker said that what the medical industry expected EHRs to provide when they were introduced and the reality today does not align completely. But she wouldn’t go back.

“You want it to be perfect,” she said. “It’s frankly a long journey, a never-ending journey, and trying to dial back our expectations to be based in reality for what the physicians can and cannot do has been a challenge.”

And EHRs are here to stay. In a survey of physicians by the Texas Medical Association in 2016, only 18 percent said they had no plans to implement EHRs.

Talking to Each Other, Securely

One of the most critical problems for the industry? Protecting all that data from hackers, cyberterrorists and other “bad actors” who would exploit sensitive patient information.

Companies, including Cerner and Epic, had introduced patient portals to make it easier to access medical information. Recently Epic Systems rolled out “Share Everywhere,” software that allows patients to share an Epic medical record with any physician via a webpage. It has become useful in situations such as Hurricane Harvey, enabling patients from the Houston area to relocate and transfer records more easily, a spokesperson for Epic said.

But the efforts to make medical records more easily accessible and shareable also produce privacy and security implications. For many health care security experts, the risk exposure is a ticking time bomb. In light of high-profile cyberattacks on the retail and financial industries, those same hackers have now made their way into the health care space.

Sam Hanna, program director in management of health informatics and analytics at the George Washington University, said that while the health industry has traditionally lagged in technology compared to other sectors due to a primary focus on patient care, “Health care data breaches and associated abuse can lead to catastrophic consequences to lives, not just to bank accounts and fraud.”

Sam Hanna
Sam Hanna

Hanna said that while billions have been spent on EMR implementations, “Only a small fraction of that has made its way to investments to address security and privacy issues within these massive transformational systems.”

The strategy, he said, has typically been to create security solutions after the fact, which may not be good enough. The consequences, he said, could be a widespread breach of private information, the sale of that information on the black market, and, “At worst case, such breaches can cause deaths if patient care is manipulated or altered.”

Zane Burke

Zane Burke, the president of Cerner Health, said that interfaces are continuing to improve, and interoperability is a major priority, especially in the age of mobile devices and data everywhere.

But on the issue of security, he is blunt about the health care industry’s weakness. “We have the prettiest house with the most money sitting on the counter and yet our kids are leaving the doors open. Frankly, the first thing health care has to do is lock the doors and don’t let strangers in – start with the fundamentals first.”

Those fundamentals include ensuring hospitals are modifying the behaviors of their employees and their interface with the number one intrusion culprit: email. Many hospitals have begun these types of efforts with signage and trainings for employees to better recognize a phishing scam.


An external hacker posing as an internal administrative leader directing employees to an imposter portal that may somewhat mirror the hospital’s own intranet portal system.

While hospitals continue to hone their employees’ skills at identifying and avoiding such harmful intrusions — and balancing careful patient care simultaneously — the EMR industry continues to rely on an evolving technology space to improve.