Good intentions, maybe, and despite the grief there are some advantages. I can see my patient's clinic charts in the hospital - before, I'd have to wait for Monday and a fax machine. I can see what happened to folks in the emergency department. I can figure out my obstetric patients' prior pregnancy history. I can send records to specialists directly, and send requests with an electronic copy of a chart note and pictures of moles and whatnot at no cost to a patient and sometimes save them a visit to another office.
It's not perfect, but it's not a total disaster either.
I like a conspiracy theory as much as anyone, but I really don't think the NSA convinced Congress to pass the not thoroughly thought out HITECH Act to amass statistics about the home addresses of people with pneumonia or which patients with high blood pressure are smoking. Being able to gather anonymized statistics on public health issues may help, however, to figure out how to improve immunization rates or best help diabetics get their blood sugar under control.
To the grandparent poster, our EMR company actually will pay their own way to have their engineers follow us around and see how we work, and our prior vendor was originally a nice internist who wrote his own code (who then sold the thing to a big conglomerate that also makes microwave ovens and jet engines and curling irons and stuff).
Our current EMR does a lot of stuff well, but I'm hopeful for the day it's more usable by clinicians. The basic process of writing progress notes (in some sense, the evidence of my life's work as a physician) is clunky and hard to correct and even less intuitive for my colleagues who don't happen to have fancy computer science degrees like me. Writing good software is hard, and maybe progress notes have had to wait in line behind revenue cycle and privacy and a bunch of compliance issues.
As a physician practicing in a US state (Oregon) where oral contraceptive pills are available behind the counter, I'm all for expanding access to contraception. Nothing quite has made otherwise young, promising women be overwhelmed in my practice than unplanned pregnancy (combined with flaky partners). OCP's are available here without a prescription, but require a consultation from a pharmacist. This isn't free, but where they make sure you don't have any of the various risk factors for having a stroke or blood clot on estrogen-containing contraceptives.
I'm also in favor of expanding access to more effective forms of contraception, like the subdermal implant (sold as Nexplanon in the US), and IUD. I'm pretty puzzled, however, about how one would implement an app to jab the implant in your arm. It's not hard to do (see this video), but clinicians have to get special certification from the manufacturer to do it. (This is to avoid the Norplant debacle of inadequately trained people putting the rods in a little too deep, making eventual removal challenging.) I do love the idea of having etonorgestrel rods and lidocaine hooked up to a smartphone app, however.
This story is exhibit A why I haven't been to the site in over a year. It's not only completely contentless, it's insulting, stupid, and not even funny.
Epic is a big suite of applications that run on top of a big iron server - typically Unix (ours is AIX, I think). There's fine-grained user permissions in the application itself. End users do not have shell access or filesystem access or MUMPS prompt access, and everything has an audit trail. A select group of IT nerds get access to a text-based system running as a (Unix) application (with audit trails), and, at least at our organization, next to no one gets MUMPS prompt access or shell access. We have hot swappable servers located on opposing coasts of North America. I can't speak to the implementation at your daughter's site.
There may be examples out of there of hackers breaking into Epic; I'm not aware of any. Since our implementation was modeled after Epic's recommendations my impression is they've got their heads screwed on straight, security-wise.
When I worked as a software engineer, typed my password in for various ssh sessions maybe 10 times a day. Now that I'm working as a physician, every time I walk in and out of a patient room (which can be multiple times for visit, fetching the liquid nitrogen and scalpes and where are we keeping the extra large speculum this week anyway). I get to type in my (Active Directory) password with its enforced mixed capitals and numbers that I'm not allowed to change (too many disparate systems, apparently), maybe 50 times a day.
Which doesn't help with the spear-phishing, right? That just requires that I click on the link in the email addressed from my information security department, complete with their logo, saying they need to verify my information. I don't think my clinician colleagues are falling for that much, but the folks who answer the phone, hired out of high school, it's easy enough for them to fall for it.
Or it means you had diabetes (and there are plenty of thin, otherwise people with diabetes) and didn't work for a company that offered health insurance;
Or it means you had a (now illegal) plan that "covered" well child visits, just not more than 2 in the first two years of life (out of the 9 that are the standard of care);
Or it means you fell off a ladder painting your house and broke your back;
Or it means you have congenital heart disease —
SORRY SUCKERS! You shouldn't have had Pacific Islander grandparents/been a kid/painted your house/been born — not my problem! I'm not saying "Your problem, not mine" isn't a valid viewpoint, but I do think that letting people who have treatable medical problems through no fault of their own drop dead in the streets is a bit more individualistic than all but the most libertarian viewpoints in the US. Not to mention every single other developed nation on the planet, that somehow manage to have popular support for their universal health care systems yet still spend about half of what we do.
I am interested in this 1 and 1.5 year time for PA and MD programs. Our local PA school provides a 26 month course (done in just over two years), and MD school is 46 months (done in 4 years, but you get two summer breaks the first two years). But at the end of MD school, the shortest available residency is still 3 years (of about 80 hours a week with little vacation), whereas the PA education pathway is not typically associated with residency programs. Those are growing, but are still typically a year long.
I suppose autonomous robot surgeons may arrive someday, but it's hard to believe that day would arrive any time soon. Getting your Google car to avoid knocking over granny in the crosswalk is one thing, but getting a baby with a typically soft skull wedged out of the pelvis during a C-section or figuring out where the heck the bleeding is coming from from a sheared artery somewhere deep inside with no time to spare —that seems well beyond our current robotic capabilities.
We are beginning to investigate smartphone based solutions, which, in order to be compliant with US privacy regulations have expensive recurring monthly charges, and will involve installing and maintaining microcells in our hospitals.
I put up my thumb... and it blotted out the planet Earth. -- Neil Armstrong