It's a first! Passport connects to Paradiseby Dick PetersonPublic Relations What we have here is an ability to communicate. It’s called Passport and last month it might have saved a life. Perhaps its first; certainly not its last. “I always carry my laptop with me,” said an obviously buoyed Caio Max Rocha Lima, M.D. He recounted his experience while participating in a cancer conference Oct. 8 through 10 at the Atlantis Hotel, Paradise Island, Bahamas. Rocha Lima’s secretary, Teresa Cassidy, received an urgent call from Renwick Goldberg, M.D., in Myrtle Beach. He was seeing a patient who had been under Rocha Lima’s care. The patient had complications and Goldberg needed information—history of vitals, lab reports, medications—from Rocha Lima’s records. The records were in Charleston. Rocha Lima was in a hotel room in the Bahamas. And Goldberg was in Myrtle Beach. “I received Teresa’s e-mail with the patient’s name and the request to call Dr. Goldberg,” Rocha Lima said. “I remembered the patient, but I didn’t have the information he needed off the top of my head.” So the MUSC oncologist turned to his laptop. He cabled the laptop into a phone jack in the hotel and told it to dial into the PPP server (Internet access point) back here at MUSC. Once connected, he fired up his Netscape web browser and used it to access Passport, the web portal to MUSC’s Oacis clinical data repository. With his user-ID and campus password, Rocha Lima had access to all of the Oacis data he could get on campus, including the information Goldberg needed. Rocha Lima’s return call on another phone line found Goldberg in his car. The two exchanged information and Goldberg got what he needed, albeit orally. Then came the clincher: Goldberg wanted a copy of the records for the patient’s Myrtle Beach chart. He assumed Rocha Lima would photocopy and mail them when he got back to Charleston. But Rocha Lima had a better idea: “I used standard copy-and-paste to transfer the information from Netscape into an e-mail I sent him while I was saying good-bye.” Goldberg had the records waiting in his e-mail inbox a few seconds later. So what’s Passport got to do with it? Passport makes it possible to access Oacis, MUSC’s computer information system, via a web browser. “I was in Brazil last week,” Rocha Lima said. “I had two clinical trials in progress here at MUSC and I needed to check the results of the lab tests for my study patients.” It was simply a matter of connecting to Passport. There it was. The results had flowed into Oacis as soon as the tests were complete. He said everything was normal, but if there had been an abnormality, he could have corrected the study treatment immediately. “If you have the laptop, you have the world,” Rocha Lima said. “You can be in touch with everybody. And with Passport I can give my patients better care.” He said with his Passport connection, he doesn’t have to wait to return to the MUSC campus to check lab reports and charts. He has immediate access to his patients and he can respond just as quickly when he sees something wrong. Security of patient data on the Internet
“Yes” to the first question, “No, but soon we will” to the second. Computer experts have developed many ways to keep prying eyes—and electronic sniffers—out of confidential data sent over the Internet. Most methods involve sophisticated encryption schemes. While no method can guarantee “absolute” security, neither is the paper record “absolutely” secure. The fact is that “crackers” who try to intercept and decrypt data that’s been encrypted with modern security need tremendous resources —lots of money, lots of computers, lots of time—to successfully decrypt a single piece of secured information. And even if one message is “cracked,” the rest of the information is still safe since the “key” that decrypts one message is usually different from the key that decrypts the next message. The federal government has realized the Internet’s value to medicine. Through the Health Care Finance Administration (HCFA), Congress has established regulations for transmitting patient data over the Internet. Basically, the regulations say that any modern encryption method will suffice. Each institution can choose the method/s it wants to use. Institutions wishing to use the Internet this way simply have to let HCFA know of their intent. HCFA reserves the right to audit institutions to be sure they are complying with the security policies they self-determined. MUSC has not notified HCFA of its intent, so MUSC patient data can’t be transmitted over the Internet yet. In what is thought to be the first use of Internet technology to access and transmit MUSC patient records from a remote location, Caio Max Rocha Lima, M.D., copied those records from the MUSC Oacis site to his e-mail and sent them electronically from his hotel in the Bahamas to Renwick Goldberg, M.D., in Myrtle Beach. Since Goldberg’s e-mail box is at MUSC, the records never traveled over the public Internet in going between Rocha Lima and Goldberg, therefore the rule wasn’t violated. Until HCFA is notified, users will have to dial directly in to MUSC’s network to access Passport and other web portals to clinical data. They’ll use a “web browser,” but as long as everything’s OK, the data going between the host computer and the browser doesn’t travel out of MUSC’s network onto the public Internet. After HCFA is notified, authorized users will be able to dial in to any Internet access point on earth and get access to MUSC clinical data through the Internet. The data will be encrypted before it is sent and decrypted only after reaching its final destination. This is transparent to the user, who needs only to remember his or her regular user ID and password. The Security and Confidentiality Committee of MUSC’s Emerald project is close to completing a comprehensive security policy. “We expect we’ll be able to notify HCFA in the first quarter of 2000,” said committee chairman Jack foust, M.D., of the MUSC Institute of Psychiatry. “We’ll have to be sure that each MUSC system we want to access through the Internet is compliant with our policy,”
|