Some mHealth doesn’t help
Seen as full of potential to high-need, high-cost populations in managing their health, mHealth doesn’t always live up to it. There’s a set of challenges that must be addressed as the number of available mHealth apps keeps increasing. The research team evaluated mHealth for diabetes, hypertension, obesity, arthritis, depression and bipolar disorder. The team’s evaluated 137 mHealth services highly rated by consumers, recommended by experts and for people with significant needs and high costs. It found:
- Few meet patients’ needs
- No clear strategy on how providers should evaluate and recommend mHealth to patients
- Most apps can’t go beyond a basic level of patient engagement in helping consumers manage specific chronic illnesses
- Few offered functionalities such as guidance based on information entered by patients or rewarding behaviour changes
- Consequently, stakeholders, including medical professional bodies, insurers and policy makers have avoided formally recommending mHealth
- Many patients are left to find recommendations from other sources.
Other findings are:
- Patients’ ratings were poor indications of mHealth’s clinical utility or usability
- Most mHealth didn’t respond appropriately when patients entered potentially
Some mHealth has considerable risks. As Africa’s health systems pursue their mHealth strategies, this study shows it’s vital that mHealth services are rigorously evaluated before they’re rolled out and scaled up. There’s merit in setting up a central registry of tested, approved and certified mHealth services for healthcare professionals to refer too. It should help to mitigate risks.
Efficiency’s more important than innovation for eHealth
What does Jorge Luis Borges and John von Neumann have in common? One’s an Argentinian writer, the other’s a Hungarian-American mathematician, so it’s not that. They both envisaged two types of worlds becoming one.
Borges envisaged a map reality becoming indistinguishable. Neumann that data and code would be the same. This’s Evans’ and Forth’s view in an article for Boston Consulting Group (BCG). They propose that these concepts are vital for navigating a world of digital disruption.
Three factors are combining to produce a fourth:
- Synthesised learning from data, including algorithms
- Data input from sensors
- Using and generating data
- World stock of available data.
This proposition of a stacked ecosystem blows up the classic trade-off between efficiency and innovation. An eHNA post described a similar view that efficiency is the gain not transformation. The BCG writers go on to say that stacks are now the new architecture. It means that Africa’s eHealth programmes, and their mHealth, IoT, Big Data and social media components, need pursuing in a new stack of:
- Traditional oligopolists, where a small number of suppliers dominate a market or industry
- Infrastructure organisations.
Africa’s eHealth strategists might have to consider this scenario beyond their current programmes. They may need a different vision and approach. Two new places on project boards are needed on for a cartographer, one for a mathematician.
Six eHealth types needing strong authentication
One of eHealth’s perverse equity features’s that all organisation’s are vulnerable. Each one can determine its degree of vulnerability. Health IT Security has access to a white paper How to Secure Data Access Within the Healthcare Industry from VASCO and iSMG. It deals with:
- The changing role of eHealth in healthcare
- Why healthcare organisations have headline-grabbing data breaches
- Types of eHealth that need strong authentication
- Best practices to help healthcare integrate and adopt security without compromising patient experiences.
They identify six eHealth types that need strong identification:
- Portal applications
- Patient applications
- Network infrastructure.
Advice that Africa’s health systems should follow is:
- Security isn’t an afterthought
- Breaches negatively affect patients and healthcare
- Cyber-criminals rely on gaps organisations’ authentication security framework
- eHealth regulators, of which there are few in Africa, should accord a high priority to data privacy and security, and set onerous standards that drive effective security
- Strong authentication minimises cyber-security risk and makes it harder for cyber-criminals to reach patients’ data
- End-to-end identity proofing solutions addressing users’ authentication and identification and facilitates secure information exchange between all access points is essential
- These solutions must be platform-agnostic and provide the same level of security across mobile, desktop and proprietary technology, and allow for integration of various technology protocols, such as Bluetooth, token and smartcard.
Many of Africa’s eHealth programmes have much ground to cover to erect bigger barriers to deter cyber-attacks. eHNA has posted numerous times on the topic, and one theme, regular users’ training, emerges as an essential requirement. The posts are tagged “Cyber-security” to help you access them.
Good training’s vital for cyber-security
- Phishing and ransomware are increasing at several hundred percent per quarter, a trend set for at least the next two years
- Most organisations have been victims of phishing, ransomware and other cyber-security attacks during the past year
- Security spending will increase significantly in 2017 as organisations realise they need to protect
- Most organizations are not seeing improved security from their security practices, and those that are effective, most are not improving over time, often because internal staff may not have the expertise to keep up
- Only 40% of cyber-security solutions and practices are considered excellent
- Security awareness training is crucial to improve and protect organisations against phishing and ransomware because well trained employees are more likely to prevent breaches
- There are numerous best practices to follow to minimise becoming victims of phishing and ransomware, the best being security awareness training, deploying systems that detect and eliminate phishing and ransomware attempts and look for and remedy security vulnerabilities.
An Osterman survey found:
|email phishing attack successful in infiltrating a network|
|One or more endpoints had files encrypted by al ransomware attack|
|Malware infiltrated a network, but can’t identify the entry channel|
|Sensitive information accidentally or maliciously leaked by email|
|email spearphishing attack infected one or more senior executives’ data|
|Network infiltrated by a drive-by attack from employee Web surfing|
|email as part of a CEO fraud or business email compromise attack|
|Sensitive information accidentally or maliciously leaked from a cloud tool|
|Sensitive information accidentally or maliciously leaked from social media|
|Not sure how sensitive information was accidentally or maliciously leaked|
If greater cyber-security awareness is needed, these survey results reveal the need. Africa’s eHealth has an opportunity to run its cyber-security measures in alongside its new eHealth investment and minimise the damage.
WHO’s mHealth view is optimistic – unpacking the 3rd Global Survey on eHealth
Africa’s eHealth initiatives accord an important role for mHealth services. There’s a very wide range of mHealth projects, but still plenty to do. African countries scored between 50% and 60% in the mHealth section of the WHO Global eHealth Survey 2015, the data source for the WHO and Global Observatory for eHealth (GOe) publication Report of the third global survey on eHealth Global diffusion of eHealth: Making universal health coverage achievable. Its key findings for Chapter 2 on mHealth are:
- 87% of responding countries say they’ve at least one mHealth programme
- 80% of the low income countries say they’ve at least one mHealth programme
- 91% of high-income countries have at least one mHealth programme
- More mHealth programmes operational for at least two years with finance for at least two more
- Only 14% of countries have an evaluation of a government-sponsored mHealth programme.
These numbers say nothing about the utilisation or coverage of the programmes. The evaluations say nothing about their costs, benefits, net benefits or timescales needed to achieve net benefits.
Africa’s average performance is below the average for low income countries. While this seems to indicate that more can be achieved, extra spending needs pursuing with considerable care. eHNA post about the American Medical Association (AMA) Executive Vice President and CEO’s view seems relevant - that it’s vital to separate digital snake oil from the useful, and potentially magnificent, digital tools, and quell the undesirable digital dystopia that doesn’t improve health, healthcare or make it more efficient. He includes Ineffective mHealth apps of questionable quality.
While his vocabulary’s exotic, he emphasises an important theme of good mHealth investment. It’s challenging to produce rigorous mHealth business cases when the evidence is from 14% of countries. It’s not much more than the 12% found in 2010. African countries comprise about 18% of these, with three evaluations. eHNA has posted on several research findings that show that much of mHealth benefits are questionable or short term. It’s essential that mHealth business cases are explicit and about the net benefits expected, then followed by evaluations to add to mHealth knowledge.
mHealth’s a multifarious term. It includes fitness wearables. Chapter 2 has 14 other types:
- Health call centres
- Appointment reminders
- Community mobilisation
- Awareness raising
- Emergency access
- Emergency management
- Patient monitoring
- Health surveys
- Treatment adherence
- Decision support systems.
Four future mHealth themes are seen as:
- Evaluate implementation and outcomes
- Develop regional and global networks to share mHealth knowledge
- Determine the best areas for mHealth to help adoption and local innovation
- Researchers, health authorities and global entities promote mHealth indicators.
Africa can lead on these. It needs the information.
How should Africa’s eHealth use the cloud?
While using the cloud’s inevitable, it’s harder to work out how to use it. Smart Strategies For Moving Healthcare Workloads to the Cloud, a guide from Connection and Health Data Management, can help Africa’ health systems find some answers.
A trend seems clear. Cloud computing isn’t the answer for all healthcare information workloads for providers and payers. It’s main role is for software, infrastructure, platforms, security, storage and desktops that drive migration of key workloads from in-house legacy systems to third-party managed services and colocation options, each with Service Level Agreements (SLA). These include:
- Software as a Service (SaaS)
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Storage as a Service
- Security as a Service (SECaaS)
- Desktop as a Service (DaaS).
Each of these fits with eHealth that’s appropriate for the cloud, Connection proposes:
- Regulatory compliance and mandates
- Claims processing
- eDiscovery, including litigation in healthcare
Next up’s cloud vendor selection. Choices and requirements are:
- Vendor-neutral approach to technologies and supplier brands
- Business-centric approach to recommendations instead of an overemphasis on specific technologies
- Expertise in security and patient privacy, which’s becoming the most important feature of healthcare organisations’ information activities
- Realistic understanding of workloads that should or shouldn’t move to the cloud, and how to move them
- How to deploy and manage a broad set of healthcare technology tools.
The guide’s a valuable checklist that Africa’s health systems can follow. The cloud offers some valuable benefits, but using it appropriately’s challenging.
All Africa’s healthcare entities should tackle IOp
Africa has a very long history of mathematics, especially fractal geometry. Ron Eglash and Toluwalogo B Odumosu describe it in Fractals, Complexity, and Connectivity in Africa, a chapter in What Mathematics from Africa? Polimetrica International Scientific Publisher. It can be replicated in Africa’s long eHealth Interoperability (IOp) journey.
The US National Governors Association (NGA) has released its IOp road map for states to improve their health information flows between providers, Getting the Right Information to the Right Health Care Providers at the Right Time. It offers Africa’s provinces and healthcare entities an approach they can adopt in parallel to national health ministries’ IOp initiatives. Two benefits are:
- IOp’s enormous and interminable, so national governments can’t do it all alone
- Local IOp priorities may not be national priorities.
The NGA set out five core principles and two IOp strategies:
- Five principles:
- Assemble a core team
- Conduct legal and market analyses
- Determine primary barriers
- Select strategies
- Implement and evaluate
- Two strategies to overcome legal and market barriers.
These aim to overcome numerous inhibitors that restrict the exchange of clinical information between providers. Currently, it either doesn’t happen or it doesn’t enable meaningful data use to support optimal patient care.
The legal strategy aims to:
- Develop eHealth’s legal and regulatory aspects
- Create standardised consent forms for patient permission for sharing information
- Provide guidance and education for legal and regulatory requirements and misconceptions
Strategies to address market barriers include:
- Creating economic interests that encourage Health Information Exchange (HIE) and penalise the lack of it
- Using legislative, regulatory and contracting to bolster HIE and prohibit information blocking
- Setting the vision and holding people accountable
- Setting a vision for IOp HIE and elevating best practices and placing pressure on laggards
- Bringing key stakeholders together to work towards HIE IOp.
Some of these are specific to US states that have legislative powers that Africa’s healthcare entities don’t have. Despite this, the NGA initiative reveals how Africa’s healthcare entities can move their own IOp initiatives on as a sub-set of their countries national IOp plans.
The road map helps states evaluate and implement changes to achieve better health and healthcare and lower costs by increasing clinical healthcare information flows between providers. It protects patient privacy too. Both are steps towards national IOp, a valuable opportunity for Africa’s healthcare entities. As Eglash and Odumosu conclude, “Ideas can be powerful, and we are convinced that the fractal heritage of Africa holds great promise for its future.” Can it work for widespread eHealth IOp across Africa?
Journalists start a big mHealth initiative for women and children
About 56% of men in Diepsloot, Johannesburg have sexual or physically abused a woman. A survey by Sonke Gender Justice and the University of the Witswatersrand School of Public Health revealed the extent of violence for the Sonke Change Trial. In response, journalists at Bhekisiss Centre for Health Journalism, part of the Mail & Guardian group, worked with local organisations to develop an app to support a helpline.
An article in Bhekisiss says how they launched the free Vimba Helpline in Diepsloot on 25 November, International Day for the Elimination of Violence against Women. It works on all mobile phones. Users don’t need airtime or data to use it. With 90% of Diepsloot households having access to a mobile phone and no reliance on unaffordable Internet access, it has wide coverage. It uses Unstructured Supplementary Service Data (USSD), used for mobile phones to communicate with service providers, so it doesn’t need data or a download.
There‘s a video too. It’s in the article. Mia Malan, Bhekisiss Editor describes Vimba and how it works. It collects data too, including date and times of contacts, location and the help needed. It’ll be used to identify trends, hotspots, service deficits and develop better responses to violence against women and children.
Vimba, Zulu for prevent, stop or halt, can benefit all-Africa. This could be the goal after it’s available across South Africa.
An eHealth costs checklist is handy for business cases
For large scale eHealth, estimating the Total Cost or Ownership (TCO) can be a tortuous process. Athena Health, a cloud service provider, has guidelines that can help. Health Care IT: The Real (and Hidden) Costs of Ownership adds to costs that are often omitted from some TCO models. It can be used as a foundation for converting into both economic and financial costs, which are related, but not the same. While the cost items included are more than US methodologies, they’re still not complete. Examples are costs of engaging and consulting stakeholders, and for financial costs, depreciation and debt servicing.
The first task’s to set the eHealth life-cycle.
- One-time eHealth implementation costs include:
- Initial software license fees
- Staff training
- Initial hardware acquisition
- Maintenance fees
- Interface fees
- Implementation fees
- Ongoing eHealth costs:
- Annual fees including upgrades
- Software maintenance fees
- Staff training for upgrades
- Future product purchases
- Backup and disaster recovery
- Server fees
- Ongoing operating labour costs:
- Full Time Equivalent (FTE) clinical document management
- FTE ICT personnel
- FTE billing office personnel
- FTE front office and front desk personnel
- FTE P4P Programme support
- FTE patient communications personnel
- Ongoing operating non-pay costs:
- Patient statements administration
- Eligibility checking
- Electronic Document Interchange (EDI) transaction fees
- Clearinghouse fees
- Paper claim storage
- Patient no-shows
- Billing under-performance
- Other costs not in Athena’s checklist include:
- Change management, including workflow standardisation
- Project management
- Risk exposure where up to 70% percent of healthcare providers are dissatisfied with their EHRs and healthcare professionals spend more time on documentation.
Estimating benefits is not as easy as estimating costs. Many are the potential to redeploy numerous small amounts of resources across healthcare activities. Many are intangible and need sophisticated techniques. They include:
- Increased efficiency and quality, such as fewer interruptions and distractions
- Better care coordination among providers
- Agility and an ability to scale eHealth up or down quickly as organisation evolve
- Responsive to changes in reimbursement models, reporting, clinical requirements, and other
- Regulation compliance by having the right reporting, data and workflows in place to meet new mandates and standards
- Integration ability to build effective, low-cost links to clinical partners, such as laboratories, imaging pharmacies, to exchange information, and build and connect with expanding mHealth programmes
- Mitigated risks with high adoption and user satisfaction where up to 70% percent of healthcare providers are dissatisfied with their EHRs.
Costs and benefits over timescales need converting into Net Present values (NPV) using Discounted Cash Flow (DCF). For TCOs for public healthcare organisations, a discount rate of about 3%’s appropriate. There’s a recognised tendency for estimators to suffer from optimism bias. Estimated costs need adjusting for it. For eHealth, it can be between 40% and 100%.
There are twelve trends in identity governance and access management
Imaginative innovation underpins eHealth. While it’s like Hollywood film director Frank Capra’s concept of “Don't follow trends, start trends,” it still has trends that many health systems need to follow: Ponemon Institute set out its findings in Global Trends in Identity Governance & Access Management, sponsored by Micro Focus. Its aim’s to understand two ICT themes. One’s organisations’ capacity to protect access to sensitive and confidential information. The other’s to identify what they believe’s needed to improve protection and security. It identified twelve trends:
- Employees are frustrated with access rights processes, and ICT security’s seen as a bottleneck
- Responding to requests for access is considered slow
- Control over access management is decentralised
- Some technologies are important in meeting ID governance and access management requirements
- A single-factor authentication approach isn’t effective now
- Integrating machine learning within ID governance solutions’s critical for 64% of respondents
- Enforcing access policies consistently across all information resources is most difficult information task
- End users have more access than they need
- Migrating to mobile platforms affects access management
- New threats created by disruptive ICT reduces organisations’ ability to mitigate governance and access management risks
- Managing access in the Internet of Things (IoT) is a concern.
- Effective ID governance and access management across the enterprise is achievable.
These comprise components of eHealth strategies and governance. Africa’s health systems’ eHealth governance boards should consider each of these, provide an assessment of their implications and requirements and convert them into eHealth project plans. It’s important to catch a trend before it disappears over the horizon.