Tom Jones

eHealth strategist, planner and evaluator

  • Lessons for Africa on making eHealth work

    Investing in the right eHealth then realising its benefits are global challenges. England’s NHS’s taking advice from the National Advisory Group on Health Information Technology  in England, chaired by

    Professor Robert Wachter Chair of University of California, San Francisco Department of Medicine. The report, Making IT work: harnessing the power of health information technology to improve care in England, sets out findings and recommendations that can inform Africa’s ehealth programmes too. The core perspective’s that while continuously changing healthcare’s a considerable challenge, eHealth that creates a fully digitised NHS important, will be the most sweeping and challenging.

    There are ten findings and principles:

    • Digitise, so adopt eHealth, for the right reasons
    • It’s better to have the right eHealth than quick eHealth
    • eHealth’s Return on Investment (ROI) isn’t just financial, patient safety and healthcare quality are important too
    • Decisions on eHealth centralisation should learn, but not over-learn, the lessons of the National Progarmme for Information Technology (NpfIT)
    • Interoperability (IOp) should be built in from the outset
    • Both privacy and data sharing are very important
    • eHealth must embrace user-centered design
    • The end of implementation’s the beginning, not the end
    • Successful eHealth strategies must be multi-faceted, requiring workforce development
    • eHealth entails technical and adaptive change.

    For Africa’s eHealth, Acfee would add two other interacting principles. One is to adopt a business case methodology that enables rigorous, reliable eHealth investment decisions and lays a foundation for M&E. It leads on to the second principle; undertake M&E before, during and after implementation. The learning value is considerable, and leads to better business cases and investment decisions.

    Ten recommendations are:

    • Complete a thoughtful, long-term national engagement strategy
    • Appoint national chief clinical information officer with an effective role
    • Develop a workforce of trained clinician-informaticists in hospitals, with appropriate resources and authority
    • Strengthen and grow the CCIO roles, others trained in clinical care and informatics and health ICT professionals
    • Allocate national funding to help hospitals implement eHealth and maximise benefits
    • Set a time for substantial eHealth maturity when central financial support for hospitals can end and regulators deem those that have not achieved high eHealth levels as not compliant with quality and safety standards
    • Link national finance viable local implementation and improvement plans
    • Organise local and regional learning networks to support implementation and improvement
    • Ensure IOp as a core eHealth component needed to promote better clinical care, innovation and research
    • Support a robust, independent evaluation of eHealth strategies and act on the findings.

    Sustained investment in eHealth leadership across Africa’s healthcare’s needed too. Acfee proposes a triumvirate of clinical, political and executive eHealth leadership throughout healthcare. It’ll take time to reach a critical mass, so starting now’s essential. Future eHealth Leaders at eHealth ALIVE 2017 in October’s provides a step forward. 

    Appendix F’s an eHealth maturity index. Its self-assessment has three main themes:

    • Readiness, strategic alignment, leadership, resourcing, governance and information governance
    • Capabilities of records, assessments and plans, transfers of care, orders and results management, medicines management and optimisation and remote and assistive care and standards
    • Infrastructure for WiFi, mobile devices, single sign-on and business continuity.

    Africa’s eHealth will benefit from a fourth component, benefits. It include benefits realisation and the timescales need to reach the critical mass to provide a socio-economic return on eHealth investment.

  • England’s NHS could have prevented the WannaCry cyber-security breach

    It was a bad day for England’s NHS. On 12 May, the WannaCry ransomware attack breached over a third of its organisations’ cyber-security defences. Without access to data, many patient services and schedules were disrupted and brought to a halt. It was a shock to the health system. NHS Digital believes not data was stolen.

    A report from the UK’s National Audit Office identified 14 facets of the breach. The lessons are essential for Africa’s eHealth. 

    • The NHS was not the specific target, but it resulted in a major incident and emergency arrangements to maintain health and patient care
    • On the evening of 12 May, a cyber-security researcher activated a kill-switch, stopping WannaCry locking devices and avoiding more disruption
    • WannaCry was the largest cyber-attack to affect the NHS, following attacks on several organisations, the NHS trusts, before 12 May 2017, two of which breached by WannaCry had been breached before
    • The Secretary of State for Health asked the National Data Guardian and the Care Quality Commission (CQC) to reviews and report on data security, identifying, in July 2016, that cyber-attacks could lead to patient information being lost or compromised and jeopardise access to EPRs, resulting in all health and care organisations needing to provide evidence that they were improving cyber-security, including moving off old and obsolete operating systems, such as Windows XP
    • The Department of Health (DoH) and its arm’s-length bodies did not know if local NHS organisations were prepared for cyber-attacks, including their responses to NHS Digital alerts in March and April 2017 warning organisations to patch their systems to prevent WannaCry, crucial knowledge because NHS Digital cannot mandate local bodies to act, even if it has vulnerability concerns
    • WannaCry spread across the Internet, includingthe broadband network connecting all NHS sites in England, the N3 network, but there were no instances of it spreading across the NHS email system, NHSmail
    • At least 34% of England’s NHS trusts were disrupted, but DoH and NHS England don’t know the full extent of the disruption
    • The scale and scope of the disruption isn’t known, but an estimated 19,000 thousand appointments were cancelled, operations were cancelled and in five areas, patients had to travel further to A&E departments
    • The Department, NHS England and the National Crime Agency confirmed that no NHS organisation paid the ransom, in line with NHS Digital advice, but the DoH doesn’t know how much the service disruption cost the NHS and patients
    • A DoH plan that included roles and responsibilities of national and local organisations in responding to cyber-attacks had not tested at local levels, so the NHS was not clear about actions it should take when WannaCry struck, a deficiency exacerbated because WannaCry was different to previous incidents, such as a major transport accident, and took more time to determine the cause and scale of the problem
    • Without rehearsals for a national cyber-attack, it was not immediately clear who should lead the response, and there were communications problems too
    • In line with its existing procedures for managing a major incident, NHS England initially focused on maintaining emergency care
    •  All organisations infected by WannaCry shared the same vulnerability and could have taken relatively simple action to prevent the breach by patching obsolete Windows operating systems and managing their firewalls facing the Internet would have guarded organisations against infection.

    In response, the NHS’s:

    • Developing a response plan setting out what it should do to respond to cyber-attacks
    • Establishing roles and responsibilities of local and national NHS bodies and the DoH
    • Ensuring organisations implement critical CareCERT alerts for emails sent by NHS Digital providing information or requiring action, including applying software patches and keeping anti-virus software up to date
    • Ensuring essential communications work during attacks when systems are down
    • Ensuring organisations, boards and their staff take cyber-threats seriously, understand the risks to front-line services and work proactively to maximise their resilience and minimise impacts on patient care. 

    Since WannaCry, 39 CareCERT alerts have been issued by NHS Digital between March and May 2017. They require essential action to secure local firewalls.

    These insights and lessons are valuable for Africa’s eHealth. They provide a component of the cyber-security strategies and plans they need.

  • Dell offers better access to imaging data

    Modern eHealth can provide mountains of clinical data. Storing and accessing it effortlessly in real-time’s an increasing challenge. A whitepaper from Dell EMC, available from EHR Intelligence, describes a way to do it. 

    Key Strategic Technolgies (sic) to Improve Access to Clinical Data promotes two principles for PACS. One’s that storage infrastructure shouldn’t need redesigning every time new data’s added. The other’s to have a Vendor Neutral Archive (VNA).

    Affording a fully-fledged solution can be a challenge for Africa’s tight eHealth finances. Dell EMC proposes a phased approach that supports future VNA deployment. It is flexible enough to support a wide range of performance demands such as data analytics, expansion into private, hybrid, or public clouds and changing clinical workflows.

    It’ll need Africa’s eHealth programmes to partner with infrastructure development vendors who can: 

    • Scale local architecture without downtime
    • Maintain daily performance
    • Reduce or eliminate future migration burden.

    These will help to achieve several objectives that improve healthcare quality:

    • Integrate imaging with other eHealth
    • Enable doctors to taking clinical decisions using the most pertinent, complete, accurate and timely patient data. 

    Can this find a place in Africa’s eHealth strategy? The principles fit all types of clinical data.

  • What's needed to help improve EHRs?

    Millennia ago, primitive people huddled in caves to keep warm and protect themselves from big, wild beasts, many now extinct. As people advanced, huddling became less important, but it’s emerged in healthcare, and EHRs are the catalyst. 

    Safety huddles to proactively identify and address electronic health record safety, a study in the Journal of the American Medical Informatics Association (JAMIA) identified 245 safety concerns related to EHRs. To be more precise, safety huddles found them. Four main types were: 

    • 42% EHRs’ technology working incorrectly
    • 26% EHRs’ technology not working at all
    • 17% EHRs’ technology missing or absent
    • 16% user errors.

    Huddling theory says the activity’s helpful in creating collective situational awareness, leading to increased organisations’ capacity to respond to concerns, limitations and weaknesses. The study shows it: 

    • Promoted discussion of several technology issues in organisations
    • Served as a promising technique to identify and address EHRs’ safety concerns.

    The team recommends that healthcare organisations consider huddles as a strategy to promote understanding and improvement of EHR safety. If it works for safety, it could help with other weaknesses in EHRs. If it works for EHRS, it could work for some other eHealth services too.

    It seems that our ancient ancestors were on to a modern management technique, so announcement in waiting rooms could soon be saying “A doctor will see you shortly. At the moment, they’re all huddling for eHealth.”

  • Are Africa’s eHealth start-ups on the move?

    Africa’s health systems need a vibrant eHealth start-up environment that provides local solutions. It’s good news that the number of Africa’s eHealth start-ups is rising. Most don’t leverage mHealth.

    The report from the start-up portalDisrupt Africa High Tech Health: Exploring the African E-health Startup Ecosystem Report 2017
    , identified 115 eHealth start-ups in 20 African countries, about 37%. It reveals the need to stimulate eHealth start-ups in the other 63%.

    Investment’s increasing too, especially finance for businesses growth. The combined eHealth start-up investment’s exceeds US$19 million. Most eHealth start-ups in the report don’t use mHealth. It’s about 44%. 

    Niche solutions are an important component of Africa’s eHealth investment. As demand and opportunities expand, especially for mHealth, the scope for Africa’s eHealth supply side can expand with it. A report in Standard Digital summarises the landscape using data from the 20 countries over three years from Disrupt Africa, it says about 73% of Africa’s eHealth ventures provide mHealth solutions. Local eHealth innovators are emerging in Uganda, Ghana, Egypt, and Senegal. Start-ups launching across Africa has increased over three years. Investors are starting to support start-ups planning to grow expand.

    Africa has an estimated 115 eHealth start-ups. About 28%, 32, are in East Africa. Nearly half of these, 15, of East Africa’s eHealth start-ups in are in Kenya, about 13% of Africa’s total. They may be confronting challenges in attracting finance, unlike reported significant investment in other countries in the region. Does it mean that the available finance’s being spread more evenly, or is it because better investment opportunities are emerging from other countries?

    Total investment in eHealth start-ups over the period is estimated at US$19 million. Kenya start-ups raised US$379,600, under 2%. has a different perspective. Its report identifies Tunisia emerging as the next eHealth hub. It says there are more than 300 African tech start-ups, 54, 18%, in South Africa , 27, 9%, in Kenya, 23, 8% in Nigeria and 15, 5%, in Tunisia. After creating a successful incubator in Kenya, Merck will launch a start-up incubator in Tunisia by 2019 to collaborate with innovative eHealth start-ups.

    It’s not all rosy. Several challenges to growth are seen as access to finance, uncertain policies, competition from established brands and finding and recruiting talent. 

    Africa’s eHealth strategies need to parallel these initiatives. They’re creating opportunities to improve health and healthcare.

  • Telehealth may increase healthcare demand

    Telehealth, using telephones and including telemedicine, can benefit patients, health workers and healthcare organisations. One probable benefit is reducing reliance on GP and Emergency Department (ED) visits with virtual visits, so reducing healthcare costs. Another’s convenience for patients. It seems that can patients’ convenience’s reducing healthcare benefits, a case of supply led demand. 

    A study in Health AffairsDirect-To-Consumer Telehealth May Increase Access To Care But Does Not Decrease Spending, found that the convenience of telehealth services for patients may mean they solve access issues long before they bend healthcare’s cost curve.  It may be these much shorter waiting times and earlier utilisation may increase healthcare spending.

    The research team analysed over 300,000 patients’ commercial claims data spending for acute respiratory illnesses. Data extended over three years. About 12% of telehealth visits replaced visits to other providers. Some 88% was new utilisation with shorter waiting times. Net annual spending on acute respiratory illness services increased by $45 for each telehealth user. 

    eHNA reported on a similar outcome for an eVisit service. The findings seem reinforce each other. Africa’s eHealth programme should include the probability of the phenomenon in their telehealth business cases so additional healthcare resources that may be required can be planned too.

  • mHealth keeps expanding, but Africa and South America are trailing

    The mHealth market’s been growing steadily, and will keep it up. In its report mHealth App Economics 2017 Current Status and Future Trends in Mobile HealthResearch2Guidance (R2G), a strategy advisory and market research company, assesses how digital intruders are taking over the healthcare market. 

    This year, there are 325,000 health and fitness apps available from all major app stores. It’s 78,000 more than last year.

    Most eHealth practitioners come from Europe, 47%, and 36% from the US, a combined 83%. Asia-Pacific accounts for 11%. South America and Africa trail at 4% and 2% respectively, confirming the need for increased human capacity development.

    Other findings include:

    • Android’s overtaking Apple in health app numbers
    • 84,000 health app publishers release apps
    • Widening demand and supply gap, with high number of developers and low downloads growth rates
    • US$5.4bn investment in eHealth start-ups fuelling the market
    • Users will download an estimated 3.6bn apps in 2017
    • 18% are not developing health apps because of uncertain regulations
    • 53% of eHealth practitioners expect health insurances to be  the future distribution channel with best market potential
    • An estimated 28% pure eHealth market players in the eHealth industry.

    Two app types may have a big healthcare impact. Artificial Intelligence (AI) is seen as the most disruptive technology.  It’s seen as combining with remote monitoring to be the technologies that will disrupt healthcare most. The profile’s:

    • AI 61%
    • Remote monitoring and assistance 43%
    • Wearables 34%
    • IoT 30%
    • Virtual reality and intelligence 27%
    • 3D printing 22%
    • Blockchain 18%
    • 5G 8%
    • Other 5%. 

    It seem that there’s an opportunity for Africa’ health systems to support and expand their local health app supply side. An integrated demand and supply strategy could do it.


  • Ponemon shows cyber-security knowledge’s improving

    As cyber-attacks expand in sophistication and volume, knowledge about them’s expanding too. Ponemon Institute, a US research organisation, surveys ICT and security leaders about cyber-security each year. For five consecutive years, its State of Endpoint Risk Report, has added to organisations knowledge. Barkly, a cyber-security firm, has released a preview. The findings are important for Africa’s healthcare and its eHealth and its cyber-security plans. 

    Organisations are struggling to secure their endpoints against new and evolving threats. It’s exacerbated by its high cost for each successful attack. Three other themes are:

    • Fileless cyber-attacks area an increasing risk, now about 77% of all cyber-attacks
    • Trust in Anti-Virus (AV)  programs that rely on file scanning and signature matching has waned, with about 80% of organisations replacing or augmenting AV in 2017
    • Endpoint security is becoming more costly and complex.

    False positives are the most significant hidden cost of endpoint protection. Almost 50% of alerts were false alarms. Costs and complexity is increased too because organisations have an average of seven different agents installed on endpoints. Each one needs its own monitoring, so diseconomies of scale. About 75% of organisations find cyber-security management a challenge.

    Affordability and capability’s starting to bite. Only a third of organisations have enough resources to manage cyber-security effectively, a salutary finding for Africa’s health systems.

    Four measures needed to respond to the trend are:

    • Move beyond traditional AV
    • Invest against protection against fileless cyber-attacks
    • Reduce endpoint management complexity
    • Focus on prevention first, before detection and response.

    These match Ponemon’s findings. There are two challenges are, first, how can the two-thirds of organisations with insufficient resources afford them? Second, can the one third afford the extra cost? Answers to both are vital for Africa’s health systems?

  • eHealth’s goals need shifting to meet doctors’ needs

    There’s a vicious circle revolving around eHealth. As eHealth moves ahead, it’s creating a demand for better eHealth. Dr James Madara, CEO at the American Medical Association (AMA) set some of these out in his recent speech, recorded on YouTube. He sees doctors confronting “Oceans and oceans of data, but only puddles of clinical meaning.” It seems the eHealth challenge’s moving from providing data to giving health professionals the means to navigate their way through the rising tide. His “Longer timelines” view included the utilities needed for a “secure and timely data flow“ needed to improve clinical data liquidity. 

    Fierce Healthcare has summarised some of his themes on the ability of doctors to extract clinical meaning from rapidly expanding data sets and as disorganized and siloed eHealth ecosystem. He equates it to “The fable of the blind men touching the elephant. One feels the trunk, another the tail, one the ear, and each one of the men [sic] has in his mind some different image. That’s what healthcare data are today. Each of us touching data bit-by-bit, then spending time conceptualising the elephant.” AMA’s Integrated Health Model Initiative (IHMI) is helping to deal with these concerns. It includes building a common data-sharing structure with Intermountain Healthcare. 

    An example he uses is a concept from EHRs that existing data in them can be shared and used for current clinical decisions. He set out a scenario of a doctor who suspects patients suffer from hypertension, so “effortlessly” accesses their blood pressure readings from previous healthcare providers. He said doctors can’t do that.

    Africa’s eHealth strategists need to consider Dr Madara’s perspectives. As eHealth investment generates more data, Africa’s health systems simultaneously can put in place the tools that healthcare professionals need to navigate their way through it. eHealth benefits depend on them.

  • KLASified IOp needs to progress

    A bit like an horizon, as eHealth Interoperability (IOp) takes a step forward, its horizon seems like two steps further away. KLAS, the eHealth analyst outfit, has published its Interoperability 2017 report of its Cornerstone Summit. First Look at Trending – Some Progress toward a Distant Horizon,” summarises the findings. It’s the third interoperability summit. The KLAS 2017 research provides the first year-on-year comparison measuring progress. There’s plenty left to do.

    KLAS research shows that shared patient data often fails to benefit patient care much. It’s an important insight for EHR business cases, and reveals the ubiquitous gap between eHealth’s potential and its probability in realising its benefits. An essential question to ask before driving ahead investing scarce resources is asking eHealth sponsors to estimate the percentage of patient encounters in which:

    • Outside data informs healthcare delivery better
    • Users have access to needed data from outside their organisations. 

    Most of the report deals with methodologies and questions about measuring IOp. They provide a wide range of detailed and precise themes that Africa’s eHealth programmes can use to specify and test their IOp components.

    Other issues are: 

    • Should behavioural health and home medical equipment be incorporated in post–acute care interoperability?
    • Pharmacies are key partners in post–acute care IOp, so need including
    • Which IOp capabilities and synergies should or should not exist between post–acute care and hospital systems?
    • Should hospitals’ Emergency Department (ED) systems query HIEs to identify if patients receive home health services, and can the home health records and their patient information be added to ED systems?

    Healthcare’s concerns and insights include:

    • Securing national IOp inter-organisational trust of incoming data and its accuracy
    • Clarity on liability of outgoing data not being used securely or guarded
    • How to co-ordinate between organisations sharing data, especially when different users  need different data?
    • How can patients help bridge IOp?
    • IOp gaps in healthcare transitions are a significant market oversight and need fixing
    • How should information blocking be defined and implemented?

    Africa’s eHealth programmes can extract invaluable insights from the KLAS report. I can help them extend the stride of the next step. Whether it takes them closer to the IOp horizon’s another matter.