The Thinker

Solving the medical forms hassle

Seven years ago, I suggested that the ubiquitous thumb drive should become our electronic wallet. You would simply plug it into the point of sale device, authorize the transaction (a PIN is acceptable, but a thumb scan would be better), and an electronic receipt would get stored on the device. The receipt could later be imported into your personal money management software, such as Quicken, for automatic categorization, giving you better insight into your spending.

Some years of experience using thumb drives regularly shows that it is not the ideal device for an electronic wallet, in part because the USB terminal can wear or tear, rendering the device useless. Today, a smart card might make more sense because it would fit in our wallet right where the credit and debit cards go. My point was that to be useful the device would show you your balance at a glance, and it could receive as well as send data. Today, the device could also be network aware, making secure connections to your bank periodically to get the latest balance. You might call it a smart cash card.

A few weeks back I had an annual physical. As is typical of someone fifty plus, I left with a stack of prescriptions and referrals. As a consequence, I have since been making my way to various specialists. Yesterday I visited an endocrinologist, who was examining some minor cysts in my thyroid. Naturally before I could see him I had to go through a daunting process of filling out four pages of forms, listing for the umpteenth time my long and tedious medical history. I am sure you have had the same experience many times. List all your medications and dosages. List all your surgeries. List current and past conditions that you have had, including hospitalizations. List your family’s medical history, parents and siblings. Provide an emergency contact. Oh, and don’t forget your name, address, phone numbers (home, cell and work), email address, date of birth, social security number, current employer, current employer’s address and phone number not to mention, of course, your almighty health care insurer, their phone number, your policy number and your group number.

As someone who works in information technology, filling out these forms repeatedly is an obvious problem that should just be solved. Yes, as part of the Affordable Care Act, health care providers are being nudged into electronic medical records. I can understand the reluctance of doctors’ offices to go there, given the voluminous information they collect and the chance of clerical errors. Still, much of the information is route and common. It could be provided by the patient in an electronic fashion very easily. All it needs is a law to make it happen.

This is a job for government, not to make such devices, but to set standards for them and to require health care providers to accept them. Such a government standards entity already exists:  the National Institute of Standards and Technology. Other agencies, probably the Department of Health and Human Services, through regulation could require health care providers to accept electronic data provided by the patient in lieu of filling out those awful and painful new patient forms.

Here is how it might work. Next time I visit a new doctor, I would take out my medical smart card. It would be more than an electronic wallet, but also have my medical history. I would wave the smart card over the card reader at the receptionist’s desk and it would ask for permission to transmit certain types of data. Ideally, it would show me on a screen all the information requested. I would be able to change it (in the process changing the data on the card, since it would be inaccurate) or blank out fields I don’t want to share. I would then give my permission to share the data using some sort of authorization mechanism. Ideally I would do this by pressing my thumb on a spot on the card. However, a PIN or retinal scan might be okay as well.

There are devices out there that get part of the way there. For example, MedicTag is one of a number of devices that puts your medical history on a USB drive that you wear at all times. The problem with devices like this is that there is no guarantee that your health care provider will even think to check for the device. Even if they can, there is no standard for encoding the information so that it can be easily read into a provider’s health care database yet stay secure. To make sure that the data can be read in an emergency, it is likely unencrypted. Worst of all, since most health care visits are not for emergencies, then routine trips would likely require you to fill out paper forms anyhow. Certain providers, principally emergency rooms and ambulance companies, would have permission to read your card without your authorization.

I would bet that most health care providers would be glad to install devices that could read structured medical information from these devices. They would quickly pay for themselves in productivity savings and accuracy of these data. Most health care providers already have a records management system, generally Medics Elite. These companies would find plenty of incentive to build software for point of presence terminals to collect the data.

I am sure that a smartphone could be configured to do this. It can already be your electronic wallet. That seems to be the thinking behind Google Wallet, but so far vendors have been lukewarm embracing the technology. Doubtless apps could be created that would comply with any NIST standards for sharing medical information. With cloud services now becoming standard, most of us would be glad to pay a reasonable fee to have our medical and other private information backed up in the cloud, in case we lose the smartphone. The real problem is that there is little in the way of standards for transferring frequent medical information, at least from patient to provider. This is why we need the benevolent hand of government. Once standards are in place and providers create interfaces, any number of vendors could compete to provide devices and apps to make this a reality. Just as many of us now have electronic boarding passes that are scanned off our cell phone, there is no reason why the same data could not be transmitted using an infrared or wireless connection, once authorization is granted.

As an aging human being who doubtless has many hundreds or thousands of doctors’ appointments ahead of him before I die, a device like this cannot come soon enough. After all, as you age you realize time is short, and you can save heaps of it not filling out redundant medical forms.


One Response to “Solving the medical forms hassle”

  1. 7:39 pm on December 22 2011, Justin Scott said:

    This is an area I have done a lot of thinking about as well. Unfortunately it all comes down to security and authorization. It is now possible to use Near-Field Communication (NFC), the same technology that Google Wallet uses, to enable a client application on a smart phone to receive a request from a provider and give the user the option of sharing selected information. It can even be encrypted on the device for security. For regular visits this isn’t a problem as the patient is able to provide that authorization and the sharing can occur.

    The problem is that in emergency situations, emergency responders would need to have access to that information as well. That means a back-door into the system so that regular authorization can be bypassed. How long would it take for attackers to figure out how to use that to their advantage? It does become easier if you just cut out this part of the puzzle (emergency responders don’t have this information now, so it’s not like they’re losing anything by not including them in the process).

    MedicTag is a joke, by the way. I found a while back them when researching this topic. Their device is essentially a branded USB-key with a Word document on it that you fill out. It is not encrypted and there is no security (specifically so that an EMT with a laptop can plug it in and open the document to read your information). It’s a goldmine for anyone who could benefit from a person’s medical history, and could easily be infected with and spread malware to any unprotected computer it’s plugged into (which could lead to a larger breach of privacy for anyone else who might have information stored about them on a computer it’s plugged into). I like the idea behind it, but their implementation leaves a lot to be desired.

    The second problem, as you correctly point out, is one of formats. Some central agency would need to define a common protocol for the exchange of information between the patient and provider. NIST or some other organization could probably pull it off if mandated. I predict cries of “creating a national ID card” from civil libertarians if this is even considered, however. (If it has all of your personal data, medical information, etc. and is government mandated, what’s to stop it from being required to, say, board an airplane? Those are the sorts of arguments people will make against it.)

Leave a Reply

Switch to our mobile site