Metasteward LLC  

Looking at health information technology (HIT) through the "donut hole"!

Metasteward LLC's mission is to be recognized as the organization of choice for consultation on defining and recommending consumer empowerment and protection standards for senior citizens.

e-OlderAmerican Blog Mission 


Suggestion: Right click and open each hyperlink in a "New Tab". Links having (or soon to have) content are identified with an *.

2011 *
2010 *
2009 *
2008 *
2006-2007 *
1998-2001 *
1994-1996 *
1987-1994 *
1970-1976 *
1935-1956 *

Welcome to the Metasteward LLC Web site! 


Message from the Founder -                                        January 1, 2012

Dear Colleagues, Older Americans and Others:

It's now been three years since I initiated my Web site and my message, below, from a year ago, still remains relevant. 

During 2011, I have been an active "committed" participant on several workgroups in the Standards and Interoperability Framework (S&I) effort which filled the gap when the Health Information Technology Standards Panel (HITSP) was sunseted.  I currently am a member of workgroups involved in the Data Segmentation Initiative, which was established to address standards for the ability to exchange parts of medical record  often called data segmentation. The goal of the project is to enable the implementation and management of health information disclosure policies originating from a patient's request, statutory and regulatory authority or organizational disclosure requirements.  Of particular note is the effort to define the current need for data protection services, such as a patient's directive not to disclose substance abuse records in accordance with 42 CFR Part 2. 

It is ironic, that I am involved in developing future standards for data protection services when, at the same time, the system for which I a volunteer data entry clerk is operating outside the rule of law as described in my message below, written a year ago.  It now has been over four years since I brought the situation to the attention of the Wisconsin Department of Health Services (DHS).  The potential fiscal consequences (for Wisconsin and our Nation) of DHS' institutionalized indifference to individuals' privacy rights and rogue behavior related to developing ad hoc computer systems not having adequate security is truly breath-taking in scope. Wisconsin potentially could be responsible for enabling a major portion of the billions of dollars lost to fraud, waste and abuse in the healthcare system. 

I have placed a link to the S&I Framework Wiki which is open to anyone.  My participation and the participation of all involved can be followed in detail on the Wiki.  Participation by others is definitely encouraged with an easy to follow process for joining the initiative.  I encourage others, particularly the Wisconsin Department of Health Services, to participate. 



Fred Buhr 

Fred Buhr, MSSW

Metasteward LLC


Message from the Founder -                                         January 1, 2011

Dear Health Information Technology (HIT) Colleagues:

It's now been two years since I initiated my Web site and unprecedented advances have been made in health information technology (HIT) during that time.  Six months ago, I used this space to detail the health care advances that will occur in 2011. Today, I will outline the reasons I initiated my Web site in the first place.

During the latter portion (from 1998 until 2005) of my over forty years of employment by the (then) Wisconsin Department of Health and Family Services (DHFS), I served as the Department's electronic forms (eForms) coordinator and represented DHFS as its in-house data consultant on workgroups of national and international standards development organizations (SDOs). After leaving DHFS, I continued pursuing my passion for health information technology (HIT) by serving as a volunteer in various capacities, representing myself (and others like me), as a consumer/patient advocate as well as a subject matter expert. 

I have served as a volunteer member on a number of subcommittees of the U.S. Health Information Technology Standards Panel (HITSP) including the Consumer Preferences Tiger Team (CP-TT) which reported directly to the Office of the National Coordinator (ONC).  I currently am a member of the HL7 Personal Health Records (PHR) Workgroup. Since August 2007, I have been the volunteer data entry operator for the McFarland (Wisconsin) Senior Outreach Program.

In January 2008, in my capacity as data entry operator for McFarland's outreach program, I encountered a rogue data entry form that the Department of Health Services (DHS) had adapted from instructional material originally developed in the late 1980's by the Nutrition Screening Initiative (NSI).  Although the NSI form, known as "DETERMINE", was never envisioned to be computerized, DHS staff configured a set of "user fields" in its Social Assistance Management System (SAMS) database and mandated their use as an assessment tool to evaluate individuals' nutrition behavioral risk factors.  In November 2008, DHS added a "privacy notice" to the form indicating that the information was being collected to comply with federal reporting requirements.

Another set of DHS configured "user fields" is used to record chronic conditions of individuals participating in the "Living Well" chronic disease self-management program (CDSMP).  The program originally developed by the Stanford University School of Medicine was initiated in Wisconsin in 2005.  It is one of the most outstanding evidenced based prevention programs in the nation; but medical conditions should not be listed in the electronic SAMS records kept on individuals.  On forms relating to CDSMP, DHS has included the same "privacy notice" as on the "DETERMINE" form.

DHS staff members have configured nearly a hundred "user fields" including five labeled as: Diagnosis1, Diagnosis2, Diagnosis3, Diagnosis4 and Diagnosis5.  The grouping is a particular pattern related to the multi-axial diagnostic system of the Diagnostic and Statistical Manual of Mental Disorders (DSM). I recognize those particular fields from my past participation in Wisconsin's Data Infrastructure Grant (DIG) project funded by the Center for Mental Health Services/Substance Abuse and Mental Health Services Administration (CMHS/SAMHSA).  The DHS form: "F-11103 Outpatient Mental Health Assessment and Treatment/Recovery Plan" contains the same fields and possibly is the source of the data that populates those particular SAMS "user fields". 

There are seven built-in NAPIS (National Aging Program Information System) fields in the SAMS database that ostensibly are used by DHS for constructing reports to the federal Administration on Aging (AoA).  The seven NAPIS fields have been parlayed by DHS into an illegal tracking system containing hundreds of non-NAPIS data elements for the illegal collection and storage of protected health information (PHI) belonging to over 150,000 of Wisconsin's elderly and disabled citizens. DHS has developed a rogue system that is being operated outside the rule of Wisconsin and federal law.

When I volunteered in 2007 to enter health information of McFarland's seniors and disabled into the SAMS database, I believed that I would be entering data into a legitimate State of Wisconsin system. Over time I found that SAMS was not a legitimate State system.  If it had been a legitimate system, DHS would have involved its forms and records officer, or one of the many other forms and records experts in the Department, in configuring SAMS forms.   Harmony, the company that owns SAMS, would have monitored how Wisconsin was actually configuring the application and the systemic privacy and security breaches documented in the following files would not have occurred. At a fundamental ethical and moral level, if DHS had continued to follow "Standards of Fair Information Practices" as it once did, its systems would be worthy of trust; at this point in time, DHS as an agency itself is not worthy of trust.

Because DHS administrators have engaged in self-deception, the entire nation-wide effort toward trustworthy health information exchange (HIE) has been compromised. That self-deception is ignominiously displayed when Susan Crowley, the DHS administrator responding on behalf of Governor Doyle, says to me: "If you wish to withdraw your record from the system, we would be happy to honor your request."  The self-deception is further displayed in Donna McDowell's letter responding to concerns that I raised during meetings of the WIRED for Health Board and the Long Term Care Council about the security and privacy of the listing of medical conditions of individuals participating in the CSDMP program.  Ms. McDowell is director of the Bureau of Aging and Disability Resources (BADR) which is Wisconsin's federally recognized state unit on aging (SUA). 

I've arranged the following documents in a sequence that shows my concerns and the process of self-deception followed by DHS.  Because DHS utilized the privately owned websites of the SAMS database administrator: " and" and privately controlled list servers: " and" to transmit "DETERMINE" data entry instructions, documentation is not available on State owned and operated websites and list servers.  Furthermore, because Harmony's suite of applications including SAMS and BEACON are operated by the Greater Wisconsin Agency on Aging Resources (GWAAR), there is no documentation (that I can locate) for either SAMS or BEACON on State operated websites.

Wisconsin's plan for the development of a statewide network of electronic health information was approved by federal officials during the last week in 2010.  The Wisconsin Statewide Health Information Network (WISHIN) will serve as the network's governing organization and the Wisconsin Health Information Exchange (WHIE) will act as the network's technical manager.  DHS, as an agency, is not worthy of the trust to participate in WISHIN nor in the nation-wide health information exchange networks.

As a consumer/patient advocate having multiple chronic conditions (MCCs), portions of my virtual electronic healthcare record (EHR) are located in systems of various vendors, including both Epic (Verona, Wisconsin) and Harmony Information Systems (Reston, Virginia).  I am deeply concerned about the inadequacy of DHS' plans for the privacy and security of both my records and the health care records of others like me.  It was of no comfort to me for Susan Crowley, the DHS administrator, to offer to remove my record from SAMS.  In fact, her offer to withdraw my record from SAMS was a source of great discomfort and prompts me to classify the Wisconsin Department of Health Services as a ROGUE DEPARTMENT!

The Office of the National Coordinator (ONC) should review Wisconsin's state operating plan (SOP) for compliance with the ONC-HIE-PIN-001 directive for the HIT Coordinator to: "Ensure state program participation in planning and implementation activities including, but not limited to Medicaid, behavioral health, public health, and departments of aging." 






BADR's Contract for SAMS.pdf










Fred Buhr 

Fred Buhr, MSSW

Metasteward LLC




Fred Buhr, MSSW




Last modified: 01/31/12