Welcome to the Metasteward LLC Web site!
Message from the Founder -
January 1, 2012
Dear Colleagues, Older Americans and Others:
It's now been three years since I initiated my Web site and my
message, below, from a year ago, still remains relevant.
During 2011, I have been an active "committed" participant on
several workgroups in the Standards and Interoperability Framework (S&I) effort
which filled the gap when the Health Information Technology Standards Panel (HITSP)
was sunseted. I currently am a member of workgroups involved in the Data
Segmentation Initiative, which was established to address standards for the
ability to exchange parts of medical record ―
often called data segmentation. The goal of the project is to
enable the implementation and management of health information disclosure
policies originating from a patient's request, statutory and regulatory
authority or organizational disclosure requirements. Of particular note is
the effort to define the current need for data protection services, such as a
patient's directive not to disclose substance abuse records in accordance with
42 CFR Part 2.
It is ironic, that I am involved in developing future standards for
data protection services when, at the same time, the system for which I a volunteer data entry
clerk is operating outside the rule of law ― as described in my message below,
written a year ago. It now has been over four years since I brought the
situation to the attention of the Wisconsin Department of Health Services (DHS).
The potential fiscal consequences (for Wisconsin and our Nation) of DHS'
institutionalized indifference to individuals' privacy rights and rogue behavior
related to developing ad hoc computer systems not having adequate security is
truly breath-taking in scope. Wisconsin potentially could be responsible for
enabling a major portion of the billions of dollars lost to fraud, waste and
abuse in the healthcare system.
I have placed a link to the S&I Framework Wiki which is open
to anyone. My participation and the participation of all involved can be
followed in detail on the Wiki. Participation by others is definitely
encouraged with an easy to follow process for joining the initiative. I
encourage others, particularly the Wisconsin Department of Health Services, to
Fred Buhr, MSSW
Message from the Founder -
January 1, 2011
Dear Health Information Technology (HIT) Colleagues:
It's now been two years since I initiated my Web site and
unprecedented advances have been made in health information technology (HIT)
during that time. Six months ago, I used this space to detail the health
care advances that will occur in 2011. Today, I will outline the reasons I
initiated my Web site in the first place.
During the latter portion (from 1998
until 2005) of my over forty years of employment by the (then) Wisconsin
Department of Health and Family Services (DHFS), I served as the Department's
electronic forms (eForms) coordinator and represented DHFS as its in-house data
consultant on workgroups of national and international standards development
organizations (SDOs). After leaving DHFS, I continued pursuing my passion for
health information technology (HIT) by serving as a volunteer in various
capacities, representing myself (and others like me), as a consumer/patient
advocate as well as a subject matter expert.
I have served as a volunteer member on a
number of subcommittees of the U.S. Health Information Technology Standards
Panel (HITSP) including the Consumer Preferences Tiger Team (CP-TT) which
reported directly to the Office of the National Coordinator (ONC). I currently
am a member of the HL7 Personal Health Records (PHR) Workgroup. Since August
2007, I have been the volunteer data entry operator for the McFarland
(Wisconsin) Senior Outreach Program.
In January 2008, in my capacity as data
entry operator for McFarland's outreach program, I encountered a rogue data
entry form that the Department of Health Services (DHS) had adapted from
instructional material originally developed in the late 1980's by the Nutrition
Screening Initiative (NSI). Although the NSI form, known as "DETERMINE", was
never envisioned to be computerized, DHS staff configured a set of "user fields"
in its Social Assistance Management System (SAMS) database and mandated their
use as an assessment tool to evaluate individuals' nutrition behavioral risk
factors. In November 2008, DHS added a "privacy notice" to the form indicating
that the information was being collected to comply with federal reporting
Another set of DHS configured "user
fields" is used to record chronic conditions of individuals participating in the
"Living Well" chronic disease self-management program (CDSMP). The program
originally developed by the Stanford University School of Medicine was initiated
in Wisconsin in 2005. It is one of the most outstanding evidenced based
prevention programs in the nation; but medical conditions should not be listed
in the electronic SAMS records kept on individuals. On forms relating to CDSMP,
DHS has included the same "privacy notice" as on the "DETERMINE" form.
DHS staff members have configured nearly
a hundred "user fields" including five labeled as: Diagnosis1, Diagnosis2,
Diagnosis3, Diagnosis4 and Diagnosis5. The grouping is a particular pattern
related to the multi-axial diagnostic system of the Diagnostic and Statistical
Manual of Mental Disorders (DSM). I recognize those particular fields from my
past participation in Wisconsin's Data Infrastructure Grant (DIG) project funded
by the Center for Mental Health Services/Substance Abuse and Mental Health
Services Administration (CMHS/SAMHSA). The DHS form: "F-11103 Outpatient Mental
Health Assessment and Treatment/Recovery Plan" contains the same fields and
possibly is the source of the data that populates those particular SAMS "user
There are seven built-in NAPIS (National
Aging Program Information System) fields in the SAMS database that ostensibly
are used by DHS for constructing reports to the federal Administration on Aging
(AoA). The seven NAPIS fields have been parlayed by DHS into an illegal
tracking system containing hundreds of non-NAPIS data elements for the illegal
collection and storage of protected health information (PHI) belonging to over
150,000 of Wisconsin's elderly and disabled citizens. DHS has developed a rogue
system that is being operated outside the rule of Wisconsin and federal law.
When I volunteered in 2007 to enter
health information of McFarland's seniors and disabled into the SAMS database, I
believed that I would be entering data into a legitimate State of Wisconsin
system. Over time I found that SAMS was not a legitimate State system. If it
had been a legitimate system, DHS would have involved its forms and records
officer, or one of the many other forms and records experts in the Department,
in configuring SAMS forms. Harmony, the company that owns SAMS, would have
monitored how Wisconsin was actually configuring the application and the
systemic privacy and security breaches documented in the following files would
not have occurred. At a fundamental ethical and moral level, if DHS had
continued to follow "Standards of Fair Information Practices" as it once did,
its systems would be worthy of trust; at this point in time, DHS as an agency
itself is not worthy of trust.
Because DHS administrators have engaged
in self-deception, the entire nation-wide effort toward trustworthy health
information exchange (HIE) has been compromised. That self-deception is
ignominiously displayed when Susan Crowley, the DHS administrator responding on
behalf of Governor Doyle, says to me: "If you wish to withdraw your record from
the system, we would be happy to honor your request." The self-deception is
further displayed in Donna McDowell's letter responding to concerns that I
raised during meetings of the WIRED for Health Board and the Long Term Care
Council about the security and privacy of the listing of medical conditions of
individuals participating in the CSDMP program. Ms. McDowell is director of the
Bureau of Aging and Disability Resources (BADR) which is Wisconsin's federally
recognized state unit on aging (SUA).
I've arranged the following documents in
a sequence that shows my concerns and the process of self-deception followed by
DHS. Because DHS utilized the privately owned websites of the SAMS database
administrator: "http://dhfsbadr.org and http://dhfsbadr.com" and privately
controlled list servers: "Badgeraginglist@yahoogroups.com and WisNutrition@yahoogroups.com"
to transmit "DETERMINE" data entry instructions, documentation is not available
on State owned and operated websites and list servers. Furthermore, because
Harmony's suite of applications including SAMS and BEACON are operated by the
Greater Wisconsin Agency on Aging Resources (GWAAR), there is no documentation
(that I can locate) for either SAMS or BEACON on State operated websites.
Wisconsin's plan for the development of a
statewide network of electronic health information was approved by federal officials
during the last week in 2010. The Wisconsin Statewide Health Information Network (WISHIN)
will serve as the network's governing organization and the Wisconsin Health
Information Exchange (WHIE) will act as the network's technical manager. DHS,
as an agency, is not worthy of the trust to participate in WISHIN nor in the
nation-wide health information exchange networks.
As a consumer/patient advocate having
multiple chronic conditions (MCCs), portions of my virtual electronic healthcare
record (EHR) are located in systems of various vendors, including both Epic
(Verona, Wisconsin) and Harmony Information Systems (Reston, Virginia). I am
deeply concerned about the inadequacy of DHS' plans for the privacy and security
of both my records and the health care records of others like me. It was of no
comfort to me for Susan Crowley, the DHS administrator, to offer to remove my
record from SAMS. In fact, her offer to withdraw my record from SAMS was a
source of great discomfort and prompts me to classify the Wisconsin Department
of Health Services as a ROGUE DEPARTMENT!
The Office of the National Coordinator (ONC)
should review Wisconsin's state operating
plan (SOP) for compliance with the ONC-HIE-PIN-001 directive for the HIT
Coordinator to: "Ensure state program participation in planning and
implementation activities including, but not limited to Medicaid, behavioral
health, public health, and departments of aging."
BADR's Contract for SAMS.pdf
Fred Buhr, MSSW
Fred Buhr, MSSW