The Connectologist

Medical connectivity at the point of care and beyond

The Story of This Site -- Past, Present and Future

I confess, it was a series of impulses. I discovered that the url connectologist.com was available and I grabbed it. I'd wanted it 5 years ago when I started consulting, but it was already taken, and now it was mine. About the same time I came across this blogging tool, Posterous, and the value proposition -- super simple and easy -- was appealing.

Well, the figurative morning after found me with second thoughts. (I won't bore you with the details.) Here's the plan: 1) I'm going to move the posts from this site over to my regular site, www.medicalconnectivity.com, 2) then I'll close the Posterous account, and 3) redirect the connectologist url to my regular site.

Let's just forget this tawdry affair, shall we?

Software Quality, Defects and Requirements

Media_httpwwwswqualcomnewslettervol6no5vol6no5clipimage001jpg_sdapuivcggegqkt
via swqual.com

Steve Rakitin of Software Quality Consulting provides an assessment of the state of the software quality assurance profession in his latest newsletter. He notes the following regarding software bugs:

Today the best most highly skilled software developers inject an average of one defect for every 8 lines of code they write. [2] The single most common reason software engineers inject defects has been and is still poorly written requirements.

We also have anecdotal information suggesting that through verification activities such as peer reviews and static analysis and validation testing, we typically find about 95% of these injected defects. The end result is:

released software has, on average, a defect density in the range of 5-6 defects per thousand lines of code (KLOC).

So if we look at a typical software-based system that has one million lines of code, here’s what we’d expect to find:

Defects injected: using 1 defect /8 lines of code = ~120,000

Defects removed: assuming 95% found = 114,000

Defects remaining: (defects injected - defects removed) = 6,000

To put this in perspective, 2010 model-year cars will have about 100 million LOC. Given the above, there could be as many as 600,000 defects that remain in the software that controls your car.

 

Imagine the potential safety impact of that many defects in a complex medical device system -- or a system of systems.

More interesting, is the primary cause of these software defects: poor requirements. In my experience, PCDI or medical device connectivity applications are particularly susceptible to requirements related software defects. The reasons for this are pretty straight forward.

Unlike generating requirements for the embedded systems (the conventional stand alone "black box" medical device) for which manufacturers have many years experience, requirements generation for connectivity is a new challenge. This is further exacerbated by the fact that requirements gathering for an embedded device can be quite different from capturing connectivity requirements. Different kinds of methods and tools are frequently used because the workflow automation and systems integration required for connectivity are fundamentally different from the "knobology" and operation of the embedded device.

Over the years, I've received numerous calls from manufacturers asking me to, help them "finish" a project. A good engineer, if provided with adequate requirements, can complete a product design. After exploring the situation, the problem almost always starts with, or comes down to, a lack of requirements. Those projects become exercises in capturing the missing requirements, and training the client on how to capture connectivity requirements in the future.

Baxter Acquires Minority Stake in SIGMA

Media_httpwwwmdbuylinecommdbwebappuserdefinedibarticleib17641764filesimage001jpg_wgtplegbqgrcjnq
via mdbuyline.com

Between recent regulatory problems (here, here and here) and lagging the market with pump connectivity, Baxter's inked a deal with SIGMA (press release). In the deal, Baxter pays SIGMA $100 million for exclusive distribution rights world wide and a 40% equity stake in SIGMA and the option to acquire the rest of the company in the future. "Baxter may make additional payments of up to $130 million for the exercise of its option to purchase the remaining portion of the company as well as for the achievement of certain R&D, regulatory, and commercial milestones, according to the release."

It's interesting to note the 3 categories of milestones. Given that SIGMA is way ahead of Baxter from a connectivity perspective, the fact that SIGMA has R&D milestones (that one assumes are required to remain competitive) indicates the increasing importance of workflow automation in purchase decisions, and the difficulty of developing that same set of features. It's not clear how Baxter's regulatory issues, which should be mostly behind them, play into the deal -- but a separate product development process and good manufacturing practices would appear to provide a regulatory buffer from any lingering issues Baxter faces. I'm assuming commercial milestones are sales commitments on Baxter's part, and perhaps manufacturing capacity commitments for SIGMA.

Greg Stett, a clinical analyst at MD Buyline asked the hard question:

When we asked Baxter about what their plan will be down the road if they were to completely acquire SIGMA, more specifically if the two product lines would be integrated in any way, they officially said, “Baxter will continue to develop our next generation products, remediate the COLLEAGUE volumetric infusion pump, and establish an agreement with the FDA on a path forward for re-commercializing within the U.S. Baxter remains committed to the COLLEAGUE volumetric infusion pump platform, and development of the next release of the COLLEAGUE volumetric infusion pump will continue as planned.” So, at this time, past COLLEAGUE issues will not slow down future development of the new generation COLLEAGUE products.

A number of questions come to mind:

  1. How much of a factor was Baxter's recent regulatory problems? 
  2. How many connectivity R&D problems has Baxter been running into? It's been 4 or 5 years since they showed wireless term server connectivity along with an application on a PDA at HIMSS.
  3. After popping $150 million for the SIGMA pump, why develop a new Colleague? Given Baxter's business model is based more on disposables and consumables rather than capital equipment, why not just buy SIGMA?
  4. How much of a factor was startup Fluidnet, who just submitted their 510(k) in June, 2009? 
It seems to this observer that SIGMA has the potential to get a great return on their company -- and arguably, at a fair price for Baxter who has a significant market share to protect.

Below is a picture of Fluidnet's new product from their home page.

CCHIT's Exclusive EMR Certification Role in Question

Here's a great summary on the increasing uncertainty and political machinations around EMR certification. 

CCHIT’s certification criteria are feature, structure and process-oriented, yet the latest Meaningful Use criteria from the ONC's HIT Policy Committee not. The Meaningful Use Matrix consists of five “Health Outcomes Policy Priorities” and associated Care Goals, Objectives and Measures. The Committee anticipated that the latter would be transformed into EHR certification criteria at a later date (some time around the Spring of 2010).

The criteria are not consistent with those used by CCHIT to certify EHRs. They are outcomes-oriented (CCHIT’s are feature, structure and process-oriented), and they do not require that any particular technology (such as the client-server applications used by the legacy vendors who sit on the board of CCHIT) be used to achieve the results.

Subsequently, HHS announced that it planned to assume responsibility for deciding which EHR systems qualified for bonus payouts under Medicare, and shortly thereafter, ONC’s HIT Policy Committee said that it planned to recommend that several entities should certify EHR systems.

In its announcement, the Committee envisioned the establishment of 10 to 12 such agencies.

The upshot of these moves by the Federal government are that (1)CCHIT no longer decides what criteria will be used to certify EHRs, and (2)its days as the exclusive provider of EHR certification services are numbered.

In response, CCHIT adjusted their certification offering (since they're certifying EMRs for existing criteria, rather than the criteria the HIT Policy Committee comes up with next year). Here's Glenn Laffel's take:

But as mentioned above, ONC won’t sign-off on its “meaningful use” criteria until the spring of 2010. In effect, CCHIT is asking EHR vendors to gamble that CCHIT can, like a fortune teller at a carnival, predict what those final recommendations will be.

"Choose the risk you want to take," CCHIT Chairman Mark Leavitt recently challenged vendors. "Go ahead now (with a CCHIT review) and have an extra year to implement, with a small risk that there will be some gap in which EHR systems would have to be updated to receive final certification…" or risk the consequences of sitting on your hands, he presumably would add.

Never mind that the latest information is in the public domain, and that any vendor can compare it against their current capabilities and development plans! Disregard the fact that CCHIT has no track-record in promulgating outcomes-oriented certification criteria or in certifying against them!

What is CCHIT charging for its fortune-telling expertise? According to Government HealthIT, a HIMSS sponsored publication, prices for modular certification begin at $6,000 for up to 2 modules. They rise to $24,000 for up to 20 modules and to $33,000 for more than 20.

As always, fees for CCHIT’s comprehensive certification are $37,000 for ambulatory systems and $49,000 for hospital systems. Annual renewal costs are $9,000 for each.

That’s chump-change for the legacy vendors whose top executives sit on the board of CCHIT, but it guarantees nothing.

All this confusion about unknown criteria, and who exactly will do the certifying has a definite impact on medical device interoperability that's scheduled for 2015 in the Meaningful Use Matrix.

Wireless Technology Selection

Here's a story at embedded-europe.com about the adoption of various wireless technologies in medical devices -- for connectivity, of course. 

Yours truly is quoted, talking about the difficulties faced by companies outside of health care who would like to break in. Genesis for the story came from the advent of tablet computers:

A recent example of this came from two leading suppliers in the medical sector; Philips and Motion Computing. They have both recently introduced wireless medical tablets, powered by Intel's Mobile Clinical Assistant platform (MCA). This class of device uses WiFi to communicate and features a digital camera, along with both barcode and RFID readers, for scanning medicine labels and identifying patients by their wrist straps. They will also likely feature Bluetooth, to capture patients' vital signs.

It seems to me, these tablets are become Computers on Wheels devices, riding around in docking stations with separate keyboards and mouses.

This story also looked at Bluetooth and Zigbee:

So will the introduction of open Bluetooth and ZigBee profiles stimulate growth, and if so how? Gee believes that interoperability, and therefore profiles, will be essential, but other things need to be in place. For instance, to overcome the situation of proprietary equipment interfacing with equipment based on open standards, there needs to be some form of common data exchange, a kind of 'http for medical devices'.

This past summer, Continua Health Alliance selected the medical profiles of both Bluetooth and Zigbee for their member's wireless sensor networking. Something similar to Continua is still lacking in the acute care market, hindering market growth.

And a blast from the past. Remember when Bill Gates was convinced that the tablet would be come the predominate type of personal computer any day? (Circa November 7, 2002)

Nyp2002110704

Regulatory Issues: MDDS and IEC 80001

William Hyman lead the group through the Byzantine world of the FDA. He described the content of the FDA's draft Medical Device Data System (MDDS) rule. There were several great questions from the audience, and a humorous exchange about manufacturer's statements meant to limit liability. Hyman characterized the most extreme examples as "lies." He suggested that the most effective liability-limiting text was, "Do Not Use This Product."

Steve Grimes attributed the increasing complexity of medical device systems and "systems of systems" where installations with multiple systems result in unanticipated integration and interactions -- that were not tested by the respective medical device manufacturers. The risk management standard in development, IEC 80001is intended to address these risks. 

Under 80001, the primary responsible party is the health care provider. Manufacturers are responsible for providing information that providers then use to complete their risk analysis and mitigation. The risk management process described in the draft standard is similar to that required by the FDA for medical device manufacturers. 

Like HIPAA includes the Business Associate agreement to ensure effective HIPAA privacy policies, the draft 80001 standard calls for a Responsibility Agreement, where manufacturers disclose risk analysis and mitigation data to customers. 

It seems to me that IEC 80001 imposes the kind of risk management that biomedical and clinical engineers have been doing (albeit informally) for many years, onto the IT department and broader hospital. It is medical device connectivity, the converging of medical device and enterprise networks. For years, medical device networks that fail can kill patients -- risks that have been managed successfully by biomeds. When medical device and enterprise networks are merged, enterprise network failures can kill patients. This is a new situation for hospital CIOs, and the implications of this change has yet to really dawn on many of them.

Steve Rakitin pointed out that the FDA requires medical device manufacturers to provide training in risk management for their products, yet it is obvious that manufacturers aren't doing anything in this area. As I noted during my presentation, how manufacturers do their verification testing and how they're actually installed and used, are quite different. Arguably, the vast majority of providers with medical device systems are using them "off label." 

Rob Renck asked how 80001 is percolating into the mindset of Clinical Engineers, and how it's impacting the management of enterprise networks in hospitals. Steve noted that there's a significant education and training challenge in these new kinds of risk management efforts. Steve sees clinical engineers as taking a leadership role in hospitals on 80001.

All of this reminds me of a job description that Steve Grimes posted a several years ago when he was at Vanderbilt.

Next up a panel discussion on MDDS and 80001. First question: what will the FDA's verification and validation requirements be for MDDS? The answer to this question is rather complicated and revolves around the product's intended use (or marketing claims) and the product regulatory strategy (the risk analysis, how specifications are written, the design approach, etc.).

Peter Kelley with Capsule, suggested it would be some time after the final rule for the market and the FDA to figure out exactly what the regulatory impact will be from MDDS. He noted that many of the FDA's regulations are open to interpretation and so you can't just look up your answer in the regulations and the discern a risk-free regulatory way forward.

Randy Lance, Cerner, said it's a good thing that the FDA's recognizing the importance of connectivity and systems. 

Bill Hyman noted that using a standard can be leveraged with the FDA with what they call an abbreviated 510k.

Rick Hampton with Partners, asked the question who is a manufacturer? If the hospital puts a medical device on an enterprise network? The FDA's current position is this does not place the hospital in the role of a manufacturer. What if the hospital implements something like an MDDS? Not known.

Rick said that they've tired to use 80001 to evolve their organization and facilitate deploying medical devices on the enterprise network. This has not been an easy transition, but they've made progress. Partners is looking at an organizational structure like an Internal Review Board to evaluate medical device/IT combinations.

For hospitals without the clinical engineering support that large academic medical centers have, Steve Grimes suggested that mid to smaller hospitals will look to consultants or third party service providers to come in and lay the foundation for 80001 implementation and some initial education. Over time, all this will be internalized and provided by in house staff.

Risk and responsibility for the implementation of connectivity solutions is falling to the providers. The delta between what manufacturers subject to verification test and the environment in which they're actually installed are miles apart. 

(tag: Medical Device Connectivity conference, MDDS, FDA, IEC 80001)

Industry Standards

The industry is rapidly approaching a point where an independent test and certification organization is required to provide verification testing of connectivity and interoperability (or semantic or syntactic interoperability) across multiple manufacturer's products and systems. 

It's impractical for each individual manufacturer to do this verification testing themselves. 

Unlike "plug-fests" or "connectathons" this test and certification must be in compliance with the FDA's Quality System regulation -- otherwise each manufacturer has to repeat the testing again themselves.

I asked Dick Moberg about the future of software libraries. He suggested that the military was a major factor in the adoption of DICOM. They made DICOM a requirement for imaging modality purchases, and manufacturers adopted. Moberg Research has a grant from the Army to develop an 11073 library. He noted that the military has let a number of grants around 11073 and other standards. The implication is that at some point the government, who buys a lot of medical devices, will mandate some standards.

Can you test to a standard or must you also to verification and validation testing of the system? This question was offered more as a statement that seems questionable, at best. Definite product management, design and regulatory strategy implications.

When asked about other standards (besides 11073) like DICOM or the HL7 RIM and their ability to either support vendor connectivity, or at minimum for use internally within a vendor's system. For example, many systems convert acquired data into an internal protocol for processing, storage and retrieval. Why not use the HL7 RIM as the internal data model rather than reinventing that wheel? John Harrington with Hill-Rom IT Solutions, suggested there'd be a lot of different standards that will end up being used.

Sudheer Matta with Cisco mentioned the need for connectivity to start with the physical layer -- Ethernet and Wi-Fi. He hits on two big issues here: the verification of medical device systems on specific vendor's infrastructure, and enabling coexistence among medical device systems on the same enterprise network.

Julian noted that we can't select or even create effective standards without knowing the requirements (he means the specific workflows and use cases that standards must support).

Great question about device association, when devices come on or off the network. Nat Sims volunteered a response: use a process like the 5 rights used in medication administration systems. Sudheer notes that medical devices also have quite a ways to go to become networked information appliances and supporting network authentication.

FCC Seeks Comment (Again) on MBANs

Some semi recent news on Medical Body Area Networks (MBANs) from GE Research and the FCC.

Most timely, GE announced September 1, 2009, where they announced (press release):

an initiative aimed to develop wireless medical monitoring systems, or body sensor networks (BSN), which would replace the traditional tangle of bedside cables used to capture a patient’s vital signs. GE’s vision for the systems would enable wireless monitoring from anywhere in the hospital—or even remotely from home.

For the past couple years, GE's been pushing for the allocation of spectrum for MBANs. The press release notes that, "The FCC recently issued a notice of proposed rulemaking (NPRM), acting upon GE Healthcare’s petition to establish a new, vendor-neutral dedicated radio frequency band for low-power, short-range, wireless patient monitoring devices. This petition requested creation of a new Medical Body Area Network Service (MBANS), to support wireless sensors that monitor a patient’s health state, linked together in body sensor networks."

Here's David Davenport talking about their wireless sensor initiative:

Apparently, GE's going after the cable replacement business for traditional multi parameter patient monitors. LifeSync has had a product replacing ECG cables (by far the most predominate) for several years. LifeSync also controls the Besson patent (licensed to them exclusively by Motorola) that applies to wireless sensor based physiological monitoring.

The FCC Notice of Proposed Rulemaking referenced is from June 29, 2009. Another "article" written by a law firm apparently engaged by GE was published March 20, 2009 and outlines:

Proposed Frequency Band:  "identified the 2360-2400 MHz band as the preferred frequency band based on engineering studies showing that MBANS devices can successfully coexist with incumbent operators and users." I would love to see that coexistence data. I was told by David Davenport, with GE Global Research that, spectrum just outside 2.4 GHz was desired because it would enable the use of off the shelf 2.4 GHz components, with only minimal modifications. 

Permitted Operations and Eligibility: "the proposed rules limit the type of devices that will be permitted to operate within the spectrum to those involved in the monitoring, diagnosing or treatment of a patient." No big deal here.

Authorized Locations: While only medical applications may use the spectrum, users "will be fully mobile, both inside and outside of healthcare facilities, without restriction."

Spectrum Sharing Requirements: Here's the big issue -- "The proposed rules do not require the use of any specific standard protocol but GEHC anticipates that industry standardization efforts may occur. Currently, the proposed rules only require that all devices implement basic contention-based mechanisms to allow predictable and fair access to the spectrum." The same vague promises of working out an industry standard after the fact were make when WMTS was created. Nothing ever came of that, and there were very serious coexistence problems with both GE's and Philip's WMTS the first several years they were on the market. This is a recipe for the creation of vendor specific proprietary systems. This is a great product strategy for GE (and Philips), but not so good for smaller competitors with not so large R&D budgets.

Emission Limits: This is low powered stuff, "MBANS devices be permitted to have fundamental emissions of up to 0 dBm EIRP for the proposed maximum 1 MHz emission bandwidth."

It appears that nothing will preclude medical device manufacturers from using other portions of the ISM band do develop and sell their own wireless sensor based systems. 

Here's a great summary from mobihealthnews, written by Mintz Levin (another law firm engaged by GE?). More details are provided on the potential frequency allocations (a total of 3 bands), and specific issues the FCC is looking for comments on. Conspicuously absent are any instructions on how to submit your comments (except through Mintz Levin). 

Here's a pdf of the FCC's press release on the proposed rule, and a pdf of the actual Notice of Proposed Rulemaking. More late.

Here's a photo of LifeSync's Wireless ECG rig. Note that each sensor (there can be as many as 12 of them) is not wireless.

293385620_ab4440fd25