Skip to main content

Q&A: Kaiser Permanente's CIO on Technology's Role in Redefining Healthcare

 |  By smace@healthleadersmedia.com  
   April 23, 2013

Healthcare is transforming, says Philip Fasano, CIO and executive vice president of Kaiser Permanente, the nation's largest not-for-profit health plan and healthcare provider, with annual operating revenue in excess of $42 billion. He oversees 6,000 employees, who work to support the organization's 14,600 physicians. KP serves more than 8.8 million members.


HealthLeaders: What's the message of your book?

I recently sat down for an extended conversation with him Fasano as he was making the rounds promoting his new book, Transforming Health Care, The Financial Impact of Technology, Electronic Tools, and Data Mining.In part one of our conversation, Fasano talks about technology's role in redefining healthcare, and why cloud computing isn't quite ready for the task.

Fasano: It's really focused on being a bit of a call-to-action for the healthcare industry, and for the information technology industry to create the capabilities that will allow the industry to connect medical records, infrastructure, and ultimately create the capabilities that members find useful in managing their health, from a number of aspects: convenience, affordability, and availability of the system.

All of that is pretty much talked about in the book, from the EMR up, and from the EMR out to, from inside the system to patients and members and their interactions [as] consumers.

HealthLeaders: Technology's obviously very important, but I also hear that a lot of it is about organizational, leadership, managerial, and financial hurdles to overcome.

Fasano: In my opinion, there will be a rise of consumerism in healthcare in the United States, unlike what we've seen historically. We've seen so many other industries. I've been in the financial services industry and the healthcare industry deeply.

HealthLeaders: Who did you work for in financial services?

Fasano: Everyone from Deutschebank, Banker's Trust, JP Morgan Chase, Capital One, and then basically came into healthcare.

HealthLeaders: So you made the rounds.

Fasano: I did, and at pretty senior levels. So I had the ability to both participate in the change that the financial industry went through, and also lead some of it. That was fun to do, but we're going through a lot of similar changes in healthcare at this point. But I will also say that they're fundamentally, foundationally more important, because they're really about our health. But consumerism is going to change the way healthcare has to really deliver its capabilities.

HealthLeaders: Does [consumerism] redefine what a healthcare system is, or should be?


See Also: Q&A: Kaiser Permanente's CIO on Predictive Analytics and Other Challenges


Fasano: I think it redefines what healthcare could be and can be in this country. Clinical devices are getting so inexpensive, and they're so connectable now, that you can just see how that all converges, where the consumer really can take control in ways they just couldn't before.

From the standpoint of really having high-quality healthcare, and being the best in the world, something we should certainly aspire to, given how much we spend on healthcare in the United States, I think the tools are now present to enable that. It's really up to the industry, and the technology providers themselves, to really help us engage in that next wave of work that's really in front of us.

I would assert that the tools, done right, will enable the industry to take cost out of our cost structures. Even the simplistic issue of connecting medical record systems, so we don't have to take duplicate lab tests as we go from doctor to doctor, will make a material and meaningful difference in the cost structure. That can be redeployed in a lot of ways across the health system to really allow us to go through this transformation.

HealthLeaders: Where do you stand on the whole PHR issue? This is the idea that we have all this heavy lifting going on about health information exchanges, but maybe the better thing to do is to do what Google tried to do and failed, which was give everyone a personal health record and have that travel with the patient. Do you see that playing a big role still, or did that all peter out when the Google thing failed?

Fasano: I'll give you two points of view. One is, I think the Google thing failed for a reason. I don't think the technology industry or the healthcare industry was ready to really support that in the way that it needed to be supported.

The second point of view on this is, I think electronic medical records, given the content, is consistent with and from doctors, and really aligns with the treatment of patients, is the best resource for the start of PHR.

And then having the tools to integrate how much I walk, what I eat, and all of the other aspects of health that are important to me from a personal perspective, those are beginning to emerge and have emerged just recently, that really will enable a true PHR capability for patients, that will empower patients to both interact with their health in different ways, and leverage the content of electronic medical records.

But then the bridge has to be built between electronic medical records and personal health information, so that patients can be empowered in that way, and I think mobile capabilities, the connectivity that's being demonstrated across the board, starts to become the bridge to that future.

I think Google might have been a little early in the capabilities they were bringing forward, and they were quite rudimentary in terms of how they were planning to connect them. They were really trying to get the industry to do it. The consumer will naturally go there, but I think it has to be based on electronic medical records, and the merging of that information with the consumer's view of their health as well.

HealthLeaders: And cloud technology is maturing too.

Fasano: It sure is.

HealthLeaders: So we're getting to the point where we can put HIPAA stuff up in the cloud and not be worried about it.

Fasano: Well, as the CIO of Kaiser Permanente, I wouldn't say that. My point of view on putting private health information up in the cloud is that I don't think the cloud is necessarily really ready for that yet, and I say that as having a responsibility to our patients for managing their privacy with respect to their health information.

If they choose to do that, they make a personal decision about whether or not they accept the cloud. That's different from Kaiser Permanente choosing to do that, which we're not ready to do, because I can't get a vendor of cloud capabilities to give me a guarantee on security, and I think the real challenge today, and we all talk about this, is [that] cybersecurity, just overall, that topic is out and about.

Cloud technology has great promise and potential. I think we still have some work to do to really make it ironclad, in terms of the kind of security we all would expect. This isn't financial information. You lose a credit card number, you get a new credit card number, and you can manage the damage of that. If you lose personal health information, that has a longstanding effect.

So I believe we have to actually hold the technology community to a higher standard when it comes to personal health information, and inside Kaiser Permanente, I feel I have the ability, with my team, to truly manage the security of that. I won't say it's perfect, but I'd say we're very, very diligent.

HealthLeaders: Even Kaiser's had a breach or two.

Fasano: We have historically, but we've actually been really proactive in buttoning up our capabilities, so that no one in Kaiser Permanente, for example, can leave the institution with your medical information unless it's completely encrypted, and for the purpose of treatment.

They're not taking it and just running around willy-nilly with medical information on our patients. In fact, they have to be the person who's supposed to be accessing your information, and two, if they try to put it in a form that's transportable, we don't allow them to take it anywhere unless we've encrypted that information fully.

HealthLeaders: There is kind of a continuum though, between what you do in your data centers and then the private cloud things I hear about, like the Perot Systems that Dell bought, that is being used to run the data centers of 200 hospitals in a private cloud.

Fasano: Yes.

HealthLeaders: And then over on the far side is the public cloud, and putting your medical records on Amazon Web Services. I saw someone demo something last week that helped people do that by encrypting some of that before it gets put on the public cloud.

Fasano: It's moving in the right direction. I'd like to see it mature a bit more, and I'd love when the IT industry can come to me and give me the guarantees I'm looking for on protection and privacy and security. To the extent they're willing to do that, then that becomes an available option for us. We do use private clouds at Kaiser Permanente. They're broadly used across our institution. We love the technology, but we want to make sure that the security standard is to our expectations.

HealthLeaders: I do wonder, though, whether we're headed for some rough bumps in healthcare privacy and security, just because so many other industries—and you would know better than anybody coming from financial services—really thought that through very carefully before they deployed. In this rush to deploy with meaningful use, I'm not so sure that those steps are being taken in healthcare the way they were in financial services.

Fasano: You're probably not too far from the truth in some cases. Most organizations take very seriously the responsibility they have to protect people's privacy. That said, I can tell you that the steps necessary from the ground up to build secure data centers, to manage those centers in a particular way, so that they're always on in support of life-critical systems, and then to make sure they're truly secure, and that you're managing end-to-end the relationship between data at rest and data being used by anyone who has the right to use it, [are a] very complicated set of issues.

And they do require a high level of professionalism from an IT staff or a technology partner, that understands not only implications today, but can kind of forecast and is looking out into the future about the threats that we might experience, and is engineering their capabilities to really solve for those future threats.

Pages

Scott Mace is the former senior technology editor for HealthLeaders Media. He is now the senior editor, custom content at H3.Group.

Tagged Under:


Get the latest on healthcare leadership in your inbox.