It was just a few years back that open source software started sneaking into technology departments.
Not much was known about the software, and CIOs, long accustomed to buying established software packages written and supported by well known vendors, were leery of software produced by a nebulous affiliation of programmers scattered across the globe.
Talk about a reversal of fortune: These days, open source software is downright fashionable. CIOs know it, and public- and private-sector enterprises of all types gladly run open source applications in server rooms and on front-line staff workstations.
History seems to be repeating itself, except now the world of medicine is the stage.
Health-care costs put a heavy strain on federal, state and local government budgets. Medicare and Medicaid especially wolf down huge sums of money.
The federal government is the nation's largest purchaser of health care, according to the president's 2008 budget, accounting for approximately one-third of U.S. health-care spending.
States, too, spend considerably on health care. In Texas, for example, health and human services funding consumed 34 percent of the state's total budget for the 2004-2005 budget year, according to Texas Medicaid in Perspective, Sixth Edition, a report released in January 2007 by the Texas Health and Human Services Commission.
To help trim health-care costs, the Office of the National Coordinator for Health IT was created in 2004 to jump-start health IT activities in the federal government, and between the federal government and the private sector.
"Health IT" is a loose term for efforts to modernize the U.S. health-care system's methods for collecting, using and sharing patient information and other medical data. Federal officials and industry experts have long recognized that the medical sector has not fully experienced the technology revolution that's hit other sectors of the U.S. economy.
Observers cite the fragmented nature of medical information systems as the primary reason the medical sector runs at the rear of the technology-adoption pack. Physicians' information systems don't talk to hospitals' systems, which don't talk to clinics' systems, which don't talk to pharmacists' systems.
Each of these segments uses its own version of a patient's health record, and a significant goal of health IT is creating the technology infrastructure to support one electronic health record (EHR) per patient that any hospital, clinic, physician or pharmacist can access when providing health-care services to that patient.
Regional health information organizations (RHIOs) and health information exchanges (HIEs) sprouted to start the difficult work of creating information systems to link hospitals, clinics and physicians within clearly defined geographic regions.
The terms RHIO and HIE are often used interchangeably, and the two entities perform the same function, according to the Healthcare Information and Management Systems Society (HIMSS), a health-care industry membership organization focused on coordinating health IT use in the U.S.
There are less than 14 RHIOs currently funded and/or operational in the United States, according to the HIMSS HIT Dashboard, while there are approximately 137 HIEs, though the majority of these lack funding or are stuck at the conceptual stage.
Open Source Medicine
Other interested parties also launched their own projects to stimulate health IT, but these efforts seek to extend open source applications and technologies to the world of medicine.
The most recent such effort, the Open Health Information Project (OHIP), was announced by a coalition of six groups in March 2007. The public- and private-sector groups created the OHIP to deliver interoperable, open source applications to health-care providers.
Oregon State University's Open Source Lab (OSL) is taking on coordination responsibilities for the project.
It's a role the OSL is used to, said Deborah Bryant, OSL's public sector communities manager.
Bryant said the OSL already plays a key role in promoting open source worldwide by hosting some of the world's largest open source projects, including the Debian and Gentoo Linux operating systems, the Mozilla Web browser and the Apache Web server.
"The OHIP is all about interoperability and standards," Bryant said. "The project -- if successful -- will only be successful because the folks who are involved in it are working on creating, if not confirming, standards for health information exchange."
Early on, OHIP pilots will focus on aggregating major open source code sets, or software, related to health IT, said Bryant, who also serves as the OHIP project director.
Such code sets serve as health IT's "plumbing" she said, and the OSL's role will be as repository of the source code. In part, Bryant explained, the OSL was chosen because of its role with Mozilla, Apache and Debian as a neutral third party not at all interested in commercializing software.
"The folks who initiated this project are very interested in having a health information project that's truly open source," she said, "so other people can worry about things up the software stack more."
The Mayo Clinic's Division of Biomedical Informatics will be one of the first code contributors. The division's work is based on Lexical Grid technologies, which support a distributed network of lexical resources, such as terminologies and ontologies via standards-based tools, storage formats and access and update mechanisms.
The Mayo Clinic's participation will provide a "medical vocabulary search engine" for the OHIP.
The strategy is to have a virtual collaborative environment created by fall 2007 for participating members of the health IT development community, Bryant said. CollabNet, another member of the OHIP, will manage the development process over the entire code base life cycle, including contribution, access, revision control, bug management and release distribution.
The OHIP is part of a larger effort, the Eclipse Open Healthcare Framework (OHF), which was first announced in late 2005.
Originally a consortium that formed when IBM released the Eclipse Platform into open source, Eclipse grew into an independent body to drive the platform's evolution to benefit the providers of software development offerings and end-users.
The OHF's goal is to create an open source framework for building interoperable, extensible health-care systems by helping software providers and integrators cost-effectively create customized offerings for health-care delivery entities.
Finally the OHF hopes to spur development of infrastructure, tools, components and services that will support development of both client and server applications. Client-applications development will be based on Eclipse's rich client platform, while server applications will be based on J2EE.
Though the open source development model -- which permits a collaborative group of users to study, change and improve software code -- creates an environment in which things get done quickly, there is a potential downside.
Outside code is sometimes contributed to open source applications, and if that outside code isn't properly tracked, any organization that used the application might be held liable for violating intellectual property rights.
One OHIP member, Palamida, specializes in ensuring that contributed outside code adheres to internal compliance, risk and use polices. The company will compare code in the OHIP's repository against a comprehensive compliance library, which will give organizations the confidence to add their code to the OHIP's code base.
Because the OHIP intends to build software that will target health care and deal with patient records, OHIP members must understand the software's constituent parts and where those parts came from, said Mark Tolliver, CEO of Palamida.
In today's "mixed code" world, Tolliver said,
it's difficult to know exactly what's in a piece of software -- unlike the past, where a company knew precisely what was in the software it was running because the company wrote the software itself or bought it from a major vendor.
Now, an enterprise downloading a mixed-code application has to worry about what third-party intellectual property might be in that application. This could pose a serious problem to an enterprise, especially if some mission-critical application is discovered to contain a few lines of third-party code and the enterprise is forced to shut the application down until lawyers determine whether an intellectual property violation occurred.
"You've got to know, from a governance standpoint, a maintenance standpoint, even a vulnerability standpoint, 'What's in there? What am I using?'" he said. "There is a real notion that's growing that responsible software development today needs transparency and visibility of all the components that were chosen to use."
Open source software in the health-care world isn't exactly new, but doesn't seem anywhere close to hitting critical mass.
Perhaps the longest-running and most successful "open source" health-care program is VistA -- a fully integrated information system built around an EHR and developed by the Department of Veterans Affairs.
VistA supports hospitals and clinics serving veterans nationwide, and has been deployed in thousands of health-care facilities in the United States and abroad.
Because it was developed by a government agency, VistA is available in the public domain and no license fees are charged to use the software. It's not necessarily "open source" software, but it comes very close.
Joel West, associate professor of Innovation and Entrepreneurship at San Jose State University's College of Business, was a co-founder of the VistA Software Alliance, a nonprofit trade association formed to promote VistA.
West said it's not that the health-care world isn't ready for open source health IT programs or applications; it's a matter of the enterprise scale of health IT.
"A lot of successes in open source have not been in enterprise software," West said. "They've been in infrastructure, in plumbing, in tools and -- to a limited degree -- in user applications."
Much of open source software development comes from the need to scratch a particular itch, West explained, so a person sits down to write a piece of software targeted at a specific task, say compiling a binary, or a group of people fed up with existing Web server software decide to write their own.
"Health enterprise IT is a very different kettle of fish when it comes to an open source collaboration than, say, something like the Apache Web server," West said. "Health-care IT is not just a little package, 20,000 or 50,000 or 100,000 lines of code that takes inputs from one end and makes outputs on the other end.
"Health-care IT, like other enterprise software, has to be tailored to specific configurations," he explained. "Any time you talk about IT touching business processes, you've got an element of customization and configuration that goes beyond just downloading a program and running make.config and, all of a sudden, you've got a compiled binary on your hard disk."
Open source software can play a critical part in health IT, and West said he believes that will be a supporting part to proprietary software -- though many questions remain unanswered.
"Which parts are going to be shared because they're infrastructure, because they're commodity, because they're not really an opportunity for people to make money?" he said. "Which parts are going to be proprietary because they're too hard to collaborate on, because they require too much service around them or because nobody is going to get around to building a free one
anytime soon? We won't know until we see how it plays out."
It's at the commodity layer of technology, infrastructure or middleware, that open source can significantly contribute to health IT, he said, because the problems at that layer are relatively straightforward -- once a stable, solid solution is found, there's no real reason to invent another solution.
The higher layers of technology will draw the focus of proprietary software vendors, he said, because that's where problems don't lend themselves to straightforward solutions.
Some of health IT's challenges could simply be too complex to be solved by the collaborative efforts of far-flung people, he explained, and some parts of health IT will require too many supporting services that can't be provided by a group of volunteers.
Others believe open source software can take a starring role in any medical office.
In early 2006, the American Medical Informatics Association's (AMIA) Open Source Working Group put together the AMIA Open Source EHR Review project to evaluate three open source EHR applications -- FreeMED, OpenEMR and ClearHealth.
One of the reviewers was Dr. Ignacio Valdes, an adjunct faculty member at the University of Texas Health Science Center Houston's School of Health Information Sciences.
Valdes is also chief technology officer of Your Doctor Program, which offers primary-care services for companies, quality-management programs for networks of physicians and hospitals, and consulting services in interoperable health-care communications technologies.
Valdes, who's the vice chairman of the AMIA's Open Source Working Group, also runs LinuxMedNews, a Slashdot-esque Web site that tracks open source news and happenings in the world of medicine.
Much has happened in the open source EHR arena since 2006's review project, Valdes said, noting that every major health information technology society, including HIMSS, has created a free and open source working group.
"McKesson and Red Hat have announced platforms specifically for health care," he said. "ClearHealth's latest beta is looking as good as or better than many, if not most, proprietary EHRs. The WorldVistA organization is making major strides with VistA Office EHR. BlueCliff has integrated private-sector lab and e-prescribing with VistA Office EHR."
VistA Office EHR (VOE) is at the cusp of achieving a significant milestone in the health IT world, said Fred Trotter, who oversaw AMIA's Open Source EHR Review project.
VOE arose from a collaborative software development effort funded by the Centers for Medicare and Medicaid Services, a federal agency, that involved four other federal agencies, the Iowa Foundation for Medical Care and WorldVistA.
Trotter wrote FreeB, an open source medical billing engine, and now works as an open source health IT consultant and helps physicians use open source programs in their medical offices.
The VOE software is being put through a stringent certification process that's run by the Certification Commission for Healthcare Information Technology (CCHIT), a recognized certification body that specializes in EHRs and their networks. Vendors voluntarily submit their EHR software to the CCHIT for certification.
"It costs an enormous amount of money for vendors to get certified, and what's coming ultimately is that -- and it's already happening now -- this CCHIT certification is going to be mandatory," Trotter said. "Probably the top 40 or 50 proprietary vendors have already gone through the process, and are certified. VOE is standing to be the first [general public license] GPL-available project to go through that. Now that is a huge thing."
Start Making Sense
The world of medicine is much more open to open source software, and Valdes attributed the rise in open source health IT adoption to a change in attitude.
"Doctors are fed up with the we-own-you, vendor lock-in,
phone-home-to-the-mother-ship-to-do-anything status quo," he said.
In addition, open source health IT applications are hitting their late teens, with more growth coming. What will be available in the next year, he said, will likely challenge anything in the proprietary world.
A physician now has many options with respect to picking and choosing among open source health IT software packages, though the choices have narrowed. Valdes said when he started watching the open source health IT market seven years ago, dozens of projects were active, though many have fallen by the wayside.
This can cause confusion, but some front-runners in the open source health IT market have emerged in the last few years, he said, though the confusion level is nothing compared to the proprietary software world.
"In the proprietary world, whole companies and software suites disappear forever in business failures, buyouts, forced 'upgrades' and changes in corporate agendas," he said. "Somehow, this is considered normal."Free and open source software EMR/EHRs are relatively immortal and are much more resistant to service decline, price increases, buyouts and corporate failure than the proprietary world. It's odd that many people in medicine see proprietary software as 'normal' and free and open source software as abnormal -- when myself and a fair number of people see the opposite, especially in medicine."