At the end of September, 13-hospital North Shore-LIJ Health System announced it was subsidizing up to 85 percent of the cost of implementing Allscripts ambulatory EHR in the offices of its more than 7,000 affiliated physicians in New York City and Long Island, constituting a $400 million investment. Specifically, the plan calls for North Shore-LIJ to provide physicians with individual subsidies of up to $40,000 over five years. To learn more about the project, HCI Editor-in-Chief Anthony Guerra recently talked with CIO John Bosco about the strategy behind this massive tactical move. (Read a related interview with Allscripts CEO Glen Tullman)
GUERRA: Could you have a situation in which 90 percent of the practices keep their data with AllScripts, but a few large IPAs want to keep it in-house?
BOSCO: It’s possible. I’m not convinced that we will hit practices large enough that an ASP solution doesn’t work, but it’s possible. We know a lot about our physicians. It’s more challenging for us to understand how they’re grouped because we credential physicians at the physician level, not at the practice level, so we have really good data about every one of those 7,000 physicians in terms of where they live and work. Our data is less accurate around how many of them practice together, but we truly believe that there are very few, if any, large practices that won’t use the ASP solution.
Security came into play in our forum the other night. We did have some physicians who said they would feel more secure if the data was on their premises. They also, then, would not be subject to Internet outages (as they put it) and network outages and problems like that, but we try to explain to them that’s a dual-edged sword, that having it hosted in their office means they must have some onsite IT experience, because security is a huge issue. And if they’re going to have servers in their offices, they need to invest in some IT expertise, whether it’s consultant or a full time, who can make sure they have the right security products protecting their systems from intrusion.
They say, “Well, I just feel better if I have my data here,” and, “Well, maybe it’s cheaper because then I don’t have to rely on any vendors or anything for support.”
We try to present the other side of the picture and say, “Well, you’re going to need some IT expertise, and you’re going to have to count that into the cost of hosting it locally. You’re going to need vendor maintenance no matter what because you’re going to need updates to the system.”
So that is difficult. It’s not impossible to say, “I’m going to buy the system but I’m not going to buy any ongoing support.” So we try to help them through these decisions. I mean, part of this whole cultural change is that, except for the very large practices, it’s a challenge for physicians to feel comfortable about seeing demos from multiple products and going through the whole vendor selection process. It’s challenging for a small physician office to do that and feel comfortable they understand the difference between the vendors and products.
So that’s also a benefit, we believe, to the program. We explain to them why we selected Allscripts and we believe, as we get through the early kinks, that we will have proven and replicable processes which significantly increase our chances of this being completely successful. A lot of the EMR implementations fail, some say up to 40 percent. We believe part of the benefit of them doing this with us is they can feel more comfortable they have the backing of a major health system, and that we’re going to have a program with proven successes.
GUERRA: They’re also taking on major disaster recovery risks if they want to host it themselves.
BOSCO: Yes, and I mean these guys just don’t have this understanding and experience. I was saying to one of them last night that I spend millions of dollars a year on IT security, on buying new toys, new security toys every year to try to prevent people from breaking into our data center, and into our network and systems. We have firewalls, and we have intrusion detection and prevention systems, and we have a couple of dozen different security products that we used to try to make sure the data doesn’t get leaked, “And you’re not even aware of that, Mr. Physician.”
So you can have a server in your office, but if you’re going to do that, you really need to have an experienced IT consultant advising you about how to keep it safe and secure. That’s the problem. They don’t know what they don’t know. And the vendors convince them, “Now I just stick a server under your desk, somewhere, and it’s just like a PC and everything will work fine,” and then they don’t know anything about backup and restore and, as you said, recoverability and security and all of this IT stuff.
GUERRA: So they enter these meetings with a mindset you have to change.