Mary’s Warts

by drdaviss on 4.2.10

I often read about concerns regarding security and confidentiality of electronic health records, but not as much about paper records. The Happy Hospitalist wrote about how he often receives misdirected faxes about lab results on his home fax machine:

Have you ever asked yourself the question:  “Who has access to my medical records?”  It’s supposed to be secure.  Your medical records are supposed to be protected.  For many people, they don’t want anyone knowing they have genital warts or that they were treated for depression five years ago.

You see, my home fax number is very similar to a laboratory fax number in my city.  And because of that, ever week I’m getting faxes from hospitals and doctors’ office with lab results.  I used to call them back to let them know, but so often I’d get put on hold or have to  navigate through twenty phone options that I just said forget it.   Now when I get these faxes I chuck them.  If I feel like taking the time to shred them I may.  Otherwise they go straight into the garbage.

Except for the fax I got last week regarding Mary Smith and her condyloma results.  I figured the OB GYN doctor would want to know that I, a total stranger was calling him to tell him that the fax on his patient Mary, the one with the genital wart, never made it to the laboratory.  …

This doctor’s office should be feared into never making that mistake again.  … Thanks to this doctor’s office, I now have proof that Mary has warts and that total strangers like myself have access to your medical records.  The next time you call someone in anger and say  “I never got your fax”, it’s probably because I did.

Not only is this an unintended breach of HIPAA regulations by the faxer, it is certainly very underreported. And the patient whose data was breached will almost always never know about the breach.

One of the important characteristics that Speak Flower encourages in a Flower-enabled world is the notion that a patient will be able to see every time their data is accessed, who accessed it, and why.  This will go far in increasing trust of such a system.


SpeakFlower’s Mission and Vision

by drdaviss on 3.8.10

For the past two months, the Flower team has been stirring our idea pot, circling around to distill from your and our many thoughts the bare essence of what Flower is.  On waves and Skype calls, we’ve spend hours working on communicating our ideas clearly and succinctly.

Last week, five of us (Steve Daviss, Carlos Rizo, Dirk Stanley, Tim Sturgill, and Cindy Throop) finalized our Mission and Vision statements.  This has actually been a rather challenging process, but I think we’re there now.

Mission Statement

Flower advocates for a common “language” so you, your providers and the places where you receive care can talk and share your health data in real time, when needed and as authorized.

Vision Statement

Flower’s vision is that patients we should be able to access their our health data and have universal standards for sharing it with who they we want.

We welcome comments, criticisms, and kudos.  Even more importantly, we welcome further involvement from anyone interested in making this vision reality.  Roll up your sleeves and join a call, contribute to a wave, add a comment below, or email us.

[Edit 3/13: In Vision Statement, changed "patients" to "we", because we are all patients.]


Links to check out

by drdaviss on 2.26.10

Flower links (pic from GBMC)

Some links that seem to be worth checking out for fellow gardeners…

  • DYSmd: a PHR ($50/yr) with an interesting privacy feature; uses only a username and password, no name or other identifying info. I think you have enter your data. It does accept scanned PDFs.
  • Steve Holcombe’s 2008 post on Scoble & Data Ownership vs Control: Steve tweeted me today with this link in response to my comment on control vs ownership.
  • DataPortability Project: “Data portability is the ability for people to reuse their data across interoperable applications. The DataPortability Project works to advance this vision by identifying, contextualizing and promoting efforts in the space.”  They seem to be struggling with some of the same organizational issues as Flower is, though they are much further along than we are.
  • Privacy By Design: expanding on Ontario’s Ann Cavoukian’s ideas on building in privacy at all levels, “ensuring privacy and personal control over one’s information.”
  • UHR (Universal Health Record):  this speaks to something I’ve been thinking about lately, the UHR (rather than EHR or PHR).  We need to be thinking about UHRs, where one’s health data is aggregated from multiple sources, not siloed in an insurance company’s tethered PHR or in a hospital’s EHR or a doctor’s EMR.  Ideally, this would also be used by health care providers to maximize their ability to provide the sort of care that comes from a 360-view of a patient’s health data.
  • Personal Medicine International’s FAQ page:  I like their use of a combined EHR/PHR for patient and provider access.  Very forward-thinking.
  • Roadmaps:  the Flower team has been thinking about where we are now and where we want to be.  Specifying a roadmap makes sense.


Flower presentation on Prezi.comMy first Prezi presentation. Very creative tool to use.


via w/permission

Thinking About Flower

I work for a company that generates most of it’s income from health care and I’ve been hearing more and more about the Flower, the electronic soon-to-be lingua-franca of health care organizations. As I do more research and gather more information on what Flower is and isn’t, I’ll write a series of blog posts that summarize what I’ve learned.
1.  What is Flower?
Right now Flower is in flux, it’s early days and people are only beginning to outline the goals for Flower. What has been decided is that…
  • Flower will provide the mechanism that health care organizations use to transmit medical data between each other.
  • Flower will provide an interface that people will use to ensure that they have control over who has access (or has accessed) their medical data.
  • Flower will provide an easy-to-use and intuitive mechanism that will enable health care professionals to ask a patient for access to some or all of their data as well as a mechanism for people grant or deny that access.
  • Flower isn’t trying to provide a personal health or electronic medical record. What they are trying to do is sketch out how an emergency room physician at your hospital might reach out to your primary care physician to find out more about you, and how this can be done in such a way that you feel in control and your privacy is protected while at the same time ensuring that you get the best care possible. It is no small feat! If you look around for other products that are working to meet this need, you won’t find much. Flower looks to be the trailblazer, in fact, they may be the only people trying to address this very real need.
2.  What Problems Will Flower Solve?
Right now there isn’t a formal process for getting your medical records from one organization to another. More likely is that everytime to work with another health care professional, they open their own file about you. For instance, your primary care physician may refer you to a specialist. That specialist won’t have any information about you at all and will start collecting by asking you about your history. Anything new that the specialist learns may not make it back to your primary care physician. That information is effectively locked up, it’s only available if you instruct other health care professionals to contact that specialist and collect that information.

When you get into a situation where you are seeing more than one or two specialists, the situation quickly becomes difficult to manage. If you were to get into an accident and were receiving care from an emergency room, collecting all this information quickly becomes impossible. If you are incapacitated and can’t speak, there’s little that can be done; the emergency room physicians will simply do the best with what little information they have on hand.

The situation with prescriptions is not much better. Because communication between health care professionals is loose and ad-hoc, it’s very difficult for them to keep in touch with each other. Surprisingly, the Internet hasn’t helped this situation much at all. While it’s true that they could send e-mail back and forth, e-mail itself is not a very secure method of communication. Even if it were, it’s difficult to sort the important information from advertisements and junk-mail. Take a look at your own inbox and I’m sure you’ll get an idea of what I mean.

This is the problem that Flower will solve: communication between health care professionals. Even better, it will also help them communicate with you!

3.  Patient Control of Patient Data
One of the interesting things about Flower is the role of the patient. In Flower’s view, the owner of the data should be the person making the decisions about where that data goes and who has access to that data. In almost all cases, according to Flower that person is you, the patient.

The vision is that when you visit a health care organization, the professional you are dealing with, let’s say Dr. Stanley, will let you know what kind of information about you they need. If you are participating in Flower, they will send a request (via Flower) to the health care organization that has that information, in this case your primary care physician Dr. Morris. The system that Dr. Morris works with will receive the Flower request that Dr. Stanley sent and will check to see if you have granted Dr. Stanley access to this data. Dr. Morris’ system will see that you have not and will hold the request, it will not send any data.

You will then log into your health care portal, which is also participating in Flower. The new request from Dr. Stanley will be visible and you will have the opportunity to approve the request. Once you do, the information that Dr. Morris has will be provided to Dr. Stanley’s system.

The architects of the Flower system are discussing the nitty-gritty details of how this access will be managed right now. Perhaps you will grant Dr. Stanley access to the information he needs for a specific window of time. There’s also talk of a mechanism that lets you revoke access, for instance if you end your relationship with Dr. Stanley.

The key difference between Flower and the competition is the role of the patient: it’s your data and you decide who gets access to your data.

4.  Health Care Professionals Get Only the Data They Need
Another way Flower is challenging our notions of how data is shared is the idea that not all data needs to be shared all of the time. When a health care professional begins a relationship with a person, they don’t necessarily want access to the entirety of their medical data since that person’s birth. That’s a lot of information and they often know exactly what information they need.

Every time a health care organization collects data about you, they become responsible for insuring the validity, integrity, and security of that data. The less data they need to store, the less data they need to worry about. Flower takes a good amount of this concern about privacy and security out of the hands of health care professionals. For the most part, if they have access to some of your medical data it’s because you granted them access to that data.

When you decide that a health care professional or organization shouldn’t have access to your data anymore, Flower will ensure that they know it.

5.  What’s Next?
While all this sounds great, how does this Flower system work? Where is the data stored and how does it get from one organization to another? There was talk about people managing their own medical data, how does that work?

I will explore these topics in the coming blog posts as more information comes to light. Even though is early days for Flower, there are still exciting things happening. Putting together the nuts and bolts of a decentralized medical data storage system is an exciting task!

{ 1 comment }

Speak Flower

by symtym on 12.21.09

Originally publised at

Speak Flower

What is flower? At this time it’s an abstraction—a placeholder for several concepts centering on what would healthcare look like if…? And, more specifically what would personal health information (PHI) look like if…? A flower was chosen as the abstraction because it is easily and universally understood, regardless of language, anywhere in the world—a flower is a flower. Where a flower is flower carries the additional abstraction that there is a common ground—characterized by property and implementation.


Wonder if PHI were to be characterized as personal property? A property that is permissively shared with family, friends, and health enterprises. A property that was complete and whole, and personally accessible anywhere on any device capable of providing a browser window. A property that could be permissively and directly shared with a health enterprise, regardless of the origin of the information at the time it was created. This property would also be accessible by any health enterprise on any device capable of providing a browser window.

Such a property, with such a degree of permissive accessibility, widely implemented would have two striking effects. First, it would serve to standardized the act of accessing PHI to a set of software and hardware configurations that would guarantee a browser window offering this capability. Second, because of its wide implementation it would drive the unit cost of a single installation (device) significantly downward. We have seen and experienced this in the evolution of email from a computer and software application standpoint to a free web service accessible on a multitude of devices. What is needed is not a new technology, what is needed is the leveraging of user devices, user interfaces, and user expectations of ease–of–use with existing secure communication protocols.

If PHI is a personal property meant to be shared, than the constructs of accessibility must be readily and massively available now. If not, then we have negated the notion of personal property for the many, because only the few will have the means. We would also create (what we have now) a prohibitive cost of implementation and siloing of PHI. Where there is a tremendous cost to implement, there is a tremendous vesting of property interests (by enterprises) contrary to the notion of PHI as personal property. Where cost to implement is zero or very low the conflict between property interests may become zero to low.


Wonder if PHI were to be implemented in a simple, consistent, and easily accessible manner? Where the number of human health conditions, including the ailment subset, must be presented in a simple and consistent manner. For PHI to be permissively accessible anywhere and on any device capable of providing a browser window will require that those conditions have both a standardized content structure and standardized content meaning: syntax and semantics. Simple and consistent can only mean a single universal syntax and semantics.

Simple and consistent will need to force a common syntax and semantics. It must also force a common secure communication modality to assure an easy and permissive accessibilty anywhere and on any device capable of providing a browser window. Massive adoption depends not on elaborate means for exchanging and standardizing existing PHI, but rather upon common syntax, semantics, communication protocols, and a standard method of presentment—the browser window. It’s this common anatomy or form of PHI massively implemented that will drive down costs and potentially neutralize the enterprise versus personal property interests in PHI.

Speak Flower

Why speak flower? Because it conjures simplicity and consistency—which conjures universal availability and accessibility. A common vocabulary carried on a common band presented in a common manner. Regardless of our personal standing in society we all have a common relationship—that at some time, past, present, and future, we are patients. This commonality of this relationship begs that the information pertaining to that relationship be treated in a common fashion. We all benefit when we consider that we are all patients.


Hello world!

by symtym on 12.21.09

Welcome to Flower!

{ 1 comment }