Navigating Healthcare Innovation: Linda Van Horn on Transforming Medical Data Exchange with iShare Medical

Show Notes

Unlock the future of healthcare innovation as we sit down with Linda Van Horn, CEO of iShare Medical, and journey through her remarkable transition from IT consulting to revolutionizing medical data exchange. Get ready to be enlightened on how Linda's platform is reshaping care coordination through the power of secure digital identities and cryptographic keys, ensuring HIPAA compliance and fostering trust within the healthcare industry. Her candid insights into the complexities of developing a robust healthcare data model and the significance of Federated Identity illuminate the path to a more interconnected and efficient healthcare system.

Experience a deep dive into the transformative role of artificial intelligence in healthcare with Linda's expertise guiding the way. Discover how iShare Medical is leveraging AI to enhance clinical decision-making, automate workflows, and pioneer strategic growth. Linda's dedication to agile development and her pursuit of meaningful collaborations reveal how iShare Medical is not only targeting data integrity and privacy concerns but also setting a new standard for security measures in the healthcare sector. Tune in for an exploration that promises to leave you inspired and informed about the advances propelling healthcare into a new era of digital excellence.

Have an app idea and dont know where to start? Book a Free Discovery Call Here
Learn more about our award winning app development firm Lean Discovery Group
Connect with me on linkedin

Chapters

• 0:03: iShare Medical
• 12:19: Data Model and Federated Identity in Healthcare
• 16:47: Leveraging AI and Data in Healthcare

Transcript

Speaker 1: 0:03

Hey everyone, welcome back to the growing Lean podcast sponsored by Lean Discovery Group, an award-winning software and app development firm based out of Virginia. This is your host, dylan Burke, also known as Teage, and I'm very happy to be here today with Linda Van Horn, ceo at iShare Medical. Welcome, linda.

Speaker 2: 0:22

Thank you, dylan, it's great to be here.

Speaker 1: 0:25

Yeah, I appreciate you joining us today. To get us started, could you give us a little bit about your history and background and what led you to iShare Medical?

Speaker 2: 0:37

Sure, it'd be great. My background I have a BS in computer science and an MBA from Rockhurst University in Kansas City, missouri, when I first got out of school and I always tell this part of the story because I think it goes to what brought me to be here. But I started out in nuclear and structural engineering applications. The company that I worked for did things like nuclear power plants and nuclear weapons. I learned how to secure a data center. I think that's really an important we're kind of the sum of our past. I learned how do we get really tight security. We're in the iShare Medical as a medical communications platform and it's very important to be secure. That's kind of first piece.

Speaker 2: 1:19

After I left that company, I was a senior manager in IT consulting at Deloitte. While I was there I had the opportunity to work on a number of different projects, but one of them was writing a claims identification system for insurance companies. I learned all about pricing premium and adjudicating claims. I left Deloitte to go on and found co-found the Payne Institute. We were anesthesia-based interventional pain practice, so we're basically a doctor's office. We opened 22 locations in two states in five years, including an ambulatory surgery center and the rehab institute, which is physical therapy. So here in my background I've secured a data center. I know how to do a big software development project. Now I'm running a doctor's office, but I was frustrated by the fact that we don't have really great medical records in healthcare. They weren't really helping providers to become more efficient. I sold my interest in the Payne Institute and started 21st Century Edge because I really wanted to help get the right information on the right patient to the right provider so that they could be more efficient in performing medical care.

Speaker 1: 2:28

Okay, that's awesome. That's amazing and, yeah, I'm impressed with your resume, if we could call it that. So what does I-Share Medical do exactly and what is your overall business strategy?

Speaker 2: 2:44

Sure, so I-Share Medical is the trusted online platform for communicating between patients, providers and payers and devices, so we're an interoperability, integration and automation platform nationwide. We're also a direct trust, accredited trust anchor there's only a handful of those and we provide the bi-directional sharing of information to improve care coordination and a reduced cost.

Speaker 1: 3:12

Okay, awesome, and tell me about your scaling journey, or your journey of growth. I see you started around 12 years ago. Is that correct?

Speaker 2: 3:24

Yes, we started the company in the fall of 2011, but our first commercial product was launched in 2015. So we've been accredited trust anchors since the inception of the accredited trust anchor bundle and we're really focusing on three health IT pillars. The first pillar is digital identity. So it's very important to understand who you're communicating with to establish trust. So if I know that this person has been ID proofed, that they really are a patient or they really are a provider or they're a payer, that gives them certain rights under HIPAA for what that person can and cannot do. So we ID proof patients, providers, payers and devices and assign two pairs of cryptographic keys. One key pair is used for digital signature of the transaction. The other one's used for encryption and decryption and that way we know who we're talking to. That's the trust in direct trust really is knowing known digital identity, the security, privacy and things like that. We are E-NAC accredited for HIPAA, privacy and security. So when we do our interoperability, we take the senders cryptographic keys, the receiver's cryptographic keys, we bind the transaction such that only the sender and receiver can decrypt them and read them. And I know that maybe sounds like a lot of jargon. I know this is also the IT platform, but it's basically secured. For those that may not be familiar with this, it's X509 certificates. When you go to any website you see that HTTPS but it's assigned to the digital identity assigned to the patient. We can interrogate that digital identity and know how they were ID proofed. So there's a bunch of standards from NIST, the National Institute of Standards and Technology, that tell us about identity proofing and encryption and all that stuff. So we're a very heavily standards based. So those three health IT pillars are digital identity, interoperability and then the third one is a learning health system which is automating workflow so that using those tools of secure communication but then using them for real world use cases.

Speaker 2: 5:31

I'll use an example of event notifications. So CMS, which is the Center for Medicare and Medicaid Services, one of the largest payers in the United States or for a government payer in the United States, they passed a law that said you had to send the hospitals had to send an event notification whenever a patient was admitted, discharged or transferred from the hospital. So when the hospital sends, first of all we can take that event notification, which is very cryptic, in a format known as HL7251. We decode it and make it human readable. We can also route that message directly to the patient's chart, to the provider inside their EHR, regardless of the EHR system, because we work with every certified EHR. So it's a wonderful way to get the information to them.

Speaker 2: 6:25

But it also triggers activity on the end of the provider. So, for example, if a patient goes to the emergency department, it's three o'clock in the morning, the doctor's office is closed. The hospital sends an event notification. We can trigger the electronic health record system to respond with the patient's medical records. So now the provider and the doctor or caregiver in the emergency department can see that patient's medical records in real time within seconds of their admission. Even if it's three o'clock in the morning, it's 247365. So that provides a really helpful way to do care coordination, because a physician might make a different decision. Knowing the patient's medical history, maybe their allergies, you know. To prevent, you know preventable medical errors. If we know they're allergic to penicillin, for example, we're not going to give them penicillin. So if we have the medical record, we know that. And that's really what sharing medical records are about getting that right information on the right provider, on the right patient to the right provider.

Speaker 1: 7:34

Okay, amazing, amazing. So, to summarize, it's Basically an encrypted communications channel between caregiver and care receiver, as well as an encrypted method of sharing their personal data.

Speaker 2: 7:49

Right and routing it right. So routing it you know, in the United States we have 333 million People. In the United States we have About six million Providers, about 1 million of them are doctors, about 6500 our hospitals, and then we have about 7,000 insurance companies. So we're trying to create a communications Among the people that get the care of the patients, the people that provide the care, the providers, like the doctor, harm, pharmacy, lab, hospital and the people that pay for the care, the payers, which are Called payers because they're both insurance companies like at none you know I did health care and things like that but also government payers like Medicare and Medicaid, the Indian Health Services and the Veterans Health Administration. So those are examples of we're trying to facilitate the communication but routing it.

Speaker 2: 8:44

So what happens sometimes today is it doesn't get routed to the patient's chart. It gets like faxed to the provider. Then they have to scan it or, if it's electronic fax, they have to read it and attach it to the chart. We want to go directly to, and do go directly to the patient, and so in order to do that, we have a mechanism for routing the Messages into the provider. So it doesn't matter what the HR system is, we can route it right directly to the patient's chart and that's phenomenal because it saves a tremendous amount of time. I'll give an example one of our recent products which we just launched, and it's a way to Automate the intake process.

Speaker 2: 9:25

So patients oftentimes when they go to the doctor they have to ask, answer, a bunch of questions. This particular client of ours ask their patients 248 questions they want answered. So we send those questions to the patient in a form that's you know web form that they can fill out everything. They can type it in. They're going to use patient language in that. So they're going to say I'm allergic to penicillin, I have hives. We see that and say hives is not a medical term, the term for hives is eutica area and there's an rx norm code that has to be coded in so the HR interprets it. So we translate that into the right coding system and Deliver it to the patient's chart inside the EHR so that the staff no longer has to type it. So in their case we're saving the staff, you know, 40 minutes of typing time of putting that intake form in because there's so many fields on it.

Speaker 2: 10:20

The data is more accurate because it's completed by the patient and and the provider can review it, reconcile the medications in their chart. So it's just really streamlining that workflow and providers aren't waiting for the patient to fill something out in the waiting room, so it's speeding up the time that the providers have in workflow so they can see more patients in a day. So there's a tremendous amount of benefit of just automating this workflow and that's kind of the thing we focus on. We look at workflow and say you know what, how can we streamline that? And so, being in that unique Precision that I've been in about securing a data center, you know doing large software development projects, one for an insurance company Running a doctor's office I understand the workflow of the insurance company, of the providers. It's really a unique position to be in just be able to look at that whole picture and how it all interact, interact and then build software around, how the world really works.

Speaker 1: 11:26

That's. That's crazy. That's awesome. I can definitely speak to the benefits of workflow automation because that's what we do for small businesses, so I can imagine the benefits in the healthcare space having everything flow seamlessly. But that's really awesome. And Tell me, over your 12-year journey, what have been the notable accomplishments, if we were to go on a timeline basis.

Speaker 2: 11:54

Sure, I'd have to start with the creditations, because those are hard to get. There's a whole lot of technology and I jokingly say our rules have rules. We have so many rules because it's highly regulated If you see healthcare on the surface. The reason why it's so complex is there's so many data elements being able to. The first thing we did was create a data model in third normal form. It took us a year to identify every piece of data that was used in the healthcare system and then structure it in third normal form, which is organizing the data so that we recognize the relationships or cardinality. If you're a technical person, I can use an example of that, but I'll just take a simple example of phone number. In the old days we would put a field in their phone number, but patients can have zero to many or providers can have zero to many phone numbers. You might have a home, work, school, whatever phone number. Being able to look at that data model and say, okay, there's a one to many relationship or zero to many relationship between the person and their phone number. That's normalization Organize the data so it's not redundant, the data exists in one and only one place and it's easily accessible. That's a big accomplishment of becoming a direct trust accredited trust anchor and E-NAC accredited for HIPAA, privacy and security. That allows us to communicate across our nationwide network of 2.8 million healthcare providers. To put that in perspective, there's only 6 million MPIs or national provider identifiers in the United States. We've got a very wide and we have a directory of those direct addresses so that you can discover that electronic endpoint. If I am in a doctor's office and I know there's a famous nephrologist which is a kidney doctor at the Mayo Clinic and I want to refer a patient to them because I don't know anything about this rare kidney disease, I can go into Isher Medical Directory, look that up and then send off a message to that doctor.

Speaker 2: 14:03

Being a part of Federated Identity Trust Network, that is huge because and I'll talk a little bit about Federated Identity and I'll use the example in the United States of Driver's License A driver's license issued by any state in the United States is trusted by all states. If I live in Kansas City Missouri, if I am flying out of Los Angeles, california, I present my Kansas City Missouri or my Missouri driver's license and TSA is going to look at that, of course. Make sure it's valid, make sure I'm me, I'm not on any kind of no-fly list and then they're going to let me through security. That's a Federated Identity. We have a Federated Identity that's trusted throughout the healthcare system and a Identity issued by any trust anchor is trusted by all trust anchors. Trust anchors include the Veterans Health Administration, the Indian Health Services, so those are two federal agencies that are trust anchors. They include big EHRs like CERNR, athena Health, e-clinical and NextGen. Those are trust anchors. Then there's also organizations that become a trust anchor as well, but mostly it's about people that have really large volume become a trust anchor.

Speaker 2: 15:16

Our customers are the EHRs and HIEs and individual practice doctors, practices and patients and payers that need to communicate that through the healthcare system. But having the Federated Identity means that we can share that information and we trust the identity of each person in the network. I think that's a really huge component of what we do. I think those things are making you proud of what we're done. We also have had some wins in the investment space, where we won LaunchKC, which several years ago, which was a recognition and a grant that we got. We also got investment from Missouri Technology Corporation, which is a public-private partnership. We've got a number of angel investors, but we've mostly been self-funded and just really bootstrapping it together for what we're doing and just trying to do the right thing all the time.

Speaker 1: 16:22

That's awesome and definitely sounds like you're on the right track. Where are you Let me think how to phrase this. Where are you on the journey of where you want to be, like from when you started to where you want to be? Where about are you now?

Speaker 2: 16:41

What's taken far longer than we ever expected. It's been far more complex for that. You know. We have just you know hundreds, thousands of data elements in healthcare. So if I use the analogy of a bank and I apologize for anybody who knows banking because I'm not a banking expert but if I want to send a transaction in banking, I need to have a routing number, an account number, maybe a person's name, I need to know whether this is a debit or credit, I need to know the dollar amount. There's just a handful of data elements. When I am talking in healthcare, I've got past family, social history, medications, allergies, surgeries, encounters where I've had doctor offices or procedures, and it goes on and on and on all these data elements. So that's where it becomes more and more complex. And Because our legacy systems weren't built on that structured data, every EHR created their own data.

Speaker 2: 17:37

So one person called a blood pressure, or somebody called it systolic and diastolic, because that's what blood pressure is about. There's actually eight different ways to measure blood pressure. So, figuring out all of these systems, the healthcare system has been going through a process of codifying what we do. But it's super complex to do that stuff. So we are, you know we are Scaling. We have more things that we want to do. We have our ice-share medical directory, our ice-share medical messaging. We integrate with the EHR's, we do that bidirectional exchange. We have that federated identity.

Speaker 2: 18:17

But there's more that we have on our roadmap of how we want to automate more of the processes, bring in more uses of I Machine learning and train neural networks. So we're really beginning to leverage some of the AI capabilities for probabilistic decision-making and Clinical decision support. But we have we're just on a path, right you know, to get there and it just we just come in every day and take one day at a time and keep our eye on where we're headed out there and and Keep charting a course. I jokingly say you know there's it's very easy to see something, the new shiny thing. You know. I'll use the example of a dog with a squirrel. You know it's like you. The dog comes out, there's a squirrel and it's like they're gone.

Speaker 2: 19:07

They're absolutely gone to that squirrel and that that's chasing something that is not on the path right. So, you know, I always say and I think of the Star Wars stay on target, stay on. So we, we consciously think every day. So we do. You know, lean, agile development. We have Chrome meetings every day. Sometimes they're five minutes, sometimes they're 30 minutes, but we, we get together every day as a team to talk about where we are, the status of what we're working on, where somebody needs help, and staying on that path to get to where we want to go.

Speaker 1: 19:43

Okay, awesome, I love it. I love it. And what have been, if any, what have been the biggest collaborations or partnerships that have helped you get to where you are?

Speaker 2: 19:55

Yeah. So we've had the opportunity to participate in some interesting and fun things. Some of them I can't disclose because of, you know, non-disclosure agreements. But you know, I think the you know the automation of workflow to get the data into the HR. I think that's really kind of a huge thing. We're working with a big company. We're working with one practice within a company that has a bunch of practices, without naming, being very specific on that. So we're looking to help hopefully roll that out to the rest of their practices and, I think, becoming the trust anchor you know that, connecting with 2.8 million healthcare providers I mean that's a huge, you know accomplishment to have become a credit trust anchor and that's something we go through reaccreditation, which is a very tedious tedious is the wrong word it's a very thorough process. We have to prove how we do everything and we have to prove it.

Speaker 2: 20:59

We also became a part of the Department of Homeland Security Critical Access Infrastructure. So we have 2 data centers, cisa, which is that cyber security from Homeland Security. They do our vulnerability assessments. They determine how frequently they run those. So they could be running them many times a day or they could run them every couple weeks. Two weeks is the longest period that they run on the vulnerability scans but be going through that process to get on the Homeland Security. Our data center is a tier three data center, which means that for every piece of equipment we have on the floor we've got one, at least one more piece of equipment that's idled, that is ready to be deployed. We have like seven internet companies coming through that. We have two power stations coming into our data center, one from Kansas City, one from St Joe, so that if Kansas City, which is a big city, if they lost power, we could flip over to St Joe. We have a second data center in Des Moines that is married in real time with our data center in Kansas City. So there's a lot of redundancy and infrastructure that had to be built. That is expensive and time consuming.

Speaker 2: 22:13

We store the private keys on hardware security modules. We have them married between Kansas City and Des Moines. Hardware security modules are very interesting in that if they detect a hardware or software attack they erase everything on the machine. They destroy themselves. So you have to be careful really working with them, because they can destroy themselves and they're very expensive and also the private keys are the only way to encrypt the information so if they become corrupted or somehow damaged you can't get that back.

Speaker 2: 22:47

I mean, that's the same infrastructure that's behind blockchain of having PKI the public key infrastructure. So we mirror that. Unlike blockchain, we keep an audit trail of everything. We know everything that's happening, but the private keys are kept private and so in securing those. So that's a part of that background of having that nuclear data center kind of background of locking down the data center, protecting people's privacy and security of the people and the providers that have the data, the insurance companies that have the data. It's a very important part of what we do and something we take really seriously is protecting that data and having the infrastructure in place to do that. So I think those kinds of things you just kind of do them and you kind of move through, but they are major accomplishments when you look back and say, wow, we did that, we were part of that. I participate in four ANSI standards development organizations, so it's really fun and interesting to be a part of developing the standards that we use in health care.

Speaker 1: 23:59

Yeah, 100%. I couldn't imagine what would happen if you had to lose your your data and start over would be disastrous.

Speaker 2: 24:09

So we're not going to do that. We back them up and we have redundancy and yeah, that's why you have we Kansas City to Des Moines about three and a half hour drive down the highway. So we used to have Kansas City in Dallas. We decided to move the second data center to Des Moines On the thought process, if we ever needed to go there when we deployed the HSM's, we thought, well, it'll be right there. We've merely never needed to, you know, go there to in person to do stuff we're. You know, it's pretty, pretty awesome.

Speaker 1: 24:40

Yeah, so all sounds amazing and Unfortunately we have come to the end of our time. But what? What advice would you like to give to other business owners who may be listening, that are looking to succeed in this crazy world?

Speaker 2: 24:58

Sure, I actually have several little nuggets, but one of them would be Figure out what you want to do, not what somebody else wants you to do. You know it's your passion, it's your vision. If you are, you know, passionate about what you do and you love what you're doing, you'll never work a day in your life. That's. That's a quote from somebody else, but it's really true and I think in the beginning I made mistakes, listening to other people what they thought I should be doing and I didn't agree with them, but I thought, well, they, they know more than me or whatever. You know more about your business than anybody else and you know, not that, you know, I know everything.

Speaker 2: 25:37

But stay true to your heart and and your, your culture, your ballet values to do good things to help people. In our case, that's what we want to do. We do this to help providers and patients and payers get the data they need and To use that data to improve care and outcomes and to reduce costs, and that's really our passion and we look at everything through that lens. So if I was advising anybody, I would say Follow your heart and never give up if you, if you are on your path, you're gonna have. You know it's a roller coaster. You're gonna have high moments and low moments and sometimes really low.

Speaker 2: 26:19

To be true. If you want to know that the entrepreneurs journey it. There can be some really hard times where you think, how am I gonna make payroll, or how am I gonna do Whatever, or how am I gonna, how am I gonna create that federated identity, how am I going to design the software to achieve what I wanted to do? But if you, if you are Committed to it and you just never give up, just keep going. Too many people I think they throw in the towel, they give up. You know we're never giving up. I tell that to my team all the time. We're never gonna give up, we're gonna. We will figure this out, no matter how hard it is, we will figure this out and we will get through it and and you know you just then then you look back and say, wow, you know, we did that, you know yeah, and that's, that's the reward right and helping people hearing the stories of people were getting their medical records were made of change In their health and their health care In their lives.

Speaker 1: 27:20

Amazing. Thank you so much for that and yeah, I really love your passion and energy in the business and I'm excited to see what the future holds for you. What is the best way for people to get in touch with Linda Van Horn if You've got any offers for them or if they're looking to follow your entrepreneurial journey?

Speaker 2: 27:41

Absolutely Well. One of the things that we do and you can go to our website, which is I share medical calm we do monthly webinars and we we cord them and we put them up on our website. So if people are interested in learning more About what we do and in interoperability, that's a good place to go. Also, obviously, give us a call. We're available at 816-249-2555. My extension is 101 and so I think the website and that and and that, and then you know also you can reach out to us at info at I share medical calm, through email. Amazing Well, thank you so much again, linda. I've really enjoyed this time We've had together.

Speaker 1: 28:24

Well, thank you, dylan, it was really good. I appreciate your effort. Thank you so much for that.

Speaker 2: 28:29

Thank you, dylan, it was really good. I appreciate your interview very much.