Tuesday, May 10, 2011

The Need of the Few to Annoy the Many

My last post was controversial and even provocative, and maybe I made it so deliberately. Obviously, there is a huge gap in attitude between my outlook and that of some in the IT world. I would like to thank the gentleman (or lady?) from Vital Images (read my Privacy Policy...I DO track visitor's IP's) , who added the following comment to the preceding post, quite nicely clarifying the divide:
"You are assuming that EVERY disk has a virus on it that will bring down your precious system, and I'm assuming that every disk has life-saving information on it. I win. Period."

I am assuming no such thing. You are simply too narrow-minded to understand that there is a middle ground. It's not black and white. There are solutions that best serve the patient first and foremost, the radiologist second, and IT third without creating undue risk.

You're arrogant like most doctors. You can't see that there are options out there that accomplish your goals through a different method. If you want to be head of IT, do it. But being an arrogant armchair quarterback who thinks he knows better like a teenager doesn't serve to better patient care, it just serves to inflate your already large ego.
My dealings with Vital Images have not been stellar over the years, as mentioned in this old entry, but I'm still a bit surprised that this shot across the bow comes from their Minneapolis HQ. Perhaps my favoring of TeraRecon over Vital has earned me a little animosity, but I think VitalMan has a bit more deep-seated resentment. I wonder if Toshiba will embrace and encourage this attitude in their new employees.

Read the post and my comments. I am in favor of safe-PACSing. I want to use those "solutions that best serve the patient first and foremost, the radiologist second, and IT third without creating undue risk." But where are they? VitalMan, as well as Comrade Stonn, offer only the vaguest suggestion of a fix for this, but they have no shortage of indignation over a the thought of interference with their domain.

"You're arrogant like most doctors." Here it is in all its glory. THIS is the core of the problem. When some folks don't like what is being said about our current President's policies, they bellow "RACIST"! I suppose the next best epithet would be "ARROGANT". Sadly, VitalMan probably does hold us docs in such low regard. Which is really funny, as those who know me will tell you that I am about the least arrogant doc they've ever met. But I am a fierce advocate for my patients, and a bit of an S.O.B. when it comes to false bravado and empty rhetoric.

We "arrogant doctors" with "large egos" are responsible for patients' lives. I hate to remind everyone of this, but it is so. The information coming in on foreign CD-ROM's is critical to the health of the patient involved. It MUST be made viewable. Quit carping about how there might possibly be viruses on the disk and therefore we shouldn't load them. And don't demonize me for pointing out the obvious. Rather, acknowledge the necessity of acquiring this data, and work together with us to find a safe way to do so. But as Dr. Sardonicus commented on the last post, many would rather just say, "We don't do that," and go out for coffee.

The real answer to this particular problem is direct connections between hospitals, and a safe way to import data from foreign PACS, limiting the need to fool with CD's. As an aside, I think LifeImage has a good beginning on the solution. But the problem of IT's resentment of physicians is going to take some stronger medicine to solve.

Friday, May 06, 2011

The Needs Of The Many Outweigh The Needs Of The Few...

[On whether Kirk should assume command from Spock]
Spock: If I may be so bold, it was a mistake for you to accept promotion. Commanding a starship is your first, best destiny; anything else is a waste of material.
Kirk: I would not presume to debate you.
Spock: That is wise. Were I to invoke logic, however, logic clearly dictates that the needs of the many outweigh the needs of the few.
Kirk: Or the one.
Spock: You are my superior officer. You are also my friend. I have been and always shall be yours.

from: www.imdb.com

I peek in at a number of websites and groups on Google and Yahoo to glean PACS material for this blog as well as my own edification. Recently, I stumbled upon a conversation that really got me going, as it illustrates the audacity of dopes, in this case some IT arrogance and paranoia that certainly goes above and beyond. I'm not going to link to it, so just read the following and laugh, or weep, as the mood strikes you.

We open with a simple question:
Up to recently most users were able to autoplay an outside CD in order to view the PACS images. Something changed (could be IT-Dept’s group policy) and now nobody’s CD drive auto-plays. Does anyone know the steps on a PC to enable the Autoplay feature in the Windows permissions/policy? Would Corporate Group Policy over-ride the local PC policy once the PC re-booted or logged off?
Many posters tried to answer the question objectively, as we see here:
Re: CD's do not autoplay
Most cases, the auto-play has been disabled.

But then, Mr. Stonn, with a significant dose of paranoia (or maybe a bit of Socialism?) intrudes on the discussion:
Assuming you have desktop administrative privileges, hiding a workstation in another OU and adjust the GPedit to make it automatically run outside CD's (even USB drives) is still endangering your corporate network as it could easily be bringing in a Trojan or other mal-ware on it. You may think there is nothing on it but I know for sure that there can and will be. The infection is silent to those inserting the CD but it lights up the control panels in the back end and infects other workstations everywhere in a very short time requiring scores of hours eradicating it from where it spread. It can also disable many workstations it hits and the lost productivity time for your other care providing colleagues is incalculable.

If it were to infect an unprotected computer in a nuclear medicine camera gantry, it could lead to crushing and killing a patient, so you should think long and hard before you boldly insert any outside data into your workstation. Hope is not a security strategy and trust is not a control. Everyone is responsible for protecting your own network. As Spock would have told you himself: "The Needs of the many outweigh the needs (desires really) of the comparison images of the single patient. Work closely with your IT department, there are solutions that bring a balance between flexibility and security. Don't substitute deliberate ignorance for thoughtful planning.

We specifically push a GP disabling the auto-run feature as most CDs that come in are unknown and recently one had a Trojan virus on it. We have recently upgraded the enterprise to the new Symantec Endpoint protection software that when the local auto-run policy is re-enabled - will scan the CD first before running it which is much more secure and yet flexible model. Works for film rooms and OR's but does require some custom tailoring with the administrator running the Symantec systems. That would be the thoughtful planning phase.
Wow. This IT giant does actually make sense with the last paragraph, and actually shows some vague realization of the scope of the situation. Unfortunately, the preceding prose makes it clear that his priorities are completely those of the network and the IT department, with zero regard to the needs of the individual patient. I guess they should all be assimilated into the collective, eh?

Fortunately, someone with a good dose of common sense (who happens to be a friend of mine, too!) stepped in:
While I sympathize with the need to protect the network, (and yes other patient's records which are backed up somewhere as well)...I have never bought into Spock's (Dr. or Mr.) socialist musings that sanctions mob rule to override the needs of individuals. Ah, nothing like some more sci-fi metaphors to address an issue. Why should some ficitional character's philosophy be brought to bear on this issue as though there was no question that they would be correct? Why should anyone give a damn what Spock would think?
Perhaps if that "single patient" were the writer himself, or a member of their family, and the comparison images were of utmost importance in the diagnosis, they might think a bit differently. Never dismiss the needs of a single patient! Perhaps stepping out of the sci-fi world and into the real, medical one for a period of time, would be helpful for some.
Thoughtful planning and communication does indeed negate the need to endanger any lives. It is a shame that in order to save the life of one patient, a physician or resourceful pacs admin might have to thwart and possibly endanger a network. Gasp!
Well said.

Now, Mr. Stonn had this to say in response:
Lighten up and get a grip. We are all entitled to our opinions. I respect yours also. Clearly you don't know your Star Trek and don't know what viruses and malware can do to a network. I would also pose that you probably don't know how the modalities physically and electrically work and what safeties are in play to prohibit them from over radiating or killing the patient. As an example, have you ever seen where a Nuc Med gantry crushed and killed a patient? I have. Was it due to a network virus or technologist neglect?, that is unknown. Hmmm, how do you call that really? Destroy a person's career or blame it on a virus. If it was caused by the gantry computer losing software control due to a virus that some patent care flag-waving rationalizer failed to engage proper outside image ingest protection procedures, then how do you feel when this give a damn about the network attitude wins over and you bypass the needs of other patients safety for that one single patient? Put you own family member under the gantry as you load an un-scanned outside CD. Again, just because you can't see it infect doesn't mean it is not happening, you will never know. It like shooting bullet straight up into the air while in a crowd, maybe it will come down without hitting someone and killing them, maybe it won't. That's hope. Not a good plan.

Sci fi references make us all take a step back and try to look at things from another and different even perhaps comical perspective. References to Spock were taken from one of the full length Star Trek Movies where Mr. Spock (not Dr. Spock) sacrificed his life in order to save the entire crew of the ship. I will omit the details but summarize this by saying that the philosophy in play was "The needs of the one outweigh the needs of the many." Based on what you have said, in reality, you are actually sanctioning using this philosophy you recently professed against by allowing viruses (always potentially) brought in by a CD, into a network. You seem to say is "okay" to blindly get ingested what are essentially just comparison images in front of the next care provider. Put it into perspective. Can anyone really demonstrate where a CD not ingested into PACS will "save the life" of any patient? Come on. Doctors, Nurses and other providers save lives. Images that "save lives" start in the ER/ED and those go into PACS immediately after scanning. Patient care flags need to be carried with respect on both sides of the fence.

The solution that satisfies both "needs" is to ensure that whatever you plug into a hospital/clinic workstation is scanned for virus and malware as it is being inserted. Free software is not the solution, you get what you pay for and nobody will support free software in any organization (except efilm). Just encourage your IT group to invest into the software.
This is how he respects other opinions? Yeah, right. THIS is why I have harped on the necessity of Radiology control or co-control of PACS. Medicine is a business unlike any other, and the lives of individuals are at stake here. We CANNOT cavalierly dismiss the needs of the individual patient. As a radiologist, I can state unequivocally that having a prior exam that might be encased on a CD-ROM is critical, and yes, it IS worth risking a virus infestation to have that data. Really. And just two nights ago, I read a trauma CT series including scans of the head, c-spine, t-spine, l-spine, chest, abdomen, and pelvis. The resident looking over my shoulder casually remarked that the patient had undergone the exact CT series three hours before. Why were we rescanning? Because the outside hospital "didn't send a disk." So we have just double-irradiated the patient for someone's omission. Mr. Stonn would approve, as long as his precious network wasn't compromised. Here's the balance: someone's LIFE vs. damage to the network and inconvenience to some IT folks. This one isn't even close.

And by the way, friends, I have spent hours searching through the web for any tale of a "nuclear medicine" camera that went haywire and crushed a patient BECAUSE of a computer virus. I've dug into the FDA complaint list, and Googled till the cows came home. Nothing. Nada. This was either an out-and-out lie, an exaggeration, or maybe the poster was simply delusional or just quite gullible. This incident never happened. It can't happen with a modern machine. Maybe, possibly, some pervert could write a STUXNET-like virus designed specifically to disable a gamma camera, but come on. 

The utter arrogance is galling. The sad fact is, Mr. Stonn's solution is really ideal, security software that preempts a virus before it can be admitted (or "ingested") into the network. We can all agree that this is a great solution, favorable to all involved. Why couldn't Mr. Stonn acknowledge the necessity of receiving outside information rather than dissing the concept before presenting his answer? I expect he has been indoctrinated by the usual IT attitude that their precious computers and networks would be ever so much better off without being polluted by grimy non-IT types. Sorry, pal. We all work for the patients, and in the great scheme of things, YOUR job is to help me do MY job, not stand in my way. If you worked for me, you wouldn't work for me long.

And besides...

Captain Spock: My father says that you have been my friend. You came back for me.
Kirk: You would have done the same for me.
Captain Spock: Why would you do this?
Kirk: Because the needs of the one... outweigh the needs of the many.
Captain Spock: [pacing] I have been and ever shall be your friend.
Kirk: Yes. Yes, Spock.
Captain Spock: Ship, out of danger?
Kirk: You saved the ship. You saved us all. Don't you remember?
Captain Spock: Jim. Your name is Jim.
Kirk: Yes.
Sometimes, saving the individual saves the entire Enterprise, yes?