undefined | Better HN

0 pointstristor4y ago0 comments

> This one is big for product designers.

You're right that there are definitely opportunities for improvement here. As a Product person that has worked in EMR/Healthcare IT systems, I can tell you the biggest challenge is most of the decisions are driven by legally-required compliance. In many cases, you literally cannot make it better because the brokenness is /by design/ to comply with the law.

Nearly across the board, especially in the US, our legal and regulatory climate has not kept up with technology and often actively works to the detriment of technical innovation and improving our systems.

0 comments

artful-hacker4y ago

I'm in this business too, and it's not just the direct features supporting the law, its the law driving out time and talent trying to make things better. We don't have time to improve systems because we are all too concerned with meeting the latest regulatory pipe dream of interoperable systems.

Systems that nobody has ever asked us to use. Entire APIs with full access to key data, that nobody uses.

tristorOP4y ago

Yes, this is probably the bigger impact, to be honest. Teams have limited resources and more and more of it is cannibalized by regulatory compliance work.

giantg24y ago

We've created so much regulation that no one person can know it all - not the legislators, not the agents/bureaucrats, not the judges, and certainly not the workers or patients who would be most affected by them.

killjoywashere4y ago

I was just on a 40-person call with Micky Tripathi today. I was on a gov-only call with his minions yesterday. They mean well, but they're policy people, they don't promote by repealing policy (remember, the boss promoting them wrote that policy). No programmer will stoop to a government salary to clean up the mess. Something has to give, and we've decided to break the doctors and nurses until the patients die. Things might change once a few major city trauma systems implode.

Keep in mind, the boomers are retiring and there aren't enough Gen X to replace them. Here's the graph of job postings for my specialty (takes a bit of finagling for it to render, esp. mobile, but suffice to say the system is going bonkers): https://www.pathologyoutlines.com/jobs?jbl=1

jimmydddd4y ago

Steve jobs mentioned this as a reason he never wanted to do enterprise sales. The user and the purchaser are two different people.

m4634y ago

I wonder how this is handled inside apple? Are apple internal tools good or terrible?

javajosh4y ago

It's an interesting question but probably covered by an NDA. I wouldn't be surprised if a lot of their enterprise software is bespoke, however.

primedteam4y ago

HITRUST certification is the most demoralizing thing I've done in my life. You need a policy, a procedure and evidence of things like this:

Shared system resources (e.g., registers, main memory, secondary storage) are released back to the system, protected from disclosure to other systems/applications/users, and users cannot intentionally or unintentionally access information remnants.

tristorOP4y ago

I understand exactly what you mean, but having done HITRUST CSF certification for a system, I will say that it is not as bad as some others, because at least HITRUST is /very/ clear in its requirements, so there's not as much vagaries and back and forth with auditors after the fact, or rushed changes. It's truly a nightmare to meet, but once done you can be assured you will pass the audit fairly.

seanp2k24y ago

Yep, try doing that in an electron context and you quickly learn why a lot of this software still runs on mainframes with UX from the 80s, hard T1 lines (if they’re lucky enough to be off ISDNs), faxing things all around since that’s considered “secure”, etc etc. A lot of startups can’t touch this stuff due to regulatory hurdles. When the first step is “go change the law”, it’s a non-starter.

bawolff4y ago

I mean, if it was really a very high security system, ensuring that confidential info in memory cannot be written unencrypted to a swap file, does seem like a reasonable requirement.

asdff4y ago

There is a reason why these things are like this. Someone with influence is making money hand over fist with the current state of affairs, so it says. Regulation are always penned by those in industry they are set to regulate with government connections. Politicians don't do anything unless there is a push for it by lobbyists or donors because that's where the incentives are.

tristorOP4y ago

For healthcare the regulations mostly entrench the big players in insurance. It’s regulatory capture 101.

asdff4y ago

And what sucks about this entire situation is even if you today fixed healthcare, because you havent fixed regulatory capture it will end up screwed up in some other direction as soon as the grifters finish planning out their graft and ringing personal phone numbers in washington DC and state capitols. Fixing regulatory capture is therefore required to solve the big problems we have, like climate change, housing, and healthcare, otherwise no fix will ever be long term and meaningful. The incentive structures with regulatory capture favor personal profit over public good every time.

JaimeThompson4y ago

Doctors and hospitals control some of the more powerful lobbying groups in the United States making it a bit strange they haven't worked on those issues.

dragonwriter4y ago

> Doctors and hospitals control some of the more powerful lobbying groups in the United States making it a bit strange they haven't worked on those issues.

Doctors and hospitals are not necessarily aligned groups (either with each other or with nurses) on the issues, and private insurers, state governments (as market participants themselves, via operating public insurers such as Medicaid agencies), and other players are also very powerful lobbies.

namelessoracle4y ago

"Doctors and hospitals" are not nurses and do not seem themselves as akin to nurses.

It's like asking why most software devs don't go to bat for technical support people.

lazide4y ago

Why when they get paid/further protected by it?

asdff4y ago

It seems the byzantine regulatory compliance software lobby is even more powerful then

j / k navigate · click thread line to collapse

0 comments

artful-hacker4y ago

Systems that nobody has ever asked us to use. Entire APIs with full access to key data, that nobody uses.

tristorOP4y ago

Yes, this is probably the bigger impact, to be honest. Teams have limited resources and more and more of it is cannibalized by regulatory compliance work.

giantg24y ago

killjoywashere4y ago

jimmydddd4y ago

Steve jobs mentioned this as a reason he never wanted to do enterprise sales. The user and the purchaser are two different people.

m4634y ago

I wonder how this is handled inside apple? Are apple internal tools good or terrible?

javajosh4y ago

It's an interesting question but probably covered by an NDA. I wouldn't be surprised if a lot of their enterprise software is bespoke, however.

primedteam4y ago

HITRUST certification is the most demoralizing thing I've done in my life. You need a policy, a procedure and evidence of things like this:

tristorOP4y ago

seanp2k24y ago

bawolff4y ago

I mean, if it was really a very high security system, ensuring that confidential info in memory cannot be written unencrypted to a swap file, does seem like a reasonable requirement.

asdff4y ago

tristorOP4y ago

For healthcare the regulations mostly entrench the big players in insurance. It’s regulatory capture 101.

asdff4y ago

JaimeThompson4y ago

Doctors and hospitals control some of the more powerful lobbying groups in the United States making it a bit strange they haven't worked on those issues.

dragonwriter4y ago

> Doctors and hospitals control some of the more powerful lobbying groups in the United States making it a bit strange they haven't worked on those issues.

namelessoracle4y ago

"Doctors and hospitals" are not nurses and do not seem themselves as akin to nurses.

It's like asking why most software devs don't go to bat for technical support people.

lazide4y ago

Why when they get paid/further protected by it?

asdff4y ago

It seems the byzantine regulatory compliance software lobby is even more powerful then

j / k navigate · click thread line to collapse