Sunday, March 16, 2008

A Call for Equipoise

My head is still reeling after the reports of doctors hacking into the wireless transmissions of an automatic defibrillator.

Oh, it’s not so much the fact that it was done. Really, that was something. It certainly took our best and brightest a remarkable amount of scientific expertise to reverse-engineer the protocol for communication with Medtronic’s defibrillator device. The resources they used and all – what was it? $30,000 or so? And how many hours did it take for those engineers and computer scientists to crack the code? Certainly many. I suppose we should congratulate them for their ingenuity and fortitude. I feel safer now.

But that’s not what I see as disturbing.

It’s the bigger picture that bothers me.

You see, I’m worried about what it means to our profession as doctors.

Doctors must continually strive for equipoise in medicine. While it is a noble cause to want to always cure disease, strive for perfect patient safety in all arenas, and help mankind progress to the ultimate prize of immortality, we realize that each of these goals, taken to their extreme, is an impossibility. We have to balance the inevitability and cruelty of disease, the social and political climates in which we work, and even the sometimes atrocious things that one human being does to another, to help the unfortunate patient, victims and family members cope with the reality of their medical predicaments.

To me, it seems that since the Institute of Medicine’s report on medical errors was published admonishing the safety record of medicine as a whole, we’ve begun tipping to one side of the scale of medical reality. We strive for perfect safety records and implement protocols analogous to airline checklists to become robotic and perfect in our actions. Mountains of paperwork and regulation requirements are completed by teams of well-meaning individuals each day. Countless hours are devoted to record-keeping to prove that we’ve been keeping our records. Electronic medical records spew forth past medical histories, medication lists, family histories, social histories time and time again not because it helps the patient, but because we don’t want to “miss anything” that might be perceived as “inadequate” documentation for the patient. (In reality, we just have to do that stupid requirement just to get paid adequately – but that’s a discussion for another essay.)

Now I have nothing against improving our health care delivery system, and Lord knows there are areas where the Institute of Medicine’s wakeup call has helped patients. But politically, we’ve already seen how neat and tidy the patient safety argument becomes. I mean, what compassionate physician in their right mind could ever not argue for patient safety? It would be professional suicide.

But exactly how safe is safe enough?

Should all surgeons, in their quest to minimize infection, scrub for 3 minutes, 5 minutes, 10 minutes, 30 minutes, or become obsessive hand washers in the interest of minimizing the possible spread of that last remaining bacterium from their hand before entering the operating room? When do we stop?

Or maybe, since defibrillator wireless transmissions can be tapped now, we should encrypt other wireless transmission devices, like entire telemetry units or hospital administrators’ cell phone conversations? Better yet, barricades should be erected around hospitals just in case a doctor goes ballistic and decides to crash an ambulance into the main building. And why aren’t there metal detectors and people checking shoes at all of the hospital entrances – aren’t we missing another potential patient safety opportunity?

Sure, these examples are extreme, but they illustrate my point.

We have so many incredibly difficult challenges ahead in medicine: funding of healthcare, the loss of primary care doctors, the social problems in our inner cities, the overcrowding of our emergency rooms – the list goes on and on. Be it cardiology, medicine, obstetrics, or neurology, or general surgery, etc. – each branch of our profession has a million more important clinical and non-clinical problems to tackle right now. But when we start looking for problems in areas that do not represent active problems, thereby creating a new problem where none existed previously, we begin to tip the balance of equipoise in medicine to the penurious. And when this scale is tipped too far toward one side, we completely miss the boat as a profession as what it will take to maintain our clear perspective in our upcoming challenges.

Our resources are finite. When we spend so much money on safety trivialities in our most esteemed medical education establishments relative to the Big Picture of healthcare today, all of us who proclaim to be purveyors of our patients’ best interests have completely dropped the ball.


16 March 2008 19:00 CST Addendum: Roy Poses over at Health Care Renewal doesn't agree with me, but it's good to get both sides of the argument. What do you think?


Dr. Val said...

It sounds (from the Healthcare Renewal comments) as if it wouldn't be too difficult for the device manufacturers to add a layer of complexity to prevent hacking. If that's true, they should do that.

I don't think that hacking into defibrillators is a particularly viable terrorist approach. Probably not worth a hacker's time - except maybe for high profile people. I think you're right that the probability of people being hacked is extremely low... Individuals are infinitely more likely to die of an arrhythmia by declining a defibrillator for fear of hacking, than they are of actually being hacked. Sadly, all this hysteria might put people in harms way by their declining life-saving treatment. Oh the irony.

DrRich said...


Thanks for your post. I agree with your general point about: where do we stop in taking our concerns about patient safety to ridiculous extremes? (Pretending to be concerned about patient safety while cutting nursing ratios to 15:1 tells us all we really need to know about how seriously the system really takes this issue.)

However, as a former consultant in research and development to ICD companies, and as one who originally urged them to introduce wireless communication into these devices (a feature that can provide patients with tremendous advantages in the long run), I agree with Dr. Val that the designers should have taken as a prerequisite making these communications "tamper-proof."

The mere fact that Mr. Cheney has an ICD should have made obvious that sooner or later certain individuals would find the idea of maliciously programming these devices an attractive one. (By the way - has anyone asked the political affiliations of the doctors who took the pains to achieve this feat of reverse engineering? I'm just sayin'.)