Healthcare Hacks (aka workarounds) – Good, Bad or Necessary?

Blog post by Colin Hung.

Last week was the inaugural Health IT Expo (#HITExpo) – an event I helped to organize along with good friends John Lynn @techguy, Shahid Shah @ShahidNShah and Brian Rosenberg @bgrosenberg1. The premise behind the event was to bring together different parts of the Health IT ecosystem to collaborate in meaningful ways on practical innovation.

My co-organizers and I believe there is too much attention focused on disruptive/breakthrough innovation at healthcare conferences and not enough on incremental, smaller-scale practical innovations. We didn’t want to add yet another HealthIT conference to the calendar. We wanted to do something different. Based on the speaker and attendee reactions last week, I think we have struck a chord.

One of the most interesting discussions that happened during HITExpo was on the use of work-arounds that circumvent existing processes yet provide a net-benefit. These work-arounds, commonly referred to as “healthcare hacks” or simply as “hacks”, know no bounds and are created by patients, administrators, physicians, nurses, government officials and family caregivers alike. Some are simple healthcare navigation hacks – like knowing which phone number to call to get a faster response. Others are much more complex – like pulling data from multiple systems in order to build a comprehensive view of a patient or department that a single system cannot provide.

There was one particular hack that generated a lot of discussion at HITExpo: the use of cloud-based services like DropBox and Google Drive to store, save and share your own patient records. Instead of having to log into multiple patient portals from different physician offices and institutions, patients are downloading/requesting their records and putting the data safely in their own storage systems. Once there, they can share that data with their other physicians and institutions as they see fit.

Because the patient is the one sharing their data, there is no HIPAA violation. The receiving party (usually a physician or a healthcare organization) can freely access the stored records through the credentials provided by the patient. Their only restriction is that they cannot share that data with anyone else without the patient’s permission.

It was noted that the use of personally stored health data via DropBox was initially met by physicians with trepidation (and some flatly refuse), but those that did, found it more convenient and faster than waiting for faxed copies from other offices. There are obvious risks to using Dropbox as a personal health record, but for some patients the risk is acceptable given the alternative binders full of paper charts.

Other hacks mentioned at HITExpo included:

  • Using EHR audit-log data to identify workflow bottlenecks
  • Using EHR usage data to gauge EHR literacy (ie: determine if additional EHR training is needed)
  • Using claims data to help fight the opioid crisis
  • Turning your internal support desk into a value-add internal service

Every process can be improved and every experience can be made better. This is not something that is unique to healthcare. What is unique is healthcare’s complex regulatory environment, lack of innovation momentum and culture of evidence-based everything (the latter is not necessarily a bad thing). Because of this, healthcare hacks are often met with a negative reaction. The reactions shared at HITExpo ranged from flat-out rejection of the idea of workarounds to internal memos being circulated listing dozens of reasons why a particular hack is dangerous.

Despite this hostile-hack environment, many do make it through and become mainstream. One nurse recounted her experience with bypassing a particular form in the EHR and going directly to a different entry screen with fewer fields to achieve the same thing. The hack spread through word-of-mouth to the entire staff. Eventually so many people were using it that IT redesigned the workflow and eliminated that cumbersome form.

Not all hacks are good. Some hacks are truly just subversive and have a negative impact. A recent public example is the case surrounding Bryan Colangelo the General Manager of the Philadelphia 76ers in the NBA. It is alleged that Colangelo or someone close to him used anonymous Twitter accounts to leak internal information, criticize team leadership and comment on player performance. The story broke on The Ringer on May 29th and has dominated sports headlines almost as much as the NBA playoffs have. Clearly this is a “bad hack” – a way to circumvent the proper internal processes for bring up grievances and addressing criticism. Though I would hazard a guess that this is happening somewhere in healthcare today.

I thought it would be interesting this week to discuss healthcare hacks (aka workarounds) on #hcldr. Are they good? Bad? Necessary? At what point does a hack become a standard operating procedure? Please join me on Tuesday June 5th at 8:30pm ET (for your local time click here) for the weekly #hcldr tweetchat where we will be discussing:

  • T1 What differentiates a good healthcare hack from a bad one? Adoption? Usefulness? Rule that is broken?
  • T2 If you were trying to convince leadership of a process improvement hack/workaround, what ideas do you have to overcome the initial negative reaction?
  • T3 At what point should a “hack” become standard operating procedure? Should it be based on adoption? Proof? A champion’s will?
  • T4 Share the “hacks” you have experienced/used/seen that could improve healthcare for patients, clinicians or administrators.


“Nurses and Healthcare Hacks: Our Workaround Culture”, Laura Stokowski, Medscape, 9 January 2018,, access 4 June 2018

“Dropbox? When is it OK to say YES”, Bob Violino, CIO, 10 April 2015,, accessed 4 June 2018

“Wanted: Dropbox For Health Care”, Zina Moukheiber, Forbes, 20 June 2012,, accessed 4 June 2018

“Dropbox in healthcare: A love-hate thing”, Mike Miliard, Healthcare IT News, 19 November 2013,, accessed 4 June 2018

“Everyone Is Asking the Wrong Questions About Dropbox. Here’s What They Should Be Asking Instead”, Sami Inkinen, Inc, 28 March 2018,, accessed 4 June 2018

“Managing personal health records using meta-data and cloud storage”, Alyami et al, Computer and Information Science (ICIS), 26 May 2017,, accessed 4 June 2018

“Nurses’ workarounds in acute healthcare settings: a scoping review”, Debono et al, Patient Safety Network, May 2013,, accessed 4 June 2018

“How Can You Identify and Confront Workarounds”, Steven Spear, IHI Open School,, accessed 4 June 2018

“Workarounds in Hospitals Raise Ethical Questions”, Alexandra Wilson Pecci, HealthLeaders, 25 January 2016,, accessed 4 June 2018

“Secondary Use of EHR Timestamp data: Validation and Application for Workflow Optimization”, Michelle Hribar et al, AMIA Annual Symposium Proceedings Archive, 5 November 2015,, accessed 4 June 2018

“Physician Burnout, a Healthcare Issue Unique to Our Healthcare Providers”, Justin Campbell, 25 May 2018,,, accessed 4 June 2018

“The Curious Case of Bryan Colangelo and the Secret Twitter Account”, Ben Detrick, The Ringer, 29 May 2018,, accessed 4 June 2018

“Philadelphia 76ers investigating tweets linked to GM Bryan Colangelo”, Dan Gelston, 30 May 2018,, accessed 4 June 2018

Image Credit

“Maze detail from St. Giorgio” – Richard Leeming

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: