James Trainor, FBI Cybersecurity Director

James Trainor, FBI Cybersecurity, at HIMSS15

As I write these words, I stand among 41,000 health information technology (HIT) professionals gathered in Chicago for  HIMSS15. As an intellectual property (IP) lawyer, I am here because my clients are here. If you’re at HIMSS15, you are probably engaged in electronic health records (EHR) software, hardware and/or medical devices. Your organization is likely to be active in IP/patent acquisition, licensing, and litigation.

HIMSS was founded as an engineering society

The leading association for advancement of information technology (IT) for health (HIT) is the Healthcare Information and Management Systems Society (HIMSS),

HIMSS was founded in 1961 as the Health Management Systems Society (HMSS). Co-founder and first president Ed Gerner was a degreed industrial engineer. He founded the first “hospital management engineering department” in the U.S., at the Children’s Hospital of Pittsburgh. Gerner and his contemporaries applied the scientific management theories of Frederick Taylor, e.g., time and motion studies, to improve delivery of healthcare in hospitals.

The letter “I” —for information and information technology—was inserted into the HIMSS name only in 1986. Computerization of healthcare began slowly; more recently it has snowballed.

Technical innovation is biggest driver so protect it

In the last 15 years, IT has revolutionized healthcare. As recently as the year 2000, most hospitals, clinics, and doctors relied primarily on paper records. Now, the primary mode for keeping and processing of health records is electronic. The needs are both institutional—providers, insurers, governments—and personal, with mandated security for “protected health information” (PHI) (protected by HIPAA) and personal, portable, electronic medical records (EMR).

Technology—particularly IT—is the biggest driver in healthcare today. HIT innovation saves lives, and it adds to the competitiveness and profitability of healthcare providers and vendors. Protect it.

HIMSS15 corporate supporters and exhibitors IBM and Microsoft are two of the Top 10 organizations for annual issuance of U.S. patents, not just for HIT, but for all fields of technology. The U.S. Patent and Trademark Office (USPTO) issued more than 6,000 U.S. patents to IBM in the year 2013 alone. Almost half as many, or about 3,000 U.S. patents, were issued to Microsoft in 2013.

HIMSS15 anchor exhibitors Allscripts, Cerner, Epic and McKesson are all active in patent filings. According to USPTO searchable public records, Cerner and McKesson each have well over 100 issued U.S. patents,  with dozens more in prosecution. Epic and Allscripts seem to be trailing in the number of issued patents. All four EHR companies have been engaged in patent litigation (sometimes between themselves) as they use patents as key tools for attaining market leadership, revenues and margins.

 HIMSS and Hers

What is being overlooked in HIMSS15  is intellectual property (IP), which is associated more with “hers” than HIMSS.  Two women’s first names will be associated forever with IT. The first, Ada (Lovelace), was a pioneer in computing. More recently, Alice, as in the Supreme Court decision Alice Corp. v. CLS Bank, along with Bilski, placed limits on eligibility of IT for patent protection. The Court has held that “abstract ideas” and well known methods of doing business are not eligible for patent protection, even if one discloses and claims implementation on a computer.

Innovation, of course, means different things to different people. In a keynote HIMSS15 address by a Walgreen executive, the pharmacy chain claims to have innovated 24-hour drugstores and drive -through service. These innovations, without more, are not patentable, and they would be hard to protect under any form of intellectual property (IP) or agreement. Walgreen does, however, have over 100 issued U.S. patents, including recently issued U.S. Patent 8,918,385, titled “methods and systems of correlating electronic pharmacy data and electronic medical records.”

Software can be protected by patent and by license agreement

Since the advent of IT, there has been a great deal of confusion and misinformation about eligibility of software for patent protection. Thus, Microsoft’s early domination of software was accomplished primarily through licensing and other agreements. It since has extended its dominance through filing and issuance of thousands of patents.

IMG_2950 cropped

Since the Supreme Court’s 2014 decision in Alice, many software patent applications have been rejected, at least temporarily, by the USPTO, as allegedly directed to merely abstract ideas. It is possible, however, to obtain allowance of software patents, for meritorious technical inventions, including IT for management, analysis, and use of electronic health records (EHR). See recent blog by my colleague Ray RicordatiObtain Allowance of Software Patent under Alice and Guidelines.  As discussed in the latter blog, software is most likely to be patentable when it is applied, not just abstractly, but specifically to solve technical problems with technical solutions and technical effect, for example, in processing data more efficiently and in making a given computer run faster or more effectively.

For more on how best to prepare and prosecute patent applications, see my recent blog, Build Your Patent Portfolio.

As mentioned above, software agreements can be used to protect exclusive proprietary technology, and they also can address (or fail to address) security issues and warranties. In a HIMSS15 presentation by Jim Wieland, Data Security Officers: Addressing Risks, the hazards of open source software, particularly, web security flaws in code reflected in Heartbleed, are addressed. If you think this is a concern  of the past, you may wish to think again. See Heartbleed (Columbus Dispatch Apr. 13, 2015).

In sum, healthcare software can  be protected by patent and by license agreement; preferably, it should be protected in both ways.

Conclusion

When you consider your organization’s IT rights and responsibilities, think not only of securing protected health information (PHI, per HIPAA), but also your organization’s proprietary IT. When you negotiate licenses and other agreements, consider and address intellectual property (IP) rights and warranties. Last but not least, consider preparing and filing patent applications before you go public with new or improved software products and medical devices.