On a gritty Brooklyn block cluttered with automobile body shops, a janitorial supplies outlet and a truck depot for Gino\u2019s Italian Ice sits a one-story building with corrugated metal siding the color of pistachio ice cream. It\u2019s an unlikely setting for a hospital IT department and an even unlikelier setting for a revolution in American health care. Yet inside, that\u2019s precisely what\u2019s going on.Ten blocks from the 705-bed Maimonides Medical Center, Senior Vice President and CIO Ann C. Sullivan has finished a $44 million technology transformation that in seven years has taken the hospital from punched cards to a sophisticated system of electronic medical records (EMR) and computerized physician order-entry (CPOE). Today, every one of Maimonides\u2019 doctors\u2014not only its 277 employed physicians but also 978 community physicians with hospital privileges\u2014log on to order medications and tests, check lab results, and track treatment. One in every five prescriptions is flagged by the system for a possible problem\u2014an allergy or an adverse drug interaction. The average turnaround time for administering medicine to inpatients now has been cut from five hours to 90 minutes. Physicians receive all reports online from the radiology department within 24 hours (formerly, it was five days), and they no longer have to reorder tests for the estimated 15 percent of film records that used to get lost. Last year, revenue increased $50 million, and hospital officials attribute a fourth of that jump in revenue to the new IT systems. In addition, the annual cost of the hospital\u2019s malpractice insurance just dropped $1 million, a savings largely credited to the new systems. Advanced systems like these could reduce U.S. hospitalization costs by $2 billion a year. And if similar systems were used in doctors\u2019 offices and clinics as well as hospitals, they could prevent thousands of deaths from medical errors and save the U.S. health-care system a whopping $44 billion each year\u2014taking a significant bite out of the $1.4 trillion America annually spends on health care. Health-care costs, which in 2001 constituted 14 percent of the gross domestic product, continue to soar, slicing into business profits and exacerbating state and federal deficits. An increasing number of employers are cutting back on health coverage or offering none at all. The enormous efficiencies of electronic medicine could ameliorate this deepening crisis.The good news is that this push toward paperless medicine seems inevitable. Insurance companies have begun rewarding physicians and hospitals for using IT to reduce errors. And a 2002 survey found that 46 percent of physician executives work for organizations that have invested in EMRs or plan to do so in the next year\u2014more than double the number reported in 2001.The bad news is that there\u2019s still enormous resistance to these systems. At present, Maimonides Medical Center is among only 10 percent of U.S. hospitals that have implemented inpatient order-entry systems that check for errors. Most health-care entities are moving much more slowly, both because of the tremendous up-front costs (Maimonides has been spending one-third of its capital expenditures on IT) and resistance from physicians who see no reason for changing the way they practice.CIOs are at the center of this tug-of-war. They\u2019re the ones who must drive this transformation, delivering systems without incurring dangerous downtime or allowing medical files to fall into the wrong hands."The pressures in health care are such that in the next two or three years we\u2019re going to have to achieve a new level of efficiency," says David Pecoraro, vice president and CIO of the Jewish Hospital HealthCare Services, which has installed systems similar to those at Maimonides. "CIOs are feeling the heat."The Problem with PaperSo what\u2019s wrong with a medical system based on paper? To begin with, paper gets lost. Paper degrades. And no matter how voluminous, paper files are limited in the quality and quantity of data they contain.The goal of an EMR system is to collect the data on those pieces of paper and make it dynamic. Say, for instance, a patient has diabetes. EMRs can help a doctor track how the disease has progressed over the years, without hunting through pages of scribbled medical notes.And if the system is properly coded\u2014if, for instance, it knows that a heart attack is the same as a myocardial infarction\u2014it can do much more than track a patient\u2019s progress. It can, for example, track patients in the aggregate to determine how well doctors are managing specific diseases. For instance, at Intermountain Health Care, a Salt Lake City-based insurance and health-care provider, officials can now see how many diabetics have acceptable levels of hemoglobin A1c\u2014a key indicator of how well they (and by extension, their doctors) are coping. Now Intermountain issues a report card on individual physicians and can determine whether the organization is getting better at treating diabetes.That\u2019s all good, but it gets better. Once an EMR system is in place, the next step is a CPOE system. It allows a provider to request medications, lab tests and radiology procedures like CAT scans or MRIs. Ideally, the doctor gets an automatic notification about test results. But CPOEs, like EMRs, run the gamut from simple systems that do little more than computerize a prescription pad to complex ones that check for everything from decimal point errors to drug interactions and allergies to whether recent tests show that a particular medication might be contraindicated.Research has shown that CPOEs, tightly linked to EMRs, can prevent more than half of all serious inpatient medication errors\u2014a political hot button ever since the Institute of Medicine issued a 1999 landmark report revealing that as many as 98,000 people a year die in hospitals from medical errors. The Leapfrog Group, a collection of insurers that has banded together to improve patient safety, has made CPOE one of its top three priorities. In California, lawmakers set a 2005 deadline requiring hospitals to submit reports on how they will use IT to reduce medical errors. New York\u2019s Empire Blue Cross Blue Shield, in an incentive program that involves four of its key accounts, IBM, PepsiCo, Verizon Communications and Xerox, already has paid out $195,000 in bonuses to New York City hospitals that met Leapfrog\u2019s standards for quality improvement.Physician ResistanceWhile there is increasing pressure to convert to electronic patient systems, getting there won\u2019t be easy. "This is worse than taking a horse to water and making him drink," says Greg Walton, CIO of Carilion Health System in Roanoke, Va. "This is more like teaching horses to dig wells."That\u2019s because EMRs in general, and CPOE systems in particular, require that physicians change the way they practice medicine. It starts with the most fundamental question of how can doctors look at a patient and a computer screen at the same time, and only gets more complicated. Fortunately, the CIO who wins over the horse gets the whole barn. Physicians\u2014not boards of directors, not insurance companies, not even patients\u2014are the ones who really need to be convinced that newfangled IT systems are worth their time and money. If a doctor, especially a good one, doesn\u2019t like the way one hospital is doing something, she can take her business\u2014and her patients\u2014elsewhere.The value proposition is especially difficult for physicians in private practice who have to pay for the systems out of their own earnings (see "The Private Practice Value Proposition," Page 56). But even in hospitals, where there are economies of scale, CIOs have found CPOE systems a hard sell.Speedier lab results is one key selling point. Quick, wireless access to clinical data is another (see "Wireless: Just What the Doctor Ordered," Page 60). Remote access, so that doctors can log on from home or the office to check on the status of a patient in the hospital, is yet another.Ultimately, the best selling point is the simple fact that these systems improve patient care. "It\u2019s the right thing to do," says Mark Andersen, CIO of Yale New Haven Health System.Doctors on BoardAs has historically been the case with IT, success usually starts with a few early adopters. That\u2019s what Dr. Robert Kolodner, acting deputy CIO for health at the Department of Veterans Affairs and acting chief health informatics officer for the Veterans Health Administration, has found. "You go with the people who are excited and willing to try things out early on," says Kolodner, whose federally funded organization has given all 163 of its facilities access to EMRs and CPOEs. "You kind of work out the kinks\u2014there are always kinks\u2014with the group that will be much more tolerant when things don\u2019t go completely right."These systems don\u2019t succeed unless clinicians are involved from the get-go. Many IT shops with successful EMR implementations have doctors, nurses and pharmacists on staff who spend part of their time in IT and part of their time with patients and medical peers. This helps give the CIO credibility, but it also makes the systems work. With earlier versions of CPOEs and EMRs, IT departments had to build in error-checking functions and definitions by themselves. Now, vendors are building more rules and definitions into the products, but individual hospitals still need to modify the systems to fit their policies.For example, at Kaiser Permanente Northwest, the EMR system used to issue alerts for all female patients who were due for mammograms. Physicians showed that some patients didn\u2019t want the tests (for cultural reasons) or didn\u2019t need them (because they\u2019d had mastectomies). "We needed to find a mechanism to turn off the alert for certain patients," says Dr. Homer Chin, Kaiser\u2019s assistant regional medical director for clinical information systems. "There are thousands of little things like that." Working closely with the vendor, Chin\u2019s group has fixed a number of these kinks, and now Kaiser is planning to roll out the Northwest system to the organization nationwide, to the tune of $1.8 billion over 10 years.Bottom line: It pays to listen to your doctors. But dealing with them takes patience. The more physicians use the system, the more tweaking needs to be done. Intermountain Health Care, for instance, has managed to get physicians to enter patient notes directly into the computer systems. To get there, the IT department worked closely with physicians to develop what CIO Carvel Whiting calls "hot text"\u2014templates that physicians can pull up for certain types of visits and fill out with just a few keystrokes.Whiting now has some happy customers. "I was in a meeting a while ago with a number of docs in our clinics, and they said, \u2019If I had to do this the old way it would take me an extra hour-and-a-half a day,\u2019" he says.But new systems mean new expectations; now physicians won\u2019t put up with any downtime.New HeadachesNo one remembers what life at Yale-New Haven Hospital was like before the CPOE system. So when it is taken down\u2014which happens every month for scheduled maintenance\u2014"you can\u2019t say, Do what you did before," says Howard Goldberg, the hospital\u2019s director of clinical systems, who reports to CIO Andersen. "When you\u2019ve been up for 11 years, there is no before. Doctors don\u2019t know how to write an order by hand." That\u2019s where a portable gray file box stashed in every unit comes in handy. Inside the file box are instructions and prescription and other order forms. Yes, paper.But the chief of staff is putting pressure on Andersen to get rid of the paper. So, as part of an upgrade while converting to a new version of CPOE software, Andersen is splitting the data between two separate data centers three-quarters of a mile apart. Andersen knows what some other health-care CIOs, like John Halamka of CareGroup in Boston, have learned the hard way: The more mission-critical hospital IT systems become, the greater the risks of downtime (read "All Systems Down" at www.cio.com\/printlinks).Making sure the network is crash-proof is only part of the CIO\u2019s problem. Not only are health-care organizations making patient files electronic, they\u2019re putting them online for remote access by doctors and even, in a few pilot programs, by patients.This raises new privacy and security concerns. What happens if someone breaks into a database of health information and uses it to embarrass patients, commit identity theft or even make a profit on the black market\u2014say, by selling medical records to unscrupulous mortgage companies looking for reasons not to grant loans? These are valid enough concerns that the federal government, with the passage of the Health Insurance Portability and Accountability Act (HIPAA), has set strict rules around how patient data must be secured and in what cases it may be shared outside the organization. (For more, read "Immune Systems" at www.cio.com\/printlinks.)Health-care entities have to do a better job of explaining their safety precautions. At Yale-New Haven, for instance, a few patients bristled when the time came to upgrade the AIDS clinic with an EMR system because they were worried their personal information would fall into the wrong hands. Yale-New Haven officials took pains to explain that only certain people would have access to those files. What\u2019s more, hospital officials can see who is looking at which files and when. "Once our analyst was able to show the patients that we could now document everybody who looked at their record, they actually felt more comfortable," Andersen says.Getting to the InevitableDespite the benefits of EMRs, there will always be some clinicians who don\u2019t want to change. That\u2019s where CIOs must rely on executive backup: a mandate, straight from the top, that everyone\u2014no exceptions\u2014will use the EMR and CPOE systems. Hospital administrators "need to communicate the target and hold a gentle, steady pressure to achieve it," VA\u2019s Kolodner says. "After about six months, if you\u2019ve put in a system that meets the providers\u2019 needs, it becomes self-sustaining. The peers start saying, Would you please put your notes in there? I don\u2019t want to have to get the records because it slows me down."This mandate is hard enough to enforce at places like the VA facilities, where physicians are on staff and rely on paychecks. But it\u2019s most difficult at community hospitals that don\u2019t have power over doctors who aren\u2019t employees. Just ask Maimonides\u2019 Sullivan. "We went live with an electronic record order-entry system on Dec. 15, 1996," she says. "I remember the day well. One doctor walked up to me in the hospital. He said that because of the system, he was going to retire." Fortunately, he was the only doctor who left. Today, Sullivan\u2019s systems are cranking away\u2014saving money, saving lives. In the emergency department, the floor and hallways are crowded with patients on stretchers. Police keep close guard over one patient, while another, blood caked below one eye, yells "doctor" every few seconds. The scene seems chaotic, but appearances can be deceiving.Dr. Steven Davidson, chairman of the emergency medicine department, logs on to a computer. At a glance, he can see the locations of all the ER patients, the severity of their conditions, the status of their treatments. He knows that an elderly woman in the hallway needs to be assigned a room, that another patient\u2019s chest X-ray is back from the lab. Dressed in a bow tie and lab coat, Davidson is imposing order on the chaos. "[I knew] there had to be something medicine could use from the business model," he says over the racket. He was right.