The central contention of Barack Obama's vision for health care reform is straightforward: that our health care system today is so wasteful and poorly organized that it is possible to lower costs, expand access, and raise quality all at the same time--and even have money left over at the end to help pay for other major programs, from bank bailouts to high-speed rail.

It might sound implausible, but the math adds up. America spends nearly twice as much per person as other developed countries for health outcomes that are no better. As White House budget director Peter Orszag has repeatedly pointed out, the cost of health care has become so gigantic that pushing down its growth rate by just 1.5 percentage points per year would free up more than $2 trillion over the next decade.

The White House also has a reasonably accurate fix on what drives these excessive costs: the American health care system is rife with overtreatment. Studies by Dartmouth's Atlas of Health Care project show that as much as thirty cents of every dollar in health care spending goes to drugs and procedures whose efficacy is unproven, and the system contains few incentives for doctors to hew to treatments that have been proven to be effective. The system is also highly fragmented. Three-quarters of Medicare spending goes to patients with five or more chronic conditions who see an annual average of fourteen different physicians, most of whom seldom talk to each other. This fragmentation leads to uncoordinated care, and is one of the reasons why costly and often deadly medical errors occur so frequently.

Almost all experts agree that in order to begin to deal with these problems, the health care industry must step into the twenty-first century and become computerized. Astonishingly, twenty years after the digital revolution, only 1.5 percent of hospitals have integrated IT systems today--and half of those are government hospitals. Digitizing the nation's medical system would not only improve patient safety through better-coordinated care, but would also allow health professionals to practice more scientifically driven medicine, as researchers acquire the ability to mine data from millions of computerized records about what actually works.

It would seem heartening, then, that the stimulus bill President Obama signed in February contains a whopping $20 billion to help hospitals buy and implement health IT systems. But the devil, as usual, is in the details. As anybody who's lived through an IT upgrade at the office can attest, it's difficult in the best of circumstances. If it's done wrong, buggy and inadequate software can paralyze an institution.

Consider this tale of two hospitals that have made the digital transition. The first is Midland Memorial Hospital, a 371-bed, three-campus community hospital in southern Texas. Just a few years ago, Midland Memorial, like the overwhelming majority of American hospitals, was totally dependent on paper records. Nurses struggled to decipher doctors' scribbled orders and hunt down patients' charts, which were shuttled from floor to floor in pneumatic tubes and occasionally disappeared into the ether. The professionals involved in patient care had difficulty keeping up with new clinical guidelines and coordinating treatment. In the normal confusion of day-to-day practice, medical errors were a constant danger.

This all changed in 2007 when Midland completed the installation of a health IT system. For the first time, all the different doctors involved in a patient's care could work from the same chart, using electronic medical records, which drew data together in one place, ensuring that the information was not lost or garbled. The new system had dramatic effects. For instance, it prompted doctors to follow guidelines for preventing infection when dressing wounds or inserting IVs, which in turn caused infection rates to fall by 88 percent. The number of medical errors and deaths also dropped. David Whiles, director of information services for Midland, reports that the new health IT system was so well designed and easy to use that it took less than two hours for most users to get the hang of it. "Today it's just part of the culture," he says. "It would be impossible to remove it."

Things did not go so smoothly at Children's Hospital of Pittsburgh, which installed a computerized health system in 2002. Rather than a godsend, the new system turned out to be a disaster, largely because it made it harder for the doctors and nurses to do their jobs in emergency situations. The computer interface, for example, forced doctors to click a mouse ten times to make a simple order. Even when everything worked, a process that once took seconds now took minutes--an enormous difference in an emergency-room environment. The slowdown meant that two doctors were needed to attend to a child in extremis, one to deliver care and the other to work the computer. Nurses also spent less time with patients and more time staring at computer screens. In an emergency, they couldn't just grab a medication from a nearby dispensary as before--now they had to follow the cumbersome protocols demanded by the computer system. According to a study conducted by the hospital and published in the journal Pediatrics, mortality rates for one vulnerable patient population--those brought by emergency transport from other facilities--more than doubled, from 2.8 percent before the installation to almost 6.6 percent afterward.

Why did similar attempts to bring health care into the twenty-first century lead to triumph at Midland but tragedy at Children's? While many factors were no doubt at work, among the most crucial was a difference in the software installed by the two institutions. The system that Midland adopted is based on software originally written by doctors for doctors at the Veterans Health Administration, and it is what's called "open source," meaning the code can be read and modified by anyone and is freely available in the public domain rather than copyrighted by a corporation. For nearly thirty years, the VA software's code has been continuously improved by a large and ever-growing community of collaborating, computer-minded health care professionals, at first within the VA and later at medical institutions around the world. Because the program is open source, many minds over the years have had the chance to spot bugs and make improvements. By the time Midland installed it, the core software had been road-tested at hundred of different hospitals, clinics, and nursing homes by hundreds of thousands of health care professionals.

The software Children's Hospital installed, by contrast, was the product of a private company called Cerner Corporation. It was designed by software engineers using locked, proprietary code that medical professionals were barred from seeing, let alone modifying. Unless they could persuade the vendor to do the work, they could no more adjust it than a Microsoft Office user can fine-tune Microsoft Word. While a few large institutions have managed to make meaningful use of proprietary programs, these systems have just as often led to gigantic cost overruns and sometimes life-threatening failures. Among the most notorious examples is Cedars-Sinai Medical Center, in Los Angeles, which in 2003 tore out a "state-of-the-art" $34 million proprietary system after doctors rebelled and refused to use it. And because proprietary systems aren't necessarily able to work with similar systems designed by other companies, the software has also slowed what should be one of the great benefits of digitized medicine: the development of a truly integrated digital infrastructure allowing doctors to coordinate patient care across institutions and supply researchers with vast pools of data, which they could use to study outcomes and develop better protocols.

Unfortunately, the way things are headed, our nation's health care system will look a lot more like Children's and Cedars-Sinai than Midland. In the haste of Obama's first 100 days, the administration and Congress crafted the stimulus bill in a way that disadvantages open-source vendors, who are upstarts in the commercial market. At the same time, it favors the larger, more established proprietary vendors, who lobbied to get the $20 billion in the bill. As a result, the government's investment in health IT is unlikely to deliver the quality and cost benefits the Obama administration hopes for, and is quite likely to infuriate the medical community. Frustrated doctors will give their patients an earful about how the crashing taxpayer-financed software they are forced to use wastes money, causes two-hour waits for eight-minute appointments, and constrains treatment options.

Open-source software has no universally recognized definition. But in general, the term means that the code is not secret, can be utilized or modified by anyone, and is usually developed collaboratively by the software's users, not unlike the way Wikipedia entries are written and continuously edited by readers. Once the province of geeky software aficionados, open-source software is quickly becoming mainstream. Windows has an increasingly popular open-source competitor in the Linux operating system. A free program called Apache now dominates the market for Internet servers. The trend is so powerful that IBM has abandoned its propriety software business model entirely, and now gives its programs away for free while offering support, maintenance, and customization of open-source programs, increasingly including many with health care applications. Apple now shares enough of its code that we see an explosion of homemade "applets" for the iPhone--each of which makes the iPhone more useful to more people, increasing Apple's base of potential customers.

If this is the future of computing as a whole, why should U.S. health IT be an exception? Indeed, given the scientific and ethical complexities of medicine, it is hard to think of any other realm where a commitment to transparency and collaboration in information technology is more appropriate. And, in fact, the largest and most successful example of digital medicine is an open-source program called VistA, the one Midland chose.

VistA was born in the 1970s out of an underground movement within the Veterans Health Administration known as the "Hard Hats." The group was made up of VA doctors, nurses, and administrators around the country who had become frustrated with the combination of heavy caseloads and poor record keeping at the institution. Some of them figured that then-new personal and mini computers could be the solution. The VA doctors pioneered the nation's first functioning electronic medical record system, and began collaborating with computer programmers to develop other health IT applications, such as systems that gave doctors online advice in making diagnoses and settling on treatments.

The key advantages of this collaborative approach were both technical and personal. For one, it allowed medical professionals to innovate and learn from each other in tailoring programs to meet their own needs. And by involving medical professionals in the development and application of information technology, it achieved widespread buy-in of digitized medicine at the VA, which has often proven to be a big problem when propriety systems are imposed on doctors elsewhere.

This open approach allowed almost anyone with a good idea at the VA to innovate. In 1992, Sue Kinnick, a nurse at the Topeka, Kansas, VA hospital, was returning a rental car and saw the use of a bar-code scanner for the first time. An agent used a wand to scan her car and her rental agreement, and then quickly sent her on her way. A light went off in Kinnick's head. "If they can do this with cars, we can do this with medicine," she later told an interviewer. With the help of other tech-savvy VA employees, Kinnick wrote software, using the Hard Hats' public domain code, that put the new scanner technology to a new and vital use: preventing errors in dispensing medicine. Under Kinnick's direction, patients and nurses were each given bar-coded wristbands, and all medications were bar-coded as well. Then nurses were given wands, which they used to scan themselves, the patient, and the medication bottle before dispensing drugs. This helped prevent four of the most common dispensing errors: wrong med, wrong dose, wrong time, and wrong patient. The system, which has been adopted by all veterans hospitals and clinics and continuously improved by users, has cut the number of dispensing errors in half at some facilities and saved thousands of lives.

At first, the efforts of enterprising open-source innovators like Kinnick brought specific benefits to the VA system, such as fewer medical errors and reduced patient wait times through better scheduling. It also allowed doctors to see more patients, since they were spending less time chasing down paper records. But eventually, the open-source technology changed the way VA doctors practiced medicine in bigger ways. By mining the VA's huge resource of digitized medical records, researchers could look back at which drugs, devices, and procedures were working and which were not. This was a huge leap forward in a profession where there is still a stunning lack of research data about the effectiveness of even the most common medical procedures. Using VistA to examine 12,000 medical records, VA researchers were able to see how diabetics were treated by different VA doctors, and by different VA hospitals and clinics, and how they fared under the different circumstances. Those findings could in turn be communicated back to doctors in clinical guidelines delivered by the VistA system. In the 1990s, the VA began using the same information technology to see which surgical teams or hospital managers were underperforming, and which deserved rewards for exceeding benchmarks of quality and safety.

Thanks to all this effective use of information technology, the VA emerged in this decade as the bright star of the American health system in the eyes of most health-quality experts. True, one still reads stories in the papers about breakdowns in care at some VA hospitals. That is evidence that the VA is far from perfect--but also that its information system is good at spotting problems. Whatever its weaknesses, the VA has been shown in study after study to be providing the highest-quality medical care in America by such metrics as patient safety, patient satisfaction, and the observance of proven clinical protocols, even while reducing the cost per patient.

Following the organization's success, a growing number of other government-run hospitals and clinics have started adapting VistA to their own uses. This includes public hospitals in Hawaii and West Virginia, as well as all the hospitals run by the Indian Health Service. The VA's evolving code also has been adapted by providers in many other countries, including Germany, Finland, Malaysia, Brazil, India, and, most recently, Jordan. To date, more than eighty-five countries have sent delegations to study how the VA uses the program, with four to five more coming every week.

***

Proprietary systems, by contrast, have gotten a cool reception. Although health IT companies have been trying to convince hospitals and clinics to buy their integrated patient-record software for more than fifteen years, only a tiny fraction have installed such systems. Part of the problem is our screwed-up insurance reimbursement system, which essentially rewards health care providers for performing more and more expensive procedures rather than improving patients' welfare. This leaves few institutions that are not government run with much of a business case for investing in health IT; using digitized records to keep patients healthier over the long term doesn't help the bottom line.

But another big part of the problem is that proprietary systems have earned a bad reputation in the medical community for the simple reason that they often don't work very well. The programs are written by software developers who are far removed from the realities of practicing medicine. The result is systems which tend to create, rather than prevent, medical errors once they're in the hands of harried health care professionals. The Joint Commission, which accredits hospitals for safety, recently issued an unprecedented warning that computer technology is now implicated in an incredible 25 percent of all reported medication errors. Perversely, license agreements usually bar users of proprietary health IT systems from reporting dangerous bugs to other health care facilities. In open-source systems, users learn from each other's mistakes; in proprietary ones, they're not even allowed to mention them.

If proprietary health IT systems are widely adopted, even more drawbacks will come sharply into focus. The greatest benefits of health IT--and ones the Obama administration is counting on--come from the opportunities that are created when different hospitals and clinics are able to share records and stores of data with each other. Hospitals within the digitized VA system are able to deliver more services for less mostly because their digital records allow doctors and clinics to better coordinate complex treatment regimens. Electronic medical records also produce a large collection of digitized data that can be easily mined by managers and researchers (without their having access to the patients' identities, which are privacy protected) to discover what drugs, procedures, and devices work and which are ineffective or even dangerous. For example, the first red flags about Vioxx, an arthritis medication that is now known to cause heart attacks, were raised by the VA and large private HMOs, which unearthed the link by mining their electronic records. Similarly, the IT system at the Mayo Clinic (an open-source one, incidentally) allows doctors to personalize care by mining records of specific patient populations. A doctor treating a patient for cancer, for instance, can query the treatment outcomes of hundreds of other patients who had tumors in the same area and were of similar age and family backgrounds, increasing odds that they choose the most effective therapy.

But in order for data mining to work, the data has to offer a complete picture of the care patients have gotten from all the various specialists involved in their treatment over a period of time. Otherwise it's difficult to identify meaningful patterns or sort out confounding factors. With proprietary systems, the data is locked away in what programmers call "black boxes," and cannot be shared across hospitals and clinics. (This is partly by design; it's difficult for doctors to switch IT providers if they can't extract patient data.) Unless patients get all their care in one facility or system, the result is a patchwork of digital records that are of little or no use to researchers. Significantly, since proprietary systems can't speak to each other, they also offer few advantages over paper records when it comes to coordinating care across facilities. Patients might as well be schlepping around file folders full of handwritten charts.

Of course, not all proprietary systems are equally bad. A program offered by Epic Systems Corporation of Wisconsin rivals VistA in terms of features and functionality. When it comes to cost, however, open source wins hands down, thanks to no or low licensing costs. According to Dr. Scott Shreeve, who is involved in the VistA installations in West Virginia and elsewhere, installing a proprietary system like Epic costs ten times as much as VistA and takes at least three times as long--and that's if everything goes smoothly, which is often not the case. In 2004, Sutter Health committed $154 million to implementing electronic medical records in all the twenty-seven hospitals it operated in Northern California using Epic software. The project was supposed to be finished by 2006, but things didn't work out as planned. Sutter pulled the plug on the project in May of this year, having completed only one installation and facing remaining cost estimates of $1 billion for finishing the project. In a letter to employees, Sutter executives explained that they could no long afford to fund employee pensions and also continue with the Epic buildout.

***

Unfortunately, billions of taxpayers' dollars are about to be poured into expensive, inadequate proprietary software, thanks to a provision in the stimulus package. The bill offers medical facilities as much as $64,000 per physician if they make "meaningful use" of "certified" health IT in the next year and a half, and punishes them with cuts to their Medicare reimbursements if they don't do so by 2015. Obviously, doctors and health administrators are under pressure to act soon. But what is the meaning of "meaningful use"? And who determines which products qualify? These questions are currently the subject of bitter political wrangling.

Vendors of proprietary health IT have a powerful lobby, headed by the Healthcare Information and Management Systems Society, a group with deep ties to the Obama administration. (The chairman of HIMSS, Blackford Middleton, is an adviser to Obama's health care team and was instrumental in getting money for health IT into the stimulus bill.) The group is not openly against open source, but last year when Rep. Pete Stark of California introduced a bill to create a low-cost, open-source health IT system for all medical providers through the Department of Health and Human Services, HIMSS used its influence to smash the legislation. The group is now deploying its lobbying clout to persuade regulators to define "meaningful use" so that only software approved by an allied group, the Certification Commission for Healthcare Information Technology, qualifies. Not only are CCHIT's standards notoriously lax, the group is also largely funded and staffed by the very industry whose products it is supposed to certify. Giving it the authority over the field of health IT is like letting a group controlled by Big Pharma determine which drugs are safe for the market.

Even if the proprietary health IT lobby loses the battle to make CCHIT the official standard, the promise of open-source health IT is still in jeopardy. One big reason is the far greater marketing power that the big, established proprietary venders can bring to bear compared to their open-source counterparts, who are smaller and newer on the scene. A group of proprietary industry heavyweights, including Microsoft, Intel, Cisco, and Allscripts, is sponsoring the Electronic Health Record Stimulus Tour, which sends teams of traveling sales representatives to tell local doctors how they can receive tens of thousands of dollars in stimulus money by buying their products--provided that they "act now." For those medical professionals who can't make the show personally, helpful webcasts are available. The tour is a variation on a tried-and-true strategy: when physicians are presented with samples of pricey new name-brand substitutes for equally good generic drugs, time and again they start prescribing the more expensive medicine. And they are likely to be even more suggestible when it comes to software because most don't know enough about computing to evaluate vendors' claims skeptically.

What can be done to counter this marketing offensive and keep proprietary companies from locking up the health care IT market? The best and simplest answer is to take the stimulus money off the table, at least for the time being. Rather than shoveling $20 billion into software that doesn't deliver on the promise of digital medicine, the government should put a hold on that money pending the results of a federal interagency study that will be looking into the potential of open-source health IT and will deliver its findings by October 2010.

As it happens, that study is also part of the stimulus bill. The language for it was inserted by West Virginia Senator Jay Rockefeller, who has also introduced legislation that would help put open-source health IT on equal footing with the likes of Allscripts and Microsoft. Building on the systems developed by the VA and Indian Health Services, Rockefeller's bill would create an open-source government-sponsored "public utility" that would distribute VistA-like software, along with grants to pay for installation and maintenance. The agency would also be charged with developing quality standards for open-source health IT and guidelines for interoperability. This would give us the low-cost, high-quality, fully integrated and proven health IT infrastructure we need in order to have any hope of getting truly better health care.

Delaying the spending of that $20 billion would undoubtedly infuriate makers of proprietary health software. But it would be welcomed by health care providers who have long resisted--partly for good reason--buying that industry's product. Pushing them to do so quickly via the stimulus bill amounts to a giant taxpayer bailout of health IT companies whose business model has never really worked. That wouldn't just be a horrendous waste of public funds; it would also lock the health care industry into software that doesn't do the job and would be even more expensive to get rid of later. As the administration and Congress struggle to pass a health care reform bill, questions about which software is best may seem relatively unimportant--the kind of thing you let the "tech guys" figure out. But the truth is that this bit of fine print will determine the success or failure of the whole health care reform enterprise. So it's worth taking the time to get the details right.