Community OpenClinica Meetup in Vienna April 17th!

In the time leading up to the OpenClinica Global Conference, we are able to organize some small events outside of the USA.

We’d like to hold an informal meetup for all interested users of OpenClinica in Vienna Austria, April 17th 2012, 7pm-9pm, at the Starbucks Bräunerstraße. For a full address and map, please click here.

The agenda is currently open – we’d like for everyone to come with their own ideas, opinions and stories and be ready to share. From the OpenClinica LLC side, Tom Hickerson will be organizing the event, and if you have any questions or suggestions, please get in touch with him through thickerson -at- You can also leave a comment below, or at our LinkedIn page!

Thoughts on Code: OpenClinica and Open Standards with CDISC

One of the strengths of open source is the ability to open up the code base and learn by reading and doing, that is, the transparency of the code base allows everyone to get involved. However, the barrier to entry can be the complexity of the code itself; without a qualified guide, you can get ‘lost in the code jungle’ pretty quickly.

Welcome to our code

With that in mind, we are starting today to author blog posts about the OpenClinica code base, including topics like how the code is organized, what the code does, and so on. A lot more detail on this can be found on the OpenClinica Developer Wiki, but these posts, viewed as a whole, can be seen as a gentle introduction, before interested parties start to dive deeper.

When we began to design OpenClinica, we had very few requirements, but the desire  to create a fully-featured database for clinical data, aligned with open standards, making use of the best technology available. Call it the ‘tyranny of the blank page’, if you will. Every start-up faces it. Where do you start? What’s the plan? How do you build it, and what do you build first?

Luckily for us, we could use an open standard to base our schema, and our code, on top of; the CDISC ODM.

What’s a CDISC ODM?

The Operational Data Model, or ODM for short, is a standard published by the Clinical Data Interchange Standards Consortium (CDISC), and is “designed to facilitate the archive and interchange of the metadata and data for clinical research”, as it states in their website. This is a standard which is designed to a) hold metadata about a Study and all Events contained within a given Study, and b) hold Clinical Data which has been collected for a given Study. All of this information is held in XML, which is a very useful format for exchanging between sites, labs and institutions.

Figure 1: Study Metadata and OpenClinica

In the above image, you can see an XML file on one side using CDISC ODM and on the other side, an OpenClinica database. Inside the database are tables that map directly to different objects described in the XML. You’ll notice that the tables associated with study metadata also have a column called ‘oc_oid’, which are the Object Identifiers we use in all aspects of the OpenClinica application.

Figure 2: ODM Clinical Data and OpenClinica

In the second image, you see that the latter half of the XML file (the part  contained in the <ClinicalData> tags) also links to specific tables in the OpenClinica database. Since we link back to the Study metadata through those OIDs, we don’t use OIDs in those tables, but instead the conventional methods of primary keys and foreign keys in the database is good enough.

OK, so they map. But where’s the beef?

Of course, the ODM XML in the images is rather simple, and does not capture the full capability of the metadata that can be passed back and forth between different ODM data sources. For a longer example, you can take a look at the following XML, which defines the Rules governing a single Item:

Sample ItemDef in CDISC ODM XML

As you start to piece together the XML in the above example, you’ll see that not only can you define the Question in multiple languages, but you can specify which measurement it is using and what kinds of values you can accept.  The XML standard is extensible enough to add other pieces of information as well, including coded lists, data types, and so on.  More information can be found at XML4Pharma’s page entitled, ‘Using CDISC-ODM in EDC.’

In future posts, we hope to describe more about the code base, and show how it all comes together as a full-featured application. If there are topics that are of specific interest, we hope you’ll comment below and let us know what you’d like to see here in the coming months.

OpenClinica on Twitter!

Chances are, you have heard of Twitter, the micro-blogging service that has become wildly popular. In every sphere, including the life sciences, Twitter has attracted a large and diverse audience. OpenClinica now operates its own Twitter account (@OpenClinica) since late spring, and in that time we’ve used it to connect with users, reach out to new people, and circulate relevant content from around the Web.

twitter on flickr

Among the people we now follow on Twitter, we have:

We invite you to follow us there and also follow us on our LinkedIn group, where we can start new conversations and continue old ones.

Three Impossible Things

Sometimes I’ve believed as many as six impossible things before breakfast.”
– Lewis Carroll

So, the first half of November has felt a lot like before breakfast at Lewis Carroll’s house.  We could have universal health care by next yearGenes now account for a very small part of the human genome, a contrary view to what scientists previously thought.  And yes, we have elected our very first African-American President.

President-Elect Obama is dedicating part of his administration to health care – this is no surprise (every President does) – and is bringing with him a wave of optimism, which is apparently changing the face of health care even before he enters office.  As Edward Kennedy writes in the Nov. 9th Washington Post article entitled “Health Care Can’t Wait”:

Another good omen occurred in 2006 in Massachusetts, when businesses and workers, insurance companies and patients, Democrats and Republicans came together on a practical solution for the state. Since that solution was enacted, Massachusetts has expanded coverage to more than three-quarters of the state’s uninsured; the state now has far and away the nation’s lowest proportion of medically uninsured people. As a result of the large increase in enrollment, insurance premiums have dropped significantly. ….

President-elect Barack Obama has issued a clarion call for action on health care. His practical and thoughtful proposals draw from our Massachusetts experience and add important measures to improve quality and reduce costs. His plan includes crucial investments in modernizing the use of information technology in health care. He calls for a new emphasis on prevention and wellness, because the best way to treat a disease is to prevent it from striking.

Those of us who are working on OpenClinica look forward to the change ahead and its possible implications for Health IT.  Akaza Research is currently working on the next release, which will include the latest in open-source Java frameworks, Hibernate and Spring.  We are working on new ways to incorporate OpenClinica into other applications and frameworks, through an API.  You can read more about our plans in the wiki roadmap, posted here.

In short, we are really amazed at what we’ve accomplished this month.  Let’s keep the momentum rolling.

Clinical Research and the Cloud…two great things that don’t go together (yet).

Cloud computing seems to have become the best thing since sliced bread for most startups. With the arrival of Amazon Web Services and Google Apps, we have seen the rise of “pay-as-you-go, on-demand basis” for all aspects of IT infrastructure, including storage, servers, and processing speed. Already several startups have bet the farm on the cloud to pay off (Heroku is one example, joined by Twitter, SmugMug, and Scribd). Bigger players have also banked on cloud computing: Apple’s MobileMe service is the most recently cited example of working with consumers in the cloud.

Earlier this month, I read a post over at GigaOM entitled “10 Reasons Enterprises Aren’t Ready to Trust the Cloud“. The article busts through a lot of the gee-whiz aspects of cloud computing and brings us back to reality. Some of the points the article makes include:

  • Security – this is the big issue. The article even goes so far as to mention HIPAA by name, since it is that important for PHI, including clinical data.
  • Lack of auditing – another big issue, especially in the clinical trials space.
  • Reliability – what happens when it goes down? More on that issue in a moment.
  • It still has to exist on a server somewhere – what are the legal complications of hosting PHI in a server farm that could be in say, Russia?
  • And oh yes, it still has to be fast – as the article says, “the need for speed still exists” in companies, and not all of the cloud can address that issue.

This piece was eerily prescient, because after I started a draft of this post, Amazon E3 went down, taking with it several Web 2.0 startups, including the aforementioned Twitter, Scribd, and SmugMug. This is the second big failure this year for them, so Amazon’s cloud computing is definitely starting to get bit by the ‘reliability bug’. It’s worth pointing out that this is not the first time we’ve been taken with technology that operates on a cloud-like principle that blew up in our faces, as one blogger points out the linkage between Amazon in 2008 and Bell Systems’ failure in 1990.

So where do we go from here? Cloud computing is definitely becoming a huge trend for the enterprise, but not ‘prime time enough’ for something as mission-critical as clinical data. As an aside, our hosting plan is entirely under our own control and nothing is given up to an external system for reasons which are now painfully obvious. However, the most recent announcement by HP, Yahoo and Intel to launch the Cloud Computing Test Bed is proof that all is not lost when you bet on the cloud.

But the clouds will keep on rolling, and we, we’ll keep on watching (underneath an umbrella).

PS – Apparently, MobileMe hasn’t been doing so well either. So, if we ever do cloud computing in the future, we’ll have lots of mistakes to learn from.

PPS – A pair of passionate posts on Cloud Computing have been written recently by Hugh of Gapingvoid fame: they are here and here: “We’re potentially talking about a multi-trillion dollar company. Possibly the largest company to have ever existed.” He certainly sparks up the idea more than I have.

And in Hardware News…

Coming soon to a piece of medical equipment near you: Storage maker SanDisk is making “Write Once Read Many” (WORM) SD Cards for forensic applications, but also for uses including ‘Medical devices which retain individual patient treatment data’ and ‘Personal digital assistants (PDAs) and similar devices used by physicians and other health-care professionals to track patient interactions’. This could easily be slipped into a ‘netbook’ and be the access point for an OpenClinica CRF library, or a set of ODM-based data to upload. Something to look out for in the future, to be sure.

Will the New PHR Gorillas Embrace HIPAA? Taking a cue from clinical research

In April, the WSJ’s Health Blog pointed to an article that asserted that Microsoft and Google were not ‘covered entities’ under the HIPAA patient-privacy law.  Something more interesting than the article itself (from the New England Journal of Medicine), a link in the comments lead to this post, which mentions that insurance company Aetna is also getting into the PHR-management market, with its own systems.  In short, we are beginning to see large corporations grow into the health space with offers to log and store Patient Health Records (PHRs) on internal or external systems.

Great news for the shareholder, you might ask, but what’s this got to do with clinical research?  What’s this got to do with open solutions or clinical trial software?  OpenClinica was originally devised to cover all points of HIPAA, and because of that the amount of personally identifiable information is minimal, and can be removed entirely.

Without proper oversight and auditing, however, these large systems could easily turn into a headache for the end-users, which in Google’s case is the Cleveland Clinic, and in Microsoft’s case is the Mayo Clinic.  Both are large clients with a lot of important PHI.  OpenClinica, in its drive to be HIPAA compliant, also created a set of audits on its database, keeping track of who changed what parts of the clinical research data inside it. 

Microsoft’s HealthVault site has certainly received lots of accolades, and, while the Google Health announcement is not much more than a blog post itself, both pages have something in common; they both state that they are committed to the users’ privacy without ever mentioning HIPAA.  Here is hoping that they are holding themselves to a higher standard.

Portability: the next frontier in electronic data capture?

Recently, the company Clinical Ink announced their upcoming software release.  Using tablet PCs with proprietary software, they will allow EDC to take place on digital tablets “that retain the look and feel of traditional paper data collection forms.”  This sounds familiar, as we’ve been working on the same thing with our CRF templates to load form metadata into OpenClinica.

Also recently, George Laszlo blogged about the Nextrials Prism system, as seen through the Apple iPhone.   Boston-based PHT is porting their patient diary software to the Samsung Ultra Mobile PC.

Of course, the common thread here is portability.  Everyone wants their electronic data capture app to work in real-time, where the doctor is, where the patient is.  Which is, in effect, changing the game for applications in terms of user interface and the ability to run in a portable environment.

The thing about portability is that it’s not just a closed-sourced game; Apple is releasing their SDK for developers to work on their own apps for the iPhone.  Google is in the process of hyping their Android project together with the Open Handset Alliance, which is an open and free mobile platform.

In short, OpenClinica has several options for becoming a portable competitor to the above; since it runs in Java, its “write once run anywhere” architecture allows it to run on different OSes.  Since it runs through a web browser, users can already set it up to run through a handheld PC running a web browser.  In the future, the challenge to OpenClinica will be to evaluate the open SDKs and determine if there’s room to create a slimmed-down interface suitable for the smaller screens and simpler interfaces of the portable workforce.

eCTDs to get more important in 2008

In this past year, we worked hard to update the Electronic Data Capture facilities of OpenClinica; we also worked very hard to get OpenClinica internationalized, so that it could reach a wider audience in the OSS clinical research world.

One of the things that will be on the horizon for us now is improving data export.  And now is definitely the time for that; according to ClinPage, as of Jan 1st 2008 the FDA will accept electronic regulatory submissions in the form of the Electronic Common Technical Document (eCTD) only.

OpenClinica currently provides reports in several different formats, including the CDISC ODM format in XML, and we’ll be working to improve that over the coming months.  The change in the FDA’s standard is paving the way for all organizations, big and small, to find a way to submit documents electronically, and we hope OpenClinica will be able to play a part in providing a low-cost alternative to many organizations.  As the above ClinPage article points out:

….the major pharmas made the transition to electronic submissions years ago—in some cases, as early as the 1990s. They quickly earned a return on investments in better regulatory document systems, even though the technology was far more expensive then.

The situation is different for small pharmas and biotechs today, Perry says. They typically lack the manpower to attend to both routine regulatory work and manage the transition to a new system. He adds: “The purchase price of the system is not the obstacle. It is implementing. The smaller you are, the more desperately you need one of these, but the less people you have to implement them.”

Even as IT budgets may be getting smaller, as George Laszlo writes, the need to add the EDC system (and other systems) to an existing lab is getting bigger.  Through this blog, we hope to chart how health IT, and especially clinical research needs, can be met by implementing OpenClinica as a flexible, lower-cost solution.

A tale of two court cases: Medsphere v. Shreeve and ArsDigita v. Greenspun

In reviewing the top stories of 2007, I came across this article in InformationWeek, outlining the 10 top OSS stories of the year.  At number 9 was the story about Medsphere v. Shreeve, which was settled out of court in late October.

The lawsuit started in the summer of 2006 when the company sued the CTO for posting source code to SourceForge, which the CTO maintained was what the company wanted to do all along, pledging to open-source the code base for its medical product, called OpenVista.  After the lawsuit settled, Joel West wrote a long statement about his observations while working at Medsphere, and that he was dreading a subpeona during the entire affair.  Something he wrote caught my eye:

Even if the lawsuit is over, IMHO this sordid mess leaves the VCs with a permanent black mark. From 2002-2006, they invested $12 million in a company whose strategy was always to release open source, and then they wholeheartedly backed the decision both to fire the officers who released open source and to sue them. Were the investors (Azure Capital, Thomas Weisel, Wasatch) incompetent in not knowing what an “open source company” meant? Did they panic when deployments ran behind schedule?

This reminded me of another case about VCs not getting the point of open source: ArsDigita v. Greenspun.

ArsDigita Corp started its business in the 90’s and pioneered software-as-a-service, giving away its ArsDigita Community System software for free while charging for support and services.  They were one of the first companies to do such a thing, and made money doing it, which of course attracted investors.  They eventually closed a round of funding with Greylock and General Atlantic Partners, and hired an outside CEO to replace the founder, Philip Greenspun.

Take a look at Philip’s story about ArsDigita: From Start-up to Bust-up, that includes the following quote.  Compare and contrast; the VCs together with the CEO were also out of touch, and were, consequently running the company into the ground.

We started aD slowly and carefully. We ran it profitably. We placed small bets. We handled money conservatively (though we tried to give the appearance of wildness and fantastic prosperity to the outside world there is actually nothing extravagant about having a fancy beach retreat for a team of programmers that is excited and working 6 days/week, 12 hours/day). We made sure that we were working as hard as teams at Microsoft and startup companies.

By contrast, Allen, Greylock, and General Atlantic presented us (Common shareholders) with a strategy of “here’s this spreadsheet that shows us going bankrupt in one year unless a big stream of license revenue starts coming in.” And, oh yes, the revenue would be coming from a product that had never been built, purchased by customers to whom we’d never sold anything.

Do these kinds of risks bother venture capitalists? Having a first-time CEO with zero experience in the industry? Staking everything on a to-be-finished software product?….We never signed up for this kind of risk and we don’t have substantial other investments. I put 8 years of my life into ArsDigita Community System. Jin put in 4 years. We would be unhappy to see the company spend through its accumulated profits plus $38 million in capital merely so that three guys in suits could learn a little something about what it is like to run a software products company.

While there are similarities, there are also differences.  A number of bloggers weighed in on the Medsphere case, but this one interview with Fred Trotter certainly nailed down the legal implications of the decision:

This is not about whether your CEO approves a release. Medsphere’s lawsuit, if successful, would mean that any FOSS developer would need to have proof that such an approval took place. Suppose you meet your boss in the hallway and he says: “We just decided that we will be releasing X, go ahead and post it to SourceForge”. If the “Medsphere precident” were in place, you would be foolish to actually follow this directive. There would be no proof that the conversation ever took place….Apparently Medsphere holds that only way that you could be certain that you, as a FOSS developer, would not be held liable for a release that you performed for your company would be some form of unambiguous two-way communication, in a format that provided for non-repudiation. That means either a signed paper letter, or a cryptographically signed email from the CEO. (You would need to make sure that you printed the email, in case you lost access to your company email address).

Whereas the ArsDigita case was merely about control of the company, the Medsphere case, if it had continued, would have impacted how all OSS developers release source code to the public Internet.

After ArsDigita settled with Philip, the company closed its doors after seven months.  Medsphere is up and running, but looking for a new CTO.  Since they took less money from VCs, they might still have a fighting chance to come back after the lawsuit, so let’s keep hoping that it can clean up its act and make good on delivering what it calls “professional open source”.