CDC's new sense of purpose

National concerns about bioterrorism have vaulted the Centers for Disease Control and Prevention, once a behind-the-scenes agency, to the front lines of homeland security.

In the past two years, CDC has been given a new job description, shifting it from an agency known for researching and reporting diseases to one charged with protecting the nation from bioterrorism. With this mission shift, it has invested in information technology systems to link public health organizations so they can detect, analyze and respond to an outbreak.

CDC officials "have been pushed to respond," said retired Brig. Gen. Klaus Schafer, a former assistant surgeon general for the Air Force and senior vice president of business development for Washington, D.C.-based Compressus Inc., which developed a disease-surveillance solution for hospitals. "They were never an operational organization. They were much more academically focused. Now all of a sudden, they are at the pointy end of the spear to respond to all these incidents."

CDC has always been a resource for information about diseases, but the Sept. 11, 2001, terrorist attacks and subsequent anthrax-laden mailings brought a sense of urgency to health data and put new pressure on the agency to report information immediately, according to James Seligman, CDC's chief information officer. "We never really viewed ourselves as a direct interface with the public," he said. "Our goals were not to usurp the roles of local health departments."

CDC has been in the business of responding to disease outbreaks for 50 years, he added, and has always been prepared to deal with the next crisis to a certain extent. Now, though, the agency has "a degree of readiness," Seligman said. "There is no end state."

Rapid Ramp-up

But in October 2001, CDC officials found the agency underfunded and without the information-sharing systems necessary to fulfill its crucial new role. Public health officials were not able to electronically exchange information with one another, and cultural and confidentiality issues made fighting a potential bioterrorism attack even more difficult.

"I think we did a spectacular job with what we had," said John Loonsk, CDC's associate director for informatics, "but we didn't have what we needed."

Mary Selecky, president of the Association of State and Territorial Health Officials and secretary of the Washington State Department of Health, said the public health system has made strides to improve communications. A case in point: CDC's response to the severe acute respiratory syndrome (SARS) outbreak. Throughout the SARS situation, CDC's Health Alert Network provided notification and information to public health professionals nationwide, she said.

"We are in touch," Selecky said. "We are sharing information. I am incredibly impressed with the speed [with which] we were getting up-to-date information on SARS.

"Public health has been on the front page since the anthrax incidents," she added. "We've been so caught off guard [because] we weren't investing in public health."

Public health officials continue to express confidence in CDC and are particularly supportive of the agency's ongoing efforts to link local health professionals with one another, said Georges Benjamin, executive director of the American Public Health Association. "I think the confidence level is pretty high," he said. "They've been working nonstop since Sept. 11. There's a fundamental mind shift to deal with emergencies in an immediate time frame, rather than a deliberate, methodical manner. Now there is an urgency in our work."

That urgency is reflected in increased funding for IT during the past couple of years. Out of a fiscal 2003 budget of $7 billion, CDC earmarked $550 million for IT, Seligman said. Of that, $310 million is for internal agency systems and $240 million is in the form of grants to help states develop standards-based IT.

Five years ago, CDC didn't give states money for IT except as part of a program package such as the Health Alert Network, which provided grants to boost states' Internet connectivity, Seligman said. And in fiscal 2001, only $123 million was allocated for IT spending.

The increase can be attributed to a desire to send more IT money to states and a clearer definition of IT spending, he said.

Funding was traditionally awarded along disease lines, such as cancer or West Nile virus. Therefore, stand-alone systems were built based on specific diseases, Seligman said. Each of CDC's 12 major business lines has its own organization and IT systems.

Officials with CDC's National Electronic Disease Surveillance System started looking at funding programs more holistically two years ago. NEDSS brings together state and local reporting of almost 100 diseases into one standards-based system, which allows public health officials to report disease data in real time, provides a broad picture of possible outbreaks and facilitates responses.

Much of CDC's attention has turned to developing systems that prepare public health officials to deal with a bioterrorism attack, but for the systems to work in a crisis, officials must use them every day. NEDSS was designed for daily reporting so officials could recognize not only bioterrorism attacks, but also an increase in flu or West Nile virus cases.

"We're trying not to stovepipe [bioterrorism] as we traditionally stovepiped other disease systems," Seligman said. "To spend a lot of money on systems that sit idle the vast amount of time is not a good investment."

CDC's strategy with NEDSS signaled a change in the way the agency does business, said Jim Klein, a vice president and research director at Gartner Inc.

"They took a very different, pragmatic approach to NEDSS," he said. "They said, 'We know there's not a lot of automation and we need to very quickly roll up information as fresh as we possibly can.' "

When developing the disease surveillance network, CDC officials realized that few local health professionals were adhering to health-reporting standards. Therefore, rather than creating new standards and requiring health providers to follow them, CDC drew on existing industry standards, such as Health Level 7 messaging, and further specified how they should be used. The standards allow health care providers to exchange data electronically, eliminating the need for paper faxes.

"They put in place something that people can step up to," Klein said. "It doesn't require them to throw out their information systems."

The added step of entering data into the system after a diagnosis presents a further challenge. For NEDSS to be successful, it must eventually be incorporated into physicians' routines, said Claire Broome, senior adviser to the director for integrated health information systems at CDC.

"Doctors are busy people," she said. "They don't necessarily think reporting is their No. 1 priority. We're trying to move the system from where a health care professional has to do something to report a disease to an automatic reporting from data sources."

Hospitals and clinics have two options for connecting to NEDSS. They can use the NEDSS Base System, provided by CDC and developed with Computer Sciences Corp. Six states have deployed Version 1.0 of the system, and 21 more will adopt Version 1.1, scheduled for release at the end of the month. The other option is for facilities to create their own systems based on CDC's standards, Broome said.

"You can't be assured that one size fits all," Selecky said.

Pennsylvania's version of NEDSS was the first fully integrated system in the country when it was brought online in July 2002, according to state public health officials. Using CDC's conceptual model, they created their own solution.

"The users are beginning to see the value of it," said Mary Benner, director of the IT bureau at the Pennsylvania Department of Health. "They are using it to improve their workflow."

NEDSS is a key part of CDC's Public Health Information Network (PHIN), a framework for consolid- ating the agency's IT projects into one overall structure.

PHIN would receive a $10 million funding boost in the proposed fiscal 2004 budget. It is designed to enable state, local and federal public health officials to share diagnosis data in real time. Although the network has its own initiatives, it serves as an umbrella for various public health IT projects. Encompassing several key IT initiatives, it supports disease surveillance, data analysis, emergency alerts and response management.

Beyond Diseases to Environmental Health

A bioterrorism attack could take the form of a chemical spill or environmental hazard. So CDC officials are looking beyond infectious-disease surveillance to the environment to prepare for possible attacks. The agency's National Center for Environmental Health had been developing technologies to detect and respond to environmental hazards such as toxic spills, but in the past two years, officials hastened to enhance the systems to support rapid collection during an environmental crisis.

"Our systems require this immediacy to get data fast," said Nabil Issa, associate director for the center's health informatics office. "Now, with [bioterrorism], data has to be collected and processed and disseminated right away."

A system is being finalized that will enable health officials and first responders to access geographic information that can help in their response to a bioterrorism attack. For example, health officials dealing with a chemical spill in a river will be able to use the system to view maps of the area and locate nearby schools and population concentrations along the river. First responders can quickly assess the situation and determine the appropriate use of resources.

The system's final phase is called the Spatial Epidemiology and Emergency Management system. It draws on CDC's repository of environmental spatial data, which includes census data, maps, aerial and satellite photos, and locations of landmarks such as schools and hospitals.

The system encompasses a geographic information system architecture, to be completed in early December, aimed at bringing maps and geospatial data to emergency workers and epidemiologists in the field. The architecture includes three systems for access by first responders and health officials familiar with geographic information and for publishing general geographic information.

"We must think of our technology as being usable by those who can make the best use of it," Issa said.

He added that the agency had been developing those systems, but the terrorist attacks two years ago sped up the process. "It really changed the emphasis from data collection and reporting to online, interactive knowledge systems. It pushed us in a direction the CDC was heading," he said.

CDC was built to respond to health emergencies and has a culture based on humanitarian philosophies, Seligman said, so the transformation to being a frontline agency in the fight against bioterrorism has been somewhat natural. CDC has also tended to stay near the cutting edge of technology in supporting its scientific and research mission, he said, which has helped officials avoid the cultural issues that can hamper the adoption of new technology.

"It's about getting smarter and leveraging new technologies that were not available five and 10 years ago," Seligman said.

***

A multipronged approach

The Centers for Disease Control and Prevention is developing or expanding numerous systems to improve the flow of information in the public health community. Key systems include:

Public Health Information Network — PHIN represents the overall coordination of data exchange among public health organizations. It brings together the information technology initiatives for coordinated detection, analysis and response to diseases.

Health Alert Network — Started in 1999, HAN establishes an integrated network by increasing Internet connectivity at state and local levels.

National Electronic Disease Surveillance System — NEDSS relies on state and local disease surveillance and electronic lab reporting to identify and respond to outbreaks.

Epidemiology Information Exchange — A secure Web site developed in December 2000, Epi-X provides a forum for health professionals to instantly notify others of research or an outbreak, create reports on specific health topics and track information.