by Matthew McCall
At Amida, we love writing open-source software; in fact, it is an unshakeable part of our ethic. We have freely available code ranging from production-grade parsers for medical records to prototypes for personal health records (PHRs). We do practically all of our coding in the open (with documentation, of course), so that you can see our current projects and work streams at any time. Our code is publicly available on GitHub.
For a startup, or really any for-profit company, this seems counterintuitive. What keeps someone else from stealing your code and competing with you? The answer is, of course, “Nothing!” — and that’s a good thing. Here’s why:
It’s way too dangerous to go it alone!
The issues in healthcare interoperability are simply too big for one company to solve on their own. For example, look at the Certified Health IT Product List (CHPL) for Meaningful Use. There are over 2,000 different offerings, and that’s just the tip of the iceberg; thousands of different data sources exist, each with their own formats and nuances. Writing open-source code encourages developers to collaborate freely, allowing them to address more and more of these formats. Sharing resources benefits the entire healthcare technology community.
We know that our open-source libraries provide a resource and foundation for other companies. It helps them grow, sure, but it also helps our libraries become more mature and stable. As the industry expands, we expect our libraries to get better and the community to grow larger.
We want our code to speak for itself.
When it comes to development, nothing speaks more loudly than working code. We strive to produce well-tested and cleanly written software, using Test Driven Development and Continuous Integration to ensure quality. Open-source allows us to freely demonstrate that in any discussion — with a client, potential employee, or community member — without worrying about what they can do on their own, or what they’ll steal. Rather than having theoretical discussions about technology and approaches to development, we can point to our code, and use it as a reference and guide, and “leave it behind”. As a result, our conversations are typically more structured and practical, which is already a better outcome.
There are two things we believe at Amida:
· “Given enough eyeballs, all bugs are shallow” — Linus Torvald
· “Security through obscurity is no security at all”
In healthcare, security is absolutely critical. There are stiff legal ramifications for leaks of HIPAA-protected data, and once data is leaked, there is no way to un-leak it. Writing open-source code puts more ‘eyeballs’ on our software, permitting us to more rapidly detect and rectify security vulnerabilities before they get exploited. I’ve personally seen this work with VistA, the Department of Veterans Affairs Electronic Health Record, where the open-source community at OSHERA found a critical vulnerability and worked with the VA to resolve it before patient records were compromised. By making the coding process transparent, we all sleep a little better at night.
Give a penny, take a penny.
We use open-source code whenever possible at Amida; it saves us incalculable amounts of time and money. With the explosion of Github users and the ecosystem of packages available, we can rapidly build solutions without stopping to solve problems others already have fixed. By contributing our code, we hope that the tools we build will help others. It’s about being an active part of a community, not just reaping the benefits of it. Open source promotes a collaborative environment that ultimately helps us tackle problems in healthcare more efficiently and effectively.
At Amida, the benefits of being open source far outweigh the possibility that someone will take our technology and poach our customers. There are just too many problems in healthcare to solve, and not enough people to solve them. Rather than restrict access to life changing, even life saving software, we think it is more responsible and ultimately more profitable to make the tools available to anyone who can use them, and we make our money tuning, configuring, installing, and running them. We’ll always have a competitive advantage as long as customers believe that the folks who wrote the software know it best, so they’ll trust us more to make it work in their environment.
That’s a win for everybody, especially patients.