Addressing Challenges with Interoperability
Addressing Challenges with Interoperability
The usage of technology has become ubiquitous in all health care spheres since the turn of the present decade. Health care facilities have embraced the usage of this phenomenon to ensure that patient data is shared seamlessly across difference geographical locations, systems and departments within a hospital. At the core of the implementation of health care interoperability is the electronic health record system. The interconnectedness of this system makes it easier for various stakeholders within the health care sphere to access and share pertinent patient data during assessment and treatment processes. However, even with the adoption of this interconnected network to enhance sharing of patient information and generally improve the quality of care, challenges still abound in the usage of such systems. Appreciating these challenges thus becomes an important aspect of seeking solutions in order to make interoperability a reality in health care. To this end, the present paper will identify an interoperability challenge, identify the root cause of the same using workflow structure, and then offer a workable solution to it using evidence-based literature.
Identification of the Problem
Addressing Challenges with Interoperability
The issue of patient billing has experienced some avoidable technicalities as regards health care interoperability within hospital settings. One of the most affected aspects of the entire process involves health care billing. During one of my nursing care shifts at the intensive care ward, I wanted to bill a patient using the hospital’s EHR database system. As with all other hospitals, the final billing of critical care cases entail recording the entire supplies utilized during the treatment process, which may involve surgical supplies (Kohler, 2015). The availability of such information helps in summing up the bill accrued by a patient upon their discharge or, in unfortunate cases, death. However, when pulling out the information on the list of surgical supplies used by the patient, I experienced a delay that lasted forever without resolving. When the IT technician was summoned, she could not resolve the issue only to later identify that a security breach of the system had occurred.
A further analysis of the issue revealed that the entire database hosting patient information had been
Addressing Challenges with Interoperability
compromised. As a consequence, over one hundred and fifty patient files had gone missing from the database. This had impacted several health care personnel, from nurses, to physicians to pharmacists, who could not prescribe drugs while the former personnel could not perform their duties on these patients as pertinent information regarding their conditions was missing. Thus, essentially, the workforce at the facility could not treat or care for the patients at various levels due to missing data concerning their medication dosages, the evaluation of progress, and even prescription of new drug regimen at the facility due to the system breach.
Analysis of Workflow and Structure Associated with the Security Breach
The diagnosis of the issue revealed the existence of a malware at the hospital’s EHR system’s central server unit. Apparently, a hacker had compromised the multi-patient monitors for the entire patient registry and deleted certain files belonging to the 150 patients that were affected. The anonymous hacker achieved this through the introduction of a malware into the system (Rezaeibagha, Khin & Susilo, 2015). However, the normally active events-drive alerts did not work as the hacker had disabled it prior to accessing the system. The coding of the malware had been done such that it was instructed to coordinate the execution of workflow commands from the intensive care wards to the principal server at the facility’s records unit minus compromising data from other wards. As a consequence of this omission in the attack, it was not easy to detect that the files from the intensive care wards had been compromised since the hacker deployed the virus into the hospital’s EHR workflow management system.
Moreover, the notification alerts did not occur as the hacker had disabled it enabling the malware to become integrated into the HER management system related to the intensive care ward patients as initially stated. Whereas the possibility of a human handler integrating the malware into the system was high, the system was already vulnerable to attacks since it was operating on a public network (Friedman, Parrish, & Ross, 2013). The usage of this network was such that the integration of the systems between different departments from the central server unit could occur seamlessly. Further, such an arrangement made it easier for EHR’s Application Programming Interface vendors to readily exchange data between disparate systems. In this facility, audit trails concerning data from the intensive care unit are not difficult to undertake as the on-premise systems housed the data maps at a central point. However, the detection of the hacker did not occur as they appeared well-versed with the system.
Recommended Solution to the Security Breach
In most cases, problems occurring as a result of security breaches can be resolved through the Root Cause Analysis kit. The principle behind the working of the tool is enveloped in its capacity to ensure that workflow systems run unhindered and identify hazards along the EHR interoperability system. Vernier (2015) revealed that the root cause analysis tool kit was successfully applied in coordinating the structures of hospitals for purposes of anticipating potential challenges in patients’ published accounts by the infection control teams (ICTs). A study by Franoic et al. (2018) also revealed that root cause analysis ensures patient safety is guaranteed in hospitals through preventing malicious incidences such as hacking when applied in hospital HER systems. Bowie, Skinner, and de Wet (2013) also conducted a study, which revealed that training health care professionals in root cause analysis helps in the identification of issues that could jeopardize the safety of patients hence preventing disasters.
Conclusion
Therefore, whereas hospitals have adopted technologies such as EHR into their system, the interoperability of such systems has some challenges. Issues such as security breaches have dogged them making it important to seek for solutions. According to studies, conducting a root cause analysis could help health care settings prevent future happenstances of these challenges.
References
Bowie, P., Skinner, J., & de Wet, C. (2013). Training health care professionals in root cause analysis: a cross-sectional study of post-training experiences, benefits and attitudes. BMC Health Services Research, 13(1), 1–10. https://doi.org/10.1186/1472-6963-13-50
François, P., Lecoanet, A., Caporossi, A., Dols, A.-M., Seigneurin, A., & Boussat, B. (2018). Experience feedback committees: A way of implementing a root cause analysis practice in hospital medical departments. PLoS ONE, 13(7), 1–12. https://doi.org/10.1371/journal.pone.020106
Friedman, D. J., Parrish, R. G., & Ross, D. A. (2013). Electronic Health Records and US Public Health: Current Realities and Future Promise. American Journal of Public Health, 103(9), 1560–1567. https://doi.org/10.2105/AJPH.2013.301220
Kohler, C. (2015). Physician Practice Billing From A to Z. Brentwood, TN: HCPro, a division of BLR. Retrieved from http://search.ebscohost.com/login.aspx?direct=true&db=nlebk&AN=1133126&site=ehost-live
Rezaeibagha, F., Khin Than Win, & Susilo, W. (2015). A systematic literature review on security and privacy of electronic health record systems: technical perspectives. Health Information Management Journal, 44(3), 23–38. https://doi.org/10.1177/183335831504400304
Venier, A. G. (2015). Root cause analysis to support infection control in healthcare premises. Journal of Hospital Infection, 89(4), 331-334. France: Elsevier.