Discuss the various strategies and techniques that can be applied to mitigate potential challenges in healthcare-related information system

Discuss the various strategies and techniques that can be applied to mitigate potential challenges in healthcare-related information system

Ensuring Privacy and Security of Information. Safeguarding privacy and ensuring data security, both physical and cybersecurity are and should remain, top priorities for a health-related information system. Equally important is the need to provide appropriate protection of health information when considering and implementing policies related to the adoption of health IT and the exchange, storage, and use of electronic health information. To mitigate against any breach in privacy and security of information, an organization can apply the following five strategies.

First, it can conduct Security awareness training to educate their employees about the importance of data security. This training should consist of digital security best practices and phishing testing. The training program should address drivers of malicious behaviour to mitigate the risk of insider threats.

Second, a data-centric security strategy should be employed through which an organization develops a strategic understanding of what data they have and how valuable that data is to their operations. Once they have an idea of what information they have, organizations should protect their data by doing encryption the right way. As part of the implementation of this Control, healthcare organizations should develop a robust data backup strategy and test that strategy and their backups often..

Third, Implement Multi-Factor Authentication (MFA). Persons are quick to change login credentials following the public disclosure of a data breach. But by then, it could be too late. Many victimized organizations don’t detect a data breach (if at all) until hundreds of days later. That gives attackers plenty of time to compromise those exposed accounts before detection. Acknowledging that threat, healthcare organizations should take additional steps to shore up their users’ accounts against compromise. They can do so by following the requirements of the Center for Internet Security’s Control 4 – Controlled Use of Administrative Privileges and using multi-factor authentication (MFA) for all administrative account access. They should also encourage users to implement MFA across theirweb accounts.

Strict cloud permissions. As health care organizations increasingly migrate their workloads to the cloud, organizations need to lock down their cloud-based data.

For example, Human error has already been cited as responsible for the exposure of numerous Amazon Simple Storage Service (AWS S3) buckets. In many of those incidents, a misconfiguration was accountable for exposing the personal information of millions of customers. To such breach of data, organizations should strategically use Access control list (ACLs) to grant read/write permissions to individual AWS accounts and predefined S3 storage classes groups. Security personnel should subsequently audit those accounts and their levels of access to ensure the principle of least privilege. They should not necessarily apply default permissions to cloud-based data; but, they could choose to grant read-only access to a few system manager-specific s3 buckets.

Finally, organizations can strengthen the security of their data by patching vulnerabilities through which malicious actors could gain access to their network assets. It can be done by formulating a patch management program through which they test patches before they deploy them on their production systems. Health care organizations also they need to follow up a patch’s deployment by scanning their system to confirm that the vulnerability is no longer present. This step reveals if the patch has addressed the vulnerable components and if organizations need to take additional measures to remediate the vulnerability

Improving the Flow of Complete, Accurate, and Timely Information. To capitalize on growing amounts of data in the health care context, there must be meaningful access, subject to appropriate privacy and security safeguards, to complete, accurate, and timely data, where and when needed. However, enabling and encouraging the flow of information remains a potential challenge for a health-related information system. Several factors may impede the flow of information. These include technical barriers (e.g., lack of interoperability), the complex nature of Federal and State privacy and security laws, financial considerations (e.g., the cost of health IT acquisition), and behavioural issues such as information blocking and consumer confidence that relate to a willingness to share information to mitigate against challenges in the flow of information the healthcare systems requires to implement the following strategies.

First, healthcare organizations need to register into or employ the use of a nationwide health IT infrastructure that supports the proper flow of complete, accurate, and timely information. Furthermore, there is a need for a concerted effort to empower patients with respect to accessing their electronic health information to improve patient outcomes and health care delivery as well as social services.

Second, concerning information blocking, healthcare organizations require to establish a hotline to receive complaints concerning potential information blocking practices. Further, the healthcare organization should come together and obtain commitments from service providers to work better for patients. One of the areas of responsibility relates to avoiding information blocking. It is of paramount importance in enhancing the flow of information.

Explore the opportunities and limitations of the use of GIS and GPS in the Kenyan healthcare sector

Geographic information systems are a sophisticated form of mapping software that enables users to display input data associated with a designated project visually. Presenting data allows users to see geographical groupings of patient demographic data in a new way. Furthermore, the program enables users to run statistical tests and answer ‘what if’ questions that can arise as a result of direct or indirect changes that take place. Here are potential benefits of integrating geographic information systems in the healthcare information system.

The software offers healthcare professionals the ability to identify health-related trends and more thoroughly target healing efforts based upon those results. One example of this in action comes from the KEMRI Health Program, which utilizes geographic information systems in many of its different initiatives, including the Cancer Surveillance Program. The program assesses the demographic data, such as a home address, workplace, cancer type, and even data collected from wearable health tech of all patients entered into the system. Data is then georeferenced and mapped. Healthcare professionals can visualize the locations of patients and determine if there are clusters of specific types of cancer associated with similar working conditions or residential areas.

The role of GIS systems should not be limited simply to tracking occurrences of diseases though. One of its most compelling aspects is its ability to use geography and other inputs to identify where conditions are most likely to spread next. Data such as this can be essential to the personnel on the ground personnel to save lives because it enables them to prepare in advance for a disease and can severely limit the impact. These maps play a significant role in the management of disease outbreaks such as Ebola and measles. GIS-based maps can be created to help visualize where infected children live and the potential spread of the disease. Furthermore, it can also be used to gain a better understanding of vaccination rates to determine which locations could be hit the hardest given a severe outbreak.

GIS also has the ability to incorporate social media similarly to wearable tech. It is an excellent opportunity since it can be used to gather input data. For instance, researchers can query on Twitter for tweets indicating sickness. They used terms such as ‘flu,’ ‘influenza,’ and ‘medication’ and geographically locate where the tweet was sent. By adding this data to a GIS map, researchers were able to visualize the status of disease in Kenya for that year.

Finally, the use of GIS technology can enable community leaders and developers to work more closely with hospitals to take more substantial steps in addressing national healthcare needs. The system can help identify which neighbourhoods are in greater need of specific health services such as more rehab centres or senior care facilities. Analysis of patient demographic data can help answer these questions.

On the other hand, there are as well some disadvantages that might be experienced because of using GIS technology. And some of those are drawbacks are the following: GIS technology might be considered as expensive software because it requires expertise in various discipline to maintain. It as well requires enormous data inputs amount that is needed to be practical for some other tasks and so the more data that is to put in. Additionally, Since the Earth is round and so, there would be a geographic error that increases as you get on a larger scale. GIS layers might lead to some costly mistakes once the property agents are to interpret the GIS map or the design of the engineer around the utility lines of the GIS.

Global Positioning System (GPS) is a positioning system based on a constellation of satellites that continuously transmit coded information. The information transmitted from the satellites can be interpreted by receivers to precisely identify locations on Earth by measuring distances from the satellites.

Opportunities for GPS in Healthcare include

Faster Response Time GPS technology has helped streamline the process of finding accident victims at precise geographic locations, i.e. along a road. Thus shaving off precious minutes in which an injury might become fatal. Equally by placing some sort of GPS tracking device on patients is incredibly useful for knowing the whereabouts of patients who are likely to attempt to go missing, escape, wander off and not receive the care they require.

GPS Communications’ satellites enable long-distance telephone or digital communications on Earth in places where there is no telephone infrastructure. Telemedicine or telehealth, which can be used in remote locations and can link health experts with other health professionals or patients anywhere in the world via satellite communications. On the other hand, earth observation satellites, to analyze the light that bounces of the Earth and thus analyze the land, air or sea. For example, this technology can help measure the wind, clouds or rain or other environmental parameters that are associated with the presence of insects that can carry diseases. This technology can also help us measure the extent a region is affected by drought or flooding and be used for the assessment of food supply or potential for waterborne diseases. PS that is used in mobile phone technology – can also be used to investigate outbreaks. GPS technology can also pinpoint the location of a suspected source of contamination.

Some of the limitations of GPS in Healthcare include factors such as inaccuracy, lack of local knowledge, driving destruction, signal or battery failure, commercial exploitation and privacy issues. To start of GPS can present with some degree of inaccuracy. GPS devices rely upon receiving signals from at least four satellites. If they connect with only three, the positioning is not entirely accurate. Problems can occur when obstacles, such as walls, buildings, skyscrapers and trees, obstruct a signal. Extreme atmospheric conditions, such as geomagnetic storms, can also cause problems. Also, the mapping technology which is used in conjunction with the GPS may not be up to date and cause navigational errors.

Lack of Local Knowledge could also be a limitation in the use of GPS such that local knowledge counts for a lot when travelling. Relying solely on GPS technology means that one can miss out on information that might be useful for your journey. For instance, whether a piece of road is prone to flooding or other hazards at certain times of day, whether there are any scenic views, or whether the road is closed during specific periods.

GPS devices are by their very nature distracting. In theory, they relay your audio instructions, and one has to glance over at the map occasionally. But in practice, you can end up trying to adjust the destination, key in data, or alter other settings while driving. It’s a recipe for disaster. Also, sole reliance on GPS can cause problems if one suffers a signal failure, or you are using a battery-operated device that runs out of power (GPS devices are almost always power-hungry). Unless you have some form of backup, such as traditional paper maps, you can easily find yourself lost with no idea which way to go.

GPS devices can be used to stalk people without their knowledge. A device can be placed in a car, for instance, so that the victim’s location can be tracked. This method can also be used for criminal purposes. These tracking devices are easy to obtain.

Commercial Exploitation: When GPS is combined with internet technology, such as social media or mobile phone apps, it can become easy for commercial organizations to track someone’s movements and exploit this information to gather data on a person’s shopping habits, or target them with advertising based on their location.

Examine the key characteristics of quality data in healthcare management information systems

The seven characteristics that define data quality are:

Accuracy and Precision: This characteristic refers to the exactness of the data. It cannot have any erroneous elements and must convey the correct message without being misleading. This accuracy and precision have a component that relates to its intended use. Without understanding how the data is consumed, ensuring accuracy and precision could be off-target or costlier than necessary. For example, accuracy in healthcare might be more important than in another industry (which is to say, inaccurate data in healthcare could have more severe consequences) and, therefore, justifiably worth higher levels of investment.

Legitimacy and Validity: Requirements governing data set the boundaries of this characteristic. For example, on surveys, items such as gender, ethnicity, and nationality are typically limited to a set of options and clear answers are not permitted. Any answers other than these would not be considered valid or legitimate based on the survey’s requirement. It is the case for most data and must be carefully considered when determining its quality. The people in each department in an organization understand what data is valid or not to them, so the requirements must be leveraged when evaluating data quality.

Reliability and Consistency: Many systems in today’s environments use and collect the same source data. Regardless of what source collected the data or where it resides, it cannot contradict a value residing in a different source or collected by a different system. There must be a stable and steady mechanism that collects and stores the data without contradiction or unwarranted variance.

Timeliness and Relevance: There must be a valid reason to collect the data to justify the effort required, which also means it has to be collected at the right moment in time. Data collected too soon or too late could misrepresent a situation and drive wrong decisions.

Completeness and Comprehensiveness: Incomplete data is as dangerous as inaccurate data. Gaps in data collection lead to a partial view of the overall picture to be displayed. Without a complete picture of how operations are running, uninformed actions occur. It’s essential to understand the complete set of requirements that constitute a comprehensive set of data to determine whether or not the requirements are being fulfilled.

Availability and Accessibility: This characteristic can be tricky at times due to legal and regulatory constraints. Regardless of the challenge, though, individuals need the right level of access to the data to perform their jobs. It presumes that the data exists and is available for access to be granted.

Granularity and Uniqueness: The level of detail at which data is collected is essential because confusion and inaccurate decisions can otherwise occur. Aggregated, summarized and manipulated collections of data could offer a different meaning than the data implied at a lower level. An appropriate level of granularity must be defined to provide sufficient uniqueness and distinctive properties to become visible. It is a requirement for operations to function effectively.

Many elements determine data quality, and each can be prioritized differently by different organizations. The prioritization could change depending on the stage of growth of an organization or even its current business cycle. The key is to remember you must define what is most famous for your organization when evaluating data. Then, use these characteristics to define the criteria for high-quality, accurate data. Once defined, you can be assured of a better understanding and are better positioned to achieve your goals.

Evaluate potential issues and challenges in data storage for health-related information systems

Electronic health records increase access to health care, improve the quality of care and decrease costs. Although storing those records, though, presents several challenges — logistically, physically and ethically.

Logistical Problems

One area of potential logistical challenge is “unsolicited healthcare information,” which is “data received by a healthcare provider who has taken no active steps to ask for or collect that information” (American Health Information Management Association). Traditionally, this type of data would come piecemeal to different providers so that it would disappear in the bureaucratic paperwork shuffle. However, health records management professionals are finding new ways of collecting this often relevant data from several sources.

For example, say a patient has a primary care physician but was recently admitted to the hospital. Any information the hospital staff takedown becomes the responsibility of health records management professionals. Ensuring the information makes it to the correct record is highly relevant — it could even mean the difference between life and death. Afterwards, health records managers must store this information indefinitely and provide it to the patient’s primary care physician.

Physical Problems

Most consumers think of electronic health records as ethereal: they are electronic, so they weigh nothing, which means their storage takes no physical space. However, the truth is that electronic records must exist somewhere and that somewhere must be accessible. Further, this storage must be secure, as the federal regulations outlined in the Health Insurance Portability and Accountability Act of 1996 protect the data in every patient’s record.

To resolve this issue, many smaller healthcare organizations look to “server-in-a-box” solutions. Estelle Schweizer, writing for Schneider Electric, explains that these are “intended to house IT and networking gear that must live in a relatively small space, such as an office environment, medical clinics, and healthcare facilities where there is no dedicated space or where space is a commodity for such equipment.” Thus, each clinic has a server room to house the electronic health records, as well as a health records management professional to oversee the protection and dissemination of this data.

Ethical Problems

Conversely, many health records management professionals are turning to cloud computing to resolve the issue of server space. Cloud data storage is capable of handling massive amounts of sensitive data. However, adoption of this technology is slow. When sensitive data is at stake, reliable security is paramount. Because the penalties for violations of client’s rights are dire, health records management professionals are necessary to safeguard healthcare providers against any infringements. Healthcare institutions have an ethical duty to protect patients’ information. Whereas former storage solutions prohibited large-scale theft of patient records, electronic health records are relatively portable. Thus, they run the risk of being stolen and used for nefarious purposes.

Accessibility

Perhaps one of the most important concerns when dealing with this data is creating a system that works for patients and clinicians alike. Healthcare institutions must employ health records management professionals to ensure that doctors and patients understand these new technologies and how to use them.

Explore the drivers and hindrances for practical application of information systems

While discussing factors for success and failure, it is necessary to clarify the “opposite” effect of most factors. It means if the presence of a factor encourages success, the lack of it encourages failure (examples are, proper infrastructure and well-motivated staff). The converse is true such that if the presence of a factor causes failure, its absence causes success (examples are bureaucracy, poor project and change management).

Factors for success

Factors for success are those occurrences whose presence or absence determines the success of an ICT project. They can be drivers or enablers as described by (Moran 1998, Riley 2000, Doherty et al. 1998, Heeks 2003b, Mugonyi 2003, Heeks 2004, Khaled 2003). Their absence can cause failure, and their presence can cause success. Drivers are the factors that encourage or reinforce the successful implementation of ICT projects. Some of these are listed below:

• Vision and strategy
• Government support
• External pressure and donor support
• Rising consumer expectations
• Technological change, modernization, and globalization

Enablers are the active elements present in society, which help overcome the potential barriers. Some of these are listed below:

• Active project, coordination and change management
• Good practice

Factors for failure

The factors for failure are those occurrences that constraint proper/smooth implementation of ICT projects in government. These can either be barriers or inhibitors as described by (Khaled 2003, Gakunu 2004, Aineruhanga 2004, Heeks 2003a, Ndou 2004, Bhatnagar 2003, Saul and Zulu 1994). Barriers can be considered as those occurrences that hinder ICT implementation. Some of these factors for failure are listed below.

• Infrastructure
• Finance
• Inadequate data systems and lack of compatibility
• Skilled personnel
• Leadership styles, culture, and bureaucracy
• Attitudes

Inhibitors do not necessarily prevent the implementation of ICT projects, but they do prevent advancement and restrict successful implementation and sustainability. Some of these factors for failure are listed below.

• User needs
• Technology
• Coordination
• ICT policy
• Transfer of ICT idolizers
• Donor push

Conclusion

Security awareness training, a data-centric security strategy, MFA, strict cloud permissions and a robust patch management strategy are all efforts by which organizations can advance their data security.GIS is a powerful tool that has been successfully implemented to help address several significant health issues ranging from disease management to improved services. As more and more healthcare professionals begin to adopt and integrate the program the number of benefits is likely to continue to rise including the connectivity between hospitals and the communities they serve – which is perhaps the most vital connection to be made.

While electronic health records simplify many aspects of the healthcare industry, they are not without their challenges. Collecting, storing and protecting data is the responsibility of a relatively new group of professionals. Health records management is an integral part of the healthcare industry, and it is leading the way in innovative healthcare.

References