Currently patient information is recorded manually and stored in individual files. Every time a patient walks in, the receptionist manually searches the files which the doctor reviews and updates after meeting with the patient. After the patient leaves, the files are restored to their original position in the filing cabinet or rack. It is important to note that these numerous patient files do not have any backup and incase of a fire, all these files may be destroyed. Moreover, there are several patients who may have moved to different locations but their files are still retained in the clinic because clearing up these files is laborious and error prone. Dr. Axon Dendrite’s group is a medium sized hospital that is clearly calling for a change.
There are four main functional areas that may need improvement or some kind of IT enhancement. Firstly, there is a need for software tools to effectively manage patient information. This will help to reduce errors, improve staff productivity, and increase data manageability. Secondly, there is a need to manage internal operations such as financial management, scheduling, and office automation (Austin, C.J. and Boxerman, S.B. (2008)). While this can be best achieved through software’s that perform basic office accounting and office automation, there are some specialized software packages that integrate both this functions.
These enhancements will help to further increase staff productivity, control costs, and improve the delivery services of the hospital. Thirdly, there is a need for software systems that allow interaction between the hospital and other supporting organizations such as insurance companies and other health care providers (Austin, C.J. and Boxerman, S.B. (2008)). Finally, there is a need to build a simple but robust network infrastructure within the hospital that will not only allow the above three systems to operate collectively, but also prepare the hospital for future growth and give it the ability to adapt as technology evolves.
Security is not the responsibility of one person or one department. To achieve high levels of security, managers, top executives, and board of directors must be involved by providing appropriate funding (Colling, R. L. (2001)). Although news of networks being hacked due to system vulnerabilities is quite common, according to a study by Cybercrime, only 2 % of the networks in the health industry have been impacted by attacks as compared to government sector which is 23% (Trusted Strategies, 2006, pp4).
Nonetheless, since it involves patient related data and reputation of the hospital, security restrictions must be in place to protect confidential data and increase patient confidence. From IT security perspective, both hardware and software security controls must be in place. For example users such as receptionists who may sit in unsecured areas should be given thin clients rather than laptops or PC’s.
As added level of security, patient data itself could be divided into different categories with different levels of access rights for different users. For example, if records of patient A is accessible to user 1, then information about patient A having AIDS should be accessible to user 1 only with the approval of a user 2 (supervisor or manager). Finally, policies and procedures should be developed and adhered to by all employees. This will help define processes of how information can be requested by outside companies such as insurance providers, especially when data is sent over the network.
While it may seem efficient to have a single product address all four of the enhancements suggested above, it may be an expensive proposition. Single products may not be customizable and may contain additional features that may not be needed by a specific customer. Another approach is to have single or multiple vendors provide solutions for various functional areas of the hospital. This may cause integration and associated cost issues but it is not uncommon within the IT industry to see multivendor software products integrating with each other. The recommended approach is to take a phased deployment of technologies. This is because once a certain technology is deployed it will allow the users to test the product in real time which will help iron out issues before the next technology is deployed.
All the above recommended enhancements will affect patient related information in one way or another. While some patients understand that electronic patient data will assist the doctors in efficient and error-free diagnosis, there is also a genuine concern about the safety, security, and misuse of data. Not all patients, especially the senior citizens, have the same outlook towards IT modernization and it is therefore very important to ensure patients concerns are properly addressed. One of the recommended ways of addressing their concerns is by opening all channels of communication. Information can be disseminated through several channels, including information booklets, emails, or even posting information on the website.
References
Austin, C.J. and Boxerman, S.B. (2008). Information systems for health care management (7th ed.) Chicago: Health Administration Press.
Colling, R. L. (2001). Hospital and Health Care Security (4th ed.) Butterworth-Heinemann.
Trusted Strategies, L.L.C. (2006). Network Attacks: Analysis of Department of Justice Prosecutions, 1999 – 2006. Web.