Critical Factors in Implementing an IT System in Health Facilities
Electronic Medical Records (EMRs) are digital versions of paper charts that contains healthcare information about an individual’s medical history and their care in one database. Electronic Medical Records significantly reduces storage and has radically improved the efficiency of clinical overflow including lab retrievals and imaging. Electronic Medical Records system (EMRs) has many benefits and is a software with powerful features that includes customization of clinical documentations, code for reimbursements, code for e-prescribing, allows modification of settings, maintains compliances, provides maintenance reminders, tracks physicians orders, manages tasks, accommodates third party systems and so much more. Electronic Medical Records yields a high level of productivity and is being promoted by many information technology systems, given its ability to save billions of dollars in annual healthcare costs and to improve quality healthcare. Many organizations in the healthcare industry have adapted its initiatives including the Electronic Health Information Management (e-HIM), Department of Health and Human Services and the American Health Information Management. But why are some healthcare providers unwilling to adapt the Electronic Medical Records system exchange? Here are a few.
Reluctance of Electronic Medical Records Implementation
One of the main reasons many companies are hesitant to adapt the EMR exchange is because of the associated costs and, reimbursement processes, according to the Health Care Information Technology Progress and Barriers Report (Hersh, p. 292). Implementing EMR’s in clinical settings is more complicated than just the regular installation of software because workflow arrangements must be modified in ways that doesn’t counteract with other systems. For example, the EMR system should not interfere with other medical systems and its information should be easily accessible. Even though some costs to install EMR’s are balanced with federal incentives, it does takes time for these incentives to apply, which in turn increase costs for provider during the first three years of installation. According to the Centers for Medicare and Medicaid Services (CMS), they have paid more than $30 billion in monetary incentives to over 400,000 Medicaid and Medicare providers for EMR system implementation. EMR costs are associated with system execution such as hardware costs, software maintenance and costs, labor costs and implementation teams, network costs, transference of data costs, individual physician use costs and practice use costs (Dranove, D., Forman, C., Goldfarb, A., Greenstein, S). A projected 75 percent of office-based physicians were utilizing some form of EMR system around 2013 but only 48 percent of providers had access to the basic system by 2014. (Hsiao, C-J., Hing, E).
Another challenge healthcare providers face is the system and data interoperability. Because many patients seek care at multiple places, information from practices with advanced (EMR) systems are not accessible so records are trapped underground in what is known as “Silos,” or loss of pertinent information. To widen the healthcare information exchange gap across traditional business boundaries, the use and upgrades of broadband internet makes this achievable. The Center for Information Technology Leadership estimates that the overall value for adapting a general healthcare database collaboration could gross as much as $87 billion in its first initial year (Corrigan, JM, Greiner M, Erickson SM). However, there are no incentives for physicians or individual healthcare plans to facilitate this investment and substantial disadvantages because providers are likely to pay costs without receiving incentives.
A third concern is about the privacy and confidentiality of patient’s records. Service providers must be vigilant in protecting a patient’s privacy whether medical records are accessed either by paper or electronic methods. Unfortunately, a perfect security system does not exist because human curiosity will derail even the best privacy methods. Healthcare professionals must consistently work to instill certain standards of privacy and confidentiality in the healthcare culture to reduce leakage of information. Previously, accessed was controlled by locked doors, identification cards and sign in and out procedures, however, many modern computerized databases do not require notifications on who accesses patient’s information and controlling users can become a tedious task. Security, data integrity, privacy and confidentiality are an individual’s right to EMR’s security. (US Department of Health and Human Services Office for Civil Rights).
Health Insurance Portability and Accountability Act (HIPAA) impact.
The Health Insurance Portability and Accountability Act (HIPAA) federal law was established in 1996, applying to all healthcare information. HIPAA was created to improve accountability and the portability of health insurance coverage as employees transitioned between jobs, however, other objectives were brought into play including the privacy rule. The privacy rule outlined three security safeguards: the administrative aspect which created policies and procedures to ensure companies are complying, the physical aspect which sought to protect inappropriate access to areas of data storage and the technical aspect which involved the protection of private information over open networks. HIPPA has helped society to understand the importance and value of health information privacy and protection. HIPAA helps to protect patients from harm, preserve their rights and is essential to ethical practices. Because of the increased devices in which health information is transmitted through, medical identity theft between data exchanges can be anticipated, and if a patient’s trust is undermined, they may withhold pertinent information from their physicians. Records must be protected, and medical staff aware of HIPPA security measures and the need to protect patient data within their practice.
HIPPA strongly encourages ethical practices among clinicians and a recent survey done according to the AMA Journal of Ethics (Illuminating the Art of Medicine) found that physicians’ text each other about work-related issues and these exchanges have become major causes for security concerns. HIPPA has also helped physicians to identify system weaknesses and threats, expose system risks within the organization and address them. HIPPA does regular auditing within organizations to encourage log tracking system activities, generate date and time notifications, what was viewed by whom, how long and who did modifications of EMR’s. Administrators can also detail printed reports by whom, screen shots taken, or even the exact location where the information was accessed. HIPPA security rules requires healthcare organizations to watch for breaches of personal health information, track record transactions and generate an audit trail. They also provide incentives for those in compliance.
Adoption of the HITECH (Health Information Technology for Economic and Clinical Health) Act for Health Care Professionals.
The HITECH Act (Health Information Technology for Economic and Clinical Health) of 2009 was designed to encourage the widespread use of EHR’s. It was part of a stimulus package and changes from this policy summarizes the advantages and drawbacks of EHR systems. HITECH works in conjunction with the American Recovery and Reinvestment Act (ARRA) and was signed into the law with the explicit purpose to adopt EHR systems. HITECH requires providers to utilize EHR’s functionalities such as Meaningful Use to reduce errors, contain costs and translate functionalities into benefits including computerized access to records which eliminated poor penmanship and incomprehensive writings. (Blumenthal D, Tavenner M). HITECH compliance gives patient rights to obtain their PHI in electronic format because it covers certain HIPAA provisions regarding privacy and security requirements. HITECH rules works in conjunction with marketing communications, restriction to uses, disclosures and accountability. HITECH Act puts in perspective what should be done, what should be reported and the scope of privacy and security protection available under HIPAA including potential legal liability for non-compliance regarding its enforcement.
Lessening the Disadvantages of EMR’s and HITECH Systems.
While HITECH is necessary, it cannot stand alone, and providers must consider adopting other models for support such as Meaningful Use and other EHR systems to transform care into the delivery service that is needed. These facilitate procedures and workflow redesign, which is essential to achieving meaningful use of EMRs. So, to cushion the disadvantages of HITECH, providers can adapt other EMR systems or outsource programs while considering the best approach to take.
Improvement of EMR Services within the Organization.
Healthcare organizations can improve variation outcomes by creating new protocols, bundle healthcare, develop strong analytical solutions, evaluate effectiveness and create methods to track progress. It is fundamental for healthcare organizations to identify areas of improvement because of the frequent cases of complexities and unique circumstances within its proximities. They can also work towards to a data-driven best practice variation, where health systems improve quality care through cost reduction activities and by measuring processes rather than outcomes. Healthcare systems can also identify important measurements to generate consistency, stability and growth by choosing balanced measures that will better outcomes. (Burton, T., Health Catalyst). Example, it is better to prevent bed sores than treating the condition when it occurs. Prevention helps to reduce variations through accountable and managed care solutions including patient safety which will improve outcomes, create health catalyst visions and continually provide experienced-based learnings for the healthcare system to guarantee success and improve outcomes (Sanders, D., Burton, D., Health Catalyst, 2019).
Patient Privacy, Safety, and Confidentiality.
Most frequently, HIPAA confidentiality, privacy and safety comes to mind during the interchangeable discussion of healthcare information within the healthcare system as the standards for healthcare information. Privacy is distinct from confidentiality and it is the right for a person to be left alone to make the decision how they want their personal information to be shared (Brodnik, 2012). Even though the U.S. constitution does not have a “Right to Privacy” specified rule, with respect to healthcare decisions, privacy rights have been outlined in court documents regarding healthcare information in federal and state statutes, concerning organizational guidelines and their code of ethics. HIPAA and the Department of Health and Human Service (HHS) describes the privacy rule as striking a balance between exposing personal information and the person’s right to seek privacy while protecting their care and healing (HHSa, 2003, p. 1).
Safety is the direct care and protection of specific health information and professionals are held liable for breach of confidentiality. As the use of EHR’s grew, the transmission of healthcare data grew, therefore the need for regulatory guidelines grew to make an individual identifiable information safe in electronic form. HIPAA’s Rule allows healthcare providers to access appropriate information in e-form but only as needed to protect individuals’ healthcare information. Breaches face serious penalties given the HIPAA and HITECH Act (AHIMA, 2011, American Health Information Management Association Code of Ethics). HIPAA’s new rule has helped to protect patient’s safety and safeguard health information in the ever-expanding era of digital communications.
Confidentiality is the professional obligation to access a patient personal records in confidence. Confidentiality is rooted in the patient-provider relationship and can be traced back to the fourth century Oath of Hippocrates, which is the fundamental guide to the medical professional guide to confidentiality (McWay, 2010, p. 174). This obligated effort was meant to keep health information confidential and ethical. Confidentiality is recognized by federal law as privileged communication between two professional parties such as a patient-physician relationship or any other clinical relationships (Brodnik, Rinehart-Thompson, Reynolds, 2012). Because of HIPAA and HITECH, patients have come to expect confidential communications within these relationships because when considering the impartation of sensitive health information, layers of confidentiality provides guidance for health professionals. Example, the Mental Health and Developmental Disabilities Confidentiality Act asks for special requirements for accessing, using and disclosing confidential information including legal proceedings (MHDDCA, 1997).
IT System Within Health Care Organizations and Future Developments.
The impact of Information Technology has saved countess lives and has improved the quality of care for most. Technology not only has changed the experiences for patients and their families, but it also has impacted medical processes and the practice of healthcare professionals. The introduction of Electronic Records has replaced paper records and has become a game-changer for many allied healthcare professionals. The fundamental advantages of Information Technology on Healthcare are the innovation it brings to digitalization of health records, which has replaced paper records, its enhanced patient care that allows physicians immediate access medical history, improved public health information by providing valuable data to clinical researchers, and the advancement of medical knowledge. IT also eases workflow traffic including improved efficiency of medical and billing coders, helps to lower healthcare costs through the shifting of paper to electronic transmissions, provides data backup or cloud computing, provides better and safer data storage, provides telehealth or telemedicine, enhances mobile app technology and decreases the risks of medical records hacking. Over the next two decades, much more impact is expected through IT including advanced medical research, medical drones and advanced medical equipment. Technological breakthroughs are becoming more revolutionized in healthcare delivery. Information Technology has restructured many organizations including the widespread adoption of EHR’s. The next two decades will see advances in engineering, technological and biological healthcare and their delivery methods in the ever-changing healthcare environment.