EMR/EHR/HIMS

Terminology Standards for Health Information Exchange in the times of SARS-Cov2 by Prof. Supten Sarbadhikari, @supten

To provide better and cost effective patient care, one needs to exchange healthcare information. For this to happen seamlessly, there is a dire need of Standards that facilitate this interoperability.

Re-Imagining #EMR for India by Kumar Satyam, @kr_satyam

I was out of doctor’s room in couple of minutes with a scribbled prescription in hand, not very sure if the physician had actually understood my problem. Clinic’s pharmacist words gave me confidence “Doctor is very experienced, he can diagnose problems within a minute. You will get better in couple of days”. 

Hospital Information System The two sides of a coin by Dr. Paridhi Mathur

Finding an alternative with the most cost effective or highest achievable performance under the given constraints, by maximizing desired factors and minimizing undesired ones. In comparison, maximization means trying to attain the highest or maximum result or outcome without regard to cost or expense. 

#EHR in India: Challenges and Opportunities vis-a’-vis’ Ayushman Bharat by Dr. Oommen John, @oommen_john

As India is embarking on a journey towards providing Universal Health Coverage through multi-pronged approaches of reducing catastrophic out of pocket expenditure and increasing access to essential health services , it is envisaged that Health Information Technologies (HIT) / Digital Health would create enabling environments for addressing some of the system level challenges in healthcare delivery.

Algorithms in #EMR by Dr. Joyoti Goswami @Joyoti10

Practicing physicians these days are barraged with a lot of technical jargon promoted by the Information technology professionals such as Big Data, Hadoop, Artificial Intelligence and Predictive analytics. For a physician not introduced to the these terms, the conversation is of little value unless there is a specified value in the clinical setting.

Software Product For Hospital Industry by Girish Koppar @KopparGirish


Before we talk about software product for hospital industry lets understand how the Hospitals are broadly classified

– Based on the legal entity ( Private , Trust or Corporate)
– Based on specialty ( Super specialty, Multi-specialty, Single specialty)
– Based on bed strength ( Larger hospitals and Nursing Homes)


Hospital Industry is unique as compared to BFSI and FMCG industry as there is minimal or almost no standardization in the Processes/Operations between hospitals of similar nature, for example “Admission, Discharge and Billing Processes may vary from hospital to hospital. One more major difference is about the employment of Doctor’s. In some hospitals Doctors are Consultants and in some hospitals they are employees or on the payroll of that hospital. 

Due to above factors it’s very difficult to build and implement a global product for hospital industry. Although many companies have attempted to build a global product for the hospital industry they have not been very successful. 

The software product developed by the vendors may be technically sound for the hospital industry. However, most of the vendors face major implementation challenges as they are not aware of the practical scenarios in different hospitals since the nature of the hospitals and processes in every hospitals vary as mentioned above. 

Hence the customization percentage is very high and the stability of the product becomes an issue. As the degree of customization various from hospital to hospital, the customized product becomes local to that hospital and it becomes difficult for the vendor to maintain and give support to a particular hospital. The other major challenge faced by the vendors is to implement a software product/solution in a brown field project (running hospital), where the processes are set, hence there is a resistance to change by the users to implement a new software. In case of a green field (new hospital) it is not very difficult to implement a software solution as there are no preset processes.  

Now let’s see the major software applications used in hospital industry.
–   HMS (Hospital Management System).
–   RIS (Radiology Information System) and 
–   PACS (Picture Archival and Communication Systems).
–   DMS (Document Management System).
–   Mobility Apps.

HMS is the core application or like the ERP used in hospital industry. It mainly contains modules like Admission, Discharge, Transfers, Billing, In Patients, etc. Since it has the mentioned modules like Admission and Billing, it’s difficult to develop a global HMS application as the variation in processes across hospitals. Other modules like Finance, Inventory, PACS are standard in nature and may or may not be a part of HMS. These modules can be separately developed and seamlessly integrated with the HMS application. Most of the hospitals have adopted the practice of having HMS with only the core Billing and Admission modules and build & integrate other modules around HMS.

Mobile apps & BI tools have helped Vendors to build standard applications wherein they have to fetch the data from HMS and other modules and display it in the app. Unlike HMS application which is dependent on the processes of that particular hospital, mobile apps & BI tools are not process dependent and just fetch data from HMS and other modules to be displayed to the top management for analysis of Business process and making key decisions.

Lot of vendors are now focusing on capturing clinical data and converting the same into EMR/EHR. Although there are various solutions available for capturing clinical data adoption of such software is still an issue. Since most of the hospitals have started capturing clinical data, the next logical step is to use the data to develop applications that can assist doctors in their diagnosis and treatment. CDSS (Clinical Decision Support System) and Artificial Intelligence will be the focus of the vendors which will bring a revolution in the Healthcare ecosystem. These applications will be widely used by Doctors not only for preventive health to diagnose and treat their patients, but also will be used to predict the health of a patient depending on the amount of data that has been captured.


The article was first published in the CIO Insider Magazine, here. The article has been republished here with the authors’ permission.
Author
Girish Koppar

Experience of managing IT for Lilavati Hospital and Research Centre for over a decade, and an overall experience of 25 years

Committee Member of HIMSS (Healthcare Information and Management Systems Society) Asia Pacific Chapter and International Member of CHIME (College of Health Information Management Executives).

Secretary & Principal founder of Hospital Information Technology Association
(http://www.hospitaltech.in/) connecting IT personnel across various hospitals pan India. HIT Association is a non-profit association registered under the Bombay Port Trust Act which aims to “Provide Transformational and Visionary Leadership for successful adoption of Digital Technologies in Hospitals.

Board Member and Co-Founder of Medical and Health Information Management Association (MaHIMA) http://www.mahima.org.in/MaHIMA is accredited by Maharashtra Medical Council (MMC) for conducting Continues Medical Education.

On the advisory board of the following companies as a Healthcare Subject Matter Expert (Honorary)
https://www.lemarksolutions.com/mentors
http://findyourfit.in/?page_id=1235

Electronic Health Record System from the Perspective of Data Privacy by Dr. SB Bhattacharyya @sbbhattacharyya

Electronic health record systems handle health-related ultra-sensitive data of a person throughout his life, along with all personal information that accurately identifies him. This makes it imperative to protect the data from cyber-threats and consequent untold damages. This article discusses the various issues involved and the different mitigation methods.

During the course of any clinical encounter a person discloses ultra-sensitive health related information to his provider to enable the latter to address his health-related problems better, faster, and hopefully, cheaper. Information that he would otherwise rather keep well under wraps. Ethics demands all providers treat all information that their patients disclose to them with the greatest of care and keep them secreted away from everyone, even the spouse, unless explicitly released from this obligation by the patient. The confidentiality of the private information needs to be maintained at the highest possible levels of security by medical professionals at all times—unless there are extenuating circumstances to disclose them, like for the public good, compliance to the law, etc.


When the information is recorded electronically, the onus of maintaining the secrecy continues to wrest on the provider and he needs to ensure that it is indeed maintained at all times, else he would be liable for all consequences thereof. The fear of compromises due to lack of adequate control of the cybersecurity from threats has made the public to naturally be very wary of having their information maintained there. The digital health industry is aware of all this and already have in place a number of appropriate processes and enabling tools that are able to effectively address them to robustly. The following sections discusses some of the commonly-used ones in brief and simply.

EHR

An Electronic Health Record (EHR) is a life-long record of all the different health-related encounters that a particular person has throughout life. All of these encounter documents need to be lined up and merged together into a single continuous document to help provide that person’s journey through life with respect to health. This life-long record contains every single health-related detail of a person, many of which are sensitive enough to merit special considerations be given to the data privacy and confidentiality issues so that the person whose data is being handled and his provider are able to feel reasonably confident about permitting their location in an electronic format in the cyberspace.

Privacy is the claim of individuals, groups or institutions to determine for themselves when, how and to what extent any information about them is communicated to others. It also refers to the ability of individuals to manage the collection, retention and distribution of private information and has been variously defined as the control of access to private information while avoiding certain kinds of embarrassment and ensuring what all can be shared, or not, with others. In short, privacy is ensuring that others do not get to know all that one does not wish to tell.

Confidentiality

Confidentiality is the protection of personal information and entails keeping certain information strictly limited to a selected few and usually is a set of rules or promise that ensures it.
Confidentiality in healthcare requires healthcare providers to keep a person’s personal health information private unless consent to release the information has been provided by the patient.
Patients routinely share personal information with health care providers. If the confidentiality of this information were not protected, trust in the physician-patient relationship would consequently be diminished. Persons would then be less likely to share sensitive information, which could negatively impact their care.
Creating a trusting environment by respecting a person’s privacy encourages the patient to seek care and to be as honest as possible during the course of a health care visit. It may also increase the person’s willingness to seek care. For conditions that might be stigmatising, such as reproductive, sexual, public health, and psychiatric health concerns, confidentiality assures that private information will not be disclosed to anyone including partners, family, friends, employers or any other third party without their explicit consent.

Due to ethical and legal reasons, breaching confidentiality is justified, but only in certain special circumstances.
1. Concern for the safety, both of self and of other specific persons: access to medical information and records by third parties is legally restricted. Yet, at the same time, clinicians have a duty to protect identifiable individuals from any serious, credible threat of harm if they have information that could prevent it. The determining factor is whether there is good reason to believe specific individuals (or groups) are placed in serious danger depending on the medical information at hand.
2. Legal requirements to report certain conditions or circumstances: applicable laws usually require the reporting of certain communicable/ infectious diseases to the public health authorities. In these cases, the duty to protect public health outweighs the duty to maintain a patient’s confidence. From a legal perspective, the state has an interest in protecting public health that outweighs individual liberties in certain cases.
3. Ethical considerations make it indefensible not to use information that may save the life and limb of another, where the data of one may help not only alleviate the pain and suffering of another but perhaps even save the life that would otherwise be lost. For example, if a person has a life threatening condition and information about someone else also having suffered a similar condition who was successfully treated of the condition exists, then it would be morally indefensible not to use that knowledge and save a life.

Security

In a healthcare context, security is the method and technique to protect privacy and is a defence mechanism from any type of attack. Studies have showed that the slow adoption of EHR is mostly due to privacy concerns. People need to be in control of the collection, dissemination, and storage of their health information. If they feel out of control, their feeling of vulnerability and general mistrust of healthcare information systems and the information that they have disclosed with the expectation of it being held in trust increases manifold. Digital health systems are used in medical applications for delivery, efficiency and effectiveness of healthcare and the users have the right to know about the various security measures that are in place in order to feel secure about their privacy.

Functional Challenges

The various functional challenges to the successful establishment and use of an EHR are as follows.

Centralised availability

There is a need to ensure that all records of a person are available at a central place so that they may be accessed and processed together in real-time.

Privacy issues

There is a need to ensure that private things are indeed kept private.

Confidentiality issues

There is a need to ensure that confidentiality of information is maintained as well as the information is available to those who need it for safety, legal or ethical reasons.

Security issues

There is a need to ensure that both of the above are successfully addressed in a meaningful and demonstrable manner to the satisfaction of care receivers (persons and patients) and their care providers (medical professionals).

Technological Solutions

The various functional challenges detailed above are addressed in this section.


Cloud-based solutions

The ‘Cloud’ is actually a group of interconnected computer servers that is accessible through the Internet by a broad group of authorised users across enterprises, geographical locations and operating platforms.
A person visits a number of healthcare professionals to receive services over his lifetime. These services could be for routine attention like immunisation, health check-up, etc., or special like a doctor visit for consultation due to illness or a facility visit for undergoing procedures like surgery or emergency due to some accident – minor or major.
Each of these healthcare encounters leads to the creation of a record. Creating one single life-long record from all of these individual encounter-based records requires all of the latter to be serially collated from the very first to the very latest and then processed together. Consequently, the availability of all the records at a central place is crucial.
Either using a Cloud-based solution or storing a copy of each and every encounter in the Cloud makes this very practical.

Cyberspace, security, and threats

Cyberspace is a notional space created by networking various digital devices including computers. Basically, it is the electronic ecosystem where not all of rules of the natural laws of physics and chemistry apply. The ‘Cloud’ essentially exists in the cyberspace.
Cyber security refers to the techniques of protecting computers, networks, programs and data from unauthorised access or attacks that are essentially malicious.
Cyberthreat is the possibility of malicious attempts to damage or disrupt a computer network or system.

Achieving EHR security

There are a number of methods by which adequate levels of security can be achieved in any EHR system that would be sufficient to allay the various security-related concerns of the stakeholders.

Technical Solutions – using various security techniques as follows:

Encryption

• Authentication
• Role based access control (RBAC)

Human Solution

Privacy Awareness
• Privacy Education
Information system designer and developers need to ensure that privacy requirements are included in the design and development phases itself. This is an extremely issue that all EHR vendors must pay particular attention to and failure to do so would in all likelihood result in serious legal consequences, which would mean one definite thing—business failure.
Security anywhere is as weak as it is at its weakest point. This unfortunately happens to be the users themselves. Using passwords that can easily be guessed, making them available from where even a toddler can access, sharing them with all and sundry, etc. are all extremely dangerous practises that many users, unknowingly and knowingly continue to indulge in for a variety of reasons, mostly due to matters of convenience.


Encryption

Encryption is the process of using an algorithm to transform readable data into an unreadable encoded one in order to make it incomprehensible to unauthorised users. The encoded data can only be decrypted to make it readable with a security ‘key’. This end-to-end data protection process, which falls under the science of cryptography, is essential for to ensure a trusted delivery of sensitive information, including those over such open networks like the Internet.
Advanced Encryption Standard (AES) is an example of symmetric-key encryption process that uses a 128-bit, a 192-bit or a 256-bit key is considered pretty reliable as breaking them is virtually impossible at the currently available computing power. The Pretty Good Privacy (PGP) is an example of asymmetric-key encryption and is a public-key encryption process that uses private and public keys in tandem.

Authentication and authorisation

Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be. This is accomplished by identifying an individual through the person’s unique user identifier and a password (or passphrase, biometric, OTP challenge, etc.). It is distinct from authorisation, which is the process of giving individuals access to system objects based on their identity. Once a person has been authenticated, he is permitted access to the system based on his access rights. This is authorisation. Both are accomplished through the log-in functionality.

Role-based access control

Aka RBAC, this is a process by which system access to users is granted based on the roles they are authorised to perform. By tagging the roles to access, a user is permitted, or not, to execute a certain set of functions based on the roles they perform. This provides the flexibility to deny any unauthorised user, including those unknown, who are trying to gain access with malicious intent, from carrying out task or tasks that they are not permitted to.

Consent management

Any person whose data is being managed using a system needs to provide as explicit a consent as is practical to permit anyone who uses the system to access the data, or not. Taking such a consent in as transparent a manner as possible provides the necessary legal protection to all those who use the system and access the data contained therein while ensuring that the person who has provided the consent has done so with sufficient clarity as to what all he has consented to and not.

Audit trail

The genesis of audit trail belongs to the world of accountancy and is basically a system that traces the detailed transactions relating to any item in a record. In the context of EHR, it is a tracing record of detailed transactions of all activities performed on it. Such a record is able to keep track of everything that has occurred with respect to the EHR and is able to provide details of all activities, thereby making it easier to detect most, if not all, malicious activities. Any compromise to the data integrity or the performance of any nefarious activity can not only be traced but the culprits identified so that necessary action can be undertaken, often in real-time.
Through the use of audit trail in digital health documenting systems, any person or entity, including a court of law, can be provided with sufficient information with a better-than-acceptable levels of confidence that the health records maintained in the electronic format is safe and secure.

Data integrity

Data integrity is a fundamental component of information security and generally refers to the accuracy and consistency of data stored anywhere, whether in a database or data warehouse or data mart or something else. For data to be complete, all of its characteristics including business rules, relations, dates, definitions and lineage need to be correct. Data integrity is maintained through the ongoing use of error checking and validation routines, like ensuring that numeric columns/cells do not accept alphabetic data.
As a process, it verifies that the data has remained unaltered in transit from creation to reception. As a state or condition, it is a measure of the validity and fidelity of a data object. Database security professionals employ any number of practices to assure data integrity, including data encryption that locks data by cipher, data backup that stores a copy of data in an alternate location, having in place appropriate access controls, including assignment of read-write privileges, input validation, to prevent incorrect data entry, and data validation, in order to certify uncorrupted transmission.
This ensures that the data, as intended to be captured, is not only captured in that state but also stored, retrieved, or exchanged, is exactly the same from the time of entry forever.

Hashing

Hashing is the transformation of a string of characters into a fixed-length value or key that represents the original string and is used in many encryption algorithms apart from its use in indexing data in databases to make data location and retrieval quick.
This technique makes it possible to generate and store a hash key of a particular record and subsequently to re-generate the hash key of the same record and check the re-generated key with the original key. A match means that the original record is being preserved. Else it points to compromise of the record’s integrity. This is a red flag indicating breach of security that may have privacy and confidentiality issues.

Safeguards:

Physical

These are safeguards put in place to ensure that all computer hardware including servers, networking equipment including routers, continuity of power supply and temperature maintenance are in a safe place free from any physical harm due to elements of nature, acts by animals or breaking and entering by humans. Various guidelines are drawn up and rigorously followed to ensure that all threats are adequately dealt and mitigated.

Administrative Safeguards

These are basically a set of standard operating procedures related to how security is to be handled, the rules that govern the personnel who deal with or handle sensitive data, how risks are to be managed, methodology for oversight, etc.

Blockchain technology

As of 2018, this is ‘the new kid on the block’ as far as cyber-security is concerned and appears to be on the up and up on the hype cycle of the type popularised by Gartner.
A blockchain is a continuously growing list of records that are linked and secured using cryptography containing a cryptographic hash of the previous block, a timestamp and transaction data. By design, it is inherently resistant to modification of the data. They are secure by design and exemplify a distributed computing system with high fault tolerance. This makes these types of database potentially suitable for the recording of events, medical records, and other records management activities, such as identity management, transaction processing, documenting provenance, food traceability, voting, etc.
Sadly, what prevents it from being the answer to all EHR-related problems is its inherent latency in data retrieval. While this is not a serious enough issue in the non-critical care settings like outpatients or routine inpatients where the patient is well-settled, it is definitely a problem that cannot be mitigated using high-end technological solutions in critical care settings including accidents and emergencies.

Privacy awareness & education

Painful as it is, there is no recourse other than to admit that awareness about privacy and rights related to confidentiality is practically non-existent amongst the publicat-large. Too often a person will not think twice before sharing their intimate details on the social network, but mention of someone entering information into a health information system makes that very person extremely concerned that assumes the hue of outright paranoia. Such a situation is, sadly, all too common for one’s comfort.
This results in the requirement of appropriate raising of awareness and educating the stakeholders using simple and easy-to-follow techniques so that their concerns are adequately allayed and their knowledge regarding the various related do’s and don’ts are suitably augmented. Public messages in the media, private emails and messages, availability of capacity building videos and other educational documents, appropriate postings in the various discussion forum, etc. are some of the various methods that can be adopted in this regard.

Concluding Observations

As is evident from the various functionalities, techniques and tools mentioned and discussed above, robust safeguards are well-known and extensively used by the Information Technology industry to ensure that the privacy and confidentiality of any data can be securely handled with reasonable care.

By using them in EHR systems the data they contain can be well-protected in a reasonably secure manner. Stakeholders can consequently rest easy, confident in the knowledge that the sensitive health-related data contained in EHRs are sufficiently safe in the cyberspace.


The article was first published here, it has been republished on the HCITExperts Blog with the authors’ permission. 

Author
Dr. SB Bhattacharyya

SB Bhattacharyya is a practising family physician and health informatics professional with more than 29 years of experience as a general practitioner and business solution architect for digital applications in healthcare, pharmaceutical and medical devices domains. He is currently Member, National EHR Standardisation Committee, MoH&FW, Government of India; Member, Healthcare Informatics Sectional Committee, MHD 17, Bureau of Indian Standards; Member, IMA Standing Committee for Information Technology, IMA Headquarters; and Head – Health Informatics, TCS.

Timeline: The History of the EMR/EHR by David Rice @bigdatadavid13


Much of the conversation around healthcare technology is centered on where new developments are taking us. But as the age old adage goes, you can’t know where you’re going until you know where you’ve been.
And when it comes to health IT, few innovations have been more significant or played more of a central role in innovation, than the digitization of medical information in the form of the electronic medical record (EMR) and later, the electronic health record (EHR). To better illustrate the history behind this technology, we’ve created the following timeline to provide you with some context behind the evolution of this technology.


The article was first published here. The article has been republished here with the authors’ permission. 
Author
David Rice

David Rice is the editor of USF Health Online. He covers a wide range of health IT related topics for the University of South Florida’s online informatics and healthcare analytics programs.

Clinical Decision Support Systems: Resolving the “Build or Buy” Dilemma – Part 2 by Dr. Ujjwal Rao, @drujjwalrao


The 2 part paper (review part 1 here): Discusses the key role of evidence-adaptive clinical decision support systems (CDSS) in the healthcare system of the future. Weighs the pros and cons that hospitals should consider when deciding to buy or build such decision support tools


Healthcare providers today face the challenge of delivering up-to-date, evidence-based care given the ever burgeoning pool of medical evidence, which is not only prone to inconsistencies but also take an average of 17 years to make their way into routine clinical practice. 

Coupled with the hassle of meeting advance electronic health record (EHR) platform integration requirements, Dr. Rao proposes that buying knowledge-based CDSS is increasingly more favorable and the way forward. 

A number of major initial and ongoing hurdles with home-grown solutions – including the significant time and effort needed to constantly update evidence – could overwhelm and overburden healthcare organizations, taking time away from delivering standardized and evidence-based care. 

Dr. Rao offers five ways on how these challenges can be avoided with the purchase of third-party CDSS platforms.



Care that is important is often not delivered. Care that is delivered is often not important1.

IMPLICATIONS OF BUILDING CDSS

While the idea of building a CDSS that perfectly fits your organisation’s unique workflows appears an obvious choice, it eventually becomes clear that maintaining such a one-of-a-kind system can be unsustainable.

Medical knowledge-base construction and maintenance is a significant challenge. After the first few years of creating the knowledge base, adding new evidence to the system is no longer research – it is system development. As such, it becomes increasingly difficult to recruit a cadre of medically knowledgeable individuals who can devote substantial effort to knowledge-base maintenance over time. Creating a Clinical Practice Guideline (CPG) usually takes three to six months (or even a year), depending on the subject matter9. 

The maintenance of a CPG is likely to take more than a quarter of the time it took to originally develop the Guideline10. To develop CPGs, a standard set of guidelines covering all specialties, represents 12,000 hours of work at a cost of more than 1 million USD for just the content alone10. The total cost of authoring, reviewing, and EHR integration can surpass 3 million USD for just 200 Order Sets11. With the growth of Fifth and Sixth Generation EHRs, the concept of building in-house CDSS will increasingly become less favorable.

BENEFITS OF BUYING CDSS

As we move from logical (rules-based) CDSS to a foreseeable future of statistical (machine learning-based) systems, the decision to purchase rather than build and maintain knowledge-based CDSS becomes a sensible, convenient and cost-effective choice (Table 2).



First and foremost, choosing to “buy” third-party CDS Solutions can help to outsource the huge burden of managing and updating the clinical knowledge base to a vendor that provides the dual advantage of access to peer-reviewed content created by experts, and amalgamating organisational workflows with
evidence-based practices via collaborative platforms. Building consensus amongst “experts” becomes easier when the source of evidence is credible.

Advanced CDSS are usually built on accepted and defined standards that have been peer-reviewed and fine-tuned to provide higher sensitivity and specificity for each condition.


Customisation can also be taken a step further by selecting solutions that have a content management system for ease of customising the content to fit specific guidelines of the organisation. These external CDSS may also have a proven track record of effectiveness with other organisations, which in turn results in costs savings for less ‘trial-and-error’ as compared to “building” CDSS. The return on investment is primarily in the form of reduced spending on unnecessary tests and procedures as well as avoidance of costly adverse events (and in many systems, malpractice litigation claims), and secondly in the form of saved care replacement costs that result from pulling clinicians away from care processes (to build CDSS). These savings can add up to significant amount annually – almost 2.6 million USD as per one estimation11. 

Furthermore, such standard CDSS implementations enable interoperability in Health Information Exchanges. As far as project implementation is concerned, an external influence provides the opportunity to reengineer improvements into your original processes. Advancements in interoperability standards also facilitate more seamless integration with EHR. Professional practice services for EHR integration and implementation support that are provided by progressive knowledge partners, can cut down the implementation costs significantly and improve the efficiency and effectiveness of a large-scale CDSS roll-out. 

Lastly, with pharmacogenomics becoming an emerging field in patient care, demand for this new form of CDSS is increasing. In this case, building this knowledge base seems even less of an option when considering the expertise and time needed to manage and update it.

CONSIDERATIONS IN SELECTING CDSS


As with all third-party platforms, the convenience that comes with buying often includes challenges that need consideration. These include the integration effort for disparate platforms, investment in system upgrades and the additional effort from IT staff for monitoring the performance of these external platforms. Legacy stand-alone CDSS systems need to be integrated or discontinued. Yet, certain safeguards or mitigation plans can be considered to maximize the advantage of buying CDSS. 

These are best summarized in the following five C’s: 

1. Clinical team: Selection and implementation of the CDSS should involve the clinical teams to ensure that it meets the needs of the end-user for successful adoption and continued usage 
2. Credibility: Consider vendors with a proven case of working with other providers to smoothly manage the change experience 
3. Capability: Evaluate vendor’s ability to effectively synthesize evidence into evidence-adaptive technology platforms, thereby successfully bringing about true practice transformation 
4. Configuration: Ensure EHR platforms have been configured to integrate with CDSS and updated to comply with latest interoperability standards 
5. Computation: Define metrics that measure performance of each CDS element and outline a clear process for monitoring to tweak elements that are underperforming 

Following the appointment of a vendor, healthcare organizations should further establish governance structures and develop a clinical knowledge management framework that can consistently track and improve effectiveness of their chosen CDSS platform. In all, keeping in mind the above considerations will enable providers to better chart out their journey towards a successful CDSS adoption.

CONCLUSION

With the deluge of evidence that is often fallible and slow to diffuse into clinical practice, along with advanced EHR platform integration requirements, hospitals must reconsider their likely initial inclination towards building their own CDSS. A number of major initial and ongoing challenges with home-grown solutions, including care replacement costs, time and effort to constantly update evidence; usability; implementation and maintenance costs; and accepted functional practice integration can be overcome with the purchase of proprietary CDSS. Overall, the selection of CDSS should also involve the clinical team from the start, as well as careful selection of vendors who show a high level of willingness to partner in the transformation journey.


Author

Dr. Ujjwal Rao

Dr. Ujjwal Rao is Senior Clinical Specialist in Integrated Decision Support Solutions, and is based in New Delhi, India. He provides strategic counsel to health providers on designing world-class clinical decision support systems with Elsevier’s comprehensive suite of current and evidence-based information solutions that can improve the quality and efficient delivery of healthcare.

An experienced emergency physician, executive, clinical informaticist and technology evangelist, Dr. Rao has a decade of experience serving in trust and corporate hospitals in various roles ranging from clinical administration, hospital operations to quality & accreditation. In his former positions, Dr. Rao led EHR implementations for large hospital groups and designed bespoke healthcare analytic solutions to raise profitability.

His passion to see transformation through technology led him to volunteer as a quality consultant with the United Nations. He also currently serves as an Assessor on the Panel of the Quality Council of India for the National Healthcare Accreditation Standards body, NABH.

Dr. Rao obtained his degree in Medicine and then specialized in Hospital and Health Systems Management, Medical Law and Ethics before completing his PhD in Quality and Medical Informatics.

Scroll to Top
Connect
1
👋 Hello
Hello!! 👋 Manish here, Thanks for visiting The Healthcare IT Experts Blog !! How can i help you?