In your Final Presentation, you should create a 12-slide PowerPoint presentation that will include the points listed below along with components highlighted in your Week 1 assignment’s proposal and appropriate peer-review feedback from Weeks 2 and 5, as well as your Week 2 through 5 written assignments. You are to create your presentation as though you were presenting the elements to a group for review.
Present the needs that were highlighted within your selected case study as it applies to your “ABC Health Care” organization.
Propose a risk analysis strategy on how organizational needs were met in accordance with applicable laws and standards.
1
Case Analysis: System Acquisition
2
Case Analysis: System Acquisition
The Agency for Healthcare Research and Quality (AHRQ) is critical in acquiring
healthcare information systems. AHRQ is a government agency responsible for maintaining
quality, equitable, affordable, and safe healthcare services (Kronick, 2016). It supports the
development and implementation of healthcare information systems that ensure that patient
outcomes are of quality while reducing patient costs and hospital operations. Providing cheap
medical services is the primary objective of the government. With AHRQ in place, patients
across the country could receive better services. One of the ways that AHRQ supports the
healthcare system is by providing funding and research support for the development of the
healthcare information system (Kronick, 2016). It also provides resources and guidelines to
healthcare facilities to enable them effectively select, implement, and optimize the use of the
healthcare information system. For instance, in research and development, AHRQ has provided
many funds to develop a new healthcare information system. The funds also helped improve the
existing systems so patients could be provided better services (Kronick, 2016).
Healthcare information system acquisition is a complex and challenging issue. It involves
many processes that lead to significant issues or concerns, such as costs, interoperability, and
usability. To solve the issue of costs, the facility or individual should consider using open-source
software or a cloud-based system. Using a cloud-based system reduces the upfront costs of
hardware and software installations since a cloud-based system does not require a facility to
purchase hardware equipment such as servers or storage systems, or other necessities (Sittig et
al., 2018). Interoperability is another major issue that affects many organizations’ information
systems. Improving interoperability such that different departments can use a system effectively
and efficiently improves coordination and patient outcomes. To improve interoperability, using a
3
standardized data format and establishing a communication channel will ensure that people from
different departments communicate effectively.
The acquisition of the healthcare information system in the facility improved service
provision. First, it ensured that services provided by clinicians were of quality and that they
could check on their patients once discharged from the hospital (AHRQ Digital Healthcare
Research, 2015). The system improved the discharge process, where patients received specific
instructions on taking good care of themselves. The discharge segment provided patients with
information on what lab results or tests they needed to follow up with, thus creating a big trust
value. Lastly, the health information systems prepared and empowered patients to take good care
of themselves. Therefore, the system came with many benefits and values to patient care.
The System Development Life Cycle (SDLC) is a decision-making framework designed
to help develop information systems. The principles of SDLC are applied in system development
to ensure that the system is fully developed according to the established structure and timeline.
SDLC has four principles: planning, analysis, implementation, and maintenance. Planning is the
first step that involves creating goals and objectives for the system. The analysis involves
evaluating the existing system. It is a stage where requirements for the system are identified. For
instance, in the development of the healthcare information system for the Billing Clinic, they had
to identify what the system lacked and what the hospital needed to improve to enable its services
to become well. Designing involves developing a detailed plan of how the new system will be
developed, while implementing involves developing and testing the system.
As illustrated in the values of the system, the newly developed health information
systems enabled clinicians from different departments to coordinate and share information
regarding their health. It empowered patients to manage their lives and health conditions.
4
Therefore, patients and clinicians of the system had a good user experience when interacting
with the system. For instance, clinicians can get information by accessing the EHR through the
system.
A project lifecycle framework comprises six essential components: initiation, planning,
execution, monitoring and control, and closing state (Lester, 2014). The initiation stage is where
the project objectives and goals are defined. The stage also involved designing the scope of the
project and assembling team members. The second stage (planning) involves creating a project
plan to ensure the project is well-defined and prepared (Lester, 2014). Execution is a stage where
the project’s actual work is done. Monitoring and control is a stage where the project’s progress
is evaluated against the project plan. At the same time, it identifies risks associated with the
project. Finally, the closing stage is the final essential component of a project lifecycle that
formally closes the project.
Implementing the new health information system improved patients’ health outcomes.
The primary goal of a health information system is to improve patient care. The system increased
efficiency and better resource management. For instance, through the system, all departments’
discharge checklist was harmonized to ensure services provided were accurate and timely.
Resource management is the primary role of a new system. It ensures that real-time information
is available to the medical staff for better services. Economically, the system reduced labor costs
while increasing revenue.
The quality implementation and acquisition impact my proposed project concerning the
ABC healthcare facility based in Jersey. However, the facility uses the TechMed system, which
needs to be improved to offer better services to patients and medical staff. Keeping and
retrieving patient records is critical in offering healthcare services. This topic is crucial because it
5
enables me to understand the stages of designing and implementing a project. Secondly, it
enables me to understand the various stages of a project lifecycle that are critical in ensuring
everything works as expected. Therefore, quality implementation and acquisition are essential in
project design.
6
References
AHRQ Digital Healthcare Research. (2015). Health IT Success: Improving Provider
Communication to Improve Transitions in Patient Care – YouTube. YouTube.
Kronick, R. (2016). AHRQ’s Role in Improving Quality, Safety, and Health System
Performance. Public Health Reports, 131(2), 229.
https://doi.org/10.1177/003335491613100205
Lester, E. I. A. (2014). Project Life Cycles. Project Management, Planning and Control, 47–50.
https://doi.org/10.1016/B978-0-08-098324-0.00011-1
Sittig, D. F., Wright, A., Coiera, E., Magrabi, F., Ratwani, R., Bates, D. W., & Singh, H. (2018).
Current challenges in health information technology–related patient safety.
Https://Doi.Org/10.1177/1460458218814893, 26(1), 181–189.
https://doi.org/10.1177/1460458218814893
Wager, K. A., Lee, F. W., & Glaser, J. P. (2017). Health Care Information Systems: A Practical
Approach for Health Care Management (4th ed.). Wiley Professional Development
(P&T). https://uaglobalcampus.vitalsource.com/books/9781119337089Links to an external
site.
1
Health Information System Case Selection and Proposal
2
BACKGROUND
ABC health care facility is a medium size facility with 2000 staff members, attending to
more than 90,000 patients in a year and has 350 patient beds. The healthcare facility in Jersey
City serves a community of more than 300,000 people. The facility records about 30,000
emergency and ambulatory visits. Based on such, the facility requires a well-structured
information technology team to ensure efficient record keeping. The hospital uses TechMed as
the main EHR system that supports admissions, patient index, transfer and discharge. EHR is an
essential part of healthcare record keeping today because of its perceived benefits that include
more secure patient record keeping, increased accuracy and dependability, and enabling
caregivers to collaborate and share patient records for improved patient treatment outcome
(Hossain et al., 2019)
Setting
The healthcare facility takes care of different patients. They undergo the admission
process when they first visit the facility. The facility uses an EHR system to obtain and record
important information about the patient, which may fail. The project will focus on this area to
address challenges that may occur.
Healthcare service:
The main focus of the research paper will be on the Crashing of the Admitting System,
highlighted in Case 16 of the module reading, Health Care Information System. The research
paper will also address the action needed when such incidents occur.
Problem
3
EHR records important patient information. However, the system has been in place for
more than a decade, and sometimes it malfunctions. The challenges experienced from the
breakdown are enormous, from recording patient history to delayed reporting. Also, the
breakdown contributes to the complete shift from online services to paperwork which takes time
and causes a delay in service delivery (Atasoy et al., 2019). A complete shift to the manual
system may lead to human errors in data collection or taking patient history, which affects the
quality of care offered to the patient.
Barriers to quality
Failure of the EHR system has various challenges, affecting the patient’s safety and
quality of services delivered. Data is lost; hence, medical history, including those under critical
health conditions, cannot be accessed. Healthcare providers cannot offer the best care services,
impacting the quality delivered.
THE INTERVENTIONS
There is a need to conduct detailed research on the best way to address the challenges that
occur during system failures. Implementation of a new system with an upgraded interface is the
first intervention. Also, implementing backup toolkits that are easily located should be in place.
In case of a complete breakdown, guidance on accurately collecting manual information should
be implemented. Staff training is also essential to ensure accuracy while conducting manual
admissions and reporting.
Process defect
The project aims to have a better approach to solving the crash of the admitting system through
the Plan, Do, Check, Act technique (PDCA).
Aim
4
The aim is to have an upgraded EHR system that does not crash easily and ensures effective data
backup for quality patient care.
STRATEGY FOR IMPLEMENTATION
The IT team will communicate strategically with staff to ensure a smooth transition.
There is also the need to communicate with the finance department on the budget needed for a
new system. A backup of data held in the current system will be done and then transferred to the
new system. Staff members will be trained on the new system and how to ensure they back up
data frequently. Also, securing the system against data breaches will be done to protect patient’s
information.
Measures
The system’s effectiveness will be determined by ensuring there are no errors in data and
the system is safe against breaks downs regardless of workload.
Barriers to change
Resistance from workers, management may be unwilling to fund the new system,
healthcare workers may be overwhelmed by the system in place, unwilling to learn the new
system, and negative history of the previous changes in the system (Loncar-Turukalo et al.,
2019).
Simple rules
Implementation of the system has considered the safety of employees. The EHR system
should always be operational to ensure accuracy, patient information should be safeguarded
effectively, and the healthcare organization have an efficient backup system in place.
Cost implication
5
The hospital has an EHR system, yet it needs an upgraded one. The cost of buying a new
system, installation and training the staff is expected to be high. However, the implications are
worth the risk as they safeguard against future downtimes, which may cause more losses. The
system will reduce wasted time and improve productivity in the long run.
6
References
Atasoy, H., Greenwood, B. N., & McCullough, J. S. (2019). The digitization of patient care: a
review of the effects of electronic health records on health care quality and
utilization. Annual review of public health, pp. 40, 487–500.
Hossain, A., Quaresma, R., & Rahman, H. (2019). Investigating factors influencing the
physicians’ adoption of electronic health record (EHR) in the healthcare system of
Bangladesh: An empirical study. International Journal of Information Management, 44,
76-87.
Loncar-Turukalo, T., Zdravevski, E., da Silva, J. M., Chouvarda, I., & Trajkovik, V. (2019).
Literature on wearable technology for connected health: A scoping review of research
trends, advances, and barriers. Journal of medical Internet research, 21(9), e14017.
Wager, K. A., Lee, F. W., & Glaser, J. P. (2017). Health care information systems: A practical
approach for health care management (4th Ed.). Retrieved from
https://www.vitalsource.com
1
Strategic Organizational Goal
Patient Care: Quality Improvement
Introduction
At ABC, the current EHR system used by the facility is outdated and sometimes leads to
data loss. The system has been in place for more than a decade, and sometimes it malfunctions.
The challenges experienced from the breakdown are enormous, from recording patient history to
delayed reporting (Bani Issa et al., 2020). Also, the breakdown contributes to the complete shift
from online services to paperwork which takes time and causes a delay in service delivery. It is
imperative to note that failure in the EHR system has a direct impact on patient care – quality
improvement which is one of the fundamental strategic organizational goals. Failure in EHR
affects patient care and quality improvement by reducing provider efficiency, leading to delays or
inaccuracies in diagnosis and treatment decisions (Bani Issa et al., 2020). Additionally, if the
2
failure is related to data security it can lead to privacy breaches that put patients’ health records at
risk for misuse. The resulting negative outcomes include potential harm to individual patients as
well as decreases in overall patient safety levels.
The problem faced by ABC Healthcare
One of the fundamental problems faced by ABC Healthcare is the inefficient EHR
System that is used in the facility. The system has been in place for more than a decade and
sometimes malfunctions that affect the overall patient care and quality improvement within the
facility. However, an inefficient EHR system directly impacts patient treatment outcomes by
leading to delays or inaccuracies in diagnosis and treatment decisions due to the time spent on
navigating a complex user interface (Neves et al., 2020). Moreover, if data is entered incorrectly
or not updated regularly throughout an interaction with a patient it can lead to serious medical
errors and potentially noxious consequences. When providers are unable to quickly access
patients’ records, they may be forced into making less informed decisions that could compromise
patient care and safety.
Potential solution
One of the most potential and strategic solutions to this problem is to have an upgraded
EHR System that is more secure and can facilitate accurate data storage and retrieval (Bersani et
al., 2020). To improve efficiency in the current EHR system there are many steps that
organizations can take, such as improving the user experience, streamlining processes and
ensuring data accuracy. In addition, ABC should consider investing in training its medical staff
on the proper use of the system so they are familiar with its features and less prone to making
mistakes while using it. It is also important to invest resources into research about how patients
3
interact with the system so continual improvements may be made when needed. Finally, better
monitoring of performance metrics related to data analysis and utilization can help identify areas
where additional optimization might be necessary (Neves et al., 2020).
Steps in creating an information governance
Information governance describes a comprehensive framework for managing information
through the implementation of roles, processes, and metrics to transform information into a
business asset (Asadi et al., 2019). Healthcare organizations generate huge amounts of
information that must continuously be managed to ensure effective utilization for the benefit of
patients. The purpose of creating an information governance approach is to develop an effective
approach to governing and managing information or data generated or utilized by the
organization. There are many steps involved in information governance namely establishing
clear objectives, developing policies and procedures, assigning roles and responsibilities,
measuring performance and compliance, and most importantly communicating regularly.
The first step in creating information governance is to establish goals and objectives that
are aligned with the organization’s overall mission and vision. These should be carefully crafted
so all stakeholders involved in the process can easily understand them. Once the goals and
objectives have been established, it is critical to create an information policy framework that
outlines how data is collected, used, stored and secured across all systems within the
organization (Asadi et al., 2019). This includes establishing standards for accuracy, accessibility
as well as privacy measures designed to protect sensitive patient or customer information from
unauthorized access or theft.
4
It is also important to designate roles within the organization that specifies people who
are responsible for overseeing the implementation of governance processes including setting up
protocols on how decisions are made when conflicts occur between different departments
regarding the use of data resources across their areas of responsibility. In addition, the team
members must be trained on legal obligations if applicable such as being HIPAA compliant
within the healthcare organizations (Asadi et al., 2019). The fourth step involves developing an
effective way of measuring performance against organizational objectives. This helps in ensuring
accountability while at the same time ensuring the system is up-to-date with the changing data
and information regulations. The last step is regular communication. An information governance
plan should be communicated across all levels so stakeholders understand their role in helping
maintain compliance with organizational policies (Asadi et al., 2019). Regular meetings or
progress reports should be conducted amongst those responsible for managing information
administration to keep lines of communication open between different departments within the
organization.
Roles and Responsibilities of key players
Key players in policy, strategies and challenges include the governance team who
oversees the development of policies and procedures, stakeholders responsible for identifying
data needs, IT staff responsible for maintaining technical systems that store or process data, and
end users tasked with utilizing these resources to perform their job duties efficiently. There is
also the legal team involved in determining any applicable compliance measures related to how
information is used across different industries such as healthcare or finance. Finally, external
organizations such as regulatory bodies may be present depending on the context since they offer
additional guidance or issue sanctions if needed.
5
Conclusion
ABC Healthcare is faced with the challenges of an inefficient EHR System that affects
patient care and quality improvement. To address this issue, the organization should invest in an
upgraded EHR system that is more secure and efficient to store and retrieve patient records
accurately. Other steps include investing resources into training medical staff for proper use of
the system, researching about how patients interact with it; better monitoring performance
metrics related to data analysis and utilization, creating roles or responsibilities and clear
objectives towards information governance as well as communicating regularly between all
stakeholders involved. Implementing these measures can help ensure compliance with
regulations while providing safety, efficiency, and cost savings benefits through improved
healthcare outcomes achieved from accurate data storage and retrieval within a properly
functioning EHR system.
6
References
Asadi, F., Rouzbahani, F., Rabiei, R., Moghaddasi, H., & Emami, H. (2019). Information
governance program: a review of applications in healthcare. Archives of Advances in
Biosciences, 10(1), 47-55.
Bani Issa, W., Al Akour, I., Ibrahim, A., Almarzouqi, A., Abbas, S., Hisham, F., & Griffiths, J.
(2020). Privacy, confidentiality, security and patient safety concerns about electronic
health records. International nursing review, 67(2), 218-230.
Bersani, K., Fuller, T. E., Garabedian, P., Espares, J., Mlaver, E., Businger, A., … & Schnipper, J.
L. (2020). Use, perceived usability, and barriers to implementation of a patient safety
dashboard integrated within a vendor EHR. Applied clinical informatics, 11(01), 034-045.
Neves, A. L., Freise, L., Laranjo, L., Carter, A. W., Darzi, A., & Mayer, E. (2020). Impact of
providing patients access to electronic health records on quality and safety of care: a
systematic review and meta-analysis. BMJ Quality & Safety, 29(12), 1019-1032.
Wager, K. A., Lee, F. W., & Glaser, J. P. (2017). Health care information systems: A practical
approach for health care management (4th ed.). Retrieved from
https://www.vitalsource.com
1
HIPPA Privacy and Security Case Study
HIPPA Privacy and Security Case Study
HIPPA has helped protect patients’ private health information in various ways
since it was developed and enacted in 1996. It has seen several amendments relating to
technology, among other crucial components critical to patients’ electronic information
sharing or access (Homer et al., 2009). In several instances, HIPPA has played a role in
bringing justice to patients whose private information has been violated. For instance, in
October 2018, OCR settled a case with Allergy Associates for $125,000 for disclosing a
patient’s Private Health Information (PHI) to a reporter. The incident happened after the
reporter interviewed an allergy patient in February 2015 (Office for Civil Rights, 2018).
Therefore, it is essential to understand the impact or importance of HIPPA on patients’
PHI. The case of Allergy Associates will be instrumental in analyzing the HIPPA privacy
2
and security regulations violated and the penalties imposed, apart from developing a
health system improvement plan.
Specific HIPPA privacy and security rules broken
In the case of Allergy Associates, several HIPPA privacy and security rules were
violated. The broken regulations include the impermissible disclosure of the protected
health information as established in Title 45 CFR section 164.502(a), the minimum
necessary rule as per Title 45 CFR section 164.502(b), and the administrative safeguards
illustrated in Title 45 CFR sections 164.308 and 164.310. The doctor impermissibly
disclosed the patient’s protected health information to a reporter without the patient’s
knowledge or authorization. His act violated HIPPA’s privacy requirements that require
an individual to disclose information only when permitted by the involved individuals.
Title 45 CFR section 164.502(b) has established minimum necessities required for an
individual to disclose protected health information or when requesting them. For
instance, one is required to disclose PHI when requested by a healthcare provider for
treatment purposes (Govinfo.gov, n.d.). Disclosing the patient’s PHI by the doctor goes
beyond what is necessary or required by law when addressing the dispute between the
patient and the doctor. First, the doctor needed to have consulted the patient. Finally,
Title 45 CFR sections 164.308 and 164.310, which discuss safeguards and administrative
safeguards, were violated. Allergy Associates failed to implement appropriate measures
to protect patients’ PHI because HIPPA requires covered entities to have protective
mechanisms to uphold the confidentiality and integrity of patients’ PHI.
Penalties imposed
3
The penalty imposed on Allergy Associated after investigations were completed
and a ruling made involved the settlement of $125,000 (Office for Civil Rights, 2018).
The settlement represented the penalty imposed on Allergy Associated for violating the
various HIPPA rules by the doctor who disclosed the patient’s PHI to the reporter.
Health system improvement plan
The plan will involve conducting a comprehensive review of the existing privacy
and security policies to ensure they comply with HIPPA rules. After conducting a review,
the next phase of the plan is to develop a training program on HIPPA regulations to train
all staff members on what is expected of them and how to conduct themselves. The
training will revolve around the importance of patient privacy, security awareness and
how to efficiently and effectively handle patients’ PHI (Hughes, 2008). The third thing is
to develop a standardized authorization form and procedure outlining information
disclosure purposes or for people wanting to obtain patients’ consent. The facility
implements regular audits and monitoring processes to ensure HIPPA regulations are
followed.
Risk analysis strategy addressing HIPPA regulations
Conducting a risk analysis strategy will involve a lot of steps. First, one must
determine the risk analysis’s scope and the assets involved. After identifying the scope of
analysis, the next one is to determine or identify the potential threats that could
compromise the integrity, confidentiality and availability of the protected health
information (Hippajournal.com, 2023). This will include aspects such as data breaches,
unauthorized access or malware attacks. The next step is to conduct a risk assessment and
4
determine the risk levels. After determination, the next step is to develop a mitigation
strategy and monitor the implemented strategies’ functionality.
Lessons learned
There are several lessons learned from these cases that are applicable in the
future. For instance, I have learned that healthcare providers must know what they need
to disclose and the processes involved in disclosing patients’ PHI. They need to
understand that patient authorization is critical for medical use (Homer et al., 2009).
Secondly, it is important to train medical staff about privacy and security. Providing
comprehensive training regularly on HIPPA privacy and security rules will help them
maintain patient security. Finally, conducting regular compliance audits and assessments
is crucial in identifying potential risks in an organization (Bizjak & Kontić, 2019).
Understanding these concepts enables organizations to enhance their privacy and security
measures while complying with HIPAA regulations. In conclusion, HIPPA regulations
are critical in maintaining patient safety and security. Healthcare facilities must
implement its use and ensure compliance to avoid being penalized for violating
established regulations.
5
References
Bizjak, T., & Kontić, B. (2019). Auditing in addition to compliance monitoring: a way to
improve public health. International Journal of Public Health, 64(9), 1259.
https://doi.org/10.1007/S00038-019-01291-4
Govinfo.gov. (n.d.). Q:\45\45V2.TXT PC31 kpayne on VMOFRWIN702 with $$_JOB.
Govinfo.Gov.
Hippajournal.com. (2023). HIPAA Risk Assessment – updated for 2023. The HIPPA
Journal. https://www.hipaajournal.com/hipaa-risk-assessment/
Homer, N., Szelinger, S., Redman, M., Duggan, D., Tembe, W., Muehling, J., Pearson, J.
V., Stephan, D. A., Nelson, S. F., & Craig, D. W. (2009). HIPAA, the Privacy Rule,
and Its Application to Health Research. PLoS Genetics, 4(8).
https://doi.org/10.1371/JOURNAL.PGEN.1000167
Hughes, R. G. (2008). Tools and Strategies for Quality Improvement and Patient Safety.
Patient Safety and Quality: An Evidence-Based Handbook for Nurses.
https://www.ncbi.nlm.nih.gov/books/NBK2682/
Office for Civil Rights, H. (2018). 2018 OCR HIPAA Enforcement Actions.
Order an Essay Now & Get These Features For Free:
Turnitin Report
Formatting
Title Page
Citation
Outline
