History
of HIE
The road towards initiating the
Health Information Exchange has been a long one. There is no specific data on
exactly when this system was instituted. This is because initially, there
existed similar systems, but had different names altogether. During the 1990’s,
there was the adoption of CHIN and CHMIS. These systems did not prevail based
on numerous challenges that existed. Challenges came along as result of none
corporation between the stakeholders involved. Each individual was more
concerned about their interests in the adoption process. Incompatibility in the
technologies being used also created a barrier in one way or the other. In
2004, the government tried to draw its support on Regional Health Information
Organizations (RHIOs)
(Morrissey, 2011). Nevertheless, the network struggled to
get funding and favor from the desired individuals. However, things have been
different since 2011. Health Information Exchange systems now seemed to make
sense than it was previously. There has been intense pressure on health care
providers to invest on IT and other related fields. Market forces and technical
breakthroughs have been important in this realization.
Challenges
Establishment of HIE has not come
along without challenges. These challenges have different facets based on the
area being addressed. Among the challenges is how the information is being
exchanged. Based on the systems being used, entities that are willing to use
these systems need to be up to date in terms of technology. HIE involves
exchanges between different health care facilities. It has also created room
for exchanges between the private and the public sector. Such exchanges
requires that the relevant stakeholders put in place adequate measures ensuring
that information contained does not fall into wrong hands. The greatest
challenge that comes into play here is that of financial abilities. Most
healthcare facilities based in rural areas do not have means of sustaining such
networks. The systems require additional departments which come along with
extra costs. Some of these healthcare facilities cannot implement the systems
of exchanging this information. Funds provided by the government are not
sufficient. Under this category, healthcare facilities that are able to
exchange the information are doing while risking the security aspects of the
information being relied. Their systems are not up to the task in regards to
ensuring security and privacy of the data.
Another challenge is the security
and privacy concerns being raised. Security concerns arise based on the
technology being used in relying information from one entity to another. HIPAA
devised a security rule that requires every entity to encrypt its data before
it is exchanged with another entity. This is because it was as an appropriate
and reasonable safeguard. The implementation of the rule took place in 2002. Over
the years, implementation has been viewed as an expensive approach (Dalgleish, 2012).
As a result, many entities do not encrypt their data while they exchange it. This
creates a great challenge in trying to enhance privacy of the health
information being exchanged. There is a high possibility of the information
getting into undesirable hands. Usage of personal mobile devices such as
tablets, USB drive s and smart phones also create a security and privacy
concern. Most health care providers make use of their own devices for recording
and transmitting unencrypted information. These devices are usually unsecured
since they are personal belongings. Speed with which the devices have been
adopted with, is far ahead of the policies use to govern their functions (Dalgleish, 2012).
Their vulnerability plays a huge role in breaching medical information. Security
and privacy concerns also come along with the usage of cloud computing. With
the levels of technology available, HIEs find it convenient while exchanging
data through cloud servers. Enhancing security measures at this radar is not
that easy. This is because the protection on cloud environments is immature.
Implementation of the system has
also brought along its own challenges. Under this scope, lack of corporation
has been the greatest stumbling block. Public and private sectors have a
problem when it comes to working together. This is based on the motives and
drives towards their existence. The largest IDNs in some states are not getting
involved with HIE process. This is because they view patients as assets to the
organization (Guerra,
2011).
They are there to make profits as they ensure health aspects towards their
patients. To them, there is no gain by involving themselves in Health
Information Exchange. It comes as a loss since they might lose come o their
patients easily. Enhancing profitable business prospects is their first
priority. This creates a great challenge in the implementation process of the
systems. Lack of compatibility in the systems used in most healthcare
facilities also bring about the implementation challenge. It may take some to
put in place the desired network.
HIE Benefits
Health Information Exchange has a
lot of benefits attached to it. These benefits tend to justify its
implementation in light of the underlying challenges and shortcomings. Among
the benefits of the system is improved quality of care towards the patients.
Improved care emanates from safety measures put in place. Usage of HIE ensures
that medical errors are minimized significantly (Dalgleish, 2012). Medical practitioners
have access to patients’ records hence are aware of the treatments that they
were receiving previously. This ensures that they are not likely to offer other
medications that might polarize the situation. It has always been evident that
if a patient is subjected to different medications for certain period of time,
it might deteriorate the condition. The data available also provides the
allergies that a patient have hence aiding in the prescription process.
HIE also have the benefit of
enhancing reduced costs in the healthcare systems. This is because availability
of patient information helps in eradicating duplicate procedures, rework and
tests (Dalgleish, 2012).
This results in savings from both the patient and the healthcare provider. It
becomes easier to manage patients that suffer from long-term conditions hence
avoiding unplanned admissions, which are expensive. Health Information Exchange
also helps in tracking the individuals that get access to the medical
information contained in various files. When the access is done and the reason
for access should be provided. This helps in ensuring that patients’
information is kept private and can only be accessed by the relevant parties. It
eliminates aspects of victimization towards patients exhibiting certain medical
conditions.
HIE stimulates education and
involvement of patients in improving their own health conditions. This helps in
the recovery process since they get to know what to do and what not to do. It
becomes easier to execute this when they have full knowledge of their health
conditions. Lack of information on most circumstances results in irrational
behaviors. HIE also provides caregivers with support tools when making their decisions.
The support tools minimize errors during the decision making process. A poor
decision from a practitioner might put a patient’s wellbeing at risk. Using the
support tools helps in ascertaining whether a medical practitioner is doing the
right thing.
Health
Information Exchange also eliminates unnecessary paperwork involved with the
traditional systems. Safeguarding this paperwork is not an easy task based on
its physical location. Sometimes it gets tedious in searching for a patient’s
record when the number of files involved is large. Files also have the
possibility of being accessed by undesired personnel like the individuals
tasked with the responsibility of cleaning areas where they are located. HIE
also improves aspects of monitoring and reporting in the public health sector. This
is based on the control mechanisms instituted in the system.
Role of Networks
Networks involved ensure that the
data available serves all the desired parties. Stakeholders involved have
different needs with regard to the data being exchanged. For this reason,
several measures have been put in place to ensure that all of them access this
data without any inconvenience being created. Maintaining security at this
level has been paramount in this realization. There is a constant surveillance
that ensures individuals access the information have the require authority. This
has prompted healthcare facilities to device firewalls that cannot be infringed
by third parties. Only a given number of personnel working at these facilities
have access to the passwords required access the data exchanged. Encryption of
the data also aids in eliminating access since the encryption keys are only
availed to the necessary parties. Any details from the account names to the
password are kept as a secret. This way there is no conflict between the users
of the data since they get to obtain similar information.
User needs for data exchange on the
other hand are met through the provision of standards that help in the exchange
process. Among them is the process technical and semantic standard. Semantic
standard is devised to preserve the meaning of data as it is being sent from
one system to the other. This is achieved by ensuring that similar codes are
used and their interpretation is consistent. Technical standards are used in
defining the syntax, reliability and structure of the transactions. This ensures
that the errors are mitigated and every user obtains the information as it was
intended. The process standard on its part tries to define how the data should
be used in the workflow. As a result of these standards, every user’s needs are
addressed.
Privacy and Security Measures
A lot of mechanisms have been
devised to help address the privacy and security issues being experienced in
the usage of the systems. Among them is making the rule of encrypting data of
paramount importance. Healthcare institutions have been given an ultimatum of
ensuring that this procedure has been accomplished. Any institution involved in
the Health Information Exchange process must ensure that adheres to this rule.
Lack of compliance will come along with severe consequences from the policy
makers. There is organization that wants to find itself on the wrong side of
law. Such postulations will pave way for compliance from the stakeholders
involved.
Medical practitioners are also being
warned of using personal mobile devices while exchanging the information. Most
of these devices are unsecure and relevant policies regarding their usage are
not yet instituted. Reducing the frequency of using these devices will help in
boosting the security and privacy aspects. This is because it will become
difficult for undesired individuals to access the information contained in the
files.
When using cloud computing as a
resource for storing data, there are several measures being enhanced. Among
them is keeping different files on similar virtual servers but remain unmixed,
inaccessible and separate from each other. There is also a requirement that the
entire data and systems involved should be encrypted. The encryption keys
involved should be managed at all times. Tools involved should be of high
quality and compatible with current technology. When this is satisfied, it
becomes easier to detect and respond to a breach in the system.
Several restrictions are put in
place in order to safeguard the security and privacy of the information. The
major restrictions include use of passwords, encryption and firewalls. This
ensures that only relevant individuals have access to the information (Morrissey, 2011).
Only medical practitioners and the patient concerned can have access to this
information. Medical practitioners get access to the information once a patient
has presented himself or herself in their premises. In some instances they need
to get permission from the patient before they can access the information. The patient
on the other hand, accesses the information through the caregivers’ permission.
However, they cannot access the information through the HIE. There is also a
restriction on the nature of information they are allowed to access. For
instance, a patient is not allowed to gain access to information containing
notes from his or her psychiatrist.
References
Dalgleish, C. (2012, July 15).
Privacy Rights Clearing House. Empowering Consumers, Protecting privacy. Retrieved May 25, 2013, from https://www.privacyrights.org/fs/fsC6/CA-medical-HIE
Guerra, A. (2011, August 7). KLAS
Report Highlights Public HIE Challenges | healthsystemcio.com.
healthsystemcio.com | healthsystemCIO.com is the sole online-only publication dedicated to exclusively and
comprehensively serving the information needs of
healthcare CIOs.. Retrieved May 25, 2013, from http://healthsystemcio.com/2011/07/08/klas-report-highlights-public-hie-challenges
/ Morrissey, J. (2011, February 1).
HIE | Health Information Exchange |. Hospitals & Health Networks, H&HN, hospital
and health care business executives, health care business executives, hospital business executives,
health care management magazine. Retrieved May
25, 2013, from http://www.hhnmag.com/hhnmag/jsp/articledisplay.jsp?dcrpath=HHNMAG/Article/data/ 02FEB2011/0211HHN_Coverstory&domain=HHNMAG