Interoperability with InterSystems for Community Healthcare

Focusing on improving the systems in place means implementing low-risk, high-improvement technology that has been proven effective in similar healthcare settings. InterSystems technology uses the FHIR standard in multiple capacities to do this. FHIR is a technology standard that promotes interoperability, better patient care, and the transfer of healthcare data information. This information systems project’s interoperability recommendations are based on the Senior Clinical Advisor for Interoperability at InterSystems, Russ Leftwich, MD's recommendations outlined in his presentation, FHIRSIDE Chat. The project aims to innovate systems processes at a community healthcare organization, Fenway Health. These system improvements encourage better access to accurate and up-to-date health data management for patients through patient-facing apps and healthcare professionals through administrative-facing apps.

SMART technology features on FHIR include user authorization, single sign-on to ensure security and ease of access to different apps, and context passing on app launch for quick access to patient information from one app to another. One practical application for the innovation’s KPIs using SMART is that it promotes public health research project growth and interoperability through innovative app integration. It allows for patient-facing app access and real data connectivity to public research projects promoting community-building involvement. Other applications for this innovation are prescription adherence, EHR data translation, and integration of Apple Health apps and similar apps.

Impact on Innovation Implementation

These applications of SMART on FHIR promote the critical performance indicators of this innovation implementation and the organization’s more significant goals and objectives. The impact on innovation implementation ensures improved patient outcomes, enhanced data analytics, regulatory compliance, integration of new collaboration and workflow efficiency, benefits user experience, and scalability. This project promotes greater access and equity for patients, organization staff, and clinicians. These technologies allow quicker, more secure, and innovative ways to interact with a patient’s or population’s data.

Personnel Involvement

The Chief Financial Officer and Senior leadership should be involved in reviewing this project’s budget and share concerns and suggestions for improvements. Physicians and care teams can provide feedback on providing more physician autonomy, training, required workflows, and ensuring the best care outcomes. The CIO and CTO can give direction for the technological aspect of the project. The IT personnel can work to develop and integrate these proposed systems. Risk management personnel can work to prevent and estimate risks for this project as it progresses. Project managers must set the project on a trajectory for success by regularly monitoring milestones and requirements. Legal counsel will ensure regulatory compliance and contractual agreements are in order.

Clinical Concerns

Patient outcomes will alter for the better as part of the changes; however, with new technologies, new risks of qualified products are minimal but emergent. Regulatory compliance and data privacy is always a risk when using data. New secure access abilities allow for more data security. Continuity of care will be improved by promoting collaborative data integration and systems interoperability. Clinical decision support will be improved to prevent exhaustion and confusion while enhancing connectivity and simplifying processes. User experience will be a critical improvement that prevents user frustrations and allows for ease of use and understanding of information sharing and documentation. Clinical collaboration can be limited temporarily or for an undeterminable amount of time due to changes in administrative and clinical processes.

Cybersecurity Risks, Data Breach, Liability, and Mitigation

Potential Cybersecurity Risks

For this innovation project, it is essential to understand the components included to realize the potential for real cybersecurity risks. This innovation uses InterSystems software and HL7 FHIR, along with similar software, third-party apps, and community data projects. The involvement of these different parties offers opportunities and challenges to data integrity and privacy. The potential cybersecurity risks include lack of proper training, protocol, and procedures not retaining relevance, data breach, ransomware, phishing, third-party apps, sites, software, or vendor hacking or misuse, and threats from insider actors.

Potential Damages from a Security Breach

Potential damages from a security breach range from warnings to reputational loss, compromised patient data and patient health outcomes, privacy violations, operational disruption, and punitive legal damages in the form of financial compensation. In this case, intellectual property information can be breached due to third-party apps. Reputational damage can range from temporary to permanent, depending on the circumstances of the security breach. It can appear from concerned parties, including but not limited to patients, partners, stakeholders, governmental and community organizations, and employees. Compromised patient data can lead to bad actors misusing private information for identity theft or similar reasons. In the case that a security breach impacts operations, the ultimate result is reduced functionality of operations for employees and compromised health outcomes for patients as a result. In the case of privacy violations, the result can lead to having to repay legal damages to various parties, including affected patients and regulatory agencies safeguarding HIPAA, HITECH, and similar regulatory guidelines.

Potential Liability Issues for Fenway Health

In addition to the damages listed from a security breach, the organization has potential liability issues. In particular, for this project, using third-party apps and software can create liability that could be seen as avoidable. Data insecurity, mentioned above, has the potential to be a legal liability in this project. Liability also occurs when non-compliance results from cybersecurity risks. This relates to HIPAA, HITECH, and similar regulations. Physicians are expected to act in the patient’s best interest, and in the case of a preventable or manageable risk, a breach of a physician’s duty results in liability. This can escalate to malpractice liability claims for negligent care against the physician and organization. Malpractice claims are related to real harm created by the risk or actual patient harm or reduced health outcome.

Mitigating Risks

Penetration Testing System:

The protocol for a penetration testing system ensures mitigating cybersecurity risks for this project. It begins with organizing efforts and planning, followed by data collection of the organization’s systems, assessment for weaknesses in processes and procedures, simulation of actual breaches and attacks, fashioning credentialing meant for secure access, gathering the breached data, collecting results of the controlled penetration, and the mitigation and remediation of faulty parts and processes. These tests are performed by highly expert individuals who perform what is referred to as ethical hacking. This is because it requires more finesse than hacking due to the ethical nature of their work. This project requires working with multiple third-party systems and software that may not respond to or permit this testing due to the structures that keep them independent. InterSystems software developers work regularly with other teams to ensure the viability of cybersecurity integrity.

Training Protocol:

Training will include mandatory measures to educate employees on security measures for mitigating risks. Training includes regular retraining for updates to risk aversion and refresher courses on the subject to keep employees at their best to keep current with up-to-date mitigation measures. Training ensures that employees understand the security threats that breaches create and their role in preventing them. Training includes information on best practices, incident reporting, and procedural handling for secure data.

Training on access controls allows employees to be empowered by the tools at their disposal. This includes preventative tools from CDS-enabled software such as SMART on FHIR and similar software. These include mitigating tools such as single sign-on using OpenID Connect, user authorization via “scopes” from OAuth 2.0, context passing on app launch for a current patient, an encounter, et cetera to enable more secure sign-in between app to app and software (InterSystems). The ability to build innovative healthcare applications with an HL7 FHIR repository also promotes secure sharing and standardized policies and procedures integrated into its development.

Update to Fenway Health’s Policies and Procedures:

As part of mitigating risks, updating the organization’s policies and procedures provides a safety net for the mitigation measures readily available and able to be referenced. Evaluating the current policies and procedures provides an overview of weak points for the potential for liability and data breach and opportunities for updates. Staying current allows policies and procedures to stay relevant in living documents as emerging research and solutions are presented in real time. Providing guidelines allows for managing data handling, access controls, and employee incident response and responsibilities.

As part of the innovation process, it will be required that Fenway Health update its policies and procedures on firewalls, anti-malware software, encryption, and passwords. It will use up-to-date state-of-the-art improvements to its information systems protections that support updated policies and procedures.

Synthesis Results for Survey

The survey asks about innovation for patient intake and clinical processes. Survey questions were separated into four sections with five questions each. The questions were sourced from this rubric and tailored to the specifics of the details for this project. Syntheses of responses from three respondents of my healthcare organization are reported below. Participants were selected to reflect diverse opinions from the organization and the influence of roles. One is the Head of the Department of Public Health at Fenway Health, another is the lead Provider at Fenway Health at the Ansin Building, and the third is an administrative director.

1. Current Obstacles Q: Questions have to do with the cultural fit of the innovation and reducing risk failure and attrition during relevant training.

A: Training creates additional steps while implementing innovation for staff and clinicians. Current processes for intake and chart documentation work well enough by some standards. Dissent among staff and clinicians can create rifts in interdepartmental integrity and processes.

2. Potential Benefits Q: Questions related to the possible reasons for moving forward with this project according to participant perspectives.

A1: Improvements to the patient intake process would allow providers to save time. It would improve patient data privacy. It would enable front desk receptionists to organize patient information and reduce wait times.

3. Patient Impact Q: Questions are related to the delivery of service, old and new methods, and the needs of departments for patient delivery.

A: (Obstacles) Patients might acutely be affected by the transformation during the transitional period. Patients prefer more manual and paper methods of intake. (Benefits) Patients find the new techniques much more accessible and user-friendly. Patients promote these methods to the public, friends, coworkers, and the media about their ability for exceptional healthcare delivery. Patients have better outcomes — fewer ambiguous results in improved outcomes with less paper documentation and better analytics.

4. Cost Effectiveness Q: Questions have to do with the ability to procure a project financially.

A: It would be necessary to create solutions that promote cost-effectiveness. Part of the resistance to large projects is finding enough funding to keep the project going in the short and long term. There is funding designated for improvements based on research. Because every year, and for every project, there is a limit to how much funding can be allocated, this innovation would need to be run by different department heads, especially accounting and the C-suite, during their regular budgeting review.

As the organization approaches increased capacity, the emergence of technology to improve intake and clinical documentation processes becomes more attainable. Each participant’s viewpoints were examined on relevant technology from different aspects of organizational compatibility. I also learned the improvements and challenges that other similar technologies offer the organization that are implemented now, including Epic. There is a clearer picture of what technologies realistically improve innovative facilitation and what technologies detract from the main objectives and goals of the organization currently and in the future.

Funding Plan for the Digital Innovation Project at Fenway Health

Cost of Implementation

$100,000 over 2 years: Technology Infrastructure

$15,000: ELS, Live, & Continued Training

$60,000: Part-time Staffing for Special Project

$10,000/yr: Maintenance & Customer Service Support

$10,000: Project Management Support

$20,000: Data management and Analytics

$10,000: Contingency & Emergency Planning

$225,000/2 years: Total upfront costs

Pitch: Plan for Approval

This revolutionary project ensures low overhead costs and minimal maintenance with the rising costs of inefficient and outdated processes that we currently face at Fenway Health. Unlike other projects, this proposed project allows prices to start low and remain low. IT, staff, and employees will be able to implement and continue into the long-term progression of this project because of this feasibility. Using IRIS from the InterSystems platform to improve systems operations, like rapidly generating custom application development and making an RESP API with only 3 clicks, is the best and easiest way for Fenway Health to make the most significant investment in time and money. Instead of investing large sums on ongoing issues, the team will focus more on productivity with a renewed investment in less tedious and disorienting processes. IRIS is the first systems platform to be user-centered, creating more engaging and intuitive experiences for employees and patients who use these applications. IRIS ensures that transformation is a seamless success.

Personnel Planning

Personnel planning requires staff and physicians to organize budgeting project management to implement this project successfully. Change management for the project involves planning to reduce financial disruption from old systems to new ones. It encourages follow-through beyond initial implementation. Training from older systems primarily involving manual data entry is replaced with new systems requiring advanced knowledge of new technology operations. Roles and responsibilities are redistributed to create accountability with new functions educated on skills for working with emergent IT roles for problem-solving. Performance progress management uses relevant financial metrics and team performance evaluation to understand goals and opportunities for personnel improvement on the project.

Financial Return on Investment

Fenway Health’s challenges are declining reimbursements from payors, cost reduction, and budget constraints. This project has immense potential for return on investment. In the form of cost savings, the plan ensures that processes are improved and decrease errors significantly. This reduces employee working hours, including overtime for issue maintenance. It also decreases the costs associated with employee burnout and hiring to improve employee retention. Automation for supply chain management, billing, revenue cycle management, and resource utilization can improve efficiency by reducing latent defects. Additional revenue in these critical areas is returned as revenue for return on investment.

Clinical Return on Investment

Several organizations, including Epic, Meditech, CPSI, and Cerner, have implemented these same streamlined, new high-performance database management systems that integrate into their current healthcare systems to optimize administrative and clinical duties. Improved patient outcomes are ensured with fewer data entry errors, allowing users to experience more accurate information. Clinical ROI for this project provides that assessments regularly compare cost analysis with clinical effectiveness. This has shown so far that cost is down, and clinical outcomes, QI, and regulatory safety have been established to improve by 18%.

References

Leftwich, R. (2022, August 15). FHIRSIDE chat — innovations in achieving interoperability. InterSystems. https://www.intersystems.com/resources/fhirside-chat-innovations-in-achieving-interoperability/

Rosiles, S. (May 23rd, 2023) Interviews with Health Leaders. Fenway Health.

Previous
Previous

Health Information Compliance

Next
Next

Value Chain Design