Privacy and Security in Health Informatics

Introduction

Health informatics is the nursing discipline with the growing popularity nowadays. This discipline targets the information management issues such as the information processing effectiveness and elimination of the information leakage risks. This discipline has the direct link to the federal and state legislation regulating the patient personal data safety and confidentiality. The following project aims at making an overview of the health informatics and technology history along with the way it implements in practice today. The specific focus of the project is the application of the health information and technology to the problem of patient personal data privacy and security. To illustrate the theoretic framework, the specific examples of the vendor companies utilizing the health information theory in their work and the healthcare institutions benefiting from the results of the vendors’ work will come to attention. The project will address the Iron Mountain vendor and the two healthcare organizations it serves entitled Novant Health and Laher Clinic.

Health Informatics and Technology History

The health informatics and technology is relatively a new nursing discipline that began to develop in the world in connection with the technological advancement and elaboration of the new hard- and software solutions aiming to address different problems that people are facing (Compton & Compton, 2014). According to Compton and Compton (2014), its history began over forty years ago when the simplest technologic instruments appeared that could help in the medical information processing. Then it continued to develop in the strict dependence to the technological solutions that become available at any specific period. In 1990, the invention of the Internet became the significant milestone in the development of the health informatics and technology. The breakthrough in this science took place after 2000 when the humanity began to use the most advanced computer hard- and software and the advanced Internet searching engines such as Google. Another prominent point in its history is the governmental direct issue as for the introduction of the electronic health records (EHRs) in U.S. hospitals in 2012 (Lorenzi & Riley, 2013).

The purpose of health informatics and technology is to utilize information technologies (IT) with an objective to optimize the information management processes within a healthcare institution. Facilitation of the information management processes in its turn has another important objective behind itself, which is the ultimate goal of the healthcare professionals’ work. This goal is to ensure high quality and cost-effective care for all delivered in a timely manner. Today, when the workloads and information massifs that the healthcare professionals face are so huge, it is impossible to resolve the set tasks without the powerful tool for information management (Compton & Compton, 2014).

Another essential aspect targeted by the health informatics is the provision of measures to ensure patient personal data privacy and security (Lorenzi & Riley, 2013). The issue has become quite sensitive in the past decades due to multiple cases of the health workers’ unprofessional behavior leading to the patient data leakage. Therefore, the health informatics and technology pays special attention to studying and developing the data leakage prevention methods (Compton & Compton, 2014).

The scope of the health informatics is quite broad. It can facilitate the healthcare institutions work in the variety of fields including:

• storing and processing the patient data;
• processing and analyzing financial and insurance information, making counting, and issuing the clients’ receipts;
• directing the health professionals’ work with use of the smart algorithms and reminders;
• integration of lab (Ashrafi, Kuilboer, Joshi, Ran, & Pande, 2014).

The intended benefits of the health informatics and technology are focused on the elimination of possible mistakes during the health and organizational data processing and the speeding up of the working process by means of limiting the time needed for the data management (Lorenzi & Riley, 2013). Being more specific, the following details come into focus:

1. more accurate patient and organizational information;
2. integration of data from multiple stakeholders and participants of the working process into one database;
3. better control of personnel’s work;
4. better decision-making (Barker, 2015).

The stakeholders who benefit from the findings made by the health informatics and technology theorists are the health professionals, the administers such as the government and public healthcare organizations, pharmacological companies, researchers, patients, and IT specialists (O’Connor, J., & Matthews, 2011).

How Companies Use Health Informatics and Technology at the Community Level

The health informatics has its wide implementation on the level of a healthcare institution and the community this institution is serving (Eminaga et al., 2013). The wide scope of supplements is created by the vendor companies based on the findings made by the health informatics and technology theorists. Today, the vendors offer the most diversified appliances that can easily fit to the needs of any particular hospital and even the small care units or the private practice cabinets. To illustrate, the vendor software can be adjusted to the requirements of the hospital and community it serves based on the local legislation regulating the privacy and confidentiality issues and the scope of NPs practice (Lorenzi & Riley, 2013).

Modern vendor companies pay special attention to the patient personal data safety. Patient personal information privacy and security are the major priorities highlighted in the current legislation (Lorenzi & Riley, 2013). These core values are also established as the major ethical values by the health informatics and technology science. With the focus on personal information privacy and security, contemporary vendor companies work hard to develop effective and legal tools to process patient data and dispose some if its components that become unnecessary due to a variety of reasons (Lorenzi & Riley, 2013).

Iron Mountain

Iron Mountain is health IT company with the wide scope of services offered to the clients and advanced technologies allowing it to stick to the strict patient data safety and security regulations in the most precise way. The main services the company provides:

1. health information management;
2. heath IT;
3. consultation.

Iron Mountain has won its highly respected reputation due to the very sensitive attitude to disposing important personal information. They do it in a green and legal way.

Addressing the company product in detail, Iron Mountain offers the complex of services aiming to help the healthcare institutions access every bit of patient information they need at the very moment they need. Iron Mountain leaders acknowledge that this philosophy sounds very easy but in fact, the healthcare professionals and the IT specialists helping them know how hard it is if there are no specifically designed tools for this. They are also aware of the patient information privacy and security challenges. To cope with the identified problems, Iron Mountain has the following services:

• HIPAA-compliant appliances for patient records storage;
• Safety appliances for data encryption;
• Safety and legal disposal appliances for the information that becomes outdated;
• Developing a unique information management strategy for a particular healthcare institution;
• Offsite storage facilities;
• Information purging and shifting;
• Data centers;
• Server backup;
• Staff consulting and educating.

Technology

Iron Mountain is using an advanced hard- and software technology to ensure the high quality of the offered services. The company employees strive hard to monitor the emerging data security issues on the daily basis. They also visit the industry affairs aiming at promoting the constant progress and compliance to the legislation changes regulating the citizens’ personal information issues. The result of this work is the flexible product able to meet the most challenging objectives that each particular hospital faces from day to day.

Comparative Analysis

Comparing Iron Mountain approach with the approach of one of the industry leaders in U.S. that is Epic, high degree of similarity can be found. The same as Iron Mountain, Epic is focused on the patient personal data privacy and security. To ensure complete compliance to the federal law regulating the information leakage issues, Epic is using the data encryption and disposes the files that became out-of-date. The main difference between the two companies is the scope of the services offered. Being the industry leader, Epic has focused on each aspect that may emerge in the work of any healthcare institution. It has also provided the patients with the safety platforms where they can access their personal information as far as it in accordance to the federal law.

Profile of the Healthcare Organizations Embarking on Project

Novant Health

Novant Health is the healthcare organization successfully partnering with the Iron Mountain vendor for a long time. This organization has over 300 medical clinics in 3 states under its jurisdiction and faces numerous issues requiring an effective approach to the information management with the use of technology.

The company representatives are highly content with the results of their cooperation with Iron Mountain. The main benefits they have noted:

• improvement of patient care;
• better clinic space management;
• better clinic staff management;
• high compliance to regulatory actions;
• storage costs reduction with the help of turning the written records into the EHRs;
• ability to follow the guidance of Meaningful Use.

Lahey Clinic

Lahey Clinic is the medical group based in Massachusetts that employs over 5,000 healthcare professionals such as physicians, nurses, and ancillary staff. The main organizational goal of Lahey Clinic is to provide the optimal patient outcomes in combination with the quality and compassionate care. Before transiting to the EHRs, the organization has faced multiple challenges connected with storing the vast pieces of patient information and ensuring their safety. The challenges included the component of the low cost-effectiveness due to the huge areas occupied by the patient files and the necessity to employ multiple staff to process the information.

Cooperation with Iron Mountain helped Lahey Clinic achieve remarkable results. No more vast storage areas and no more crowds of employees working with the health records were needed. Instead, the company shifted to the practice of scanning the health information and storing it in the digital way. The benefits that the organization has had include the following points:

1. cost-effective use of staff and space;
2. easier operational information processing;
3. improved patient outcomes and increased care quality;
4. increased compliance to the patient personal data storage regulations including the HIPAA and Meaningful Use;
5. what is now the pleasure for the company staff, the freed space was used to create the spacious sports gym area.

Conclusion

In conclusion, the health informatics is an essential nursing discipline with the wide scope of implementation and multiple benefits seen both at the federal and local levels. This project has addressed the history of the healthcare informatics development and practical use of the theoretic framework provided by this science. It has also demonstrated how the findings made by this science implement in the work of particular healthcare institutions and what efforts by the vendor companies are needed to facilitate this work. The specific examples of the Iron Mountain vendor company and its two clients Novant Health and Laher Clinic demonstrated the vast volumes of the work needed to be done to ensure patient information privacy and security. These examples have also shown how a certain healthcare organization may benefit with the help of the health information and technology. Particularly, this research has identified that the benefits of utilizing the IT solutions for the patient information processing include improvement of patient care; better clinic space management; better clinic staff management; high compliance to hospital management regulatory actions; data storage costs reduction with the help of turning the written records into the EHRs; and ability to follow the guidance of Meaningful Use and HIPAA.

References

Ashrafi, N., Kuilboer, J., Joshi, C., Ran, I., & Pande, P. (2014). Health informatics in the classroom: An empirical study to investigate higher education’s response to healthcare transformation. Journal of Information Systems Education, 25(4), 305-315.

Barker, A. M. (2015). Advanced practice nursing. Burlington, MA: Jones & Bartlett Publishers.

Compton, M. E., & Compton, D. M. (2014). Public health informatics: A brief review of the field. British Journal of Medicine and Medical Research, 4(35), 5558-5567.

Eminaga, O., Özgür, E., Semjonow, A., Herden, J., Akbarov, I., Tok, A.,… Wille, S. (2013). Linkage of data from diverse data sources (LDS): A data combination model provides clinical data of corresponding specimens in biobanking information system. Journal of Medical Systems, 37(5), 1-9975.

Lorenzi, N. M., & Riley, R. T. (2013). Organizational aspects of health informatics: Managing technological change. New York, N.Y.: Springer Science & Business Media.

O’Connor, J., & Matthews, G. (2011). Informational privacy, public health, and state laws. American Journal of Public Health, 101(10), 1845-50.