• Enterprise
  Portal
• Physician
  Portal
• Community
  Portal
• Identity & Access
  Management
• Clinical
  Applications

Press Room

Articles

Implementation of an Effective Patient Data Management Platform

June 20, 2006
By Andrew Hurd

Each year, hospitals and large healthcare enterprises spend millions on purchasing, deploying, and maintaining clinical applications. For physicians, surgeons, nurses, and other healthcare professionals who must quickly address various clinical situations, accessing patient data within heterogeneous computing environments (thin-client, terminal-emulated, native PC, and Java) requires multiple passwords, access procedures, and patient selection queries. Navigating in and out of different applications to locate patient information is nothing but frustrating and time-consuming.

The provider organization's IT staff must deal with the resultant integration and platform issues when deploying new systems. During the decision-making process, and certainly well before implementation, IT must consider whether the new platform is open — meaning that it integrates and interoperates with the existing infrastructure (applications, operating system, and hardware). If not, the implementation process becomes extremely costly and can take several months, even years, to roll out to the clinicians they are ultimately looking to help. Scalability is another consideration; as the provider organization grows, so will the number of users and applications, not to mention the patient population. Add to this the increasing complexity of the needs required from community-based care or RHIOs. If you were to make one bet about data management over the coming years, it would be that it will increase in its complexity.

Thus, the platform must be flexible enough to meet those increased demands.

Going Beyond Navigation

While patient information exists, it is spread throughout different databases and applications, making simplified access problematic for those who need it most. In addition to needing unique passwords and IDs for each individual application, clinicians must repeatedly search for the desired patient within each application. Clearly, what the clinician is asking for is quick and secure access to a patient's information, not a solution that requires learning yet another system or that fundamentally changes how they work. Is it too much to ask to have all relevant patient data aggregated so that clinicians can easily access the information needed to make safe patient care decisions?

Many hospitals have implemented, or are looking to implement, single sign-on (SSO) technology as a means to address these workflow redundancies and to streamline the login process.Although the decision to deploy SSO technology is a wise one, and noticeably addresses the issue of multiple user IDs and passwords, it does not address clinicians' need to navigate multiple and disparate applications to get the full view of a patient's clinical record; nor does it provide the ability to monitor access to patient records — which is heavily mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

SSO Only the Beginning

Increasingly popular in combination with SSO solutions is Context Management — the enabling of applications to "speak" to and among each other. While not integrated at the back end, context-aware applications share corresponding data at the user level and operate almost as if they were integrated.

Paralleling these technologies are Compliance Management technologies, which provide the engine for security, privacy, tracking, and regulatory compliance.

Context Management provides a means for nonintegrated, non-interoperable applications to link information at the user interface level so that they appear to act like a single system. In so doing, the applications operate in a context-aware environment, allowing users to access and review all relevant patient data in a unified view regardless of where the data are stored.

HIPAA outlined specific rules for security and privacy for healthcare organizations that electronically maintain or transmit "protected health information." The rules designate how healthcare providers must manage access to information by users, from identity creation to tracking to termination. Driven by these regulatory requirements, Compliance Management solutions were spawned to secure access to hospital information assets.

Analyzed separately, each of these solutions solves a very specific point of pain within healthcare environments, and each is enormously valuable in many respects. However, when combined into a single, open, and scalable platform, their tactical functionality transforms into a strategic solution.