Technology Environment

Question 1

Components of the Technology Environment

Answer 1

Hardware
* the actual servers (virtual and physical), network connections and devices used to
access information
Networks
* the wired or wireless connections that link the infrastructure together and enable
accessibility of the applications and patient data
Applications/Software
* the software used by administrative, clinical and support staff to process and store
data, manage patients’ records and provide information

Question 2

Hardware

Answer 2

Mobile Devices
* Portable devices and wireless connectivity
* Handheld devices
* Carts
* Smartphones
Medical Devices
* Physiologic devices
* Laboratory devices
Tracking technology
* Bar codes and RFID
Audio and video
* Voice over IP (for telephones)
* Telemedicine
* Remote monitoring

Question 3

Hardware

Answer 3

• Technology Infrastructure
• Store data, run applications and connect those applications and tools
• Servers
• Virtual or physical
• Alternatives:
• Application Service Providers (ASPs)
• Cloud computing – SaaS, PaaS, IaaS, etc.
• Data Storage
• Magnetic tape storage, optical disc, hard drive
• Cloud storage
• External device – Storage Area Network (SANs)
  76

Question 4

Applications/Software

Answer 4

What the end user works with, using a human-computer interface
* Clinical Applications
* Administrative Applications
* Financial Applications
* Consumer Applications

Question 5

Information Security Challenges

Answer 5

• Rapid industry development and adoption of technology without always
  considering security implications
• Example: Medical devices designed to operate for 10-15 years, but running
  software that will only be supported for 5-10 years.
• High dependance on technology for all clinical and business operations
• High cost and levels of complication to deploy and maintain technology in a
  secure manner

Question 6

Security Best Practices

Answer 6

Purchase systems that have been well-architected in a secure manner
* New FDA guidelines have greatly increased security requirements for medical devices.
* Other technology solutions must be evaluated for fitness before purchase and deployment.
* Security practices are HIGHLY variable amongst vendors.
* Deploy new systems in a secure manner.
* Use secure system design principals, such as configuration baselines.
* Deploy antimalware and security monitoring tools.
* Keep a complete inventory of all systems.
* Deploy a secure, segmented network.
* Maintain secure systems
* Deploy security updates as soon as feasible. (Remember Wannacry?)
* Scan the environment for security vulnerabilities and remediate as soon as feasible
* Perform other security testing, such as network penetration tests
* NEW*: Department of Health and Human Services HICP Guidance

Question 7

Disaster Recovery and Business Continuity

Answer 7

From an IT perspective, what is the plan should a worst-case-scenario play
out in which most or all IT systems are lost?
* Backups? Secondary failover data center? Failover to the cloud?
* Do you have a documented, current disaster recovery plan?
* What are the target recovery point objectives? (RPO)
* What are the triggers to initiate the disaster recovery plan?
* Have you rehearsed this DRP?

Question 8

Privacy

Answer 8

First charge for EHR administration
* Patient’s data must remain confidential
* The Privacy of the Patient
* The Confidentiality of the Information
* Accounting of disclosures
* Levels of confidentiality (nurse or physician versus nurse’s aide versus
insurance provider)* Highly regulated, and will likely become more regulated in the future.
* HIPAA, GDPR, plus other state-specific privacy regulations.
* Systems must be designed and deployed in a secure manner that protects
patient privacy.
* Authentication
* Appropriately provisioned rights
* Logging of actions taken

Question 9

Clinical Applications

Answer 9

Support patient care wherever it is being delivered
* EHR
* Picture archiving and communication systems (PACS)
* Specialized documentation systems (surgical, perinatal, etc.)
Overall goals
* Promote interoperability between these systems
* Patient safety
* High quality care
* Efficiency and lower costs

Question 10

Clinical Applications: EMR

Answer 10

Electronic Medical Record (EMR)
* Continuous longitudinal record in one specific setting (e.g., providers office, a
hospital or home health service)
Scanned charts, HL7 Interface, Patient Lab Data, etc.

Question 11

Data Integration/Interface Engines

Answer 11

Essential for a health information network to exist
* Interface engines permit disparate information systems to be connected
correctly – drive the systems, matching data and patients correctly
* Without, errors would occur in patient charts, care and billing
* Based on the HL7 standard for data interchange
* An absolutely-critical application on which nearly all other clinical
applications depend.

Question 12

Administrative Applications

Answer 12

Provide support for clinicians as well as the administrative staff in an institution
* Types
* Electronic timecards
* Staff competency record keeping
* Scheduling - staff and patient
* Education applications
* Bed management systems
* Radio Frequency Identification Devices (RFID)
* Equipment tracking, out-of-bed detection or fall detection, monitoring patients

Question 13

Financial Applications

Answer 13

Generally grouped as - Revenue Cycle Management
* Enterprise Resource Planning (ERP)
* Revenue Cycle
* Registration and Scheduling, Billing, AR, Contract Management
* Enterprise Resource Planning
* General Ledger (GL produces departmental revenue and expense reports as well as the organization’s
balance sheet), HR and Payroll, AP, Budgeting, Materials Management
* All managers need access to ERP modules including HR, budgeting, and revenue and expense
reporting

Question 14

Data Warehouses

Answer 14

Storing data in a warehouse allows multiple systems to query the warehouse
and retrieve the data at the same time
* Data warehouses support quality reporting & research
* Define “at risk” populations
* Search for patterns of illness

Question 15

Clinical and Business Intelligence (CBI)

Answer 15

• Consists of technologies, applications and practices for the collection,
  integration, analysis and presentation of clinical information, for the purpose
  of promoting better clinical decision-making
• Continuous quality improvement
• Provider performance
• Population health
• Comparative effectiveness
  Business Intelligence Tools
• For example;
• Improve patient safety and patient care
• Analyze operating room use
• Analyze staff overtime patterns
  Collecting Business Intelligence
• Specific applications
• Data warehouses

Question 16

Telehealth and Telemedicine

Answer 16

Two professionals communicating at a distance or a consultation from an
academic medical center to a rural hospital with a severely injured patient
* Requires broadband accessibility on both sides; video cameras with detailed
resolution capabilities, microphone, equipment that will directly transmit data
through the computer (e.g. blood pressure cuff and pulse oximeter) and the
ability to send radiology and lab results/reports
Benefits
* Increased access to specialized care to underserved areas
* Sometimes faster than face-to-face appointment
* Physician/clinician is included
* No driving

Question 17

Quantum Computing

Answer 17

New field of computing that is still in development, but rapidly approaching
commercial viability.
* Very good at processing certain types of data and computations. Tens-ofthousands
of times faster than conventional binary computers.
* Will accelerate certain types of scientific functions, such as the creation of
new drugs, treatments, and diagnostics.
* Will simultaneously create new cybersecurity challenges!

Question 18

Devices

Answer 18

• Personal Computers
• Continue to be the device of choice
• Connected via cable to network or wireless
• Point-of-Care Devices
• Handheld, tablet, mobile-cart PCs, smart phones
• Support clinician workflow
• Wireless connection
• Device Integration
• Integrated into software applications
• Cable or wireless connection to common networkTracking technology
• Bar codes and RFID
• Audio and video
• Voice over IP (for telephones)
• Telemedicine
• Remote monitoring

Question 19

Network Infrastructure

Answer 19

• Wired network (Copper, Fiber)
• WLAN (Wireless Local Area Network)
• WAN (Wide Area Network)
• ISP (Internet Service Provider)
• VPN (Virtual Private Network)
• VoIP (Voice Over Internet Protocol)
• Leased Line for high volume
  exchanges
• MPLS (Multiprotocol Label Switching)
• ATM (Asynchronous Transfer Mode)
  80

Question 20

Information Security

Answer 20

Three areas of focus:
* Confidentiality – Ensuring that data is properly classified according to its
sensitivity and protected accordingly.
* Integrity – Data is not improperly modified or lost.
* Availability – Data remains available when and where needed. Systems
providing this data are designed in a sufficiently redundant and resilient
manner.

Question 21

Resilient System Design

Answer 21

• Redundancy – Avoiding “single points of failure” by having a secondary or
  “failover” system and/or connection.
• High Availability – Designing a system with multiple connections or nodes so
  that the loss of any one node will not cause the entire system to become
  unavailable.
• Backups – Capturing point-in-time snapshots of data that can be restored in
  the event of a system failure or other data loss.
  86

Question 22

Downtime Procedures

Answer 22

• Do all critical clinical and business systems have viable downtime procedures?
• In the event of a large-scale unexpected events (either natural or man-made)
  that make core IT systems unavailable, how does the organization continue to
  perform basic clinical functions?
• Has the clinical staff rehearsed these downtime procedures?
• How much of a loss in productivity and effectiveness is observed during
  downtime procedures?
• How long can you continue operating in downtime mode?

Question 23

Clinical Applications: Electronic Health Records (EHRs): EHR

Answer 23

These systems store patient health information digitally, allowing for easy access and sharing among healthcare providers. EHRs improve the accuracy and completeness of patient records and support clinical decision-making.

• Electronic Health Record (EHR)
• Longitudinal record covering multiple settings over time
• EHR Functions
• Clinical documentation
• Medication administration
• Electronic order entry (Computerized Provider Order Entry (CPOE))
• Results management
• Electronic prescriptions
• Data from inpatient stay or outpatient testing
• Standards and interoperability
• Outcomes reporting
• Decision support

Question 24

Interoperability and Standards

Answer 24

Interoperability: the extent to which systems and devices can exchange data
and interpret that shared data
* Examples;
* Health Level 7 (HL7)
* Digital Imaging and Communications (DICOM)
* LOINC (Laboratory Data)
* RxNorm (Pharmacy)
* SNOMED Clinical Terms (SNOMED CT)
* International Statistical Classification of Diseases and Related Health Problems (ICD)
* Current Procedural Terminology (CPT)

Question 25

Clinical Applications: Diagnostic Imaging

Answer 25

• PACS (Picture Archiving and
  Communications System) – Where all
  digital images are stored and retrieved.
• DICOM – The communication standard
  for imaging devices to interface with
  PACS.
• An absolutely-critical clinical care
  function, and therefore a mission-critical
  set of IT systems that must be configured
  in a resilient manner.

Question 26

Clinical Applications: Other Specialized Systems

Answer 26

• Fetal monitoring
• Perioperative
• Telemetry
• Department Specific
• Emergency
• Surgical
• ICU
• Pharmacy
• Etc.

Question 27

Financial Applications

Answer 27

• Financial applications cover all features of any organizations’ financial needs
• Must communicate in real-time
• Multiple regulations govern billing and thus how these systems must perform
• Have to be able to handle;
• Different ways charges are posted
• Payment posting
• Billing and various calculations based on insurance, coinsurance, deductibles, etc.
• Different requirements (e.g. does the charge require an order)
• Ability to produce statements

Question 28

Consumer Applications

Answer 28

• Personal Health Record (PHR)
• Medical record often created, edited, maintained and controlled by the patient. May
  include clinical data from other sources. Often created on a website, it is accessible by
  providers when the patient invites provider to review information in the PHR using secure
  access.
• Not connected to an EHR
• Patient Portal
• Connected to the EHR
• Provides patient access to their personal health records
• Allowed them to view appointments, test results, and communicate with providers
• UK SCR
• Summary Care Record
• Data in EHR for the National Health Service
• Contains all health data about an individual pertinent to care in the UK
  102

Question 29

Trends Affecting Health IT

Answer 29

• Artificial intelligence
• Machine Learning
• Ethics
• Increased need for cybersecurity
• Big data/data intelligence and analytics
• Cloud computing
• Health information exchange (HIE)
• Interoperability
• Telemedicine
• Mobile health (mHealth)
• Natural language processing (NLP)
• Patient-generated health data (PGHD)
• Three-dimensional printing
• Quantum Computing
  103

Question 30

Health Information Exchanges (HIE)

Answer 30

• Support longitudinal health records
• Link data across different venues
• From an inpatient visit to office visits to an ED visit in a different state
• Essential to the creation of any countrywide or worldwide health information
  network

Question 31

Artificial Intelligence & Machine Learning

Answer 31

• Rapidly being adopted in healthcare for increased efficiency and cost
  savings
• Diagnosing diseases
• Predicting patient outcomes
• Clinical decision support
• Patient monitoring
• Documentation automation
• Clerical and financial work
• RAPIDLY expanding into other areas of care.
• A.I. will continue to be a driver in the future of healthcare

Question 32

Ethics in AI / ML / Quantum

Answer 32

• As AI, ML, and quantum computing technologies continue to develop, it is
  important to consider the ethical implications of these technologies. Some of
  the ethical concerns that have been raised include:
• Privacy
• Bias
• Accountability
• Some of these considerations may be addressed by future legislation and
  government regulations.

Question 33

Clinical Applications-Electronic Medical Records (EMRs)

Answer 33

Similar to EHRs, EMRs are digital versions of paper charts in a clinician’s office. They contain the medical and treatment history of patients within one practice.

Question 34

Clinical Applications: Personal Health Records (PHRs)

Answer 34

Personal Health Records (PHRs): These are managed by patients and contain health information from various sources, including healthcare providers and the patients themselves. PHRs empower patients to take an active role in their healthcare.

Question 35

Clinical Applications - Clinical Decision Support Systems (CDSS)

Answer 35

These systems provide clinicians with knowledge and patient-specific information to enhance decision-making. They can offer reminders, alerts, and clinical guidelines.

Question 36

Administrative Applications- Practice Management Systems (PMS)

Answer 36

These systems handle the day-to-day operations of a medical practice, including appointment scheduling, billing, and patient registration.

Question 37

Administrative Applications - Human Resources Management Systems (HRMS)

Answer 37

Human Resources Management Systems (HRMS): These systems manage employee information, payroll, benefits, and performance evaluations.

Question 38

Administrative Applications - Supply Chain Management Systems

Answer 38

These systems manage the procurement, storage, and distribution of medical supplies and equipment.

Question 39

Financial Applications Revenue Cycle Management (RCM) Systems

Answer 39

Revenue Cycle Management (RCM) Systems: These systems manage the financial processes associated with patient care, from appointment scheduling and billing to payment collection and claims processing.

Question 40

Financial Applications - Accounting Systems:

Answer 40

Accounting Systems: These systems handle financial transactions, budgeting, and financial reporting.

Question 41

Financial Applications - Patient Billing Systems:

Answer 41

Patient Billing Systems: These systems generate and manage patient invoices, track payments, and handle insurance claims.

Question 42

Consumer Applications
Patient Portals

Answer 42

Consumer Applications
Consumer applications are designed to engage patients and improve their healthcare experience. They include:

Patient Portals: These secure online platforms allow patients to access their health information, schedule appointments, request prescription refills, and communicate with their healthcare providers.

Question 43

Consumer Applications
Mobile Health Apps:

Answer 43

Mobile Health Apps: These apps help patients manage their health by tracking fitness, medication adherence, and chronic conditions. They can also provide educational resources and reminders.

Question 44

Consumer Applications
Telemedicine Platforms:

Answer 44

Telemedicine Platforms: These platforms enable remote consultations between patients and healthcare providers, improving access to care and convenience.

Question 45

Business Intelligence (BI) Applications -Data Analytics Platforms:

Answer 45

Data Analytics Platforms: These platforms collect, analyze, and visualize healthcare data to identify trends, patterns, and insights. They support decision-making in areas such as patient care, operations, and financial management.

Question 46

Business Intelligence (BI) Applications - Reporting Tools:

Answer 46

Reporting Tools: These tools generate reports on various aspects of healthcare operations, including clinical performance, financial metrics, and patient outcomes.

Question 47

Business Intelligence (BI) Applications - Predictive Analytics:

Answer 47

Predictive Analytics: These applications use historical data and machine learning algorithms to predict future trends and outcomes, helping healthcare organizations plan and optimize their resources.

Question 48

Network Infrastructure

Answer 48

The network infrastructure in healthcare includes both wired and wireless connections that link various devices and systems together. This infrastructure supports the seamless flow of information across different departments and locations within a healthcare organization. Key elements include:

Local Area Networks (LANs): These are used within a single facility to connect computers, printers, and other devices.
Wide Area Networks (WANs): These connect multiple facilities, allowing for the sharing of information across different geographic locations.
Virtual Private Networks (VPNs): These provide secure remote access to the healthcare network, enabling healthcare professionals to access patient information from outside the facility.
Wireless Networks: These are essential for mobile devices and workstations on wheels (WOWs), allowing healthcare providers to access and update patient information at the point of care.

Question 49

Communications

Answer 49

Effective communication systems are crucial in healthcare for coordinating patient care and ensuring timely information exchange. These systems include:

Voice over Internet Protocol (VoIP): This technology allows for voice communication over the internet, reducing costs and improving connectivity.
Secure Messaging: This includes encrypted email and messaging systems that ensure the confidentiality of patient information.
Telemedicine Platforms: These enable remote consultations and monitoring, improving access to care for patients in remote or underserved areas.

Question 50

Data Integration

Answer 50

Data integration is vital for creating a comprehensive view of patient information and ensuring that healthcare providers have access to accurate and up-to-date data. Key aspects include:

Health Information Exchanges (HIEs): These facilitate the sharing of patient information across different healthcare organizations, improving care coordination and reducing duplication of tests.
Interoperability Standards: Standards such as Health Level Seven (HL7) and Fast Healthcare Interoperability Resources (FHIR) ensure that different systems can communicate and exchange data effectively.
Data Warehouses: These centralize data from various sources, enabling advanced analytics and reporting to support clinical and operational decision-making.

Question 51

Privacy and Security

Answer 51

Ensuring the privacy and security of patient information is a top priority in healthcare. Key measures include:

Encryption: This protects data both in transit and at rest, ensuring that only authorized individuals can access sensitive information.
Access Controls: These include user authentication and role-based access controls to ensure that only authorized personnel can access patient information.
Audit Trails: These track access and changes to patient information, providing a record of who accessed what information and when.
Compliance with Regulations: Healthcare organizations must comply with regulations such as the Health Insurance Portability and Accountability Act (HIPAA) in the United States, which sets standards for the protection of patient information.
In summary, the technology infrastructure that supports the healthcare environment is complex and includes robust network systems, effective communication tools, comprehensive data integration mechanisms, and stringent privacy and security measures. These components work together to ensure that healthcare providers have the information they need to deliver high-quality care while protecting patient privacy and maintaining data security