Supplemental Websites for this Chapter

Information to Supplement this Chapter from the Authors

Other Websites Pertinent to this Chapter

Websites from this Chapter in the Text

Websites Referred to in the Text of this Chapter

Chapter References for this Chapter that Are Online

Onsite Information to Supplement the Text

A Security Audit

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Offsite Websites That Are Pertinent to This Chapter

• Biometrics
• Clinical Decision Support Systems (Chapter 20)
• Common Examples of Healthcare IT Failure
• CPOE (Computerized Provider Order Entry) (Chapter 20)
• Data Privacy & Security
• Deidentified Data (For Secondary Data Use see chapter 10)
• Digital (Electronic) Signatures
• Disaster Planning
• Government (US) Overview of EHR Incentives (Off site)
• HIPAA
  • National Provide Identifier
  • Unique Health Identifier for Individuals
• Interoperability (Chapter 16)
• Meaningful Use
• Medical Identity Theft (off site - Added Nov 1, 2009)
• Patient Safety
• ROI (Return on Investment)
• Survey Instruments
• Usability (Chapter 18)
• Work Flow Redesign

Biometrics

An Biometric Identification System by Extracting Hand Vein Patterns. Journal of the Korean Physical Society,38(3), March 2001, pp. 268272.
http://nl.internet.com/ct.html?rtr=on&s=1,3fi8,1,jv3r,f0re,ek2t,hmlx

Biometric Consortium, the US Government's focal point for research, development, test, evaluation, and application of biometric-based personal identification/verification technology. Read the introduction to biometrics for a good definition. The biometric systems and examples leads to links to vendors of products in this area.
http://www.biometrics.org/

Biometrics Catalog. This government sponsored site contains links to much helpful information about biometrics including a paper about challenges in using biometrics (contains an excellent description of many methods), also an elementary description of biometrics named Biometrics 101. (These two are found under Government Documents.)
http://www.biometricscatalog.org/

Iris Recognition (2005, August 7). Excellent description of this technology.
http://www.biometrics.gov/Documents/IrisRec.pdf

Silverman, M, & Liu, S. A Practical Guide to Biometric Security Technology. (2000). An excellent easy to understand description of the various features that can be used in biometric security.
http://www.findbiometrics.com/Pages/lead.html

Common Examples of Healthcare IT Failure

A site that reports on IT practices with examples that put patients at great risk.
http://www.ischool.drexel.edu/faculty/ssilverstein/failurecases/?loc=home

Data Privacy & Security

This page from the Electronic Privacy Information Center provides updated information on laws and court cases regarding Medical Record Privacy. (Added November 13, 2009)
http://epic.org/privacy/medical/

Kumekawa, Joanne K. (September 30, 2001). "Health Information Privacy Protection: Crisis or Common Sense?". Online Journal of Issues in Nursing 6(3), Manuscript 2. Available: http://www.nursingworld.org/MainMenuCategories/ANAMarketplace/ANAPeriodicals/
OJIN/TableofContents/Volume62001/No3Sept01/PrivacyProtectionCrisis.asp

Cutler, K. (2003). Information Security Checklist. A list of items to assess when to assure the privacy and security of data in an information system.
http://www.net-security.org/article.php?id=556

Dickey, Susan B. (2007, October 4) Silence is Not Enough: Maintaining Confidentiality in an Electronic World. Online Journal of Issues in Nursing.
http://www.nursingworld.org/MainMenuCategories/EthicsStandards/IssuesUpdate/
UpdateArchive/IssuesUpdateSpring2002/MaintainingConfidentialityinanElectronicWorld.aspx

Gostin, L. (1997). Health Care Information and the Protection of Personal Privacy: Ethical and Legal Considerations. Annals of Internal Medicine, Part 2, 15 October 1997. 127:683-690. This article looks at the conflicts between the needs for healthcare data and the need for patient privacy. Despite its age, the facts are still the same.
http://www.annals.org/cgi/content/full/127/8_Part_2/683?maxtoshow=&HITS=10&hits=
10&RESULTFORMAT=&fulltext=Health+Care+Information&searchid=1136671450486_
3151&FIRSTINDEX=0&journalcode=annintmed

Deidentified Data

Automated de-identification of free-text medical records (2008). Deidentifying data is an important step in using the wealth of information in electronic health records to improve health care. Full text of article in BioMed Central.
http://www.biomedcentral.com/1472-6947/8/32

Digital (Electronic) Signatures

Digital signatures at heart of health care reform debate (2007, October 27).
http://healthcare.zdnet.com/?p=397

Digital Signatures Tutorial. Explains the criteria for a legal signature, then explains how digital signature technology works, provides information about public key certificates and closes with a discussion of challenges and opportunities.
http://www.abanet.org/scitech/ec/isc/dsg-tutorial.html

Youd, David. What is a Digital Signature? A very simplified description of a digital signature.
http://www.youdzone.com/signature.html

Disaster Planning

Association of Academic Health Centers. Brief Guide for Academic Health Center Disaster Preparedness and Response. An 8 page booklet in the form of many bullet points, discusses all aspects, not just records.
http://www.aahcdc.org/policy/reports/emergency_preparedness_05_06.pdf

Practice Brief: Disaster Planning for Health Information (2003 Update). Excellent article from AHIMA complete with check list.
http://library.ahima.org/xpedio/groups/public/documents/ahima/
bok1_019242.hcsp?dDocName=bok1_019242

Tucci, Linda (2009, March 19). A disaster recovery plan for branch offices: Five layers of redundancy. How one multi-site organization organized to prevent interruptions in care.
http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1351318,00.html

HIPAA

Department Issues New HIPAA Notification Regulations. HHS regulations cover need to notify individuals after breaches of their health information. (Added September 2, 2009)
http://www.skyscape.com/estore/HealthDayArticle.aspx?categoryName=Nursing&ArticleId=
630303&WT.mc_id=38774

Nash, Randy (2008, Oct 17). HIPAA privacy regulations get some teeth: Be prepared. Fines levied for HIPAA violations.
http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1330457,00.html#

U.S. Department Health and Human Services. (2007, March 12). Protecting the Privacy of Patients' Health Information. Plain English description of HIPAA.
http://www.hhs.gov/news/facts/privacy2007.html

Health Information Privacy. Links to HIPAA related items including information about the Patient Safety and Quality Improvement Act of 2005.
http://www.hhs.gov/ocr/privacy/index.html

Schmeida, M. (October 10, 2005). Legislative: "Health Insurance Portability and Accountability Act of 1996: Just an Incremental Step in Reshaping Government." Online Journal of Issues in Nursing.
http://www.nursingworld.org/MainMenuCategories/ANAMarketplace/ANAPeriodicals/
OJIN/Columns/Legislative/1996InsurancePortabilityAccountabilityAct.aspx

National Provide Identifier

National Provider Identifier Overview. Required since May 23, 2005, of any healthcare provider who uses uses standard electronic transactions, like electronic claims, eligibility verifications, claims status inquiries, and claim attachments.
http://www.ada.org/prof/resources/topics/npi.asp

National Provider Identifier. A thorough discussion of this requirement from HIPAA.
http://en.wikipedia.org/wiki/National_Provider_Identifier

Unique Health Identifier for Individuals

Recently released papers by the Privacy and Security and Health Information Technology group white papers. From the office of the by Office of the National Coordinator for Health Information Technology .Excellent resource! (Added March 24, 2010)
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1147&parentname=CommunityPage&parentid=32&mode=2&in_hi_userid=11113&cached=true

American College of Cardiology. (2008). ACC Unique Patient Identifier Principles. Puts fortu the American College of Cardiology’s (ACC) position on Unique Patient Identifiers. (Added March 17, 2010)
http://www.acc.org/practicemgt/HealthCareTechnology/principle_patient.cfm

Creating Unique Health ID Numbers Would Improve Health Care Quality, Efficiency, Study Claims (OCt 22, 2008). From Science Daily. Describes benefits and reports on a RAND corporation study. (Added March 17, 2010)
http://www.sciencedaily.com/releases/2008/10/081020120103.htm

Unique Health Identifier for Individuals. A White Paper from US HEW that examines the need for a unique patient health identifier. Is required by HIPAA, but is on hold. Although old, this is background information.
http://www.epic.org/privacy/medical/hhs-id-798.html

Meaningful Use

Blumenthal, D., & Tavenner, M. (2010). The "Meaningful Use" Regulation for Electronic Health Records. New England Journal of Medicine. Good overview of meaningful use objectives and much other information. (Added July 27, 2010)
http://healthcarereform.nejm.org/?p=3732

Blumenthal, D. (2009). Launching HITECH. New England Journal of Medicine, 362(5), 382-385. Good overview of regulations and programs created by the HITECH act part of the ARRA. (Added July 27, 2010)
http://healthcarereform.nejm.org/?p=2669

Meaningful Use, Certification Criteria and Standards, and HHS Certification Process. This site provides excellent information in an understandable form for meaningful use, standards and certification. Recommended. (Added May 21, 2010)
http://www.himss.org/economicstimulus/

Meaningful Use and Beyond. A presentation by James C. Larson Dec 4, 2009 at the Northern Ohio Health Information Management Systems Society Fall Conference. This pdf file (MUandBeyond) provides an update, plus some of the objectives. (Added December 5, 2009)
http://www.nohimss.org//Fall2009Presentations/Fall2009Presentations.htm

Comment from newsletter from Dr.David Blumenthal, Oct 2, 2009
By focusing on “meaningful use,” we recognize that better health care does not come solely from the adoption of technology itself, but through the exchange and use of health information to best inform clinical decisions at the point of care.  Meaningful use of EHRs, we anticipate, will also enable providers to reduce the amount of time spent on duplicative paperwork and gain more time to spend with their patients throughout the day.  It will lead us toward improvements and sustainability of our health care system that can only be attained with the help of a reliable and secure nationwide electronic health information system.

Government site with latest information about meaningful use. "Final" rules to be posted Dec 31,2009.
http://healthit.hhs.gov/portal/server.pt?open=512&objID=1325&parentname=CommunityPage&parentid =1&mode=2

July 10, 2009 criteria for meaningful use.

ONC goes back to the drawing board on meaningful use. Latest update on official definition.
http://www.healthcareitnews.com/news/onc-goes-back-drawing-board-meaningful-use

AERA and Meaningful Use (April 2009). Blog by Dr. John Halamaka, CIO, Harvard Medical School. Worth reading as are the comments.
http://geekdoctor.blogspot.com/2009/04/what-is-meaningful-use.html

ANI provides Written Testimony to NCVHS Hearings on ‘Meaningful Use.’ Links to the testimony and the ANA Support for their testimony.
http://www.allianceni.org/docs/ANI_ProvidesWrittenTestimonyNCVHSMeaningfulUse.pdf?cid=69163&tid=30

ANI Statement on Meaningful Use (Added October 5, 2009)
http://www.himss.org/handouts/ANIResponsetoRWJ_IOMonTheFutureofNursing.pdf

National Committee on Vital and Health Statistics Report of Hearing on “Meaningful Use” of Health Information Technology." The full report.
http://www.ncvhs.hhs.gov/090518rpt.pdf

Hearing on "Meaningful Use" of Health Information Technology." Access to the full testimony of those whose comments were used to create the above report about meaningful use.
http://www.ncvhs.hhs.gov/090428ag.htm

Wellpoint RX. Industry Weighs in on Definition of Meaningful Use. A collection of definitions from various informatics organizations.
http://www.healthleadersmedia.com/content/232545/topic/WS_HLM2_TEC/Industry-Weighs-in-on-Definition-of-Meaningful-Use.html

Meaningful Use Matrix.
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_11113_872719_0_0_18/
Meaningful%20Use%20Matrix.pdf

Definition from the from the Meaningful Use Workgroup to theHealth IT Policy Committee
(2009, June 16). Meaningful Use: A Definition "We recommend that the ultimate goal of meaningful use of an Electronic Health Record is to enable significant and measurable improvements in population health through a transformed health care delivery system."
http://healthit.hhs.gov/portal/server.pt/gateway/PTARGS_0_11113_872720_0_0_18/
Meaningful%20Use%20Preamble.pdf

Patient Safety

Siegler, E. L., & Adelman, R. (2009). Copy and Paste: A Remediable Hazard of Electronic Health Records. American Journal of Medicine, 122(6), 495-496. An excellent discussion of the hazards of this practice, along with some thoughts about how to make this a safe, reliable, and contributory to patient care. (Added April 28, 2010)
http://www.amjmed.com/article/S0002-9343%2809%2900157-0/fulltext

ROI (Return on Investment)

Bannister, F., McCabe, P., & Remenyi, D. (2001). How much did we really pay for that? The awkward problem of information technology costs. Journal of Information Systems Evaluation, 5(1). A full text article that although not healthcare oriented, provides some good perspectives. Addresses difficulties in getting a handle on costs, including dis-benefits, that is things that add costs when not-addressed. Despite its age, this is still current.
http://www.ejise.com/volume-5/volume5-issue1/issue1-art1.htm

EHR and the Return on Investment. Thorough discussion of the difficulties in measuring ROI with electronic health records.
http://www.himss.org/content/files/EHR-ROI.pdf

Methods for Evaluating Costs of Automated Hospital Information Systems (1982, July). Although over 25 years old, the principles here remain the same. This is a scanned version of a booklet, and there is some spotting, but tables relating items evaluated from various systems of the time are worth looking at.
http://www.eric.ed.gov/ERICDocs/data/ericdocs2sql/content_storage_01/0000019b/80/2f/aa/de.pdf

Surveys

Surveys for all aspects of HIT from AHRQ.
http://healthit.ahrq.gov/portal/server.pt?open=512&objID=653&&PageID=12713&mode=
2&in_hi_userid=3882&cached=true

Work Flow Redesign

Redesign Workflows to Optimize Benefits (2006, Mar/Apr). Although focuses in CPOE, this article presents situations that need to be considered.
http://www.psqh.com/marapr06/cpoe.html

Workflow Redesign Checklist. Lists elements to be considered. They are in a table that would be useful in co-ordinating the process.
http://www.norc.org/6275/Module4/Workflow%20Redesign%20Checklist.doc

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Websites Referred to in Text of Chapter

HIMSS Analytics web site. http://www.himssanalytics.org

KatrinaHealth Website. http://www.katrinahealth.org

Reflective analysis for KatrinaHealth http://katrinahealth.org/katrinahealth.final.pdf

Antiphishing Working Group. http://www.antiphishing.org

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

References in this Chapter that are Online

Activewave Inc. (2007). Applications/solutions:  Equipment tracking in hospitals.   Retrieved January 2, 2009, from http://www.activewaveinc.com/applications_hospitals.php

Agency for Healthcare Research and Quality. (2001, March). Reducing and preventing adverse drug events to decrease hospital costs.   Retrieved January 2, 2009, from http://www.ahrq.gov/qual/aderia/aderia.htm

Anderson, N. (2007, May 13). Voice biometrics:  Coming to a security system near you.   Retrieved January 2, 2009, from http://arstechnica.com/articles/culture/voice-biometrics-come-of-age.ars/2

Birkmeyer, J. D., & Dimick, J. B. (2004). The Leapfrog Group's patient safety practices, 2003:  The potential benefits of universal adoption.   Retrieved January 2, 2009, from http://www.leapfroggroup.org/media/file/Leapfrog-Birkmeyer.pdf

Centers for Disease Control and Prevention. (2008, February 14). Public Health Grid: Where are we now? Retrieved June 15, 2009, from http://www.cdc.gov/phin/news-events/archive/grid_article.html

Centers for Disease Control and Prevention. (n.d., May 22). National Electronic Disease Surveillance System.   Retrieved January 2, 2009, from http://www.cdc.gov/nedss/

Centers for Medicare & Medicaid Services. (2008, January 1). Physician self-referral.   Retrieved January 2, 2009, from http://www.cms.hhs.gov/PhysicianSelfReferral/

Centers for Medicare and Medicaid Services. (2005a). HIPAA - General Information Overview.   Retrieved January 2, 2009, from http://www.cms.hhs.gov/HIPAAGenInfo/

Centers for Medicare and Medicaid Services. (2005b). HIPAA - General information:  Are you covered entity?   Retrieved January 2, 2009, from http://www.cms.hhs.gov/HIPAAGenInfo/06_AreYouaCoveredEntity.asp

Conrad, D. A., & Gardner, M. (2005, May 2). Updated economic implications of the Leapfrog Group patient safety standards:  Final report to the Leapfrog Group.   Retrieved January 2, 2009, from http://www.leapfroggroup.org/media/file/ Conrad_Updated_Economic_Implications_2_.pdf

Gibson, C., & Bonsor, K. (n.d.). How RFID works.   Retrieved January 2, 2009, from http://electronics.howstuffworks.com/rfid7.htm

Health and Human Services. (n.d.). HIT certification:  Stark and anti-kickback in HIT.   Retrieved January 2, 2009, from http://www.hhs.gov/healthit/certification/stark/

Heuston, G. Z. (2005, November 3). Spear phishing attacks mounting.   Retrieved January 2, 2009 from http://www.ci.hillsboro.or.us/Police/documents/SpearPhishing-11-03-05.pdf (No longer available) (For information on phishing see Chapter 5)

HIMSS Analytics. (2008). Healthcare providers: EMR adoption model.   Retrieved January 2, 2009, from http://www.himssanalytics.org/hc_providers/index.asp

Lazarus, R., Yih, K., & Platt, R. (2006). Distributed data processing for public health surveillance [Electronic Version]. BMC Public Health, 6, 235. Retrieved January 2, 2009 from
http://www.biomedcentral.com/content/pdf/1471-2458-6-235.pdf

Markle Foundation, American Medical Association, Gold Standard, RxHub, & SureScripts. (2006, June 13). Lessons from KatrinaHealth.   Retrieved January 2, 2009, from http://katrinahealth.org/katrinahealth.final.pdf

National Center for State Courts. (2002a). Iris scan.   Retrieved January 2, 2009, from http://ctl.ncsc.dni.us/biomet%20web/BMIris.html

National Center for State Courts. (2002b). Retinal scan.   Retrieved January 2, 2009, from http://ctl.ncsc.dni.us/biomet%20web/BMRetinal.html

National Committee Vital Health Statistics. (2001). A strategy for building the National Health Information Infrastructure: U.S. Department of Health and Human Services. Retrieved January 2, 2009, from http://aspe.hhs.gov/sp/NHII/Documents/NHIIReport2001/default.htm

Nudd, T., & Lee, K. (2007, December 4). Dennis & Kimberly Quaid sue drug company. People   Retrieved January 2, 2009, from http://www.people.com/people/article/0,,20164211,00.html

Sullivan, L. (2005, July 19). RFID system prevented a possible infant abduction [Electronic Version]. Information Week. Retrieved January 2, 2009 from
http://www.informationweek.com/news/mobility/RFID/showArticle.jhtml?
articleID=166400496 

Supply Insight Inc. (2006, April 20). RFID applications in patient tracking.   Retrieved January 2, 2009, from http://www.rfidsolutionsonline.com

TechWeb. (2008). Phishing.   Retrieved January 2, 2009, from http://www.techweb.com/encyclopedia/defineterm.jhtml?term=phishing

The Joint Commission. (2008). National patient safety goals.   Retrieved January 2, 2009, from http://www.jointcommission.org/PatientSafety/NationalPatientSafetyGoals/

VeriChip Corporation. (2006). RFID 101.   Retrieved January 2, 2009, from http://www.verichipcorp.com/content/company/rfid101

Created June 15, 2007

 

 

Copyright 2009. For corrections or additions, email