Cost and Security Challenges When Implementing An Electronic Health Record

Blue Team: Jamie Jackson

Purpose

Purpose: Discuss the challenges with cost and security of implementation of EHR Discuss the causes and effects of these challenges Discuss possible solutions

Problem Statement
With the unrelenting pressure and demand for implementing EHR, health care systems in the United States are facing many challenges with this process. Two most critical factors underlying these challenges are cost of implementation and security during and once implemented

Methodology
Utilizing medical journals and other resources, as well as interviews with administrators and staff from leading hospitals and private practices, and health care organizations we were able to analyze the effects of these challenges as well as come up with possible solutions.

Healthcare Organizations Reviewed

Medical Center of Lewisville 202 bed for profit community hospital Childrens Medical Center 559 bed not for profit pediatric hospital Baylor Hospital of Plano 112 bed not for profit county hospital Dallas Associated Dermatologist 50 year old dermatology facility Health Information Management Systems Society National Health Information Organization

Barriers to Implementing EHR

Cost Analysis
Lack of adequate funding was cited by 729 health care providers as the most significant barrier to adopting electronic records Estimated that purchasing and installing EHR will cost over $32,000 per physician Maintenance about $1,200 per month Vendor costs account for 60-80% of these

Cost Analysis

When implementing an EHR system there are several costs to consider: Start Up Costs Software Maintenance Costs before, during, and after implementation Training costs

Cost Analysis

Cost Analysis

Security Analysis

Michael Matthews, chief executive officer of health-information technology firm MedVirginia, said security is on everyone's mind. "Many in the field will argue that data is actually more secure in electronic format than paper," Matthews said. "There are audit trails left every time an electronic health record is accessed, who accessed it, what results within the record have been accessed. Whereas with paper records, you have no idea who has looked at it, who made copies, what has been taken out of it."

Types of Breaches
U.S. Department of Health & Human Services

HHS.gov website gathered a list of breaches of unsecured protected health information affecting 500 or more individuals in the U.S.. They posted 108 reported types of breaches (2009-2010). -Types of breaches included: theft, improper disposal, unauthorized access, loss, hacking/IT incident, Incorrect mailing, other - Location of breached information: laptop, desktop, network server, email, portable devices, EHR, other

Security Analysis

Security Analysis

Security Analysis

Conclusions
This project has provided an opportunity to understand the EHR technology system and the challenges during implementation as it relates to cost and security. Understanding the benefits of the technologies and the problems experienced by doctors who use the technologies can help others make a better decision for their practice.

Findings
No true monetary savings due to the purchasing of new technology, software, hiring and ongoing training Trade off: increased efficiency, accuracy and safety If any savings it would be among larger institutions, which already draw in enough revenue for the funding of EHR systems Cost outweighed security as the largest concern to the implementation of EHR Vendors have taken advantage of the necessity of implementing EHR by padding their prices Most security breaches are from carelessness among staff ,lack of training, inadequate funding for security

Recommendations
Quality leadership that embraces the goals of the organization regarding EHR Training, training, training Factor in additional equipment costs needed in addition to EHR product Do not try to change the organization to meet the needs of the HER Review and evaluate the organization as well as several different products Make sure that EHR chosen is interoperable with technology already being used; i.e. billing systems, EMR Look into discounts/perks offered by insurers for EHR use

References

Breaches affecting 500 or more individuals. (2010). Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/postedbreaches.html

Ponemon Institute LLC, Initials. (2010, November 9). Dgs health law blog [Web log message]. Retrieved from http://www.dgshealthlaw.com/uploads/file/Ponemon_Benchma k_Study_on_Patient_Privacy_and_Data_Security%5B1%5D%281%29.pdf

Questions/Answers