Barriers to EHR Implementation [MI 227:CW04]

triciuhhhLeave a comment

As part of MI 227 coursework, we were given a scenario on being a project manager for DOH and spearheading the nation-wide implementation of Electronic Health Record (EHR) in all government hospitals. However, there are challenges and difficulties being encountered along the way. I have identified the following barriers that I see has impact in the implementation across the country:

First off—The Philippine government has formulated 2014-2020 Philippine e-Health Strategic Plan (PeHSP) that envisions “eHealth will enable widespread access to health care services, health information, and securely share and exchange patients’ information in support to a safer, quality health care, more equitable and responsive health system for all the Filipino people by transforming the way information is used to plan, manage, deliver and monitor health services.” by 2020. This enables access and availability of the medical information through the secured Philippine Health Information Exchange (PHIE). Interoperability of the health information systems (HIS) [BR01] is usually one of the major concerns worldwide. In the Philippines, health facilities started to invest and use different Health Information Systems (HIS) such as iClinicSys, CHITS and RxBox, Integrated Hospital Operations and Management Information System (iHOMIS), Wireless Access for Health (WAH) to name a few. However, these systems are not interoperable and information exchange may not be possible due to lack of standardization and use of different programming languages for building the HIS. Furthermore, some HIS were developed just for the purpose and convenience of automation but flexibility, adaptability and interoperability were not considered. When the patient decides to consult in another health facility and would want the medical records be accessed, it may not be possible all the time because the data are confined within the walls of the system. Integration of the systems for interoperability should be considered and is suggested, or use of PHIE. In this situation, implementation of EHR in one health facility may be possible but using interoperable EHR across the country is still a struggle.

In addition to that, the lack of funding and lack enough infrastructure in the health facilities [BR02] is a current problem as well. While the implementation and training of the health workers are being done, the actual use in the facility is impossible due to lack of computers, servers, electricity, and internet connection in the area, especially to GIDA. Furthermore, the confidence that the health workers (especially the nurses and doctors) in using the HIS is somehow a challenge as well. This is due to concerns of privacy, confidentiality, and security of data [BR03]. While the IRR of Data Privacy Act has been released August 2016, there are still loopholes and lacking of specific guidelines for the medical field. As medical professional, we do not want to compromise the medical information of the patient. Which means, the HIS design should be par with the standards, registered to and certified by the NPC, and be continually tested for quality assurance. The security of the HIS should be strengthened especially now that malware such as WannaCry affected hundreds of hospitals and thousands of computers. Such attacks compromise the system and the medical information. This results to medical device outages increase resource needs, delay care, trigger more clinical mistakes.

The health workers should be trained and be aware as well of the protocol and guidelines on how to safeguard and strengthen the EHR:

  • Protect your computer by updating your Operating Systems, patch and harden systems (i.e., block access to sites with Java, Flash, ads)
  • Implement Network Segmentation
  • Identify and back-up critical systems and data
  • Always encrypt and password-protect important files (especially one containing PI and PHI) and never share your passwords; multi-factor authentication
  • Don’t click the links in received phishing e-mails (or basically from people you do not know); don’t forward even!
  • Be compliant to any requirements in observance to Cybercrime Law and Data Privacy Act

 

References: 

  1. World Health Organization, 2006. Chapter 3. Issues and Challenges in Electronic Health Records: A Manual for Developing Countries. Tierney, William M., et al. “Experience implementing electronic health records in three East African countries.” Stud Health Technol Inform 160.Pt 1 (2010): 371-5.
  2. Sood, Sanjay Prakash, et al. “Electronic medical records: a review comparing the challenges in developed and developing countries.” Hawaii International Conference on System Sciences, Proceedings of the 41st Annual. IEEE, 2008.
  3. Hoyt, R. E., Yoshihashi, A., & Sutton, M. (n.d.). Health informatics: Practical Guide for the Healthcare Professionals (3rd ed.)
  4. Coiera, E., & Coiera, E. (2003). Guide to health informatics (3rd ed.). CRC Press.
  5. eHealth. (n.d.). Retrieved from Overview of Philippine Health Information exchange: http://ehealth.doh.gov.ph/index.php/phie/overview
  6. Philippines eHealth Strategic Framework & Plan 2014-2020:  http://ehealth.doh.gov.ph/index.php/policies-and-protocols/signed/64-pehsfp
  7. Joint Administrative Order No. 2016-0001  entitled “Implementation of the Philippine Health Information Exchange” 1-11, 2016, January 26.
  8. Joint Administrative Order No. 2016-0002 entitled “Privacy Guidelines for the Implementation of the Philippine Health Information Exchange”, 1-17, 2016, January 28.

  9. Ellis, J (2017). WannaCry Ransomware and its Lessons by John Ellis (talk from HIMSS PH Community Event)

On Telemedicine

triciuhhhLeave a comment

As part of this week’s coursework for MI 227, I have chosen an article about Telemedicine. This is the topic I am very curious about, because in the Philippines, while having CHITS and RXBox being used in rural health facilities, and few private companies setting up telemedicine services, there are no current passed laws that directly govern the practice of telemedicine in the country.

Telemedicine is initially used to improve health care services on remote places. In reality, most of the quality health care services are accessed in the nearby cities. The people in the remote and scarcely populated areas would need to travel far to reach the nearest hospital. Among the countries with first adaptation of telemedicine is Norway. In the series of articles on the adaptation of routine telemedicine in Norwegian Hospitals that I have read, they have been using telemedicine since the early 1990’s. While it started very early, this present study was exploring implementation and participation of most hospitals in the adaptation of telemedicine within a five-year time frame (2009 to 2013).

Key points in the article are of the following:

  • Data were extracted from Norwegian Patient Registry and only has number of inpatient and outpatient services from publicly-funded hospitals. The number of telemedicine consultations are of those for reimbursements are registered. Furthermore, there are no standards or frameworks in the country on measuring and reporting the telemedicine activity and utilization, only the quantitative number of consultations were recorded.
  • While majority of the hospitals have participated the adaptation of telemedicine, it will not replace the face-to-face consultation (even if the article has repeatedly mentioned that telemedicine will replace the traditional consultation).  While it seems like they are targeting to diminish the traditional consultation, it is far to happen at the moment, since as mentioned in the study, the telemedicine consultations are still small in numbers compared to the traditional face-to-face consultation. There are instances that the numbers have decreased or fluctuated in some years.
  • One of the factors in the decrease in numbers is related to use of store-and-forward telemedicine such as transmission of still images, phone calls, SMS, are not considered as reimbursable telemedicine service and not counted in the numbers in the registered data used for the study.
  • Telemedicine utilized in Norway is not limited to videoconferencing for primary care consultation. It varies in different services such as teledermatology, teleradiology, telepathology, telestroke, teledialysis, telepsychiatry, etc. It is also utilized to communicate from Provider to Provider for decision support and second opinions from several medical fields. For home care,  complete paraphernalia to be used is recommended so that vital data can be taken and the patients are properly remotely monitored. Telemedicine is also used in oil and shipping platforms for emergency purposes. This is provision of medical support to the employees and/or guest travelling in large distances.
  • Other Norwegian Hospitals followed suit in the adaptation because of Helse Stavanger’s increase in telemedicine activity. This hospital has set the pace and the trend in the adaptation of telemedicine on the national level.

Lesson learned and how it can be related to the Philippine setting:

    1. It was noted that the national plan or a law governing such practice should exist. Same is the importance of governance and national plan for the Philippines. As mentioned earlier, there is no governing law in the Philippines. The Telehealth Act of 2012 was written but it is not yet passed as a law due to unclear guidelines and conflict to other laws (i.e., Medical Act of 1959). I have explained some of my thoughts about this Act in a previous blog post. While there is lacking on the governance, National Telehealth Center (NTC) was established to empower use of technology in health service delivery. Internal policies and procedures were identified and laid out that would help deliver the quality health services through the use of telemedicine. Security measures, as compliant to the Data Privacy Act of 2012, are implemented to safeguard patient’s right to privacy and confidentiality.
    2. To establish and use of standardization in the use and measurement of quality of the telemedicine activities (i.e., interoperability of the systems and EMR access, secure communication structure). While both countries has been pushing e-health and telemedicine to be utilized, there is no established guidelines or measurement or framework to monitor the quality of delivered telemedicine services. 
    3. Payment scheme and coverage for reimbursements policy should be revised or have considerations. There is no coverage as of yet of Philhealth on telemedicine consultations. Like in Norway, it would greatly benefit the patient if this will be covered due to its convenience and of course, for the poor people residing in remote areas like GIDA. 
    4. Even if there is low percentage out of overall outpatient consultations, Norwegian Hospital didn’t cease to provide telemedicine service. It actually set the pace and trend among hospitals over time. Such changes and adaptation take time and more research should be done for progress, improvement, and comparison.  I think this will be a good start to monitor the quantitative and qualitative data for telemedicine as well for the Philippines while we are establishing the adaptation and expansion of the service nationwide. Like the use of CHITS and RXBox, these set the trend and framework for telemedicine. There are also services being developed and utilized from the private sector.

References:

  1. Zanaboni, P., Knarvik, U., & Wootton, R. (2014). Adoption of routine telemedicine in Norway: the current picture. Global Health Action, 7(1), 22801. doi:10.3402/gha.v7.22801
  2. Zanaboni, P., & Wootton, R. (2016). Adoption of routine telemedicine in Norwegian hospitals: progress over 5 years. BMC Health Services Research,16(1). doi:10.1186/s12913-016-1743-5
  3. Patdu, I. D., & Tenorio, A. S. (2017). Establishing the Legal Framework of Telehealth in the Philippines. Acta Medica Philippina. Retrieved from http://actamedicaphilippina.com.ph/content/establishing-legal-framework-telehealthphilippines

Challenges on RHIS

triciuhhhLeave a comment

As we are closing the second semester for S.Y. 2016-2017, students of MI239 (Primary Health Care), we were given a task to contribute in identifying one challenge in Routine Health Information System (RHIS) in the country and how will we be able to change it to make the existing RHIS stronger, more effective, and sustainable.

Guided by the Theory of Change, I focused on BEHAVIORAL DETERMINANTS.

keme

In the Philippines, only few of the facilities or RHUs are using computerized systems in collection of medical data of the community and rely on the collection using pen and paper records. One may say that this contribute to non-standard, inconsistent, and inaccurate collection since the collector may include in the record any data according to his/her preference. Over time, one may exclude details that are not needed at the moment but may be needed in the future. Furthermore, there is always a lack of manpower in the facilities and the high attrition rate that affects the operations and fulfillment of the tasks at hand.

While in reality, people movement across organizations and facilities are inevitable, the management and governance of the facility can improve the process and develop contingency plans when the need arises. The people spearheading such development should be able to focus on the following as well:

  1. Establishment of a training group that can provide the quality data collection and skills development teaching in the facility-level. Not only that it will only focus on the training on the data collection skills but as well personal development of the workers. It would help as well if the teaching techniques be designed in layman terms that are easily understood by the workers (such as BHWs) since not all of them have the educational attainment and skills needed. However, that doesn’t mean that they will not be involved in the data collection, even they have a role to participate. We must be mindful that these people may be resistant, or feel discouraged or useless if such lack of skills be emphasized to them. What is needed is to help them understand the purpose and importance of their role in the tasks at hand, and that skills according to their abilities can be developed and taught. In case there would be people leaving, there is always someone capable in teaching how the system works.
  2. Reward System and incentives to the workers is not necessarily need to be in monetary value but can be in other form of recognition of hard work, compliance to standard, involvement, meeting established KPIs may motivate the workers. This is to at least lower the chance of having the workers leave in pursuit of greener pastures.
  3. Emphasis on Data Demand and Need and developing Information Culture. Some people do not find routinary things interesting. It should be emphasized to the workers the benefits of the data they collect and analyze.
  4. Involvement of the collectors and users of data in the planning. It should be noted that everyone involved has an important role to play. With identified skills and learning they have, they would feel valuable in contributing their ideas and thoughts in the planning, implementing, improving, and maintaining the RHIS.
  5. Standard indicators and data collection system establishment by using tools such as MEASURE or PRISM may work but what is needed is agreement among them is essential.
  6. Development of ICT-based solutions may be a long shot but it should be part of the planning and improvement.
  7. Resources (Manpower, Finance, Infrastructure and commodities) should be well provided.

If you would notice, I am more into empowering the workers in the facility-level. I believe that supporting and acknowledging them is crucial in maintaining the RHIS because frontliners are drivers for change and implementation of RHIS.

Shaping Health Informatics

triciuhhhLeave a comment

When we started the semester last August, I still don’t have any idea what we will be doing for the graduate course. Way back college, I was used to taking class in the typical set-up of the professor teaching the lesson while the students just listen. I still vividly remember the first day of class when our professor, Dra Iris Isip-Tan, told us how we will be learning for HI 201 Continue reading “Shaping Health Informatics”

mHealth

triciuhhhLeave a comment

According to a study conducted last March 2015 by the National Telehealth Center, it was said that the Philippines is the social media capital of the world. Out of the total population in the country, 115 million are mobile users (basing on the number of mobile subscriptions) and 32 million have access to internet. Most of them  use mobile internet to access social media sites such as Facebook, Twitter, Viber, Instagram, etc. With continuous increasing number of users, numerous innovative application are developed to assist Health Care Providers in providing health care by the use of handheld devices; most of the tasks include but not limited to: point of care health record maintenance and secured access by authorized users; information and time management; communications and consulting; reference and information gathering (CDSS); patient management and monitoring; clinical decision-making; and medical education and training (Ventola, 2014).

This week’s driving question, how can mobile applications be useful in primary care? I picked the project for my HI210 (System Analysis and Design) which focused on providing care during time of emergency. Continue reading “mHealth”

Legal and Regulatory Issues in e-Health

triciuhhhLeave a comment

The proposed Data Privacy Act of 2012 IRR has been around for two years during the Aquino’s term but it hasn’t implemented yet until last August. What does Data Privacy Act covers? It is a law that seeks to protect the all personal information (PI) collected by the Philippine government and private sectors in the country. The IRR contains the covered data privacy principles, how the personal data be handled and processed according to what is lawful, measures to secure and protect personal data and sensitive personal information in the government, rights of the data subjects, and the data breach notification.

This week’s driving question, is the Data Privacy Act adequate to protect confidential health information? Continue reading “Legal and Regulatory Issues in e-Health”

Telehealth in the Philippines

triciuhhhLeave a comment

In today’s rise of technology, the healthcare is following suit in adapting different ways in automation, putting medical records and documentations in electronic format, and other application in delivering healthcare worldwide. To look at it in myopic view, it would be great to take advantage this adaptation since the Philippines is an archipelago that will strongly benefit the great number of remote rural areas that are in dire need of healthcare but do not have access due to the following factors: Continue reading “Telehealth in the Philippines”

Privacy, Confidentiality, Security and Trust

triciuhhhLeave a comment

As previously mentioned before, one of the problems that are being faced in the use and implementation of health information systems is the privacy and security. It has been a stigma for a quite long time that sharing of confidential and personal health information can result to identity theft if the exchange of the information is not secured enough. However,  data subjects (a.k.a persons whose personal information is being processed) should be advised and informed that the use of their information should only be used as consented and under the protection of the law.

privacy_policy_img

For this week’s topic, we are to discuss what are the policies in place to protect the Filipino patient’s privacy and confidentiality of health information? We have different laws implemented for different areas. However, we do not specifically have the one for medical information of the patients. See below for some of the Republic Acts in the Philippines:

  1. Bill of Rights, Philippine Constitution 1987
  2. Republic Act 386 – Civil Code of the Philippines
  3. Republic Act 9344 – Juvenile Justice and Welfare Act
  4. Republic Act 8505 – Rape Victim Assistance and Protection Act of 1998
  5. Republic Act 8504 – Philippine AIDS Prevention and Control Act of 1998
  6. Republic Act 9262 – The Anti-Violence Against Women and Children Act of 2004
  7. Republic Act 9165 – Comprehensive Dangerous Drugs Act
  8. Republic Act 7875 – National Health Insurance Act of 1995
  9. Republic Act 3185 – The Revised Penal Code
  10. Republic Act 10173 – Data Privacy Act of 2012
  11. Republic Act 3573 – Law of Reporting of Communicable Diseases
  12. Republic Act 2383 – The Medical Act of 1959
  13. Hospital Code of Ethics
  14. Department of Health Guidelines in the Planning and Design of a Hospital and other Health Facilities (2004)
  15. Republic Act 8792 – Electronic Commerce Act of 2000; An Act Providing for the Recognition and Use of Electronic Commercial and Non-Commercial Transactions and Documents, Penalties for Unlawful Use Thereof and Other Purposes
  16. Republic Act 5921 – An Act Regulating the Practice of Pharmacy and Setting Standards of Pharmaceutical Education in the Philippines and for Other Purposes
  17. Republic Act 10175 – Cybercrime Prevention Act of 2012

As part of this week activity, we get to pick a hospital and review their privacy policy. However, on my end, most of the private hospital I visited for an interview are very much strict in releasing information. I will be providing insights basing on my observation during my stay in the area.

Patients that are currently confined in the ward, most of their medical information like the bar-coded doctor’s and nurse’s notes, consent forms, Operating procedure, medicine monitoring sheets, medical histories are compiled in the Patient’s Chart. The only group persons who can access to the information are the attending doctors and the nurses on duty on the ward. This medical information is confidential and only the authorized people can access it. It is privately stored in the nurse’s station during the patient’s confinement.

Once the patient is discharged, all of the medical documents from the ward are for safekeeping in the Medical Records department. Authorized persons who access them are MR officers and the attending doctors of the patients. If the patient would want to retrieve a copy of their records, it would only be released if there is a written consent of the patient accompanied with two valid IDs or if there would be a representative, written authorization letter, proof of degree of relationship (i.e., NSO Birth Certificate, Marriage Certificate) and representative’s valid IDs. Otherwise, no information will be released.

Since the provider has been using health information system, primary users of the systems have username and passwords for access. Although ideally there should be a limit or restrictions on up what extent they can access in the system based on their work responsibilities.

References:

  1. Summary of the HIPAA Privacy Rule http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
  2. Summary of the HIPAA Security Rule http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
  3. Rodriguez L and Johnson MD. Patient Privacy: A Guide for Providers. http://www.medscape.org/viewarticle/781892_transcript
  4. Rodriguez L and Pritts J. HIPAA and You: Building a Culture of Compliance. http://www.medscape.org/viewarticle/762170_transcript
  5. Antonio, Marcelo. Health Information Privacy in the Philippines. http://aehin.hingx.org/Share/Details/2044