Running head: HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 1

Health Information Systems Acquisition and Implementation

Student’s Name

Institutional Affiliation
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 2

Health Information Systems Acquisition and Implementation

Introduction

The health information systems are a major corporate asset for any health institution and

is always associated with high costs and the benefits that they provide for the proper working of

the healthcare delivery system. This therefore means that the health organization soften employ

meticulous corporate selection criteria in the process of finding the appropriate system to install

with a view to garnering the most benefits from its installation. The organizations have to have

long-term plans in view that are in line with their business initiatives before rolling out a health

information system that will most appropriately meet the specifications of the service delivery.

At the same time the organizational awareness must incorporate a sense of the emerging

opportunities so that the technological trends in place are made the best use of while keeping up

with effectiveness in service delivery. The health information systems plays a key role in the

efficiency of the healthcare delivery system in place and therefore must be given priority and

updated to meet the ever-changing technological standards in the market. The long-term

corporate plans are put in place with consideration of the entire workforce from the data workers

to the professional medical practitioners and nursing team and the managerial team in place at a

health organization. This is because the acquisition and successful implementation of a major

health information system affects all the levels of the workforce and requires their corporation.

For example certain project priorities that are formulated at the top levels of the management

will need the incorporation of the workforce and will need to vetted for compliance with the

government reporting regulations in their interaction with the information system in place. The

already existing architecture of the information systems also plays a role in determining which of

the information systems shall be acquired. The information systems are therefore usually
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 3

modified to meet the employer’s needs and the integration of the applications is done such that it

creates a coherence in the systems architecture of the firm. This is a technical paper that outlines

the acquisition, implementation, standards, policies and applications of an Electronic Medical

Records health information system.

Acquisition

The acquisition of a health information system such as the Electronic Health Records is a

multistep process. The creation of a technological framework in blueprint form as the

Information Technologies Strategic Plan is the first step. The Information Technologies Plan is

concerned with outlining in very specific terms how the incorporation of the proposed health

information system will align with the business initiative and plans of a health organization. The

considerations that are taken into account here include the system-based changes that will be

made and the process-based integration of the information system with the overall cost playing a

key role in selection. The health information system should such that it advances the

organizational goals and objectives while ensuring overall efficiency and productivity. A

balanced scorecard of the likely contribution of the acquisition of the health information system

to every department is therefore factored in. There should a trend towards increased efficiency

and the trajectory of the successful installation of the health information systems should be such

that it is meets the organizational needs (Mogli, 2012). The acquisition process is not limited to

the basics of function performance of the installed software but encompasses the coordination of

all the roles involved in the healthcare enterprise with a view at achieving maximal efficiency.

The process of selection of the health information system therefore takes into consideration the

projected financial gain to the organization and the benefits that will accrue out of the significant

long-term systemic changes.

There are several ways of acquisition of a health information system. One of the chief

ways of acquisition is by outsourcing the information systems. This involves the transference of

the major components of the already existing operational systems of the organization to a

specialized company that provides contractual health inform system services. The long-term

contractual services includes provide a systemic hosting of the parent organization’s data centers,

the software systems in place and the telecommunications systems. The healthcare organization

in this case considers the scope and the quality and the type of the health information system

provided by the specialized vendor and decides whether it suits its organizational goals and

objectives and whether it meets the security regulations. Some cases of outsourcing of the

healthcare systems may mean movement of the technological services abroad by offshoring the

systems in order to achieve certain expertise benefits and cost reductions. Other cases of

outsourcing only involves purchase of the services of a systems developer who is then charged

with the organization-wide installation and maintenance of the health information systems.

Another third-party alternative for acquisition of health information systems may include the

leasing of a proprietary package from a specialized vendor under a license and then customizing

the software to fit the organizational specifications.

Cloud-computing has also been incorporated as a major platform for rolling out a health

information system. The information services provided on this platform includes on-demand

access via the internet to the data centers hosted on the platform with the necessary software

installations and other applications. Cloud computing provides an infrastructure for existing

information applications and may also serve as a platform for developing new applications. The

firm can also opt to use the software-as-a-service (SaaS) over the network. SaaS is a particularly

cost effective way of using enterprise systems. The healthcare organization can implement a
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 5

private cloud as a platform for rolling out the Electronic Health Records system and ensuring

that the resources shared have security checkers and authorized access only.

The Electronic Health Records system can also be developed internally by the healthcare

organization. The two broad methods that can be used to put this general and customizable

system in place include life-cycle development or rapid application development (RAD) (Mitka,

2011). These are the same methods that are employed by the external software vendors. The

large Electronic Health Records will generally be developed by means of a systematic process,

called the system life cycle with involvement of stages such as feasibility study and system

analysis before the installation of the systems.

Implementation

A well-designed health information system rests on the technological infrastructure

already in place, which may include the databases, the data warehouses and the operating

software in place. Establishing and maintaining an Electronic Health Records always requires an

extensive period of planning to ensure that there is a consistent implementation of the complex

technological infrastructure (Korbut, 2016). The corporate goals are used to guide the installation

of the systems and the rolling-out of the information systems is therefore a multi-step process.

The system architecture of the organization must be considered before an organization-wide

implementation of the Electronic Health Records. The specific information systems in place need

to be organized such that they make a harmonious and coherent whole with the organizational

general strategic plans being taken into account. When implementing a health information

system such as the Electronic Health Records, careful stock should be made of how the hardware

and the software installations will ensure that there is support for patient confidentiality and

clinician efficiency. The clinical team must therefore be involved during the process of systems
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 6

configuration and must work in concert with the technical team to ensure that the information

system allows for efficient workflows and does not hinder effective clinical processes.

Successful implementation of the Electronic Health Records requires the integration of the

information technology components with the other multiple aspects of communication within the

organization. When resolution of this integration is arrived at early, it offsets potential patient

safety risks that may arise from mishaps in the integration of the systems. Another factor that is

important to consider during the process of implementation is the patient identification

procedures. A well-designed Electronic Health Records when it is properly configured and

integrated into the existing technological infrastructure will serve well. But there will also be

need to consider the mechanisms that will be put in place in the generation of new patient

records, registration of the patients and the overall retrieval of information in the various levels

of the health organization. These processes are therefore defined and mapped well during the

implementation stage to ensure that problems that may arise out of duplicate records and mix-ups

of patients are mitigated against. Therefore, considering how crucial this process of

implementation, there is need of according it sufficient amount of time. The medical

practitioners must be duly informed of the systems details in the process of acquisition and the

role of each of the health organization’s stakeholders should be clearly articulated with respect to

the health information system.

Standards and Policies

There are several standards that regulate the use of Electronic Health Records. The

requirements for Electronic Health Records functionality are also tied to the standards that act as

the guidelines for the achievement of these objectives. For example, one of the Electronic Health

Records guidelines requires the clinicians to maintain the list of the drugs and medications that
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 7

the patients are taking. For the achievement of this objective therefore the healthcare

organization must provide an option for the inclusion of the medication entries in the Electronic

Health Records for at least 80% of the patients whose records appear in the Electronic Health

Records (Dumortier & Verhenneman, 2011). For an Electronic Health Records system to be

certified to contain this confidential information, the developer must be able to demonstrate that

there is a window of recording, modifying and retrieving the patient’s information in a timely

manner from the system. Certification of an Electronic Health Records system requires testing of

its compliance to the guidelines by an authorized testing organization. For example, a test may

be made to ascertain whether the medication list objective has been satisfied with the testing

process involving the entering a list of medications, modifying them and checking on retrieval

whether the modifications have been included in the new electronic health record. The test

procedures that are used in the certification of the Electronic Health Records are developed by

the federal agency - the National Institute of Standards and Technology.

The medical information systems are always expected to comply with the Health

Insurance Portability Act of 1996. This legal statute deals with safeguarding patient data and

ensuring privacy is accorded to confidential clinical information (Dumortier & Verhenneman,

2011). The guidelines of this Act are particularly important for medical information that is stored

in electronic format. The Health Insurance Portability Act defines the responsibility of the health

organization to ensure security of the patient’s information while maintaining meaningful

confidentiality in the handling of the patient data. The access of the medical data on the

Electronic Health Records platform should be restricted to the authorized personnel only with no

disclosures being made of the patient’s health information without proper authorization.
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 8

There are specific standards that must be put in place to ensure that patient data is

protected over the Electronic Health Records platform. The access to this platform must be

password-protected with the passwords only being shared to those with authorization to access

the information. The patient-protected information must be left unattended such that it can easily

be accessed by a third party. The documentation of the patient’s data must also be specific and

accurate and the templates of entry must be based on clinically appropriate standards of practice.

The documentation integrity must be preserved at all times to avoid patient mix-ups and wrong

clinical interventions.

The health organization must also put in place policies that will guide the use of the

Electronic Health Records platform. One policy that can be instituted is a monthly or annual

health information systems audit depending on the size of the information system. The continual

effectiveness of the controls of the Electronic Health Records should be evaluated after a

specified period of time to ensure system’s integrity. An audit is geared towards ensuring that the

information system is safeguarding the patient’s data in line with the organizational goals and

objectives. Systemic audits can also unearth any loopholes in the securing of the clinical

information. Controlling access to the Electronic Health Records is difficult and therefore a

periodic review of the integrity of the systems in place is necessary. The security measures must

be evaluated periodically and updated to provide constant security to the incoming and outgoing

clinical data. The data encryption tools used for prohibition of access to data must also be

updated every so often to ensure that encrypted data is only decrypted by the intended authorized

parties.

Applications
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 9

The Electronic Health Records have a wide scope of applications. They can be used in

the management of chronic diseases by storage of data of patients with certain targeted chronic

diseases. The application features that can be incorporated into the health information system

include criteria for identifying the individuals at risk and mechanisms for monitoring of the

patient progress (Benhamou, 2011). The Electronic Health Records can also be used by the

patients to facilitate their own care by leveraging the health information repository to store

records of appointments, correspondence with the clinical providers and information about the

medication history. Despite these benefits, the Electronic Health Records may also present the

potential risks of the patient’s data leaking out and interfering with the integrity of the platform.

However, this can be mitigated against by putting proper systemic safeguards in place.
HEALTH INFORMATION SYSTEMS ACQUISITION AND IMPLEMENTATION 10

References

Benhamou, P. (2011). Improving diabetes management with electronic health records and

patients’ health records. Diabetes & Metabolism, 37, S53-S56. doi: 10.1016/s1262-

3636(11)70966-1.

Dumortier, J., & Verhenneman, G. (2011). Legal Regulations on Electronic Health Records: A

Prerequisite or an Unavoidable By-Product? - The Legal Aspects of Electronic Health

Records in Europe and the US Analysed. SSRN Electronic Journal. doi:

10.2139/ssrn.1975758.

Korbut, A. (2016). Electronic Health Records and Clinical Routines: Convergence and

Divergence. SSRN Electronic Journal. doi: 10.2139/ssrn.2764201.

Mitka, M. (2011). Electronic Health Records. JAMA, 305(14), 1402. doi:

10.1001/jama.2011.414.

Mogli, G. (2012). Challenges of Electronic Health Records Implementation. Sri Lanka Journal

of Bio-Medical Informatics, 2(2), 67. doi: 10.4038/sljbmi.v2i2.2242.