Abstract
Clinical health informatics is a new innovation in healthcare systems to transform paper-based systems to electronic systems. Health information is enhancing care coordination, quality and efficiency, but there are concerns related to protecting security and confidentiality of data. The main aspect of using a different electronic package in hospitals depends on important factors such as confidentiality, integrity and availability of health data.
This paper is an integrative review of the evidence to compare the Confidentiality, Integrity and Availability (CIA) model in different Electronic Health Records [1] and identify the contributing factors in selecting different vendors in hospitals. The Johns Hopkins Nursing Evidence-Based Practice model was used to appraise the quality of studies related to health informatics. Forty-five titles were reviewed and, after reviewing 27 abstracts and contents, seven papers were included in this study. According to the reviewed evidence, a health information framework includes “Confidentiality, Integrity and Availability Triad, MEDITECH, Cerner and EPIC were the most popular hospital software packages because of being user-friendly, accessibility, lower cost and high security.
Access provided by CONRICYT-eBooks. Download conference paper PDF
Similar content being viewed by others
Keywords
1 Introduction
Transition from paper-based medical records to electronic were initiated over the past few years after hospitals found out about the risk of penalties for not improving their care coordination. The Centers for Medicare and Medicate Services (CMS) mandate that healthcare leaders engage in change strategies for EHRs, which increases the cost and improves patient safety.
Electronic Health Records [1] develop the quality of patient care by increasing the integrity and availability of information for providers; however, the security of health records is still one of the main concerns in healthcare systems.
The US Health Insurance Portability and Accountability Act (HIPAA) privacy rule mandates that users and providers protect patients’ information. EHRs contain sensitive patient data along with their identifiers such as diagnosis, past medical history [2].
Healthcare providers must support confidentiality rules while generating multiuser access to EHRs across different settings. There are many vendors to provide EHRs to clinics and hospitals, but according to KLAS in 2014, only three vendors grew this market in clinical health informatics field: Cerner, Epic and MEDITECH [3].
The main characteristics of their suggested information system include Confidentiality, Integrity and Availability [4].
This paper explores some aspects of EHRs based on the evidence and present an integrative review of the advantages of using different electronic records in hospitals.
2 Methodology
A comprehensive search of five major databases was conducted: Scopus, PubMed, CINAHL, Cochrane Library, and Embase. Based on the nature of EHRs, no time frame was entered as an exclusion criterion. The goal was to develop a search strategy and capture a broad match of articles.
Initially, 64 articles were found. After reviewing titles, abstracts, and contents (Fig. 97.1), seven studies met the inclusion criteria and were reviewed in their entirely.
PRIMS flow chart for screening of searched studies
The main approach to appraising the strength and quality of the articles’ synthesizing and translating evidence into practice was the “Johns Hopkins Nursing Evidence-Based Practice Evidence Rating Scales.” [5] The initial search article types included comparative studies, meta-analyses, research support, observational studies, reviews, and systemic reviews of CIA in EHRs. The majority of retrieved articles were classified in level three and four with good quality.
The inclusion criteria for reviewing studies was defined as [3] English language or at least available in an English version of the article, and [5] related to Electronic Health Records.
3 Findings
3.1 Situational Analysis
About 99% of U.S. hospitals use EHRs and it is really improving compared to 31% in 2003 [1]. Using paper-based health records has declined to 1% percent but, according to the American Society of Health-System Pharmacists (ASHP), some departments in hospitals continue to expand their paperless improvements. Since health records present variable aspects of human needs, there are some challenges to maintaining this system [1]. Computerized prescriber-order-entry [1], using barcode scanners for administrating medications, rapid access to radiology pictures, electrocardiogram (EKG), and fetal heart rate monitoring are part of EHRs, in which some still use paper-based reports.
According to “2017 best in KLAS: software & services” report, Epic was awarded in 2017 for the best physician practice vendor and earned the top ranking for the seventh consecutive year [6].
3.2 Electronic Health Records: Effective Progress
Transition of paper-based health records to electronic health records improves the quality of healthcare and accessibility [2, 4, 7,8,9,10,11,12,13]. The majority of articles showed the positive consequences of implementing EHRs in patients’ outcomes. A clinical study compared the average of lab errors after using interfaced HER and it showed that it decreased from 2.24 to 0.16 per 1000 specimens (p < 0.001) [14].
Based on the reviewed studies, the ultimate clinical outcomes of using EHRs includes improving the patient outcomes, decrease in medical errors, and less mismanagement of patients. It also helps healthcare providers retrieve patient information in a convenient, timely manner. The EHRs provides a cost-effective method for enhancing patient safety[14].
3.3 Confidentiality
The main and important rule of EHRs vendors is protecting patient information. Security is the main key in both Epic and Cerner software. The primary purpose of changing paper-based records to electronic records is to support confidentiality with protected accessibility [15]. Patient information cannot be released to others without the patient’s permission and it is a priority for every clinician to preserve confidentiality and recognize the authorized persons in the patient plan of care.
3.4 Integrity
The ultimate approach in EHRs is to extend the integration between different hospitals across the country, but there are some deficiencies in having unity to use the software. More than 65% of hospitals use computerized prescriber-order-entry [1] instead of hand-written medication orders.
Healthcare providers are willing to focus on integrating EHRs in healthcare system. Both Epic and Cerner have the capabilities to connect different databases and facilitate networking (Fig. 97.2).
Care manager, program administrators, and clinicians ranking reportSource: [16]
3.5 Availability
Health information must be available for different clinicians simultaneously. Both Epic and Cerner allow providers to review the information and record their interventions [15]. The information can be stored in EHRs in many different forms: lab reports, radiology pictures, identification data or video files, etc. Thus Epic and Cerner are designed in a way to organize and stratify all this information. Finding the files is not difficult in both Epic and Cerner. It seems both of these software programs need complementary software to store continuous fetal monitoring and the strips of patients who are on cardiac monitoring.
3.6 Patient Safety
One of the important goals of implementing EHRs is providing effective patient care and supporting patient safety. Barcode-assisted medication administration systems is one of important feature of using EPIC, CERNER and MEDITEC.
3.7 Clinical Intervention
Providers must record all their interventions in EHRs. The left side bar of both software programs help clinicians quickly find their intended tab. In addition to writing orders or progress notes, there are other features such as medication administration, access to previous records and sending patients’ prescriptions to the requested pharmacy.
3.8 Future Expectation
The most imperative concern to implement EHRs is maintaining privacy of individuals’ information in healthcare system [7]. Several security strategies and techniques are recognized that are identified as administrative, physical and technical safeguards [7].
A systematic review study addressed the importance of organizational strategies to protect health information [12].
4 Conclusion
The integration between EHRs and outcome improvement was reviewed. The evidence on the EHRs implementation shows improvement in the quality of services and accessibility, but some details need to be clarified more. For instance, unity in implementing the same EHRs in different hospitals or different aspects of networking to improve the availability.
Confidentiality, integrity and availability are the main framework for protecting health data and services. The main security threats include lack of safeguards, configuration weakness, organizational policy and staffing error. Some evidence suggested to use daily database monitoring strategies for protecting information.
Since healthcare staffing plays a significant role in protecting EHRs, it will beneficial for clinicians to know more about the different safety methods and periodical education to enhance the importance of maintaining confidentiality in healthcare systems.
References
Survey: Nearly all U.S. Hospitals Use EHRs, CPOE Systems (2017). https://www.healthcare-informatics.com/news-item/ehr/survey-nearly-all-us-hospitals-use-ehrs-cpoe-systems
H. Lee, S. Kim, J.W. Kim, Y.D. Chung, Utility-preserving anonymization for health data publishing. BMC Med. Inform. Decis. Mak. 17, 104 (2017)
A. Jammu, H. Singh, Improved AES for data security in E-health. Int. J. Adv. Res. Comput. Sci. 8, 2016–2020 (2017)
T.E. Wesołowski, P. Porwik, R. Doroz, Electronic health record security based on ensemble classification of keystroke dynamics. Appl. Artif. Intell. 30, 521–540 (2016)
Johns Hopkins Nursing Evidence-Based Practice. Appendix C: Evidence Level and Quality Guide (2017). http://www.hopkinsmedicine.org/evidence-based-practice/_docs/appendix_c_evidence_level_quality_guide.pdf. Accessed 08 March 2017
KLAS. Bi. Overalll Best in KLAS Awards (2017).
C.S. Kruse, B. Smith, H. Vanderlinden, A. Nealand, Security techniques for the electronic health records. J. Med. Syst. 41, 127 (2017)
R. Kullar, D.A. Goff, L.T. Schulz, B.C. Fox, W.E. Rose, The “epic” challenge of optimizing antimicrobial stewardship: the role of electronic medical records and technology. Clin. Infect. Dis. 57, 1005–1013 (2013)
M. Meingast, T. Roosta, S. Sastry, Security and privacy issues with health care information technology, in Engineering in Medicine and Biology Society, 2006 EMBS'06 28th Annual International Conference of the IEEE (IEEE, 2006), pp. 5453–8
A. Shenoy, J.M. Appel, Safeguarding confidentiality in electronic health records. Camb. Q. Healthc. Ethics 26, 337–341 (2017)
M.R. Tabassum, M.V.K. Burugari, WMSD: towards a new framework approach to privacy-preserving designed for approach in medical patient data. Int. J. Adv. Res. Comput. Sci. 8, 265–268 (2017)
K.T. Win, A review of security of electronic health records. Health Inf. Manag. 34, 13–18 (2005)
L. Zhou, V. Varadharajan, K. Gopinath, A secure role-based cloud storage system for encrypted patient-centric health records. Comput. J. 59, 1593–1611 (2016)
S.R. Lipsitz, A.B. Landman, M.J. Tanasijevic, S.E. Melanson, The Benefits and Challenges of an Interfaced Electronic Health Record and Laboratory Information System (2017)
L.B. Harman, C.A. Flite, K. Bond, Electronic health records: privacy, confidentiality, and security. Virtual Mentor 14, 712 (2012)
Cerner vs Epic: Battle of the EHR Titans (2017). https://blog.capterra.com/cerner-vs-epic/
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Azadi, M., Zare, H., Zare, M.J. (2018). Confidentiality, Integrity and Availability in Electronic Health Records: An Integrative Review. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 738. Springer, Cham. https://doi.org/10.1007/978-3-319-77028-4_97
Download citation
DOI: https://doi.org/10.1007/978-3-319-77028-4_97
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-77027-7
Online ISBN: 978-3-319-77028-4
eBook Packages: EngineeringEngineering (R0)