Blue Team: Jamie Jackson

Cost and Security Challenges When Implementing An Electronic Health Record

Purpose: • Discuss the challenges with cost and security of implementation of

EHR

• Discuss the causes and effects of these challenges

• Discuss possible solutions

Purpose

• With the unrelenting pressure and demand for implementing EHR, health care systems in the United States are facing many challenges with this process.

• Two most critical factors underlying these challenges are cost of implementation and security during and once implemented

Problem Statement

• Utilizing medical journals and other resources, as well as interviews with administrators and staff from leading hospitals and private practices, and health care organizations we were able to analyze the effects of these challenges as well as come up with possible solutions.

Methodology

• Medical Center of Lewisville

– 202 bed for profit community hospital

• Children’s Medical Center

– 559 bed not for profit pediatric hospital

• Baylor Hospital of Plano

– 112 bed not for profit county hospital

• Dallas Associated Dermatologist

– 50 year old dermatology facility

• Health Information Management Systems Society

– National Health Information Organization

Healthcare Organizations Reviewed

Barriers to Implementing EHR

• Lack of adequate funding was cited by 729 health care providers as the most significant barrier to adopting electronic records

• Estimated that purchasing and installing EHR will cost over $32,000 per physician

• Maintenance about $1,200 per month • Vendor costs account for 60-80% of these

Cost Analysis

When implementing an EHR system there are several costs to consider:

• Start Up Costs

• Software Maintenance Costs before, during, and after implementation

• Training costs

Cost Analysis

Cost Analysis

Cost Analysis

Michael Matthews, chief executive officer of health-information technology firm MedVirginia, said security is on everyone's mind.

"Many in the field will argue that data is actually more secure in electronic format than paper," Matthews said. "There are audit trails left every time an electronic health record is accessed, who accessed it, what results within the record have been accessed. Whereas with paper records, you have no idea who has looked at it, who made copies, what has been taken out of it."

Security Analysis

Types of BreachesU.S. Department of Health & Human Services

HHS.gov website gathered a list of breaches of unsecured protected health information affecting 500 or more individuals in the U.S.. They posted 108 reported types of breaches (2009-2010).

-Types of breaches included: theft, improper disposal, unauthorized access, loss, hacking/IT incident, Incorrect mailing, other

- Location of breached information: laptop, desktop, network server, email, portable devices, EHR, other

Security Analysis

Security Analysis

Security Analysis

• This project has provided an opportunity to understand the EHR technology system and the challenges during implementation as it relates to cost and security. Understanding the benefits of the technologies and the problems experienced by doctors who use the technologies can help others make a better decision for their practice.

Conclusions

• No true monetary savings due to the purchasing of new technology, software, hiring and ongoing training

• Trade off: increased efficiency, accuracy and safety

• If any savings it would be among larger institutions, which already draw in enough revenue for the funding of EHR systems

• Cost outweighed security as the largest concern to the implementation of EHR

• Vendors have taken advantage of the necessity of implementing EHR by padding their prices

• Most security breaches are from carelessness among staff ,lack of training, inadequate funding for security

Findings

• Quality leadership that embraces the goals of the organization regarding EHR

• Training, training, training• Factor in additional equipment costs needed in addition to EHR

product• Do not try to change the organization to meet the needs of the HER• Review and evaluate the organization as well as several different

products• Make sure that EHR chosen is interoperable with technology

already being used; i.e. billing systems, EMR• Look into discounts/perks offered by insurers for EHR use

Recommendations

• Breaches affecting 500 or more individuals. (2010). Retrieved fromhttp://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/

postedbreaches.html

• Ponemon Institute LLC, Initials. (2010, November 9). Dgs health law blog [Web log message]. Retrieved from http://www.dgshealthlaw.com/uploads/file/Ponemon_Benchma

k_Study_on_Patient_Privacy_and_Data_Security%5B1%5D%281%29.pdf

References

Questions/Answers