Health Information Technology In Mayo Clinic

Abstract

At the moment, all healthcare organizations that are considered effective use wide-ranging forms of information technology (IT). Over the years, Mayo Clinic has made extensive use of IT resources. It built the Synthesis Mobile system to optimize its usage of electronic medical records. This paper explores the usage of the system and the requirements related to its usage. As well, the paper examines the risks associated with the failures and breaches of the IT resources used in healthcare settings.

Introduction

Presently, all healthcare organizations that are considered effective use varied forms of information technology (IT). IT helps the organizations allowing quick access to particular electronic environments; enhancing patient care; reducing the usage of desktop computers and other traditional resources for making and keeping records; and enhancing efficiency and navigation for specific care providers. Over the years, Mayo Clinic has made extensive use of IT resources. Mayo Clinic is a Rochester-based medical research and practice group, which operates on a non-profit basis. It specializes in the management, as well as treatment, of challenging cases via tertiary care (Baglieri & Karmarkar, 2014; Jennex, 2012). Its core values are research, education, and patient care practice. One of the IT applications, or systems, that Mayo Clinic uses is Synthesis Mobile.

Mayo Clinic and Synthesis Mobile

Mayo Clinic is among the leading medical treatment, as well as research, centers globally. It is well-known for its continuing healthcare innovations. Mayo Clinic, Geisinger Health System, Group Health Collaborative, Intermountain Health, and

Kaiser Permanente has since established an IT consortium for sharing their clients’ e-health records (EHRs) on demand. The consortium has been developed into a national data interoperability model over time. Presently, Mayo Clinic’s patients along with physicians use custom mobile applications (apps) on iPad mini, iPad as well as iPhone. The usage of the apps has changed the center’s individualized patient care capabilities markedly (Baglieri & Karmarkar, 2014; Jennex, 2012).

Mayo Clinic built Synthesis Mobile to optimize its usage of EMRs (electronic medical records). Synthesis Mobile is an app capable of tapping into many internal systems. It affords physicians instantaneous access to EMR details regarding particular patients via iPad mini, iPad as well as iPhone (Baglieri & Karmarkar, 2014). Using the app, physicians can sit with patients, have face-to-face conversations, and allow them a look at own CAT scans plus videos on the available treatment options. Physicians use Synthesis Mobile in notifying other staff to do various activities like changing particular IV settings, entering orders, and charging capture from the app. The app helps physicians save time by working fast and efficiently as they do limited work between clients.

Synthesis Mobile eases EMR navigation. Physicians use to it to get an integrated, single view of particular sets of information, as well as data, from multiple and at times unrelated sources. Synthesis Mobile’s functionalities include document signing, clinical messaging as well as full EMR viewing (Baglieri & Karmarkar, 2014; Jennex, 2012). It helps Mayo Clinic’s physicians have a quick access to particular electronic environments, enhances patient care, and reduces the usage of desktop computers and other traditional resources for making and keeping records. Besides, it enhances physician efficiency and navigation.

Components and Requirements of the Synthesis Mobile Program

As noted earlier, Synthesis Mobile is a mobile app that runs on iPad mini, iPad as well as iPhone. It is geared towards enhancing physician efficiency at maintaining the security of EMRs and the protected health information (PHI) details in them at the same time. The iPad minis, iPads, as well as iPhones, which the app runs on, are typified by built-in form of data encryption. One cannot store PHI on the devices. If the devices get lost or wrong passwords are keyed into them successively, one is capable of wiping them clean remotely. As well, to enhance PHI security, the PHI data in them can only be viewed by those accessing it; they cannot edit it in any way (Baglieri & Karmarkar, 2014; Jennex, 2012).

EMRs are a key Synthesis Mobile infrastructure component. EMRs are individuals’ digital, as well as official, health records. The records are shared by agencies and facilities. Another key Synthesis Mobile infrastructure component is the PHR (personal health record). PHRs are health records that individuals maintain for themselves. As well, the operations of Synthesis Mobile need a central health information hub or center, for facilitating communications involving the app and other elements such as EMR sources and physicians. The hub serves as a typical health information exchange, ensuring the interoperability of diverse elements regarding how they share data.

Over the years, Mayo Clinic has ensured that Synthesis Mobile complies with the applicable legal provisions (Baglieri & Karmarkar, 2014; Jennex, 2012). Notably, every IT system handling PHI is required to comply with the privacy rule spelt out in the HIPAA (Health Insurance Portability and Accountability Act). The US DHHS (Department of Health and Human Services) enforces the rule, which is aimed at allowing patients to access own PHI. As well, the rule safeguards the PHI’s privacy by limiting the types and number of parties that access it. As well, Synthesis Mobile, like other IT systems in the world of healthcare, should be run by persons with the requisite technician certifications. Notably, various states obligate health information technicians to acquire specific certifications.

Requirements for Synthesis Mobile to Comply With Patient Information Security Laws

As noted earlier, all IT systems handling PHI, including Synthesis Mobile, ought to comply with the privacy rule spelt out in the HIPAA. The rule is aimed at allowing patients to access own PHI. As well, the rule safeguards the PHI’s privacy by limiting the types and number of parties that access it. As noted earlier as well, Synthesis Mobile, like other IT systems in the world of healthcare, should be run by persons with the requisite technician certifications. Various states obligate health information technicians to acquire specific certifications (Shoniregun, Dube & Mtenzi, 2010; Whitman & Mattord, 2011).

As well, all IT systems handling PHI, including Synthesis Mobile, ought to comply with the HITECHA (Health Information Technology for Economic and Clinical Health Act) and the rules published by the ONCHIT (Office of the National Coordinator for Health Information Technology). The ONCHIT is guided by the HITECHA in the execution of its mandate (Murphy & Waterfill, 2010). As well, the HITECHA charges the DHHS with the established of particular rules to ensure that the IT resources used in healthcare, including Synthesis Mobile, are designed for use in ways that guarantee patient safety, quality healthcare, healthcare efficiency, secure health information sharing, and patient privacy.

Risks Related to System Breach or Failure

Healthcare IT system failures and breaches are associated with varied risks. The failures and breaches affect patients, healthcare facilities, and individual care providers (Murphy & Waterfill, 2010). The breaches and failures may occasion the breach of patients’ privacy-related rights, compromise the care offered to patients, or reduce patients’ trust in those offering care to them (Shoniregun, Dube & Mtenzi, 2010; Whitman & Mattord, 2011). The breaches and failures may affect the trust that the public has in the involved healthcare facilities and individual healthcare provides, or expose them to litigation or fines by agencies such as the DHHS (United States, 2010).

The risks include unlawful, or unauthorized, exposure of PHI. To ensure that PHI is not exposed in ways that may be deemed unlawful, health organizations should ensure that their computing systems lock themselves and limit access to the PHI on them automatically followed inactivity for specified periods. Only authorized personnel should be allowed to log into the systems to access the PHI.

The system failures and breaches put organizations are at the risk of having the PHI held by them exchanged with unauthorized providers, relayed to particular public health agencies, or transferred to given media illegally (Murphy & Waterfill, 2010). The risk can be mitigated by ensuring that the PHI and related data are encrypted, as well as moved, via secure communication lines. The organizations should put in place particular policies limiting the transfer of PHI to storage devices that can be moved around easily.

The system failures and breaches put organizations are at the risk of having unauthorized staff access particular PHI (Murphy & Waterfill, 2010). The risk can be mitigated by ensuring that the PHI is only accessible to particular personnel who log into the systems holding them using unique passwords. Organizations should ensure that suitable role-based access and roles are spelt out clearly and applied. As well, organizations should execute continuing audits to determine those accessing PHI or other sensitive information. The PHI should be segregated appropriately into particular EHR sections to ensure that it is accessed on purpose or accidentally by persons devoid of the requisite authorizations (Shoniregun, Dube & Mtenzi, 2010; Whitman & Mattord, 2011).

Conclusion

At the moment, all healthcare organizations that are considered effective use wide-ranging forms of IT. Over the years, Mayo Clinic has made extensive use of IT resources. It built Synthesis Mobile to optimize its usage of EMRs. Synthesis Mobile affords physicians instantaneous access to EMR details regarding particular patients. Notably, every IT system handling PHI is required to comply with the privacy rule spelt out in the HIPAA. The rule is aimed at allowing patients to access own PHI. As well, all IT systems handling PHI, including Synthesis Mobile, ought to comply with the HITECHA and the rules published by the ONCHIT. Healthcare IT system failures and breaches, which affect patients, healthcare facilities, and individual care providers, are associated with wide-ranging risks.

Scroll to Top