Laboratory Information Management Systems. Presented By: Happy Mashigo & Vuyiswa Kenke

Similar documents
Module 1 Study Guide

ITIL A guide to service asset and configuration management

1 What does the 'Service V model' represent? a) A strategy for the successful completion of all service management projects

CHAPTER 11 COMPUTER SYSTEMS INFORMATION TECHNOLOGY SERVICES CONTROLS

CHIS, Inc. Privacy General Guidelines

This interpretation of the revised Annex

INFORMATION TECHNOLOGY CONTROLS

IT General Controls Domain COBIT Domain Control Objective Control Activity Test Plan Test of Controls Results

Free ITIL v.3. Foundation. Exam Sample Paper 1. You have 1 hour to complete all 40 Questions. You must get 26 or more correct to pass

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

Internal Control Deliverables. For. System Development Projects

Health Information Technology & Management Chapter 2 HEALTH INFORMATION SYSTEMS

Applying ITIL v3 Best Practices

PART 10 COMPUTER SYSTEMS

We Believe the Possibilities. Delphic AP

Information Technology Auditing for Non-IT Specialist

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

Content Sheet 16-1: Introduction to Documents & Records

IT SERVICE CONTINUITY AS RELATED TO THE MANAGEMENT OF ELECTRONIC RECORDS POLICY

A Best Practices Point of View from. Data Backup and Disaster Recovery Planning

Part A OVERVIEW Introduction Applicability Legal Provision...2. Part B SOUND DATA MANAGEMENT AND MIS PRACTICES...

INFORMATION TECHNOLOGY MANAGEMENT CONTENTS. CHAPTER C RISKS Risk Assessment 357-7

MHRA GMP Data Integrity Definitions and Guidance for Industry January 2015

GLP Records Storage and Retrieval

HIPAA Security Alert

Autodesk PLM 360 Security Whitepaper

PERFORMANCE EVALUATION AUDIT CHECKLIST EXAMPLE. EIIP Volume VI

ITIL A guide to event management

MHRA GMP Data Integrity Definitions and Guidance for Industry March 2015

ITIL A guide to Event Management

Best Practices for the Installation and Operation of an Automation Change Management Software (CMS) System

Course Outline. Course 20336B: Core Solutions of Microsoft Lync Server Duration: 5 Days

IT Service Management

IPL Service Definition - Master Data Management for Cloud Related Services

U. S. Department of Energy Consolidated Audit Program Checklist 5 Laboratory Information Management Systems Electronic Data Management

INSIDE. Preventing Data Loss. > Disaster Recovery Types and Categories. > Disaster Recovery Site Types. > Disaster Recovery Procedure Lists

REQUEST FOR INFORMATION (RFI) Health Interface Engine Solution

Full Compliance Contents

SESSION 8 COMPUTER ASSISTED AUDIT TECHNIQUE

Risk & Hazard Management

Guardian365. Managed IT Support Services Suite

Preparation Guide. IT Service Management Foundation Bridge based on ISO/IEC 20000

Laboratory Computer Systems

Action/Task Management

A Guide to Electronic Medical Records

Internal Audit Report ITS CHANGE MANAGEMENT PROCESS. Report No. SC-11-11

Retention & Destruction

Self-Service SOX Auditing With S3 Control

Roles within ITIL V3. Contents

Managed IT Services by

What you should know about Data Quality. A guide for health and social care staff

Core Solutions of Microsoft Lync Server 2013

Cisco Change Management: Best Practices White Paper

HP Service Manager software

HIPAA COMPLIANCE AND DATA PROTECTION Page 1

RECORDS MANAGEMENT RECORDS MANAGEMENT SERVICES. Cost-Effective, Legally Defensible Records Management

University of Liverpool

AHE 232 Introduction to Clinical Software. Week six:

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

ITIL Service Lifecycle Operation

OECD SERIES ON PRINCIPLES OF GOOD LABORATORY PRACTICE AND COMPLIANCE MONITORING NUMBER 10 GLP CONSENSUS DOCUMENT

ITIL Foundation Certification Course

IT Organisation in Change

ACDM GUIDELINES TO FACILITATE PRODUCTION OF A DATA HANDLING PROTOCOL

1. Which of the following best means Combination of Internal & External Sourcing? 3. Which of the following CANNOT be stored and managed by a tool?

This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered business sensitive.

PHASE 9: OPERATIONS AND MAINTENANCE PHASE

Ford Motor Company CA Certification Practice Statement

Big Data Analytics Service Definition G-Cloud 7

G-CLOUD 7 - VIRTUAL ASSET MANAGER (VAM) SPECIALIST CLOUD SERVICES (SCS)

Vodafone Total Managed Mobility

N e t w o r k E n g i n e e r Position Description

An Approach to Records Management Audit

Course Outline. Core Solutions of Microsoft Lync Server 2013 Course 20336B: 5 days Instructor Led. About this Course.

HIPAA 203: Security. An Introduction to the Draft HIPAA Security Regulations

How To Manage A Patch Management Process

Transition Guidelines: Managing legacy data and information. November 2013 v.1.0

SECURE CLOUD SOLUTIONS FOR YOUR BUSINESS.

How Routine Data Center Operations Put Your HA/DR Plans at Risk

IT Service Continuity Management PinkVERIFY

Gatekeeper PKI Framework. February Registration Authority Operations Manual Review Criteria

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

Preparing for the HIPAA Security Rule

Policies and Procedures Audit Checklist for HIPAA Privacy, Security, and Breach Notification

Cloud Computing and Records Management

Build (develop) and document Acceptance Transition to production (installation) Operations and maintenance support (postinstallation)

Information Technology Solutions. Managed IT Services

10533: Deploying, Configuring, and Administering Microsoft Lync Server 2010 Duration: Five Days

MANAGEMENT AUDIT REPORT DISASTER RECOVERY PLAN DEPARTMENT OF FINANCE AND ADMINISTRATIVE SERVICES INFORMATION TECHNOLOGY SERVICES DIVISION

Transcription:

Laboratory Information Management Systems Presented By: Happy Mashigo & Vuyiswa Kenke

Welcome Welcome to the Laboratory Information Management Systems Module 2

Module Objectives At the end of this module, participants will be able to: Describe important elements of an information management system; Discuss guidelines on standards, policies and best practice of Information Management; Explain things to consider when developing a manual, paper-based information system; Describe the advantages and disadvantages of a computerized information management system; Discuss IT governance and best practice; Discuss IT standards and security. 3

The Quality Management System 4

Activity You manage a laboratory for a 300 bed hospital and the administrator has just notified you that funds are available for the purchase of a computerised laboratory information system. How do you assess the relevancy of such a system for your laboratory? 5

Information Management Establish processes for managing data Source: WHO Training Toolkit 6

Information Management Elements Effective communication Unique identifiers for samples & patients Standardised request forms Effective reporting systems Important elements Logs, worksheets Confidential Data protection Checking processes 7

Information Management Elements (continued ) Patient identifiers Patients who are hospitalised must have a unique patient identifier, often bracelets are used. It is advisable that this unique patient identifier is used for the duration of the hospital stay. Sample identifiers Unique identifiers must be allocated to patient samples, so they can be tracked throughout the laboratory. Forms: -- Standardise the test form the form should indicate all information that needs to be provided when ordering and submitting a test request, and in the design there must be sufficient space for recording the information; make sure that it is completed correctly. Logs and worksheets must be kept. Recording data at the time of arrival of the sample in the laboratory are kept in a log book, while a worksheet is used to record which patient samples are being tested during a certain procedure. In a paper-based system, this will be a written record, usually in a bound book. For an electronic system, logs and worksheets may be generated from the computer. One must decide as to what information should be recorded. 8

Information Management Elements (continued ) Processes: Errors can occur at any time when handling data. Put processes in place as precaution and protection against errors at these points. Implement formal checking processes to ensure the accuracy of data recording and transmission of handwritten or keyed information. Data Protection: Protect against loss of data. For paper-based systems, use safe materials for recording and storing the records properly. For computerized systems, regular backup processes are required. Confidentiality: Protect patient s privacy by implementing security measures to guard the confidentiality of laboratory data. Policies and procedures to assure confidentiality of patient information must be put in place and this is the responsibility of the laboratory director. Reporting systems: The test result, or the report is the final product of the laboratory. The test result must be issued timeously. It must also be accurate, legible, and easily understood. It should be verified and signed by the appropriate laboratory staff. Communication: When planning for paper-based or computer-based information systems, consider the need for a good communication system the enables a laboratory to connect both internally and externally. 9

Common problems Computer systems incompatible Transmission errors Data incomplete COMMON PROBLEMS ID (patient/sample) insufficient Forms inadequate Data organized poorly Archiving poor 10

Developing a paper-based system Staff need to be informed that when using a paper system, the following points are important: All data entry must be complete. Handwritten logs must be checked. Emphasize to employees the importance of legibility. If issuing handwritten reports, the laboratory must always make a copy for its files or archives. Not having an exact copy of the report can lead to later problems, if errors in transcription occur. 11

Storing paper-based materials Goals: Find results Trace samples Evaluate occurrences Useful rules: Keep everything for a designated time Ensure easy access Use a logical system for filing Number in chronological order 12

Storing paper-based materials (continued ) Paper is brittle, and susceptible to water, fire, humidity, and vermin (rodents and insects). Use a storage area that will protect against these elements as much as possible. X 13

Developing a computer-based system (LIMS) A computerised system for laboratory data is known as a laboratory information management system and is referred to by the acronym LIMS or LIS. A well planned and installed LIMS brings accuracy and accessibility to the flow of samples and data in the clinical laboratory. 14

Laboratory Information Management System Advantages of LIMS 15

The Use of LIMS in Disease Management Pre Analytics Request Forms Patient demographics Patient History Test Post Analysis Patient demographics Test Patient Results Tools to be used Analysers Stats from the LIS Lab Resources Pathologists, Scientists, Medical Technologists 16

Process: Path of Workflow 17

Application 18

Referrals between Laboratories 19

Laboratory Connectivity 20

Data Centre A Data Centre is a facility or centralized repository used for storage and management of Data This includes computer and server operations, data entry, data security, data quality control and management of services and applications used for data processing. Management of Data Centre requires a number of tools, policies and strategies to create and maintain. 21

IT Governance and Best Practice ITIL COBIT5 (audited tool) Prince 2 King III 22

ITIL v3 Life Cycle 23

ITIL v3 (continued ) 24

IT Service Management Key issues facing many of today s senior Business Managers and IT Managers in Service Management includes: IT and business strategic planning; Integrating and aligning IT and business goals; Implementing continual improvement; Measuring IT organization effectiveness and efficiency. 25

ITIL Service Management Cycle Organizations that use IT depend on IT to be successful. ITIL gives guiding processes to ensure that the business s success can be achieved. Service Strategy Service Design Service Transition Service Operation Continual Service Improvement 26

ITIL Service Management Cycle (continued ) Service Strategy For an organisation to be successful, the services provided must be perceived by the customer to deliver sufficient value in the form of outcomes that the customer wants to achieve. Service Design The design of appropriate and innovative IT services, including their architectures, processes, policies and documentation, to meet current and future agreed business requirements. Service Transition The role of Service Transition is to deliver services that are required by the business into operational use. 27

ITIL Service Management Cycle (continued ) Service Operation Is to deliver agreed levels of service to users and customers, and to manage the applications, technology and infrastructure that support delivery of the services. Continual Improvement Continual Service Improvement (CSI) is concerned with maintaining value for customers through the continual evaluation and improvement of the quality of services and the overall maturity of the ITSM service lifecycle and underlying processes. 28

COBIT5 Principles 29

COBIT5 Principles (continued ) 30

IT Governance through COBIT5 IT Governance is the ability of senior management to direct, measure and evaluate the use of IT resources to achieve organisations strategic goals. Cobit5 provides guidelines on adopting a formal approach to IT governance by setting out standard procedures and processes to be implemented by IT departments in order to improve service delivery to customers and Risk management. 31

COBIT5 Cobit Framework is set out of 34 high level processes, grouped into 4 domains that cover all aspects of IT. Measurement scales 0-5 0 - Non-Existent 1 - Initial/ Ad-hoc 2 - Repeatable but intuitive 3 - Defined Process 4 - Managed And Measurable 5 - Optimised 32

IT Standards / Security Data protection and security are critical components of routine pathology practice because laboratories are legally required to securely store and transmit electronic patient data Computer equipment, data, information, and computer services should be protected from unintended or unauthorized access Data should be made available to clients for years after release for research and legal purposes, dictated by law or governance. 33

IT Standards / Security (continued ) All electronic systems or devices that play a role in generating, capturing, storing, or modifying patient data require security review. This includes LIS hardware and software as well as devices that can access LIS data (i.e., mobile devices such as tablet computers or smart phones) or interfaced devices such as instruments or point of care testing devices. Laboratories should establish audit programs to ensure that access to health information systems is appropriate and has not been compromised. 34

IT Standards / Security (continued ) Written policies are required to cover the mechanisms available to provide individuals with access to information systems. Policies and procedures for terminating access, such as when staff leaves the health-care organization need to be implemented. In addition, security awareness training should be provided to all staff members. Initial general training should be reinforced through periodic security reminders. 35

System Availability and Disaster Resiliency A major requirement of laboratory computer systems used to manage patient information is their reliability. Laboratories should have procedures for both planned and unplanned system outages (i.e., down-time) which should address how the laboratory should function during the outage and the sequence in which all impacted software in the laboratory (LIS, middleware, instrument software, etc.) are brought back online once the outage has been resolved. 36

System Availability and Disaster Resiliency (continued ) For planned outages (i.e., down-time that occurs to perform system maintenance or an upgrade), the procedure should define the sequence as well as the process for shutting systems down. For unplanned events, procedures should assign responsibility for determination of the cause of the outage to defined individuals as well as the process and persons responsible for performing disaster recovery. Down-time procedures should be logged /documented should specify the laboratory's response based on the type of system outage (e.g., LIS, instrument, network etc.) can be updated annually as systems or risks change. 37

System Availability and Disaster Resiliency (continued ) Any unplanned outage can result in data loss, it is critically important for the laboratory to develop robust data protection mechanisms that minimize loss and help speed up the recovery process. Different Backup mechanisms can be used 38

Summary System for managing both incoming and outgoing data. May be paper-based or computer-based. Both require a similar framework, including unique identifiers, forms, logs and worksheets. Cost is a major factor in using a computer-based system. A good information management system will: Ensure all data the final product of the laboratory is well managed Consider all the ways laboratory data will be used when planning a system Assure the accessibility, accuracy, timeliness, and security of data Ensure confidentiality and privacy of patient information 39

Summary (continued ) Disease management is made easy through the use of IT LIS. Data can be accessed from a central storage centers Data in the LIS can be used for survey statistics Disease Hot spots or problem areas can be identified using patient results. The results can be used in anonymity through the use of Unique Identifiers. Historic data can be referred to, for future management of pandemics. Security in Data centers and Lab Networks should be trusted to restrict use to only authorised users. 40

References & Links References WHO: Quality Management Toolkit ISO 15189:2012: Quality management in the clinical laboratory Guidance for Laboratory Quality Manuals (Ontario Laboratory Accreditation Division) ITIL_V3_Study_Guide (Taruu LLC) Links http://www.techrepublic.com/blog/it-security/cobit-5-forinformation-security-the-underlying-principles/ 41

Wrap Up for Module 5 Participants are now able to: Describe important elements of an information management system; Discuss guidelines on standards, policies and best practice of Information Management; Explain things to consider when developing a manual, paper-based information system; Describe the advantages and disadvantages of a computerized information management system; Discuss IT governance and best practice; Discuss IT standards and security. 42

Questions 43

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information