Connectivity in Primary Care Practices

Similar documents

Nine Key Projects in Six Months

Use this checklist to keep track of information your will hear and see during vendor product presentations and demonstrations.

Key Projects 2004/05

ehealth Quarterly Status Report October December, 2010

CareConnect. Current State and Blueprint Context. Version 1.1

PRESENTED BY THE HEALTH CHIEF INFORMATION OFFICER COUNCIL

Vancouver Coastal Fall Caucus. Innovation & Information Management Services / ehealth October 22 nd, 2014 Musqueam Nation

MU/REG 06: Stage 2 and. Preview. Presented by: Presented by: Robert Forrest Marketing Comm Manager

ehr Preparation Technical Aspect

e-health: Privacy Compliance and the Electronic Health Record

Meaningful Use - The Journey Ahead. John D. Halamka MD CIO, Beth Israel Deaconess Medical Center and Harvard Medical School

Canada Health Infoway

Workflow Solutions Data Collection, Data Review and Data Management

InteliChart. Putting the Meaningful in Meaningful Use. Meeting current criteria while preparing for the future

2003, Rainbow Technologies, Inc.

Securing Physician and Patient Portals for HIPAA Compliance

Evolving Strong Authentication at The University of Arizona

PortWise Access Management Suite

VIHA s Electronic Health Record (EHR)

SOA in the pan-canadian EHR

Why SMS for 2FA? MessageMedia Industry Intelligence

SafeEnterprise SSL igate Managing Central Access to Resources with VPX Technology

Image Enabled EMR / EHR

The Convergence of IT Security and Physical Access Control

A brief on Two-Factor Authentication

MEDICAL OFFICE ASSISTANTS PCM Training

9/25/2012. Agenda. Defining the interrelation of MU, HIM and Release of Information IOD s partnership approach to MU

Case studies in Identity Management for Meeting HIPAA Privacy and Security Requirements

Meaningful Use Gap Analysis and Planning Engineering a Hit!

Custom Report Data Elements: 2012 IT Database Fields. Source: American Hospital Association IT Survey

NOVA SCOTIA DRUG INFORMATION SYSTEM

Architecture, Implementations, Integrations, and Technical Overview

I. RECOMMENDATIONS RELATED TO THE TIMING OF STAGE 2

THE WORLD IN YOUR HANDS

How long have med students at your program had remote access to patient info? For at least the last two years and presumably much longer.

State of New Hampshire. Phase 3 Converging on Solutions discussion deck Business and Technical Operations Workgroup. July 20, 2010

meridianemr PATIENT PORTAL Release Notes

GoToMyPC Corporate Advanced Firewall Support Features

Introduction What s in it for me? Frequently Asked Questions Integration and Security IT Optimization Alberta Netcare Information

There has to be more: iconnect Blends XDS and Image Exchange. A Merge White Paper

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

The Authentication Revolution: Phones Become the Leading Multi-Factor Authentication Device

ShadowLink 2. Overview. May 4, ONLINE SUPPORT emdat.com/ticket/ PHONE SUPPORT (608) ext. 1

Xerox Mobile Print Cloud

EHR as the Platform for Interoperability

Ambulatory Electronic Mental Health Record Solution

Electronic Communication In Your Practice. How To Use & Mobile Devices While Maintaining Compliance & Security

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Project Initiation Report HealthInsight HIE

Online Data Services. Security Guidelines. Online Data Services by Esri UK. Security Best Practice

White Paper. BD Assurity Linc Software Security. Overview

Singapore s National Electronic Health Record

Sunrise Acute Care (SAC) Module 1 New Provider Basic Course

IBM Interoperable Healthcare Information Infrastructure (IHII) Overview. China October 2006 IBM

Critical Issues with Lotus Notes and Domino 8.5 Password Authentication, Security and Management

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

RESPONSE TO BC MINISTRY OF HEALTH POLICY PAPER: INFORMATION MANAGEMENT AND TECHNOLOGY

How to Provide Secure Single Sign-On and Identity-Based Access Control for Cloud Applications

Volume 2 Compliance Process

Sample Assignment 1: Workflow Analysis Directions

Establishing A Multi-Factor Authentication Solution. Report to the Joint Legislative Oversight Committee on Information Technology

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall

Electronic Health. North Simcoe Muskoka Overcoming the Challenge!

Balancing risk, cost and user experience with SMS for 2FA

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

The Convergence of IT Security and Physical Access Control

HHIE HIT Summit. July 27, What to Ask Your EHR Vendor About Meaningful Use Stage 2. Hawai i Health Information Exchange

IBM Software. IBM Initiate: Delivering Accurate Patient and Provider Identification for Canadian Electronic Health Records

Meditech 5.6. Re R mot o e A ccess Tra r i a ning No N vemb m er r Page 1

Executive Summary P 1. ActivIdentity

Supporting a Continuous Process Improvement Model With A Cost-Effective Data Warehouse

Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004

Innovative Defense Strategies for Securing SCADA & Control Systems

Networks by Design. The Intentional Opportunities with a Regional, Cross-Continuum Electronic Health Record

A new innovation to protect, share, and distribute healthcare data

3. What are the primary business drivers behind the virtualization assessment effort?

Citrix Receiver. Configuration and User Guide. For Macintosh Users

A Total Cost of Ownership

Defender EAP Agent Installation and Configuration Guide

What is a House Without Its Foundation

Cybersecurity Practices of Ohio Investment Advisers; A Summary of Survey Responses

Two-Factor Authentication

SOA in the pan-canadian EHR

Research Information Security Guideline

I n t e r S y S t e m S W h I t e P a P e r F O R H E A L T H C A R E IT E X E C U T I V E S. In accountable care

AUTHORED BY: George W. Gray CTO, VP Software & Information Systems Ivenix, Inc. ADDRESSING CYBERSECURITY IN INFUSION DEVICES

Cloud Security. Are you on the train or the tracks? ISSA CISO Executive Forum April 18, Brian Grayek CISSP, CCSK, ITILv3

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

Get Plugged in: Defining Your Connectivity Strategy. CHIME College Live 17 April 2013

Meaningful Use Update

Accessing the Mercy Remote Access Portal (SSL VPN)

GE Healthcare. Size it up. Centricity cardiovascular PACS solution

ClinicalConnect EMR Download Training Guide

French Justice Portal. Authentication methods and technologies. Page n 1

BlackShield ID Agent for Remote Web Workplace

How A Connection Broker Simplifies Hosted Desktop Environments

Using Managed Services As A Software Delivery Model In Canadian Health Care

EMR and ehr Together for patients and providers. ehealth Conference October 3-4, 2014

Copyright Telerad Tech RADSpa. HIPAA Compliance

EMC PERSPECTIVE. The Private Cloud for Healthcare Enables Coordinated Patient Care

Transcription:

Connectivity in Primary Care Practices Colin King Clinical Systems Architect Vancouver Coastal Health 4 October 2003

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 2

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 3

Access to lab results, radiology reports, etc. - today Lab results services are provided today by: PathNET (mostly private labs) MediNet (mostly public labs) PHSA is working on clinical broker interfaces to deliver lab results pilot in Nanaimo (Meditech -> Clinicare) Several EMR vendors provide lab interfaces to PathNET, MediNet, etc. some vendors are further ahead than others BC Lab Test Standard developed in late 90s slow uptake Very little electronic delivery of radiology results 4

Access to lab results, radiology reports, etc. - future The lab reform project will implement a provincial lab ordering and results delivery system one system, or a system of systems covering out-patient and in-patient tests standards-based (leverage LTS) access via EMR interfaces and web portal Substantial implementation targetted for Apr 2005 (i.e., 18 mths from now) provincial results service? Fate of PathNET, MediNet, etc. is unclear Standards will make it easier for EMR vendors to implement lab interfaces 5

Access to lab results, radiology reports, etc. - future We are anticipating that the lab reform service will lay the groundwork for electronic ordering and resulting for all types of diagnostic services (incl. diagnostic imaging) Within Vancouver Coastal, we will: focus on shaping the lab reform solution to ensure it meets the needs of acute, community and primary care stakeholders lab services (orders and results i/p and o/p) diagnostic imaging services (orders and results) tactically leverage existing services in the short term where appropriate PathNET, MediNet, PHSA clinical broker 6

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 7

Access to PharmaNet The Medical Practice Access to PharmaNet (MPAP) pilot is being opened up to more users Vendors slow to develop PharmaNet interfaces have been waiting for MPAP pilot to open up Web access: available from MediNet expensive being developed by PathNET integrated with lab results delivery pricing tbd Lab reform project may integrate PharmaNet access into lab results viewer? may also impact PathNET and MediNet in general Vancouver Coastal working with MoH and PathNET to improve PharmaNet interface control number of records reported, reduce screen/printout clutter, allow sorting, etc. 8

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 9

Access to EMR in emergency and other sites Several vendors provide access to their EMRs over the Internet non-web systems need to use Citrix or WTS All BC health authorities have agreed that, when health authority employees access clinical data over the Internet, strong encryption and two-factor authentication is required Strong encryption can be provided by a VPN or SSL What is two-factor authentication? 10

Two-factor authentication (cont d) Computer systems traditionally depend on single-factor authentication: something you know (a user ID and a password) but user ID and password is vulnerable to attack for Internet applications, because the system is exposed to the entire Internet, and user IDs/passwords are not hard to crack Two-factor authentication is based on two of the following factors: something you know (e.g., user ID plus password) something you have (e.g., a USB key) something you are (e.g., a fingerprint) 11

Two-factor authentication (cont d) There are two types of authentication second factors (in addition to user ID and password): mobile carried by user, can be used from anywhere static tied to a specific workstation Examples of mobile second factors: SecurID token USB key Fingerprint Static second factor is often supported by an organization certificate (org cert) digital certificate is loaded onto the workstation used by MoH for Client Registry, Physician Secure Web Site, etc. useful where organizations trust each other s security practices 12

Two-factor authentication (cont d) The provincial Technical Advisory Group is working on agreed health authority solutions for mobile two-factor authentication (usable anywhere) ideally we would like to provide one standard second factor for all BC care providers that would work with every clinical system e.g., USB key, SecurID token lab reform will probably be a key driver In the meantime, VCH/PHC will begin rolling out tactical solutions using a USB key as the second factor rollout for PACS beginning 4Q 2003 13

Two-factor authentication (cont d) For remote access to an EMR from known, static locations (e.g., in an emergency room), an org cert is probably sufficient as a second factor For mobile access to an EMR from a variety of locations, a mobile second factor such as a USB key is needed Note: using two sets of user IDs and passwords ( something you know and something you know ) is not really twofactor authentication 14

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 15

Access to information from local hospitals VCH is working on infrastructure to provide secure remote access to hospital-based systems hospital information systems PACS Using 2-factor authentication and Citrix/WTS where needed PACS pilot projects underway HIS pilot projects over next 6 months Not currently offering electronic distribution of hospital documents such as discharge summaries can explore further if there s interest future: leverage lab reform infrastructure? 16

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 17

Electronic medical summary e-ms being developed by VIHA and MoH: a standardized core dataset of key health information in support of health care decisions that can be communicated electronically between physician office information systems or transmitted over secure transport protocols to sites with only a personal computer the e-ms is initially expected to include a summary of key health information including patient demographics, allergies, medications current problems, recent procedures and diagnostics 18

Electronic medical summary (cont d) Phase 1 completing now: establish stakeholder agreement on the functional and business requirements define the e-ms s data content standard define the preliminary application and technology and architecture standards gain preliminary endorsement of the standards In future, vendor EMR s will be expected to be able to send and receive electronic medical summary messages based on the e-ms standard 19

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 20

MoH Secure Web Site for Physicians Provides a simple, secure method for exchanging information between MoH and primary care practices MoH places files in drop-box on web site e.g., CDM patient register primary care practice logs on to web site, downloads files practice can also upload files to MoH e.g., corrected CDM patient register Planning to expand to allow practices to securely exchange information with other practices (e.g., consult notes, referral letters) 21

Agenda Access to lab results, radiology reports Access to PharmaNet Access to EMR from emergency rooms and other sites Access to information from local hospitals Electronic Medical Summary (e-ms) MoH Secure Web Site for Physicians Overall recommendations 22

Overall recommendations Select a good EMR with proven capabilities to provide the interface and access capabilities you need lab interfaces remote access etc. Get the EMR up and running in your practice Then plan, prioritize and implement interfaces and remote access Don t under-estimate the complexity of implementing new interfaces particularly first-time implementations for the vendor 23

Connectivity in Primary Care Practices Colin King Clinical Systems Architect Vancouver Coastal Health 4 October 2003