Linux. Wireless LANS (WLANs) Web portals

Transcription

1 Key Issues, J. Klein Research Note 13 November 2003 Healthcare's 2004 Underlying and Emerging IT Client Issues IT will provide healthcare organizations opportunities in 2004 to improve quality and reduce costs, while presenting challenges to the security and privacy of patient data. We will guide HCOs to achieve their business objectives. Core Topic Healthcare: Healthcare Technologies, Infrastructure and Standards Key Issue What client issues should Gartner research address? The rising cost of healthcare in the United States, its highly variable quality and the limitations to its access by the uninsured are well known to every healthcare organization (HCO) and, increasingly, to the general population. To date, the response of government insurance programs (which purchase 45 percent of U.S. healthcare services) has been largely to hold the line or even lower reimbursement rates despite the continuing rise in the underlying costs of providers. This approach alone puts pressure on HCOs to use IT to improve efficiency. In addition, there is a growing trend to augment this "price control" approach with regulatory and employer-driven initiatives aimed at improving efficiency and quality. Here, too, the application of IT can have an enormous impact. However, which technologies should HCOs invest in? Can a best-of-breed or best-of-cluster approach succeed if an HCO is skilled at application integration? Or is a fully integrated, next-generation, computer-based patient record (CPR) system from one of the first-tier vendors the only hope? Can HCOs with established, multivendor, Generation 2 CPR products incrementally evolve them into advanced-function systems by the judicious use of underlying technologies such as: Linux Wireless LANS (WLANs) Web portals Mobile devices Can they use enabling technologies such as integration brokers, service-oriented architectures (SOAs), and rule and workflow engines? And, can they use emerging technologies such as: speech recognition, handwriting recognition and natural language processing (NLP)? If so, how? Gartner Reproduction of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The reader assumes sole responsibility for the selection of these materials to achieve its intended results. The opinions expressed herein are subject to change without notice.

2 Can transaction-processing-focused payer organization (payers) with multiple back-office systems, heterogeneous databases and legacy systems supporting business "silos" use integration brokers, extraction, transformation and loading products, data warehouses and business intelligence tools, rule engines, workflow and Internet technologies to transform themselves into information managers capable of implementing a new generation of consumer-focused health plans? If so, how? Gartner organizes its research around Client Issues. These are the big questions that keep our clients awake at night. They are questions to which there are no simple answers. The Client Issues introduced here are paraphrases of actual questions that Gartner's healthcare analysts, who follow underlying, enabling and emerging information technologies, have gotten most frequently in client inquires and "one-on-ones" at conferences in 2003, or anticipate receiving in Gartner's intention is to focus our clients and our research on the things that matter most. In 2004, Gartner's healthcare research on underlying, enabling and emerging information technologies will be organized around three primary Client Issues, with each broken down into several secondary Client Issues. Here are the primary and secondary healthcare IT Client Issues for 2004: How can healthcare organizations and application vendors implement underlying, enabling and emerging information technologies to evolve computer-based patient record systems into effective "assistants" in patient care? The value of CPR systems is well established for not only reducing medical errors, but also improving the quality of care by facilitating the implementation of proven clinical protocols. However, realizing the benefits from an advanced-generation CPR system is a significant challenge to even the mostsophisticated care delivery organization (CDO; see "The Gartner 2004 Criteria for the Enterprise CPR" and "The CPR Environment in 2004 and Beyond"). Implementing a Generation 3 (or greater) CPR system is a complex undertaking, affecting nearly all of the clinical personnel and processes in a CDO. Physicians are the most deeply affected; the low rate of participation in the "hands on" use of CPR systems by doctors is an indication that the introduction of a CPR system, particularly a physician order entry module, requires special attention to the needs of physicians. Gartner rejects the notion that physicians are generally computer-phobic. The challenge to physician adoption of CPR systems lies in implementing the system in a manner that ensures that physicians do not permanently lose personal productivity in the transition. 13 November

3 Gartner's research will describe how controlled medical vocabularies (CMVs) enhance the value of CPR systems and will explore best practices that are emerging regarding the use of CMVs, rules and workflow technology in conjunction with the system's clinical decision support capabilities. We will also analyze how leading CDOs are using WLANs, personal digital assistants and tablet computers to entice physicians into direct interaction with the CPR system, and how continuous speech recognition and NLP will be used to lower the barriers to physician use of CPR systems. Many CDOs that have significant investments in Generation 2 CPR systems cannot afford the price of a new, Generation 3 CPR, or the risks associated with the long installation time required for a complete system replacement. Our research will also guide these CDOs in the evolution of their CPR systems to more-advanced functionality. We will address such Client Issues as: What are best practices in the use of controlled medical vocabularies, rule engines and workflow technologies to enhance the effectiveness of computer-based patient record systems? What are the critical success factors in deploying wireless networks for clinical computing? How can wireless networks, mobile devices and bar codes be used to reduce medication errors? Which healthcare organizations, using what strategies and products, are experiencing success in using personal digital assistants and tablet computers? How can continuous speech recognition and natural language processing be used to improve the rate of adoption of computer-based patient record systems by physicians? How will healthcare organizations achieve clinical data interoperability and business process fusion? Payers, providers and pharmaceutical companies have many heterogeneous systems that comprise the application portfolios that help them run their businesses. This will not change significantly during the next 10 years. Integrated suites from a single vendor can help reduce the amount of application integration that must be supported, but it will not eliminate it. There are always boundaries to even the most-comprehensive application suite. Increasing the boundaries that must be crossed to achieve business process fusion will be interenterprise. CDOs that do not master application integration will operate at a progressively greater disadvantage to competitors that do. 13 November

4 Gartner's library of cross-industry research on application integration architectures, strategies and products is extremely rich. Gartner's 2004 healthcare IT research will build on this foundation, with an emphasis on the evolution of vendorsupported SOAs exposed to HCOs in healthcare applications, as well as practical advice for HCOs on achieving the agility of a real-time enterprise through the construction of an enterprise nervous system. Patients are painfully aware of the inability of their HCOs to exchange information except by paper or facsimile. The U.S. government has recently taken an interest in catalyzing the exchange of personal medical records information (PMRI) electronically within the U.S. healthcare system. European countries are far ahead of the United States in this area, with most European governments in the process of building repositories of summary clinical information and mandating providers to update it with standardized information each time they treat a patient and to consult it when they get new patients. The U.S. government, specifically the Centers for Medicare & Medicaid Services, realizes that without the capability to exchange clinical information electronically between doctors in different CDO, not only will it be difficult to drive errors out of the system, but gaining the insight to make federal policy decisions about what interventions are most cost-effective will remain out of reach. Although the technology decisions for handling claims in accordance with the U.S. Health Insurance Portability and Accountability Act (HIPAA) have largely been made, the HIPAA transactions and code sets remain an issue of concern for Gartner clients. The other HIPAA transactions offer the opportunity for actual business process fusion and dramatic cost savings, as has been demonstrated in selected regions that have adopted a community approach to coordinating HIPAA implementations and emphasized architectural support for "realtime" transactions. The adoption of standards for Web services and healthcare information, such as Health Level 7's Clinical Document Architecture, will have a profound effect on whether and how fast a National Healthcare Information Infrastructure emerges to facilitate the exchange of electronic PMRI among HCOs and between HCOs and government agencies with legitimate need for such information. Drill-down Client Issues are: What technologies, architectures, vendors and products are most relevant to supporting an enterprise nervous system in healthcare organizations? 13 November

5 Which healthcare vendors' products and services effectively support service-oriented architectures for use in application integration? What collaborative architectures, Internet-based standards and healthcare information standards should healthcare organizations and application vendors adopt to support effective sharing of healthcare information within the community and across the patient's lifetime? How can rules and workflow technologies be used to improve the efficiency of healthcare provider/payer business processes? What architectures, technologies and governance lead to actual process improvement and cost savings through HIPAA transactions? What are the most-compelling opportunities for Health Level 7's Clinical Document Architecture to enable the sharing of patient medical records among disparate healthcare organizations? What are the business drivers that will lead to successful early adoption of Health Level 7 version 3 messaging? What processes and technologies should healthcare organizations use to secure healthcare information and protect patient privacy? Each wave of technology obliterates the security architecture of its predecessor. PCs broke the host-centric security model. Networked PCs eroded the gains that had been won in securing individual desktops. Distributed applications running across LANs reset security maturity. Also, just as the best practices began to emerge for LANs, the Internet, Web services, WLANs and mobile devices emerged and reset security to zero yet again. No wonder HCOs are confused about how to comply with the HIPAA security regulation. IT is changing rapidly, and HIPAA's the final regulation sets numerous functional requirements, but HIPAA leaves the specifics of implementation largely up to the covered entity. Security technology vendors and consultants have rushed to fill the void, but in some cases their perspectives are ill-informed on the specifics of the healthcare industry. We will provide guidance to our clients on compliance with the HIPAA security regulation based on reasonable responses to risks and assessed in the light of in-depth knowledge of the healthcare industry and information security best practices. Our guidance will never lose sight of the fact that funds are limited and there are many competing projects that directly affect patient safety and quality of care. Drill-down Client Issues are: 13 November

6 How should HIPAA-covered entities approach the organizational process of complying with the HIPAA security regulation? Acronym Key CDO care delivery organization CMV controlled medical vocabulary CPR computer-based patient record HCO healthcare organization HIPAA U.S. Health Insurance Portability and Accountability Act NLP natural language processing PMRI personal medical records information SOA service-oriented architecture WLAN wireless LAN Which authentication and access management technologies and products will be most effective in protecting patient privacy in conjunction with the use of computer-based patient record systems without interfering with clinician productivity? What are reasonable measures that healthcare organizations should take to secure wireless networks and mobile devices? What best practices are emerging in healthcare organizations' use of single sign-on and context management technologies and products? What best practices are emerging for securely communicating with large populations of patients concerning their personal medical information? 13 November