From the January/February 2016 issue of HealthCare Business News magazine
By Matt Adams and Katie Regan
Integration and interoperability were health care buzzwords in 2015, and we expect this to be the case for 2016.
However, these words are often used interchangeably, much like electronic medical record and electronic health record (EHR) were a decade ago. On June 9, 2005, the Healthcare Information and Management Systems Society (HIMSS) Integration and Interoperability Steering Committee defined both terms: Integration: “The arrangement of an organization’s information systems in a way that allows them to communicate efficiently and effectively, and brings together related parts into a single system.”
Interoperability: “The ability of health information systems to work together within and across organizational boundaries in order to advance the effective delivery of health care for individuals and communities.” Integration must occur before interoperability, but the two are tied closely together, and providers will face many challenges when it comes to implementing technology.
For those who need to move fast and expand clinical capabilities -- and would love new equipment -- the uCT 550 Advance offers a new fully configured 80-slice CT in up to 2 weeks with routine maintenance and parts and Software Upgrades for Life™ included.
Health care systems need to be aware of several key security issues when implementing or integrating technologies. Navigation of these integration challenges requires standards, implementation of emerging technology and collaboration.
Integration security concerns
As health care has become more complex and IT has become more sophisticated, security concerns have grown. Increasingly, we are seeing security and privacy issues in the headlines. These breaches are costing providers millions of dollars to address. In some cases, legal actions and heavy financial penalties are applied. To address security concerns, it is important to identify the most common issues that arise when integrating technology.
Lack of agreement on protocols for integrating systems and devices.
Health care systems and health care vendors have to agree on the type of protocol used to integrate systems and devices. For example, will they use VPN tunnel, FTP, SFTP, SSL and HTTPS? The costs to connect systems and devices range from a few thousand to hundreds of thousands of dollars. Although authentication and other security features are built into the protocols, there are still areas that health care IT professionals need to address, such as the data, itself.
Health Level 7 (HL7) as a protocol lacks built-in security and authentication.
HL7 refers to the seventh level of the International Organization for Standardization (ISO) seven-layer communication model for Open Systems Interconnect, according to Health Level Seven International. HL7 provides a set of standards that “improve care delivery, optimize workflow, reduce ambiguity and enhance knowledge transfer among all stakeholders,” according to the January 2015 Working Group Meeting. HL7 was built at a time when intra-system communication authentication (point-topoint), such as a lab system passing information to a hospital billing system, was not a focus.