Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Business Continuity Planning: Documentation During EMR Downtime Webcast
Similar to Business Continuity Planning: Documentation During EMR Downtime Webcast (20)
More from Julie Champagne
More from Julie Champagne (8)
Recently uploaded
Recently uploaded (20)
Business Continuity Planning: Documentation During EMR Downtime Webcast
- 1. Business Continuity Planning: Documentation During EMR Downtime The webcast will begin shortly...
- 2. Confidential © 2017 Galen Healthcare Solutions You have been automatically muted. Please use the Q&A panel to submit questions during the presentation
- 3. About Us
- 4. Confidential © 2017 Galen Healthcare Solutions Our Vendor Expertise
- 5. Confidential © 2017 Galen Healthcare Solutions Introduction Confidential © 2016 Galen Healthcare Solutions Joe Nyiri • Lead Software Engineer, DevOps • Software Engineer, Development 2/2014 – 1/2017 • TW Upgrade/Technical Team 3/2011 – 2/2014 Business Continuity Planning: Documentation During EMR Downtime • Business Continuity vs. Disaster Recovery • Considerations and consequences regarding EMR downtime • Downtime prevention and mitigation
- 6. Confidential © 2017 Galen Healthcare Solutions Paper Charts • Not affected by loss of Internet • No reliance on software • No interfaces to other systems • Charts are centrally located Electronic Medical Record (EMR) • Increased reliance on technology • Increased costs (licensing) • Learning Curve Difficulty in the Transition Away from Paper
- 7. Confidential © 2017 Galen Healthcare Solutions When was your most recent downtime? Poll
- 8. Confidential © 2017 Galen Healthcare Solutions Business Continuity (BC) • Business- and people-centric • How will we continue to meet our business objective (see and treat patients) during an interruption to our workflow (disaster)? Disaster Recovery (DR) • Subset of the BC plan • Data-centric • Replicating, storing, recovering, and restoring data Terminology
- 9. Confidential © 2017 Galen Healthcare Solutions Categorizing Disasters • Data integrity problem • Data availability problem (AKA Downtime) • Environmental problem • Personnel problem • Privacy problem Defining a Disaster
- 10. Confidential © 2017 Galen Healthcare Solutions Other Important Variables • Duration • Severity • Patient Scope • Physical Scope Defining a Disaster
- 11. Confidential © 2017 Galen Healthcare Solutions What was the duration of your most recent downtime? Poll
- 12. Confidential © 2017 Galen Healthcare Solutions Consequences of Disaster/Downtime • Financial • Downtime costs about $160 per minute. - Daniel Morreale, CIO, Hunterdon Health System 1/19/2017 • One hour of software downtime can cost a practice almost $488 per physician. – Mark Anderson, The Costs and Implications of EHR System Downtime on Physician Practices 2/11/2011 Potential Repercussions of Disasters
- 13. Confidential © 2017 Galen Healthcare Solutions Consequences of Disaster/Downtime • Patient trust • Patient safety Potential Repercussions of Disasters
- 14. Confidential © 2017 Galen Healthcare Solutions Cost of 1% Downtime (99% Uptime) Step Process Description Sample 1 Calculate the organization average annual salary plus benefit costs. Include all staff, their benefits and the average salary plus bonuses for each physician. $2,500,000 2 Calculate the average salary downtime cost. Multiply the value in step 1 time 2.15. The 2.15 value is the average cost factor for each minute a computer system is down. $2,500,000 x 2.15 = $5,375,000 3 Calculate the average cost per hour. Divide the total salary and benefit costs by 2,080, which is the average number of staff paid hours. $5,375,000 divided by 2,080 = $2,584 4 Determine the number of hours the physicians need access to the EHR. Most practices are open Monday through Friday 8 to 5. However, physicians need access to the EHR before and after clinic hours. The study assumed 60 hours per week, but your practice need may be less or more. Monday through Friday at 12 hours per day = 60 hours 5 Determine how many hours 1% downtime (99% uptime) equates to. 1% downtime based on 60 hours per week times 52 weeks per year. 60 x 52 x 1% = 31.2 hours 6 Determine what 1% downtime would cost the organization. Multiply results of step 3 by the results of step 5. $2,584 x 31.2 hours per year = $80,620 per year Adapted from The Costs and Implications of EHR System Downtime on Physician Practices by Mark Anderson 2/11/2011
- 15. Confidential © 2017 Galen Healthcare Solutions Business Continuity Plan (BCP) • Documented procedures to allow you to continue to see patients • Who, what, where, when, and why • Requires maintenance, testing, frequent updates Defining a Business Continuity Plan
- 16. Confidential © 2017 Galen Healthcare Solutions HIPAA Security Risk Assessment (SRA) • Scope as per HIPAA Security Rule • Administrative safeguards (§ 164.308) • Physical safeguards (§ 164.310) • Technical safeguards (§ 164.312) HIPAA Assessments
- 17. Confidential © 2017 Galen Healthcare Solutions Disaster Recovery Plan (DRP) • Business Impact Analysis (BIA) • Identity/define potential disasters • Prevent disaster • Preparing for disaster • Coping with downtime • Recovering from disaster Defining a Disaster Recovery Plan
- 18. Confidential © 2017 Galen Healthcare Solutions Defining and Documenting Workflows • If patient records are electronic, how do we get patient history, active problems, medications, etc. when EHR is down? • If the network is down, how do we know the schedule for the day? • What happens when the issue is resolved and the EHR is available again? • How are walk-ins handled? • What do we do about prescriptions, lab and order requisitions? Patient Care during Downtime
- 19. Confidential © 2017 Galen Healthcare Solutions Potential Documentation Methods • Paper forms • Where are forms located? • Who maintains form stock levels? • What to do when EHR is back up? • Electronic documentation • What about if the network is down? Documentation During Downtime
- 20. Confidential © 2017 Galen Healthcare Solutions DR and BC Solutions • High-availability • Clustered servers • Server farm • Virtualization • Read Only Environment • DR Environment • Hot site vs Warm site vs Cold site • Software-based replication like Zerto • Redundant WAN • SAN Replication Potential Solutions
- 21. Confidential © 2017 Galen Healthcare Solutions VitalCenter • Allows providers to continue to see patients in multiple disaster scenarios - network connection down, EHR upgrade downtime, server migration downtime, EHR unplanned downtime, EHR maintenance, EHR performance issues • Transparent to patients • Providers can document the visit electronically • Staff can focus on treating patients • Provides (by default) charts for last 30 days of appointments and next 5 days of appointments Galen’s BC Solution
- 22. Confidential © 2017 Galen Healthcare Solutions Galen’s BC Solution
- 23. Confidential © 2017 Galen Healthcare Solutions VitalCenter Solution Overview
- 24. Confidential © 2017 Galen Healthcare Solutions VitalCenter Terminal Client • Application installed on staff PCs • VitalCharts are automatically downloaded to PCs • Scheduled VitalCharts allow for patient care even in complete network downtime • On-Demand VitalChart requests cover walk-ins or chart content not in scheduled VitalCharts • VitalNote allows for electronic documentation of the visit, even in complete network downtime • Encrypted, secure, and HIPAA-compliant VitalCenter Solution Overview
- 25. Confidential © 2017 Galen Healthcare Solutions VitalCenter Solution Overview
- 26. Confidential © 2017 Galen Healthcare Solutions VitalCenter Web Access • Access via web browser • No additional software installation or plugins required • View schedules, scheduled VitalCharts, scanned documents • Make On-Demand VitalChart requests • VitalNote visit documentation • Great for thin-client or Citrix as well as gap coverage VitalCenter Solution Overview
- 27. Confidential © 2017 Galen Healthcare Solutions VitalCenter Solution Overview
- 28. Confidential © 2017 Galen Healthcare Solutions VitalCenter Batch Extracts • Submit batches of patients • VitalCharts created in bulk • Up to 1,000 - 2,000 charts created simultaneously • Insurance audits • Research studies • Medical Record requests VitalCenter Solution Overview
- 29. Confidential © 2017 Galen Healthcare Solutions VitalCenter Solution Overview
- 30. Confidential © 2017 Galen Healthcare Solutions VitalCenter Solution Overview
- 31. Confidential © 2017 Galen Healthcare Solutions VitalCenter Online Archival
- 32. Confidential © 2016 Galen Healthcare Solutions OUR PHILOSOPHY
- 33. Confidential © 2017 Galen Healthcare Solutions Thank you for joining us today. To access the slides from today’s presentation, please visit: http://wiki.galenhealthcare.com/Category:Webcasts For additional assistance or to request information about our many services and products, please contact us through our website: www.galenhealthcare.com
Editor's Notes
- Our Team Best in KLAS – HIT Implementation Staffing and Support Clinical workflow and operations experts Average Staff HIT Experience: 12 Years Our company culture - Strive for success, you get the entire Galen team behind every project Cross-section of clinical and non-clinical healthcare application expertise 2.0MM Hours Healthcare Experience 280 Customers served in the last 2 years Boutique, healthcare-focused services & solutions company For over a decade, Galen has built a solid reputation of providing high-quality, expert level IT consulting services to health systems, hospitals and physician practices. The foundation of our growth and success can be attributed to our people. It’s what we care about as a company that makes us unique.
- Our Value Proposition: We transform data into actionable, profitable information Provide world-class Technical & Professional Services to healthcare organizations that interoperate, aggregate, convert, harvest and optimize clinical patient information within their multi-vendor systems portfolio including Practice Management, Electronic Health Record & Health Information Exchange. Deliver a suite of fully-integrated Products that enhance, automate, and simplify the access and use of clinical patient data within those systems to improve cost-efficiency and quality outcomes.
- Paper Charts versus EMR Paper Charts Not affected by loss of Internet Perhaps some workflows are electronic, but for the most part, workflows are paper-based No reliance on software When software is involved, there is the possibility the software breaks down No fees for software No interfaces to other systems Incoming documentation delivered via mail, fax, patient, etc. Charts are centrally located No backups made If destroyed, typically cannot be recovered Electronic Medical Record (EMR) Increased reliance on technology Patient care relies on the EMR EMR and interfaces rely on internal network and Internet Increased costs Infrastructure costs, staff costs, software costs, underlying licensing costs such as OS and SQL licenses Learning curve Need to learn new software New features introduced UI changes
- BC focuses on non-IT-related aspects such as key personnel, facilities and crisis communication DR is focused on the technology infrastructure, and a disaster is any event that can compromise the proper operation of an organization’s system, data and network.
- Data integrity problem – one or more patient records updated incorrectly or deleted, hacking, data corruption Data availability problem – EMR down, server down, network down, PC down, power out, ransomware AKA Downtime Environmental problem – natural disaster, office unavailable, hazardous material spill Personnel problem – loss of vital knowledge Privacy problem – loss of data, not properly wiping hard drives, losing a laptop, hacking
- Duration – if nothing changes, for how long will we be unable to see patients? Severity – how severe is the disaster? What is the possibility it will get worse? Patient Scope – will this disaster affect all patients or just a subset? Physical Scope – is the disaster limited to a certain location or area within a particular location, or is the disaster affecting all areas of the business?
- Financial – loss of income during event, cost of data recovery, loss of future income, HIPAA privacy violation penalties, which are now greater under HITECH, litigation costs
- Patient trust – publicity /stigmaof HIPAA/privacy violations, patients being turned away from office visit because of downtime Patient safety – down systems prevent accurate, quality patient care
- The overall objective of a HIPAA risk analysis is to document the vulnerabilities to the confidentiality, integrity, or availability of ePHI and determine the appropriate safeguards to bring the level of risk to an acceptable and manageable level. Identify what data your organization needs to protect and where that data is at rest and where it goes in motion. This can then provide the basis for your security policies, practices, and technologies you implement to protect all such data. HIPAA Risk Assessment Scope Administrative Safeguards • Risk analysis procedures and demonstration of a risk management process; • Policies and procedures relevant to operational security, including business associate security requirements; • Information access restriction requirements and controls; • Incident response procedures and disaster recovery plan and; • Evidence of periodic technical and nontechnical reviews. Physical Safeguards • Physical access controls, such as building access and appropriate record keeping; • Policies and procedures for workstation security; and • Proper usage, storage, and disposal of data storage devices Technical Safeguards • Auditing and audit procedures; • Use of encryption devices and tools; • Implementation of technology to ensure ePHI confidentiality, integrity, and availability
- A typical DRP process begins with a business impact analysis (BIA). The BIA is the foundation of any sound DRP, and it complements the risk assessment by utilizing the information generated during that process. The main difference between these analyses is that the HIPAA risk assessment focuses on data security and potential adverse events, while the BIA focuses directly on the operational impacts to the business. The BIA reviews what losses will be incurred if the system goes down. The importance of each downed application is ranked highest to lowest, along with the financial impact of each. Identity/define potential disasters Prevent disaster - minimize opportunity for disasters Preparing for disaster – ensure all resources are available to cope with and recover from disaster, as not all disasters are preventable Coping with downtime – operating procedure for downtime and business continuity plan Recovering from disaster – how to resume normal operation
- What to do when EHR is back up? Scan forms in Manual data entry Disorganization leading to staff and patient stress
- Hot site: fully equipped data center with servers that can be online within hours. Typically completely duplicated hardware-wise. This is the most-expensive option. Warm site: Provides basic infrastructure and functionality but requires some lead time to get the servers up and running, a warm site is a less-expensive option, but could take up to a week to bring online. Cold site: secure standby location with no equipment or data; equipment must be brought in and configured, which could take up to a month to be operational.
- Community Support Knowledge center with whitepapers, playbooks, guides. Our contribution to move healthcare IT forward Freely sharing our unique perspectives, our knowledge and our experience Over 622 blog posts Over 213 complimentary webinars delivered Visit our knowledge center - galenhealthcare.com/knowledge-center/ Visit our wiki – wiki.galenhealthcare.com Visit our Blog – blog.galenhealthcare.com