Advanced Health Informatics

Advanced Health Informatics

In this era of technological advancement, healthcare management is changing for the better. Central to this revolution, is health information system that is making several moves with each passing day. Though advancing into a more complex entity, this component of health still is subject to various challenges. Issues relating to privacy, security, and confidentiality are among problems that clearly face health information systems. Thus, managers should take consideration of such factors for a fruitful selection and adoption of new Electronic Health Record (EHR) system. Moreover, they should have policies and procedures in place that will manage the disclosure of personal health information. Also, he/she should take part in system selection process, and evaluation of vendor contracts. The project management process must also take into account recommendations about application services and utilization of good negotiation skills. Only after addressing these issues, a new EHR system live up to its expectation. Therefore, an analysis of strategies to combat them is crucial in the selection and adoption of a new health information system.

First and most importantly are the challenges of educational programs for employees about privacy, security, and confidentiality. Healthcare organizations have the role of ensuring that all health issues uphold privacy and confidentiality. Therefore, it is within their reach concerning the formulation of strategies for curbing such matters. Educating the employees on matters regarding privacy, security and confidentiality serve best this purpose. However, challenges exist that sometimes make the educational programs ineffective. For instance, Harman, Flite and Bond (2012), are of the opinion that current trends of information exchange among healthcare employees hinder privacy and security. They further note that use of phones or even social media denies an individual his outright confidentiality privileges of healthcare.Moreover, absence a clear guideline that dictates to what confidential level is the patient’s information also worsens this situation. Healthcare professionals are thus in the dark on whether to uphold patient’s confidentiality or share it with colleagues. Consequently, they end acting contrary to the educational requirements for patient’s privacy, confidentiality and security. Challenges of this kind thus signify the need for a change in educational approach for employees. Failure to do so can only guarantee an unsatisfied patient and a health information system that is ineffective.

Central to the plan of redefining of educational programs is several strategies. The project will target issues that relate to privacy and security regulations, adult education, and training methods. To begin with, training methods for employees are crucial to meeting the need for protecting patient privacy. Training is now standard in most healthcare organizations and can be either formal or informal. However, as a visionary leader wishing to institutionalize confidentiality and security, one should reshape the training to suit his/her organization.  For instance, training of new employees upon hiring them and while in-service yield an EHR-sensitive to patient’s privacy needs (Harman, Flite, & Bond, 2012). Secondly, utilization of adult education strategies is also crucial in upholding confidentiality. Adults are more likely to follow to the letter whatever they learn. Thus, an approach that is direct to the point is of the essence when employees are in their adulthood ages. For example, discouraging them from sharing patient’s information in social media platforms will yield a positive response. On the contrary, young employees may not heed the same advice, thereby suffering dearly. Lastly, strict measures such as fines can be helpful in compliance to the set privacy and security rules. Reporting of healthcare workers who fail to use the right means for communicating patient’s health issues to colleagues will ensure employees uphold privacy (Harman, Flite, & Bond, 2012). Evidently, this is proof enough that tailoring educational program is critical to the achievement of confidentiality and security.

Creation of policies and procedures for managing the disclosure of Personal Health Information (PHI) is another critical issue worth exploring. Under the law, the release of PHI is a complicated process that has several steps, which ensure total confidentiality of patient’s information. Many works of literature describe PHI as any information about a patient’s past, present and future that can identify him/her. The sensitivity of patient’s whereabouts makes it of the essence when privacy and security are of concern. Better still, procedures and policies that guide the authorization and disclosure of PIH exist. The target areas of these legal requirements, thus, make it a priority for a leader wishing to come up with a new EHR system. Failure to consider such issues can be the beginning of constant problems with substantial financial penalties a common phenomenon. The factors of interest include but not limited to patient’s right to leave out the directory of a facility or limit utilization of his/her health information. Besides, limitation on the use of PHI for fundraising and procedures, which individuals are permissible to opt out, and special protection for psychotherapy notes (Harman, Flite, & Bond, 2012).

Firstly, it is within the patient’s right to withhold use of PIH. Studies reveal that patient has the right of limiting the range of use of their health information. For instance, one may refuse the hospital the liberty to use PIH for learning purposes. Healthcare systems acting contrary to this are thus causing an intrusion to patient’s privacy, which is not permissible by law. Therefore, leaders must ensure that his/her subordinates are complying with the privacy rule at all cost. Secondly, the use of PHI for matters like procedures and fund-raising despite the patient’s stance of exclusion is also worthy mention. As a leader, there should be a realization that the patient is the controller of his/her care. Thus, it is within the mandate of the patient to opt out of any procedure or financial arrangements that aim his/her wellbeing. Besides, he/she is the custodian of the care, and no one should interfere with own preference. Lastly, leaders should ensure that there is a policy for special treatment of any patient’s psychotherapy notes. A system of this kind will protect one from possible stigma that comes with mental illness. Psychotherapy reports are essential assessing an individual’s state of mind especially in court proceedings (El Emam, 2011). Thus, only sticking to best practices of disclosing information will eventually eliminate such uncertainties.

That notwithstanding, engagement in the selection and adoption of a new system is another crucial issue. As a leader, one has no option but to engage in EHR system selection process. Failure of participation in this process will ultimately result in corrupt dealing that vendors promote through installation of internal salespersons. Such a practice is unnecessary as it delays the institutionalization of a sound system. Also, central to health information system is the Request for Proposal (RFP). RFP defines the organization’s popular services and products. It also serves as a document that introduces the general practice of a specific to vendors. In line with this information, a supplier will seek to modify his/her product or service to the specification. It is at this point that a leader attempts to fine-tune the content element to be in harmony with their ambition of upholding privacy and security. Components that are necessary for addressing privacy and safety concerns in an RFP include questions on security features, data protection, licensing protocols, training needs, compliance with national guidelines for privacy, and customer support services. All these elements are essential when addressing the two issues. A vendor must prescribe how his/her product or service intends to meet all these items as they are of the essence in assuring confidentiality (Yeung, Jadad, & Shachak, 2013). Without these elements than an RFP is just but a document like any other.

In a large health system, many EHR vendors are outstanding in the offer of excellent services. Of the many vendors, three are worthy mention, namely: Allscripts, Epic Systems Corporation, and GE Healthcare. Vetting is an important tool for the choosing of one of these entities. All the same, Epic Systems Corporation has an outstanding capability regarding privacy, security features, and data protection. Therefore, a leader should take this in consideration since such factors are of the essence when choosing a new EHR vendor. On the contrary, Allscripts and GE Healthcare have good reputations in these issues, but their efficiency level is low. The efficiency level is reason enough to choose Epic Systems Corporation over them. Besides, it possesses much strength in comparison to the two entities. For instance, it has 353 customers that are loyal to it, thus, a strong client base. Such ties allow this vendor to improve their focus and provide better services. Moreover, it has an extensive scope of services and solutions that increases its administrative and clinical operations in hospitals. However, Epic has its weaknesses. It is challenging and costly to use as well as it limits the use of other systems (“Epic EMR – Review and Compare | Compare Electronic Health Record Systems”, 2016). Despite its weaknesses, Epic’s services are valuable and widely recognized. Thus a consideration of the same is central to its selection.

Another critical issue in the selection and adoption of new EHR system is evaluation of vendor contract’s elements. For one to consider a supplier, his contract must reflect the following items. Firstly, it should have a vision that is in line with that of the organization. Such a factor is vital in propelling the organization to its goals. Secondly, the contract must have a desirable technology that the entity has been longing to use. Moreover, it should also prescribe the acquisition policies that govern this product. Besides, it should also include an implementation strategy for the new system. Finally, the contract should state the timeframe for vendor viability. With these elements in place, there is a surety of complete implementation process. However, they do not guarantee success of the new EHR system. Instead, a vendor contract may pose the challenge of misleading information about the seller and the product. For instance, the supplier’s vision may only be in line with one’s organization on paper but in practical sense the opposite. Moreover, there is also a possibility for exaggeration of the viability period of a product (Lorenzi, Kouroubali, Detmer, & Bloomrosen, 2009). Therefore, leaders should pay to finer details in this respect.

Lastly, utilization of strategic leadership is another key issue in negotiation process with vendors. In this model, a leader should consider several factors while interacting with the suppliers. To begin with, consideration of the cost of developing a healthcare information system is vital. The plan should ensure there is utilization of minimal resources in the process of system selection. Therefore, one should negotiate to the maximum while interacting with vendors. Secondly, the leader has the role of acquiring a new system that is in line with organization’s strategic plan. It is through this harmony that the organization will be on course to achieve its goals. Lastly, strategic planning necessitates visionary leaders to anticipate change management. A new system will yield a change in the organization operations, which only a strategic plan can direct, the adaptation of the organization (Grant, 2010). Evidently, strategic planning is vital for leaders taking part in contract management.

In conclusion, a new EHR system selection and adoption process is a complex subject that all organizational leaders should take their time to study the same. Failure to do so will only guarantee a health information system that does not uphold privacy and security. Thus, it is high time to devote more time to understanding this subject.


El Emam, K. (2011). Methods for the de-identification of electronic health records for genomic research. Genome Medicine, 3(4), 25.

Epic EMR – Review and Compare | Compare Electronic Health Record Systems. (2016) Retrieved 5 September 2016, from

Grant, M. (2010). Launch of the HILJ Strategic Plan 2010-2014. Health Information & Libraries Journal, 27(1), 1-1.

Harman, L., Flite, C., & Bond, K. (2012). Electronic Health Records: Privacy, Confidentiality, and Security. Virtual Mentor, 14(9), 712. Retrieved from

Lorenzi, N., Kouroubali, A., Detmer, D., & Bloomrosen, M. (2009). How to successfully select and implement electronic health records (EHR) in small ambulatory practice settings. BMC Med Inform Decis Mak, 9(1).

Yeung, N., Jadad, A., & Shachak, A. (2013). What Do Electronic Health Record Vendors Reveal About Their Products: An Analysis of Vendor Websites. J Med Internet Res, 15(2), e36.