Special Topics in Vendor- Specific Systems

1
Special Topics in Vendor- Specific Systems

• System and Database Architectures Used in
  Commercial EHRs

• This material (Comp14_Unit5) was developed by
  Columbia University, funded by the Department of
  Health and Human Services, Office of the National
  Coordinator for Health Information Technology
  under Award Number 1U24OC000003.

2
System and Database Architectures Used in
Commercial EHRsLearning Objectives

• After this completing this unit, you should be
  able to
• Demonstrate concept knowledge of system and
  database architectures used in commercial EHRs
• Describe the health information systems
  landscape, including how EHRs exchange
  information with ancillary systems such as
  Pharmacy, Laboratory, etc.
• Identify the differences between thick and
  thin-client EHR deployments
• Compare different operating systems and databases
  used by EHRs
• Explain the importance of security, privacy,
  auditing and performance monitoring in EHRs

3
What is an EHR?

• Software program providing a systematic
  collection of electronic health information about
  individual patients
• Exchanges information with ancillary clinical
  systems, such as Pharmacy, Laboratory, etc.
• Stores information in a database

4
Sample EHR Architecture

• (Vawdrey, 2011.)

5
EHR Hardware Platform

• Back-end
• Database server
• Application server
• Front-end
• Where clinician interaction occurs
• Desktop PC, mobile device

6
EHR Hardware Platform

• Thick-client
• a thick-client (or fat-client) application
  processes most or all of its business logic on
  local computing resources (e.g., a desktop PC)
• provides rich functionality independent of a
  central server
• Thin-client
• a thin-client application relies on its server to
  process most or all of its business logic
• Web-based
• Google Docs compared to traditional Microsoft
  Office
• Citrix Independent Computing Architecture (ICA)
• A proprietary protocol for an application server
  system
• Permit ordinary Windows applications to be run on
  a suitable Windows server, and for any supported
  client to gain access to those applications

7
Example EHR Hardware Configuration Using Citrix

• (Vawdrey, 2011).

8
EHR Software platform

• Operating system
• Servers
• Unix (AIX, HP-UX, Solaris, etc.), Linux, Windows
  Server
• Clients
• Windows, Linux, MacOS
• Mobile Blackberry, iPhone, Android
• Database
• IBM DB2, Oracle, Microsoft SQL Server,
  InterSystems - Caché

9
Databases

• Relational
• IBM DB2, Oracle, Microsoft SQL Server
• Hierarchical
• InterSystems Caché, IBM DB2 PureXML

10
Relational Databases

• A relational database is a collection of data
  items organized as a set of formally-described
  tables from which data can be accessed or
  reassembled in many different ways without having
  to reorganize the database tables
• The standard user and application program
  interface to a relational database is the
  structured query language (SQL)

11
Hypothetical Relational Database Model

• (Vawdrey, 2011).

12
Hierarchical Databases

• A hierarchical database organizes data into a
  tree-like structure. The structure allows
  repeating information using parent/child
  relationships each parent can have many children
  but each child only has one parent
• All attributes of a specific record are listed
  under an entity type

13
Hypothetical Hierarchical Database Model

• Vawdrey, D. (2011)

14
Vendor Comparison of System Architectures

• Inpatient EHR
• Epic, Allscripts (formerly Eclipsys), Quadramed
• Ambulatory EHR
• NextGen, eClinicalWorks
• http//onlinebuyersguide.himss.org/
• http//www.klasresearch.com/Search/Browse.aspx?t2
  

15
HIMSS Online Buyers Guide

• (HiMSS online buyers guide, 2011).

16
KLAS Research, LLC

• (KLAS, 2011).

17
Epic

• Epic offers an integrated suite of health care
  software centered around a hierarchical
  MUMPS/Caché database.
• MUMPS (Massachusetts General Hospital Utility
  Multi-Programming System), or alternatively M, is
  a programming language created in the late 1960s,
  originally for use in the healthcare industry
• Designed for multi-user database-driven
  applications
• Predates C and most other popular languages in
  current usage

18
Epic

• InterSystems Caché is a database management
  system from InterSystems Corporation
• Provides object and SQL access to the database,
  as well as allowing direct manipulation of
  Cachés underlying data structures
• The company claims Caché is the worlds fastest
  object database
• Caché runs on Windows, Linux, Sun Solaris, HP-UX,
  Tru64 UNIX, AIX, Mac OS X and OpenVMS platforms

19
Epic

• (EpicCare impatient EMR-KLAS Performance Ratings,
  2011).

20
Allscripts

• Their acute care EHR offering, Sunrise Clinical
  Manager, uses SQL Server as its underlying
  database, and operates as a thick-client, Windows
  Forms application
• The application was developed using Microsoft
  .NET technologies

21
Allscripts

• (Eclipsys Sunrise Clinical Manager KLAS
  performance ratings, 2011).

22
Quadramed CPR

• (QuadraMed CPR KLAS Performance Ratings, 2011).

23
NextGen EMR

• (NextGen EMR KLAS Performance Ratings, 2011).

24
eClinicalWorks EHR (ECW)

• Privately held, CCHIT-certified, winner of many
  awards (TEPR, KLAS)
• One integrated system for practice
  management/EHR/billing/PHR system
• Java, MySQL, and Apache Tomcat
• Client/server and ASP models
• Normally 10,000 equipment (through PCIP is
  4,000 equipment)

25
Monitoring the EHR

• Security and Privacy
• System Use
• Performance

26
Security and Privacy

• The Health Insurance Portability and
  Accountability Act of 1996 (HIPAA) contains rules
  on privacy and security
• The HIPAA Security Rule specifies a series of
  administrative, physical, and technical
  safeguards for covered entities to use to assure
  the confidentiality, integrity, and availability
  of electronic protected health information
• The HIPAA Privacy Rule provides federal
  protections for personal health information held
  by covered entities and gives patients an array
  of rights with respect to that information

27
Security and Privacy

• The Health Information Technology for Economic
  and Clinical Health (HITECH) Act, enacted as part
  of the American Recovery and Reinvestment Act of
  2009 strengthened the HIPAA Privacy, Security,
  and Enforcement Rules
• Certain aspects of the Privacy and Security Rules
  apply to the business associates of covered
  entities
• Individuals rights to access their information
  are expanded
• HIPAAs enforcement provisions are strengthened
  and expanded

28
Recommended EHR Security Features

• User-based and role-based security that restricts
  access to predefined categories of patients,
  encounters, and documents based on the access a
  user needs to perform his or her job
• VIP status indicators that restrict access to
  information from specially identified patients to
  those individuals with permission
• Ability to assign an alias to a patient or
  encounter to mask patient identity
• Ability to restrict patients from physicians who
  are not the physician of record (e.g.,
  attending, admitting, surgeon, and consulting)
• Ability to block access to a specific progress
  note or lab result
• Ability to track versioning or mask sensitive
  entries for release of information
• Detailed audit logs that record data access and
  data entry, with the ability to generate reports
  of actions performed by a specific user or for a
  specific patient

29
System Use

• Audit logs are beneficial for enhancing
  information security, but also can provide data
  about system use
• For example
• How many clinicians are using the system?
• What are peak times of system usage?
• How much time do clinicians spend on specific
  tasks, such as note-writing?

30
Who Reads Whose Notes?

• (Hripcsak et al., 2011).

31
System Performance

• EHRs should provide tools to assess system
  performance, including
• Database growth and response time
• Memory and processor utilization
• Experience of application users, such as
  measuring delays during screen transitions
• A mechanism for users to send feedback to system
  administrators

32
System Performance Monitoring Example

• (Corman, R., 2011).

33
System and Database Architecture in Commercial
EHRs Summary

• Defined EHR and EHR Architecture
• Discussed EHR hardware and software
• Relational Databases and Hypothetical Relational
  Database model
• Hypothetical Hierarchical Database
• Various Vendor Systems
• Privacy and Security
• System use and performance

34
System and Database Architecture in Commercial
EHRs References

• References
• AHIMA e-HIM Work Group on Security of Personal
  Health Information. "Ensuring Security of
  High-Risk Information in EHRs" Journal of AHIMA
  79, no.9 (September 2008) 67-71.
• Hripcsak et al. (2011). Use of electronic
  clinical documentation time spent and team
  interactions. J Am Med Inform Assoc. 2011
  Mar-Apr18(2)112-7.
• Corman, R. (2011). Prototype dashboard for
  real-time monitoring of EHR system use and
  performance. Corman Technologies, INC. Santa
  Rosa, CA. http//www.cormtech.com/examples.html
• Electronic health records for the primary care
  providers. (2007). The New York City Department
  of Mental Hygiene City Health Information,
  vol.26(1), p.1-6. Retrieved on August 25th, 2011
  from http//www.nyc.gov/html/doh/downloads/pdf/ch
  i/chi26-1.pdf
• Pricing structure (2011). Retrieved from
  eClinicalWorks on August 25th, 2011 from
  http//www.eclinicalworks.com/products-pricing.htm
  .
• Summary of HIPAA Security Rules. Retrieved from
  U.S Department of Health and Human Services
  Health Information Privacy on August 25th, 2011.
• Notice of Proposed Rulemaking to Implement HITECH
  Act Modifications. Retrieved from U.S Department
  of Health and Human Services Health Information
  Privacy on August 25th, 2011. http//www.hhs.gov/o
  cr/privacy/hipaa/understanding/coveredentities/hit
  echnprm.html

35
System and Database Architecture in Commercial
EHRs References

• Images
• Slide 4 Vawdrey, D. (2011). Sample EHR
  architecture. Department of Biomedical
  Informatics, Columbia University Medical Center.
• Slide 7 Vawdrey, D. (2011). Example of EHR
  hardware configuration. Department of Biomedical
  Informatics, Columbia University Medical Center.
• Slide 11 Vawdrey, D. (2011). Hypothetical
  Relational Database Model. Department of
  Biomedical Informatics, Columbia University
  Medical Center.
• Slide 13 Vawdrey, D. (2011). Hypothetical
  Relational Database Model. Department of
  Biomedical Informatics, Columbia University
  Medical Center.
• Slide 15 HiMSS online buyers guide (2011).
  Retrieved from Health Information and Management
  Systems Society on August 23, 2011
  http//onlinebuyersguide.himss.org/
• Slide 16 Retrieved from KLAS on August 23, 2011.
  http//www.klasresearch.com
• Slide 19 EpicCare impatient EMR-KLAS Performance
  Ratings. (2011). Retrieved from KLAS on August
  23, 2011, http//www.klasresearch.com/Vendors/Onli
  nePerformanceRatings.aspx
• Slide 21 Eclipsys Sunrise Clinical Manager KLAS
  performance ratings. (2011). Retrieved from KLAS
  on August 23, 2011, http//www.klasresearch.com/Ve
  ndors/OnlinePerformanceRatings.aspx
• Slide 22 QuadraMed CPR KLAS Performance
  Ratings. (2011). Retrieved from KLAS on August
  23, 2011, http//www.klasresearch.com/Vendors/Onli
  nePerformanceRatings.aspx.
• Slide 23 NextGen EMR KLAS Performance Ratings.
  (2011). Retrieved from KLAS on August 23, 2011,
  http//www.klasresearch.com/Vendors/OnlinePerforma
  nceRatings.aspx