CHAPTER 9: Human–Computer ● Human factors is a discipline that

Interaction (Gregory L. Alexander) optimizes relationships between

technology and humans (Kantowitz
OBJECTIVES: & Sorkin,1983; McCormick &
Sanders, 1982)
1. Recognize theoretical underpinnings for
Human–Computer Interaction.

2. Discuss Human–Computer Interaction

● The field of human factors seeks to
principles.
enhance interpersonal interactions.
3. Apply the use of Human–Computer between humans and technology.
Interaction principles to a healthcare model Due to human considerations been
called Aging in Place. described in various ways by various
specialists (seeTable 9.1).
4. Propose how the application of
Human–Computer Interaction principles can
improve nurse and patient outcomes in
healthcare.
● Experts on human aspects try to in
INTRODUCTION: healthcare to knowing how people
Human–Computer Interaction (HCI) is interact and what tools they employ
defined as the field of study that focuses on (i.e., computers), settings (such as
optimizing how users and computers homes and offices), and activities
interact by designing interactive computer and how they function.
interfaces that satisfy users’ needs. It is
broadly defined as an intellectually rich and
highly impactful phenomenon influenced by ● The objective of a human factors
four disciplines: strategy in nurse-led technologies
are designed to enhance
(1) Human Factors/ Ergonomics, interactions between nurses and the
(2) Information Systems, equipment they employ reduces
(3) Computer Science, and mistake in their work, to promote
(4) Library and Information Science effectiveness, well-being, and
efficiency living conditions.

HUMAN FACTORS:

A BUILDING BLOCK FOR

HUMAN–COMPUTER INTERACTION
● HCI first originated in the 1980s
as an interdisciplinary area interactions, trust building, and human
responsibility.
embracing the principles of
computer scientists, cognitive
scientists, and experts in human
factors engineering, but it has USABILITY IN HCI
now developed into a science
·Usability evaluation determines the
incorporating concepts and
extent that a technology is easy and
methods from several other
pleasurable to use by determining if it is
disciplines.
well adapted to users, their tasks, and
that negative outcomes are minimized
as a result of use
● HCI critics argue that current
definitions do not reflect ● Usability is inherently
ubiquitous, pervasive, social, measureable in all electronic
embedded, and invisible technologies
user-oriented technologies. They ● Usability evaluation determines if
want to move beyond computer
an interactive system is usable,
use to emphasize other
components of HCI, such as user ● if a system is usable, then
experience, interaction design, usability evaluation can
emotional impact, aesthetics, determine the extent of usability
social engagement, empathetic using hardy usability metrics
 ● usability evaluation is an satisfaction in a specified context
accessible form of analysis of use”. The potential impacts of
well-designed usability studies for
medical devices are reduced user
errors and intensification of
METHODS
patient safety efforts.
Contextual Inquiry - contextual
Heuristics - This type of HCI
inquiry is qualitative in nature.
evaluation involves a small group
This methodology is derived from
of experts, who evaluate
ethnography, which focuses on
quantitatively how well a device
scientific descriptions and
meets established design
illustrations of social groups and
standards.
systems. Contextual inquiry is
usually conducted in the field Cognitive Walkthrough - is
using extensive, well-designed, conducted using expert
systematic observations to evaluators who are not
capture how people interact with necessarily part of the population
technology in real-world settings. of end users of a technological
device. It is task specific as
Cognitive Task Analysis - used
compared to heuristic evaluation,
to describe psychological
which provides a holistic view of
processes associated with the
the interface and system features
acquisition, organization, and use
of knowledge. Cognitive task Focus Groups - Focus groups
analysis used to evaluate task are an excellent method to
load has been used in healthcare cumulate rich qualitative
settings. These type of analyses descriptions of how people
are typically qualitative in nature interact with technological
and involve interactions with systems. These are low costs
“real” users to inform the design methodologies that require little
of new devices, which have overhead to conduct, but can
usability outcomes already provide a significant amount of
established information about usefulness of
technologies, system processes,
Usability Tests - The
and satisfaction of people using
International Organization for
technology. Usually conducted in
Standardization’s definition of
a controlled environment to avoid
usability is “The extent to which a
distraction, such as a conference
product can be used by specified
room
users to achieve specified goals
with effectiveness, efficiency, and
 Delphi Technique - The Delphi medical science, and engage consumers as
technique is used to gain active participants in their own health.
consensus from experts on a
subject. This method uses U.S Health Information
Technology for Economic and Clinical
multiple rounds of data collection
Health (HITECH) Act in 2009 enacted part
from experts, with each round
of American Recovery and Reinvestment
using data from previous rounds. Act (USC, 2009) provided major structural
The questions posed focus on changes; funding for research, technical
the opinions, forecasts, and support, and training; and financial
judgments of experts on a incentives designed to significantly expedite
specific topic.8 and accelerate this transformation.

The HITECH Act

- Codified the Office of National
OUTCOMES IN HCI Coordinator (ONC) for Health
Information Technology (HIT) -
Traditional outcomes associated with responsible for developing
HCI methods are efficiency, nationwide infrastructure facilitating
effectiveness, and satisfaction, which, the use and exchange of electronic
as stated, are highly related to how health information (policy, standards,
usable a piece of technology is. These implementation, specifications, and
outcomes have been a long-standing, certification criteria); key to
central feature of HCI for many years. improving quality, safety, and
efficiency of the healthcare system.
- Recognized that as more health
CHAPTER 10: Trustworthy Systems For information was recorded and
Safe and Private Healthcare exchanged electronically to
INTRODUCTION: coordinate care, monitor quality,
measure outcomes, and report
The healthcare industry is in the public threats, the risks to personal
midst of a dramatic transformation that is privacy and patient safety.
changing everything from frustrating and This recognition is reflected
costly administrative inefficiencies to how in the fact that four of the eight areas
conditions are diagnosed and treated, to the HITECH Act identified as
how biomedical science advances. This priorities for the ONC (address risks
transformation is driven by a number of to individual privacy and information
factors, the exposure of care-related, security):
patient-safety problems; advances in 1. Technologies that protect the
genomics “big data” analytics; and an aging, privacy of health information
socially networked population that expects and promote security in
the healthcare industry to effectively qualified electronic health
leverage information technology to manage record (EHR), including
costs, improve health outcomes, advance segmentation and protection
 from disclosure of specific Health Insurance Portability and
and sensitive individually Accountability Act (HIPAA) Security
identifiable health and Privacy rules since the rules
information, with the goal of became law (USC, 2013)
minimizing the reluctance of
patients to seek care (or MAINTAINING TRUST, DESPITE
disclose information about a INCREASING RISK
condition) because of privacy As noted by former National
concerns, in accordance with Coordinator David Blumenthal, MD,
applicable law, and for the MPP, “Information is the lifeblood of
use and disclosure of limited modern medicine. Health information
data sets of such information. technology is destined to be its
2. A nationwide HIT circulatory system. Without that
infrastructure that allows for system, neither individual physicians
the electronic use and nor healthcare institutions can
accurate exchange of health perform their best or deliver the
information. highest-quality care”. (Blumenthal,
3. Technologies that as a part of 2009, p.382) One step further, at the
a qualified EHR allow for an heart of modern medicine lies “trust”.
accounting of disclosures Caregivers must trust that the
made by a covered entity (as technology and information they
defined by the Health need will be available when they are
Insurance Portability and needed at the point of care; trust that
Accountability Act, HIPAA of the information in the patient's EHR
1996) for purposes of is accurate and complete and that it
treatment, payment, and has not been accidentally or
healthcare operations. intentionally corrupted, modified or
4. Technologies that allow destroyed. Consumers must trust
individually identifiable health that their caregivers will keep their
information to be rendered most private health information
unusable, unreadable, or confidential and will disclose and
indecipherable to use it only to the extent necessary
unauthorized individuals and in ways that are legal, ethical
when such information is and authorized consistent with
transmitted in the nationwide individuals’ personal expectations
health information network or and preferences, above all else,
physically transported consumers must trust their
outside the secured, physical caregivers and the technology they
perimeter of a healthcare use will “do no harm”.
provider, health plan,or Nursing profession is firmly
healthcare clearinghouse grounded in a tradition of ethics,
(ARRA, 2009, pp. 120-121) patient advocacy, care quality, and
The HITECH ACT resulted in most human safety. The registered nurse
significant amendments to the is well indoctrinated on clinical
practice that respects personal continuously monitor a patient’s
privacy and that protects confidential condition remotely, without requiring
information and life-critical to leave their home, or to align
information services. treatments with outcomes-based
The American Nurses protocols and decision-support rules
Associations (ANA’s) Code of Ethics personalized according to the
for Nurses with Interpretive patient’s condition, family history,
Statements includes a commitment and genetics, all are enabled
to “promote, advocate for, and strive through HIT.
to protect the health, safety, and HIT assumes a greater role
rights of the patient” (ANA, 2001, in the provision of care and in health
Provision 3) care decision-making, the nurse
The International Council of increasingly must trust HIT to
Nurses (ICN) Code of Ethics for provide timely access to accurate
Nurses affirms that the nurse “holds and complete health information and
in confidence personal information” support for decision-making, while
and “ensures that use of ensuring that individual privacy is
technology…(is) compatible with the continuously protected.
safety, dignity and rights of people”, Legal and ethical obligations,
(ICN, 2000 p.2) as well as consumer expectations,
Fulfilling these ethical drive requirements for assurance
obligations is the individual that data and applications will be
responsibility of each nurse, who available when they are needed; that
must trust that the information data will not be modified or
technology relied upon will help and destroyed other than as authorized;
not harm patients and will protect that systems will be responsive and
their private information. usable; performed health-critical
Recording, storing, using and functions will do so safely.
exchanging information The Markle Foundation’s
electronically do indeed introduce Connecting for Health identified
new risks. As anyone who has used privacy and security as a technology
email or texting knows, very little principle fundamental to trust: “All
effort is required to instantaneously health informations exchange,
send information to millions of including in support of the delivery of
people throughout the world. The care and the conduct in an
nefarious “spyware”, “viruses”, and environment of trust, based on
“trojan horses” skulk around the conformance with appropriate
internet and insert themselves into requirements for patient privacy,
our gadgets and capture our security, confidentiality, integrity,
passwords, identities and credit audit and informed consent” (Markle,
numbers. 2006. Privacy and Security)
The capability to receive
laboratory results within seconds SECURITY AND PRIVACY
after a tests is performed to
 Many people think of patient's private data. Malware
“security” and “privacy” as written to target a specific medical
synonymous. device could result in even more dire
Security, protect personal consequences. Recognizing the
privacy by assuring that confidential safety risks posed by malware. Food
personal information is accessible and Drug Administration (FDA) in
only by authorized individuals and 2013 began warning device
entities. manufacturers that their devices
Privacy is more than security were at risk of being infected by
and security is more than privacy. malware that could endanger
The ONC developed a patients. FDa recommended that
Nationwide Privacy and Security manufacturers seeking approval for
Framework for Electronic exchange their devices submit security plans to
of Individually Identifiable Health counter the malware threat and
Information that identified eight cybersecurity attacks.
principles intended to guide the Systems, networks, and
actions of all people and entities software applications as well as the
(ONC, 2008) enterprises within which they are
Essentially articulate the used, are highly complex, and the
“rights” of individuals. Whereas, inly safe assumption is that “things
privacy has to do with individual will go wrong”. Trustworthiness is an
rights, security deals with protection. essential attribute and people used
Security mechanisms and assurance to manage individuals’ personal
methods are used for the health information and to help
confidentiality and authenticity of provide safe, high-quality healthcare
information, the integrity of data and
the availability of information and HIT TRUST FRAMEWORK
services, to provide an accurate Trustworthiness can never be
record of activities and access to achieved by implementing a few
information. While these policies and procedures, and some
mechanisms and methods are security technology. Protecting
critical to protecting personal sensitive and safety-critical health
privacy, they are also essential in information and assuring that the
protecting patients safety and care systems, services and information
quality - and in engendering trust in that nurses rely upon to deliver
electronic systems and information. quality care are available when they
are needed require a complete HIT
trust framework that starts with an
objective assessment of risk and
WHEN THINGS GO WRONG that is conscientiously applied
Infections from malware throughout the development and
commonly seen in the wild are most implementation of policies,
likely to cause a degradation of operational procedures and security
system performance or to expose a safeguards built on a solid system.
 Trust framework comprises Security risk, probability that
seven layers of protection, each of a threat will exploit a vulnerability to
which is dependent upon the layers expose confidential information,
and all of which must work together corrupt or destroy data, or interrupt
to provide a trustworthy HIT or deny essential information
environment for healthcare delivery; services.
does not dictate, it may be If that risk could result in the
implemented within a single or unauthorized disclosure of an
across multiple sites, and may individual's private health information
comprise enterprise, mobile and or comprise of an individuals identity,
cloud components. it represents privacy risks; IF the risk
could result in the corruption of
LAYER 1: RISK MANAGEMENT clinical data or an interruption in the
Risk management, availability of a safety-critical
foundation of the HIT trust system, causing human harm or the
framework. loss of life, safety risk.
Objective Risk Information security, widely
Assessment, informs viewed as the protection of
decision-making and positions the information confidentiality, data
organization to correct those integrity and service availability.
physical, operational and Safety, associated with
technical deficiencies that pose protective measures for data
the highest risk to information assets integrity and the availability of
within the enterprise; put into place life-critical information and services
protections that will enable the while Privacy, linked to
organization to manage the residual confidentiality protections.
risk and liability. The unauthorized exposure
Patient’s safety, individual of private health informations, or
privacy, and information security all corruption of one’s personal EHR as
relate to “Risk”, “bad thing”. a result of an identity theft,
Risk, comprise relevant (Individual’s health and safety at
threats, vulnerabilities and valued risk)
assets. Risk management - ongoing,
Threats can be natural individualized discipline wherein
occurrences or malicious people and each individual or organization
software programs. examines its own threats,
Vulnerabilities, present in vulnerabilities and valued assets and
facilities (hardware, workforces, decides for itself how to deal with
electronic data) identified risks - whether to reduce
Valued Assets can be or eliminate, counter with protective
anything from reputation to business measures or prepare them for
infrastructures to information to consequences.
human lives.
 LAYER 2: INFORMATION HIT Information assurance policy,
ASSURANCE POLICY provides foundation for the development
The risk management and implementation of physical, operational,
strategy, identify what risks need to and security technology safeguards.
be addressed through an information Nursing professionals provide
assurance policy that governs valuable insights, recommendations and
operations, information technology advocacy in the formulation of information
and individual behavior, assurance policy within organizations where
Information Assurance they practice.
Policy, rules that guide
organizational decision-making and LEVEL 3: PHYSICAL SAFEGUARDS
that define behavioral expectations Physically safeguarding health
and sanctions for unacceptable information and the information technology -
actions; enforced to protect used to collect, store, retrieve,
organization’s valued information analyze, and exchange health data;
assets from identified risks to essential to assuring that information
confidentiality, data integrity and needed at the point and time of care is
service availability. . available, trustworthy and usable in
Policy defines rules for providing quality healthcare; protect assets
protecting individual private in accordance with the informations
information, for securing all assurance policy.
confidential information and Electronic signals representing
providing choice and transparency health information are not themselves
with respect to how an individual's “physical”, the facilities within which data
health information is used and are generated, stored, retrieved, displayed
shared. and used; the media on which data are
The privacy protections of recorded; the information system hardware
individuals and security protections of health used to process, access and display data,
information vary depending on who is and the communication equipment used to
holding the information and the state in transmit and route the data.
which they are located (Pritts, Choy, The HIPAA Security Rule prescribes
Emmart & Hustead, 2002). four standards for physically safeguarding
The Policy that confifies the nurse’s electronic health informations:
obligation to protect patients privacy and - Facility-access controls
safety is embodied in the ICN COde of - Workstation used policies and
Ethics for Nurses (ICN, 2000): procedures.
1. The nurse holds in confidence personal - Workstation security measures
information and uses judgment in sharing - Device and media controls
this information.
2. The nurse takes appropriate action to The lives and well-being of the
safeguard individuals whose care is patients is central to the rules and
endangered by a co-worker or any other responsibilities of nurses. Protecting
groups patients requires the physical protection of
the media on which their health data are
recorded, devices, systems, networks,and Business Agreements. Business
facilities involved in data collection, use, agreements help manage risk and bound
storage and disposal. liability, clarify responsibilities and
expectations, and define processes for
Layer 4: OPERATIONAL SAFEGUARDS addressing disputes among parties.

Operational safeguards are processes, Configuration Management. Configuration

procedures, and practices that govern the management refers to processes and
creation, handling, usage, and sharing of procedures for maintaining an accurate and
health information in accordance with the consistent accounting of the physical and
information assurance policy. functional attributes of a system throughout
its life cycle. From an information assurance
Security Operations Management. HIPAA perspective, configuration management is
regulations require that each healthcare the process of controlling and documenting
organization designate a “security official” modifications to the hardware, firmware,
and a “privacy official” to be responsible for software, and documentation involved in the
developing and implementing security and protection of information assets.
privacy policies and procedures. The
management of services relating to the Identity Management and Authorization.
protection of health information and patient Identity management begins with
privacy touches every function within a verification of the identity of each individual
healthcare organization. before creating a system account for him.
This process, called “identity proofing”,
Awareness and Training. One of the most may require the person to present one or
valuable actions a healthcare organization more government-issued documents
can take to maintain public trust is to containing the individual’s photograph, such
inculcate a culture of safety, privacy, and as driver license or passport. Once identity
security. If every person employed by, or has been positively established, one or
associated with, an organization feels more system accounts are created, giving
individually responsible for protecting the the individual the access rights and
confidentiality, integrity, and availability of privileges essential to performing his
health information, and the privacy and assigned duties, and a means of
safety of patients, the risk for that “authenticating” this identity when the
organization will be vastly reduced. individual attempts to access resources is
Recognition of the value of workforce assigned.
training is reflected in the fact that the
HIPAA Security and Privacy Rules require Consent Management. Obtaining an
training in security and privacy, respectively, individual’s consent prior to taking any
for all members of the workforce. Formal actions that involve her physical body or
privacy and security training should be personal information is fundamental to
required to be completed at least annually, respecting her right to privacy, and a
augmented by simple and frequent profusion of state and federal laws set forth
reminders. requirements for protecting and enforcing
this right. Medical ethics and state laws
require that providers obtain a patient’s penalties for sanctioning entities that fail to
“informed consent” before delivering comply with the privacy and security
medical care, or administering diagnostic provisions. Organizations must implement
tests or treatment. appropriate sanctions to penalize workforce
members who fail to comply with privacy
System Activity Review. One of the most and security policies and procedures.
effective means of detecting potential
misuse and abuse of privileges is by Evaluation. Periodic, objective evaluation
regularly reviewing records of information of the operational and technical safeguards
system activity, such as audit logs, facility in place helps measure the effectiveness, or
access reports, security incident tracking “outcomes,” of the security management
reports, and accountings of disclosures. program.

Continuity of Operations. Unexpected Layer 5: ARCHITECTURAL

events, both natural and human-produced, SAFEGUARDS
do happen, and when they do, it is
important that critical health services can A system’s architecture comprises its
continue to be provided. As healthcare individual hardware and software
organizations become increasingly components, the relationships among them,
dependent on electronic health information their relationship with the environment, and
and information systems, the need to plan the principles that govern the system’s
for unexpected events, and to develop design and evolution over time.
operational procedures that will enable the
organization to continue to function, Scalability. As more health information is
becomes more urgent. recorded, stored, used, and exchanged
electronically, systems and networks must
Incident Procedures. Awareness and be able to deal with that growth.
training should include a clear explanation
of what an individual should do if she Reliability. Reliability is the ability of a
suspects a security incident, such as a system or component to perform its
malicious code infiltration or specified functions consistently, over a
denial-of-service attack or a breach of specified period of time—an essential
confidential information. Organizations need attribute of trustworthiness.
to plan their response to an incident report,
including procedures for investigating and Safety. Safety-critical components,
resolving the incident, notifying individuals software, and systems should be designed
whose health information may have been so that if they fail, the failure will not cause
exposed as a result of the incident, and people to be physically harmed. Note that
penalizing parties responsible for the fail-safe design may indicate that, under
incident. certain circumstances, a component should
be shut down, or forced to violate its
Sanctions. The HIPAA law (USC, 1996), as functional specification, to avoid harming
amended by the HITECH Act (USC, 2009), someone. So the interrelationships among
prescribes severe civil and criminal redundancy and failover, reliability, and
fail-safe design are complex, yet critical to and software applications are able to use all
patient safety. of and only the resources (e.g., computers,
networks, applications, services, data files,
Interoperability. Interoperability is the information) that they are authorized to use
ability of systems and system components and only within the constraints of the
to work together. To exchange health authorization.
information effectively, healthcare systems
must interoperate not only at the technical Audit Controls. Security audit controls
level, but also at the syntactic and semantic collect and record information about
levels. security-relevant events within a systems
component or across a network.
Availability. Required services and
information must be available and usable Data Integrity. Data integrity services
when they are needed. Availability is provide assurance that electronic data have
measured as the proportion of time a not been modified or destroyed except as
system is in a functioning condition. authorized.

Simplicity. Safe, secure architectures are Non-Repudiation. Sometimes the need

designed to minimize complexity. arises to assure not only that data have not
been modified inappropriately but also that
Process Isolation. Process isolation refers the data are in fact from an authentic
to the extent to which processes running on source.
the same system at different trust levels,
virtual machines (VMs) running on the same Encryption. Encryption is simply the
hardware, or applications running on the process of obfuscating information by
same computer or tablet are kept separate. running the data representing that
information through an algorithm
Layer 6: SECURITY TECHNOLOGY (sometimes called a “cipher”) to make it
SAFEGUARDS unreadable until the data are encrypted by
someone possessing the proper encryption
Security technology safeguards are “key.”
software and hardware services specifically
designed to perform security-related Malicious Software Protection. Malicious
functions. software, also called “malware,” is any
software program designed to infiltrate a
Person and Entity Authentication. The system without the user’s permission, with
identity of each entity, whether it be a the intent to damage or disrupt operations,
person or a software entity, must be clearly or to use resources to which the miscreant
established before that entity is allowed to is not authorized access.
access protected systems, applications, and
data. Transmission Security. Sensitive and
safety-critical electronic data that are
Access Control. Access-control services transmitted over vulnerable networks, such
help assure that people, computer systems,
as the Internet, must be protected against ● Vital Signs
unauthorized disclosure and modification. ● Past Medical History
● Immunizations
Layer 7: USABILITY FEATURES ● Laboratory Data
● Radiology Reports
The top layer of the trust framework
includes services that make life easier for CURRENT LANDSCAPE
users. The government has become one of
the largest payers of healthcare. As the
Single Sign-On. “Single sign-on” often is costs of healthcare increase, both the U.S.
referred to as a security “service,” but in fact population as well as the U.S. government
it is a usability service that makes have become more critical of payer-based
authentication services more palatable. health systems.

Identity Federation. Is a system of trust Four factors impacting healthcare

between two parties for the purpose of payments and hospital information systems
authenticating users and conveying implementations are the;
information needed to authorize their
● Evolution of Evidenced-Based
access to resources.
Healthcare/Medicine
● Federal Meaningful Use
CHAPTER 11: System Life Cycle: Requirements Set Forth in the
Framework HITECH Act of 2009
● Cost of Technology
OVERVIEW ● Use of Project Management
In the past, clinical systems Principles
implementation projects were considered
successful when implemented on time and Evidenced-Based Medicine (EBM)
within budget. Later, the concepts of Both the Cochrane Collaboration
end-user perceptions determining project and the Centre for Evidence Based
success in conjunction with streamlining Medicine have adopted the definition of
clinician workflow layered clinical systems EBM as “...the conscientious, explicit, and
projects with additional success criteria. judicious use of current best evidence in
making decisions about the care of
ELECTRONIC HEALTH RECORD individual patients” (Sachett, Rosenberg,
The Electronic Health Record (EHR) Gray, Haynes, & Richardson, 1996)
is a longitudinal electronic record of patient
health information generated by one or ● Federal Initiative - HITECH Act 2009
more encounters in any delivery setting. ● Technology: Cost, Benefit, and Risk

● Patient Demographics Project Management

● Progress Notes With roots in the construction
● Problems industry, a significant body of knowledge in
● Medications the area of planning and tracking
large-scale projects has evolved. The
Project Management Institute (PMI) has Governance Structure and Project Stuff
become the central and certifying The clinical leadership of an
organization for project management organization is highly involved in the
professionals. establishment of an EHR committee
structure. The organization’s strategic goals
(1) Project Management Plan (PMP) and priorities must be reviewed and
(2) Information Technology (IT) considered. The informatics nurse and
(3) Project Workplan (PMI, 2014) information systems management team
provide oversight; however, committees
SYSTEM LIFE CYCLE work to develop the structure and
The System Life Cycle is defined by participate to best guarantee the success of
the major components of the project.
(a) Planning
(b) Analysis Steering Committee
(c) Design, Develop, and Customize Before an EHR is developed or
(d) Implement, Evaluate, Support, and selected, the organiza- tion must appoint an
Maintain EHR steering committee. The EHR steering
committee, composed of internal and
The SLC phases use a problem-solving, external stakeholders, is charged with
scientific approach. providing oversight guidance to the
(1) Planning Phase - Current State selection and integration of the
(2) Analysis Phase - Future State organization’s strategic goals relative to the
(3) DD&C - Plan to meet requirements EHR requirements.
(4) IES&M - Assures the system is
sustainable after implementation Project Team
The project team is led by an
PLANNING PHASE appointed project manager (often the Nurse
The planning phase of the project Informaticist) and includes a designated
begins once an organization has team leader for each of the major
determined an existing requirement may be departments affected by the system
filled or solved by the development or selection, implementation, or upgrade
implementation of an EHR or application. proposed.

The key documents created in the The Objectives of the project team;
Planning Phase are the following: (1) understand the technology and
• Project Governance Structure technology restric- tions of the proposed
• Gap Analysis system, (2) understand the impact of
• Feasibility Study intradepartmental EHR decisions, (3) make
• Project Scope Document EHR decisions at the interdepartmental
• Development of a high-level work plan and level, and (4) become the key resource for
resource requirements their application.
Departmental teams Definition of the Project’s Purpose
The charge of the departmental The project definition includes a
teams is; description of how the system will be
evaluated.
(1) to thoroughly understand the
department’s information requirements and Feasibility Study
workflow. A feasibility study is a preliminary
(2) to gain a full understanding of the analysis to determine if the proposed
software’s features and functions. problem can be solved by the
(3) to complete a gap analysis for the new implementation of an EHR or component
system’s capabilities with the depart- ment’s application.
requirements
(4) to assist in the system testing effort. Statement of the Objective
(5) to participate in developing and The first step in conducting a
conducting end-user education. feasibility study is to state the objectives for
(6) to provide a high level of sup- port during the proposed system. These objectives
the initial activation period of the new constitute the purpose(s) of the system.
system.
Environmental Assessment
DEVELOP PROJECT SCOPE The project is defined in terms of the
During the planning phase, the support it provides to both the mission and
problem statement and goals of the the strategic plans of the organization.
implementation are defined, committee
struc- tures established, and the Scope
organization’s requirements are defined for The scope of the proposed system
selecting, implementing, or upgrading an establishes system constraints and outlines
EHR or application, including the what the proposed system will and will not
implications for regu- latory compliance for produce.
safe and quality clinical practice.
Timeline
The planning phase involves the A project timeline is developed
following tasks: providing an overview of the key milestone
● Definition of committee structure events of the project.
● Definition of requirements and/or
stated goal Recommendations
● Feasibility study Committees may lose sight of the
● Gap analysis fact that not all projects are beneficial to the
● Documentation and negotiation of strategic mission of the organization. A
project scope document decision can be made not only to proceed
● Development of a high-level work but also not to proceed with a project.
plan
 review the requirements for EHR software
Documentation and Negotiation of a to run efficiently.
Project Scope Document
A project scope document is drafted Determination of Information Needs
by the project team and submitted to the A needs assessment outlines the
project’s steering committee for acceptance. high-level information required by
multidisciplinary users.
Resource Planning
An important step in the planning Workflow Document
phase is to deter- mine what resources are The workflow document assimilates
required to successfully carry out the the data collected into logical sequencing of
agreed upon project scope. functions/tasks performed by the end users
for each goal or problem area.
ANALYSIS PHASE
The system analysis phase, the Functional Design Document
second SLC phase of devel- oping an EHR, The functional design document is
is the fact-finding phase. the overview statement of how the new
system will work. It uses the workflow
The Key documents created in this documents as its base, adding the critical
phase are the following: documentation of the integration of each of
● Gap Analysis the workflow documents to create a new
● Technical requirements for system, implement a commercial software
hardware, software,networks application, or upgrade a system.
● Functional Design Document
● System Proposal Document Data Analysis
The analysis of the collected data is
Data Collection the second step in the analysis phase. The
The collection of data reflecting the analysis provides the data for the
existing problem or goal is the first step in development of an overview of the clinical
the system analysis phase. As a result of requirements and/or stated goal defined in
thorough data collection, refinements to the the project scope agreement.
project scope agreement may occur.
Data Review
Gap Analysis The third step in the analysis phase
Often referred to as a Gap Analysis, is to review the data collected in the
the comparison provides the project team feasibility study, the workflow documents,
with a list of features and functions desired and the functional specification and provide
but not immediately available in the new recommen- dations to the project steering
system/application. committee for the new system.

Technical Analysis Benefits Identification

A review of the project’s technical The overall anticipated benefits from
requirements is con- ducted in the Analysis the system are documented in the fourth
Phase. Trained/certified technical personnel step in the system analysis process.
System Proposal Development work in concert with technology and
The final document created in the end-user needs and to assist in the
system analysis stage is a system proposal development of the implementation plan.
document. The proposal is submitted to the
project’s steering committee for review and Hardware
approval. In the case of new software
development, the technical project manager
SYSTEM DESIGN, DEVELOPMENT, AND ensures the new software uses the best
CUSTOMIZATION PHASE technology platform available. The ability to
In this phase, the design details to operate the new application on multiple
develop the system and the detailed plans hardware platforms is often desired.
for implementing and evaluating the system Technical specifications describing the
evolve for both the functional and the recommended equipment are developed
technical components. and tested in the development laboratory.

There are multiple project Peripheral Device Plan

documents created in this phase: Knowledge of the many clinical
● Gap Analysis workflows is an important component of the
● Functional specifications Peripheral Device Plan. There are now
● Technical specifications many types of devices available to clinicians
● Implementation Work Plan to support their daily workflow.
containing detailed plans specific to
- Hardware and Peripheral Devices Networks
- Interfaces Proliferation of Web-based
- Conversions applications and reference/search engines
- Testing in addition to the locally based EHR
- End-User Training necessitates a thorough review of the
- Cut Over Plan current and anticipated volume of
- Go Live Plan transactions (financial and clinical) and high
● Post-Live Evaluation Reports utilization times for accessing the EHR.

System Design Application Software

The project teams receive The project’s technical manager is
application training often directly from the responsible for establishing the technical
vendor. In some cases a limited number of specifications outlining the operational
team members attend training with the requirements for the new system. The
expectation they will train other team specifications detail the procedures required
members. to maintain the application software on a
daily, weekly, and monthly basis.
Technical Specifications
In the system design phase, Interface Applications
technical personnel work closely with the An interface system defines those
project and departmental teams to ensure programs and processes required to
the components of the proposed system transmit data between disparate systems.
The project’s technical manager coordinates Request for Proposal (RFP)/Request
all interfacing activities for the new for Information (RFI)
application. The creation of a Request for
Information (RFI) document is sent to
LEGACY SYSTEMS DATA selected vendors indicating the
CONVERSIONS organization’s interest in gaining knowledge
The conversion of data from legacy about the vendor’s products. At a high level,
systems to a new system is a major area of the key features desired for the new system
coordination for the project’s technical are listed.
manager. Most hospitals currently use
automated registration and billing systems; Communications Plan
determining the conversion requirements Healthcare systems or applications
and developing and testing the conversion often affect more than one department.
programs are critical steps in implementing Results from a laboratory system are
a new system or application. reviewed by clinicians; the pharmacy
system utilizes
Development creatine results to adjust medication
Multiple plans are developed during dosages for renal impaired patients.
this portion of the Design, Develop, Documented nursing observations (e.g.,
Implement, and Evaluate Phase. The wounds, catheters, psychosocial
detailed implementation workplan assessments) are utilized by case
encompasses the multiple plans targeting management, providers, and insurance
specific aspects of the EHR. companies.

At a minimum the following focused Policies and Procedures

plans are required: Reviews of policies and procedures
● Communications Plan are conducted, revisions reflecting changes
● Hardware and Peripheral Devices being implemented with the new
plan system/application workflows. It is advisable
● Interface plan to complete the policy reviews and complete
● Conversion plan procedure revisions prior to the start of
● Testing plan end-user training.
● End-User Training plan
Workflow, Dictionaries, and Profiles
System Selection In this portion of the phase, project
In the instance where commercially team members review data requirements
available software is being considered, the and workflow previously documented. Data
key documents completed in earlier phases dictionaries and profiles are populated with
assist in beginning the system selection entries to established desired new system
process. The task of selecting a new system workflow.
becomes more objective as a result of the
thoughtful evaluation for the functional Testing
specification and design document. The system, whether newly
developed or commercially available, must
be tested to ensure all data are processed organization, the old system is
correctly and the desired outputs are stopped, and all units departments
generated. begin processing on the newly
installed system.
IMPLEMENT, EVALUATE, MAINTAIN AND
SUPPORT PHASE Evaluation Post-Live, 'The important tasks
of Evaluation are:
System Documentation ● Collection of post-live success
The preparation of documents to Criteria
describe the system for all users is an ● Completion of a System/Project
ongoing activity, with development of the Evaluation including the results of
documentation occurring as the various the Success Criteria
system phases and steps are completed. ● Transitioning end-user support from
Documentation should begin with the final the Command Center to the Help
system proposal, several manuals are Desk
prepared: a user's manual, a reference ● Closure of the project
manual, and an operators maintenance
manual. Daily Support Operations
Daily support operations begin
Implementation-GO Live during the Go Live period. "Help Desk”
Implementation encompasses the functions for recording and tracking end
Cut Over plan (data driven) and the user calls/tasks for help are often managed
Implementation plan for the facility to by the Go Live team in the Command
continue to operate (people/processes) Center during the first one to three weeks
during this period. Staffing, patient care post-live. Daily meetings/huddles are held
delivery, and support of the end user during with the Go Live team and IT Help Desk
the "Go Live” period are detailed within the staff to review both type and frequency of
"Go Live" plan. problems encountered by the end users.

Sample Cutover Plan Ongoing Maintenance

Four activation approaches are possible: The technical manager reviews
requirements for networks, servers,
1. Parallel - the new system runs hardware, and certain software concerns.
parallel with the existing system until Commercial software companies continue
users can adjust. to provide upgrades and updates to their
2. Pilot - a few departments or units try systems/applications. Ongoing review of
out the new system to see how it new features and functions, federal and
works and then help other units or state requirements, and insurance and
departments to use it. billing requirements occur. Nursing
3. Phased-in - the system is Informatics personnel must bridge the
implemented by one unit or support of the basic system requirements
department at a time. with the fast paced release of new
4. Big Bang Theory - a cutover date technologies used in patient care.
and time are established for the
 Chapter 12: System and aspect of the quality assurance
process.
Functional Testing
❖ TEST PLANNING - it is a detailed
document that catalogs the test
Objectives
strategies, objectives, schedule,
● Differentiate testing and quality
estimation, deadlines, and resources
assurance.
required to complete the project.
● Differentiate testing types related to
➢ Requirement Analysis -
the system life cycle.
Users' needs are compared
● Describe testing
to documented requirements.
levels,methodologies,and tools.
➢ Ambiguity Reviews -
● Examine barriers and success
Identification of flaws,
factors related to testing.
omissions, and
● Discuss roles and skill sets of the
inconsistencies in
informatics nurse in system and
requirements and
functional testing.
specifications.
➢ Nonredundant Test Script
Introduction:
Design - All key functions
System and functional testing are
are tested only once in the
critical components of the system life cycle,
scripts.
whether the software or system is under
➢ Creation of Test Data - The
new development or is commercial
right kinds of test patients
off-the-shelf (COTS) software that is being
and data to test all functions.
configured for a customer’s specific needs.
➢ Problem Analysis - Defect
management includes
uncovering underlying
Difference between testing and quality
issues.
assurance
➢ Coverage Analysis - The
script will test all key
❖ Testing - is composed of activities
functions, and all non key
performed at various intervals during
nonfunctional components
the development process with the
and features.
overall goal of finding and fixing
errors.
❖ STANDARDS - involves the creation
❖ Quality Assurance- is utilized
and enforcement of testing
widely in the broader information
standards, process improvement
technology industry to help
activities related to QA, evaluation
guarantee that a product being
and appropriate use of automated
marketed is “fit for use”
testing tools and quality measures
(application effectiveness metrics to
3 ELEMENTS OF QUALITY ASSURANCE
the QA function itself.
PROCESS
TESTING MODELS AND
❖ TESTING - an indispensable tool,
METHODOLOGIES
but it represents the most reactive
 ❖ WATERFALL MODEL - it is clinician-to-clinician
characterized by relatively linear messaging, care plans, and
phases of design, development, and alerts and reminders based
testing. It sets distinct endpoints or on best care practices.
goals for each phase of Testing of the documentation
development. Those endpoints or features should, at minimum,
goals can't be revisited after their include the capture of clinical
completion. data and how the data are
❖ AGILE SOFTWARE displayed in the system.
DEVELOPMENT - characterized by ➢ System Outputs to test
nearly simultaneous design, build, include printing, faxing and
and testing. Extreme Programming clinical messaging. The
(XP) is a well-known Agile physical transmission is
Development life cycle model that tested to ensure that it gets
emphasizes end-user engagement. to the correct destination and
Agile focuses on keeping the includes all required data,
process lean and creating minimum formatted correctly, and
viable products (MVPs) that go inclusion of contact
through a number of iterations information in case a fax gets
before anything is final. Feedback is to the wrong recipient.
gathered and implemented ➢ Interface Testing includes
continually and in all, it is a much system modules, external
more dynamic process where systems, medical devices,
everyone is working together and file transfers. Interfaces
towards one goal. are tested for messaging and
➢ SCRUM - a project content, data transformation,
management method that and processing time.
accelerates communication ➢ Clinical System Testing
by all team members, includes links to third-party
including customers or end content for patient education,
users, throughout the project. clinical references and
peer-reviewed evidence,
SYSTEM ELEMENTS TO BE TESTED coding support systems, and
❖ Commonly tested clinical elements others. These links should be
include software functions or tested in every location to
components, software features, ensure that they work
interfaces, links, devices, reports, properly and bring the user to
screens, and user security and the right content.
access. ➢ Medical Device Interfaces
➢ Components and features include invasive and
include clinical noninvasive vital signs
documentation templates monitoring, oximetry, wired
and tools, order and results and wireless cardiac
management functions, monitoring, hemodynamic
 monitoring , ventilators, role-based tools, functions, and
infusion pump integration, views
urimetry monitoring, and ❖ Testing specifications are developed
other devices. that define format standards, identify
➢ Reports Testing should be features to be tested,
performed at multiple levels. cross-reference features to the
Reports testing includes the functional requirements, and break
formatting, accurate inclusion down the work into manageable
of required data, and also pieces.
comparing the source data to ❖ cc Testing requires scheduling many
the data in the reports. of the technical participants
Reports may be Static and discussed earlier for integrated
Dynamic. testing, plus others from the
➢ User security and access software, infrastructure, vendor, and
can make or break go live clinical and business areas.
success. User success is ❖ Testers want to test for failures.
designed to be role-based, Defects may include functions that
so that each user role has do not work as designed, workflow
specific functions and views issues that were not identified during
associated. Testing should requirements definition and workflow
also include what the person analysis, or unintended effects.
in that role should not be ❖ Defects are given priority.
able to perform, such as a ➢ Critical: Significant impact to
hospital registrar ordering patient safety, regulatory
medications. This is compliance, clinical workflow,
sometimes termed “negative or other aspects, for which
testing” no workaround is possible.
TESTING TYPES ➢ High: Significant impact to
❖ Testing types used vary based on workflow or training or other
where in the system life cycle testing aspect, for which the
is planned, and the degree of resolution effort or the
development or programming workaround is in itself a
involved. major effort and maybe a
❖ Testing approach defines “how”-the high risk.
techniques or types of testing, the ➢ Medium: Impact on workflow
entrance and exit criteria, defect or training is noteworthy but
management and tracking, feedback a reasonable workaround
loop with development, status and exists.
progress reporting , and perhaps ➢ Low: Impact on workflow or
most importantly, exceptionally training is minimal;
well-defined requirements as the workaround is not required.
foundational component.
❖ Multiple test user roles are needed ❖ Regression Testing ensures that
for testing to assure appropriate fixes implemented during the
 integration cycles did not break Challenges and barriers
something else.
❖ Acceptance testing allows users to ● Resources - liberating end users
validate that the system meets their from their regular work for testing
requirements, and is usually can prove difficulty, especially in
conducted using scripts that reflect understaffed nursing environments.
redesigned processes from the ● Time pressures and materials -
workflow analysis phase. time pressures constitute a universal
❖ User acceptance testing ideally barrier to sufficient testing.
occurs after successful integrated Extending a project timeline to
and regression testing cycles are accommodate additional testing
completed, and prior to the start of adds cost.
the training to avoid the risk of ● Inadequate script development-
changes that necessitate retraining. testing scripts for integrated testing
❖ Alpha and /or beta testing may be cycles are typically nonredundant,
scheduled when a software or and do not closely emulate a
system is newly developed, and both particular clinical workflow.
mimic real-world use.
➢ Alpha - testing is usually Roles and skillsets of Informatic nurse:
conducted in a simulated ● Informatic nurses can help make the
fashion case for sufficient testing by tying
➢ Beta - testing is more apt to testing outcomes back to the original
be conducted in a live project goals for adoption and care
setting. improvements, including:
➢ Quantification of costs of
❖ Usability and safety are valuable clinical adoption failures
barometers for evaluating testing ➢ Patient safety issues
success. ➢ Inability to meet efficiency,
❖ Usability testing ideally begins and effectiveness targets.
early in the design phase and is ● Informatics nurses can help develop
conducted throughout the system life and execute testing plans and
cycle, through optimization and scripts.
maintenance as well as during ● Informatics nurses play a valuable
implementation role in ensuring data validation
❖ Safety testing incorporates the across disparate systems.
people-, process-, technology-, ● Informatics nurses also bring value
environmental-, and through research.
organization-related issues identified
in the literature, with a focus on
provider order entry, clinical decision
support, and closed-loop bar
(bar-coded) medicat