PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free
download.
Health Information Management
Copyright 2022, Faulkner Information Services. All
Rights Reserved.
Docid: 00011371
Publication Date: 2202
Report Type: TUTORIAL
Preview
In the health industry, information comes in many forms – from digital
x-rays to handwritten notes. The handling of this information impacts
regulatory compliance, budgets, clinical outcomes, and other key metrics
for organizational performance. Making health information management a
cross-departmental practice can produce better results, particularly as
hospitals grapple with the many new sources of data that have emerged over
the past several years. This tutorial takes a look at many of the
considerations for implementing a health information management program.
Report Contents:
Executive Summary
[return to top of this
report]
A substantial amount of medical data is now stored electronically in a
diverse range of sources, including servers housing patient records,
picture archiving, and communication systems that contain x-rays and other
medical images.
| Related Faulkner Reports |
| IT Standards for the Healthcare Industry Tutorial |
| HIPAA Records Management Tutorial |
| Electronic Medical Records Trends |
| Earned Value Management Tutorial |
| Balanced Scorecard Management Tutorial |
| Robotic Telepresence Technology & Applications Tutorial |
Unfortunately, the ineffective handling of this data can pose a direct
threat to regulatory compliance, patient care, and, ultimately, the bottom
line.
To protect against such dangers, many healthcare organizations practice
information management, which is the coordinated control of data. To
handle this function, some institutions have created the position of CIO
(Chief Information Officer). A CIO is an executive-level job that
involves high-level strategic planning about the technologies and
processes related to creating, storing, and managing data. People in this
role are expected to translate business goals – such as meeting
regulations or controlling costs – into technology plans. Therefore, CIOs
will be involved in purchasing decisions and implementation planning,
among other duties.
Potential Trends
Among the potential trends that could have an impact, whether positive or
negative, on health information management are:
- Increased use of EHR (electronic health records), which are shareable
among facilities - Broadened focus for the CIO, including the management of data sent to
– and received from – parties that manage health information - Emergence of pay for performance insurance reimbursement programs
- Expanded use of telemedicine and other remote service options
- Increased exposure to ransomware and other critical cyber threats
Description
[return to top of this
report]
Generally speaking, information management is the coordinated oversight
of an organization’s technology and processes for generating, storing, and
transferring data. In the health industry, this area includes both
clinical and administrative data. Consequently, information management is
not limited to IT concerns. The concept – at least in terms of the health
industry – encompasses financial and patient records, diagnostic images
such as x-rays, test results, and other clinical data. Additionally,
videoconferencing and other forms of telemedicine, which are used to
provide consultation, are often counted in this category.
Health Information Management – Discipline
Growth in the use of IT by the healthcare industry has created the demand
for a new class of experts within the hospital environment, with the US
Bureau of Labor Statistics predicting that the “job outlook” for
health-info technicians will grow by 11 percent (through 2028), which
marks overall employment growth of 23,100 over a 10-year period, taking it
from the documented 215,500 (2018) to 238,600 (2028).1
As the need for coordinated management of information grows, the
emergence of new EDS (electronic data systems) that are spread across more
clinical and administrative departments becomes even more necessary.
Included in this area are:
- Computerized physician order-entry systems
- Automated medication cabinets
- Pharmacy information systems
For this reason, coordinated oversight is important, as decisions about
purchasing or upgrading such systems cannot be made in isolation. These
systems affect and depend on other technology and clinical processes. An
example of such an inter-dependency is the need for adequate network
bandwidth to support the transfer of high-quality x-ray images or provide
reliable videoconferencing.
Health Information Management – Goals
Health information management involves technology, but also frames its
goals in broader strategic terms:
- Turning Data into Meaningful Information – Much of
the data that health facilities compile over time is not assembled or
processed in a way that makes it useful for strategic planning. Health
information management aims to organize such data to measure the
performance of clinicians and equipment, to spot trends, and to perform
other activities. - Managing a Talent Pool – Activities such as hiring
personnel for specific positions is typically the responsibility of
frontline supervisors, but broader considerations such as long-term
employee development and ensuring that staff members have the right
skills to carry out future projects are also part of health information
management. - Monitoring Regulatory and Legal Compliance – Health
information is subject to many regulations and laws, both at the federal
and state levels. Compliance depends on technology used in a variety of
departments, as well as on policies and practices. - Managing Organizational Changes – Routine changes can
typically be handled by an individual department. For instance, an IT
department could plan and execute a security patch deployment or a
clinical engineering department could manage minor revisions to the
inspection and preventive maintenance procedures for medical devices.
But larger changes require cross-departmental oversight, which is a
responsibility of health information management. Projects on this scale
include implementing a disaster recovery program or converting paper
records to an electronic system. Making fundamental changes – and doing
so smoothly – involves more than implementing technology. It also
involves training staff members and reengineering administrative and
clinical processes. - Meeting Financial Goals – Health information managers
make many decisions that affect financial goals, such as the following:- Selecting technology for storing or using information.
- Setting salary budgets for personnel who manage data.
- Determining reimbursement policies for medical treatments.
- Maintaining Security – Security is a key concern of
health information management. In addition to implementing devices such
as firewalls, the practice also includes the oversight of clinical and
administrative practices that deal with health information.
Health Information Management – Governance
Founded in 1928, the American Health Information Management Association
(AHIMA) is a leading voice and authority in health information management.
AHIMA’s expertise extends to essential topics like:
- Coding: inpatient, outpatient, and physician
- Clinical documentation integrity
- Privacy and security
- Data analytics and informatics
- Revenue cycle management
- Leadership
According to the AHIMA, the field of health information management is
focused on five principal functions:
- Health information governance and stewardship
- Data capture, validation, and maintenance
- Data analysis, transformation, and decision support
- Information dissemination and liaison
- Health information resource management and innovation2
In addition to policies and practices advanced by the AHIMA, the
International Organization for Standardization (ISO) has published
numerous standards on health information systems or, as they prefer,
“health informatics,” which analyst Tim Stobierski describes as an
“interdisciplinary field in the healthcare industry that uses information
technology to organize and analyze health records to improve healthcare
outcomes.”3
Current View
[return to top of this
report]
In terms of the current landscape for health information management,
primary considerations include EHR (electronic health record) adoption
rates and maintaining regulatory compliance.
Electronic Health Records Adoption
The global electronic health records (EHR) market is projected to grow
from $30 billion (2020) to $40 billion (2025), in large part due to
“rising demand for centralization and streamlining of electronic
healthcare systems, technological advancements in the field of healthcare
IT, and increasing awareness about the use and importance of EHR.”4
Mixing With Paper-Based Records Management
The mix of paper-based and electronic records is one of the challenges of
managing health information. Facilities need to shepherd this transition
in a way that is not overly disruptive. At the same time, they need to
find ways to make effective use of paper-based sources while they are
still in use.
Regulatory Compliance
Regulatory compliance is assuming increasing importance in health information
management. For example, in the US, health providers, payers, clearinghouses,
and billing services are obliged to use
ICD-10
code sets (International Classification of Diseases, 10th Edition).5
As itemized by AltexSoft, a technology consulting company, other
prominent code sets include:
- “CPT (the Current Procedure Terminology)
and HCPS (Healthcare Common Procedure Coding System) for
reporting all types of healthcare services, both inpatient and
outpatient - “CDT (Code on Dental Procedures and Nomenclature) for documenting
dental treatment - “SNOMED CT (Systematized Nomenclature of Medicine – Clinical
Terms) for capturing symptoms, clinical findings, family history,
medical services, drugs, and other aspects related to the course of
treatment - “LOINC (the Logical Observation Identifiers Names and Codes) for
recording lab orders/ results and vital signs - “NDC (National Drug Codes) for pharmacy products
- “RxNorm for drug classes”6
Patients as “Shoppers”
A key philosophical transformation that has occurred over the past
few years is that patients have begun to think more like shoppers. This
development is due to the shift of retail and health services to the Web. As
people have grown accustomed to comparing products online, some have also
come to expect the same from the health industry. This trend has put
increased emphasis on price as a factor in choosing services and providers.7
Outlook
[return to top of this
report]
Healthcare Information Systems
As forecast by Research and Markets, the global healthcare information
systems market size should reach $539.3 billion by 2028, realizing a
compound annual growth rate (CAGR) of 9.9 percent from 2021 to 2028.
Fueling the growth are a variety of factors:
- The increasing prevalence of chronic diseases
- An aging population
- The general trend (not just healthcare) toward cloud-based information
systems - The need to lower healthcare costs through automation
- The COVID-19 pandemic which accelerated telemedicine or telehealth
initiatives - The need to “make effective use of data analytics,” especially in a
turbulent healthcare industry8
Pay For Performance
A major factor spurring hospitals to implement health information
management programs is the trend away from pay for service insurance
reimbursements, in which hospitals are paid based on which service they
provide. This model is being replaced by a variety of pay for performance
models that base reimbursements on clinical results, not on the type of
service provided. The task of managing pay for performance data, however,
falls heavily on information managers. In addition, as more pay for
performance programs emerge, health information management will become
more essential as a financial safeguard.
Health Information Protection
As evidenced by HIPAA and other health-related security and privacy
statutes, protecting health information, particularly electronic
information, is essential. To that end, the US National Institute of
Standards and Technology (NIST) has produced regular health information
management guidance. Relevant publications include:
- SP 800-66, Rev. 1:
An Introductory Resource Guide for Implementing
the Health Insurance Portability and Accountability Act (HIPAA)
Security Rule
. October 23, 2008 - NISTIR 7497:
Security Architecture Design Process for Health
Information Exchanges (HIEs)
. September 30, 2010 - SP 1800-1:
Securing Electronic Health Records on Mobile Devices
.
July 27, 2018 - SP 1800-8:
Securing Wireless Infusion Pumps in Healthcare Delivery
Organizations
. August 17, 2018 - SP 1800-24:
Securing Picture Archiving and Communication System
(PACS): Cybersecurity for the Healthcare Sector
. December 21, 2020 - SP 1800-30:
Securing Telehealth Remote Patient Monitoring
Ecosystem (2nd Draft)
. May 6, 2021
Each document is available for free download from the NIST website.
Standard Cybersecurity Protocols
In addition to health information-specific safeguards, health information
management security should assure adherence to standard cybersecurity
protocols, such as:
- Deployment of enterprise firewalls, anti-virus applications, and data
loss prevention programs - End-to-end data encryption
- Biometric access controls to regulate physical facility and digital
data access - A DevSecOps approach to health application development and testing,
where security is integrated into the software development lifecycle
(SDLC) - Audited data backups, especially as ransomware is rampant
- Well-exercised disaster recovery and business continuity plans
- Regular security awareness training for all employees, business
partners, and other health information management stakeholders
Recommendations
[return to top of this
report]
Large health organizations that do not yet have a CIO or equivalent
executive-level position should consider creating the role. A traditional
organizational structure in which IT, clinical engineering, and medical
personnel operate independently without coordination is not the most
effective way to deal with today’s technology. In creating the CIO
position, organizations will need to clearly define the CIO’s level of
authority. This can be difficult because the CIO’s domain spans multiple
departments. Ideally, the CIO will have the ability to direct or at least
heavily influence purchasing decisions in both clinical engineering and
IT. Also, he or she will be able to set policies for creating, storing,
and transmitting information.
To succeed in this role, the CIO will need to understand computer and
medical technology and to understand overriding business concerns such as
budgeting and regulatory compliance. Often, the CIO can be more effective
if he or she is not part of the IT or clinical engineering department.
This way, the exec will be able to more objectively make decisions about
outsourcing and other difficult issues without territorial considerations
such as trying to protect the interests of direct co-workers.
Most small and medium-sized health facilities, however, will not have the
budget to hire a dedicated CIO. Despite this, such organizations should
still implement some health information management techniques. These
techniques include, but are not limited to:
- Balanced scorecard processes for measuring business performance
- Earned value management calculations for estimating and tracking
schedules and budgets - Training a cross-departmental team to carry out tasks
- Grouping projects into categories based on factors such as clinical
importance and dependence on other projects
References
1 “Occupational Outlook Handbook – Medical Records and
Health Information Technicians.” US Bureau of Labor Statistics.
Accessed January 2020.
2 “Health Information Management: Concepts, Processes, and
Technologies Used.” AltexSoft. November 5, 2021.
3 Tim Stobierski. “What Is Health Informatics?” Northeastern
University. April 12, 2021.
4 “Global Electronic Health Records (EHR) Market (2020 to
2025) – By Product, Component, End-User, Region, Competition, Forecast
& Opportunities.” ResearchAndMarkets.com. May 27, 2020.
5 “About ICD-10.” CMS.gov. Accessed February 2021.
6 “Health Information Management: Concepts, Processes, and
Technologies Used.” AltexSoft. November 5, 2021.
7 Aine Cryts. “Four Tech Trends in Healthcare in 2017.” Managed
Healthcare Executive. February 6, 2017.
8 “Healthcare Information System Market Size, Share &
Trends Analysis Report By Application (Revenue Cycle Management,
Hospital Information System), By Deployment, By Component, By End-Use,
and Segment Forecasts, 2021-2028.” Research and Markets. October 2021.
Web Links
[return to top of this
report]
- American Health Information Management Association: http://www.ahima.org/
- Digital Imaging and Communications in Medicine (DICOM): http://www.dicomstandard.org/
- International Organization for Standardization: http://www.iso.org/
- National Institute of Standards and Technology: http://www.nist.gov/
- Office of the National Coordinator for Health Information Technology
(ONC): https://www.healthit.gov/
[return to top of this
report]