You need to read the article assigned for week 1 and develop a 2-3-page paper reflecting your understanding and ability to apply the readings to your Health Care Setting. Each paper must be typewritten with 12-point font and double-spaced with standard margins. Follow APA style 7th edition format when referring to the selected articles and include a reference page.
Originality: SafeAssign submission is required.

Introduction to Healthcare Information Technology
Chapter One
Introduction to Healthcare IT

1

About the Presentations
The presentations cover the objectives found in the opening of each chapter.
All chapter objectives are listed in the beginning of each presentation.
You may customize the presentations to fit your class needs.
Some figures from the chapters are included. A complete set of images from the book can be found on the Instructor Resources disc.

2

Objectives
Define healthcare information technology
Recognize some of the benefits of healthcare IT
Describe the CompTIA Healthcare IT Technician Certificate
List major healthcare regulators
Summarize the major healthcare regulations
Describe typical healthcare legal practices
3

Introduction to Healthcare Information Technology

3

Healthcare IT: Challenges and Opportunities
Information technology adoption
Slower in healthcare industry compared with other industries
Obstacles to adoption
Fragmented healthcare system
Many different systems among providers
Shortage of trained technology professionals
Highly regulated industry
4

Introduction to Healthcare Information Technology

4

What Is Healthcare Information Technology?
Framework for managing health information
Mechanism to improve patient care
Enables patient care coordination
Application of information technology to the healthcare industry
Hardware and software
Used to manipulate health data and information
5

Introduction to Healthcare Information Technology

5

Benefits of HIT
Healthcare costs continue to rise
5.2 percent of U.S. GDP spent on healthcare in 1960
17 percent in 2007
Advances in technology account for about half of healthcare spending increases
Efficiency benefits of electronic medical records
Eliminates medical transcription
Reduces need to physically retrieve charts
Reduces duplicate diagnostic tests
6

Introduction to Healthcare Information Technology

6

The CompTIA Healthcare IT Technician Certificate
CompTIA
Nonprofit trade organization
Advocate for the IT industry
Provides education and certification programs
CompTIA healthcare IT technician certificate
Shows individual’s proficiency in certain areas of healthcare and information technology
Prepares students for jobs in software and technology support

7

Introduction to Healthcare Information Technology

7

The CompTIA Healthcare IT Technician Certificate (cont’d.)
CompTIA proficiency areas
HIT regulations
Healthcare organization and operations
Basic IT operations
Network IT operations
Document imaging
Basic and advanced healthcare security
Medical business operations
8

Introduction to Healthcare Information Technology

8

Regulatory Compliance: Regulators
Regulation
Something that constrains or controls
Regulator
Governmental entity that mandates regulations
Healthcare one of most heavily regulated industries
Purpose of regulations
Ensure minimum standard of care
Provide broad patient access at reasonable cost
9

Introduction to Healthcare Information Technology

9

Regulatory Compliance: Regulators (cont’d.)
10

Table 1-1 Primary U.S. healthcare regulatory agencies
© Cengage Learning 2013

Introduction to Healthcare Information Technology

10

Department of Health and Human Services
Mission of HHS
Provide citizens access to high-quality health care
Help people find jobs and child care
Keep food safe
Manage infectious diseases
Extend the practice of diagnosis and treatment
HHS represents 25 percent of U.S. federal budget

11

Introduction to Healthcare Information Technology

11

Department of Health and Human Services (cont’d.)
Operating divisions of HHS
Administration for Children and Families (ACF)
Administration on Aging (AoA)
Agency for Healthcare Research and Quality (AHRQ)
Agency for Toxic Substances and Disease Registry (ATSDR)
Center for Disease Control and Prevention (CDC)
Centers for Medicare and Medicaid Services (CMS)
Food and Drug Administration (FDA)

12

Introduction to Healthcare Information Technology

12

Department of Health and Human Services (cont’d.)
Operating divisions of HHS (cont’d.)
Health Resources and Services Administration (HRSA)
Indian Health Service (IHS)
National Institutes of Health (NIH)
Office of the Inspector General (OIG)
Substance Abuse and Mental Health Services Administration (SAMHSA)

13

Introduction to Healthcare Information Technology

13

Department of Health and Human Services (cont’d.)
Office of the National Coordinator for Health Information Technology (ONC)
Staff division within HHS
Responsible for coordinating use of advanced HIT practices at the national level

14

Introduction to Healthcare Information Technology

14

Centers for Medicare and Medicaid Services Information Technology
CMS administers:
Medicare program
Federal portion of the Medicaid program
State Children’s Health Insurance Program (CHIP)
Parts of Medicare
Part A
Inpatient hospital stay insurance
Part B
Doctor’s services and outpatient care
Prescription drug coverage
15

Introduction to Healthcare Information Technology

15

Centers for Medicare and Medicaid Services Information Technology (cont’d.)
Medicaid
Program for low-income people
Covers certain medical expenses
Jointly funded by federal government and the states
Medicare and Medicaid incentive programs
Cash incentives to providers for adopting electronic health record (EHR) technology
16

Introduction to Healthcare Information Technology

16

The Office of the National Coordinator for Health Information Technology
Responsibilities
Coordinates use of advanced HIT practices at the national level
Certifies EHR systems and providers
Three aspects of certification
Standards and certification criteria for EHR
Certification programs
Metadata standards
17

Introduction to Healthcare Information Technology

17

The National Institute of Standards and Technology
Federally sponsored physical science research laboratory
Sets standards for EHRs under the HITECH Act
Five goals of NIST’s role in health information technology
Coordinate standards
Coordinate infrastructure testing
Improve EHR usability
Extend healthcare’s reach through technology
Perform research and development

18

Introduction to Healthcare Information Technology

18

The National Institute of Standards and Technology (cont’d.)
NIST and Healthcare Information Technology Standards Panel (HITSP)
Provide standards and specifications to ensure system interoperability
Example: specific data and communication format requirements

19

Introduction to Healthcare Information Technology

19

The National Institute of Standards and Technology (cont’d.)
20

Table 1-2 HIT standards implementation process
© Cengage Learning 2013

Introduction to Healthcare Information Technology

20

Regulatory Compliance: Regulations
HIPAA privacy rule
Broad federal regulation
Adopted in 1996
HIPAA goals
Improve portability and continuity of health insurance
Manage waste, fraud, and abuse of health care delivery
Reduce costs and increase efficiency by standardizing the interchange of electronic data
Protect the privacy of personal health records
21

Introduction to Healthcare Information Technology

21

Regulatory Compliance: Regulations (cont’d.)
HIPAA privacy rule regulates:
Health care providers
Health plans
Health care clearinghouses
Collectively called Covered Entities (CE)
Rule extends to Business Associates (BAs) of Covered Entities
Business Associate Agreements
Contracts between CEs and BAs ensuring HIPAA is followed
22

Introduction to Healthcare Information Technology

22

Regulatory Compliance: Regulations (cont’d.)
Protected Health Information (PHI)
Individually identifiable health information
Created or received by CE or BA
Can exist in various forms (verbal, paper, electronic)
De-identified information
Cannot be traced back to the individual
Must lack 18 specific identifiers or be certified by a statistician
23

Introduction to Healthcare Information Technology

23

Regulatory Compliance: Regulations (cont’d.)
Data use agreement
Permits researchers to use PHI under specific conditions
Office for Civil Rights (OCR)
Responsible for enforcement of HIPAA
24

Introduction to Healthcare Information Technology

24

25

Table 1-3 HIPAA Privacy Rule safeguards and requirements
© Cengage Learning 2013

Introduction to Healthcare Information Technology

25

HIPAA Security Rule
Focuses on electronically transmitted or stored PHI
Known as ePHI
Narrower focus than the privacy rule
Seeks to ensure Covered Entities provide certain administrative, physical, and technical safeguards for data

26

Introduction to Healthcare Information Technology

26

27
Table 1-4 HIPAA Security Rule categories, safeguards, and requirements
© Cengage Learning 2013

Introduction to Healthcare Information Technology

27

HIPAA Identifier Rule
Mandates all Covered Entities storing or transmitting ePHI have a National Provider Identifier (NPI)
Replaces all other identification from Medicare, Medicaid, and other government programs
28

Introduction to Healthcare Information Technology

28

HIPAA Transaction and Code Sets Rule (TCS)
Mandates consistent electronic interchange of PHI
Electronic data interchange for health care
Technology is tested and proven from use in other industries
Several standards exist
ANSI X.12 standard
29

Introduction to Healthcare Information Technology

29

HITECH Act
Creations of the Health Information Technology for Economic and Clinical Health (HITECH) Act
HIT Standard Committee
HIT Policy Committee
Process to adopt standards and procedures
30

Introduction to Healthcare Information Technology

30

HITECH Act (cont’d.)
HITECH Act more stringent than HIPAA
Increased resources for enforcement
Increased penalties for violation
Health providers cannot use patient health information without expressed permission
Sale of private health information must be authorized by the patient
Patients may audit their electronic patient records
Act extends to future unanticipated entities
Mandates encryption of ePHI
Requires patients be notified of any breach

31

Introduction to Healthcare Information Technology

31

HITECH Act (cont’d.)
HITECH act and Business Associates
HITECH Act encompasses both Covered Entities and Business Associates
HITECH Act and PHI breach
Covered Entity required to report the breach to each individual affected
Business Associate breaches reported to Covered Entity first
HHS must be contacted if more than 500 patients affected
32

Introduction to Healthcare Information Technology

32

HITECH Act (cont’d.)
HITECH act enforcement
Four levels of enforcement
Lowest level of enforcement: unknown violations despite due diligence
Penalties: $100-$25,000 per violation
Next level: reasonable cause and not willful neglect
Penalties: $1000 to $100,000 per violation
33

Introduction to Healthcare Information Technology

33

HITECH Act (cont’d.)
Level 3: willful neglect corrected within 30 days of knowledge of violation
Penalties: $10,000 to $250,000 per violation
Level 4: willful neglect that is not corrected
Penalties: $50,000 to $1,500,000 per violation
Penalties are for a given calendar year
34

Introduction to Healthcare Information Technology

34

HITECH Act (cont’d.)
HITECH act and EHRs
Majority of funding for HITECH used for provider incentives to adopt EHRs
Entities that provide assistance, best practices, and grants under HITECH Act
Workforce investments
HIT extension program
HIT research center
HIT regional extension centers
35

Introduction to Healthcare Information Technology

35

HITECH Act (cont’d.)
Certified EHR
Tested by an ONC Authorized Testing and Certification Body (ATCB)
HITECH act and meaningful use
EHR must be used in a meaningful manner
EHR must be used for submission of quality data and other measures
EHR must be used for exchange of health information that improves health care quality
36

Introduction to Healthcare Information Technology

36

HITECH Act (cont’d.)
Eligible Provider (EP)
Provider qualifying for financial incentives under HITECH Act
Incentives for both Medicare and Medicaid exist
EPs may participate in multiple programs
Certain restrictions apply
37

Introduction to Healthcare Information Technology

37

38
Table 1-5 Maximum Medicare EHR incentive payments
© Cengage Learning 2013

Introduction to Healthcare Information Technology

38

Legal Practices
Legal practices outside the scope of traditional regulatory environment
Liability waivers
EHR service level agreements
Memoranda of understanding
39

Introduction to Healthcare Information Technology

39

Liability Waivers
Used by hospitals and physicians to protect them against legal liability
Documents signed by the patient
Specify provider responsibility in case of treatment failure or injury
40

Introduction to Healthcare Information Technology

40

Service Level Agreements
Frequently used in technology applications
Define level of service user can expect from technology provider
Examples of SLA performance measures
Downtime
Downtime period
Monthly uptime percentage
Scheduled downtime
Service credit
41

Introduction to Healthcare Information Technology

41

Memorandum of Understanding
Also called memorandum of agreement (MOA)
Voluntary agreement between health providers
Specifies some mutually beneficial arrangement
Example: natural disaster recovery
Agreement would specify responsibilities of each entity
42

Introduction to Healthcare Information Technology

42

Memorandum of Understanding (cont’d.)
Four elements of a legally binding contract
Payment or consideration
No illegal activities
Actions of parties must be described
Agreed upon without threat or duress
43

Introduction to Healthcare Information Technology

43

Summary
Healthcare costs keep increasing
Healthcare industry has been slow to adopt use of information technology
HIT: the use of hardware and software to manage and manipulate health information
Regulation provides constraints or controls
HIPAA protects privacy and security of patient health data

44

Introduction to Healthcare Information Technology

44

Summary (cont’d.)
Parts of HIPAA
Privacy rule
Security rule
Identifier rule
Transaction and Code Sets rule
HITECH Act increases protections of HIPAA
Certain legal practices exist outside the regulatory environment

45

Introduction to Healthcare Information Technology

45

Introduction to Healthcare Information Technology
Chapter Two
Healthcare Organizations and Operations

1

Objectives
Identify various healthcare organizational structures and their different methods of operation
Explain the use of codes of conduct
Identify EHR/EMR access roles and responsibilities for using Protected Health Information (PHI)
Describe the proper communication methods for use in the healthcare workplace
List best practices in handling PHI in the healthcare setting
2

Introduction to Healthcare Information Technology

2

Healthcare IT: Challenges and Opportunities
Delivery of health care to a large population
Diverse and complex organizations
First responders
Police, firefighters, emergency medical technicians
Operation of a hospital
Numerous organizations play supporting roles
3

Introduction to Healthcare Information Technology

3

Healthcare Organizational Structures and Operation
Organizational structure
Framework through which a group of people work toward common goal
Defines authority, responsibilities, communication methods, rights, and duties of the group
Uniqueness of healthcare organizational structures
Common goal to save lives, reduce suffering, and eliminate disease
Stressful and demanding environments
4

Introduction to Healthcare Information Technology

4

Organizational Structures
Hospitals
Healthcare organizations treating patients for injury and disease
Usually provide inpatient (long-term) care
Patient resides in hospital one or more nights
Also provide outpatient care
Patient is not admitted and does not reside overnight
5

Introduction to Healthcare Information Technology

5

Organizational Structures (cont’d.)
Types of hospitals
General
Contagious disease
Nursing homes
Psychiatric
Orthopedic
Pediatric
Hospitals divide functionality into departments
Departments depend on hospital type and size
6

Introduction to Healthcare Information Technology

6

Organizational Structures (cont’d.)
Hospital departments
Cardiac care unit (CCU)
Emergency room (ER)
Gynecology (GYN)
Intensive care unit (ICU)
Medical/Surgical (Med/Surg)
Neurology
Obstetrics (OB)
Oncology
Pediatrics (Peds)
7

Introduction to Healthcare Information Technology

7

Organizational Structures (cont’d.)
Hospital departments (cont’d.)
Physical therapy (PT)
Psychiatry (Psych)
Surgery (OR)
Supporting departments
Laboratory (Lab)
Pathology (Path)
Pharmacy
Radiology (Xray)

8

Introduction to Healthcare Information Technology

8

Table 2-1 Selected departments typically found in hospitals
© Cengage Learning 2013

9

Organizational Structures (cont’d.)
Indirect support departments
Health information management (medical records)
Information technology (IT)
Clinical (or biomedical) engineering
Facilities management (maintenance/operations)
Administration
Food and nutrition services
Security
Material management

10

Introduction to Healthcare Information Technology

10

Organizational Structures (cont’d.)
Physician
Medical professional
Licensed by a governing body
Private practices
Single physician provides care to individual patients
Group of physicians working together
Considered private practice if group is physician owned
Non-physician owned healthcare group
Not considered private practice

11

Introduction to Healthcare Information Technology

11

Organizational Structures (cont’d.)
Nursing homes (convalescent hospitals)
Equipped for patients with long-term diseases
Address the needs of inpatients
Generally not equipped for acute care
Generally outsource support functions
Skilled nursing facility (SNF)
Requirement for facility to receive Medicare reimbursement
Must employ skilled nursing staff
12

Introduction to Healthcare Information Technology

12

Organizational Structures (cont’d.)
Requirements for Medicaid reimbursement of patient expenses
Patient needs skilled nursing care
Patient has income and assets below defined levels
Patient must be a United States citizen
Patient must reside in state in which nursing home is located

13

Introduction to Healthcare Information Technology

13

Organizational Structures (cont’d.)
Assisted living facility
Designed for elderly people who need some assistance with activities of daily living
Has residents, not patients
Generally do not have skilled nursing care staff
No Medicare or Medicaid reimbursement
14

Introduction to Healthcare Information Technology

14

Organizational Structures (cont’d.)
Home health care
Treatment of disease or injury in patient’s home
Staffed by nonmedical and/or skilled nursing professionals
May be reimbursed depending on certain criteria
15

Introduction to Healthcare Information Technology

15

Organizational Structures (cont’d.)
Hospice
Care of terminally ill patients at home or in dedicated facilities
Patients require palliative care
Relief and prevention of suffering
Hospice care may include:
Skilled care on a 24-hour, 7 day per week basis
Pharmaceuticals to provide patient comfort
Necessary medical equipment
Generally reimbursable by Medicare and Medicaid
16

Introduction to Healthcare Information Technology

16

Organizational Structures (cont’d.)
Surgical centers and ASCs
Specialize in outpatient surgical care
Also called same-day surgery
Less complex procedures than inpatient surgery
Types of procedures
Minor surgeries
Pain management
Diagnostic procedures
17

Introduction to Healthcare Information Technology

17

Methods of Operation
Customs or practices used to achieve organization’s goal
Scope of work
Availability of resources
Formality of procedures
18

Introduction to Healthcare Information Technology

18

Methods of Operation (cont’d.)
Scope of work
Refers to tasks involved in accomplishing a goal or objective
Differences exist in scope of work among various types of medical facilities
19

Introduction to Healthcare Information Technology

19

Table 2-2 Scope of work for identified healthcare organizations
© Cengage Learning 2013

20

Methods of Operation (cont’d.)
Availability of resources
Financial resources
Economic and monetary resources needed for organization to function
Human resources
Staffing needs
Physical resources
Places and equipment
Information
21

Introduction to Healthcare Information Technology

21

Table 2-3 Availability of financial resources for identified healthcare organizations
© Cengage Learning 2013

22

Methods of Operation (cont’d.)
Formality of procedures
Set of established behaviors for collectively achieving an organization’s goal
High formality: little deviation from set procedures
Low formality: higher deviation from set procedures
Formality typically increases as risk to patient increases
23

Introduction to Healthcare Information Technology

23

Table 2-4 Formality of procedures for identified healthcare organizations
© Cengage Learning 2013

24

Codes of Conduct
Rules for behavior to which a group of people adhere
May be specific and written
Likely to be similar for similar groups of people or facilities
Frequently address communication, procedural behavior, social behavior, and sanitation
25

Introduction to Healthcare Information Technology

25

Communication
Professional communication
Use of written, oral, or other exchange methods
Style of communication
How something is said
Content of communication
What is said
High-formality healthcare setting
Use formal communication style
Inappropriate to discuss outside activities, relationships, or other staff members in front of patient
26

Introduction to Healthcare Information Technology

26

Adapting Procedural Behavior
Procedural behavior
Level of procedural formality based on type of treatment or diagnostics
Examples of locations where procedural behavior is important
Imaging room
Procedure room
Recovery room
Examination room
Emergency room
27

Introduction to Healthcare Information Technology

27

Sanitation
Physical hazards due to close proximity to biological or chemical disease components
Sanitation methods
Sterilization of facilities and instruments
Proper disposal of contaminated wastes
Infection control procedures
Hand washing
Cleaning and sterilization
Use of antimicrobials
Use of protective equipment

28

Introduction to Healthcare Information Technology

28

Social Behavior and Sensitivity of the Environment
Social behavior
Conduct toward other people
Example: inappropriate for emergency room staff to act shy around unclothed patient
May be appropriate behavior for maintenance worker
29

Introduction to Healthcare Information Technology

29

Conforming to Management Requirements
Main responsibility is the patient
Managerial operating procedures
Address business needs of the organization
May sometimes conflict with patient care
Example: private hospitals may turn away patient without insurance or means to pay
30

Introduction to Healthcare Information Technology

30

Protecting Healthcare Information
HIPAA privacy rule protects individually identifiable health information
Includes verbal, paper, and electronic forms
Relates to past, present, and future health of an individual
PHI is protected as long as retained by Covered Entity:
Even if individual is deceased
31

Introduction to Healthcare Information Technology

31

Access Roles and Responsibilities
Healthcare team access
Each member of healthcare team has roles and responsibilities pertaining to PHI
32

Introduction to Healthcare Information Technology

32

Table 2-5 Protected health information access roles (continues)
© Cengage Learning 2013

33

Table 2-5 Protected health information access roles (cont’d.)
© Cengage Learning 2013

34

Access Roles and Responsibilities (cont’d.)
Business Associate access
HITECH Act encompasses Business Associates in same manner as Covered Entities
Examples of Business Associate functions
Claims processing
Accounting
Data aggregation
Accreditation
35

Introduction to Healthcare Information Technology

35

Access Limitations Based on Role and Exceptions
Certain times when traditional access roles need to be superseded
Example: emergency situation when database administrator may read PHI
36

Introduction to Healthcare Information Technology

36

Access to Sensitive Patient Data
Some information may have more stringent guidelines
Individuals may ask a Covered Entity to restrict use and disclosure of their PHI
Roles must be modified appropriately
37

Introduction to Healthcare Information Technology

37

Proper Communication
Procedures must be followed for various types of communication
Backups
A permanent copy of all ePHI is maintained
Unique identifiers
Username and password for each distinct user account
Emergency access
Procedures for obtaining necessary ePHI during an emergency
38

Introduction to Healthcare Information Technology

38

Proper Communication (cont’d.)
Timeout
Terminating an electronic communication session after a period of inactivity
Encryption
ePHI must be encrypted
Audit trails
Mechanism to record activity in information systems
39

Introduction to Healthcare Information Technology

39

Proper Communication (cont’d.)
Integrity
Mechanisms to prevent unauthorized destruction or alteration of ePHI
Authentication
Procedures to ensure those seeking access to ePHI are authentic
Disposal
Procedures to ensure final disposition of ePHI
40

Introduction to Healthcare Information Technology

40

Proper Communication (cont’d.)
Safeguards must apply to all forms of communication
E-mail
Instant messaging
Fax
File transfer protocol
Telephone
Voice over IP
41

Introduction to Healthcare Information Technology

41

Table 2-6 Safeguards for various electronic communication methods
© Cengage Learning 2013

42

Data Handling Procedures
Best practices for general technology use
Help ensure PHI is protected
Access to network devices should be controlled
Access methods
Physical
Electronic
Managing physical access
Location of physical device chosen to minimize access
43

Introduction to Healthcare Information Technology

43

Data Handling Procedures (cont’d.)
Privacy screens
Prevents anyone not sitting in front of screen from reading its contents
Screensavers
Lock out computer screens after specified time period
Time lockouts
Program locks out users after specific period of time
Password must be entered to regain access
44

Introduction to Healthcare Information Technology

44

Summary
Various healthcare organizational structures exist
Code of conduct refers to behavior rules to which a group of people adhere
PHI includes information in verbal, paper, or electronic form
Includes past, present, and future health information
Various roles and responsibilities exist for using PHI
45

Introduction to Healthcare Information Technology

45

Summary (cont’d.)
Safeguarding communication methods is one facet of protecting PHI
Best practices in handling PHI in a healthcare setting involve controlling physical and electronic access to PCs, printers, and other equipment

46

Introduction to Healthcare Information Technology

46