Unified Communications for Healthcare

Unified Communications for Healthcare

Is this the way forward in providing better clinical care and practice?

Rationale

Unified communications for healthcare should aim to bring together several disparate strands of the overall information flow. There has been huge expenditure of funds on computer systems within both the National Health Service (NHS) and the private health sector, but this has not yet resulted in integration of the vast amounts of data generated. The data needs to be converted into useful information delivered in an easily accessible fashion anywhere that patient care is delivered.

While numerous clinical systems are in place in hospitals today but often they do not easily inter-operate, unless supplied by a single manufacturer.

The importance of unifying communications grows with the needs of a growing population and consequent increasing demands on health care. This requires greater efficiency in delivery or will result in ever escalating cost. Systems of all kinds, whether they are major emergency response, patient monitoring and records, x-ray, laboratory, bed management or any of the myriad activities carried out by health professionals require seamless integration to maximise their effectiveness.

By definition, staff in healthcare is required to be mobile, whether travelling to patients of attending them in various hospital situations. Communication to the right staff at the right time is necessary at all times and in all places to attain efficiency of delivery of care.

Growth

The population of the United Kingdom is growing, and some analysts forecast it will approach 60 million or more in the next decade. A factor with direct impact on the demand for health care is the aging population. Advances in medical care have resulted in people living longer and requiring more assistance. This growth will require improved efficiency of the systems supporting care and by definition, their interoperability. Without this increase in efficiency, more and more taxpayer’s money will be poured into the NHS.

Objectives

The main thrust of the communications for healthcare project, or group of sub-projects, must be to deliver:

• Improve patient care and staff productivity
• Enable existing systems to share information seamlessly
• Facilitate the deployment of newer technologies designed for mobile staff
• Improve staff working conditions and therefore morale
• Provide the means of handling emerging threats of terrorist bombs or natural disasters

Guidance

The National Institute for Health and Clinical Excellence has a Technology Appraisals Committee which develops guidance for the NHS and considers and interprets evidence on the clinical effectiveness and cost effectiveness of health technologies referred to it.

The publication “Clinical effectiveness and clinical governance made easy” places emphasis on evaluation and audit of clinical care and services provided by individual practitioners, practice teams and Trusts. The work addresses the evolution of systems for monitoring performance of trusts.

The Department of Health has produced guidance entitled Informatics Planning 2009/10 defining the scope and content of the plan. Recommendations include a minimum of a three year planning timeframe, and that the relevant knowledge, skills and resources be put in place. The guidance recommends Local Health Community initiation aspects of the plan but that this should be within the timeframe agreed with the Strategic Health Authority.

The British Medical Association (BMA) in Scotland has produced a document entitled Priorities for Health: Protecting and safeguarding patient confidentiality

Information technology investment within the NHS is seen as a welcome approach, and the sharing of healthcare information as leading to patient care improvement. The BMA warns that a balance between information sharing and the need for security and confidentiality is necessary The BMA reiterate that doctors have a duty to maintain the confidentiality of patient information and therefore their trust in any IT programme is vital

Variety

There is considerable diversity both in people and technology within the health care sector. The NHS is the largest employer in the United Kingdom and there is a significant and growing private health care capacity in place.

This means that people from all kinds of social and educational background are involved and need to be part of the overall flow of information. With the increasing dependence on computer systems, better presentation of the required information is essential, whether it is complex cardiology data, laboratory results, bed occupancy or ambulance control as a few of the many examples in the overall complexity of patient care.

Computer systems have tended to be purchased in the past as specialised applications running on disparate machines. They are designed to capture and process the data required rather than their ability to communicate with major health computers holding patient records for instance. Further, many of these specialised devices are designed, built and delivered by manufacturers to perform specific tasks and the makers have little incentive to ensure ready compatibility with installed systems, both large and small. There are many legacy applications running on relatively old equipment and this factor poses difficulties for communication and integration.

Scale of implementation

The deployment of integrated solutions for the handling of patient care information faces a choice of centralised versus decentralised projects.

The argument that given the large population requiring health care makes the case for large projects. Big is beautiful is a phrase often used to describe major government-sponsored projects. This approach has the benefit of commonality of applications and hardware, with potential efficiency in its rollout across the target organisations. The track record of such an approach however, has a fairly poor reputation.

The reality of unified communications within the NHS via the implementation of huge expensive information technology projects is one of massive overspend and poor delivery. The Observer newspaper of Sunday 10^th August reported large problems and overspend of the £13 Billion NHS records system overhaul, adding there were difficulties with tracing waiting lists of patients requiring operations, people in need of urgent medical consultation and suspected MRSA.

This is common with many government-sponsored projects. For example it is reported in the Daily Express of 16 December 2008, that the Department of Transport spent £81 million of taxpayers’ money in an effort to save £57 million. The Commons Public Accounts Committee report on the transport development criticised the senior managers responsible for a lamentable project which resulted in a system which occasionally issued messages in German. The BBC Politics programme of Tuesday December 16^th in an interview revealed that effort was made to speed up the project by outsourcing some of the work to India, but this ran into problems as the requirement for security clearance had not been considered. This is indicative of project management being subjected to outside influences.

Project Management

As reported in Computer Weekly of 13th February 2007, that the firm Fujitsu, a primary supplier to the NHS 12.4Bn National Programme for IT (NPfIT) had expressed concerns about key aspects of the scheme would be met. The main programme aim was to provide shareable electronic health records for some50 million people. Fujitsu expressed concern about the viability of the overall programme, given the six and complexity of the NHS, and that it was running two years behind schedule.

Project management requires professional training to achieve the required skills and needs to operate within an approved methodology, with appropriate resource, tracking and reporting of progress, intervention to overcome difficulties and above all senior management support.

There are widely available tools for tracking projects, but demonstrable ability to take action and influence the behaviour of staff involved in the delivery is critical

Problems with projects are in the main due to what is known as “scope creep” where the initial objectives expand or are not understood until the project evolves. A comment complaint heard from project delivery staff (particularly in software related projects) is that the users don’t know what they really want until they have seen some of the early deliverables.

Decentralised projects

The decentralised approach with smaller projects run by individual Health Boards have a better record of success, but against that, there is the risk that a wide variety of suppliers providing information solutions which may not integrate well will result. The projects may

will be easier to manage at the local level, but face challenges when differing computing facilities need to interact.

A market research company’s website forecasts that as suppliers vie with each other to make offerings to supply the growing trend to create “paper-less” and “film-less” environments, healthcare organisations worldwide are beginning to plan and embrace integrated solutions. They forecast that the integrated hospital information systems market will reach $12.5 billion by 2007.

Project evaluation

A post project review is essential to determine whether the original objectives which were approved when the project was initiated were met. During the lifetime of the project it should be reviewed in an overview basis at each milestone stage and subjected to a formal, documented report at the conclusion of the project. This report would capture details of cost, timescale, objectives delivered, user satisfaction and importantly, lessons learned for the future.

7 x 24

Patients tend to require 24 hour supervision, particularly those in hospital. While healthcare is a 7 x 24 activity but computing facilities do not operate on a 7 x 24 basis unless there has been significant investment in duplication of systems, uninterruptible power supplies and locally available spares.

Computing devices, particularly operating systems and applications require downtime for upgrades and patches to reduce the risk of a whole variety of ills, such as malware, viruses, trojan code and spyware.

Particularly in the desktop environment this updating of applications and operating system software is a frequent occurrence. The Microsoft Corporation in particular has developed a patching process which occurs on a monthly basis and often requires a reboot of systems with consequent service interruption.

Security

Where items such as USB keys or DVD’s are utilised they have the potential for storing gigabytes of data, some of it potentially sensitive patient information. These items are small, transportable and easily lost or stolen. Theft or loss of such devices is frequent news items particularly where confidential information is involved Where human beings are involved, mistakes can happen and although suitable levels of encryption are available, they are not widely deployed at this time.

The reaction of IT executives to the risks posed by the use of USB devices resulted in some IT management developing policies banning their use. Users tend to ignore these restrictions as the benefits of use of such devices are considerable. Some IT departments have responded by employing blocking technology which prevents access to these devices. This approach builds user resentment as it hampers daily business activities.

Lumension Security have produced information discussing facts and fictions regarding the top five misconceptions about data protection, recommending that to be effective organisations should develop security policies that reduce the threat while being sufficiently flexible to be enforceable.

There are huge advantages in the use of items such as Personal Digital Assistants (PDA’s), mobile phones, laptops and other devices in keeping staff in touch and ensuring they have the required information accessible or transmitted to them.

Mobile phones are an important part of mobile communications, and once considered safe from hacking, they are now under threat.

A Gartner Group Analyst addressing a London conference recently warned that as mobile phones approach the sophistication levels of personal computers, the more exposed they become to attacks by malicious code.

J2MW – the mobile java platform common to most smart phones has been increasing rapidly with the advent of targeted trojan code.

A different challenge to protecting the integrity of patient information, the reality is that medical care is concerned with people. Today’s population are more exposed to and capable of using technology.

This is discussed by R Anderson in the book Security Engineering where he argues that many of the population have been born into a society where computers are widespread and with internet access can easily acquire the means of illegally accessing information by downloading freely available, simple to use hacking tools and learn about social engineering ploys which enable them to discover passwords to sensitive systems.

The NHS has recently completed the national procurement of an encryption solution for removable media and full disk encryption to reduce unauthorised access risk and is scalable to meet the size of the NHS.

The NHS is to run a trial of contactless smartcard readers that will grant access to IT systems without physically contact, helping to prevent the spread of disease. A tender has been issued for the supply of proximity smartcard readers.

New solutions

Healthcare IT solutions can take many forms and more are emerging as supplier companies market their wares to a very large and lucrative market. Examples include general practice records, paging emergency crash teams, laboratory, cardiology, and x-ray systems, patient alarm systems, mobile phones, PDA’s, display systems for of surgical procedures and x-rays, video-conferencing, and radio-controlled nurse call systems are but a few of the applications available.

A major supplier of communications equipment (Cisco) are promoting a unified system integrating communication devices of many types covering messaging, paging, phone, PC’s and PDA. Their belief is that rapid and effective communication of any type is best delivered by systems which by their ability to communicate with each other save valuable medical staff time in critical situations.

While such integration is beneficial, the potential disadvantage of opting for one supplier covering a wide range of communication devices is lack of freedom to take advantage of possible opportunities arising from the emergence of revolutionary technologies from other suppliers.

As the terrorist threat in the United Kingdom is still very real, systems have been developed to alert and assist in the management of major events. Such cases are termed Majax (which is a term for major accidents, disasters and events which demand the rapid organisation of services to respond. Technology exists to deliver Majax alerts, as described by a supplier (Interserve) on the use of such communication methods which proved useful during the events of 7^th July 2005 during the London bombings.

Various health boards have embraced the Majax approach with an example being the Gateshead NHS Foundation Trust Annual MAJAX report to the board of directors in 2008. Among many comments the report called for better communications resilience to address the vulnerability of mobile networks and the roll-out of satellite handsets.

The MAJAX approach involves the holding of scenario to improve training to handle major incidents of epidemics, so raising the essential component of staff awareness to any communications initiative.

This approach and technology-led advances could be expanded to deliver systems to monitor all aspects of such events and enhance the required communications to the necessary organisations.

To integrate all of these solutions is very complex, and the concept of a “hub” approach has been developed and is being progressed within the NHS with the support of a software supplier.(Adastra Software Ltd)

Wireless

One prevalent technology which is rapidly growing in uptake is Wireless.

Given the investment needed to deploy such wireless solutions requires considerable planning as the standards for wireless local area networks are evolving. The White Paper Ten factors to consider before deploying WLAN 802.11n. The paper outlines the need for a support strategy for mixed mode operation to support existing wireless clients during the migration to the emerging 802.11n standard.

Also known as “Wi-Fi”, wireless technology is prone to lack of security, particularly if suitable encryption is not employed. It is reported in Secure Computing Magazine of December 2008, that the widely used WEP encryption scheme has been found to be easily hacked, taking minutes only to crack a WEP key. There is a newer encryption methodology called WPA-TKIP, also known as WPA1, which reduces the possibility of attacks. However WPA1 is still susceptible to weak pass phrases protecting being broken by “brute force” attacks.

Wireless communications can also suffer from “dead spots”, where reception is unavailable or poor. To counteract this it is possible to deploy several wireless repeaters across large properties (such as hospitals), so the wireless device can pick up the strongest signal as staff move around. This factor must be taken into consideration in rolling out projects involving wireless communications.

Ethical considerations

Any project within the health care arena will entail ethical issues which must be met. The main consideration within a communications project is to ensure that medical ethics in terms of patient information are not compromised but protected to the best levels possible within the constraints of the technology and the people operating it. There needs to be an awareness section within the project which emphasises that aspect and reaches all staff likely to be affected, Mobile staff in particular are by the nature of their daily activities difficult to reach and any project must deploy inventive and pervasive awareness communications to smooth the introduction of new technology.

Closing the loop

Many organisations within medicine hold frequent meetings to share experiences and discuss possible improvements and discuss how certain events could have been better handled. This is beneficial especially to less experienced staff who gain from the knowledge of their more experienced colleagues.

Communication is not truly unified if the loop is not closed and the patient on the receiving end is unable to comprehend what they are being told by medical staff, or unwilling to question the information they are receiving. Hammond & Moseley (1999) recounted difficulties in patient doctor communication and with junior staff. He refers to the reluctance of junior colleagues to dare question the poor communication capabilities or delivery of comments.

To complete any communication successfully, there needs to be a mechanism for feedback, whether it is personal response or suggestions for improvement of the technology involved or the guidance for use.

Future

The current economic climate is not conducive to increased expenditure on a large scale within health care, indicating that the way forward must concentrate on improvements in efficiency and communication devices which “talk to each other” exchanging information simply and rapidly in all the activities undertaken by health care professionals.

The NHS IM&T Investment Survey entitled Connecting for Health, indicates that the planned Local revenue spend for 2008/09 is still rising, but that planned Local capital expenditure for the same period is dropping sharply

References

R Anderson (2008) Security Engineering 2^nd edition

BBC The Daily Politics Program 16^th February 2008.

British Medical Association Priorities for Health: Protecting and safeguarding patient confidentiality. Retrieved 15^th December 2008

Http://web.bma.org.uk

Clinical Collaboration and Communication with Cisco Unified Communications. Retrieved 15^th December 2008 from:

www.cisco.com/web/strategic_clinicalcollaboration

Computer Active Magazine October 15:2008

Computing Magazine 11^th December 2008

Computer Weekly 13^th February 2007

Department of Health Informatics planning 2009/10 December 10 2008

Fact or Fiction: Debunking the top 5 misconceptions about data protection. : Retrieved 15^th December 2008.

www.lumension.com

Gateshead Health NHS Foundation Trust. Annual MAJAX report 26^th March 2008

Dr P Hammond & M Moseley (1999) Trust me (I‘m a Doctor). London: Metro.

Integrated Out-of-Hospital Services. L Woods : Presentation Adastra Software Ltd 2008.

Market Forecast 2004 Report

www.researchandmarkets.com

J Ingham and J Campbell Daily Express December 16:15 2008

NICE Technology Appraisals Committee. Retrieved December 17^th, 2008 from

www.nice.org

NHS encryption tool: Retrieved December 16^th 2008 from

WWW.connectingforhealth.nhs.uk

NHS IM&T Investment Survey. Summary Analysis, Final version 1.0 October 6^th 2008.

Nortel White Paper: Ten factors to consider before deploying WLAN 802.11

www.nortel.com/wlan

The Observer, Sunday 10^th August 2008.

Secure Computing Magazine November: 11: 2008

Secure Computing Magazine December 15:2008

7^th July 2005:Vital support at a critical time :Retrieved December 15^th 2008

Http://interserveplc.com