When was the last time you thought about the best way to implement, manage and connect heavily used medical devices, like ECGs or vital signs monitors? If it’s been a while, here are some questions to get you started down the right path when it comes to medical device integration.
Who has decision rights?
Who has more sway in purchasing decisions: IT or clinicians? In your clinics, perhaps office managers are major players. Which is the right way?
None of the above, according to Lari Rutherford, Senior Manager of Connectivity at Welch Allyn.
“All parties need to come to the table when deciding how you’re going to integrate a new device into your organization,” explains Rutherford. “Take one common example: IT is in charge of making sure the device connects securely with your EMR, and they promote the workflow that best supports that. But when clinicians begin training on the device, they realize it now takes them longer to get the results to the EMR. Efficiency for one is not efficiency for all.”
- Get clinical, IT and other stakeholders together to understand the scope of requests. What workflow do clinicians want? What are the hard stops from an IT perspective to share data securely? Clearly delineating all this upfront is important not just to make the right requests of your vendor, but also to decide which tradeoffs are and are not acceptable for the whole group.
- Count clicks. (Your clinicians will thank you.) As powerful as medical device integration with the EMR can be, too often it results in longer workflows for clinicians. Count the clicks your clinicians are making today, and make sure that number goes down with the new solution. Otherwise, you may be opening yourself up to workarounds or, worse, outright rejection from users.
Who has access?
Robust, network-capable devices like vital signs monitors and ECGs are often distributed throughout a hospital or practice. Since they not only capture patient information but also transmit it to the EMR, device access control is important. However, too often, increased security measures introduce additional workflows or cumbersome tasks for clinicians. Ask your provider if roles-based user authentication is available to help ensure users can only access functions they need based on their job.
Rutherford cites a common example: “CNAs may be needed to take vitals or conduct ECGs, but rights to edit data in the EMR should be reserved for RNs and physicians. Make sure your care and support teams are accounted for so your system manages user rights both securely and appropriately.”
Who is controlling cybersecurity?
Solutions requiring non-standard infrastructure or security practices are not practical in today’s healthcare IT environments. You need to secure the devices on your network your way.
“It’s easy to find a device that will connect to an EMR,” says Rutherford. “Unfortunately, it’s also easy for that communication to happen in a non-secure way. Asking the right questions upfront can make all the difference.”
Rutherford suggests asking your vendor:
- What encryption methods are used to protect Protected Health Information (PHI)?
- Does the solution support your existing security policies for cyber hygiene, scans, upgrades and patches?
- What is your cybersecurity risk management policy for devices both in the field and in development?
Medical device integration can help provide accurate, diagnostic-quality data that can save a patient’s life. By involving the right team, asking the right questions and paying attention to security, you are starting down the path to making the best decision for your patients and your clinicians.