5 Ongoing System Maintenance, Administration, and Data Quality

advertisement
Section 5.1 Maintain
Ongoing System Maintenance,
Administration, and Data Quality
Management
Use this tool for guidance on the importance of ongoing system maintenance, tools to evaluate
system administration, and tips to ensure data quality management within your local public health
(LPH) department’s electronic health record (EHR), health information exchange (HIE) support
services, and other health information technology (HIT).
Time needed: 4 hours
Suggested other tools: 1.4 EHR Technology Readiness Inventory, 1.5 HIE Technology Readiness
Inventory, 4.8 Change Control
How to Use
1. Use the information on ongoing system maintenance to ensure that your information systems
are well-maintained and you have contingency plans in the event of any service disruption.
2. Evaluate the need for and management of system administration.
3. Implement a process to ensure data quality.
Ongoing System Maintenance
Four types of ongoing system maintenance generally must be addressed in every information systems
environment.
1. Corrective maintenance refers to any remedial steps needed to correct problems with the
network, hardware, software, or utilization of information systems. These often reach the
attention of IT staff through an informal process that, if not well managed, can become
burdensome for your staff. If you are using an application service provider (ASP) or software
as a service (SaaS) vendor as your primary support, your informal process could cause you to
exceed your “routine maintenance” budget and you could be charged extra for service calls.
Whether you use internal staff or a third party for IT support, one person within the
organization (with appropriate backup) should track all corrective maintenance requests and
be responsible for their documentation and resolution. Essentially, corrective maintenance is
an extension of the issues management process (see 4.4 Issues Management) set up during
planning for implementation. Corrective maintenance includes:

Additional training or support that enables users to appropriately and fully utilize the
information systems. Users may seek help directly. Training needs may be identified
through system audits and should be documented.

What many organizations refer to as help desk functions. You may not have a formal
help desk, but someone in the facility should support this function. If your vendor has
a help desk and you have contracted for ongoing maintenance and support, be aware
that some vendors charge more for help when the information is already available to
you through their system documentation. This is another good reason to have
Section 5 Maintain—Ongoing System Maintenance, Administration, and Data Quality Management - 1
someone in your organization designated to receive these requests and review the
documentation to determine whether the problem can be fixed internally or needs to
be referred to the vendor.
2. Customized maintenance refers to modifying features already in existence in information
systems that need to be updated or modified for user needs. Customized maintenance is
essential in clinical information systems, which are constantly changing with new drugs, new
treatment guidance, etc. Customized maintenance may be a part of help desk functionality. In
addition to issues management, change control is an important element of customized
maintenance. Changes to clinical information systems can have a ripple effect, which is not
always desirable. IT staff should never act upon a clinical customization project without the
approvals required by the change control procedure.
3. Enhancement maintenance refers to improving the performance of the network, hardware,
application, or even the role of people in their development and use of these tools. IT staff
and/or end users may be further trained as super users and be offered advanced skills in
systems use and/or development (e.g., a super user may learn more advanced reporting skills,
or an IT staff member may take an online relational database design course). Most of the
enhancement maintenance is directed to the network, hardware, and software. Unfortunately,
such enhancements are often made in reaction to a problem rather than proactively. For
example, an electronic document management system (EDMS) application may necessitate
network enhancement and the fact that the vendor no longer supports an application may
trigger a search for a new product. All enhancements must be made within the context of
appropriate issues management and change control procedures. For many such projects, a
formal project plan (see 2.4 Project Management and 4.2 Managing the Project), including
business case and budget (see 2.12 Total Cost Total Cost of Ownership and Return on
Investment for EHR and HIE), the approval process, and even the acquisition process (see
3.4 Overview of HIE and HIT Vendor Selection) may be needed.
4. Preventive maintenance involves taking steps in advance to reduce the risk of a serious
problem. It may include everything from resetting a person’s password, performing a backup,
or recharging batteries to applying operating system patches, running a network scan, or
replacing devices when they become obsolete. Some of these are routine system
administration steps, while others may be major projects. Maintaining system documentation
and managing all aspects of security, including contingency planning, also fall within the
category of preventive maintenance. Many health care organizations have been somewhat lax
about preventive maintenance, especially relating to contingency planning. However, as EHR
and other HIT are adopted—becoming mission critical to the organization—preventive
maintenance must be planned for as thoroughly as the original applications. Some key
preventive maintenance steps include:

Install all patches and updates for the operating system, application (including
interfaces), and security software.

Review information system activity, including system utilization, capacity, and
response time.

Replace servers, client devices, and network devices on a routine schedule.

Provide for system administration services 24/7.

Maintain network schematics, application inventories, and network inventories,
potentially using automated tools to detect rogue devices or applications.
Section 5 Maintain—Ongoing System Maintenance, Administration, and Data Quality Management - 2

Ensure network, server, and device redundancy with failure and fault tolerance
capability.

Maintain and test contingency plans for routine backup and restoration, business
continuity, and disaster recovery—including manual contingency plans to be
performed by end users if necessary.

Utilize Internet and email usage/monitoring tools, firewalls, intrusion detection, and
anti-malware tools.

Secure all servers and network devices in an appropriate data center environment.

Ensure system administration passwords are especially strong and protected,
including separation of system administration duties from authorization
responsibilities.
System Administration
System administration is the process of maintaining and operating computer systems and networks.
This may be a relatively small job for IT in an ASP or SaaS environment. For an organization
maintaining its own servers and network components, the systems administrator has duties that are
wide-ranging. Whatever the scope of your needs, there must be at least one person tasked to perform
or oversee these functions. Even when an outside company supplies system administration functions,
including remote hosting, someone needs to manage that account and there needs to be someone who
can perform basic system administration duties relating to hardware and documentation of needed
changes.
As the role of EHR, HIE, and HIT grow in your organization, you may need to find a staff member
who can take on more system administration tasks, or even hire or contract for a system
administrator. The following are general systems administrator responsibilities:
















Perform routine audits of systems and software.
Perform backups.
Apply operating system updates, patches, and configuration changes.
Install and configure new hardware and software, including supporting and maintaining
severs and other computers.
Add, remove, or update user account information, reset passwords, etc.
Answer technical queries.
Perform security functions, including responding to service outages.
Participate in system build and document the configuration of the system.
Troubleshoot any reported problems.
Fine-tune system performance.
Insure that the network infrastructure is up and running.
Handle basic programming.
Conduct basic end user training.
Manage projects.
Participate in systems selection.
Provide periodic reporting to management.
Data Quality Management
As EHRs, HIE, and other HIT are installed, they become important clinical tools; the quality of the
data captured by these systems needs to be assured. All clinical tools require professional judgment
Section 5 Maintain—Ongoing System Maintenance, Administration, and Data Quality Management - 3
for use and need to be calibrated regularly to ensure they perform optimally. Think of EHR as having
these five rights:

Right clinical data – to be captured and quality assured

Right presentation – to be able to capture and retrieve the right data and be alerted properly

Right decision – to have the right clinical decision support, based on the right data, presented
in the right manner

Right work processes – to support the capture and use of data

Right outcomes – to result in the best possible outcomes for client safety and quality of care
See Section 4.7 Data Management for a comprehensive discussion of ensuring the quality of data as
it is captured in new ways.
To evaluate data quality and ensure it supports optimal use of systems at the point of care, for quality
improvement, data analytics for achieving health care value, public reporting, and other expanded
functions—various steps can be performed:

Health care professionals conduct audits of EHRs and resultant reports, looking for potential
inconsistencies. For example, a list of clients and their lab results may reveal that some of the
clients are no longer active with your department.

Monitor complaint logs by end users to determine whether data fields allow for precision and
edit checks
occur correctly.

Test data entry to determine that alerts and reminders fire correctly and can be performed
(see 6.3 Optimization Strategies for Clinical Decision Support in EHR and HIE).

Review the contents of comments or narrative fields to determine:
o Where structured data templating is not occurring
o
Where there are inconsistencies between data templating and narrative fields
o
Where there is repetition between data templating and narrative fields

Run various reports to perform reasonableness tests (e.g., how many residents are likely to
have certain data elements included or excluded).

Review clinical decision alert overrides to see if they point to data quality issues.
As data quality issues are identified, remediation activities are needed, such as retraining, application
modification, or policy modifications. Ensure that any changes made are documented in your Change
Control log.
Copyright © 2014 Stratis Health.
Section 5 Maintain—Ongoing System Maintenance, Administration, and Data Quality Management - 4
Updated 01-01-14
Download