Project in Healthcare Business
-
Upload
independent -
Category
Documents
-
view
1 -
download
0
Transcript of Project in Healthcare Business
Project in Healthcare Business
Building the business case for healthcare quality and safety
NAME: ALI ALZAHRANI
ID: 14110466
Building the business case for healthcare quality and safety
1
Part A
Organizational context and understanding of quality and patient safety
The safety of patients must be the priority for healthcare organizations worldwide with many
of the hospitals that are engaged in activities for improving the quality of care, safety and
other outcomes. In spite of all these efforts there must be limited understanding of the reason
to improve efforts of the quality which are successful in some hospitals and others. This study
also reveals that among a number of hospitals that mostly focus on the implementing the
practices in order to prevent the central line associated bloodstream infections, the
experiences and the outcomes of the varied has to be considered by using the same
implementation strategies. Also there were findings that provided some important insights
that how and why there are different strategies for improve the quality that can perform many
actions among the organizations with many different contextual characteristics. The Institute
of US dealing in Medicine and health that called for new approaches in order to manage the
health care quality problems (Adler, 1952).
Rationale for resourcing and implementing quality and patient safety
The medical records are kept to keep the documents of the medical treatment of the patient
that he has undergone in past or is suffering from the current health status. If there are any
treatment plans for future health care and it nowadays considered to be the most integral
component for delivering the quality health care to the patients? The medical record
standards were established during the year 1996 and they were further distributed to the
specialists. there is the regular assess that compliance with the standards and also monitors
the different processes and procedures that the physicians has delivered for the continuous
and coordinated medical care. It is estimated that over 90 percent of the goal of healthcare
organizations can be achieved by keeping medical record standards (Kahn, 1990).
Building the business case for healthcare quality and safety
2
By using the data collected being a part of a multi-center study that is closely examining the
improvements of quality of efforts and also the implementation of recommended practices in
order to prevent the central line associated with the bloodstream infections in the hospitals of
United States. We can also compare and contrast the experiences among the hospitals in
order to understand the better of how and why there are many hospitals that are very
successful by implementation of practice while taking into considering the specific aspects of
the organizational context (Mitchell, 2004).
Frameworks and different options for implementation
The healthcare data has to be changed into some useful information which has to be a main
point of concern to everyone that requires it. A wide variety of technology and research
methods are available to collect and allow for the accuracy of healthcare data. This
transforms data from paper to electronic systems. It is important to maintain the quality of the
data to be preserve certain quality standards for allowing the data to be up to date in
healthcare information systems.Continuous strategies have to be put into place that support
the quality of data and information . A research issue does arise with this which questions the
variability with different solutions. The overall quality of healthcare quality has to be
preserved and being at the right time to support the care and health system for patient
availability. All healthcare organizations must make sure all the technology is up to date to
allow for easy access of data when its required. (Mitchell, 2004).
Building the business case for healthcare quality and safety
3
Specific, measurable expected benefits:
It requires right information which is available at the right time in order to support the patient
care and also the decision of health system. Consensus has to be gained for essential data
content and proper documentation is based on proper standards which are necessary to
maintain for high quality data which is interconnected with the future of healthcare system.
The quality of the data has to be maintained that ensures the information which is useable and
actionable.
Building the business case for healthcare quality and safety
4
Risks associated with implementing healthcare quality and patient safety
In the past time the risk management and improvement in quality functions often operates
separately in all the healthcare organizations and individuals who are responsible for so many
functions that has different lines of reporting while the organizational structure is further
divided into risk management and also in quality improvement. In the risk management and
quality improvement there are efforts in the organizations of healthcare that focus on
improving the patient safety and also finding some ways to work together in order to ensure
effective and efficient ways of the organization in order to deliver the safe and high quality
patient care.
Asset classification and control
Accountability which is related to pharmacy health data as an asset
The policy of test safe must cover the implementation of sound security process in the
community of pharmacy in a security policy.
• Organizational issues
• Assets to be covered by the policy
• Personnel
• Physical security of the pharmacy
• Control of access to computers
• Software lifecycle management
• Incident reporting
• Managing malicious software
Building the business case for healthcare quality and safety
5
• Business continuity issues
• Compliance issues
Cost of quality and patient safety
Document control
An information security officer must have full control and must review the documents and
files of the pharmacy store annually and if the modification is required he must make the
necessary adjustments. If any suggestions or feedback is required for the document must be
provided to the pharmacy security officer. The manger is responsible to approve the security
policy amendments if required and he only appoints the pharmacy security officer and also
supports the implementation of the security policy (Pipkin, 2000).
The security policy and standards
The main objective of the security policy is to maintain and establish an effective information
security that safeguards the users to ensure the confidentiality and integrity of the operations
that is available in the pharmacy and there is no compromise with the information of the
patients. The information which is sensitive must be safeguarded against any unauthorized
disclosure or any destruction to that information. It is the duty of the user and also other staff
members to comply with the protection of the information and also the policies and
procedures detailed in the document (Corrigan, 2004).
Sensitivity of information
The information related to the health is collected by the pharmacy in a position of confidence
and trust and is highly sensitive as it includes personal details of a person.
Building the business case for healthcare quality and safety
6
It is very much important that the health information collected of the patients must be
collected and controlled in relevance with the health information privacy code and also with
other relevant health related legislation. There are also other information that is highly
sensitive which includes the commercial information of the pharmacy and the staff related
information and others (Lang, 1975).
High-level plan
Organization of security of information
Policy statements
There must be maintenance of management framework in order to maintain the pharmacy
computer system in order to co-ordinate and control the implementation of the information
security effectively. The key persons involved in the pharmacy must meet their obligation by
formally assessing the risk and through well-defined responsibilities of the staff.
Pharmacy security officer
Pharmacy manager appoints the pharmacy security officer that is responsible to co-ordinate
the security issues that greatly affects the pharmacy. It is the primary duty of the pharmacy
security officer to properly advise the pharmacy staff on the matter related to the security. He
should inform the pharmacy manager about the major security incidents.
He is also responsible to develop and review the security policy and also plans out to be
approved by the pharmacy manager. He should maintain a list of the entire authorized person
that has access to the pharmacy computer system and to the pharmacy premises. He must
report the security incidents and also the status to the manager of the pharmacy and also
ensures the security policies and standards to meet the health network requirements (Chang,
1992).
Building the business case for healthcare quality and safety
7
Classification of information
There is a varied degree involved with the information as it is highly sensitive and critical.
An additional level of protection and special handling is required for some items. The
classification of information system allows the pharmacy to properly define an appropriate
set of protection levels and also can easily communicate the need to special handle the
process of the staff. It is also necessary to define the classification of some item of the
information and the rest part has to be nominated with information of the owner.
It is also important to handle the procedure to cover the following steps of copying, storage,
transmission of data either through electronic media or by spoken words.
Physical security
Policy Statements
All the hardware and all the health information that is held by the pharmacy has to be
protected from any disclosure and modification. There has to an access by the outside parties
that could reveal the information to eliminate and also render the security that safeguards and
enable the disclosure of the patients information (Andrew, 1999).
General requirements
The areas and the equipment’s in which the information is stored has to be physically secure
and also access to be restricted to authorize only personally. The documentation must be
accessed in respect to the computer systems and there must be personnel restriction
authorized. The persons who are allowed the access to the pharmacy premises must be
Building the business case for healthcare quality and safety
8
accompanied and there must be restriction to those areas that needs to complete their tasks
(Clancy, 2005).
There should be dual lock system that is highly recommended for the entrance of the people
in order to assure highest security when the shop is closed or when there’s no work in the
mall. There should be grilled windows in order to avoid any access to the building through
the windows. Employees must use the back doors of the shop in the mall from where non
employees must not be allowed to get in. There should be restriction on the non-employees to
use the back doors of the shop. It ensures that the information is not discarded and there is
also high safety of the materials being not carried from the back doors (Shojania, 2001).
The information is recorded in information by asset inventory and also nominates the owner
who is responsible to maintain the appropriate control over the asset. The information asset is
equipped to easily access and manipulates the information that is stored in the pharmacy
computer systems. Proper accountability to assets helps to ensure the appropriate protection
maintained and the asset inventory helps to ensure the effective asset protection and is also
useful for other business purposes. There is an important aspect of risk management is the
process of compiling an asset inventory (Lohr, 1988).
Physical vulnerabilities and threats
As the services being provided by the pharmacies is highly probable that the pharmacy
premises and staff will be exposed to intrusion that bears in mind the locations of the
premises. The buildings of pharmacies are mostly located in the cities and towns that are
highly vulnerable to crime and violence. There are also many reasons that will make the
intruders to lead into the pharmacy buildings (Cranley, 2006).
Building the business case for healthcare quality and safety
9
The intruders who enter mostly have malicious motives while accessing into the pharmacy
and this necessity helps to adopt the need and implement the physical security measures by
the store-keeper. There are many examples of physical vulnerabilities and threats and among
all one of them is to manually operate the equipment of the building and in such cases it is
very difficult to avoid the movements like pulling and pushing of items with the help of
trolleys and those steps are ought to be followed that ensures the safety and also reduces the
injury risks (Kahn, 1990).
Proper form of protective dressing can also become a type of major physical risk in the
pharmacy. If the staff does not work using proper dress code like gloves, dust masks and the
goggles can also harm their health. There must also be a first aid kit within the pharmacy is
also a type of physical risk especially for the patients and the staff. There can also be many
other types of threats that require physical security enhancement that includes if there is a
power loss in the store, attack by the intruders in the premises, malicious activities by an
outsider, physical assault on the staff, theft and diversion internally and any kind of robbery
(Nightingale, 1987).
Examples of intruder’s scenes/scenarios
There are many reasons that lead to the intruders to enter into the pharmacy. Mostly the
intruders have negative motives to enter into the stores. The intruders can also be the
employee of the pharmacy who has negative motives if he is fired and want to take revenge
from the company (Harteloh, 2003).
Computer system access control
The services and information must be restricted to only authorize users.
Pharmacy security officer
Building the business case for healthcare quality and safety
10
He must ensure the policies and standards that address all the requirements related to
pharmacy security. The system access procedure must meet the defined requirements and the
data and application must be kept safe from project development environments (Harteloh,
2003).
He must assist users to analyze day to day use of pharmacy computer systems by performing
basic checks and administration functions.
Information access control
The requirement for minimum access control is have valid individuals for user identifications
and also passwords for all the access to the computer. All the successful as well as
unsuccessful accesses to the system must be recorded. It is also necessary to record or display
the last time user log and all the accounts details must be properly recorded and displayed.
The details of the user account must be issued at a formal training session and the new user
must be configured to force a change of the password before logging for the first time.
User logon procedure
The user must also be able to access to the pharmacy computer facilities in order to follow a
secure login process. There should be no display system or any application prompts until the
login process has been completed successfully. The messages must not be provided during
any logon procedure. The logon information must be validated only after completion of all
input data and the time must be limited for the logon procedure but if it exceeds there should
be termination to the logon. The full information must be displayed of all the details
regarding the logon of the members (Shon, 2010).
External network connections and controls
Building the business case for healthcare quality and safety
11
It is inherent risk to the security of the pharmacy of the computer system. There must be a
firewall that protects the connections to other networks. All the firewall must be properly
configured so that they are able to ensure the required level of security. The setting to the
default networks servers must be changed in order to minimize any type of unauthorized
access. There should be no software or other material downloaded without any prior
knowledge and also agreement by the pharmacy security officer (Lohr, 1990).
Security in system life cycle management
Installation of software
It must be approved by the pharmacy security officer all the software’s before installing and
must seek advices from the administrators of the Health Information Network and also
approves the piece of software’s.
Operational of software
The vendors supply the soft wares that are used in operational systems and also a version
must be maintained a level that is supported by the supplier. The pharmacy computer system
also helps to remove and also reduce the security weaknesses and also apply timely manner
with an appropriate consideration of any risk involved that poses vulnerability poses.
Investment appraisal:
An annual report is a report on company’s activities of previous year which intends to give
shareholders and other interested parties information about the activities of the company and
financial activities. They are considered to be as grey literature. As it is necessary for the
companies to prepare and disclose annual reports to be filed under company’s registry.
Companies which are all listed in a stock exchange market have to frequently report to the
stock exchange board.
Building the business case for healthcare quality and safety
12
The current assets of the company increased from $127,867 to $130,026 in the financial year
2009-2008 and the other assets decreased by 39,232 whereas the liabilities of the company
decreased considerably which is a positive sign of growth for the company. In the financial
year 2009 liabilities were $462,153 and in the year 2008 it reduced to $213,450.The liabilities
and equity of the company also reduced. The revenues of the company also reduced from
$462,982 to $421,314 which is a positive sign for the company and the expenses of the
company also reduced from $463,293 to $437,424.
The audited accounts are subject to independent scrutiny with no material mi-statements in
the company’s accounts. An unaudited account is prepared from books, records and
explanations supplied by the company that have no verification procedure. Small companies
are not obliged to carry out an audit. In order to exempt the audit a company has to meet
certain conditions which are set out in the Companies Act 1985. Companies have the choice
of applying exemption and choose to have their accounts audited without any statutory
obligation to do so. According to the financial statements an unaudited statements and
audited statements show a difference of total liabilities and equity of $1000 in the year 2009
but there was no difference in 2008. The audit procedure detects the fraud and error and
highlights the weaknesses in the company system enabling the auditor to advise to make
improvements in their work. It establishes that the company is complying with taxation and
employment legislation and banks do not offer finance facilities to companies if no audit has
been carried out. A purchaser also gets a confidence while purchasing his business if it is
audited and supplier provide better terms to companies with audited accounts. The companies
get a benefit a tax return if the accounts are audited and the errors are also identified before
submitting revenue. Audit also gives an insight into the business which enables them to offer
advice to improve the company’s taxation position (Lang, 2004).
Building the business case for healthcare quality and safety
13
Part B
It includes the separate problem in each medical record in a documented form that shows
illness and medical conditions. It also includes a current medication list. The medication list
also displays the allergies and also adverse reactions that are necessary to be known about the
patient before giving him any type of medication in future. The medical history of a patient
tells about the patient serious illness and any kind of childhood illness that could create
problem in future so that the further medication is not possible for the patients. Certain
notations also have to be given before giving any medication to the patient about the use of
cigarettes and any kind of alcohol substances. It also informs the patient history and physical
related problems that could create a problem in future for presenting complaints. It is also
important to include findings related to the diagnosis problems and any further treatment
given to the patients has to give by proper planning and diagnosing. It is also important to
clinically evaluate and records the findings for each and every visit of the patient. It is also
important to include the unresolved problems from previous visits and also include the
reviews of consultants. An appropriate history has to be maintained for all the people either
its children or adults if they have undergone any kind of diagnosis or therapeutic procedure. It
is even important for healthcare organizations to keep a record of immunization record of the
children and keep it up to date (Corrigan, 2004).
Each and every record includes the patient’s name or ID number and also includes the
personal data of the patients so that it is easy to the patients address conveniently. The
medical record contains the author identification number and other related details. The entries
mentioned must be dated and those entries are included that are legible to someone. The
forms and notes have a specified notation that has follow-up care and visits. All the
information is related in that encounter forms. If it is required to keep the consultation record
Building the business case for healthcare quality and safety
14
then it should be specified in the records. The reports and any other consultation if required
must give their reviews and other information that is related to the patient’s further treatment.
Explicit notation is required to keep a record of follow-up plans (Michael, 2012).
Proper documents must be maintained related to the medical treatment of the person and any
other information related to the hospital visits and other physical therapy reports is
maintained. The records are kept secured and allow easy retrieval of the information that
allows access to authorized personnel only. They should be safeguarded against any loss or
destruction that must be maintained according to the requirement and must be easy
accessible.
The legislative bodies must have easy access to the records on request as and when required,
to inspect and review of such records at no cost. The providers must provide copies of such
records and also allow permit to access to the original medical records for making any
comparisons and if required must submit for examination under the oath ceremony. It is very
necessary to keep and maintain for any further reference of the patients if required the
medical records of the patients for any further reference if required for the patients (Adler,
1952).
There has to be a formal assessment of the risk involved in the implementation that has to be
undertaken by the pharmacy security officer. It’s completely not possible to avoid the
business risk involved with the appropriate technique that identifies and also manage the risk
to minimize any harmful effect to the information. The requirements related to the security
are identified by a methodical assessment of the security risk. The harm that results from the
security failure takes into account the consequences of a loss of integrity and also availability
of the information and the other assets. The realistic involved due to such failure occurs in the
light of prevailing threats and vulnerabilities and also the other controls that are currently
Building the business case for healthcare quality and safety
15
implemented. The assessment will result in determining the appropriate management action
and also the priorities that manage the security risk involved with the patient’s and also
implements the controls on the selected protect against those risks.
The information is recorded in information by asset inventory and also nominates the owner
who is responsible to maintain the appropriate control over the asset. The information asset is
equipped to easily access and manipulates the information that is stored in the pharmacy
computer systems. Proper accountability to assets helps to ensure the appropriate protection
maintained and the asset inventory helps to ensure the effective asset protection and is also
useful for other business purposes. An important aspect of risk management is the process of
compiling an asset inventory. It is very important for the pharmacists to improve the standard
of providing full care to the patients and also reduces the risk of misjudgment that leads to
any kind of harm to the patients and it should also try to enrich the professional lives. It is
only possible only when the information delivered is secure and the community pharmacies
use a test safe to follow a sound process by managing a type of security for those connections
(Eloff, 2003).
In this paper all the areas are highlighted which are required to be considered while
introducing any healthcare safety programs for the patients. The different ways of
implementing them is also being discussed in this chapter that makes us to understand all the
concepts more easily. The use of information technology in implementing newer methods
helps us to keep all the records of the patients from the initial stage till the period the patient
is under medical care (Wandelt, 1976).
Building the business case for healthcare quality and safety
16
References
1. Hiltzik, Michael(January 4,2012), “ Her case shows why healthcare privacy laws
exist.” Los Angeles Times. Retrieved October 18, 2014
2. Kirsch, Michael s. (2004). “Alternative sanctions and the federal tax law: symbols,
shaming and social norm management as a substitute for effective tax policy.”
Retrieved
3. Crowley, Patrick (April 23, 2003). “Meet the purple people bridge.” retrieved
4. McKenna, Francine (2011). “Auditors and Audit Reports: Is the Firm’s “John
Hancock” Enough?” Retrieved October 18, 2014
5. “Concept Release on possible revisions to pcaob standards related to reports on
audited financial statements” Analyzed 22/7/2011. Retrieved October 18, 2014
6. Gilbert W. Joseph and Terry J. Engle (December 2005) “The use of control self-
assessment by independent auditors” The CPA journal, Retrieved October 18, 2014
7. Harris, Shon (2003). All-in-one CISSP Certificate Exam Guide: McGraw-Hill.
Retrieved October 20,2014
8. Harris, Shon (2010). All in one CISSP exam guide. New York. McGraw- Hill.
Retrieved October 20, 2014
9. Bomford, Andrew (1999). “ Echelon spy network revealed”. BBC. Retrieved October
20, 2014
10. Venter.Eloff (2003) A taxanomy for information security technologies.Computer&
security. Retrieved October 20, 2014
11. Pipkin (2000) Information security.Protecting the global enterprise. New York:
Hewlett-Packard Company. Retrieved October 20, 2014
Building the business case for healthcare quality and safety
17
12. Aspden P, Corrigan J, Wolcott J, et al., editors. Patient safety: achieving a new
standard for care. Washington, DC: National Academies Press; 2004. Retrieved
October 20, 2014
13. Adler M, Goman W. Quality. In: Adler M, Goman W, editors. The great ideas: a
syntopicon of great books of the Western world. Chicago: Encyclopedia Britannica;
1952. pp. 513–6. Retrieved October 20, 2014
14. Harteloh PPM. The meaning of quality in health care: a conceptual analysis. Health
Care Analysis. 2003;11(3):259–67. Retrieved October 20, 2014
15. Lang N. Issues in quality assurance in nursing. Paper presented at issues in evaluation
research: an invitational conference; December 10–12, 1975; Kansas City, KS:
American Nurses Association. 1976. Retrieved October 20, 2014
16. Tourangeau AE, Cranley LA, Jeffs L. Impact of nursing on hospital patient mortality:
a focused review and related policy implications. Qual Saf Health Care. 2006
Feb;15(1):4–8. Retrieved October 20, 2014
17. Mitchell PH, Lang NM. Nurse staffing: a structural proxy for hospital quality? Med
Care. 2004 Jan;42(1):1–3. Retrieved October 20, 2014
18. Kahn KL, Keeler EB, Sherwood MJ, et al. Comparing outcomes of care before and
after implementation of the DRG-based prospective payment system. JAMA. 1990
Oct 17;264(15):1984. Retrieved October 20, 2014
19. Rubenstein L, Chang B, Keeler E, et al. Measuring the quality of nursing surveillance
activities for five diseases before and after implementation of the DRG-based
prospective payment system. Paper presented at Patient outcomes research: examining
Building the business case for healthcare quality and safety
18
the effectiveness of nursing practice; 1992; Bethesda, MD. Retrieved October 20,
2014
20. AHRQ PSNet Patient Safety Network. Error chain. [Accessed October 20,
2007]. http://psnet.ahrq.gov/glossary.aspx#E. Retrieved October 20, 2014
21. Aspden P, Corrigan J, Wolcott J, et al., editors. Patient safety: achieving a new
standard for care. Washington, DC: National Academies Press; 2004. Retrieved
October 20, 2014
22. Adler M, Goman W. Quality. In: Adler M, Goman W, editors. The great ideas: a
syntopicon of great books of the Western world. Chicago: Encyclopedia Britannica;
1952. pp. 513–6. Retrieved October 20, 2014
23. Harteloh PPM. The meaning of quality in health care: a conceptual analysis. Health
Care Analysis. 2003;11(3):259–67. Retrieved October 20, 2014
24. Lohr K. Committee to Design a Strategy for Quality Review and Assurance. In:
Medicare, editor. Medicare: a strategy for quality assurance. Vol. 1. Washington, DC:
National Academy Press; 1990. Retrieved October 20, 2014
25. Lohr KN. Outcome measurements: concepts and questions. Inquiry. 1988;25(1):37–
50. Retrieved October 20, 2014
26. Mitchell PH, Lang NM. Framing the problem of measuring and improving healthcare
quality: has the Quality Health Outcomes Model been useful. Med Care. 2004;42:II4–
11. Retrieved October 20, 2014
27. Mitchell PH, Heinrich J, Moritz P, et al. Outcome measures and care delivery
systems: Introduction and purposes of the conference. Medical
Care. 1997;35(11):NS1–5. Retrieved October 20, 2014
Building the business case for healthcare quality and safety
19
28. National Quality Forum. National consensus standards for nursing-sensitive care: an
initial performance measure set.Washington, DC: National Quality Forum; 2004. p.
40. Retrieved October 20, 2014
29. Committee on the Quality of Health Care in America. Crossing the quality chasm: A
new health system for the 21st century. Washington, DC: National Academy Press;
2001. Retrieved October 20, 2014
30. Clancy CM, Farquhar MB, Sharp BA. Patient safety in nursing practice. J Nurs Care
Qual. 2005 Jul–Sep;20(3):193–7. Retrieved October 20, 2014
31. AHRQ PSNet Patient Safety Network. Patient safety. [Accessed October 20,
2007]. http://psnet.ahrq.gov/glossary.aspx#P. Retrieved October 20, 2014
32. Shojania KG, Duncan BW, McDonald KM, et al., editors. Rockville, MD: Agency for
Healthcare Research and Quality; Jul, 2001. Making health care safer: a critical
analysis of patient safety practices Evidence Report/Technology Assessment No 43
(Prepared by the University of California at San Francisco-Stanford Evidence-based
Practice Center under Contract No 290-97-0013) AHRQ Publication No. 01-E058,
Summary. Retrieved October 20, 2014
33. National Quality Forum. Standardizing a patient safety taxonomy: a consensus
report. Washington, DC: National Quality Forum; 2006. Retrieved October 20, 2014
34. Nightingale F. I have done my duty. In: Goldie SM, editor. Florence Nightingale in
the Crimean War, 1854–56.Manchester: Manchester University Press; 1987.
Retrieved October 20, 2014
35. Wandelt MA. Definitions of words germane to evaluation of health care. NLN
Publ. 1976;(15-1611):57–8. Retrieved October 20, 2014