SlideShare uma empresa Scribd logo

Medical Clinic - Daragh O Brien

Transferir como PPTX, PDF
H
healthcareisi
TecnologiaNegócios
1 de 29
Medical Clinic Data Protection & Data Quality Review
Agenda • Background and Overview • Summary of Report Findings – Maturity Ranking – The Good (Things to be commended) – The Bad (Issues causing concern) – The Ugly (Serious Compliance issues/risks) • Recommendations
BACKGROUND & OVERVIEW
Context • Data Protection Compliance = Risk – Risk to Trust – Risk to Revenue – Risk to Brand • Data Quality Issues = Cost + Risk – Risk of wrong treatment – Risk of underutilised resources – Cost of checking and rechecking data
The Methodology Face to Face Qualitative Interviews Observations made while on-site Research & Review of Best Practice
THE FINDINGS
Summary of Findings Some good things found. 12 areas of concern/weakness 6 critical risks to Compliance found
Maturity Assessment Value Centric Management Optimising State of the Art Practices & Outcomes Information Value quantified and communicated Advanced Practices and outcomes well above industry average Interactions formalised for critical processes Data Protection Target Intermediate Transparent Investment Decisions Basic IT Services being delivered Basic Some interactions/processes formalised Data Protection Maturity No formal processes Initial Ad hoc Management Based on IVI IT-CMF framework
CRITICAL RISKS Data Controller (??) Data Processor (??)
Critical Risks Patient file: Mr Smith • Patient data being transferred by email without encryption/security • Email forwarding to external services a concern
CRITICAL RISK No defined Data Security Breach Process
CRITICAL RISK Personal and Sensitive Personal data being managed and transferred in Spreadsheets
CRITICAL RISK Little or no segregation of inbound and outbound patient data
CRITICAL RISK Registry Entry for Hospital with DPC is inaccurate
Compliance Issues Classification/Categorisation of Information No Formal Governance framework for Data Policies/Procedures/Process • Absent or poorly defined • May not reflect DP Obligations
Compliance Issues No training in Data Protection No consistency in formal training in systems – a lot of ‘informal’ learning The absence of “role based” access to personal data in systems is a concern
Compliance Issues No verifiable evidence of good behaviours being followed No formal or consistent “Leavers/Movers” process to restrict access to records CCTV Signage does not meet DPA requirements
12 STEP PROGRAMME
12 Step Plan Governance & Policy Issues Training and Awareness Technical & Technology Issues
Governance Issues Formalise Data Controller/Data Processor Relationships Implement formal Define appropriate Information Governance Policies, Procedures & Metrics Review appropriateness of email forwarding. Define Leaver/Movers Define clear policy process to encompass all systems and manual data Conduct Audit of Manual Data Storage/Disposal Review existing (Clean Desk Policies) Disclosure policies to ensure DPA requirements met.
Technology Issues Implement Role based access to electronic data (where possible) Implement Segregation between “Data In” and “Data Out” Inspect Data Redundancy (e.g. Spreadsheets) Assess need and secure Review existing Disclosure policies to ensure DPA requirements met.
Training & Awareness Issues Implement Training on DP/DQ to key target audiences Coupled with the roll out and implementation of Training, we would recommend that supporting activities be developed to help make culture change stick e.g.: • “Story” development to lock in the learning • Internal Communication plans • Continuous Improvement
SAMPLE GOVERNANCE MODELS
Governance Model 1 Advisory External Expert Chair CEO Consultants (DPO) HR IT Information Governance Bus Steering Group Patient Svcs Apps JCI Nursing Radiology Finance
Governance Model 2 Chair External CEO Expert Consultants (DPO) HR IT Information Governance Bus Steering Group Patient Svcs Apps JCI Nursing Radiology Finance
Governance Model 3 External Expert Bus Apps Consultants (DPO) IT HR Information Governance CEO Steering Group Patient Svcs JCI Nursing Radiology Finance Effective Model for Project Management Least Preferred Option for on-going Governance
Evolving from Excellent Project to Effective Governance Project Governance Governance Model 1 Governance Model 2 Governance Model 3 Project Execution Transition & Bed-in Operational & Effective
Summary 1. Ensure all staff know WHAT needs to be done – (Policies, Procedures & Training) 2. Ensure all staff know WHY it needs to be done – (Culture change, align with values) 3. Ensure all staff know HOW it needs to be done – Governance, Policies, Training) 4. Ensure all staff know WHO is doing it – (Governance, Policies, Contractual issues) 5. Ensure the Clinic can demonstrate THAT IT HAS been done – (Metrics, Governance, Reporting)
In conclusion.... Best efforts are essential. Unfortunately, best efforts, people charging this way and that way without the guidance of principles, can do a lot of damage. W. Edwards Deming Think of the chaos that would come Out of the Crisis if everyone did his best, not knowing what to do.

Recomendados

Making Informed Decision
Making Informed DecisionMaking Informed Decision
Making Informed Decision
euweben01
 
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA
 
Confronting The Paradox Of Information Technology In Healthv2
Confronting The Paradox Of Information Technology In Healthv2Confronting The Paradox Of Information Technology In Healthv2
Confronting The Paradox Of Information Technology In Healthv2
HealthXn
 
IDAS and the Accounting Professional
IDAS and the Accounting ProfessionalIDAS and the Accounting Professional
IDAS and the Accounting Professional
Micheal Axelsen
 
Public safety and intellectual capital
Public safety and intellectual capitalPublic safety and intellectual capital
Public safety and intellectual capital
David G. Jones
 
Making your metadata governance program for unstructured content sustainable
Making your metadata governance program for unstructured content sustainableMaking your metadata governance program for unstructured content sustainable
Making your metadata governance program for unstructured content sustainable
Alix Kneifel
 
How to Better Manage Your IT Infrastructure
How to Better Manage Your IT InfrastructureHow to Better Manage Your IT Infrastructure
How to Better Manage Your IT Infrastructure
Edarat Group
 
Techserv Brochure
Techserv BrochureTechserv Brochure
Techserv Brochure
guest8a430d
 

Recomendados

Making Informed Decision
Making Informed DecisionMaking Informed Decision
Making Informed Decision
euweben01
 
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA: "Optimize Your Data Protection Investment for Bottom Line Resul...
Raleigh ISSA
 
Confronting The Paradox Of Information Technology In Healthv2
Confronting The Paradox Of Information Technology In Healthv2Confronting The Paradox Of Information Technology In Healthv2
Confronting The Paradox Of Information Technology In Healthv2
HealthXn
 
IDAS and the Accounting Professional
IDAS and the Accounting ProfessionalIDAS and the Accounting Professional
IDAS and the Accounting Professional
Micheal Axelsen
 
Public safety and intellectual capital
Public safety and intellectual capitalPublic safety and intellectual capital
Public safety and intellectual capital
David G. Jones
 
Making your metadata governance program for unstructured content sustainable
Making your metadata governance program for unstructured content sustainableMaking your metadata governance program for unstructured content sustainable
Making your metadata governance program for unstructured content sustainable
Alix Kneifel
 
How to Better Manage Your IT Infrastructure
How to Better Manage Your IT InfrastructureHow to Better Manage Your IT Infrastructure
How to Better Manage Your IT Infrastructure
Edarat Group
 
Techserv Brochure
Techserv BrochureTechserv Brochure
Techserv Brochure
guest8a430d
 
The Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster RecoveryThe Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster Recovery
InnoTech
 
Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02
areeb siddiqui
 
Considerations When Building e-Discovery
Considerations When Building e-Discovery Considerations When Building e-Discovery
Considerations When Building e-Discovery
David Kearney
 
Gaining Competitive Advantage Through Risk Data Governance
Gaining Competitive Advantage Through Risk Data GovernanceGaining Competitive Advantage Through Risk Data Governance
Gaining Competitive Advantage Through Risk Data Governance
Infosys
 
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
yisbat
 
121211 depfac ulb_master_presentation_v5_1
121211 depfac ulb_master_presentation_v5_1121211 depfac ulb_master_presentation_v5_1
121211 depfac ulb_master_presentation_v5_1
Thibaut De Vylder
 
How to implement ECM?
How to implement ECM?How to implement ECM?
How to implement ECM?
Atle Skjekkeland
 
6 computer systems
6 computer systems6 computer systems
6 computer systems
hccit
 
Dit yvol3iss34
Dit yvol3iss34Dit yvol3iss34
Dit yvol3iss34
Rick Lemieux
 
Moving to a New "Business as Usual" after COVID-19
Moving to a New "Business as Usual" after COVID-19 Moving to a New "Business as Usual" after COVID-19
Moving to a New "Business as Usual" after COVID-19
PECB
 
James Binder resume
James Binder resumeJames Binder resume
James Binder resume
binderj58
 
IT Governance for Board Members
IT Governance for Board MembersIT Governance for Board Members
IT Governance for Board Members
Bill Clark
 
Introduction & EHR Benefits Realization
Introduction & EHR Benefits RealizationIntroduction & EHR Benefits Realization
Introduction & EHR Benefits Realization
Dave Shiple
 
Business/Clinical Intelligence
Business/Clinical IntelligenceBusiness/Clinical Intelligence
Business/Clinical Intelligence
Cynthia Davis
 
Commissioning And Procurement
Commissioning And ProcurementCommissioning And Procurement
Commissioning And Procurement
alecfraher
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
Spencer Nelson
 
Group decision support systems (gdss)
Group decision support systems (gdss)Group decision support systems (gdss)
Group decision support systems (gdss)
Mihir joshi
 
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
360 BSI
 
National Patient Safety Foundation 2012 Dashboard Demo
National Patient Safety Foundation 2012 Dashboard DemoNational Patient Safety Foundation 2012 Dashboard Demo
National Patient Safety Foundation 2012 Dashboard Demo
Edgewater
 
From DQ to DG
From DQ to DGFrom DQ to DG
From DQ to DG
Jorge Garcia
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
tlknecht
 
Chris Vanderweylan
Chris VanderweylanChris Vanderweylan
Chris Vanderweylan
ozewai
 

Mais conteúdo relacionado

Mais procurados

Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02
areeb siddiqui
 
Considerations When Building e-Discovery
Considerations When Building e-Discovery Considerations When Building e-Discovery
Considerations When Building e-Discovery
David Kearney
 
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
yisbat
 
6 computer systems
6 computer systems6 computer systems
6 computer systems
hccit
 
James Binder resume
James Binder resumeJames Binder resume
James Binder resume
binderj58
 
Introduction & EHR Benefits Realization
Introduction & EHR Benefits RealizationIntroduction & EHR Benefits Realization
Introduction & EHR Benefits Realization
Dave Shiple
 
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
360 BSI
 

Mais procurados (18)

The Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster RecoveryThe Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster Recovery
 
Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02Knowledgemanagementsystempriyank 141223003741-conversion-gate02
Knowledgemanagementsystempriyank 141223003741-conversion-gate02
 
Considerations When Building e-Discovery
Considerations When Building e-Discovery Considerations When Building e-Discovery
Considerations When Building e-Discovery
 
Gaining Competitive Advantage Through Risk Data Governance
Gaining Competitive Advantage Through Risk Data GovernanceGaining Competitive Advantage Through Risk Data Governance
Gaining Competitive Advantage Through Risk Data Governance
 
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
Digital Fuel- Achieving IT cost visibility-Id gresearch cio_study_1009
 
121211 depfac ulb_master_presentation_v5_1
121211 depfac ulb_master_presentation_v5_1121211 depfac ulb_master_presentation_v5_1
121211 depfac ulb_master_presentation_v5_1
 
How to implement ECM?
How to implement ECM?How to implement ECM?
How to implement ECM?
 
6 computer systems
6 computer systems6 computer systems
6 computer systems
 
Dit yvol3iss34
Dit yvol3iss34Dit yvol3iss34
Dit yvol3iss34
 
Moving to a New "Business as Usual" after COVID-19
Moving to a New "Business as Usual" after COVID-19 Moving to a New "Business as Usual" after COVID-19
Moving to a New "Business as Usual" after COVID-19
 
James Binder resume
James Binder resumeJames Binder resume
James Binder resume
 
IT Governance for Board Members
IT Governance for Board MembersIT Governance for Board Members
IT Governance for Board Members
 
Introduction & EHR Benefits Realization
Introduction & EHR Benefits RealizationIntroduction & EHR Benefits Realization
Introduction & EHR Benefits Realization
 
Business/Clinical Intelligence
Business/Clinical IntelligenceBusiness/Clinical Intelligence
Business/Clinical Intelligence
 
Commissioning And Procurement
Commissioning And ProcurementCommissioning And Procurement
Commissioning And Procurement
 
NJVC Brochure
NJVC BrochureNJVC Brochure
NJVC Brochure
 
Group decision support systems (gdss)
Group decision support systems (gdss)Group decision support systems (gdss)
Group decision support systems (gdss)
 
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
Business Continuity & Disaster Recovery Planning, 30 November - 02 December 2...
 

Semelhante a Medical Clinic - Daragh O Brien

Chris Vanderweylan
Chris VanderweylanChris Vanderweylan
Chris Vanderweylan
ozewai
 
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
Vinoth Kumar T
 
Big data governance as a corporate governance imperative
Big data governance as a corporate governance imperativeBig data governance as a corporate governance imperative
Big data governance as a corporate governance imperative
Guy Pearce
 
Data-Ed Webinar: Data Quality Engineering
Data-Ed Webinar: Data Quality EngineeringData-Ed Webinar: Data Quality Engineering
Data-Ed Webinar: Data Quality Engineering
DATAVERSITY
 
It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yung
norsaidatul_akmar
 

Semelhante a Medical Clinic - Daragh O Brien (20)

National Patient Safety Foundation 2012 Dashboard Demo
National Patient Safety Foundation 2012 Dashboard DemoNational Patient Safety Foundation 2012 Dashboard Demo
National Patient Safety Foundation 2012 Dashboard Demo
 
From DQ to DG
From DQ to DGFrom DQ to DG
From DQ to DG
 
Frameworks For Predictability
Frameworks For PredictabilityFrameworks For Predictability
Frameworks For Predictability
 
Chris Vanderweylan
Chris VanderweylanChris Vanderweylan
Chris Vanderweylan
 
Most Common Data Governance Challenges in the Digital Economy
Most Common Data Governance Challenges in the Digital EconomyMost Common Data Governance Challenges in the Digital Economy
Most Common Data Governance Challenges in the Digital Economy
 
Critical Success Factors
Critical Success FactorsCritical Success Factors
Critical Success Factors
 
Business Intelligence Analysis - The key to organisational and business success
Business Intelligence Analysis - The key to organisational and business successBusiness Intelligence Analysis - The key to organisational and business success
Business Intelligence Analysis - The key to organisational and business success
 
Accelerating Your Move to Value-Based Care
Accelerating Your Move to Value-Based CareAccelerating Your Move to Value-Based Care
Accelerating Your Move to Value-Based Care
 
Why data governance is the new buzz?
Why data governance is the new buzz?Why data governance is the new buzz?
Why data governance is the new buzz?
 
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
Selecting Core Clinical  It Solutions For Life Sciences Organizations – Key S...
 
Adopting Health IT: What, Why, and How?
Adopting Health IT: What, Why, and How?Adopting Health IT: What, Why, and How?
Adopting Health IT: What, Why, and How?
 
Financial Management For It Services Brochure
Financial Management For It Services BrochureFinancial Management For It Services Brochure
Financial Management For It Services Brochure
 
Using information management to support data driven actions
Using information management to support data driven actionsUsing information management to support data driven actions
Using information management to support data driven actions
 
Big data governance as a corporate governance imperative
Big data governance as a corporate governance imperativeBig data governance as a corporate governance imperative
Big data governance as a corporate governance imperative
 
Introduction to Data Governance
Introduction to Data GovernanceIntroduction to Data Governance
Introduction to Data Governance
 
DataGovernance_and_Management_NCI_20220531.pdf
DataGovernance_and_Management_NCI_20220531.pdfDataGovernance_and_Management_NCI_20220531.pdf
DataGovernance_and_Management_NCI_20220531.pdf
 
Data-Ed Webinar: Data Quality Engineering
Data-Ed Webinar: Data Quality EngineeringData-Ed Webinar: Data Quality Engineering
Data-Ed Webinar: Data Quality Engineering
 
2014 dqe handouts
2014 dqe handouts2014 dqe handouts
2014 dqe handouts
 
Not What You Think: A Simple Approach to Scalable Access of CMS Data
Not What You Think: A Simple Approach to Scalable Access of CMS DataNot What You Think: A Simple Approach to Scalable Access of CMS Data
Not What You Think: A Simple Approach to Scalable Access of CMS Data
 
It governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yungIt governance in_higher_education_by_james_yung
It governance in_higher_education_by_james_yung
 

Mais de healthcareisi

Gerard Hurl - Industry Presentation 26-04-12
Gerard Hurl - Industry Presentation 26-04-12Gerard Hurl - Industry Presentation 26-04-12
Gerard Hurl - Industry Presentation 26-04-12
healthcareisi
 
Using Technology To Help People - Ilana Rozannes
Using Technology To Help People - Ilana RozannesUsing Technology To Help People - Ilana Rozannes
Using Technology To Help People - Ilana Rozannes
healthcareisi
 
The Electronic Medical Record - David Beausang
The Electronic Medical Record - David BeausangThe Electronic Medical Record - David Beausang
The Electronic Medical Record - David Beausang
healthcareisi
 
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
healthcareisi
 
Telehealth In Southampton - C Webb
Telehealth In Southampton - C WebbTelehealth In Southampton - C Webb
Telehealth In Southampton - C Webb
healthcareisi
 
Stroke Teleconsultation - Paul McCullagh
Stroke Teleconsultation - Paul McCullaghStroke Teleconsultation - Paul McCullagh
Stroke Teleconsultation - Paul McCullagh
healthcareisi
 
Software As Device - Frank Maxwell
Software As Device - Frank MaxwellSoftware As Device - Frank Maxwell
Software As Device - Frank Maxwell
healthcareisi
 
Real Life In Real Time - Shimmer Research
Real Life In Real Time - Shimmer ResearchReal Life In Real Time - Shimmer Research
Real Life In Real Time - Shimmer Research
healthcareisi
 
Recommendations For Unique Health Identifiers - Tracy O'Carroll
Recommendations For Unique Health Identifiers - Tracy O'CarrollRecommendations For Unique Health Identifiers - Tracy O'Carroll
Recommendations For Unique Health Identifiers - Tracy O'Carroll
healthcareisi
 
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
healthcareisi
 
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul ComacRaising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
healthcareisi
 
Progress With Professionalism - Jean Roberts
Progress With Professionalism - Jean RobertsProgress With Professionalism - Jean Roberts
Progress With Professionalism - Jean Roberts
healthcareisi
 
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
healthcareisi
 
Patient Journey Record(pajr) - Jing Su
Patient Journey Record(pajr) - Jing SuPatient Journey Record(pajr) - Jing Su
Patient Journey Record(pajr) - Jing Su
healthcareisi
 
Nursing Clinical Informatics - Suzanne Brown
Nursing Clinical Informatics - Suzanne BrownNursing Clinical Informatics - Suzanne Brown
Nursing Clinical Informatics - Suzanne Brown
healthcareisi
 
NI Electronic Care Record - Des O'Loan
NI Electronic Care Record - Des O'LoanNI Electronic Care Record - Des O'Loan
NI Electronic Care Record - Des O'Loan
healthcareisi
 
NHS Scotland Ehealth Strategy - Alan Hyslop
NHS Scotland Ehealth Strategy - Alan HyslopNHS Scotland Ehealth Strategy - Alan Hyslop
NHS Scotland Ehealth Strategy - Alan Hyslop
healthcareisi
 
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
healthcareisi
 
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
healthcareisi
 
Lessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
Lessons Learnt From The Evaluation Of Reminding Aids - Chris NugentLessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
Lessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
healthcareisi
 

Mais de healthcareisi (20)

Gerard Hurl - Industry Presentation 26-04-12
Gerard Hurl - Industry Presentation 26-04-12Gerard Hurl - Industry Presentation 26-04-12
Gerard Hurl - Industry Presentation 26-04-12
 
Using Technology To Help People - Ilana Rozannes
Using Technology To Help People - Ilana RozannesUsing Technology To Help People - Ilana Rozannes
Using Technology To Help People - Ilana Rozannes
 
The Electronic Medical Record - David Beausang
The Electronic Medical Record - David BeausangThe Electronic Medical Record - David Beausang
The Electronic Medical Record - David Beausang
 
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
The Effects Of Ischemia On The Estimation Accuracy Of A Reduced Lead System ...
 
Telehealth In Southampton - C Webb
Telehealth In Southampton - C WebbTelehealth In Southampton - C Webb
Telehealth In Southampton - C Webb
 
Stroke Teleconsultation - Paul McCullagh
Stroke Teleconsultation - Paul McCullaghStroke Teleconsultation - Paul McCullagh
Stroke Teleconsultation - Paul McCullagh
 
Software As Device - Frank Maxwell
Software As Device - Frank MaxwellSoftware As Device - Frank Maxwell
Software As Device - Frank Maxwell
 
Real Life In Real Time - Shimmer Research
Real Life In Real Time - Shimmer ResearchReal Life In Real Time - Shimmer Research
Real Life In Real Time - Shimmer Research
 
Recommendations For Unique Health Identifiers - Tracy O'Carroll
Recommendations For Unique Health Identifiers - Tracy O'CarrollRecommendations For Unique Health Identifiers - Tracy O'Carroll
Recommendations For Unique Health Identifiers - Tracy O'Carroll
 
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
Recognising Human Factors In Evaluating User Interfaces In Healthcare - Bridg...
 
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul ComacRaising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
Raising The Level Of ICT Knowledge and Skills In The HSC - Paul Comac
 
Progress With Professionalism - Jean Roberts
Progress With Professionalism - Jean RobertsProgress With Professionalism - Jean Roberts
Progress With Professionalism - Jean Roberts
 
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
Professional Development Of Health Informatics In Northern Ireland - Paul Mc ...
 
Patient Journey Record(pajr) - Jing Su
Patient Journey Record(pajr) - Jing SuPatient Journey Record(pajr) - Jing Su
Patient Journey Record(pajr) - Jing Su
 
Nursing Clinical Informatics - Suzanne Brown
Nursing Clinical Informatics - Suzanne BrownNursing Clinical Informatics - Suzanne Brown
Nursing Clinical Informatics - Suzanne Brown
 
NI Electronic Care Record - Des O'Loan
NI Electronic Care Record - Des O'LoanNI Electronic Care Record - Des O'Loan
NI Electronic Care Record - Des O'Loan
 
NHS Scotland Ehealth Strategy - Alan Hyslop
NHS Scotland Ehealth Strategy - Alan HyslopNHS Scotland Ehealth Strategy - Alan Hyslop
NHS Scotland Ehealth Strategy - Alan Hyslop
 
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
Multidisciplinary Team Experience In The Incorporation Of Pacs And Realtime E...
 
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
Making Sense Of Ubiquitous Health Information A Cross Generational Study - Ka...
 
Lessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
Lessons Learnt From The Evaluation Of Reminding Aids - Chris NugentLessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
Lessons Learnt From The Evaluation Of Reminding Aids - Chris Nugent
 

Último

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 

Último (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 

Medical Clinic - Daragh O Brien

  • 1. Medical Clinic Data Protection & Data Quality Review
  • 2. Agenda • Background and Overview • Summary of Report Findings – Maturity Ranking – The Good (Things to be commended) – The Bad (Issues causing concern) – The Ugly (Serious Compliance issues/risks) • Recommendations
  • 4. Context • Data Protection Compliance = Risk – Risk to Trust – Risk to Revenue – Risk to Brand • Data Quality Issues = Cost + Risk – Risk of wrong treatment – Risk of underutilised resources – Cost of checking and rechecking data
  • 5. The Methodology Face to Face Qualitative Interviews Observations made while on-site Research & Review of Best Practice
  • 7. Summary of Findings Some good things found. 12 areas of concern/weakness 6 critical risks to Compliance found
  • 8. Maturity Assessment Value Centric Management Optimising State of the Art Practices & Outcomes Information Value quantified and communicated Advanced Practices and outcomes well above industry average Interactions formalised for critical processes Data Protection Target Intermediate Transparent Investment Decisions Basic IT Services being delivered Basic Some interactions/processes formalised Data Protection Maturity No formal processes Initial Ad hoc Management Based on IVI IT-CMF framework
  • 9. CRITICAL RISKS Data Controller (??) Data Processor (??)
  • 10. Critical Risks Patient file: Mr Smith • Patient data being transferred by email without encryption/security • Email forwarding to external services a concern
  • 11. CRITICAL RISK No defined Data Security Breach Process
  • 12. CRITICAL RISK Personal and Sensitive Personal data being managed and transferred in Spreadsheets
  • 13. CRITICAL RISK Little or no segregation of inbound and outbound patient data
  • 14. CRITICAL RISK Registry Entry for Hospital with DPC is inaccurate
  • 15. Compliance Issues Classification/Categorisation of Information No Formal Governance framework for Data Policies/Procedures/Process • Absent or poorly defined • May not reflect DP Obligations
  • 16. Compliance Issues No training in Data Protection No consistency in formal training in systems – a lot of ‘informal’ learning The absence of “role based” access to personal data in systems is a concern
  • 17. Compliance Issues No verifiable evidence of good behaviours being followed No formal or consistent “Leavers/Movers” process to restrict access to records CCTV Signage does not meet DPA requirements
  • 19. 12 Step Plan Governance & Policy Issues Training and Awareness Technical & Technology Issues
  • 20. Governance Issues Formalise Data Controller/Data Processor Relationships Implement formal Define appropriate Information Governance Policies, Procedures & Metrics Review appropriateness of email forwarding. Define Leaver/Movers Define clear policy process to encompass all systems and manual data Conduct Audit of Manual Data Storage/Disposal Review existing (Clean Desk Policies) Disclosure policies to ensure DPA requirements met.
  • 21. Technology Issues Implement Role based access to electronic data (where possible) Implement Segregation between “Data In” and “Data Out” Inspect Data Redundancy (e.g. Spreadsheets) Assess need and secure Review existing Disclosure policies to ensure DPA requirements met.
  • 22. Training & Awareness Issues Implement Training on DP/DQ to key target audiences Coupled with the roll out and implementation of Training, we would recommend that supporting activities be developed to help make culture change stick e.g.: • “Story” development to lock in the learning • Internal Communication plans • Continuous Improvement
  • 24. Governance Model 1 Advisory External Expert Chair CEO Consultants (DPO) HR IT Information Governance Bus Steering Group Patient Svcs Apps JCI Nursing Radiology Finance
  • 25. Governance Model 2 Chair External CEO Expert Consultants (DPO) HR IT Information Governance Bus Steering Group Patient Svcs Apps JCI Nursing Radiology Finance
  • 26. Governance Model 3 External Expert Bus Apps Consultants (DPO) IT HR Information Governance CEO Steering Group Patient Svcs JCI Nursing Radiology Finance Effective Model for Project Management Least Preferred Option for on-going Governance
  • 27. Evolving from Excellent Project to Effective Governance Project Governance Governance Model 1 Governance Model 2 Governance Model 3 Project Execution Transition & Bed-in Operational & Effective
  • 28. Summary 1. Ensure all staff know WHAT needs to be done – (Policies, Procedures & Training) 2. Ensure all staff know WHY it needs to be done – (Culture change, align with values) 3. Ensure all staff know HOW it needs to be done – Governance, Policies, Training) 4. Ensure all staff know WHO is doing it – (Governance, Policies, Contractual issues) 5. Ensure the Clinic can demonstrate THAT IT HAS been done – (Metrics, Governance, Reporting)
  • 29. In conclusion.... Best efforts are essential. Unfortunately, best efforts, people charging this way and that way without the guidance of principles, can do a lot of damage. W. Edwards Deming Think of the chaos that would come Out of the Crisis if everyone did his best, not knowing what to do.

Notas do Editor

  1. One point to make here is that by reaching the DP target, SSC would likely be considered “Advanced” in the Healthcare context because of the generally poor standards that exist in Irish Healthcare sector.The improved governance of Information will contribute to improvements in data quality as a by-product of care and attention.
  2. This is akin to not having a fire drill and not having a hygiene policy. A process must be defined that ensures the organisation not only can tick the box of having a policy but can effectively execute the process and procedures should an incident happen.You do not wait for a fire before figuring out how to evacuate the building and who is responsible for doing what.
  3. Policies, Procedures, Metrics and Evidence are very important and will align with objectives under other Quality Assurance criteria.