Patient Record System

1. Patient Record System Jocelyn Garcia, Keri Hawkins, Rolando Javier, Mary McClain University of Phoenix Professor Charles Shubert DBM/381 September 29, 2014

2. Introduction Team B will cover the principles of database design and management as follows: • A discussion of health care data collection standards • Privacy and security risks • Other management considerations • Data management controls • Data ownership • Protection controls • Retention and destruction requirements • Disaster recovery and business continuity plans

3. Data Collection Standards

4. Privacy and Security Risks • Database Administrator is responsible for preventing risk by • Limiting access • Formulating polices • Enforcing security • Monitoring data usage for security violations • Disaster planning • Archiving

5. Other management considerations

6. Data Management Control Data Ownership • governance of data - is responsible for and controls specific data sets in the database. Protection Controls • Rules and limitations- are implemented to protect unauthorized access or distribution of data.

7. Retention and Destruction • Creating and utilizing data is easy; maintaining is more difficult. • Information is prioritized according to usage. • Active vs. Inactive data • Data is eventually destroyed, via methods which make it irretrievable. • Records of the destruction are required.

8. Disaster recovery and business continuity plans

9. Conclusion In conclusion the proper structure of a database is vital when gathering information and implementing regulations. Regulations set the security and privacy of the information being stored. Database Administrators are responsible for preventing any kind of risks that may corrupt or violate security policies. By enforcing policies, determining access privileges, security planning, disaster planning, and archiving reduces risk factors. Additional functions such as evaluation and selecting of a DBMS, maintenance, training, data dictionary management, database design, testing and performance tuning are all responsibilities a DBA has to control.

10. Questions?

11. References 9781133691297, Philip J.Pratt(2012) Concepts of Database Management, seventh edition, Cengage Learning. Retrieved on September 8- 29, 2014 American Health Information Management Association. (2011). Retention and Destruction of Health Information. Retrieved from http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_049252.hcsp? dDocName=bok1_049252 Hock-Chuan, C. (2010). Relational Database Design. Retrieved from http://www.ntu.edu.sg/home/ehchua/programming/sql/Relational_Database_Desig n.html Image of data life cycle. Retrieved September 29, 2014 from http://libguides.gwumc.edu/c.php?g=27779&p=170351 Introduction to the SQL Procedure, lecture one, MA379Advanced SAS, CIS Courseware. Knowledge System Institute(no date). Retrieved on September 19,2014 from http://green.cs.ksi.edu/dl/ma379x/MA379_L1_1.htm Shiflet, A.B. (2002). Entity-Relationship Model. Retrieved from http://wofford-ecs. org/dataandvisualization/ermodel/material.htm

Notas do Editor

Most privacy incidents involve inappropriate access to, or use or disclosure of, patient information. Patient databases are susceptible to privacy and security risks for this primary reason as this is where a patients PHI is stored. Protected Health Information (PHI) is information related to a person’s health care treatment or to payment for health care services. PHI includes information that could reasonably identify an individual (Identifiers) and health information. Security incidents involve an intentional breach of the confidentiality, integrity or availability of electronic patient information such as an attack by a computer virus; a system intrusion by an external intruder; or a violation of an expected security precaution such as not password-protecting a laptop. One way of safeguarding patient information in databases is with passwords and limiting access. Other options include using a secure network, and having a backup plan to save files to a shared drive. Database administrator is responsible for formulating and enforcing policies about security , to prevent unauthorized access to the database. database policy formulation and enforcement include: access privileges, security, disaster planning and archiving.
Advantages:There are several advantages of database management from a management standpoint. The first advantage is for the same amount of data the user can get a lot of relevant information which is finding related information that the user can use. Data can be shared to authorized user, database management system can manage any conflict requirements, and control any redundancy in data. It also increase productivity due to obtaining information that would help in work, database management has built in security which increase the privacy of the information, and it improves the quality of work due to less redundant information which in turn there is a consistency in work productivity. Disadvantages: Management also needs to understand and weigh the disadvantages of database management. Instances of disadvantages include the amount of data could be larger than the amount of storage that company can store, the database management system can be more complex for the customer to understand and therefore may not use it to the fullest potential, and with complexity the user can have problems retrieving information in the database management system resulting in failure. Other database administration functions include: evaluation and selection, maintenance, and training of a DBMS, as well as data dictionary management.
Data management controls are an important part of creating and maintaining a database. Once data is created, that is not the end of the process. That data has to be regulated, maintained, and protected. This applies particularly to the realm of healthcare. Personally identifiable information has to be protected and properly maintained, so that patients can depend upon the care they receive. One thing that is done to ensure proper care for data is assigning data ownership. Not just anyone can access any piece of data, particular pieces of data are assigned to individuals, in order for them to be able to view, edit, and manage that data. By assigning data ownership, it gives a sense of accountability to the people responsible for the data. Because of this, data is handled properly, and with great care. Users make sure everything is correct in the rows and columns they work with, and this comes together as a more complete and reliable database. Another aspect of data management controls is protection controls. This is just what is sounds like. These are rules and limitations in place to protect data. Data should always be used for the intended purpose only. It should also always be properly maintained. Data is also not meant to be distributed without permissions, and these controls help keep data safe in that regard as well.
Once data is created and is being used, that is only the first step in the life cycle of the data within a database. Maintaining data is what can become tricky. In healthcare in particular, data is required to be held for a number of years, even if it is not being actively used. This is because healthcare data should always be readily accessible, in the event that it needs to be viewed or transferrable. After some time, healthcare data can move from being active in inactive. What his means is that data has not been used for some time, and can be stored off site or in other locations (AHIMA, 2011). Storing inactive data in other locations is a way to keep the information without it getting in the way of newer information that is used on a regular basis. Also along this vein of thought, data is prioritized based upon usage. A current patient’s data should be easier to access than a patient who has not been seen in a year, yet the patient who has not been seen should still have information available, should it be needed. There will come a point when patient data about an individual is no longer relevant. When this happens, it can be destroyed. Because healthcare data is so important, it is a very deliberate process that has to go into destroying this data. It should be destroyed according to regulations. This involves shredding paper documents and DVDs, demagnetizing magnetized disks, and other methods that make the data impossible to retrieve. A supervising individual should be present to sign off on the data as well, to confirm it is really and truly gone.
Business continuity planning are processes that help organizations organize and prepare for disaster recovery. Essentially, this is how a company safeguards against things such as viruses and natural disasters and assists in helping expediting the recovery and minimize downtime. According to Pratt, “Disaster recovery refers to the process an business utilizes to recover access to their software, data, and/or hardware that are needed to resume the performance of normal, critical business functions after the event of either a natural disaster or a disaster caused by humans”. (2012)
1)Hock-Chuan, C. (2010). Relational Database Design. Retrieved from http://www.ntu.edu.sg/home/ehchua/programming/sql/Relational_Database_Design.html 2)Shiflet, A.B. (2002). Entity-Relationship Model. Retrieved from http://wofford-ecs.org/dataandvisualization/ermodel/material.htm 3)[Image of data life cycle]. Retrieved September 29, 2014from http://libguides.gwumc.edu/c.php?g=27779&p=170351 4)American Health Information Management Association. (2011). Retention and Destruction of Health Information. Retrieved from http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_049252.hcsp?dDocName=bok1_049252 5) 9781133691297, Philip J.Pratt(2012) Concepts of Database Management, seventh edition, Cengage Learning. Retrieved on September 8- 29, 2014 6) Introduction to the SQL Procedure, lecture one, MA379Advanced SAS, CIS Courseware.Knowledge System Institute(no date). Retrieved on September 19,2014 from http://green.cs.ksi.edu/dl/ma379x/MA379_L1_1.htm

Patient Record System

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (19)

Semelhante a Patient Record System

Semelhante a Patient Record System (20)

Último

Último (20)

Patient Record System

Notas do Editor