Originally Published February 2001
Potential medical errors, the need for secure information systems integration, and HIPAA compliance are among the factors driving studies of security and identity authentication methods.
The memorable phrase from 2001: A Space Odyssey, "Open the pod-bay doors, HAL," evokes images of the lone explorer threatened by an advanced computer system. Although the dawn of our new century has not been marked by developments as dramatic as those involving HAL, there may be more than a little truth to the film's underlying themes of society's sometimes uncertain relationship with its technology. Modern innovations are indeed startling and are occurring at a near-frantic pace—particularly in the various disciplines of medical care. Some of these developments, however, may pose serious hazards that are difficult to assess and mitigate at the rate such advances are taking place.
The current state of healthcare is generally being shaped by expanding use of microprocessor- and computer-based systems, as well as increasing reliance on Internet-based tools and applications. Telemedicine would be little more than an intriguing concept without this technical foundation. Similarly, the state of the art in such fields as medical imaging, clinical laboratory functions, and patient monitoring is advancing largely as a result of becoming increasingly "connected." But the increased reliance on computer- and Internet-based systems is also posing risks in terms of patient safety and security. Such risks range from confidentiality concerns to more significant threats to the patient as a result of medical errors. Increased industry concern regarding such hazards, in addition to growth in public regulatory pressure, are promoting research and development of more effective methods of ensuring the security of patients and patient records.
MEDICAL ERRORS AND MALPRACTICE ARE TOP ISSUES
Widespread media attention to the 1999 Institute of Medicine report on medical errors quickly brought the issue to the forefront of public attention. A nationwide survey of over 2000 adults conducted last year by the Kaiser Family Foundation (Menlo Park, CA) and the Agency for Healthcare Research and Quality (AHRQ) found that medical errors and malpractice are now among the public's leading measures of healthcare quality. The survey results indicate that people are more concerned about mistakes happening when they are in the hands of the healthcare system than when they are flying on an airplane.
Of course, not all medical errors occur inside hospitals. For example, an examination of pharmacists by the Massachusetts State Board of Registration in Pharmacy estimated that as many as 2.4 million prescriptions each year are improperly filled in that state.
Errors in medication, surgery, and diagnosis are considered the easiest to detect. According to the AHRQ, however, "medical errors may result more frequently from the organization of healthcare delivery and the way that resources are provided to the delivery system." The agency adds that any effort to reduce medical errors in an organization requires changes to the system design. Because they address issues on the system level, use of patient tracking and security systems can support efforts to reduce the potential for these types of medical errors.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT
A number of factors are driving development of improved systems for ensuring the security of patients and patient records. Among these was passage in 1996 of the Health Insurance Portability and Accountability Act (HIPAA). This federal statute established regulations designed to protect health insurance benefits of and sensitive information about the insured. Intended to provide workers who change employment better access to health insurance coverage, HIPAA limits exclusions for preexisting conditions and restrains health plans from denying health insurance to individuals based on health status. In addition, HIPAA mandated the development and implementation of uniform national standards for the secure electronic transmission of healthcare information.
An underlying principle of HIPAA is that the confidentiality of patient records may be threatened by the risk of unauthorized access to the stored information or the interception of such data while it is being transferred from one location or system to another. It has been noted that the potential threat to confidentiality of electronic data is just as serious as the risks associated with the use of paper-based records. In addition, growing reliance on the Internet is generally viewed as posing new challenges and security risks for electronic data.
In addition to requiring establishment of systems to better safeguard patient records, HIPAA mandates that patients must be given easier access to their own health information. The goal was to make it as simple for patients to view that information as it currently is for them to view their own bank statements. To comply with HIPAA requirements, data security systems must incorporate techniques to ensure proof of identity. Adequate authentication is considered to be the only way to differentiate authorized users from potential intruders. Authentication is particularly important in the event that more sophisticated communication methods, such as Internet-based systems, are used.
IDENTIFICATION IS NOT AUTHENTICATION
The foundation of most systems intended to safeguard patients and patient records is the ability to accurately verify the identity of all parties involved—including the patient, caregivers, and administrative or support staff. There is an important distinction, however, between identification and authentication (or verification). Within most common frameworks, the process of identification involves determining the identity of an individual user within a given population, based on characteristics associated with that user without the individual necessarily claiming a specific identity. A computer network, for example, may be set up to identify users accessing the systems at a given time based on connectivity addresses. But the actual identity of a given user cannot be guaranteed without the use of additional tools. Authentication, on the other hand, is used to verify a claim of identity. In the example of the network user, an authentication system would verify the individual's identity claim when the individual provides specific information or a specified set of characteristic such as a personal identification number (PIN), password, or physical attribute.
Although the use of passwords, PINs, or other information may be sufficient for many applications, the security needs of the healthcare environment often demand measures that can offer considerably more robust capabilities. Advanced authentication systems for medical applications are relying more frequently on biometric information, such as fingerprints, voice patterns, or signature verification to ensure user identity. In most situations, some method is used to clearly identify:
Something that is in the individual's possession, such as a smart card.
Something that the user knows, such as a password.
A physical attribute of the user, such as a fingerprint or other biometric information.
The ability to use these parameters consistently and accurately in authenticating a patient's or caregiver's identity is the basis for the security systems being developed for use in healthcare environments. An effective biometric system would offer accurate performance in two different functions. First, it would be incapable of allowing access by an unauthorized person. Second, it would never deny access to an authorized person. Ideally, it would also function in an unobtrusive manner and be compatible with other equipment to be used, enabling it to be merged relatively seamlessly into existing systems within the facility. Because most available systems have their own strengths and weakness, no single solution has yet emerged as the technology leader.
PREVENTING MEDICAL ERRORS
Medical errors involving the incorrect administration of medication or transfusions can have catastrophic results. Although such events often gain significant attention in the popular press, mistakes made in collecting specimens for diagnostic testing can pose equally serious hazards for patients. Blood, bodily fluid, and tissue samples can be mislabeled; samples can be taken at the wrong time; or incorrect quantities can be taken. The results can often be a need for new samples, longer hospitalization, and higher costs. In some cases, the results can be more serious, including misdiagnosis or the subsequent incorrect administration of medication or therapy.
Results of a survey conducted in 1999 suggest that there is limited awareness of specimen identification errors among hospital department managers. Although more than 90% of CEOs and department heads involved in the survey indicated that they were well informed on medication errors within their facilities, less than 70% were well informed of specimen collection errors. In addition, 58% of hospital CEOs and 38% of nursing administrators could not estimate the number of such errors that had taken place at their facilities in the four weeks prior to the survey.
The use of bar code technology is proving to be useful in ensuring specimen collection accuracy, though costs associated with implementation of such systems has often limited facility-wide use. Becton Dickinson (BD; Franklin Lakes, NJ) is among the companies examining the use of bar code technology. BD acquired the IntelliCode division of Med Plus Inc. (Cincinnati) in January 1998. Intellicode had been working on intelligent bar coding systems that can customize labels to improve workflow and had used bar code technology in its warehousing operations. BD realized there was a strong potential for tying the bar coding technology in with its sample administration and disposable products. A new division, BD.id, determined that a novel method could address two significant issues—the need to "positively associate the right specimen with the right patient and eliminate preventable medication errors."
The company has developed Rx and Dx systems for reducing medication and specimen errors using its bar coding technology. Both the Rx and Dx Solutions use the Symbol SPT 1740 handheld device, coupled with Riverbed Technologies' ScoutSync 3.0 software. The Symbol SPT 1740, based on the Palm OS platform, provides bar code scanning capabilities, along with pick lists and pull-down menus for data capture. Riverbed's ScoutSync software provides the simultaneous, two-way communication between multiple Symbol devices and the BD Rx/Dx Server.
According to the company, "The Rx system allows healthcare providers to access vital information about medication dosage and potential drug interactions before administering a drug. Using the Rx system, nurses scan the bar code labels on unit-dose medications and patient wristbands to ensure that the right drug is given to the right patient at the right time. Built-in management reporting tools track missed doses, misidentification, and other errors."
|The Bridge Medication Management System works with bedside computers to reduce medical errors.|
The Dx system, which is used during the collection stage of the specimen management process, is intended to ensure positive identification of the patient. The system can also verify vital collection data. It is designed to print the correct bar code specimen label at the point of collection. The company indicates that this capability eliminates the need to manually write the date, time, and caregiver's name on each tube.
According to Walter Kalmans, the company's marketing director, "The Rx and Dx systems are designed to significantly reduce errors in medication administration and specimen collection. This has a huge impact on our healthcare system, significantly reducing injuries, improving quality, and lowering costs." He estimates that the systems can pay for themselves in less than two years.
Last year, former-president Clinton announced a comprehensive plan for reducing medical errors. Following the announcement, Bridge Medical Inc. (Solana Beach, CA) and Northern Michigan Hospital (Petoskey, MI) began to assess the use of a technology that includes computer networking and bar code scanning to act as a double check before medication is administered.
The Bridge Medication Management System enables nurses to bar code scan the drug to be administered, the patient ID bracelet, and their own ID badge. According to the firm, "The system then verifies the 'five rights'—right patient, right drug, right dose, right time, and right route of administration." The system also ensures that safe dosing levels are being administered and alerts nurses of potential hazards involving medications that may have a similar appearance or name.
The system is designed to be compatible with bedside computers that interact with a radio-frequency-controlled communication system installed in the ceilings of hospital facilities. The configuration allows changes in medications, dosage levels, or other patient information to be communicated between the hospital information systems and the bedside units in order to keep floor nurses abreast of changes.
The system is intended to reduce the possibility for error and to eliminate many of the manual steps that were previously needed in drug administration. Phase one of the program was initiated in 1998 on the hospital's medical and surgical floor. Phase two is currently under way and involves upgrading the system that automates recordkeeping of medication administration, which nurses currently perform manually and is considered time-consuming.
According to Jim Douglas, RN, Bridge Medical's site coordinator at Northern Michigan, the key to error reduction is to use technology to simplify the medication delivery system and continually improve the process. "Many people don't realize that there are more than 65 steps involved in dispensing and delivering one medication, which clearly leaves room for error." He explains, "Rather than expecting perfect performance in these complex systems, we need to use technology as a backup check for humans, who can make mistakes. We should take the information we collect about 'near misses' and find ways to improve the system, reducing the chance that the same 'near miss' could happen again—that's what this program is all about."
The system is capable of automatically recording the time when a medication dose is given, the staff member who administered the medication, and other pertinent information. Reports can be generated that allow managers to monitor the medications given to patients and help hospital staffs identify opportunities for implementing improvements in their procedures for medication administration.
To date, use of the system has been considered successful. "With the system, we have the capability of tracking medication events and determining whether an error was prevented. Without the system, we are unable to identify all errors, let alone near misses, since the clinician involved is often unaware that an error has occurred," said Trudy Day, RN, a clinical nurse manager at Northern Michigan Hospital.