IT disasters in IT hospitals
It is a sad thing that such a thing occured in an IT Hospital but we should all view it as a blessing in disguise. Let the downfall of one hospital's IT system be the cure for others' ailment.Information technology is not something new in Malaysia. Mampu has written many guidelines on incorporating IT system into government administration, not to forget the Ketua Setiausaha (KSU) for the Ministry of Health (MOH) has also signed many directives on the use, maintainence and administration of IT systems in hospitals.
Just go to MOH website and one can see several editions of the directive.
Discussion among users (i.e., the doctors and allied health professionals) in IT hospitals of MOH will all have common themes to report:
1. Implementation was not made with operations in mind. Its mind bongling to have work-process tailored to the IT system. Thus "Technology Facilitating Work Process" is not present in MOH IT hospitals.
2. MOH with its knowledgeable experts from the Engineering and IT Unit seem to forget about systems and data management. Computers are man-made and thus made to its image.
So, like man, it also has its own health to maintain. As physicians, we all know prevention is better than cure. It saves money and improves quality of life. Like regular medical checkup for man, scheduled Periodic Preventive Maintenance is something important in IT that needs attention of its administrators. It includes updating softwares and operating system to the currently available or perhaps still updated by software manufacturer. Is it done up to the standard required?
3. The data storage requirement of a hospital will increase with time. Based on government guidelines all data should be stored and readily available for a duration up to seven years before archived.
In health, seven years is a long duration. As the service expands, so will the number of patients, and so would the capacity of data. As the data capacity increase, so would the demand for network capacity also increase.
So many users are wondering, when was the last upgrade done by the administators. In the normal paper-based hospital records, every three years hospital administrators will look for increase in storage rooms for medical records. In IT hospitals they seem to forget about it.
4. Because the technology implemented does not facilitate work process, when a service expands, IT may be a limiting factor to its expansion. A simple example would be adding new parameters in patient records. As medicine improves and advance, new parameters are always added in patient records.
But it is not so in IT hospitals as adding a new parameter into the data field would lead to exorbitant amount of additional cost perhaps even change in work-process.
5. Use of WhatsApp or any open social media as method of communicating patient's information should never be condoned or said openly. It is violation of confidentiality as it is accessible to anyone whom has access to the phone or the media. The pictures are not even password protected.
It's scarry to read the casualness of Sungai Buloh doctors relating the use of such media to transmit patient information. There are no standard operating guidelines in any hospitals in Malaysia regulating the use of WhatsApp to send images of patients or investigations. It is totally different compared to an email.
MOH may be the only ministry that has different IT system for different hospitals that are not linked to one another and is unable to integrate new parameters.
In the Klang Valley, we have four IT hospitals: Sungai Buloh, Ampang, Selayang and Serdang, but unfortunately patient records cannot be shared between them even if they consent to it.
Patients who have been seen in one will always say to the other, "Doktor tak boleh tengok rekod saya dekat sana pakai komputer. Sini pakai komputer sana pun pakai komputer. Dua-dua hospital kerajaan."
MOH is unique in that sense and cannot be compared to other government service that uses IT system. That statement alone would provide answer to this question: does MOH has a centralised data warehouse for all its IT hospitals?
MOH has actually implemented IT hospitals for more than 10 years now without any concrete future plan on what to do with it. I dare not ask if MOH has proper plan what it will do if IT hospitals face IT terrorism causing irrecoverable damage to the local network.
Back to Sungai Buloh, the question right now that needs to be asked to the hospital would be, do you have the expertise to monitor your IT system and power to regulate your concessionaire on their responsibilities? The answer would be "yes" because the hospital has a complete administrative organisation consisting of:
1. Director
2. Separate deputies in Clinical Management and Administration. IT System comes under scope of Deputy Director of Administration.
3. An Engineering Unit with qualified engineer as its head.
4. An IT Unit with qualified degree holder as its head.
5. Finance Unit that are knowledgable in procurement procedures if upgrades are needed.
6. Concessionaire representative that are available at the discretion of the hospital for any issues related to IT system.
With all this expertise available locally, how can the system maintenance go wrong?
In the absence of disaster, why should the system fail? Perhaps the wrong lies with the lack of vision by MOH officials in planning of IT hospitals.
Without a 10-year vision of "technology facilitated delivery of healthcare", the hospital will not have budget to upgrade and enhance its IT system.
But MOH alone cannot be blamed in this issue; the answer provided by the hospital director has more to be desired in terms of accountability. The manual method mentioned by the director is only pertaining to entering new records of a patient. There is no hardcopy of patient's past medical records available for clinicians to use.
In medicine, past medical records are important and provide valuable information regarding a patient's disease progression.
All patients are unique, making all records important. We rely heavily on past records to know about patients allergy as the use of allergy bracelets and cards are not a common practice in Malaysia.
Will the hospital be accountable should a patient accidentally be given wrong medication during this breakdown?
This is just one of many things that could go wrong in patient care without availability of clinical records. We may soon bear witness to wrong patients receiving wrong surgery due to staff confusion as no clinical record is available for reference.
Do we dare to ask the hospital director how many system breakdowns have occured in this year compared to last year or perhaps the last three years? Maybe the percentage is higher than the rise of dengue cases seen in the hospital itself.
It's timely now for residents in Sungai Buloh to ask the hospital director for his contingency plan should the IT system or servers containing patient records be destroyed in a real disaster.
We pray that the answer would not be "we shall start fresh records using manual methods".
But again, who is the hospital director but an implementer of policy and administrator with limited powers and funding.
The health minister should in the end be accountable for the planning and execution of IT hospitals by his own ministry.
Source: The Malaysian Insider
- See more at: http://mjn-e-news.com.my/oct2014/feature9.html#sthash.1qKNCQlU.dpuf
It is a sad thing that such a thing occured in an IT Hospital but we should all view it as a blessing in disguise. Let the downfall of one hospital's IT system be the cure for others' ailment.
Information technology is not something new in Malaysia. Mampu has written many guidelines on incorporating IT system into government administration, not to forget the Ketua Setiausaha (KSU) for the Ministry of Health (MOH) has also signed many directives on the use, maintainence and administration of IT systems in hospitals.
Just go to MOH website and one can see several editions of the directive.
Discussion among users (i.e., the doctors and allied health professionals) in IT hospitals of MOH will all have common themes to report:
1. Implementation was not made with operations in mind. Its mind bongling to have work-process tailored to the IT system. Thus "Technology Facilitating Work Process" is not present in MOH IT hospitals.
2. MOH with its knowledgeable experts from the Engineering and IT Unit seem to forget about systems and data management. Computers are man-made and thus made to its image.
So, like man, it also has its own health to maintain. As physicians, we all know prevention is better than cure. It saves money and improves quality of life. Like regular medical checkup for man, scheduled Periodic Preventive Maintenance is something important in IT that needs attention of its administrators. It includes updating softwares and operating system to the currently available or perhaps still updated by software manufacturer. Is it done up to the standard required?
3. The data storage requirement of a hospital will increase with time. Based on government guidelines all data should be stored and readily available for a duration up to seven years before archived.
In health, seven years is a long duration. As the service expands, so will the number of patients, and so would the capacity of data. As the data capacity increase, so would the demand for network capacity also increase.
So many users are wondering, when was the last upgrade done by the administators. In the normal paper-based hospital records, every three years hospital administrators will look for increase in storage rooms for medical records. In IT hospitals they seem to forget about it.
4. Because the technology implemented does not facilitate work process, when a service expands, IT may be a limiting factor to its expansion. A simple example would be adding new parameters in patient records. As medicine improves and advance, new parameters are always added in patient records.
But it is not so in IT hospitals as adding a new parameter into the data field would lead to exorbitant amount of additional cost perhaps even change in work-process.
5. Use of WhatsApp or any open social media as method of communicating patient's information should never be condoned or said openly. It is violation of confidentiality as it is accessible to anyone whom has access to the phone or the media. The pictures are not even password protected.
It's scarry to read the casualness of Sungai Buloh doctors relating the use of such media to transmit patient information. There are no standard operating guidelines in any hospitals in Malaysia regulating the use of WhatsApp to send images of patients or investigations. It is totally different compared to an email.
MOH may be the only ministry that has different IT system for different hospitals that are not linked to one another and is unable to integrate new parameters.
In the Klang Valley, we have four IT hospitals: Sungai Buloh, Ampang, Selayang and Serdang, but unfortunately patient records cannot be shared between them even if they consent to it.
Patients who have been seen in one will always say to the other, "Doktor tak boleh tengok rekod saya dekat sana pakai komputer. Sini pakai komputer sana pun pakai komputer. Dua-dua hospital kerajaan."
MOH is unique in that sense and cannot be compared to other government service that uses IT system. That statement alone would provide answer to this question: does MOH has a centralised data warehouse for all its IT hospitals?
MOH has actually implemented IT hospitals for more than 10 years now without any concrete future plan on what to do with it. I dare not ask if MOH has proper plan what it will do if IT hospitals face IT terrorism causing irrecoverable damage to the local network.
Back to Sungai Buloh, the question right now that needs to be asked to the hospital would be, do you have the expertise to monitor your IT system and power to regulate your concessionaire on their responsibilities? The answer would be "yes" because the hospital has a complete administrative organisation consisting of:
1. Director
2. Separate deputies in Clinical Management and Administration. IT System comes under scope of Deputy Director of Administration.
3. An Engineering Unit with qualified engineer as its head.
4. An IT Unit with qualified degree holder as its head.
5. Finance Unit that are knowledgable in procurement procedures if upgrades are needed.
6. Concessionaire representative that are available at the discretion of the hospital for any issues related to IT system.
With all this expertise available locally, how can the system maintenance go wrong?
In the absence of disaster, why should the system fail? Perhaps the wrong lies with the lack of vision by MOH officials in planning of IT hospitals.
Without a 10-year vision of "technology facilitated delivery of healthcare", the hospital will not have budget to upgrade and enhance its IT system.
But MOH alone cannot be blamed in this issue; the answer provided by the hospital director has more to be desired in terms of accountability. The manual method mentioned by the director is only pertaining to entering new records of a patient. There is no hardcopy of patient's past medical records available for clinicians to use.
In medicine, past medical records are important and provide valuable information regarding a patient's disease progression.
All patients are unique, making all records important. We rely heavily on past records to know about patients allergy as the use of allergy bracelets and cards are not a common practice in Malaysia.
Will the hospital be accountable should a patient accidentally be given wrong medication during this breakdown?
This is just one of many things that could go wrong in patient care without availability of clinical records. We may soon bear witness to wrong patients receiving wrong surgery due to staff confusion as no clinical record is available for reference.
Do we dare to ask the hospital director how many system breakdowns have occured in this year compared to last year or perhaps the last three years? Maybe the percentage is higher than the rise of dengue cases seen in the hospital itself.
It's timely now for residents in Sungai Buloh to ask the hospital director for his contingency plan should the IT system or servers containing patient records be destroyed in a real disaster.
We pray that the answer would not be "we shall start fresh records using manual methods".
But again, who is the hospital director but an implementer of policy and administrator with limited powers and funding.
The health minister should in the end be accountable for the planning and execution of IT hospitals by his own ministry.
Source: The Malaysian Insider