Risk Management in Healthcare Information Technology

Question 1 Owing to the fact that HCUP is the Nation’s most detailed and reliable hospital care data, my State, California does participate in this program. It does supply separate emergency department and ambulatory surgery source files. It has an OSHPD that uses patient type indictors to detect the difference between patients treated at ambulatory surgery center, or hospital based or hospital based emergency department. The Office of Statewide Health Planni9ng and Development availed files for the construction of HCUP California emergency department. The access person to this program is called Ken Armstrong and he can be contacted by the official contact [email protected]. There are several database tools used in this program and one of them is Clinical software that gives a mechanism of classifying some procedures to a meaningful categories.

Another tool is Chronic Condition Indicator that makes it easy for a user to categorize diagnosis codes of ICD-9-CM as either chronic or not chronic. The third one is Elixhauser Comorbidity Software that helps in assigning variables to identify conditions that exist and hospital discharge records. The fourth tool is Procedure Classes that helps in extensive research on hospital services using the data of administration. Question 2 a Part 1 There was an email circulating on mock HHS Departmental leatherhead with a fake signature of OCR’s director Jocelyn Samuels. This email looks like a real official communication from the government and targets the employees of the covered entities of HIPAA and the associates of the business.

This email prompts the receivers to click on an attached link so that they get included in the HIPAA security, privacy and breach rules. The employees themselves should have stopped this kind of breach if they were taught about security alerts according to HIPAA. They should have inquired from the top management the reason for such email so that they confirms it is was real or fake. Part 2A security plan for a medium sized health care facility The first step is to identify the asset identification like phones, computers, servers, fax machines just to name a few. If such assets contain business or client information, then a consideration should be emphasized on it as information asset.

Then the health care facility should classify the available information assets according to their level of importance. The second step is to develop a network and security controls like requiring all employees to use passwords to have an access on their computers and the corporate network. These computers password should be set to expire every 30 days so that the cyber attackers find it difficult in accessing them. After keeping the network servers in their facility, the health organization should make sure that they are encrypted and locked in strong rooms and doors and ensures that limited employees have access to the room. The facility should also encrypt the work computers, network servers and flash drives so that even if it has been stolen, it will not be intruded by any means.

(2bi) Quality Management The steps that help in quality improvement include researching more about how some people previously managed work properly and see the techniques they used to accomplish that so that you can assimilate some of them. You can also look at those who made mistakes and learn from them so that you do not find yourself in the same mistake. Benchmarking is very vital because you interact with the individuals performing better than you and ask them directly how they manage quality improvements models and try to emulate their ways so that you also become an outstanding quality manager.

The professionals should also dedicate themselves on their work at all levels of employment in the health care so that they produce quality services to the best of their ability. On the other hand, it is always easy to detect treatment related errors because adverse events occur quickly and visibly. For instance, the stage of action treatment where the nurse inserts a breathing tube wrongly into the trachea of the patient. Another stage is when the nurse is giving medication to the patient and maybe he/she wrongly injects the patient. He will start bleeding on the injected sport and thus an error will be identified. Another stage is the post treatment stage where the patient’s conditions worsen rather than getting better. On the other hand, risk management is the simply identifying, analyzing mitigating uncertainty in decisions of investments.

There are several parts of an effective risk management program and they include risk avoidance where the hospital eliminate any activities that may cause risks. Another part is the transfer of risk where the hospital transfers the financial consequences due to a certain activity to a third party like an insurance policy cover. The third part is risk prevention where the hospital reduces the likelihood of a loss to occur or reduce the impact of the loss in case it occurs. The fourth part is accepting the risk by retaining it. On the other hand, utilization review is the safeguard of individuals against inappropriate and unnecessary Medicare. It helps in allowing the providers of healthcare to make a review of the patient care from the medical necessity perspective. They do these by conducting ground rounds, tumor conferences and death complication conferences.

References

Healthcare Cost and Utilization Project (2013): United States Department of Health and Human Services. Retrieved from http://www.ahrq.gov/research/data/hcup/HIPAA Privacy, Security, and Breach Notification Audit Program (2016): United States Department ofHealth &amp  Human Services. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/audit/index.htmlChand, S. (2017). HCUP-US Tools & Software Page. Hcup-us.ahrq.gov. Pietra, L. (2017). Medical errors and clinical risk management: state of the art. Acta Otorhinolaryngol Ita.Luther, K. (2017). Utilization Review and Managed Health Care Liability. Medscape.`

Cite this page