As electronic health records (EHRs) continue to play a huge role for healthcare operators, chief information officers have new concerns and priorities to ensure success. With rising cyberattacks on protected medical information about patients, CIOs are putting more importance on cybersecurity, particularly when they are still building out their EHR capabilities, according to a recent focus group conducted by LexisNexis Risk Solutions and the College of Healthcare Information Management Executives (CHIME).
Participants of the focus group included vice presidents and CIOs from hospitals, nursing homes and health plans. Their priorities largely depended on where their organizations were in the EHR implementation process.
Executives agreed investing more up front to protect patient information is necessary and important. These protections should be considered from both outside and inside the organization as cyberthreats become more sophisticated, according to the group. To address vulnerabilities, executives said they used multiple security levels, such as one-time passwords, biometrics and knowledge-based authentication.
“They likened their strategy to that of plugging holes, with each additional security layer plugging more vulnerabilities in their system infrastructure,” the report read.
Beyond enhancing cybersecurity, executives were also focused on interoperability in EHRs as a top priority. The issue has dogged the industry as more technology continues to be introduced into the space. Exchanging internal and external data can be better facilitated with interoperable systems.
Those who had established data input and exchange infrastructure in place were more concerned with data exchange, recognizing that a siloed approach to data governance and management does not work. To further stabilize the data, executives aim to create patient and provider directories. Managing these directories is “highly complex,” but universal patient identifiers would better support interoperability across the healthcare system, the report stated.
CIOs at organizations that have mature EHR deployment are mostly looking to gain actionable insights from their data, including data mining and partnering with clinical operations. CIOs want to analyze and perform risk stratification on their patients to perform the appropriate and high-quality care.
“We’re working diligently to ensure we provide the highest quality care at the lowest cost,” one focus group participant said.
Once CIOs know the risk profiles of their patients, engaging the patients in their care is an important strategic initiative. This includes making it easier for patients to access their healthcare services and make it personalized.
“They want to give patients the ability to communicate with providers via email, telephone, mobile app, text and web interface,” the report reads. “They also want to enhance the user experience by providing interactive—not generic—content via the portal and mobile apps.”