Free EMR Newsletter Want to receive the latest news on EMR, Meaningful Use, ARRA and Healthcare IT sent straight to your email? Join thousands of healthcare pros who subscribe to EMR and HIPAA for FREE!!

Physician Burnout, a Healthcare Issue Unique to Our Healthcare Providers

Posted on May 25, 2018 I Written By

The following is a guest blog post by Justin Campbell, Vice President, Strategy, at Galen Healthcare Solutions.

I Can’t Get No Satisfaction…but I try, and I try, and I try, and I try – Rolling Stones

Justin CampbellIn a 2018 Medscape survey exploring the professional satisfaction of providers, 42 percent of 15,000 survey respondents reported feeling burnt out with their jobs, up from an overall rate of 40 percent in 2017. In recent years, physician burnout has become a serious industry issue, with national policy discussions ensuing on how to best combat the problem. Researchers have drawn correlations between physician burnout and higher medical error rates, lower overall quality of care, and increased clinical staff turnover. Year after year, the underlying drivers of dissatisfaction have remained consistent: overwhelming charting requirement, long work hours, and cumbersome EHRs.

As health IT leaders, one question we should be asking ourselves is how we can best apply our EHR expertise to help reduce physician burnout. To answer this question, let us look to the doctors we aim to help. When physicians are at the bedside, they analyze a patient’s condition and formulate a care plan accordingly. They look to diagnostic test results, review trended vitals, pain scores, and nursing assessments, and consult with specialists in a massive data gathering exercise all aimed at quantifying the problem and crafting a treatment plan.

Providers are telling us there is a problem, and they are consistently identifying the primary underlying causes. IT department leaders have a direct influence over many of the drivers of physician burnout, so it is time for us to dig into the details, measure the problem, and craft a treatment plan. How do we measure and manage physician burnout?

There’s Gold In Those EHR Audit Logs

The Office of the National Coordinator’s EHR Certification Requirements mandate that all certified EHRs be capable of generating an audit log detailing all user activity, stored in a database alongside user credentials and a date and time stamp. At first glance, these unassuming audit logs appear to provide little actionable insight, but buried in the data there is value. When audit logs are compiled across several months, data analysts will quickly see that they have a rich dataset that can be sliced and diced to expose the EHR navigation and module utilization trends of key physician populations.

Analyzing patterns within EHR audit logs will allow savvy data analysts to determine the average length of time providers spend working in the EHR. This information can be calculated at the individual level or aggregated across all providers.

Source: Galen Healthcare Solutions

Knowing how long providers are spending on administrative tasks in the EHR is valuable information for a number of reasons. First and foremost, this information can be used as a benchmark to measure the impact of future software updates or optimization projects. Any significant changes to provider workflow should be retrospectively reviewed to understand how it impacts the average time providers spend in the EHR. First, do no harm.

Analyzing user activity logs at the individual level also helps identify highly efficient EHR users within each specialty. The EHR workflow patterns of these EHR champions can be modeled. Peers can be educated on how to adjust their own workflows to mirror specialty-specific champions, reducing their own daily EHR burden. These “quick win” workflow adjustments are changes that can be adopted by clinical staff immediately, before extensive EHR optimization efforts are undertaken.

Audit log analysis can also highlight which EHR modules providers spend the most time in. In most cases, updating user preferences and optimizing the information displayed on EHR screens can expedite chart navigation. Simplified documentation templates and macros training can expedite the documentation process. A library of evidence-based order sets and targeted clinical decision support algorithms can minimize time spent entering orders.

Analyzing utilization trends at the EHR module level exposes the workflow tasks that are consuming a disproportionate amount of provider time.

Don’t. Stop. There.

EHR audit log analysis can reveal how much time providers are spending in the EHR, and where specifically they are spending that time. It can identify physician champions, and highlight those that are struggling. Audit log analysis can be used to measure EHR-induced physician burnout and support system-wide optimization efforts aimed at improving satisfaction.

Beyond this, EHRs offer a wealth of additional datasets that can help highlight inefficiencies in clinical workflows. Traditional health IT data analytics typically aims to uncover problems in care quality or revenue cycle management, but analysis focused on EHR workflow improvement is just as noble an effort, and one providers have long been seeking.

Gain perspectives from HDO leaders who have successfully navigated EMR clinical optimization and refine your EMR strategy to transform it from a short-term clinical documentation data repository to a long-term asset by downloading our EMR Optimization Whitepaper.

About Justin Campbell
Justin is Vice President, Strategy, at Galen Healthcare Solutions. He is responsible for market intelligence, segmentation, business and market development and competitive strategy. Justin has been consulting in Health IT for over 10 years, guiding clients in the implementation, integration and optimization of clinical systems. He has been on the front lines of system replacement & data migration and is passionate about advancing interoperability in healthcare and harnessing analytical insights to realize improvements in patient care. Justin can be found on Twitter at @TJustinCampbell and LinkedIn.

About Galen Healthcare Solutions
Galen Healthcare Solutions is an award-winning, #1 in KLAS healthcare IT technical & professional services and solutions company providing high-skilled, cross-platform expertise and Gold sponsor of Health IT Expo. For over a decade, Galen has partnered with more than 300 specialty practices, hospitals, health information exchanges, health systems and integrated delivery networks to provide high-quality, expert level IT consulting services including strategy, optimization, data migration, project management, and interoperability. Galen also delivers a suite of fully integrated products that enhance, automate, and simplify the access and use of clinical patient data within those systems to improve cost-efficiency and quality outcomes. For more information, visit www.galenhealthcare.com. Connect with us on TwitterFacebook and LinkedIn.

 

The Need for Speed (In Breach Protection)

Posted on April 26, 2016 I Written By

The following is a guest blog post by Robert Lord, Co-founder and CEO of Protenus.
Robert Protenus
The speed at which a hospital can detect a privacy breach could mean the difference between a brief, no-penalty notification and a multi-million dollar lawsuit.  This month it was reported that health information from 2,000 patients was exposed when a Texas hospital took four months to identify a data breach caused by an independent healthcare provider.  A health system in New York similarly took two months to determine that 2,500 patient records may have been exposed as a result of a phishing scam and potential breach reported two months prior.

The rise in reported breaches this year, from phishing scams to stolen patient information, only underscores the risk of lag times between breach detection and resolution. Why are lags of months and even years so common? And what can hospitals do to better prepare against threats that may reach the EHR layer?

Traditional compliance and breach detection tools are not nearly as effective as they need to be. The most widely used methods of detection involve either infrequent random audits or extensive manual searches through records following a patient complaint. For example, if a patient suspects that his medical record has been inappropriately accessed, a compliance officer must first review EMR data from the various systems involved.  Armed with a highlighter (or a large excel spreadsheet), the officer must then analyze thousands of rows of access data, and cross-reference this information with the officer’s implicit knowledge about the types of people who have permission to view that patient’s records. Finding an inconsistency – a person who accessed the records without permission – can take dozens of hours of menial work per case.  Another issue with investigating breaches based on complaints is that there is often no evidence that the breach actually occurred. Nonetheless, the hospital is legally required to investigate all claims in a timely manner, and such investigations are costly and time-consuming.

According to a study by the Ponemon Institute, it takes an average of 87 days from the time a breach occurs to the time the officer becomes aware of the problem, and, given the arduous task at hand, it then takes another 105 days for the officer to resolve the issue. In total, it takes approximately 6 months from the time a breach occurs to the time the issue is resolved. Additionally, if a data breach occurs but a patient does not notice, it could take months – or even years – for someone to discover the problem. And of course, the longer it takes the hospital to identify a problem, the higher the cost of identifying how the breach occurred and remediating the situation.

In 2013, Rouge Valley Centenary Hospital in Scarborough, Canada, revealed that the contact information of approximately 8,300 new mothers had been inappropriately accessed by two employees. Since 2009, the two employees had been selling the contact information of new mothers to a private company specializing in Registered Education Savings Plans (RESPs). Some of the patients later reported that days after coming home from the hospital with their newborn child, they started receiving calls from sales representatives at the private RESP company. Marketing representatives were extremely aggressive, and seemed to know the exact date of when their child had been born.

The most terrifying aspect of this story is how the hospital was able to find out about the data breach: remorse and human error! One employee voluntarily turned himself in, while the other accidentally left patient records on a printer. Had these two events not happened, the scam could have continued for much longer than the four years it did before it was finally discovered.

Rouge Valley Hospital is currently facing a $412 million dollar lawsuit over this breach of privacy. Arguably even more damaging, is that they have lost the trust of their patients who relied on the hospital for care and confidentiality of their medical treatments.

As exemplified by the ramifications of the Rouge Valley Hospital breach and the new breaches discovered almost weekly in hospitals around the world, the current tools used to detect privacy breaches in electronic health records are not sufficient. A system needs to have the ability to detect when employees are accessing information outside their clinical and administrative responsibilities. Had the Scarborough hospital known about the inappropriately viewed records the first time they had been accessed, they could have investigated earlier and protected the privacy of thousands of new mothers.

Every person seeks a hospital’s care has the right to privacy and the protection of their medical information. However, due to the sheer volume of patient records accessed each day, it is impossible for compliance officers to efficiently detect breaches without new and practical tools. Current rule-based analytical systems often overburden the officers with alerts, and are only a minor improvement from manual detection methods.

We are in the midst of a paradigm shift with hospitals taking a more proactive and layered approach to health data security. New technology that uses machine learning and big data science to review each access to medical records will replace traditional compliance technology and streamline threat detection and resolution cycles from months to a matter of minutes. Making identifying a privacy breach or violation as simple and fast as the action that may have caused it in the first place.  Understanding how to select and implement these next-generation tools will be a new and important challenge for the compliance officers of the future, but one that they can no longer afford to delay.

Protenus is a health data security platform that protects patient data in electronic medical records for some of the nation’s top-ranked hospitals. Using data science and machine learning, Protenus technology uniquely understands the clinical behavior and context of each user that is accessing patient data to determine the appropriateness of each action, elevating only true threats to patient privacy and health data security.