180 likes | 285 Views
Developing an Interdisciplinary Health Informatics Security and Privacy Program. Xiaohong Yuan, Jinsheng Xu, Department of Computer Science Hong Wang, Department of Management Kossi Edoh, Department of Mathematics North Carolina A&T State University SIGCSE 2014. Outline. Motivation
E N D
Developing an Interdisciplinary Health Informatics Security and Privacy Program Xiaohong Yuan, Jinsheng Xu, Department of Computer Science Hong Wang, Department of Management Kossi Edoh, Department of Mathematics North Carolina A&T State University SIGCSE 2014
Outline • Motivation • Health Informatics Security and Privacy Concentration • Courses for the Concentration • Course modules for the Concentration • Assessment • Conclusion
Motivation - 1 • Health informatics is one of the nation’s largest growing industries • President Obama made the use of IT and EHRs a top goal • Offered up to $27 billion in government funds for switching from paper to electronic medical records • Healthcare Informatics is one of the top careers • approximately 70,000 health informatics specialists are needed (according to Don Detmer, CEO of AMIA) • employment of medical records and health information technicians is expected to grow by more than 20% through 2018, resulting in over 207,000 jobs creation by 2018 (US Bureau of Labor Statistics).
Motivation - 2 • It is highly important for health informatics to understand the many concerns of security, privacy, integrity and reliability. • We developed Bachelor of Science in Computer Science (BSCS) concentration in Health Informatics Security and Privacy (HISP) • Leverage the strength of IA education at NC A&T • Leverage the existing interdisciplinary collaborations
The BSCS Concentration in HISP Requires the following four core courses: • COMP323: Introduction to Healthcare Information Systems • MATH 410: Mathematics for Health Informatics • MIS640: MIS Topics • An Information Assurance elective • Choose from: • COMP320: Fundamentals of Information Assurance or • COMP321: Computer Systems Security or • COMP420: Applied Network Security or • COMP421: Security Management for Information Assurance)
HISP concentration vs. Regular BSCS Program • HISP concentration requires the same number of credit hours as the regular BSCS program • BSCS requires 9 credit hours of CS electives. • For HISP concentration, they are used for taking COMP323, MATH410, and IA elective • BSCS requires 3 credit hours of business elective • For HISP, it is used for taking MIS 640
COMP323 Introduction to Health Care Information Systems - 1 • Textbook • Healthcare Information Systems by Karen A. Wagner • Topics • Types of Healthcare Data and Information • Health Care Data Quality • Laws, Standards, and Regulations related to Healthcare Information • History of Healthcare Information Systems • Current and Emerging Use of Clinical Information Systems • System Acquisition, Implementation and Support • Technologies that Support Healthcare Information Systems • Healthcare Information Systems Standards • Laws and Standards for Healthcare Information Security and Privacy • Microsoft HealthVault • Access Control in Health Information Systems
COMP323 Introduction to Health Care Information Systems – 1I • Project 1 • Research available job openings in health information systems and give presentation • Project 2 • Visit a health care facility as a group, interview personnel in the facility, write a report, and give presentation • Project 3 • Write an application for Microsoft HealthVault
COMP323 Introduction to Health Care Information Systems – 1II • Project 4 • Use OpenEMR to create a health care practice and keep track of patient’s medical records • Project 5 • Research 5 healthcare information system vendors that offer EMR products. Compare the products, write a report and present • Project 6 • Research on health organizations that are using Web 2.0 technologies to establish connections with patients or other consumers, describe how they use Web2.0 technologies
MIS 485 MIS Topics - I • Capstone course focusing on emerging IS and IT topics • Topics • Informatics in healthcare professions • Ensuring quality and best use of information • Professional use of electronic resources • Healthcare information systems • Selecting a health information system • Information security and confidentiality • System integration and operability • The role of standardized terminology and languages in informatics • Telehealth • Evidence-based practice and research
MIS 485 MIS Topics - II • Offered in Spring 2013 • Student are asked to read articles on health informatics, and write a proposal for corporate use of health informatics
MATH410 Mathematics for Health Informatics - I • Offered in Spring 2013 • Topics • Descriptive biostatistics and sample distribution • Probability distributions and Estimation • Testing hypothesis, regression analysis, nonparametric and distribution-free statistics • Heath information privacy and security
MATH410 Mathematics for Health Informatics - II • Project 1 • Write R programs to compute basic statistic such as mean, variance and percentiles, and plotting statistical graphs. • Project 2: • Use R packages abd, asbio and tsmodel, and analyze breast tissue data. • Project 3 • Use R for Poisson distribution, Estimation and Hypothesis testing. • Project 4 • Select a topic on their own in health information security and write a paper on that.
Course Module I – Laws and Standards for Health Information Security and Privacy • Laws • Pre-HIPPA, HIPPA, Gramm Leach Bliley Act, Sarbanes-Oxley Act of 2002, Patient Safety and Quality Improvement Act of 2005, Health Information Technology for Economic and Clinical Health (HITECH). • Standards • ISO 17799, Control Objective for Information and Related Technology (COBIT), the Health Information Trust Alliance (HITRUST) Control Security Framework (CSF), ISO/IEC 27002:2005, ISO/IEC 27001:2005, ISO 27799:2000, NIST (National Institute of Standards and Technology) Special Publication 800-53, ISO 27799:2008, ISO 17090:2008, and ISO/TS 25237: 2008 • Mini-case studies are designed to help students understand HIPPA
Course Module II: Access Control in Health Information Systems • Introduce Role-based Access Control (RBAC) based on NIST model • Design scenarios to demonstrate how to design RBAC for HIS • Expose students to the access control mechanism of OpenMRS
Course Module III: XML and Microsoft HealthVault • Introduce XML and XML security mechanism • Introduce a Personal Health System Microsoft HealthVault, and how XML is used in HealthVault • Write an application for Microsoft HealthVault
Assessment • Students indicated high interest levels in Healthcare Informatics. • Most students indicated that they had not been exposed to Healthcare Informatics and had not considered career paths in the field prior to this course. “I didn’t know this was an option before.” • One student had considered the field prior to the course, but also said that “this course really connected the dots for me.” • Some students stated that they have definite plans to attend graduate school and to pursue Healthcare Informatics careers. • Application of statistics in healthcare case studies demonstrated the value and relevance of statistics in helping society.
Conclusion • We developed an Interdisciplinary Health Informatics Security and Privacy Concentration • Preliminary assessment results are positive • We need to advertise the program, and continue assessing the program