1 / 16

Jim Williams Presented to CORBAmed at the June 1998 meeting of the OMG in Orlando

What does Security have to do with Errors in Healthcare?. Jim Williams Presented to CORBAmed at the June 1998 meeting of the OMG in Orlando. Public Awareness, Conferences, and Policy. 100 million Americans touched by medical error Enhancing patient safety and reducing errors in healthcare

gage
Download Presentation

Jim Williams Presented to CORBAmed at the June 1998 meeting of the OMG in Orlando

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What does Security have to do with Errors in Healthcare? Jim Williams Presented to CORBAmed at the June 1998 meeting of the OMG in Orlando

  2. Public Awareness, Conferences, and Policy • 100 million Americans touched by medical error • Enhancing patient safety and reducing errors in healthcare The Annenberg Center Joint Commission on Accreditation of Healthcare Organizations American Association for the Advancement of Science Department of Veterans Affairs The National Patient Safety Foundation • President’s Commission on Healthcare Quality • ... an unacceptable level of errors

  3. Scope and Organization • (Background) • Sound information handling applied to healthcare • The error-handling objective • Error-handling roles • Technical requirements • Sound information handling applied to HIPAA • Conclusions and Implications for CORBA security • Key references

  4. The Error Handling Objective initial falsely input certified error input chronological history of certified inputs and warranted outputs falsely warranted revocations outputs (discovery) restoration

  5. Structure of Sound Information Handling revocations Input Application Certification Processing warranted outputs ? error reports Basis Tracking and basis descriptions Error Handling ? invalidating inputs

  6. User Roles and Responsibilities

  7. Technical Requirements (1 of 3) Assertions and instructions are cast in stable form • Their meaning doesn't depend on context Integrity-validation checks are performed on inputs • Checking for adverse drug interactions • (Size of problem: 120,000 deaths/year) • Approaching universal availability Integrity validators must themselves be validated ?

  8. Technical Requirements (2 of 3) Pre-existing basis for resolving error reports • Auditing of physician and patient activities • Automated clinical pathways Antecedent causes of confirmed errors are investigated • Investigative path can be arbitrarily long • If all patient errors are modeled, the root cause of errors in healthcare is illness ?

  9. Technical Requirements (3 of 3) Error retractions minimize damage, halt error propagation • It’s the right thing to do • It reduces malpractice risk Error retractions propagate with higher priority than errors ?

  10. Building on HIPAA: Administrative Procedures

  11. Building on HIPAA: Physical Safeguards

  12. Building on HIPAA: Technical Security Services

  13. Building on HIPAA: Electronic Signature

  14. Conclusions Rapid progress in dealing with healthcare errors Theory of sound information handling empirically validated HIPAA requirements support sound information handling and the control of errors in healthcare

  15. What CORBA Security Needs toSupport Error Handling Flexible role-based access control for integrity validation Generalized access mediation • Can’t reject an entire patient record because one blood test was taken on April 31 Auditing for basis information • Application-based data generation • Query the sources of a result for cause of error • Query known uses of a resource for error retraction Warranting of outputs • Security attributes for data quality

  16. Additional Reading • NPSF bibliography • Williams, Sound Information Handling: Application to Errors in Medicine • Williams and LaPadula, Modeling External Consistency of Automated Systems • Lucian L. Leape, Error in Medicine

More Related