The Clinical Results Repository at Southwestern A Study in Partnership

1
(No Transcript)
2
It will not make the slightest difference to
anything Comments by the French Inspector
General of the Infantry concerning the value of
the machine gun.
3
(No Transcript)
4

• Never Rely on Technology to Solve Problems
  Organizations and people are flexible. Technology
  is not.
• Dont Ignore History The strategic use of
  technology always requires process change.
• Know the Real CostsAs a rule of thumb, process
  change will cost 2x-4x the price of hardware and
  software.

5
Information Architecture
Kirk KirkseyVP for Information ResourcesUT
Southwestern Medical Center at Dallas(214) 648
6252kirk.kirksey_at_email.swmed.edu
6
A Short Exercise
Youre Loan Shark USA is the fastest growing
small loan company in the United States. The YLS
strategy is to grow by acquiring small finance
companies across the country. Eight acquisitions
are planned for the next 10 months. Each branch
has separate computer systems storing detailed
customer record. Unfortunately these are
different software platforms. Some are in-house
developed. Others have been purchased from
various small and large vendors. The commonality
of information collected is unknown.   A major
problem is costing millions and is threatening to
put the company out of business. Newly acquired
offices are unable to identify deadbeat customers
who already have loans with the company. Default
rates are soaring. Consultants from Chicago
wearing wool overcoats and carrying 300 fountain
pens have determined that pre-qualifying loans
with the companys existing information would
save 10m per year. They recommend integrating
customers computer records. Unfortunately, they
went back to Chicago before describing exactly
how to accomplish this goal.   Your are the new
CEO charged with correcting this problem (the
last one was fired). You have called a meeting
with the companys Chief Information Officer and
her council of technical gurus. Before the
meeting, you want to set a direction. As
described  
7
(No Transcript)
8
Information Architecture

• Part 1 Architecture Defined
• Part 2 Levels of Architecture
• Part 3 Components of Architecture
• Part 4 Information Architecture Overview
• Part 5. A Case Study The Electronic Medical
  Record
• Part 6. An Assessment of Risk
• Part 7 Protecting Your Architecture

9
Part 1Information Architecture The single most
misused, misunderstood, misinterpreted term in
information technology today. What does it mean
to you????
10
Part 1 Architecture What is it?
11
Information Architecture
Information Architecture is a high level or
general view of something that conveys an overall
understanding of its various components and how
those components interrelate.
John Hobbs
12
Moving Toward anInformation Architecture
Stage 3 Clusters of Databases
Clusters of Processes Required
Communications Structure
Stage 2 Required Processes
Geographic Locations Nature of
Process Interaction Business Rules
for Relationships
Stage 1 Structure of Organization
Goals of the Organization Required
Business Functions Information Needs
13
Part 2 Levels of Architecture
14
Levels of an Information Architecture
Application ArchitectureProcessing and storage
for a logical function
Network ArchitectureData communications
structure required for application interaction
Exchange ArchitectureTechnologies required for
interchange of information
Foundation Architectures
Integration ArchitectureRelational technologies
required to create new logical structures from
disparate components
The Architecture of Findability
15
Exercise

• In keeping with our definition of architecture.
• What high level concepts do the following
  representations of architecture convey to you?
• What strengths are conveyed?
• What weaknesses do you see?

16
Application Architecture
A Tiered Architecture
The Relationship of Function
17
A Network Architecture
18
Information Exchange Architecture

• Manual
• Batch
• Point to Point
• Screen Scrap
• Transaction Intercept
• Interface Engine

19
Level 3 Integration
Level 1 Departmental
Systems
Level 2 Communications
Level 4 Linked Repositories

• Interface Engine

Local Area/Wide Area Network

• Master Patient Index

UTSW

• Medical Entities Dictionary (proposed)

• Standard

The Architectureof Integration
Firewall

• 100MB

• Giga Switch

The Internet
Hospital A
Hospital B
20
(No Transcript)
21
Part 3Architectural Components orWhy Does
this Stuff Cost So Much?
22
Architectural ComponentsA Brief History of Chaos
1992Internet TCP/IP
1983 Desktop Computing
1950sMainframe
1961RS232
1960 Minis
1985Networking
1990Client Server
23
Mainframes

• Single Vendor Solutions
• Glass House Organization(my way or the
  highway)
• Proprietary Technologies

24
What is a Mainframe
From Whatis.com
25
Minicomputers

• Inexpensive
• Clinical Lab Products
• Polorized IT Organizations
• Specialized Applications
• DEC and MUMPS

26
RS232

• Hardware Port Standard
• Facilitated Real Time Data Interface
• Made IT Organizations Hate Each Other Even More
• Made EDI Possible

27
Point-to-Point Model

• Two Way Required
• N (N-1)
• Vendor Cost
• Maintenance
• Change Management
• Personnel
• Standards
• Expensive

28
Desktop Computing

• Information dispersed
• IS costs impossible to calculate
• Little institutional value

29
The Network

• Replaces computer system as single critical
  component
• Pathway to information
• The network is the system

30
Networking for the Masses

• Rise of Connectivity
• Corporate Pathway to Departmental Information
• Computing over Wide Geographies
• The Network Becomes the System

31
(No Transcript)
32
Electronic Data Interchange (EDI)

• Layer 7 in OSI Model
• Standards Based Data Interface
• Cost of Interface and Data Exchange Falls
• Real Time Predictability

33
Client Server Computing

• Lowers (maybe) total cost of computing
• Distributes Computing Functions to Cheap Machines
• Foster distribution of large databases
• Promotes Easy to Use Tools

34
The Internet

• Global Commerce
• Information Security Risks
• Really Distributed Computing
• The Communication Appliance

35
Part 4 An Brief Overview of Information
Architectures
36
Some Assumptions About Architecture

• Network is present
• Multiple applications. Multiple platforms.
• Legacy data interfaces present
• Islands of useful information
• Information integration is good
• Youve got to do Web stuff but nobody knows why
  except your consultant

37
Lets Not Be Confused

• ConnectivityAbility to obtain functional
  connection
• InterfaceExchange of data
• IntegrationCo-mingled information creating a
  logical structure.

38
Department
TheIntegrationFoodChain
39
Application Philosophy

• Best of BreedSelect best product for the
  jobObtain connectivityIntegrate
• Core SystemsMinimize number of vendors (usually
  central administration then functional areas)
• Single VendorIf you find one of these that
  works, call me.

40
Separate ApplicationsData InterchangeMultiple
Connections
41
VisualIntegration
42
Visual Integration
Strengths Weaknesses

• Cheap

• Strategic limitations
• Operational vulnerabilities

43
Data Warehouse Model
44
Intranet/Extanet
Integration Tools
DataWarehouse

• Along Comes the Web

E CommerceSupply Chain MgtEDI
AncillaryWarehouse
Internet
45
Data Warehouse
Strengths Weaknesses

• Strategic use of information
• Create new data structure

• Expensive
• May require new middleware or backend processes

46
Data Warehouse

• Integrates disparate information
• Require standardization method
• Allows strategic use of information
• Less subject to operational glitches
• Less expensive to support
• expensive

47
Building Architectures
Mainframes The Internet EDI
The Network Mini Computers Desktop
Computing RS232
48
A Short Exercise
Youre Loan Shark USA is the fastest growing
small loan company in the United States. The YLS
strategy is to grow by acquiring small finance
companies across the country. Eight acquisitions
are planned for the next 10 months. Each branch
has separate computer systems storing detailed
customer record. Unfortunately these are
different software platforms. Some are in-house
developed. Others have been purchased from
various small and large vendors. The commonality
of information collected is unknown.   A major
problem is costing millions and is threatening to
put the company out of business. Newly acquired
offices are unable to identify deadbeat customers
who already have loans with the company. Default
rates are soaring. Consultants from Chicago
wearing wool overcoats and carrying 300 fountain
pens have determined that pre-qualifying loans
with the companys existing information would
save 10m per year. They recommend integrating
customers computer records. Unfortunately, they
went back to Chicago before describing exactly
how to accomplish this goal.   Your are the new
CEO charged with correcting this problem (the
last one was fired). You have called a meeting
with the companys Chief Information Officer and
her council of technical gurus. Before the
meeting, you want to set a direction. As
described  

• What is the fundamental problem (one sentence
  two words would be better)?
• What do you need to know about the loan
  application process?
• What do you need to know about the computer
  systems at the branch offices?
• What do you need to know about industry
  technology standards and best practices?
• What do you need to know about the companys
  technical communication infrastructure?
•  What do you believe are the four or five major
  milestones needed to accomplish the
  fullintegration of company information?

49
Part 5 Case Study
How to achieve tightly coupled integrated
clinical information systems in a growing patient
population served by multiple departments and
affiliated but separate institutions?
50
A Typical Clinical Systems Environment

• Point to Point Environment
• Separate Network Topologies
• Redundancies
• No Enterprise Information Strategy

51
(No Transcript)
52
The Goal

• Departmental Autonomy
• The Identification and Integration of Strategic
  Information
• Scorched Earth Not Possible
• Widest Access Possible
• Lowest Cost Possible

53
The Goal
Strategic Warehouses

• Clinical Results
• Research Engine
• Financial Decision Support

54
Organizational Considerations

• Budgeting Methodology Infrastructure Increased
  departmental burden
• Support and Training Inter Departmental Inter
  Institutional
• Information Security Competitive
  information Institutional responsibility Patient
  confidentiality
• Technology Standards

55
Level 3 Integration
Level 1 Departmental
Systems
Level 4 Linked Repositories
Level 2 Communications

• Interface Engine

• Passive Master Entities Index

UTSW

• Medical Entities Dictionary (proposed)

• Standard

An Architecture for
Patient
Integration

• 100MB

• Giga Switch

The Internet
Hospital A
Hospital B
Active Master Entities Index
56
Level 1 The Applications Architecture

• Build Phase 1 Network
• Establish Connectivity
• Establish EDI Standards
• Establish Connectivity Standards
• Active person index for positive identification

Establish Phase 1 Systems Hospital Information
SystemsLab SystemsRadiology SystemsAppointment
SchedulingInpatient BillingOutpatient Billing
57
Level 2 The Enterprise Data Communication
Architecture

• Single Network Topology
• Centrally Funded and Managed
• Defined Physical and Transport Standards
• NO EXCEPTIONS

58
Level 3 The Integration Layer

• Interface Engine Technology
• Master Entities Index
• Standard Vocabularies
• Standard EDI

59
The Interface Engine
Point-to-Point Model
Interface Engine

• Object Oriented
• One to Many
• Many to One
• Minimize Vendor Involvement
• Can Force Standard EDI

• Two Way Required
• N (N-1)
• Vendor Cost
• Maintenance
• Change Management
• Personnel
• Standards

60
Same Person?????
Name Bob SmithSex MaleAddrs 4141
Gilbert Dallas 75219DOB
8/27/52SSN 464-98-7628
Name Robert SmithSex MaleAddrs 4141
Gilbert Dallas 75214DOB
8/27/52SSN 464-98-7628
61
Master Entities Index

• Probabilistic Matching
• Weighting
• Suspense Queue for Human Intervention

62
Name Bob SmithSex MaleAddrs 4141
Gilbert Dallas 75219DOB
8/27/52SSN 464-98-7628
P80Patient Match
Master PersonIndex
Name Robert SmithSex MaleAddrs 4141
Gilbert Dallas 75214DOB
8/27/52SSN 464-98-7628
P 63
Level 4 Warehousing

• Reconciled Data
• Allows Multiple Views
• Data Mining
• Can be linked to other warehouses

64
Part 6 An Assessment of Risk
65
Sources of Information Loss
Respondents Sources of Financial Losses and
Concerns

• System Downtime or Failure - 72
• Inadvertent Errors - 71
• Viruses - 46
• Malicious Acts by Employees - 29
• Malicious Acts by Outsiders - 19
• Natural Disasters - 17
• Unknown Source - 15
• Industrial Espionage - 8

Source CSI Computer Crime and Security Survey
(1999 Results)
66
Impact and Likelihood
Impact
Probability

• High - 500,000
• Medium - 1K-500K
• Low -

• Certain
• Possible
• Unlikely

67
UT SouthwesternTop 20 Events4/7/99 - 5/11/99
68

• Certainty of LossVSValue of Loss

Unlikely Possible Certain
High500K Med100K 500K Low
69
Exercise
Identify 5 high probability risks associated with
both the computerized medical record and the YLS
example.
70
CRR A Risk Analysis
Total Risks 77
71
High Risk/Certain

• No Std for Adding New Users
• No Procedures for Controlling Physical Access
• No Owner Defined
• Inaccurate Info in the CRR
• Wrong Patient ID
• Hardware/Network Capacity Exhausted

• Lack of Campus-Wide Security Standards
• Unauthorized Browsing
• Political Change in Direction
• Compromise of Security in Dept Systems
• Unprotected Dial-in
• Viruses Spread by Vendor
• No Central Security Adm

72
High Risk/Certain (cont)

• Rules for Decision Support Assumed Present
• Incomplete or Improper Matching Info

• No Record Retention Plan

73
Wrong Patient ID

• Master Patient Index
• Probabilistic Matching
• Name (Soundex)
• DOB
• SSN
• Two Year Backload as Test

74
Unprotected Dial-in

• No Web Access
• Controlled Citrix Server
• Personal Validation of Password

75
Hardware/Network Exhausted

• Standard Management Metrics in Place
• CPU Utilization
• Disk Usage
• Segment Usage
• Central Network Monitor with Remote Disconnect
  Capabilities
• Fiber Backbones with Giga Switch Connectivity

76
No Owner Defined

• UT Southwestern established as Service Bureau
• Dissolution Agreements in Place
• Hardware/Software Agreements in Place in Case of
  Institutional Split

77
Political Change in Direction

• Service Level Contract
• Dissolution Agreement
• Purchased Hardware in Divisible Chunks

78
Viruses Spread By Vendor

• All Servers Checked Daily
• All Workstations Checked Daily (minimum). Shield
  Required
• Disconnect Infected Users

79
Part 7 Protecting Your Architecture
80
Recovery Strategies Cost VS Risk

• Hot SiteRemote hardware on standby
• Warm SiteRemote hardware (minimal)
• Cold SiteNo hardware. Site only
• Business ContinuationDown time procedures

81
How to Recover from a Disaster

• Do your backups
• Test your backups
• See your backups
• Touch your backups
• Store your backups off site
• If backups take too long, get a new computer

82
Disaster Recovery

• Risk Assessment (dont forget the phones and
  network)
• Communications (who calls who)
• Hot Site (Comdisco, Sunguard, IBM)
• Cold Site and Drop Shop Contracts
• Crises Recovery Team
• Declaring a Disaster
• Business Contingency Planning

83
Chicago Hot Site
Grand PrairieWork Site
DR VendorsNational Network
Permanent T1

• Step 1 Declare Disaster
• Step 2 Retrieve backup media from offsite
  storage.
• Step 3 Fly media and personnel to Chicago
• Step 4 Establish UTSW environment
• Step 5 Evaluate. Begin building local cold site

X
Local Cold Site
84
In Closing, Remember. . .
Nothing hard is every easy. My Grandmother