CONTENTS
Part I Healthcare and Information Technology in the United States
The Explosion of Healthcare Information Technology
New Network Complexity Requires New Standards for Data Sharing and Interoperability
The Role of HIT in the Continuum of Healthcare
The Increasing Volume and Shift to Value of Healthcare IT
Measuring the Value of Healthcare
Preparing a Critical Mass of Certified Healthcare IT Technicians and Professionals
Healthcare Information and Management Systems Society (HIMSS)
American Health Information Management Association (AHIMA)
Chapter 2 U.S. Healthcare Systems Overview Philip J. Kroth
U.S. Healthcare Delivery Organizations and Management Structures
Health Maintenance Organizations (HMOs)
Independent Practice Associations (IPAs)
Preferred Provider Organizations (PPOs)
Other Healthcare Organizations
Home Care/Visiting Nursing Services
Certification and Accreditation
Costs—U.S. Expenditures Overall Compared to Other Countries
HITECH Meaningful Use Provision
Medicare Access and CHIP Reauthorization Act of 2015
Healthcare Regulatory and Research Organizations
Chapter 3 An Overview of How Healthcare Is Paid For in the United States Donald Nichols
The Nature of Health Insurance
The Structure of Health Insurance
Insurance in the United States
Commercial (Private) Insurance in the United States
Clinical Information Standards
Trends and What to Expect in the Future
Part II Fundamentals of Healthcare Information Science
Chapter 5 Computer Hardware and Architecture for Healthcare IT Omid Shabestari
Cloud Computing, ASPs, and Client-Server EMR Systems
Operating Systems and Hardware Drivers
Trends in Meeting Hardware Requirements
Chapter 6 Programming and Programming Languages for Healthcare IT Alex Mu-Hsing Kuo, Andre Kushniruk
Languages and Virtual Machines
Hypertext Markup Language (HTML)
Extensible Markup Language (XML)
PHP: Hypertext Preprocessor (PHP)
Programming Languages and Development Environments for Mobile Health Application Development
Database Application Development Process
Analyzing the Business Scenario and Extracting Business Rules
Modeling Database: Entity Relationship Diagram Design and Normalization
Creating a Physical Database Using Structured Query Language
Implementing a Healthcare Database Application
Database Administration and Security
Data Warehouses for Healthcare
The Differences Between a DW and OLTP
A Healthcare Data Warehouse Life Cycle
Applications of Data Mining in Healthcare
Cloud Computing Deployment Models
Examples of Cloud Computing in Healthcare
Pros and Cons of Cloud Computing in Healthcare
Chapter 8 Networks and Networking in Healthcare Roman Mateyko
Telecommunications and Healthcare
From Voice to Data Networks and the Global Internet
Connectivity: The Geometrical Nature of Networks
The World Wide Web as an Example of a Network Application
Network Architectures and Implementations
Wireless Applications and Issues in a Healthcare Setting
Components of the Sample Network
Wireless Access Points and WLAN Controllers
Transmission of Healthcare Data (HL7)
Chapter 9 Systems Analysis and Design in Healthcare Andre Kushniruk, Elizabeth Borycki
Systems Analysis and Design in HIT
The Systems Development Life Cycle (SDLC)
Trends and Issues in HIS Analysis and Design
Life Cycle of Major Information Technology Implementation and Organizational Change
Process Management and Process Improvement
Process Hierarchy: Levels of Mapping Processes
Methodologies for Understanding Processes
Modeling Workflows for Scope of Professional Practice Standards
Success Factors for Implementing Clinical Process Change
Identification and Prioritization of Targets for Workflow Improvement
Chapter 11 Healthcare IT Project Management Brian Gugerty, Amy Flick
Projects, Project Management, and Healthcare IT
Critical Success Factors for Healthcare IT Projects
The Project Management Institute, PMBOK, and PMP
Major Project Management Constraints/Objectives
Project Team Roles and Stakeholders
Effective Communication in Projects
Process Groups and the Project Life Cycle
Project Problem/Vision/Mission Statements
Planning a Healthcare IT Project
The Work Breakdown Structure (WBS)
Estimating Time, Cost, and Resources
Developing the Project Schedule
Scheduling Resources in Projects
Executing, Monitoring, and Controlling HIT Projects
Execution Principles, Issues, and Opportunities
Monitoring Progress in Projects
Chapter 12 Assuring Usability of Healthcare IT Andre Kushniruk, Elizabeth Borycki
Usability Engineering Approaches
Human Factors and Human–Computer Interaction in Healthcare
User Interface Design and Human Cognition
Importance of Considering Cognitive Psychology
Approaches to Cognition and HCI
Technological Advances in HIT and User Interfaces
Input and Output Devices and the Visualization of Healthcare Data
Approaches to Developing User Interfaces in Healthcare
Methods for Assessing HIT in Use
Part III Healthcare Information Standards and Regulation
Chapter 13 Navigating Health Data Standards and Interoperability Joyce Sensmeier
Introduction to Health Data Standards
Health Data Interchange and Transport Standards
Vocabulary and Terminology Standards
Content and Structure Standards
Standards Coordination and Interoperability
International Organization for Standardization
Integrating the Healthcare Enterprise
eHealth Exchange and the Sequoia Project
The Business Value of Health Data Standards
Chapter 14 Interoperability Within and Across Healthcare Systems John Moehrke
Internal Directory vs. External Directory
The Multiple Factors of Authentication
Authentication vs. Claims About Authentication (Federated Identity)
Balanced Access Control and Audit Control
Multilevel Data Confidentiality
Data Tagging with Sensitivity Codes
Other Sources of Access Control Rules
Data Treated at the Highest Level of Confidentiality
Privacy Consent Related to Purpose of Use and Access Control
Summary of Basic Access Control
Policies: Where the Logic Resides
Healthcare Information Exchange
Enforcement of Access Controls in an HIE
The First Rule of HIE Access Control
The Second Rule of HIE Access Control
HIE Access Control Information
Chapter 15 Assuring the Health Insurance Portability and Accountability Act Compliance Chris Apgar
Introduction to the Healthcare Legal Environment
HIPAA, HITECH Act, and Omnibus Rule Overview
HIPAA Administrative Simplification Provisions
HIPAA Privacy Rule: 45 CFR Part 164, Subpart E
Use and Disclosure of PHI: 45 CFR 164.502(a)
Minimum Necessary: 45 CFR 164.502(b)
BA Contracts: 45 CFR 164.504(e), 45 CFR 164.308(b), 45 CFR 164.314(a)
Authorization Requirements: 45 CFR 164.508
Release Without Consent or Authorization: 45 CFR 164.512
Avert a Serious Threat to Safety: 45 CFR 164.512(j)
Disclosure for Specialized Government Functions: 45 CFR 164.512(k)
Limited Data Set: 45 CFR 164.514(e)
Notice of Privacy Practices: 45 CFR 164.520
Privacy Official and Security Official: 45 CFR 164.530(a), 45 CFR 164.308(a)(2)
Workforce Training: 45 CFR 164.530(b), 45 CFR 164.308(a)(5)
Standard Safeguards: 45 CFR 164.530(c)
Sanctions: 45 CFR 164.530(e), 45 CFR 164.308(a)(1)
Privacy and Security Policies and Procedures: 45 CFR 164.530(i), 45 CFR 164.316
HIPAA Security Rule: 45 CFR Part 164, Subpart C
Administrative Safeguards: 45 CFR 164.308
Physical Safeguards: 45 CFR 164.310
Technical Safeguards: 45 CFR 164.312
Breach Notification Rule: 45 CFR Part 164, Subpart D
Breach Definition: 45 CFR 164.402
General Breach Description Notification Requirements: 45 CFR 164.404(a–c) 38
Methods of Notification: 45 CFR 164.404(d)
Notification Delay for Law Enforcement Purposes: 45 CFR 164.412
Specific CE Requirements: 45 CFR 164.404
Specific BA Requirements: 45 CFR 164.410
HIPAA Enforcement Rule: 45 CFR Part 160
Chapter 16 Health Information Technology and Health Policy Allison Viola
The Linkage Between Health Policy and Health IT: Why It’s Important
EHR Incentive and Certification Programs
Chapter 17 The Electronic Health Record as Evidence Kimberly A. Baldwin-Stried Reich
Sources and Structure of U.S. Law
Three Branches of U.S. Government Responsible for Carrying Out Government Powers and Functions
Executive Branch: President, Vice President, and Cabinet
Legislative Branch: The Senate and the House of Representatives
Judicial Branch: Structure and Function of the U.S. Court System
EHR Standards for Records Management and Evidentiary Support
The Role and Use of the Medical Record in Litigation and/or Regulatory Investigations
Paper-based Medical Records vs. Electronic Health Records in Discovery
Discovery and Admissibility of the EHR
The Federal Rules of Evidence (FRE)
The Scope and Procedures of E-Discovery Process
Impact of the 2015 Amendments to the E-Discovery Process
Duty to Preserve Relevant Evidence and Establishing Legal Holds
The Path Forward: A Coming Together of Laws, Rules, and Regulations
The Health Insurance Portability and Accountability Act
The Convergence of E-Discovery and Release of Information Processes
The Concept of the Legal Health Record
A New Era in the Nation’s Health Information Infrastructure
Part IV Implementing, Managing, and Maintaining Healthcare IT
Importance of Communications in Health IT Initiatives
Focus on Customers and Players
IT Departments and Multidisciplinary Project Teams
Components of a Communications Plan
Project Phases and the Communication Functions
Role of Federal Healthcare Agencies
Role of Regulatory Standards and the Evolution of Health Information Exchange
Chapter 19 Non-EHR HIT: From Architecture to Operations Alistair Erskine, Bipin Karunakaran
The Healthcare IT Organization: Challenges, Structures, and Roles
HIT Major Non-EHR HIT Systems and Applications
Working with Enterprise HIT Systems
Vendor-Specific Systems: Acquisition, Installation, and Maintenance of HIT Systems
Finance and Operations Systems
Clinical Decision Support (CDS)
Patient Relationship Management Systems
Application Data Interchange Systems
Chapter 20 EHR Implementation and Optimization Diane Hibbs, Julie Hollberg
Using HIT and EHRs for Organizational Transformation
Governance of Large HIT and EHR Initiatives
The Orders Catalog and Order Sets
Documentation Templates and Note Hierarchy
During and Post Go-Live Communication
Chapter 21 Training Essentials for Implementing Healthcare IT Cheryl A. Fisher
Multimedia as a Method of Delivery
Training Delivery and Accommodation
Utilizing a Learning Management System
Defining Quality Measures for EHR Queries
What Makes a Quality Measure Worth Measuring?
Evidence-Based Clinical Practice Guidelines
What Is the Connection Between Clinical Decision Support and Quality Measurement?
What Is the Measure of a Measure?
What Are the Types of Measures, and How Are They Different?
What Are the Expectations for the EHR to Perform Measurement?
What Changes Are Needed to Enable Electronic Clinical Quality Measures?
How Are Value Sets Standardized?
Moving Forward: Retooling vs. Creating Measures de Novo Based on Data in EHRs
Part V Optimizing Healthcare IT
Chapter 23 Big Data and Data Analytics John E. Mattison
Innovation in Healthcare IT: The Creative Reconstruction of Health and Wellness
Which Technologies Are Creating Big Opportunities for Innovation?
How Do We Optimize the Human-Machine Interface?
How Do We Accelerate Continuous Learning and Innovation?
A Simple Taxonomy for Innovation
The Different Communities Engaged in Healthcare Delivery
Professional Care-Delivery Teams
What Can the Impact of Innovations Be on the Future Technologies?
Key Gaps and How Technology Can Help Close Them
The Empathy Gap Is the Most Important Gap to Close
Gap Between Evidence and Behavior for Disorders of Lifestyle
Environmental Disruption Gap (Chemical, Thermal, Microbial)
Learning/Education/Communication Gap
Gap in Seamless and Reliable Human Data Entry
Gap in Evidence-Based Virtual Care
The Science vs. the Application of –omics (Genomics, Microbiomics, Proteomes, etc.) Gap
Gap in Chatbots, AI, Trust, and Health
Gap in Transcranial Magnetic Stimulation and Health
Gap in New Psychopharmacology Research and Previously Refractory Psychiatric States
Gap in Harnessing Exponential Technology
Innovations in Genetics/Genomics/Pharmacogenomics
Genetics/Genomics Throughout the Healthcare Continuum
New Major Sources of Evidence with a Focus on Pharmacogenomics
The IT Volume Challenge of Monitoring Genetics/Genomics/Pharmacogenomics in Healthcare
Innovations in Mobile Devices in Healthcare
Wireless Communication Technologies and Standards
Mobile Devices Connected to the Internet
Mobile Device Security Protocols
How Mobile Networks Are Being Used in Healthcare
The Most Popular Mobile Health Apps
Healthcare Professionals’ Use of Mobile Devices
Major Barriers to Advancing Mobile Devices
Steps to Institutionalizing Genomic and Mobile Technologies
Innovative Institutions Pushing Advances in Genomics and Mobile Devices
Nine Technologies for Future Innovation Using Devices
Social Media Being Used in Healthcare
Delivery Mechanisms Used for Telehealth
Part VI Making It All Secure: Healthcare IT Privacy, Security, and Confidentiality
Chapter 25 Framework for Privacy, Security, and Confidentiality Dixie B. Baker
Layer 2: Information Assurance Policy
Layer 4: Operational Safeguards
Layer 5: Architectural Safeguards
Layer 6: Technology Safeguards
Chapter 26 Risk Assessment and Management Gila Pyke
Risk Management in Healthcare IT
Documentation and Communication
Application and Data Criticality Analysis
Physical Safeguard Requirements
Locating Storage Devices, Network Hardware, Printers, and Other Devices
Securely Handling Protected Health Information (PHI)
Printer, Fax Machine, and Scanner Placement
Access to Servers, Offices, and Data Closets
Securing and Preserving Electronic Media Storage Devices
Network-Attached Storage (NAS)
Asymmetric or Public Key Infrastructure (PKI)
Secure Disposal of Electronic Media
Secure Shredding, Degaussing, and Sanitizing
Determining the Level and Type of Destruction
Chapter 28 Healthcare Information Security: Operational Safeguards Sean Murphy
Operational Safeguards: A Component of Information Security
Operational Safeguards in Healthcare Organizations
Information Management Council
Identity Management and Authorization
Awareness and Training Programs
Software and System Development
Healthcare-Specific Implications on Operational Safeguards
Multiple-Tenant Virtual Environments
Operational Safeguards in Emerging Healthcare Trends
International Privacy and Security Concerns
Workforce Information Security Competency
Accountable-Care Organizations
Meaningful Use Privacy and Security Measures
Chapter 29 Architectural Safeguards Lisa A. Gallagher
Relationship Between Reliability and Security
Reliability Implications for Healthcare Systems
Availability as a Component of Data Security
Considerations for Healthcare IT Systems
Considerations for Medical Devices
Considerations for Design of High-Reliability Healthcare Systems
Chapter 30 Healthcare Cybersecurity Technology Mac McMillan
Healthcare Cybersecurity Threat
The Big Four: Cybercrime, Cyber Espionage, Hacktivism, and Advanced Persistent Threats
Planning for Outcomes: Cybersecurity Frameworks and Standards
Building a Secure Architecture
Maintaining a Current Environment
Addressing the Ubiquitous Threat of IoT
Conducting Information Correlation and Analysis
Chapter 31 Cybersecurity Considerations for Medical Devices Axel Wirth
Medical Device Cybersecurity and Cybersafety: An Introduction
Medical Device Vulnerabilities and Risks: A Review
Medical Device Regulation: Impact on Cybersecurity
Changes in the Regulatory Landscape
Implementing Medical Device Cybersecurity
Risk Analysis, Assessment, and Management: Laying the Foundation
Appendix A AHIMA CHTS Exams Domain Maps
CHTS-CP: Clinician/Practitioner Consultant Examination
CHTS-IM: Implementation Manager Examination
CHTS-IS: Implementation Support Specialist Examination
CHTS-PW: Practice Workflow & Information Management Redesign Specialist Examination
CHTS-TS: Technical/Software Support Staff Examination
Appendix B HIMSS CAHIMS Exam Domain Map
Installing and Running Total Tester Premium Practice Exam Software
Total Tester Premium Practice Exam Software
McGraw-Hill Education Media Center Download