Public Trust in Health Information: Public Trust in Health Information: Foundational Principles for Foundational Principles for

Dependable SystemsDependable Systems

Public Trust in Health Information: Public Trust in Health Information: Foundational Principles for Foundational Principles for

Dependable SystemsDependable SystemsDixie B. Baker, Ph.D.Dixie B. Baker, Ph.D.

Vice President for TechnologyVice President for TechnologyCTO, Enterprise and Infrastructure Solutions GroupCTO, Enterprise and Infrastructure Solutions Group

Presented by Kathleen A. McCormick, Ph.D.Presented by Kathleen A. McCormick, Ph.D.Senior Scientist/Vice President SAIC, Health SolutionsSenior Scientist/Vice President SAIC, Health Solutions

22

Realization of the Vision Brings RiskRealization of the Vision Brings Risk

IT Dependency and Value

eHea

lth

– R

ealiz

atio

n o

f N

HIN

TimeRISKStage 3: The Digital Doctor • Patient ownership of record• Integrated EMR available anywhere, exchangable across caregivers, minable

for syndromic surveillance• Integrated, individualized decision support• Data exchanged over shared, public networks (Internet)

Stage 2: The Bewildered Doctor• “System of systems” through the miracle of integration engines• Electronic clinical data• Electronic administrative transactions with trading partners• General-use decision-making tools (e.g., drug-drug interactions)

Stage 1: The Family Doctor• Minimal use of IT in clinical care• “Departmental” systems• Private networks• Decision making as an “art”

33

Confronting Risk – Assuring Public Confronting Risk – Assuring Public TrustTrust

System reliabilitySystem reliabilityService availabilityService availabilityInformation confidentiality Information confidentiality Data integrity Data integrity Software safetySoftware safety

As provider organizations increase their dependence on information technology in the delivery of clinical care, DEPENDABILITY becomes essential for business success, quality care, and patient safety!

44From:Baker, D. Dependable Systems foFrom:Baker, D. Dependable Systems for Quality Care. in Saba, VK and McCorr Quality Care. in Saba, VK and McCormick, KA. Essentials of Nursing Informamick, KA. Essentials of Nursing Informatics, 4th Edition, New York:McGraw-Hill tics, 4th Edition, New York:McGraw-Hill Book Co., in press 2005Book Co., in press 2005

5 Guidelines for Dependability 5 Guidelines for Dependability 1.1. Architect for dependability.Architect for dependability.

Architect enterprise systems from the bottom up so that no Architect enterprise systems from the bottom up so that no critical component is dependent upon a component less critical component is dependent upon a component less trustworthy than itself.trustworthy than itself.

Minimize complexity – the simplest design and integration Minimize complexity – the simplest design and integration strategy will be the most understandable, maintainable, and strategy will be the most understandable, maintainable, and recoverable.recoverable.

Avoid/eliminate single-point failures – distributed architectures Avoid/eliminate single-point failures – distributed architectures can tolerate failure more easily than large, centralized systems.can tolerate failure more easily than large, centralized systems.

Incorporate redundancy & fail-over for critical components.Incorporate redundancy & fail-over for critical components. Implement security in depth to protect sensitive information Implement security in depth to protect sensitive information

from unauthorized disclosure, critical data from corruption and from unauthorized disclosure, critical data from corruption and destruction, and essential services from interruption.destruction, and essential services from interruption.

55

Dependability Requires Dependability Requires Architectural Architectural AssuranceAssurance

Confidence that enterprise systems will:Confidence that enterprise systems will: Deliver services as described in functional Deliver services as described in functional

specification;specification; NotNot exhibit behaviors that are unexpected, exhibit behaviors that are unexpected,

malicious, or harmful; andmalicious, or harmful; and Be available when they are needed.Be available when they are needed.

66

Dependable Architectures Dependable Architectures Recognize DependenciesRecognize Dependencies

Vu

lner

abili

ty R

isk

Pro

pag

atio

n

Ass

ura

nce

Dep

end

ency

Safety FUNCTIONALCAPABILITIES

Security FUNCTIONALCAPABILITIES

CPOE

UserAuthentication

AccessControl

Audit

ElectronicPrescribing

Bar-CodeReader

Rules-Based Decision Support

Single Sign-On

Operating Systems

Networks

Enterprise Architecture

Encryption

User Interface

77

5 Guidelines for Dependability5 Guidelines for Dependability2.2. Expect failures.Expect failures.

Implement application-transparent features to detect faults, Implement application-transparent features to detect faults, failover to redundant components, and recover from failover to redundant components, and recover from infrastructure failures.infrastructure failures.

Implement application-specific features to handle exceptions Implement application-specific features to handle exceptions in software execution.in software execution.

Implement features to detect, recover from, and survive Implement features to detect, recover from, and survive malicious attacks while preserving system stability and malicious attacks while preserving system stability and security.security.

Design and build safety-critical systems to fail in a safe state.Design and build safety-critical systems to fail in a safe state.

3.3. Expect success.Expect success. Plan for scalability.Plan for scalability. Plan for integration with other systems.Plan for integration with other systems. Model use-case scenarios and associated data flows, system Model use-case scenarios and associated data flows, system

loading, and network impact.loading, and network impact.

88

5 Guidelines for Dependability5 Guidelines for Dependability

4.4. Hire meticulous managers (with just a touch of Hire meticulous managers (with just a touch of paranoia) to manage your systems and networks.paranoia) to manage your systems and networks.

Use middleware to manage workload.Use middleware to manage workload. Use out-of-band tools to monitor and manage system and Use out-of-band tools to monitor and manage system and

network performance.network performance. Develop and execute plans and procedures for managing Develop and execute plans and procedures for managing

emergencies and recovering from disasters.emergencies and recovering from disasters.

5.5. Don’t be adventurous.Don’t be adventurous. Use proven methods, tools, technologies, and products that Use proven methods, tools, technologies, and products that

have been in production, under conditions and at a scale similar have been in production, under conditions and at a scale similar to yours.to yours.

Don’t be the first (or second) to adopt a new technology.Don’t be the first (or second) to adopt a new technology.

99

Contact InformationContact Information

1010

Local Health SolutionsLocal Health Solutions

Kathleen A. McCormick, Ph.D.Kathleen A. McCormick, Ph.D.

Senior Scientist/Vice PresidentSenior Scientist/Vice President

SAIC Health SolutionsSAIC Health Solutions

Falls Church, VA and Rockville, MDFalls Church, VA and Rockville, MD

703 575-7209703 575-7209

Kathleen.a.mccormick@saic.comKathleen.a.mccormick@saic.com