White Paper

Planning for a Healthcare Point of Care Device Implementation

Kathleen Gaffney
December, 2012

1. Introduction
The need of physicians, nurses and other clinical staff for data entry and access into the electronic medical record (EMR) at the point of care (POC) has become a particularly challenging issue for hospital IT departments. This is because IT must implement and support an increasingly wider variety of point of care devices than ever before, including mobile workstations, wall mounted screens, thin-client devices, mobile devices, healthcare-specific tablets and smartphones. Furthermore, IT must ensure that the POC solutions provide users with the continuous 24/7 availability, flexibility and security they require. One of the first challenges IT faces is selecting the most appropriate end user device for the clinical need. It is likely that stationary workstations have been deployed for entering orders and viewing census, test results and PACS images. As an institution deploys computerized physician order entry (CPOE) and bar code medication administration (BCMA) the demand for POC devices dramatically increases. There are many types of mobile computer devices available to deploy. Each of these devices has both advantages and disadvantages for the clinician. It is important to understand that a mixture of mobile and non-mobile equipment will need to be deployed in order to best meet the multiple needs of end users. The decision on the types of devices to deploy is based on many factors including; staff preferences, cost, size, durability, ergonomics, facility issues such as electrical circuits and data closets, the ability to integrate into the institutions technical infrastructure and maintaining city and county codes. Additionally, institutions must determine the number of each device type that is needed.

Clinical and administrative workflows Walking patterns; where clinicians walk, sit and stand to perform their daily tasks o Patient, visitor, and information flow patterns o Medical procedures being performed o Location of data access, input and administrative activities such as logging in, chart review and documentation Determine space constraints, facilities, Fire Marshall, and Joint Commission requirements Document infection control and prevention protocols for fomite disinfection, isolation patient requirements, and the antimicrobial and germicidal agents used

o o

POC Device Requirements

The selection of POC devices should be a collaborative approach involving the clinical staff and IT. The selection of the types and models of devices to deploy should be made by an interdisciplinary committee composed of nurses, physicians, other clinicians and information technologists. POC Committee membership should represent a cross section of the institution including critical care, medical, surgical, obstetrics and pediatric areas and hospital service departments. The POC Committee is responsible for identifying the performance goals and metrics, and functional and form factor requirements for the institution. The activities performed by the committee members include, but are not limited to, the following: Formulate a set of performance goals and metrics for device selection, for example: o Improve EMR data accuracy and timeliness o Enhance nursing productivity and workflow o Increase time spent on patient care activities o Improve nursing satisfaction o Improve patient satisfaction o Reduce device count in hallways o Reduce significant technical and procedural overhead o Zero wait policy Document the functional requirements for each of the devices types such as: o The ability to document at the bedside o The ability to document outside of the patient room o Supports an Electronic pen 2

Understanding Current Environment

Data Collection is the first step in understanding the types and quantities of device needed by an institution. This is done through observation of workflows and the facility environment, interviews with clinicians and utilization of automated methods. The following activities are part of the data collection process: Perform a detailed inventory of existing devices (e.g., workstations, laptops, COWs, WOWs, thin client, etc.), age, applications installed, CPU, etc. Interview users to determine the ideal end state environment Observe workflow on the patient care units and service departments taking note of:

Nexus White Paper

Do not duplicate or distribute without Nexus prior consent.

o o o o

Allows for eye contact with patients Enough devices for all clinical users at peak staffing times (including teaching rounds) Ease of use and provision of the optimal device for each role The ability to support the institutions clinical software

Document the form factor requirements including: o Ergonomically correct o Easy to clean, infection control o Ruggedness o Secure o Weight o Large screen o Camera o Space/storage o Reliability o Battery life o PCU electrical capacity o Scanner or Bar Coder

Later, the selected devices can be piloted among a small group of users. Have vendors supply samples for use by the hospital staff for a 4 to 8 week test period. During this time, clinical and IT staff create future state processes that reflect best practices for embedding mobile devices into new workflows. The institution should also be thinking about the placement of special cabinets for storage and charging of devices when not in use and research and evaluate these vendors as well.

Determine Number of Devices

The determination of the number of devices needed is also a collaborative exercise involving the clinical staff and IT. It is necessary to estimate the total number of devices needed by each area (unit, service area, department, etc.) based on workflow, physical layout, staffing models and ratios by discipline and shift. Some institutions develop formulas for determining a baseline for quantities within an area. The estimate should take into consideration the existing devices which will be replaced and which can continue to be utilized.

Once the committee has compiled the list of performance, functional and form factor requirements they will then move onto identifying the various vendors and devices most appropriate for their institutions environment.

Physical Site Review and Planning

Physical site review and planning involves identifying the upgrades needed to support the future POC model, including physical space, power and network infrastructure. This requires the involvement of Facilities, electricians and IT Network engineers to create drawings that document where new power and network connectivity are necessary and space renovations are required to accommodate the new devices. Older buildings may not support the electrical requirements of the new devices without building infrastructure upgrades. Electrical circuits and closets may need upgrading for future electrical loads and to maintain city and county codes. Reliability is one of the most important factors in a successful POC device deployment. The network should be highly scalable, with high availability for maximum up-time. An institution is making a significant investment when deploying POC devices so it is critical that they take the steps necessary to safeguard the impression that the clinical staff have of the deployment. Frequent complaints of areas where the wireless connections are not available or dropped connections are encountered will quickly bring down the adoption rate of the technology. Problems like these are a direct result of poorly designed wireless 3

Selection of Point of Care Devices

Theres no one single device for point of care computing that will meet the needs of every department within a hospital or clinic due to the difference in preferences among clinicians across the various departments. As a result, an institution must offer multiple types of devices for different tasks. The purpose of this step in the process is to find vendors that can supply the type of desired devices. The POC Committee can select a subset of committee members to do the discovery work or turn it over to the IT or purchasing department. The initial identification of vendors can be done through a variety of means such as an internet search, attendance at trade shows, asking peers at other institutions, input from the EMR vendor, or hiring a consultant. Some institutions send out a Request for Proposal document that details their requirements and use the vendor responses to pare down the list of vendors they will review in further detail. One way health care institutions can avoid problems with clinician acceptance of mobile devices is to hold a device fair to allow clinicians to test various types of mobile point of care devices and provide feedback.

Nexus White Paper

Do not duplicate or distribute without Nexus prior consent.

networks. That is why it is important that an institution concurrently plan for the assessment and upgrading of the wireless network infrastructure.

Optimally Designed Infrastructure

Wireless Best Practices To achieve a network that is optimally designed for POC devices (or any mobile device), a set of best practices for wireless technology must be employed throughout the facility. This not only involves RF site survey aspects and the placement of access points on the patient floor, but also antenna characteristics, redundancy considerations, quality of service (QoS), Radio Frequency (RF) Spectrum management, POC device design, authentication, and encryption mechanisms. As a rule of thumb, best practices for managing POC devices can be taken from existing PC management best practices.

POC Interfaces The architecture of the wireless network and its integration with the wired network must be designed to minimize risk. POC devices should use thin-client, zero client, and virtualized desktop interfaces to minimize the need to download and locally control sensitive and critical data. Security Strategies The optimal infrastructure also needs to support HIPAA security standards for preventing hacking and loss of protected patient information. Institutions need to take a multi-layer approach when securing patient data in wired and wireless environments to be certain that Wireless LANs (WLAN) are providing the same level of access control and privacy as wired LANs. This allows you to achieve a broader approach to your compliance initiatives and provide maximum protection for protected health information (PHI). Examples of strategies that can be implemented include: Installing and maintaining secure firewalls Encrypting across open, public networks Establishing a zoned network architecture Ensuring that network traffic is encrypted by implementing Wi-Fi Protected Access (WPA2) encryption Another security strategy is to develop wireless security policies that govern both how employees behave and how wireless technology is used and integrated into the enterprise. Network access control policies should be put in place requiring that users authenticate themselves with passwords, and the actual devices must be authenticated by network servers before granting WLAN access. Additionally, cryptographic keys used to access the WLAN must be changed frequently. Intrusion and Monitoring Detection Along with security strategies, intrusion prevention and end-to-end monitoring are key components in avoiding PHI leaks that IT will need to plan for. Intrusion and monitoring detection are an effective means for discovering wireless vulnerabilities, detecting intruders and attacks, and keeping watch over the overall security of a WLAN. It is recommended that an institution have a Network Penetration test performed to show the gaps in security. Wireless monitoring should include 1) real-time monitoring for rogue APs and ad- hoc networks; 2) detection of events that could indicate wireless intruders; and 3) wireless LAN management tools to manage wired network performance and security.

In health care institutions a successful POC device implementation strategy has as much to do with the stability of the infrastructure as the selection of appropriate devices.

Wireless Characteristics A contributing factor to the overall performance of POC devices is based on the RF characteristics of the wireless client. Many of these devices have varying levels of RF performance and as a result have very different outcomes depending on the wireless hardware implemented. Another factor is receiver sensitivity which is the ability of an RF receiver to detect the 802.11 signal given the receivers noise floor. The better the receiver sensitivity, the better the performance and overall availability and throughput. A third factor is the implementation of the roaming algorithm which allows for roaming at the right time and not experiencing throughput degradation. Additional aspects that can affect POC workflow include power conservation techniques and QoS capabilities such as availability (uptime), bandwidth (throughput), latency (delay), and error rate. Prior to a large POC deployment many institutions have a wireless site survey performed and then build or reconfigure a network based on the assessment findings.

Nexus White Paper

Do not duplicate or distribute without Nexus prior consent.

Budget
Adding more POC devices creates new demands on device procurement, activation, asset management, IT support and device retirement. This can lead to an increase in costs. Each institution needs to identify budget dollars to be allocated for the initial deployment and for the planned replacement of obsolete and lost equipment, including devices, carts and batteries.

2. Summary
In health care institutions a successful POC device implementation strategy has as much to do with the stability of the infrastructure as the selection of appropriate devices. The challenges IT faces in a POC deployment include understanding how mobile technologies can be used to support new and existing processes at the point of care; selecting the most appropriate end user device for the clinical need; and managing POC devices so that the necessary processes do not interfere with the delivery of patient care. In addition, the network has to be designed to never go down, to perform at the desired level, and to accommodate the workflow and security requirements specific to health care institutions. An institution should utilize a best practice methodology to help guide them through the many steps and to help ensure that the end solution is tailored and deployed to their unique business needs.

http://www.pointofcarecorner.com/critical-issues-inmanaging-point-of-care-devices/ 5. Enterprise Mobility Solutions, Maximizing your Mobile Investment ttp://downloads.deusm.com/enterpriseefficiency/En terprise_Mobility_Solutions___Whitepaper.pdf 6. Wireless (In)Security for Health Care. Version 1.1 January 10, 2003, Dr. Dixie B. Baker, Corporate Vice President for Technology, Enterprise and Health Solutions, Science Applications International Corporation, http://www.himss.org/content/files/WirelessInsecuri tyV11.pdf 7. Network Security in Healthcare: How The Right Technology Enhances Quality Of Care, Prepared for WatchGuard Technologies, Inc. by Reymann Group, Inc. https://www.watchguard.com/tipsresources/grc/wp-network-security-in-thehealthcare-industry.asp

References
1. How to Select End User Clinical Data Entry Devices, Rush University Medical Center Develops Tool to Identify the Quantity of Devices Needed for the Implementation of a New EMR and CPOE System. HIMSS JHIM volume 24 / number 3, SUMMER 2010 2. Wireless Technology Still Emerging in Healthcare, John Andrews, Contributing Writer, Dec. 31, 2009, http://www.healthcareitnews.com/news/wirelesstechnology-still-emerging-healthcare 3. Cisco Network (MGN) 2.0 - Wireless Architectures http://www.cisco.com/en/US/docs/solutions/Vertical s/Healthcare/MGN_wireless_adg.html#wp246550 4. Critical Issues in Managing Point of Care Devices, February 2012

Nexus White Paper

Do not duplicate or distribute without Nexus prior consent.