First, I should probably clarify what types of content we’re talking about when I say “unstructured patient content.
” We’re generally referring to the type of patient content that lives outside of the Electronic Health Record (EHR) such as, but not limited to: patient photos, videos, wave forms, PDFs, scanned documents, and of course, medical images (i.e. DICOM). Sometimes this is referred to as “multi-media content.” Other times it’s called “unstructured content” (in contrast to the discrete, structured data in the EHR), although this term is not universally accepted because some would argue that there’s plenty of structure in medical images. I can see both sides. The main point is that you should expect your VNA to be truly ‘open’ to all
content regardless of source (the device or system which created it) and regardless of format or file type.
The Importance of Security & Compliance
When this unstructured or multi-media content is not stored and managed in a VNA, it often lives in unmanaged and/or unsecured departmental data silos such as network file systems or shared workstations, or even on clinicians’ personal devices like smart phones and tablets. While these silos create operational challenges and inefficiencies pertaining to backup and recovery strategies, another significant concern is that they often lack HIPAA-compliant access controls and auditing capabilities. This exposes the organization to unnecessary levels of compliance risk and potential litigation in the event of a HIPAA violation or PHI (personal health information) data breech.
A simple Google search will quickly provide enough cautionary tales to prompt any healthcare C-suite executive to make sure all patient content, regardless or source or format, is securely stored and managed in a VNA. As you can imagine, lawsuits abound.
An important aspect of compliance also pertains to data retention. Your data can become a liability if you retain it longer than you are legally required to according to your organization’s data retention policies which typically take into account various state, local and/or national regulations. At Watson Health, we believe that you’re not truly managing your content if it’s not being managed throughout its lifecycle, including final disposition and policy-based deletion. A modern VNA should include robust Information Lifecycle Management (ILM) capabilities. If it doesn’t, or if you’re not taking advantage of them, you could be exposing your organization to risk.
Flexibility is Essential
The days when VNAs were only used to store DICOM images are long gone. But to take it one step further, your VNA provider should not prescribe what format to store your content in. It’s your data. You own it
. If you need to DICOM-wrap your content for whatever reason, you should be free to do so (and there may be many valid reasons to do this in your environment). Likewise, if you prefer keeping your content in its native format, that’s your choice to make. A modern VNA should not only be flexible enough to support all content regardless of source or format
, but also powerful enough so the format itself is decided by the customer and not prescribed by the vendor.
To have parts 3 and 4 of this blog series delivered to your inbox, please subscribe to the blog toward the top right of this page.