JavaScript disabled. Please enable JavaScript to use My News, My Clippings, My Comments and user settings.

If you have trouble accessing our login form below, you can go to our login page.

If you have trouble accessing our login form below, you can go to our login page.

Solution to hospital data fiddle not ready

Date

Peter Jean

Zoom in on this story. Explore all there is to know.

A key computer security measure designed to prevent a repeat of last year's Canberra Hospital data doctoring affair is unlikely to be rolled out across the ACT Health Directorate before next year.

Canberra Hospital said in March it would push ahead with computer system upgrades to avoid a repeat of the problem.

More than a year after Canberra Hospital executive Kate Jackson admitted making changes to emergency department performance results, police are still investigating what occurred.

An ACT Legislative Assembly committee last year recommended that the Health Directorate introduce ''rapid log-in'' technology designed to improve computer security without interfering with patient care.

In a response to recommendations tabled in the Assembly last week by Chief Minister Katy Gallagher, the government revealed a pilot of the technology may not be completed until the end of this year.

The government also "noted", but did not formally accept, a recommendation that an apology be issued to Ms Jackson for officials inadvertently providing the media with a copy of a letter that named her.

Ms Jackson - and possibly other Health staff - was able to alter data in the Emergency Department Information System without detection because hundreds of staff had had been issued with generic log-ins such as "nurse'' and doctor''.

Computer security was subsequently improved but hospital officials were reluctant to force emergency department staff to constantly log-on and off computers when accessing patient records because this could bring the unit to a "grinding halt''.

"The completion of [a rapid log-in pilot scheme] will result in a recommendation and costs for consideration by the organisation to proceed to widespread implementation within the Health Directorate and its diverse applications,'' the government response said.

"The pilot timeframe is expected to be completed by end of December 2013 with the resulting cost model and implementation plan to be considered by the Health Directorate.''

The Canberra Hospital emergency department was likely to be one of the first parts of the hospital to receive the technology when a roll-out began.

The Health Directorate has already put other measures in place to improve data integrity and is recruiting a Director of Data Integrity.

The government neither formally accepted nor rejected a committee recommendation that Ms Jackson be issued with a formal apology after her name was published in documents distributed to the media last year.

"The naming of the executive who admitted fault for altering emergency department data at Canberra Hospital was unfortunate,'' the response said. ''It was not the intention of the ACT government Health Directorate, or the ACT government to have this person's name revealed, although legal advice indicated that there was no reason to withhold the staff member's name.''

The response said Ms Jackson had a longstanding career as a nurse, director of emergency department nursing and executive director of the critical care division.

"It is unfortunate that the hard work and commitment of this individual over a long period has been overshadowed by more recent events.''

9 comments

  • Hundreds of thousands of dollars are.being spent
    to investigate and prosecue a politician over some cabcharges.
    It would seem the purpose.of.the tampering of.patient.
    records may have been to meet a target to secure federal funding
    why was their.no investigation into how long this tampering
    had been occuring and was there any.fraud
    committed.against.the.commonwealth.

    Commenter
    stoney
    Date and time
    May 20, 2013, 8:53AM
    • Have the leaks been plugged?

      Commenter
      Kane
      Date and time
      May 20, 2013, 10:49AM
      • Rapid login that is difficult to falsify? That's easy!

        A simple proximity hardware key with encryption is inexpensive to implement on every terminal. Low cost per user for the key. Low cost per terminal for the detection hardware. Hard to falsify. Low cost to modify the software. Faster to get an authenticated login than typing "doctor" and "password'.

        A highly technically skilled user can get around it, but that kind of person is probably less than 1% of the population.

        Why is it touted as so hard and why is it so expensive?

        Commenter
        VS
        Location
        Sydney, NSW.
        Date and time
        May 21, 2013, 12:13AM
        • The reason this won’t work is because the hardware the hospitals are forced to use is in many cases ancient, why, perhaps it could be the bureaucracy and extremely top heavy management structure of the health system, leaving little for the facilities that actually care for patients.

          Commenter
          Phil
          Location
          Sydney
          Date and time
          May 21, 2013, 10:26AM
      • I saw this on Undercover Boss TV - maybe UPS parcel delivery service in Canada - driver sits in van, holds their wrist (maybe wearing Radio Frequency ID tag or wristband) near the ignition - it automatically/wirelessly detects the ID and unlocks the ignition, while recording for the GPS tracking system who is currently driving the van.

        Probably get something like that. Unique IDs - not shared passwords - always a recipe for fraud.

        Commenter
        RFID
        Location
        sydney
        Date and time
        May 21, 2013, 9:27AM
        • So people are - again - getting their knickers in a knot over a human behavioural issue and looking for some technological fix for it?

          I can bet that the same people whingeing over this whole issue and demanding that "something" be done will be the same people later whingeing about increasing costs and non-medical staff numbers because "something" HAS been done.

          Commenter
          DC
          Location
          Melbourne
          Date and time
          May 21, 2013, 9:42AM
          • @VS

            Please do come and work with me in Health IT. The reality of switching on rapid/single sign-in solutions are far from as simple as you might think. If it was simply a case of plugging in a proximity reader we would have done it already.

            Hospitals are full of ageing computers which literally take minutes to login. In an environment where you are dealing with thousands of staff, the cornerstone of both rapid and single sign-on solutions for clinical systems is integration with ones user directory, generally Active Directory or Novell.

            In order for the clinical application to leverage the sign-on technology, the computer must be authenticated (logged in) with the individual user. Therefore we need computers which go from warm standby (ctrl-alt-del) to signed in within 2-5 seconds. Don't forget, we then have to launch the clinical application, so another 2-5 seconds would need to be found, and we are talking EVERY TIME the clinician walks up to the computer (hundreds of interactions per shift).

            Yes yes, these technologies are absolutely available in 2013, and thin client computing has helped even more, BUT @VS... please go ahead and tell me where you will get funding to refresh the computers in an entire hospital (the first step to login in 2-5 seconds)? Around 3000 computers would do a decent size hospital, so at $1k per computer that is $3,000,000 per hospital, multiplied by say 100 major hospitals in Australia, that is $300,000,000. Now... you still need to pay for the rapid sign-on clinical application integration work, and likely upgrade the 10mbps LAN connections (yes, you read that correctly).

            It's live, well done... now find recurrent funding to refresh all these computers every 2-3 years (so they continue to be high performance at login).

            If it were simple LOL...

            Commenter
            Donovan
            Location
            Hawthorn
            Date and time
            May 21, 2013, 10:14AM
            • Iv'e been developing hospital systems for more than 12 years and the fault is not with the staff changing the ER performance data. It is the direct fault of the politicians, they set performance targets without providing the required resources to achieve them, and to add insult to very real injury, they tie funding to performance (or lack there of), so when they don't meet the targets, they take even more resources away which damages the community the hospital serves.

              The modification of ER performance data by staff has been going on for as long as I can remember, in fact, one of the leading ER systems (used widely in Aus and around the world) was modified specifically to facilitate this practice. I know this because I worked for the company that made the system and I worked with the developers that made the system, I was there when the change was made. If the change hadn't been made, hospitals that were already streached too thin would have been deprived of even more resources.

              Performance targets have nothing to do with improving the health system, they have "everything" to do with politicians blowing their own trumpet to serve their own narcissistic needs, the real crime is politicians putting patients lives at risk for the sake of political aspirations.

              Commenter
              Phil
              Location
              Sydney
              Date and time
              May 21, 2013, 10:23AM
              • @Phil

                Given that in Australia we refer to a hospital ED (emergency department), not ER (Emergency Room), may I suggest that you invest a little more time developing your software and perhaps watch a little less television.

                Commenter
                Donovan
                Location
                Hawthorn
                Date and time
                May 21, 2013, 12:29PM
            Comments are now closed
            Advertisement
            Featured advertisers
            Advertisement