Our most recent blog series has covered the most important questions vendor development teams should be asking themselves when deciding whether or not to select an integration engine. The first two posts discussed important considerations for data exchange and scaling as well as key questions for deployment and monitoring. To round out the series, we’re going to take a look at questions surrounding real-world integration challenges, the role of FHIR, and security concerns.
1. How well will your product fair in the ‘real world’ of Health IT?
We talked about the EHR extensively in our first two blogs, and mentioned some of the other core systems you would want to integrate with – billing systems, labs etc. There are important differences though, between how these systems work together on paper vs. how it happens in real world environments.
[View our case studies about healthcare IT vendors.]
Health systems do rely heavily on major EHR systems like Epic and Cerner, but they also tend to have a whole ecosystem of more obscure applications, old versions of no longer supported software and custom-coded applications that have accrued over the years. As we like to say, “When you’ve seen one health system’s IT infrastructure, you’ve seen one health system’s IT infrastructure.
The idiosyncrasy of health system IT stacks is also something that is not going away. Organizations are constantly being pitched and adopting new tech to innovate and launch new capabilities, and the pandemic has only accelerated this with increased use of telehealth, alternative care sites and pop-up clinics, and other novel systems. Ensuring your application can not only connect to the major EHRs is great, but you have to pay attention to your ability to adapt to unique existing IT infrastructures and the constant parade of new tech coming online.
Again, this is a challenge that an integration engine partner is already familiar with and has deep experience in addressing.
2. FHIR is good, but it won’t solve all your problems. What are your plans for doing things that you can’t do with FHIR?
FHIR is great and it is going to make a lot of things easier – such as making data available directly to patients and integrating with mobile and web-based applications. However, even with the regulatory requirements for FHIR, there are still going to be many applications in use where FHIR will not be the best fit.
ADT feeds are a good example, where data from these systems is typically presented in good old HL7 V2. That standard continues to work very well for many types of data, and it will continue to be employed extensively for the foreseeable future. See also our discussion above about legacy systems and custom-coded applications. Many of these kinds of systems will never catch up to the FHIR movement.
3. How does your product protect against security vulnerabilities?
With the rollout of new capabilities, processes and workflows due to COVID-19, combined with the adoption of new interoperability rules is dramatically increasing the likelihood of cybersecurity breaches. When hackers see new systems or processes being implemented, they are immediately looking for known exploits associated with that software or opportunities to develop their own zero-day attacks. At the same time, new interoperability rules require sharing data publicly via APIs, will create many new potential points of entry that hackers will seek to exploit.
App developers need to ensure that they are maintaining the most up-to-date security and privacy protections. Routing data through a central integration engine hub helps to minimize the attack surface of an application and enhance your ability to monitor all data exchange. Just as important, keeping up with the latest threats and responding quickly and effectively to them is a job best left to the experts. So, there are several ways that partnering to embed an advanced integration engine in your software will allow your organizations to reduce vulnerability to cybersecurity attacks and ensure customer security.
4. Importance of partner support
As we have described in this series, healthcare organizations’ IT systems can be very dynamic environments – with new systems being added, existing systems being updated, new configurations being introduced by users and ever more sophisticated security threats. In most cases, each of these areas requires dedicated and experienced professional support to effectively keep up with the latest changes and respond effectively to fixing new problems.
For these reasons, DIY is rarely the right choice for HIT application developers. An integration engine, such as Rhapsody or Corepoint, provide app developers with a system that does it all – from scaling, monitoring and alerting, to enhanced security and ongoing maintenance and support. Most importantly, they come with teams of seasoned pros who live these challenges every day are able to keep up with all of the latest issues.
For further reading: