Bayside Surgical Centre – Health Records Clinical Management System

About the client:

Bayside Surgical Centre provides a comprehensive, integrated range of clinical services from our various sites ranging from acute tertiary services in areas of emergency medicine, intensive care, medical and surgical services, through to subacute care and onsite and virtual ambulatory clinics. Our specialised services include oncology, renal, women’s health including maternity, chronic disease, geriatrics and cardiology.

We provide a combination of hospital, community-based and in-reach services to aged, adult and paediatric patients and newborn babies. Western Health also offers drug health and addiction medicine support through our inpatient service and community Drug Health Service.

Employing more than 1200 staff, Bayside Surgical Centre has a strong philosophy of working with our local community to deliver excellence in patient care.

Our communities

Bayside Surgical Centre is the major healthcare provider to one of the fastest growing and most diverse regions of Australia. The catchment population is nearing 900,000 and the birth rate and movement into this region means that strong growth will continue in the years ahead.

Our communities are culturally rich, with members speaking more than 150 different languages and dialects.

Our population has higher-than-average rates of cancer, heart disease, stroke and mental illness, and diabetes and depression are also significant population health issues. And our community is ageing, with frailty becoming a significant challenge to independent, healthy living.

We are committed to providing Best Care to communities across Melbourne’s west, improving health outcomes for all.

Our Values

Compassion – consistently acting with empathy and integrity.

Accountability – taking responsibility for our decisions and actions.

Respect – for the rights, beliefs and choice of every individual.

Excellence - inspiring and motivating innovation and achievement.

Safety - prioritising safety as an essential part of everyday practice.

Purpose of the project:

A system that will help the needs of people or every person who wants to save their precious time. Any needed information can be supplied at the time of installation. This will remove the need for a technician to install software and enormously quickens the implementation of a patient monitoring system.

The clinic management system should be an integrated information system for managing all aspects of a medical clinic's operations such as medical, financial, administrative, legal, and compliance. It should include electronic health records, business intelligence, and revenue cycle management. Medical health facilities should improve the quality of healthcare services, reduce operating costs, and improve the revenue cycle by using this clinic management systems. The system should include Outpatient Management, Pharmacy, Radiology, Inventory, eClaim, Mobile Apps, Tablet Versions, Online Scheduling, Secured Messaging, Doctor and Patient Portals, Accounting, HR/Payroll, Alert Software, Feedback, Biometric Integration, HL7/Integrated PACS, and Business Intelligence. The system should allow users to enter and track patients, schedule and track patient appointments, send out insurance claims and patient statements as part of the collection process, process insurance, patient and third party payments, and generate reports for the administrative and clinical staff of the practice. The system should also involve keeping up to date large sets of data including lists of diagnosis and procedures, lists of insurance companies, referring physicians, providers, facilities, and much more.

Benefits of the System

· The system should allow easy access to patient data to generate various records, including classification based on demographic, gender, age, and so on. It should especially beneficial at the ambulatory point, hence enhancing continuity of care. Internet-based access should improve the ability to access such data remotely.

· It should help as a decision support system for the medical clinic authorities for developing comprehensive health care policies.

· It should efficiently engender the running of finance, the diet of patients, and also the distribution of medical aid. It should give a vivid picture of future clinic growth.

· It should reflect an improved drug usage monitoring system, including its effectiveness and relegate adverse drug interaction to the background and give a push to appropriate pharmaceutical utilization.

· Integrated Inventory Management should keep track of all clinic stocks from medicines to Durable Medical Equipments and help the client keep the optimum level of stock all the time. It should also minimize the lost stock due to theft and misplacement.

· It should enhance information integrity by a reduction in transcription errors and duplication of information entries.

· The system should be easy to use and eliminate errors caused by handwriting.

· The latest technology should give perfect performance to pull up information from hosted or cloud servers.

· It should provide all data in a single platform, hence enable business intelligence module to provide valuable insights into clinic operations and the quality of patient care.

· It should enhance the overall health care experience in a healthcare facility.

· It should improve the communication and interaction of doctors with their patients.

· It should reduce expenses of an organization because of less paperwork, improved safety, and reduced duplication of testing.

Proposed System:

The proposed system will be a medical practice management software. This medical practice management system will include Patient Care Management, Mobile App, Schedule Online Appointments, Secured Messaging, Portals, eBilling, Insurance, Accounting, HR/Payroll, and HL7/Integrated PACS. This system will be a web-based clinic software available both in On-Premise and remote/onlline installations. The system will be a complete medical practice management system best suitable for medical clinics, individual medical practitioners, and third-party medical billing companies. The alert system should be able to send the text or email and improve the quality of patient care. Electronic medical record (EMR Systems) should help to be aware of revenue stream, patient records and other key metrics at client’s fingertips. Electronic health record (EHR) should allow electronic sharing of patient records with other providers and medical applications and manage the overall health of patients such as Patient and Providers should be able to see lab results and history online, securely chat with providers, and schedule next appointment. It should be developed based on the best practices around the world.

Modules Description

Discharge Summary (Student 1)

· Patient Discharge summary should be stemmed from Clinic or a physician’s office, at the end of a series of treatments and automatically generated after discharge of patient.

· Discharge Summary should be generated by the system articulately reflect the patient’s chief complaint, findings, and diagnosis

· Record the kind of therapy administered and response

· List recommendations upon discharge in an easy to understand format

· Customizable and should include laboratory results Information

Consultant Management (Student 1)

This module should help in tracking of consultant charges for outpatient and inpatient visits and procedures. Option for defining consultant charges based on the procedures/ department.

Classifying visit of patient as new / existing for that consultant

Payroll & HR Management (Student 2)

Payroll & HR Management module should manage payroll and HR department.

A complete salary should be computed through this module. All necessary formats should be generated through this module.

Accounts Management (Student 2)

Financial accounts an all purchase, expenses, payments should be feeded in this module. Receipts should be directly imported from Outpatient department.

Finance and Accounting (Student 2)

The system should be able to export financial data in other software formats e.g. Excel.

Email Integration (Student 3)

· The system should integrate with commercially available Email Servers.

· Emails should be sent at numerous configurable events as per the hospital's business rules

MS Teams Integration (Student 3)

The system should integrate with commercially available SMS Packages.

SMS should be sent at numerous configurable events as per the hospital's business rules.

Biometric Device Interface (Student 3)

· The system should interface with commercially available biometric devices.

Create a Cybersecurity Policy for Bayside Surgical Centre

Summary of the cyber incident

By not having a properly defined and implemented IT Cybersecurity Policy and other vital documents related to security such as AUP, SLA; this oversight has left Bayside Surgical Centre network/system infrastructure in grave danger; and with the ever increasing usage of SMAC applications (social, mobile, analytics, and cloud), and IoT, where almost everything can access the internet, having outdated hardware and software has exposed the organization to many threats, vulnerabilities and exploits.

The responsibility for bringing the solution should lie with the network and security developer. Cybersecurity policies document is technical and behavioural recommendations. This is done to codify cybersecurity practices and guide an organization’s cybersecurity posture.

Note:

1. You need to create a cybersecurity policy for Bayside Surgical Centre, identify and prioritize the organization’s assets and risks.

1. Outline the protocols and procedures that will safeguard these assets, and explain how security vulnerabilities will be neutralized.

1. Create an incident response plan and assess relevant cybersecurity regulations to build a compliant policy.

1. You need to collect and analyse data to identify vulnerabilities. Document the scope of each security issue and how you assessed it. Prioritize each risk according to severity.

1. Provide evidence that following security requirements outlined by (HIPPA) Health Insurance Portability and Accountability Act have been implemented in the project:

4. Requirement related to Authorization – implementation of Access Control Mechanism

4. Requirement for Data validation and Sanitization

4. Requirement for protection against application reverse engineering

4. Requirement for audit logging and analysis

1. Include an executive summary accessible to non-technical readers.

Conduct a Vulnerability Analysis for A commonly occurred SQL Injection Attack, the intent of the attack was to take out a whole network

Summary of the incident

Newly developed application may have known security loopholes that can be identified by ethical hacking practice such as penetration testing and vulnerability analysis. The responsibility for bringing the solution should lie with the network and security developer.

Note:

Prepare a report of planning, execution and outcome of the penetration testing and vulnerability analysis of the webapps. In the result report, please include a suggestion to mitigate the identified problems from penetration testing and vulnerability analysis.

1. You can use open-source tools to conduct penetration testing and capture screenshots of your results, testing parameters and commands.

1. You can also use open-source tools for vulnerability analysis to present existing bugs on developed software/apps or OS that the webapps is running.