Running head: SYSTEM AND APPLICATION INTEROPERABILITY

System and Application Interoperability

Mitesh Patel
Herzing University
Information Security and Privacy
David Ostrowski
April 17, 2016

SYSTEM AND APPLICATION INTEROPERABILITY

System and Application Interoperability

At its most basic, interoperability is the ability of a health care practitioner's information
technology (IT) system to interface with systems of other clinicians to assist the practitioner in
providing seamless, well informed care to every patient. Health Information and Management
Systems (HIMSS), an industry leader in health information technology (HIT), suggests that
systems that meet the standards for interoperability should permit data to be shared across
clinicians, lab, hospital, pharmacy, and patient, regardless of the System application or
application vendor (Healthcare Interoperability, n.d.).
Interoperability is an essential component in delivering quality care to patients and a
major contributor to clinical integration, an initiative also tied to ARRA provisions. Clinical
integration is a process of continually aligning patient care across the health care continuum that
aims to improve care quality, improve access to care, and control or reduce costs. For clinical
integration to work effectively, all information systems used to deliver that care must have
interoperability.
Interoperability refers to:
1. The ability of two or more systems to exchange information
2. The ability of those systems to use the information that has been exchanged.
In health care, interoperability is the ability of technologies to facilitate the integration of
patient data from multiple settings and different systems. This is a major asset in achieving
clinical integration, but it can also pose challenges for health care organizations not prepared to
enable such an exchange. The goal of interoperability is to ensure a smooth flow of clinical data
across secure IT systems for better patient care. When patient information is easily and regularly
exchanged among different settings, providers have an improved workflow and less information
ambiguity, and can deliver better care by having the right data at the right time. In recent years,

SYSTEM AND APPLICATION INTEROPERABILITY

some hospitals and health care organizations have tried to create internal hospital information
systems (HIS) as a way to deal with and manage the interoperability issue. These entities try to
own the entire necessary infrastructurefrom physical servers to IT personnelto create a
single, closed HIS network for all participants (Healthcare Interoperability, n.d.).
Security threats
Attackers continue to create new and innovative ways to achieve their objectives. As a
result, the threat landscape constantly shifts as the attackers identify weaknesses and exploit
them through new more sophisticated techniques. Based on the data collected recently collected,
analyzed and reported, malicious activity has become Web-based by Symantec, we can observe
that the current security threat landscape is predominantly characterized by the following:
Attackers targeting end users instead of computers.
Underground economy consolidates and matures.
Rapid adaptability of attackers and attack activity.
As cyber criminals move beyond mass-distribution style phishing scams, Government should
learn how to localize and personalize their attacks for better penetration.
Malware development expertise is rapidly maturing which provide the skills to exploit
the continued weaknesses of poorly configured websites, applications and databases. As an
example, the report described an exploit that sends a message from one person to another, about
a YouTube video, including a link to the clip. The recipient clicks on the link, sees a prompt to
download an updated version of Flash player to run the clip. When he clicks on the update, it
actually installs malware on his computer. Infections can occur even through legitimate Web sites
as botnet delivery mechanisms are becoming more sophisticated. Users are unable to detect the
threat and cannot deter it. Network managers can block known bad sites, but are unable to keep
pace with the infections or cannot block access to a site for business reasons (Improving Security
Vulnerability and Configuration Management, n.d.).
Security management

SYSTEM AND APPLICATION INTEROPERABILITY

Need to Improve Security Management and Situational Awareness Federal government Chief
Information Officers (CIO) and Chief Information Security Officers (CISOs) are charged with
increased responsibility for protecting information. They face a daunting task frequently
complicated by silted security management, monitoring, measurement, and auditing
environments. Threats are increasingly complex and more targeted which further increases the
burden on IT operations. Adding to these burdens and complexity is the fact that the President,
Congress and OMB are rapidly enacting new laws and policies that require agencies to
implement additional security safeguards, assert more control, and provide detailed metrics to
measure performance and demonstrate compliance. Often times, these additional security
safeguards and the associated reporting are not funded.
CIOs and CISO are confronted with organizational, technical and financial barriers when
it comes to security management and security situational awareness. For large organizations,
there is frequently an abundance of tools. Often times, these tools are limited in capability, and
are not standardized across the agency. Generally, these tools store information in proprietary
formats and are not designed to fit into the overall security information management architecture.
Many times, the budget for security is spread across the agencies systems which, if effectively
planned and implemented can deliver the security required of the system. But frequently this is at
a cost to overall security management and situational awareness and often time increases cost
due to redundancy or lack of economies of scale (Improving Security Vulnerability and
Configuration Management, n.d.).
Advantages and disadvantages of interoperability system
One advantage to having a closed HIS is that providers do have access to a single, shared
patient health record, where the same information is available to all providers in the system,
regardless of where the patient goes in the network. But this structure does not support true
interoperability because providers and trading partners outside the network will never be able to

SYSTEM AND APPLICATION INTEROPERABILITY

share information with the providers in a closed system, putting the HIS model at a major
disadvantage. Without true interoperability among all partners and systemsincluding labs,
pharmacies, radiology centers, rehab facilities and more, regardless of location a closed HIS
network does not necessarily improve control over patient care and costs, nor does it help drive
the right behavior or surface the right information across all settings.
On the other side, Patient information is typically not integrated within provider
electronic health system workflow, so patient data is delivered without filters or other
intelligence to help caregivers focus on critical information. As a result, providers must spend
valuable time searching for relevant information, often during patient encounters. True
interoperability delivers access to the right information at the right time, designed for caregivers
and health care leaders to make the right clinical and financial decisionsregardless of where
the information originates. Affiliates and other partners across the care continuum need to be able
to interface appropriately across a clinically integrated system that enables the easy exchange,
connection and coordination of data among various providers (Healthcare Interoperability, n.d.).
Reasons after maximum interoperability

Better Access to Patient Records

Generally, patients receive healthcare services from several sources, such as physician
practices, hospitals, urgent care centers, pharmacies and specialized medical centers. A patient's
medical information may become fragmented among various proprietary systems throughout
these healthcare sources, making it difficult for one provider to access information originally
documented by another. This makes it more challenging for physicians to construct a holistic
picture of the patient's health.

Improves Healthcare for the Chronically

SYSTEM AND APPLICATION INTEROPERABILITY

People who have chronic illnesses benefit greatly from the easy access to medical records
through interoperability. These types of illnesses generally require multiple physicians and
specialists. Therefore, it is crucial for providers to immediately access electronic health records
documented by another clinician in order to improve and quicken treatment for the chronically
ill.

Integrating Information
The healthcare system is an information-based enterprise that generates a large amount of
data from various systems and applications. Incorporating information from independently
developed applications is difficult because each application has its own data sources. Information
management throughout different healthcare systems entails collaboration, transferability and
integration. Interoperability allows different systems and applications to communicate with one
another, which lets healthcare providers access and integrate the information regardless of which
system the data is stored in (Interoperability in Healthcare: The Benefits, Challenges and
Solutions, 2016).
Interoperability Challenges
It is clear that interoperability improves overall healthcare. However, it has its own set of
challenges. A primary goal of interoperability in healthcare is consistently and standardization,
which means all parties involved agree upon a set of standards. In some cases, the standards are
general, which can lead to multiple interpretations. Serious medical errors can occur if certain
standards are not adhered to correctly. Standards must be less general and more specific from the
outset.
Outdated legacy systems make complete interoperability even more challenging. These
systems were developed before interoperability became a common occurrence in the healthcare
industry. In fact, many of these systems were developed to preclude interoperability in order to
protect market share. A way to address this issue is through the use of software that can translate

SYSTEM AND APPLICATION INTEROPERABILITY

the data from the legacy system to the interoperable system. Once all the challenges with
interoperability are remedied, healthcare providers will continue toward the ultimate goal of
improving the quality of healthcare (Interoperability in Healthcare: The Benefits, Challenges and
Solutions, 2016).
Conclusion
The benefits of interoperability at the operational and tactical levels generally derive from
the fungibility or interchangeability of force elements and units. Technological interoperability
reflects the interfaces between organizations and systems. It focuses on communications and
computers but also involves the technical capabilities of systems and the resulting mission
compatibility or incompatibility between the systems and data of coalition partners. At the
technological and medical level, the benefits of interoperability come primarily from their
impacts at the operational and tactical levels in terms of enhancing fungibility and flexibility.
References
Healthcare Interoperability | Knowledge Hub | Athena health. (n.d.). Retrieved April 16, 2016,
from http://www.athenahealth.com/knowledge-hub/clinical-integration/healthcareinteroperability
Improving Security Vulnerability and Configuration Management through a Service Oriented
Architecture Approach. (n.d.). Retrieved April 16, 2016, from
http://www.secureit.com/resources/WP_Assess_Manage_Security.pdf
Interoperability in Healthcare: The Benefits, Challenges and Solutions. (2016). Retrieved April
16, 2016, from http://www.ironmountain.com/Knowledge-Center/ReferenceLibrary/View-by-Document-Type/General-Articles/I/Interoperability-in-Healthcare-TheBenefits-Challenges-and-Solutions.aspx

SYSTEM AND APPLICATION INTEROPERABILITY