badbass Posted June 15, 2012 Share Posted June 15, 2012 I know this belongs in questions but it is not directly related to security haking linux. I have a challenge; a doctor has thousands of paper records. I want to set things up so Id's can be scanned. Data can be entered so it can be accessed by using patients name dob ins number. <need to research hippa and I am not expecting you guys to hold my hand through creating a database. I need to do that on my own. I know I need a scanner. OCR. What do you guys and gals think? Quote Link to comment Share on other sites More sharing options...
digip Posted June 15, 2012 Share Posted June 15, 2012 I know this belongs in questions but it is not directly related to security haking linux. I have a challenge; a doctor has thousands of paper records. I want to set things up so Id's can be scanned. Data can be entered so it can be accessed by using patients name dob ins number. <need to research hippa and I am not expecting you guys to hold my hand through creating a database. I need to do that on my own. I know I need a scanner. OCR. What do you guys and gals think? Problem is OCR is not 100% accurate, so using it alone for data entry will be total mess, and either way, someone has to be authorized to see the records, like the Dr's employees, will need to verify all records match when they get put into this system, names, accounts, etc, so you will have to work closely with the staff for accurate data archival. In actuality though, all of the records should already be in a computer system for basic patient data, just the paper filing is usually not in the system, like their charts,etc, but most Dr's offices have accounts and data in the computer for all patients already, just usually not the entire patients work up, which is in the manila folders on physical file. Hippa is also an issue, because the data needs to be protected from anyone who might be able to access patient data in the system, or new database, becomes an issue, as it would be before you even start the new migration. An easier method, if the Dr already has patients in his system, is setup a barcode system/serial number for all existing patients to use for migration, that can be scanned and tied to each patients data, instead of trying to OCR everything for existing patients alone. Using the barcode for table entry, then OCR each patients sheets with a barcode at the bottom of all sheets you OCR, helps ensure accurate records. We used barcodes at the bank I worked at, for all customer statements, and a quick scan of the barcode at the bottom of a customers statement, helped pull up all their data. We also had imaging of everything, but the barcodes were used for accurate indexing when scanning alone was not always accurate from an OCR stand point. I would do it two ways, add barcodes tied to old patient data which should already be in the system and then migrated to the new system under the new barcode ID, and then for every new patient they get barcodes for their files when new patient data entry takes places, and then start OCR imaging everything and making sure barcodes match on pages you OCR. Barcodes tend to be easier to index in databases, than OCR text data itself, especially when Dr's hand writing is like 2yr olds, and not many people can understand chicken scratch to begin with. Any way you cut it, its a tedious job, but I would look into a barcode gun(usually work off USB) to use to re-id every patient record, then image everything with the barcode for each patient on their pages, then you need someone to audit and ensure it all matches. I have no clue on the actual implementation, that is up to you, but just something to think about that might help organize everything. Quote Link to comment Share on other sites More sharing options...
bobbyb1980 Posted June 15, 2012 Share Posted June 15, 2012 I was in a class a few months ago with a guy who worked in a hospital and he told me the last guy had been fired because their data was breached. I'd put data security before other conveinciences, HIPPA is no joke. Quote Link to comment Share on other sites More sharing options...
combatwombat27 Posted June 15, 2012 Share Posted June 15, 2012 Be very careful to follow rules and regs while setting all this up it is a big deal. (I'm sure your aware) I do a bit of state level work and the best thing we do I could suggest is to try and follow NIST standards as well that way you have been following due diligence and due care. I would also see if you can find information on where this has been done before. The more you can base what you do off of valid standards and previous successful deployments the better of you will be and the more reliable system they will end up with. Quote Link to comment Share on other sites More sharing options...
badbass Posted June 15, 2012 Author Share Posted June 15, 2012 Thanks you guys are great. Anything is better than having a room with full of paper records. Quote Link to comment Share on other sites More sharing options...
Raziel Posted June 15, 2012 Share Posted June 15, 2012 We use a program called horizon patient folder to scan our documents. It's put out by McKesson. It uses barcodes that that tie in our emr. It's expensive. And you'll find you're going to pay out the butt for something that is HIPPA compliant. If you make your own, you better be able to show how secure it is when the auditors come knocking. Quote Link to comment Share on other sites More sharing options...
justapeon Posted June 20, 2012 Share Posted June 20, 2012 You may want to look at openemr. It is on sourceforge.net Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.