Opinion: Creating the best testbed for e-health
- 05 December, 2012 09:27
Australia’s national e-health program has come under scrutiny in recent months due to early teething problems, the laborious process of registering for the service and the lack of incentives for private care participation.
The low number of software vendors that have passed software testing requirements is also being scrutinised. Late last month, an article in The Australian stated that only five out of more than 250 software suppliers had passed testing requirements for their applications to connect to the e-health production system.
Since its formation, the National E-Health Transition Authority (NETHA), in consultation with the medical software industry and health jurisdictions, has been establishing standards, specifications, and infrastructure requirements to deliver Australia’s national e-health system.
Early initiatives saw the successful development of the Secure Message Delivery (SMD) specification, and with it, the beginnings of National Conformance, Compliance and Accreditation (CCA) program for software systems implementing these standards.
NEHTA also introduced a supporting conformance test specification to assess if various applications used to drive the e-health system complied with the SMD specification.
It is vital that national standards for e-health continued to be developed if the program is to succeed and the e-health industry needs support to lower the cost and complexity of integrating software systems for exchanging health information.
This means that a sustainable test strategy must seek to minimise the ongoing and long-term cost of compliance testing to accelerate the uptake of e-health software that meets national standards.
What are the testing options?
There are a number of testing options that have been identified by the e-health product and service providers, medical software vendors and health service providers, to ensure systems conform to standards.
Assessment approaches range from self-assessment, which recognises the potential role of software system vendors in verifying standards compliance based on an “honesty policy”, through to third-party assessment that provides independent validation of compliance.
The approaches to testing if a software system conforms to particular standards can involve varying levels of automation based on the usage of testing tools, analysers and simulators.
Although testing approaches to ensure compliance could be completely manual, using specific testing systems provides more accurate and consistent tests and analysis of results.
The e-health industry is in the unique situation where choosing appropriate testing options depends on risk-based measures, including information privacy and clinical safety. Other industries can simply balance the quality of assessment and testing approaches against the overall cost to achieve system interoperability.
Consequently, the e-health industry has created a two-tiered assessment approach for the majority of the emerging health standards such as SMD, health identifiers (HI), and the Personally Controlled Electronic Health Record (PCEHR).
Under the first tier, software implementations must be certified by a third-party accredited test laboratory to ensure standards are implemented properly. Under the second tier, test systems support self-assessment during “pre-certification” where a software system is most likely under development to support a standard.
Unfortunately, conformance assessment by a third-party comes with associated costs, which will need to be absorbed by software vendors and e-health providers.
But these costs should not be viewed as a burden on the e-health industry. Rather, the introduction of industry-developed conformance test specifications and test systems should lower the cost of implementing standards.
This is because medication software vendors and heath jurisdictions can utilise these shared testing resources without needing to allocate time and resources to developing their own.
Crafting a sustainable testing strategy
Although these adopted test options support the e-health industry during the initial uptake of national e-health standards, a sustainable testing strategy for interoperability relies on much more than minimising the cost of performing conformance testing for the first time.
A sustainable test strategy must present a long-term solution for minimising the costs of ongoing conformance testing as software systems and national standards evolve over time to meet new requirements.
The strategy must also provide surety of interoperability and give due consideration to the need to continually perform multi-party testing.
E-health standards are expected to change to improve the specifications based on implementation and interoperability experience by software vendors and health service providers, and expand to include new scenarios that support information exchange between healthcare providers.
To guarantee a software system conforms to standards, a sustainable testing strategy needs to consider this “standards lifecycle” and the timelines imposed on software systems to support each evolution of a standard.
To ensure interoperability, adopted conformance assessment approaches need to include provisions for multi-party testing. This requires a compliant software system to test with other conformant software systems to claim interoperability, an approach taken in so-called “bake-off” testing.
Ensuring a software system conforms to e-health standards and is interoperable with other platforms over its life, is vital.
A sustainable testing strategy needs to include maintenance testing as a form of regression testing that is easy to repeat, requires little expertise and logistics from software vendors and e-health service providers, and bridges the gap between full rounds of conformance and multi-party testing.
Finally, a sustainable testing strategy must recognise the contribution of governments and standards bodies and organisations providing e-health products and services, in the ongoing development and governance of compliance and interoperability testing.
The e-health industry must find a balance between self-assessment and third-party assessment for compliance testing and facility multi-party testing to ensure software interoperability.
It must also agree on a cost-effective approach to maintenance testing and encourage the contribution of all industry representatives to open-source testing systems that seek to standardise conformance testing.
This will help to provide our national e-health program with its best chance of success.
Brett Avery is e-health programme manager at Webstercare and has spent the past seven years researching and prototyping software for the health sector. He is also a member of the CIO Executive Council’s Pathways Leadership Development Program.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why change management doesn’t work
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
CSO Spotlight: Security-as-a-Service Gaining Popularity
Organizations that are looking for security features including identity management, encryption and access control — and at the same time want to take advantage of the cost and flexibility benefits of the cloud —might check into security-as-a-service offerings available now from several vendors. Download now to find out more.
The Foundation for Cloud Management
For businesses looking to provide real-time business solutions to employees and customers alike, you need to have a comprehensive network management strategy. The network is the foundation of all successful cloud services; it must be robust to meet traffic, efficiency, and performance demands. Download today the four steps to get your network operations cloud-ready.
Batten Down the Hatches! A Guide to Protecting Data in Motion
The risks facing high-speed data networks and unencrypted data while in motion are very real and on the rise. As information becomes one of the most valuable ‘off balance sheet’ assets, protection of that information and the investment in it is a paramount obligation of office-holders and management. Read now for a better understanding of the risks to data in motion.