214.850.1558
skip to the main content area of this page
Case Studies

Case Studies - What We Can Do

1. Protecting Patient Data


The Problem Statement

A non-profit organization provided first aid services at events. The workers were volunteers who had certifications varying from basic first aid through medical doctors. They were trained in the organization's procedures and paperwork. For legal and quality control purposes, they documented each incident. These were reviewed by management (also volunteers) and filed. They also kept information on the events and incidents each volunteer worked, their performance reviews, and the expiration of their certifications.

The problem was keeping the patient documentation available and yet confidential.

  • When a volunteer moved, found new interests, or had a spat with someone, whatever records they had filed generally were lost. Because lawsuits about medical care assume a certain degree of professional documentation, being unable to produce the documentation automatically hurt a defense.
  • The volunteer who peformed the first aid kept a copy of the documentation and mailed the original to their regional officer. The regional officer made a copy and mailed the original to the area officer. The area officer filed the original. If it was a critical injury a copy was mailed to the national office. All these copies contained patient data. If the box of documents fell off the truck during a move, a lot of patient data just became public.
  • All that mailing increased the likelyhood that one or more would be delivered to the wrong address which would expose the patient data to those not authorized to see it.
  • All that mailing increased the chance the original would be lost. Such a break in the chain could also prevent an appropriate reaction to a serious problem.

The Solution

The initial project built a web site with basic organizational data publicly available and a protected set of pages that required and ID and password. In the protected area, we put personnel data for each volunteer. Each event was documented. Any incidents were documented. All volunteers who worked an event were linked to the event. All incidents were linked to the event where they occured and to the volunteers who worked on them. Volunteers in training had an area linked to the events they worked where experienced people could evaluate their performance. We even collected which languages they spoke (important when you needed to find someone with specific language skills in a hurry).

All access to the protected area was via SSL-protected sessions. IDs were assigned by management and passwords were required to be complex. All the standard precautions against code insertion, jumping directly to pages, etc were implemented. Each user had an admin level which restricted what they could see and what they could do. Failed login attempts beyond a small number caused the login to be rejected for 15 minutes.

The management liked the system. It solved all their stated problems. But they felt the storing of patient data on a web site was risky even with the protected area. We proposed encryption of the data (one of our areas of expertise). They liked that, but wanted to ensure the encryption key would not be stored on the server!

The light came on when we realized the patient private data (name, address, phone, ...) was not necessary to their operation unless there was a legal issue. So they did not have to display it on the web site at any time after entry.

We chose to use an RSA encryption with 4096-bit asymetric keys. The encryption key was stored on the site, but you could not decrypt the data without the second key which was not only not on the site, but only existed on a CD in our files and a copy CD at their lawyer's. The data was not displayed (other than data entry) and it was never stored unencrypted. A special program was put on the CD to access the database server and use the key to retrieve a specified incident's patient data.

The Results

During the next two years, the following was achieved with this system.

  • Reporting compliance went from <20% of incidents documented to >95%. The volunteers said it was easier to make notes on the forms and enter it into a computer with this system than copying it and mailing it.
  • They lost no records. Since they had last virtually all the records at each level in the previous two years, that was significant.
  • They were able to do trend analysis by group, region, type of injury, and many other criteria. This allowed them to work with event staff to prevent injuries and to staff and stock for the most common injuries.
  • They could evaluate volunteers-in-training easily. The old paper system frustrated the trainees because their evaluations got lost or misfiled frequently.
  • They performed quality assurance on the work by individual volunteers. Public praise or private remedial action was now more common.
  • Internal reporting was done from the database and creating and mailing reports was no longer required.
  • Managing expiration of certifications was automated through emails. They did not lose volunteers through missed expirations.
  • Training was scheduled based on certifications and quality assurance reports.
  • They were better able to recruit staff (nearly double) because training was easier, evaluation was less frustrating, and the paperwork was less painful. They were able to manage the larger staff without additional managers.